Merge pull request #45507 from kcmartin/midcycle-blog-1.30-fixes

Add 1.30 mid-cycle blog article fixes

Author: k8s-ci-robot

content/en/blog/_posts/2024-03-12-mid-cycle-1.30.md

@@ -70,22 +70,22 @@ Linux node swap support in Kubernetes.
 ### Support user namespaces in pods ([KEP-127](https://kep.k8s.io/127))
 
 [User namespaces](/docs/concepts/workloads/pods/user-namespaces) is a Linux-only feature that better
-isolates pods to prevent or mitigate several CVEs rated high/critical, including the just-published
-[CVE-2024-21626](https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv). In
-Kubernetes 1.30, support for user namespaces is migrating to beta, and now supports pods with and
-without volumes, custom UID/GID ranges and more!
+isolates pods to prevent or mitigate several CVEs rated high/critical, including
+[CVE-2024-21626](https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv),
+published in January 2024. In Kubernetes 1.30, support for user namespaces is migrating to beta and
+now supports pods with and without volumes, custom UID/GID ranges, and more!
 
 ### Structured authorization configuration ([KEP-3221](https://kep.k8s.io/3221))
 
-The Structured Authorization Configuration feature is moving to beta and will be enabled by default.
-This
-[feature](https://github.com/kubernetes/enhancements/tree/master/keps/sig-auth/3221-structured-authorization-configuration)
-enables the creation of authorization chains with multiple webhooks with well-defined parameters
-that validate requests in a particular order and allows fine-grained control – such as explicit Deny
-on failures. The configuration file approach even allows you to specify
-[CEL](/docs/reference/using-api/cel/) rules to pre-filter requests before they are dispatched to
-webhooks, helping you to prevent unnecessary invocations. The API server also automatically reloads
-the authorizer chain when the configuration file is modified.
+Support for [structured authorization
+configuration](/docs/reference/access-authn-authz/authorization/#configuring-the-api-server-using-an-authorization-config-file).)
+is moving to beta and will be enabled by default. This feature enables the creation of
+authorization chains with multiple webhooks with well-defined parameters that validate requests in a
+particular order and allows fine-grained control – such as explicit Deny on failures. The
+configuration file approach even allows you to specify [CEL](/docs/reference/using-api/cel/) rules
+to pre-filter requests before they are dispatched to webhooks, helping you to prevent unnecessary
+invocations. The API server also automatically reloads the authorizer chain when the configuration
+file is modified.
 
 You must specify the path to that authorization configuration using the `--authorization-config`
 command line argument. If you want to keep using command line flags instead of a
@@ -100,9 +100,11 @@ docs](/docs/reference/access-authn-authz/authorization/#configuring-the-api-serv
 
 ### Container resource based pod autoscaling ([KEP-1610](https://kep.k8s.io/1610))
 
-HPA ContainerResource type metric graduates to stable in v1.30. It allows you to configure
-Autoscaling based on resource usage of individual containers. See [our previous
-blog](/blog/2023/05/02/hpa-container-resource-metric/) for further details.
+Horizontal pod autoscaling based on `ContainerResource` metrics will graduate to stable in v1.30.
+This new behavior for HorizontalPodAutoscaler allows you to configure automatic scaling based on the
+resource usage for individual containers, rather than the aggregate resource use over a Pod. See our
+[previous article](2023/05/02/hpa-container-resource-metric/) for further details, or read
+[container resource metrics](/docs/tasks/run-application/horizontal-pod-autoscale/#container-resource-metrics).
 
 ### CEL for admission control ([KEP-3488](https://kep.k8s.io/3488))