Fix references to removed feature gates

content/en/docs/concepts/cluster-administration/node-shutdown.md

@@ -236,8 +236,6 @@ are emitted under the kubelet subsystem to monitor node shutdowns.
 
 ## Non-graceful node shutdown handling {#non-graceful-node-shutdown}
 
-{{< feature-state feature_gate_name="NodeOutOfServiceVolumeDetach" >}}
-
 A node shutdown action may not be detected by kubelet's Node Shutdown Manager,
 either because the command does not trigger the inhibitor locks mechanism used by
 kubelet or because of a user error, i.e., the ShutdownGracePeriod and

content/en/docs/concepts/configuration/manage-resources-containers.md

@@ -337,9 +337,6 @@ As an alternative, a cluster administrator can enforce size limits for
 
 ## Local ephemeral storage
 
-<!-- feature gate LocalStorageCapacityIsolation -->
-{{< feature-state for_k8s_version="v1.25" state="stable" >}}
-
 Nodes have local ephemeral storage, backed by
 locally-attached writeable devices or, sometimes, by RAM.
 "Ephemeral" means that there is no long-term guarantee about durability.

content/en/docs/concepts/containers/runtime-class.md

@@ -10,8 +10,6 @@ hide_summary: true # Listed separately in section index
 
 <!-- overview -->
 
-{{< feature-state for_k8s_version="v1.20" state="stable" >}}
-
 This page describes the RuntimeClass resource and runtime selection mechanism.
 
 RuntimeClass is a feature for selecting the container runtime configuration. The container runtime
@@ -135,8 +133,6 @@ See CRI-O's [config documentation](https://github.com/cri-o/cri-o/blob/master/do
 
 ## Scheduling
 
-{{< feature-state for_k8s_version="v1.16" state="beta" >}}
-
 By specifying the `scheduling` field for a RuntimeClass, you can set constraints to
 ensure that Pods running with this RuntimeClass are scheduled to nodes that support it.
 If `scheduling` is not set, this RuntimeClass is assumed to be supported by all nodes.
@@ -157,8 +153,6 @@ To learn more about configuring the node selector and tolerations, see
 
 ### Pod Overhead
 
-{{< feature-state for_k8s_version="v1.24" state="stable" >}}
-
 You can specify _overhead_ resources that are associated with running a Pod. Declaring overhead allows
 the cluster (including the scheduler) to account for it when making decisions about Pods and resources.
 

content/en/docs/concepts/extend-kubernetes/compute-storage-net/device-plugins.md

@@ -156,13 +156,6 @@ The general workflow of a device plugin includes the following steps:
    * mounts
    * fully-qualified CDI device names
 
-   {{< note >}}
-   The processing of the fully-qualified CDI device names by the Device Manager requires
-   that the `DevicePluginCDIDevices` [feature gate](/docs/reference/command-line-tools-reference/feature-gates/)
-   is enabled for both the kubelet and the kube-apiserver. This was added as an alpha feature in Kubernetes
-   v1.28, graduated to beta in v1.29 and to GA in v1.31.
-   {{< /note >}}
-
 ### Handling kubelet restarts
 
 A device plugin is expected to detect kubelet restarts and re-register itself with the new

content/en/docs/concepts/overview/kubernetes-api.md

@@ -71,8 +71,6 @@ separate endpoint for each group version.
 
 ### Aggregated discovery
 
-{{< feature-state feature_gate_name="AggregatedDiscoveryEndpoint" >}}
-
 Kubernetes offers stable support for _aggregated discovery_, publishing
 all resources supported by a cluster through two endpoints (`/api` and
 `/apis`). Requesting this
@@ -201,8 +199,6 @@ checks).
 
 ### OpenAPI V3
 
-{{< feature-state feature_gate_name="OpenAPIV3" >}}
-
 Kubernetes supports publishing a description of its APIs as OpenAPI v3.
 
 A discovery endpoint `/openapi/v3` is provided to see a list of all

content/en/docs/concepts/policy/node-resource-managers.md

@@ -24,8 +24,6 @@ the policy you specify. To learn more, read
 
 ## Policies for assigning CPUs to Pods
 
-{{< feature-state feature_gate_name="CPUManager" >}}
-
 Once a Pod is bound to a Node, the kubelet on that node may need to either multiplex the existing
 hardware (for example, sharing CPUs across multiple Pods) or allocate hardware by dedicating some
 resource (for example, assigning one of more CPUs for a Pod's exclusive use).

content/en/docs/concepts/scheduling-eviction/pod-overhead.md

@@ -10,8 +10,6 @@ weight: 30
 
 <!-- overview -->
 
-{{< feature-state for_k8s_version="v1.24" state="stable" >}}
-
 When you run a Pod on a Node, the Pod itself takes an amount of system resources. These
 resources are additional to the resources needed to run the container(s) inside the Pod.
 In Kubernetes, _Pod Overhead_ is a way to account for the resources consumed by the Pod

content/en/docs/concepts/scheduling-eviction/pod-priority-preemption.md

@@ -6,18 +6,13 @@ weight: 90
 
 <!-- overview -->
 
-{{< feature-state for_k8s_version="v1.14" state="stable" >}}
-
 [Pods](/docs/concepts/workloads/pods/) can have _priority_. Priority indicates the
 importance of a Pod relative to other Pods. If a Pod cannot be scheduled, the
 scheduler tries to preempt (evict) lower priority Pods to make scheduling of the
 pending Pod possible.
 
-
-
 <!-- body -->
 
-
 {{< warning >}}
 In a cluster where not all users are trusted, a malicious user could create Pods
 at the highest possible priorities, causing other Pods to be evicted/not get
@@ -102,8 +97,6 @@ description: "This priority class should be used for XYZ service pods only."
 
 ## Non-preempting PriorityClass {#non-preempting-priority-class}
 
-{{< feature-state for_k8s_version="v1.24" state="stable" >}}
-
 Pods with `preemptionPolicy: Never` will be placed in the scheduling queue
 ahead of lower-priority pods,
 but they cannot preempt other pods.

content/en/docs/concepts/scheduling-eviction/topology-spread-constraints.md

@@ -96,14 +96,6 @@ your cluster. Those fields are:
   A domain is a particular instance of a topology. An eligible domain is a domain whose
   nodes match the node selector.
 
-  <!-- OK to remove this note once v1.29 Kubernetes is out of support -->
-  {{< note >}}
-  Before Kubernetes v1.30, the `minDomains` field was only available if the
-  `MinDomainsInPodTopologySpread` [feature gate](/docs/reference/command-line-tools-reference/feature-gates-removed/)
-  was enabled (default since v1.28). In older Kubernetes clusters it might be explicitly
-  disabled or the field might not be available.
-  {{< /note >}}
-
   - The value of `minDomains` must be greater than 0, when specified.
     You can only specify `minDomains` in conjunction with `whenUnsatisfiable: DoNotSchedule`.
   - When the number of eligible domains with match topology keys is less than `minDomains`,

content/en/docs/concepts/security/service-accounts.md

@@ -180,15 +180,16 @@ following methods:
   rotates the token before it expires.
 * [Service Account Token Secrets](/docs/tasks/configure-pod-container/configure-service-account/#manually-create-an-api-token-for-a-serviceaccount)
   (not recommended): You can mount service account tokens as Kubernetes
-  Secrets in Pods. These tokens don't expire and don't rotate. In versions prior to v1.24, a permanent token was automatically created for each service account.
+  Secrets in Pods. These tokens don't expire and don't rotate.
+  In versions prior to v1.24, a permanent token was automatically created for each service account.
   This method is not recommended anymore, especially at scale, because of the risks associated
-  with static, long-lived credentials. The [LegacyServiceAccountTokenNoAutoGeneration feature gate](/docs/reference/command-line-tools-reference/feature-gates-removed)
-  (which was enabled by default from Kubernetes v1.24 to v1.26),  prevented Kubernetes from automatically creating these tokens for
-  ServiceAccounts. The feature gate is removed in v1.27, because it was elevated to GA status; you can still create indefinite service account tokens manually, but should take into account the security implications.
+  with static, long-lived credentials. You can still create indefinite service account tokens manually,
+  but should take into account the security implications.
 
 {{< note >}}
 For applications running outside your Kubernetes cluster, you might be considering
-creating a long-lived ServiceAccount token that is stored in a Secret. This allows authentication, but the Kubernetes project recommends you avoid this approach.
+creating a long-lived ServiceAccount token that is stored in a Secret.
+This allows authentication, but the Kubernetes project recommends you avoid this approach.
 Long-lived bearer tokens represent a security risk as, once disclosed, the token
 can be misused. Instead, consider using an alternative. For example, your external
 application can authenticate using a well-protected private key `and` a certificate,
@@ -202,7 +203,8 @@ You can also use TokenRequest to obtain short-lived tokens for your external app
 {{< feature-state for_k8s_version="v1.32" state="deprecated" >}}
 
 {{< note >}}
-`kubernetes.io/enforce-mountable-secrets` is deprecated since Kubernetes v1.32. Use separate namespaces to isolate access to mounted secrets.
+`kubernetes.io/enforce-mountable-secrets` is deprecated since Kubernetes v1.32.
+Use separate namespaces to isolate access to mounted secrets.
 {{< /note >}}
 
 Kubernetes provides an annotation called `kubernetes.io/enforce-mountable-secrets`
@@ -231,7 +233,8 @@ the Secrets from this ServiceAccount are subject to certain mounting restriction
 1. The name of each Secret referenced using `imagePullSecrets` in a Pod must also appear in the `secrets`
    field of the Pod's ServiceAccount.
 
-By understanding and enforcing these restrictions, cluster administrators can maintain a tighter security profile and ensure that secrets are accessed only by the appropriate resources.
+By understanding and enforcing these restrictions, cluster administrators can maintain
+a tighter security profile and ensure that secrets are accessed only by the appropriate resources.
 
 ## Authenticating service account credentials {#authenticating-credentials}
 

content/en/docs/concepts/services-networking/service.md

@@ -297,8 +297,6 @@ selectors and uses DNS names instead. For more information, see the
 
 ### EndpointSlices
 
-{{< feature-state for_k8s_version="v1.21" state="stable" >}}
-
 [EndpointSlices](/docs/concepts/services-networking/endpoint-slices/) are objects that
 represent a subset (a _slice_) of the backing network endpoints for a Service.
 
@@ -351,8 +349,6 @@ The same API limit means that you cannot manually update an Endpoints to have mo
 
 ### Application protocol
 
-{{< feature-state for_k8s_version="v1.20" state="stable" >}}
-
 The `appProtocol` field provides a way to specify an application protocol for
 each Service port. This is used as a hint for implementations to offer
 richer behavior for protocols that they understand.
@@ -636,14 +632,11 @@ balancer health checks are extensively used within the context of supporting the
 
 #### Load balancers with mixed protocol types
 
-{{< feature-state feature_gate_name="MixedProtocolLBService" >}}
-
 By default, for LoadBalancer type of Services, when there is more than one port defined, all
 ports must have the same protocol, and the protocol must be one which is supported
 by the cloud provider.
-
-The feature gate `MixedProtocolLBService` (enabled by default for the kube-apiserver as of v1.24) allows the use of
-different protocols for LoadBalancer type of Services, when there is more than one port defined.
+However, Kubernetes allows the use of different protocols for LoadBalancer type of Services,
+when there is more than one port defined.
 
 {{< note >}}
 The set of protocols that can be used for load balanced Services is defined by your
@@ -652,8 +645,6 @@ cloud provider; they may impose restrictions beyond what the Kubernetes API enfo
 
 #### Disabling load balancer NodePort allocation {#load-balancer-nodeport-allocation}
 
-{{< feature-state for_k8s_version="v1.24" state="stable" >}}
-
 You can optionally disable node port allocation for a Service of `type: LoadBalancer`, by setting
 the field `spec.allocateLoadBalancerNodePorts` to `false`. This should only be used for load balancer implementations
 that route traffic directly to pods as opposed to using node ports. By default, `spec.allocateLoadBalancerNodePorts`
@@ -663,8 +654,6 @@ You must explicitly remove the `nodePorts` entry in every Service port to de-all
 
 #### Specifying class of load balancer implementation {#load-balancer-class}
 
-{{< feature-state for_k8s_version="v1.24" state="stable" >}}
-
 For a Service with `type` set to `LoadBalancer`, the `.spec.loadBalancerClass` field
 enables you to use a load balancer implementation other than the cloud provider default.
 

content/en/docs/concepts/storage/persistent-volumes.md

@@ -634,8 +634,7 @@ The access modes are:
 : the volume can be mounted as read-write by many nodes.
 
  `ReadWriteOncePod`
-: {{< feature-state for_k8s_version="v1.29" state="stable" >}}
-  the volume can be mounted as read-write by a single Pod. Use ReadWriteOncePod
+: the volume can be mounted as read-write by a single Pod. Use ReadWriteOncePod
   access mode if you want to ensure that only one pod across the whole cluster can
   read that PVC or write to it.
 
@@ -763,11 +762,9 @@ You can see the name of the PVC bound to the PV using `kubectl describe persiste
 
 #### Phase transition timestamp
 
-{{< feature-state feature_gate_name="PersistentVolumeLastPhaseTransitionTime" >}}
-
-The `.status` field for a PersistentVolume can include an alpha `lastPhaseTransitionTime` field. This field records
-the timestamp of when the volume last transitioned its phase. For newly created
-volumes the phase is set to `Pending` and `lastPhaseTransitionTime` is set to
+The `.status` field for a PersistentVolume can include a `lastPhaseTransitionTime` field.
+This field records the timestamp of when the volume last transitioned its phase.
+For newly created volumes the phase is set to `Pending` and `lastPhaseTransitionTime` is set to
 the current time.
 
 ## PersistentVolumeClaims
@@ -894,8 +891,6 @@ it won't be supported in a future Kubernetes release.
 
 #### Retroactive default StorageClass assignment
 
-{{< feature-state for_k8s_version="v1.28" state="stable" >}}
-
 You can create a PersistentVolumeClaim without specifying a `storageClassName`
 for the new PVC, and you can do so even when no default StorageClass exists
 in your cluster. In this case, the new PVC creates as you defined it, and the

content/en/docs/concepts/storage/volumes.md

@@ -819,6 +819,7 @@ before using it in the Pod.
 
 
 #### Portworx CSI migration
+
 {{< feature-state feature_gate_name="CSIMigrationPortworx" >}}
 
 In Kubernetes {{% skew currentVersion %}}, all operations for the in-tree
@@ -924,8 +925,6 @@ spec:
 
 ### Using subPath with expanded environment variables {#using-subpath-expanded-environment}
 
-{{< feature-state for_k8s_version="v1.17" state="stable" >}}
-
 Use the `subPathExpr` field to construct `subPath` directory names from
 downward API environment variables.
 The `subPath` and `subPathExpr` properties are mutually exclusive.
@@ -1069,11 +1068,7 @@ persistent volume:
   call to the CSI driver. All supported versions of Kubernetes offer the
   `nodeExpandSecretRef` field, and have it available by default. Kubernetes releases
   prior to v1.25 did not include this support.
-* Enable the [feature gate](/docs/reference/command-line-tools-reference/feature-gates-removed/)
-  named `CSINodeExpandSecret` for each kube-apiserver and for the kubelet on every
-  node. Since Kubernetes version 1.27, this feature has been enabled by default
-  and no explicit enablement of the feature gate is required.
-  You must also be using a CSI driver that supports or requires secret data during
+* You must use a CSI driver that supports or requires secret data during
   node-initiated storage resize operations.
 * `nodePublishSecretRef`: A reference to the secret object containing
   sensitive information to pass to the CSI driver to complete the CSI
@@ -1088,8 +1083,6 @@ persistent volume:
 
 #### CSI raw block volume support
 
-{{< feature-state for_k8s_version="v1.18" state="stable" >}}
-
 Vendors with external CSI drivers can implement raw block volume support
 in Kubernetes workloads.
 
@@ -1099,8 +1092,6 @@ as usual, without any CSI-specific changes.
 
 #### CSI ephemeral volumes
 
-{{< feature-state for_k8s_version="v1.25" state="stable" >}}
-
 You can directly configure CSI volumes within the Pod
 specification. Volumes specified in this way are ephemeral and do not
 persist across pod restarts. See
@@ -1126,10 +1117,8 @@ For more details, refer to the deployment guide of the CSI plugin you wish to de
 
 #### Migrating to CSI drivers from in-tree plugins
 
-{{< feature-state for_k8s_version="v1.25" state="stable" >}}
-
-The `CSIMigration` feature directs operations against existing in-tree
-plugins to corresponding CSI plugins (which are expected to be installed and configured).
+The operations against existing in-tree plugins are redirected to
+the corresponding CSI plugins (which are expected to be installed and configured).
 As a result, operators do not have to make any
 configuration changes to existing Storage Classes, PersistentVolumes or PersistentVolumeClaims
 (referring to in-tree plugins) when transitioning to a CSI driver that supersedes an in-tree plugin.
@@ -1159,8 +1148,6 @@ are listed in [Types of Volumes](#volume-types).
 
 ### flexVolume (deprecated)   {#flexvolume}
 
-{{< feature-state for_k8s_version="v1.23" state="deprecated" >}}
-
 FlexVolume is an out-of-tree plugin interface that uses an exec-based model to interface
 with storage drivers. The FlexVolume driver binaries must be installed in a pre-defined
 volume plugin path on each node and in some cases the control plane nodes as well.

content/en/docs/concepts/windows/user-guide.md

@@ -167,12 +167,6 @@ that the containers in that Pod are designed for. For Pods that run Linux contai
 `.spec.os.name` to `linux`. For Pods that run Windows containers, set `.spec.os.name`
 to `windows`.
 
-{{< note >}}
-If you are running a version of Kubernetes older than 1.24, you may need to enable
-the `IdentifyPodOS` [feature gate](/docs/reference/command-line-tools-reference/feature-gates/)
-to be able to set a value for `.spec.pod.os`.
-{{< /note >}}
-
 The scheduler does not use the value of `.spec.os.name` when assigning Pods to nodes. You should
 use normal Kubernetes mechanisms for
 [assigning pods to nodes](/docs/concepts/scheduling-eviction/assign-pod-node/)

content/en/docs/concepts/workloads/pods/disruptions.md

@@ -91,8 +91,6 @@ in your pod spec can also cause voluntary (and involuntary) disruptions.
 
 ## Pod disruption budgets
 
-{{< feature-state for_k8s_version="v1.21" state="stable" >}}
-
 Kubernetes offers features to help you run highly available applications even when you
 introduce frequent voluntary disruptions.
 
@@ -233,8 +231,6 @@ can happen, according to:
 
 ## Pod disruption conditions {#pod-disruption-conditions}
 
-{{< feature-state feature_gate_name="PodDisruptionConditions" >}}
-
 A dedicated Pod `DisruptionTarget` [condition](/docs/concepts/workloads/pods/pod-lifecycle/#pod-conditions)
 is added to indicate
 that the Pod is about to be deleted due to a {{<glossary_tooltip term_id="disruption" text="disruption">}}.