@@ -489,9 +489,6 @@ func (s *containerRouter) postContainersCreate(ctx context.Context, w http.Respo

 		// Ignore KernelMemoryTCP because it was added in API 1.40.

 		hostConfig.KernelMemoryTCP = 0

-		// Ignore Capabilities because it was added in API 1.40.

-		hostConfig.Capabilities = nil

-

 		// Older clients (API < 1.40) expects the default to be shareable, make them happy

 		if hostConfig.IpcMode.IsEmpty() {

 			hostConfig.IpcMode = container.IpcMode("shareable")

@@ -99,7 +99,8 @@ func adjustForAPIVersion(cliVersion string, service *swarm.ServiceSpec) {

 		if service.TaskTemplate.ContainerSpec != nil {

 			// Capabilities for docker swarm services weren't

 			// supported before API version 1.41

-			service.TaskTemplate.ContainerSpec.Capabilities = nil

+			service.TaskTemplate.ContainerSpec.CapabilityAdd = nil

+			service.TaskTemplate.ContainerSpec.CapabilityDrop = nil

 		}

 		if service.TaskTemplate.Resources != nil && service.TaskTemplate.Resources.Limits != nil {

 			// Limits.Pids  not supported before API version 1.41

@@ -906,15 +906,6 @@ definitions:

               $ref: "#/definitions/Mount"

           # Applicable to UNIX platforms

-          Capabilities:

-            type: "array"

-            description: |

-              A list of kernel capabilities to be available for container (this

-              overrides the default set).

-

-              Conflicts with options 'CapAdd' and 'CapDrop'"

-            items:

-              type: "string"

           CapAdd:

             type: "array"

             description: |

@@ -3288,11 +3279,11 @@ definitions:

             additionalProperties:

               type: "string"

           # This option is not used by Windows containers

-          Capabilities:

+          CapabilityAdd:

             type: "array"

             description: |

-              A list of kernel capabilities to be available for container (this

-              overrides the default set).

+              A list of kernel capabilities to add to the default set

+              for the container.

             items:

               type: "string"

             example:

@@ -3300,6 +3291,15 @@ definitions:

               - "CAP_SYS_ADMIN"

               - "CAP_SYS_CHROOT"

               - "CAP_SYSLOG"

+          CapabilityDrop:

+            type: "array"

+            description: |

+              A list of kernel capabilities to drop from the default set

+              for the container.

+            items:

+              type: "string"

+            example:

+              - "CAP_NET_RAW"

       NetworkAttachmentSpec:

         description: |

           Read-only spec type for non-swarm containers attached to swarm overlay

@@ -403,7 +403,6 @@ type HostConfig struct {

 	// Applicable to UNIX platforms

 	CapAdd          strslice.StrSlice // List of kernel capabilities to add to the container

 	CapDrop         strslice.StrSlice // List of kernel capabilities to remove from the container

-	Capabilities    []string          `json:"Capabilities"` // List of kernel capabilities to be available for container (this overrides the default set)

 	CgroupnsMode    CgroupnsMode      // Cgroup namespace mode to use for the container

 	DNS             []string          `json:"Dns"`        // List of DNS server to lookup

 	DNSOptions      []string          `json:"DnsOptions"` // List of DNSOption to look for

@@ -67,11 +67,12 @@ type ContainerSpec struct {

 	// The format of extra hosts on swarmkit is specified in:

 	// http://man7.org/linux/man-pages/man5/hosts.5.html

 	//    IP_address canonical_hostname [aliases...]

-	Hosts        []string            `json:",omitempty"`

-	DNSConfig    *DNSConfig          `json:",omitempty"`

-	Secrets      []*SecretReference  `json:",omitempty"`

-	Configs      []*ConfigReference  `json:",omitempty"`

-	Isolation    container.Isolation `json:",omitempty"`

-	Sysctls      map[string]string   `json:",omitempty"`

-	Capabilities []string            `json:",omitempty"`

+	Hosts          []string            `json:",omitempty"`

+	DNSConfig      *DNSConfig          `json:",omitempty"`

+	Secrets        []*SecretReference  `json:",omitempty"`

+	Configs        []*ConfigReference  `json:",omitempty"`

+	Isolation      container.Isolation `json:",omitempty"`

+	Sysctls        map[string]string   `json:",omitempty"`

+	CapabilityAdd  []string            `json:",omitempty"`

+	CapabilityDrop []string            `json:",omitempty"`

 }

@@ -18,26 +18,27 @@ func containerSpecFromGRPC(c *swarmapi.ContainerSpec) *types.ContainerSpec {

 		return nil

 	}

 	containerSpec := &types.ContainerSpec{

-		Image:        c.Image,

-		Labels:       c.Labels,

-		Command:      c.Command,

-		Args:         c.Args,

-		Hostname:     c.Hostname,

-		Env:          c.Env,

-		Dir:          c.Dir,

-		User:         c.User,

-		Groups:       c.Groups,

-		StopSignal:   c.StopSignal,

-		TTY:          c.TTY,

-		OpenStdin:    c.OpenStdin,

-		ReadOnly:     c.ReadOnly,

-		Hosts:        c.Hosts,

-		Secrets:      secretReferencesFromGRPC(c.Secrets),

-		Configs:      configReferencesFromGRPC(c.Configs),

-		Isolation:    IsolationFromGRPC(c.Isolation),

-		Init:         initFromGRPC(c.Init),

-		Sysctls:      c.Sysctls,

-		Capabilities: c.Capabilities,

+		Image:          c.Image,

+		Labels:         c.Labels,

+		Command:        c.Command,

+		Args:           c.Args,

+		Hostname:       c.Hostname,

+		Env:            c.Env,

+		Dir:            c.Dir,

+		User:           c.User,

+		Groups:         c.Groups,

+		StopSignal:     c.StopSignal,

+		TTY:            c.TTY,

+		OpenStdin:      c.OpenStdin,

+		ReadOnly:       c.ReadOnly,

+		Hosts:          c.Hosts,

+		Secrets:        secretReferencesFromGRPC(c.Secrets),

+		Configs:        configReferencesFromGRPC(c.Configs),

+		Isolation:      IsolationFromGRPC(c.Isolation),

+		Init:           initFromGRPC(c.Init),

+		Sysctls:        c.Sysctls,

+		CapabilityAdd:  c.CapabilityAdd,

+		CapabilityDrop: c.CapabilityDrop,

 	}

 	if c.DNSConfig != nil {

@@ -246,25 +247,26 @@ func configReferencesFromGRPC(sr []*swarmapi.ConfigReference) []*types.ConfigRef

 func containerToGRPC(c *types.ContainerSpec) (*swarmapi.ContainerSpec, error) {

 	containerSpec := &swarmapi.ContainerSpec{

-		Image:        c.Image,

-		Labels:       c.Labels,

-		Command:      c.Command,

-		Args:         c.Args,

-		Hostname:     c.Hostname,

-		Env:          c.Env,

-		Dir:          c.Dir,

-		User:         c.User,

-		Groups:       c.Groups,

-		StopSignal:   c.StopSignal,

-		TTY:          c.TTY,

-		OpenStdin:    c.OpenStdin,

-		ReadOnly:     c.ReadOnly,

-		Hosts:        c.Hosts,

-		Secrets:      secretReferencesToGRPC(c.Secrets),

-		Isolation:    isolationToGRPC(c.Isolation),

-		Init:         initToGRPC(c.Init),

-		Sysctls:      c.Sysctls,

-		Capabilities: c.Capabilities,

+		Image:          c.Image,

+		Labels:         c.Labels,

+		Command:        c.Command,

+		Args:           c.Args,

+		Hostname:       c.Hostname,

+		Env:            c.Env,

+		Dir:            c.Dir,

+		User:           c.User,

+		Groups:         c.Groups,

+		StopSignal:     c.StopSignal,

+		TTY:            c.TTY,

+		OpenStdin:      c.OpenStdin,

+		ReadOnly:       c.ReadOnly,

+		Hosts:          c.Hosts,

+		Secrets:        secretReferencesToGRPC(c.Secrets),

+		Isolation:      isolationToGRPC(c.Isolation),

+		Init:           initToGRPC(c.Init),

+		Sysctls:        c.Sysctls,

+		CapabilityAdd:  c.CapabilityAdd,

+		CapabilityDrop: c.CapabilityDrop,

 	}

 	if c.DNSConfig != nil {

@@ -360,7 +360,8 @@ func (c *containerConfig) hostConfig() *enginecontainer.HostConfig {

 		Isolation:      c.isolation(),

 		Init:           c.init(),

 		Sysctls:        c.spec().Sysctls,

-		Capabilities:   c.spec().Capabilities,

+		CapAdd:         c.spec().CapabilityAdd,

+		CapDrop:        c.spec().CapabilityDrop,

 	}

 	if c.spec().DNSConfig != nil {

@@ -305,21 +305,12 @@ func validateHostConfig(hostConfig *containertypes.HostConfig, platform string)

 }

 func validateCapabilities(hostConfig *containertypes.HostConfig) error {

-	if len(hostConfig.CapAdd) > 0 && hostConfig.Capabilities != nil {

-		return errdefs.InvalidParameter(errors.Errorf("conflicting options: Capabilities and CapAdd"))

-	}

-	if len(hostConfig.CapDrop) > 0 && hostConfig.Capabilities != nil {

-		return errdefs.InvalidParameter(errors.Errorf("conflicting options: Capabilities and CapDrop"))

-	}

 	if _, err := caps.NormalizeLegacyCapabilities(hostConfig.CapAdd); err != nil {

 		return errors.Wrap(err, "invalid CapAdd")

 	}

 	if _, err := caps.NormalizeLegacyCapabilities(hostConfig.CapDrop); err != nil {

 		return errors.Wrap(err, "invalid CapDrop")

 	}

-	if err := caps.ValidateCapabilities(hostConfig.Capabilities); err != nil {

-		return errors.Wrap(err, "invalid Capabilities")

-	}

 	// TODO consider returning warnings if "Privileged" is combined with Capabilities, CapAdd and/or CapDrop

 	return nil

 }

@@ -162,7 +162,6 @@ func WithCapabilities(c *container.Container) coci.SpecOpts {

 			caps.DefaultCapabilities(),

 			c.HostConfig.CapAdd,

 			c.HostConfig.CapDrop,

-			c.HostConfig.Capabilities,

 			c.HostConfig.Privileged,

 		)

 		if err != nil {

@@ -390,7 +390,7 @@ func (daemon *Daemon) createSpecLinuxFields(c *container.Container, s *specs.Spe

 	// Note these are against the UVM.

 	setResourcesInSpec(c, s, true) // LCOW is Hyper-V only

-	capabilities, err := caps.TweakCapabilities(caps.DefaultCapabilities(), c.HostConfig.CapAdd, c.HostConfig.CapDrop, c.HostConfig.Capabilities, c.HostConfig.Privileged)

+	capabilities, err := caps.TweakCapabilities(caps.DefaultCapabilities(), c.HostConfig.CapAdd, c.HostConfig.CapDrop, c.HostConfig.Privileged)

 	if err != nil {

 		return fmt.Errorf("linux spec capabilities: %v", err)

 	}

@@ -28,12 +28,12 @@ keywords: "API, Docker, rcli, REST, documentation"

 * The `filter` (singular) query parameter, which was deprecated in favor of the

   `filters` option in Docker 1.13, has now been removed from the `GET /images/json`

   endpoint. The parameter remains available when using API version 1.40 or below.

-* `GET /services` now returns `Capabilities` as part of the `ContainerSpec`.

-* `GET /services/{id}` now returns `Capabilities` as part of the `ContainerSpec`.

-* `POST /services/create` now accepts `Capabilities` as part of the `ContainerSpec`.

-* `POST /services/{id}/update` now accepts `Capabilities` as part of the `ContainerSpec`.

-* `GET /tasks` now  returns `Capabilities` as part of the `ContainerSpec`.

-* `GET /tasks/{id}` now  returns `Capabilities` as part of the `ContainerSpec`.

+* `GET /services` now returns `CappAdd` and `CapDrop` as part of the `ContainerSpec`.

+* `GET /services/{id}` now returns `CapAdd` and `CapDrop` as part of the `ContainerSpec`.

+* `POST /services/create` now accepts `CapAdd` and `CapDrop` as part of the `ContainerSpec`.

+* `POST /services/{id}/update` now accepts `CapAdd` and `CapDrop` as part of the `ContainerSpec`.

+* `GET /tasks` now  returns `CapAdd` and `CapDrop` as part of the `ContainerSpec`.

+* `GET /tasks/{id}` now  returns `CapAdd` and `CapDrop` as part of the `ContainerSpec`.

 * `GET /services` now returns `Pids` in `TaskTemplate.Resources.Limits`.

 * `GET /services/{id}` now returns `Pids` in `TaskTemplate.Resources.Limits`.

 * `POST /services/create` now accepts `Pids` in `TaskTemplate.Resources.Limits`.

@@ -135,11 +135,6 @@ keywords: "API, Docker, rcli, REST, documentation"

 * `GET /service/{id}` now  returns `MaxReplicas` as part of the `Placement`.

 * `POST /service/create` and `POST /services/(id or name)/update` now take the field `MaxReplicas`

   as part of the service `Placement`, allowing to specify maximum replicas per node for the service.

-* `GET /containers` now returns `Capabilities` field as part of the `HostConfig`.

-* `GET /containers/{id}/json` now returns a `Capabilities` field as part of the `HostConfig`.

-* `POST /containers/create` now takes a `Capabilities` field to set the list of

-  kernel capabilities to be available for the container (this overrides the default

-  set).

 * `POST /containers/create` on Linux now creates a container with `HostConfig.IpcMode=private`

   by default, if IpcMode is not explicitly specified. The per-daemon default can be changed

   back to `shareable` by using `DefaultIpcMode` daemon configuration parameter.

@@ -17,7 +17,6 @@ import (

 	"github.com/docker/docker/errdefs"

 	ctr "github.com/docker/docker/integration/internal/container"

 	"github.com/docker/docker/oci"

-	"github.com/docker/docker/testutil/request"

 	specs "github.com/opencontainers/image-spec/specs-go/v1"

 	"gotest.tools/v3/assert"

 	is "gotest.tools/v3/assert/cmp"

@@ -258,133 +257,6 @@ func TestCreateWithCustomMaskedPaths(t *testing.T) {

 	}

 }

-func TestCreateWithCapabilities(t *testing.T) {

-	skip.If(t, testEnv.DaemonInfo.OSType == "windows", "FIXME: test should be able to run on LCOW")

-	skip.If(t, versions.LessThan(testEnv.DaemonAPIVersion(), "1.40"), "Capabilities was added in API v1.40")

-

-	defer setupTest(t)()

-	ctx := context.Background()

-	clientNew := request.NewAPIClient(t)

-	clientOld := request.NewAPIClient(t, client.WithVersion("1.39"))

-

-	testCases := []struct {

-		doc           string

-		hostConfig    container.HostConfig

-		expected      []string

-		expectedError string

-		oldClient     bool

-	}{

-		{

-			doc:        "no capabilities",

-			hostConfig: container.HostConfig{},

-		},

-		{

-			doc: "empty capabilities",

-			hostConfig: container.HostConfig{

-				Capabilities: []string{},

-			},

-			expected: []string{},

-		},

-		{

-			doc: "valid capabilities",

-			hostConfig: container.HostConfig{

-				Capabilities: []string{"CAP_NET_RAW", "CAP_SYS_CHROOT"},

-			},

-			expected: []string{"CAP_NET_RAW", "CAP_SYS_CHROOT"},

-		},

-		{

-			doc: "invalid capabilities",

-			hostConfig: container.HostConfig{

-				Capabilities: []string{"NET_RAW"},

-			},

-			expectedError: `invalid Capabilities: unknown capability: "NET_RAW"`,

-		},

-		{

-			doc: "duplicate capabilities",

-			hostConfig: container.HostConfig{

-				Capabilities: []string{"CAP_SYS_NICE", "CAP_SYS_NICE"},

-			},

-			expected: []string{"CAP_SYS_NICE", "CAP_SYS_NICE"},

-		},

-		{

-			doc: "capabilities API v1.39",

-			hostConfig: container.HostConfig{

-				Capabilities: []string{"CAP_NET_RAW", "CAP_SYS_CHROOT"},

-			},

-			expected:  nil,

-			oldClient: true,

-		},

-		{

-			doc: "empty capadd",

-			hostConfig: container.HostConfig{

-				Capabilities: []string{"CAP_NET_ADMIN"},

-				CapAdd:       []string{},

-			},

-			expected: []string{"CAP_NET_ADMIN"},

-		},

-		{

-			doc: "empty capdrop",

-			hostConfig: container.HostConfig{

-				Capabilities: []string{"CAP_NET_ADMIN"},

-				CapDrop:      []string{},

-			},

-			expected: []string{"CAP_NET_ADMIN"},

-		},

-		{

-			doc: "capadd capdrop",

-			hostConfig: container.HostConfig{

-				CapAdd:  []string{"SYS_NICE", "CAP_SYS_NICE"},

-				CapDrop: []string{"SYS_NICE", "CAP_SYS_NICE"},

-			},

-		},

-		{

-			doc: "conflict with capadd",

-			hostConfig: container.HostConfig{

-				Capabilities: []string{"CAP_NET_ADMIN"},

-				CapAdd:       []string{"SYS_NICE"},

-			},

-			expectedError: `conflicting options: Capabilities and CapAdd`,

-		},

-		{

-			doc: "conflict with capdrop",

-			hostConfig: container.HostConfig{

-				Capabilities: []string{"CAP_NET_ADMIN"},

-				CapDrop:      []string{"NET_RAW"},

-			},

-			expectedError: `conflicting options: Capabilities and CapDrop`,

-		},

-	}

-

-	for _, tc := range testCases {

-		tc := tc

-		t.Run(tc.doc, func(t *testing.T) {

-			t.Parallel()

-			client := clientNew

-			if tc.oldClient {

-				client = clientOld

-			}

-

-			c, err := client.ContainerCreate(context.Background(),

-				&container.Config{Image: "busybox"},

-				&tc.hostConfig,

-				&network.NetworkingConfig{},

-				nil,

-				"",

-			)

-			if tc.expectedError == "" {

-				assert.NilError(t, err)

-				ci, err := client.ContainerInspect(ctx, c.ID)

-				assert.NilError(t, err)

-				assert.Check(t, ci.HostConfig != nil)

-				assert.DeepEqual(t, tc.expected, ci.HostConfig.Capabilities)

-			} else {

-				assert.ErrorContains(t, err, tc.expectedError)

-				assert.Check(t, errdefs.IsInvalidParameter(err))

-			}

-		})

-	}

-}

-

 func TestCreateWithCustomReadonlyPaths(t *testing.T) {

 	skip.If(t, testEnv.DaemonInfo.OSType != "linux")

@@ -189,10 +189,11 @@ func ServiceWithSysctls(sysctls map[string]string) ServiceSpecOpt {

 }

 // ServiceWithCapabilities sets the Capabilities option of the service's ContainerSpec.

-func ServiceWithCapabilities(Capabilities []string) ServiceSpecOpt {

+func ServiceWithCapabilities(add []string, drop []string) ServiceSpecOpt {

 	return func(spec *swarmtypes.ServiceSpec) {

 		ensureContainerSpec(spec)

-		spec.TaskTemplate.ContainerSpec.Capabilities = Capabilities

+		spec.TaskTemplate.ContainerSpec.CapabilityAdd = add

+		spec.TaskTemplate.ContainerSpec.CapabilityDrop = drop

 	}

 }

@@ -10,6 +10,7 @@ import (

 	"github.com/docker/docker/api/types"

 	"github.com/docker/docker/api/types/filters"

+	"github.com/docker/docker/api/types/strslice"

 	swarmtypes "github.com/docker/docker/api/types/swarm"

 	"github.com/docker/docker/api/types/versions"

 	"github.com/docker/docker/client"

@@ -492,12 +493,13 @@ func TestCreateServiceCapabilities(t *testing.T) {

 	ctx := context.Background()

 	// store the map we're going to be using everywhere.

-	expectedCapabilities := []string{"CAP_NET_RAW", "CAP_SYS_CHROOT"}

+	capAdd := []string{"CAP_SYS_CHROOT"}

+	capDrop := []string{"CAP_NET_RAW"}

 	// Create the service with the capabilities options

 	var instances uint64 = 1

 	serviceID := swarm.CreateService(t, d,

-		swarm.ServiceWithCapabilities(expectedCapabilities),

+		swarm.ServiceWithCapabilities(capAdd, capDrop),

 	)

 	// wait for the service to converge to 1 running task as expected

@@ -529,15 +531,16 @@ func TestCreateServiceCapabilities(t *testing.T) {

 	// verify that the container has the capabilities option set

 	ctnr, err := client.ContainerInspect(ctx, tasks[0].Status.ContainerStatus.ContainerID)

 	assert.NilError(t, err)

-	assert.DeepEqual(t, ctnr.HostConfig.Capabilities, expectedCapabilities)

+	assert.DeepEqual(t, ctnr.HostConfig.CapAdd, strslice.StrSlice(capAdd))

+	assert.DeepEqual(t, ctnr.HostConfig.CapDrop, strslice.StrSlice(capDrop))

 	// verify that the task has the capabilities option set in the task object

-	assert.DeepEqual(t, tasks[0].Spec.ContainerSpec.Capabilities, expectedCapabilities)

+	assert.DeepEqual(t, tasks[0].Spec.ContainerSpec.CapabilityAdd, capAdd)

+	assert.DeepEqual(t, tasks[0].Spec.ContainerSpec.CapabilityDrop, capDrop)

 	// verify that the service also has the capabilities set in the spec.

 	service, _, err := client.ServiceInspectWithRaw(ctx, serviceID, types.ServiceInspectOptions{})

 	assert.NilError(t, err)

-	assert.DeepEqual(t,

-		service.Spec.TaskTemplate.ContainerSpec.Capabilities, expectedCapabilities,

-	)

+	assert.DeepEqual(t, service.Spec.TaskTemplate.ContainerSpec.CapabilityAdd, capAdd)

+	assert.DeepEqual(t, service.Spec.TaskTemplate.ContainerSpec.CapabilityDrop, capDrop)

 }

@@ -117,17 +117,11 @@ func ValidateCapabilities(caps []string) error {

 // TweakCapabilities tweaks capabilities by adding, dropping, or overriding

 // capabilities in the basics capabilities list.

-func TweakCapabilities(basics, adds, drops, capabilities []string, privileged bool) ([]string, error) {

+func TweakCapabilities(basics, adds, drops []string, privileged bool) ([]string, error) {

 	switch {

 	case privileged:

 		// Privileged containers get all capabilities

 		return GetAllCapabilities(), nil

-	case capabilities != nil:

-		// Use custom set of capabilities

-		if err := ValidateCapabilities(capabilities); err != nil {

-			return nil, err

-		}

-		return capabilities, nil

 	case len(adds) == 0 && len(drops) == 0:

 		// Nothing to tweak; we're done

 		return basics, nil

@@ -134,7 +134,7 @@ github.com/gogo/googleapis                          01e0f9cca9b92166042241267ee2

 github.com/cilium/ebpf                              60c3aa43f488292fe2ee50fb8b833b383ca8ebbb

 # cluster

-github.com/docker/swarmkit                          ebe39a32e3ed4c3a3783a02c11cccf388818694c

+github.com/docker/swarmkit                          035d564a3686f5e348d861ec0c074ff26854c498

 github.com/gogo/protobuf                            5628607bb4c51c3157aacc3a50f0ab707582b805 # v1.3.1

 github.com/golang/protobuf                          d23c5127dc24889085f8ccea5c9d560a57a879d8 # v1.3.3

 github.com/cloudflare/cfssl                         5d63dbd981b5c408effbb58c442d54761ff94fbd # 1.3.2

@@ -1019,8 +1019,10 @@ type ContainerSpec struct {

 	//

 	// https://docs.docker.com/engine/reference/commandline/run/#configure-namespaced-kernel-parameters-sysctls-at-runtime

 	Sysctls map[string]string `protobuf:"bytes,26,rep,name=sysctls,proto3" json:"sysctls,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"`

-	// Capabilities is the list of Linux capabilities to be available for container (this overrides the default set of capabilities)

-	Capabilities []string `protobuf:"bytes,27,rep,name=capabilities,proto3" json:"capabilities,omitempty"`

+	// CapabilityAdd sets the list of capabilities to add to the default capability list

+	CapabilityAdd []string `protobuf:"bytes,27,rep,name=capability_add,json=capabilityAdd,proto3" json:"capability_add,omitempty"`

+	// CapabilityAdd sets the list of capabilities to drop from the default capability list

+	CapabilityDrop []string `protobuf:"bytes,28,rep,name=capability_drop,json=capabilityDrop,proto3" json:"capability_drop,omitempty"`

 }

 func (m *ContainerSpec) Reset()      { *m = ContainerSpec{} }

@@ -1501,151 +1503,152 @@ func init() {

 }

 var fileDescriptor_6589acc608f7d4fd = []byte{

-	// 2289 bytes of a gzipped FileDescriptorProto

-	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xcc, 0x58, 0x4d, 0x73, 0x23, 0xb7,

-	0xd1, 0x26, 0x25, 0x8a, 0x1f, 0x3d, 0xa4, 0x96, 0x82, 0xd7, 0xf6, 0x88, 0x6b, 0x53, 0x34, 0xbd,

-	0xf6, 0x2b, 0xdb, 0xf5, 0x52, 0x15, 0xc5, 0xe5, 0xf8, 0x23, 0x4e, 0x42, 0x8a, 0xb4, 0x44, 0xef,

-	0xae, 0xc4, 0x02, 0x65, 0x25, 0x5b, 0x95, 0x2a, 0x16, 0x38, 0x03, 0x91, 0x13, 0x0d, 0x07, 0x13,

-	0x0c, 0x28, 0x9b, 0xb7, 0x1c, 0x5d, 0xca, 0x25, 0x7f, 0x40, 0xa7, 0x54, 0x4e, 0xb9, 0x24, 0xff,

-	0x62, 0x8f, 0x3e, 0x3a, 0x17, 0x55, 0xac, 0xfd, 0x09, 0xb9, 0xe5, 0x92, 0x14, 0x30, 0x98, 0x21,

-	0xa9, 0x25, 0x57, 0x9b, 0xca, 0x1e, 0x72, 0x03, 0x7a, 0x9e, 0xa7, 0xd1, 0x0d, 0x74, 0x37, 0x1a,

-	0x03, 0xef, 0x0f, 0x1c, 0x31, 0x1c, 0xf7, 0x6b, 0x16, 0x1b, 0xed, 0xd8, 0xcc, 0x3a, 0xa3, 0x7c,

-	0x27, 0xf8, 0x9a, 0xf0, 0xd1, 0x99, 0x23, 0x76, 0x88, 0xef, 0xec, 0x04, 0x3e, 0xb5, 0x82, 0x9a,

-	0xcf, 0x99, 0x60, 0x08, 0x85, 0x80, 0x5a, 0x04, 0xa8, 0x9d, 0xff, 0xa8, 0x74, 0x1b, 0x5f, 0x4c,

-	0x7c, 0xaa, 0xf9, 0xa5, 0xbb, 0x03, 0x36, 0x60, 0x6a, 0xb8, 0x23, 0x47, 0x5a, 0x5a, 0x1e, 0x30,

-	0x36, 0x70, 0xe9, 0x8e, 0x9a, 0xf5, 0xc7, 0xa7, 0x3b, 0xf6, 0x98, 0x13, 0xe1, 0x30, 0x4f, 0x7f,

-	0xdf, 0xbc, 0xf9, 0x9d, 0x78, 0x93, 0x65, 0xd4, 0xaf, 0x39, 0xf1, 0x7d, 0xca, 0xf5, 0x82, 0xd5,

-	0xcb, 0x14, 0x64, 0x0f, 0x99, 0x4d, 0xbb, 0x3e, 0xb5, 0xd0, 0x3e, 0x18, 0xc4, 0xf3, 0x98, 0x50,

-	0xba, 0x03, 0x33, 0x59, 0x49, 0x6e, 0x1b, 0xbb, 0x5b, 0xb5, 0x67, 0x7d, 0xaa, 0xd5, 0xa7, 0xb0,

-	0x46, 0xea, 0xc9, 0xd5, 0x56, 0x02, 0xcf, 0x32, 0xd1, 0xcf, 0x21, 0x6f, 0xd3, 0xc0, 0xe1, 0xd4,

-	0xee, 0x71, 0xe6, 0x52, 0x73, 0xa5, 0x92, 0xdc, 0x5e, 0xdf, 0x7d, 0x63, 0x91, 0x26, 0xb9, 0x38,

-	0x66, 0x2e, 0xc5, 0x86, 0x66, 0xc8, 0x09, 0xda, 0x07, 0x18, 0xd1, 0x51, 0x9f, 0xf2, 0x60, 0xe8,

-	0xf8, 0xe6, 0xaa, 0xa2, 0xff, 0xdf, 0x32, 0xba, 0xb4, 0xbd, 0xf6, 0x28, 0x86, 0xe3, 0x19, 0x2a,

-	0x7a, 0x04, 0x79, 0x72, 0x4e, 0x1c, 0x97, 0xf4, 0x1d, 0xd7, 0x11, 0x13, 0x33, 0xa5, 0x54, 0xbd,

-	0xf7, 0x5c, 0x55, 0xf5, 0x19, 0x02, 0x9e, 0xa3, 0x57, 0x6d, 0x80, 0xe9, 0x42, 0xe8, 0x5d, 0xc8,

-	0x74, 0x5a, 0x87, 0xcd, 0xf6, 0xe1, 0x7e, 0x31, 0x51, 0xda, 0xbc, 0xb8, 0xac, 0xbc, 0x2a, 0x75,

-	0x4c, 0x01, 0x1d, 0xea, 0xd9, 0x8e, 0x37, 0x40, 0xdb, 0x90, 0xad, 0xef, 0xed, 0xb5, 0x3a, 0xc7,

-	0xad, 0x66, 0x31, 0x59, 0x2a, 0x5d, 0x5c, 0x56, 0x5e, 0x9b, 0x07, 0xd6, 0x2d, 0x8b, 0xfa, 0x82,

-	0xda, 0xa5, 0xd4, 0xb7, 0x7f, 0x2c, 0x27, 0xaa, 0xdf, 0x26, 0x21, 0x3f, 0x6b, 0x04, 0x7a, 0x17,

-	0xd2, 0xf5, 0xbd, 0xe3, 0xf6, 0x49, 0xab, 0x98, 0x98, 0xd2, 0x67, 0x11, 0x75, 0x4b, 0x38, 0xe7,

-	0x14, 0xdd, 0x87, 0xb5, 0x4e, 0xfd, 0xab, 0x6e, 0xab, 0x98, 0x9c, 0x9a, 0x33, 0x0b, 0xeb, 0x90,

-	0x71, 0xa0, 0x50, 0x4d, 0x5c, 0x6f, 0x1f, 0x16, 0x57, 0x16, 0xa3, 0x9a, 0x9c, 0x38, 0x9e, 0x36,

-	0xe5, 0xcf, 0x6b, 0x60, 0x74, 0x29, 0x3f, 0x77, 0xac, 0x97, 0x1c, 0x22, 0x1f, 0x41, 0x4a, 0x90,

-	0xe0, 0x4c, 0x85, 0x86, 0xb1, 0x38, 0x34, 0x8e, 0x49, 0x70, 0x26, 0x17, 0xd5, 0x74, 0x85, 0x97,

-	0x91, 0xc1, 0xa9, 0xef, 0x3a, 0x16, 0x11, 0xd4, 0x56, 0x91, 0x61, 0xec, 0xbe, 0xb3, 0x88, 0x8d,

-	0x63, 0x94, 0xb6, 0xff, 0x20, 0x81, 0x67, 0xa8, 0xe8, 0x33, 0x48, 0x0f, 0x5c, 0xd6, 0x27, 0xae,

-	0x8a, 0x09, 0x63, 0xf7, 0xad, 0x45, 0x4a, 0xf6, 0x15, 0x62, 0xaa, 0x40, 0x53, 0xd0, 0x97, 0xb0,

-	0x3e, 0x55, 0xd5, 0xfb, 0x0d, 0xeb, 0x9b, 0xb0, 0x5c, 0xc9, 0xd4, 0x92, 0x2f, 0x59, 0xff, 0x20,

-	0x81, 0x0b, 0x7c, 0x56, 0x80, 0x7e, 0x06, 0x10, 0x6a, 0x55, 0x7a, 0x0c, 0xa5, 0xe7, 0xcd, 0xe5,

-	0xc6, 0x84, 0x3a, 0x72, 0x83, 0x68, 0x82, 0x3e, 0x86, 0xf4, 0xd8, 0xb7, 0x89, 0xa0, 0x66, 0x5a,

-	0x71, 0x2b, 0x8b, 0xb8, 0x5f, 0x29, 0xc4, 0x1e, 0xf3, 0x4e, 0x9d, 0x01, 0xd6, 0x78, 0xf4, 0x53,

-	0xc8, 0x72, 0xe6, 0xba, 0x7d, 0x62, 0x9d, 0x99, 0xb9, 0x17, 0xe4, 0xc6, 0x0c, 0xf4, 0x00, 0xb2,

-	0x1e, 0x15, 0x5f, 0x33, 0x7e, 0x16, 0x98, 0x99, 0xca, 0xea, 0xb6, 0xb1, 0xfb, 0xc1, 0xc2, 0xb4,

-	0x0a, 0x31, 0x75, 0x21, 0x88, 0x35, 0x1c, 0x51, 0x4f, 0x84, 0x8a, 0x1a, 0x2b, 0x66, 0x12, 0xc7,

-	0x0a, 0xa4, 0x29, 0xd4, 0xb3, 0x7d, 0xe6, 0x78, 0xc2, 0xcc, 0x2e, 0x37, 0xa5, 0xa5, 0x31, 0x32,

-	0x2c, 0x70, 0xcc, 0x68, 0xa4, 0x21, 0x35, 0x62, 0x36, 0xad, 0xee, 0xc0, 0xc6, 0x33, 0xc7, 0x8e,

-	0x4a, 0x90, 0xd5, 0x1b, 0x1e, 0xc6, 0x6b, 0x0a, 0xc7, 0xf3, 0xea, 0x1d, 0x28, 0xcc, 0x1d, 0x71,

-	0xd5, 0x82, 0xc2, 0xdc, 0x71, 0xa1, 0x77, 0x60, 0x7d, 0x44, 0xbe, 0xe9, 0x59, 0xcc, 0xb3, 0xc6,

-	0x9c, 0x53, 0x4f, 0x68, 0x1d, 0x85, 0x11, 0xf9, 0x66, 0x2f, 0x16, 0xa2, 0x0f, 0x60, 0x43, 0x30,

-	0x41, 0xdc, 0x9e, 0xc5, 0x46, 0xbe, 0x4b, 0xc3, 0xec, 0x58, 0x51, 0xc8, 0xa2, 0xfa, 0xb0, 0x37,

-	0x95, 0x57, 0x0d, 0xc8, 0xc5, 0x67, 0x59, 0xfd, 0xcb, 0x1a, 0x64, 0xa3, 0x48, 0x47, 0x0f, 0x00,

-	0x48, 0xbc, 0x51, 0x7a, 0x23, 0xde, 0x7b, 0xa1, 0x5d, 0x95, 0x74, 0x19, 0xe1, 0x53, 0x3a, 0xaa,

-	0x43, 0xce, 0x62, 0x9e, 0x20, 0x8e, 0x47, 0xb9, 0xce, 0xd4, 0x85, 0xf1, 0xb9, 0x17, 0x81, 0xb4,

-	0x8e, 0x29, 0x0b, 0x35, 0x20, 0x33, 0xa0, 0x1e, 0xe5, 0x8e, 0xa5, 0x03, 0xfc, 0xdd, 0x85, 0x81,

-	0x19, 0x42, 0xf0, 0xd8, 0x13, 0xce, 0x88, 0x6a, 0x2d, 0x11, 0x11, 0x7d, 0x01, 0x39, 0x4e, 0x03,

-	0x36, 0xe6, 0x16, 0x0d, 0x74, 0xba, 0x6f, 0x2f, 0x4e, 0x93, 0x10, 0x84, 0xe9, 0x6f, 0xc7, 0x0e,

-	0xa7, 0xd2, 0x85, 0x00, 0x4f, 0xa9, 0xe8, 0x33, 0xc8, 0x70, 0x1a, 0x08, 0xc2, 0xc5, 0xf3, 0x32,

-	0x16, 0x87, 0x90, 0x0e, 0x73, 0x1d, 0x6b, 0x82, 0x23, 0x06, 0xfa, 0x0c, 0x72, 0xbe, 0x4b, 0x2c,

-	0xa5, 0xd5, 0x5c, 0x5b, 0x9e, 0x63, 0x9d, 0x08, 0x84, 0xa7, 0x78, 0xf4, 0x09, 0x80, 0xcb, 0x06,

-	0x3d, 0x9b, 0x3b, 0xe7, 0x94, 0xeb, 0x2c, 0x2b, 0x2d, 0x62, 0x37, 0x15, 0x02, 0xe7, 0x5c, 0x36,

-	0x08, 0x87, 0x68, 0xff, 0xbf, 0x4a, 0x92, 0x99, 0x04, 0x79, 0x0b, 0xf2, 0xa7, 0x8c, 0x5b, 0xb4,

-	0xa7, 0x73, 0x3d, 0xa7, 0x62, 0xcb, 0x50, 0xb2, 0x30, 0x41, 0xd1, 0xaf, 0xe1, 0x95, 0x68, 0xb7,

-	0x7a, 0x9c, 0x9e, 0x52, 0x4e, 0x3d, 0xb9, 0xe5, 0x86, 0x5a, 0xf6, 0x9d, 0xe7, 0x6f, 0xb9, 0x46,

-	0xeb, 0x52, 0x8b, 0xf8, 0xcd, 0x0f, 0x41, 0x23, 0x07, 0x19, 0x1e, 0x1e, 0x70, 0xf5, 0xf7, 0x49,

-	0x99, 0x67, 0x37, 0x10, 0x68, 0x07, 0x8c, 0x78, 0x79, 0xc7, 0x56, 0x01, 0x97, 0x6b, 0xac, 0x5f,

-	0x5f, 0x6d, 0x41, 0x84, 0x6d, 0x37, 0x65, 0x05, 0xd6, 0x63, 0x1b, 0xb5, 0xa0, 0x10, 0x13, 0x64,

-	0x13, 0xa4, 0xdb, 0x84, 0xca, 0xf3, 0x2c, 0x3d, 0x9e, 0xf8, 0x14, 0xe7, 0xf9, 0xcc, 0xac, 0xfa,

-	0x2b, 0x40, 0xcf, 0x06, 0x20, 0x42, 0x90, 0x3a, 0x73, 0x3c, 0x6d, 0x06, 0x56, 0x63, 0x54, 0x83,

-	0x8c, 0x4f, 0x26, 0x2e, 0x23, 0xb6, 0x8e, 0xc3, 0xbb, 0xb5, 0xb0, 0x3d, 0xaa, 0x45, 0xed, 0x51,

-	0xad, 0xee, 0x4d, 0x70, 0x04, 0xaa, 0x3e, 0x80, 0x57, 0x17, 0xe6, 0x19, 0xda, 0x85, 0x7c, 0x9c,

-	0x23, 0x53, 0x5f, 0xef, 0x5c, 0x5f, 0x6d, 0x19, 0x71, 0x32, 0xb5, 0x9b, 0xd8, 0x88, 0x41, 0x6d,

-	0xbb, 0x7a, 0x51, 0x80, 0xc2, 0x5c, 0xa6, 0xa1, 0xbb, 0xb0, 0xe6, 0x8c, 0xc8, 0x80, 0x6a, 0x1b,

-	0xc3, 0x09, 0x6a, 0x41, 0xda, 0x25, 0x7d, 0xea, 0xca, 0x5c, 0x91, 0x07, 0xf7, 0xff, 0xb7, 0xa6,

-	0x6c, 0xed, 0xa1, 0xc2, 0xb7, 0x3c, 0xc1, 0x27, 0x58, 0x93, 0x91, 0x09, 0x19, 0x8b, 0x8d, 0x46,

-	0xc4, 0x93, 0x97, 0xe4, 0xea, 0x76, 0x0e, 0x47, 0x53, 0xb9, 0x33, 0x84, 0x0f, 0x02, 0x33, 0xa5,

-	0xc4, 0x6a, 0x2c, 0x6b, 0xe4, 0x90, 0x05, 0xc2, 0x23, 0x23, 0x6a, 0xae, 0x2b, 0x6b, 0xe2, 0x39,

-	0x2a, 0xc2, 0x2a, 0xf5, 0xce, 0xcd, 0x35, 0x05, 0x97, 0x43, 0x29, 0xb1, 0x9d, 0x30, 0x11, 0x72,

-	0x58, 0x0e, 0xa5, 0xce, 0x71, 0x40, 0xb9, 0x99, 0x09, 0x77, 0x5b, 0x8e, 0xd1, 0x6b, 0x90, 0x1e,

-	0x70, 0x36, 0xf6, 0xc3, 0x08, 0xcc, 0x61, 0x3d, 0x93, 0xf7, 0x9d, 0xcf, 0x9d, 0x73, 0xc7, 0xa5,

-	0x03, 0x1a, 0x98, 0xaf, 0xa9, 0x83, 0x28, 0x2f, 0xcc, 0xc5, 0x18, 0x85, 0x67, 0x18, 0xa8, 0x06,

-	0x29, 0xc7, 0x73, 0x84, 0xf9, 0xba, 0xce, 0xc3, 0x9b, 0x47, 0xd8, 0x60, 0xcc, 0x3d, 0x21, 0xee,

-	0x98, 0x62, 0x85, 0x43, 0x9b, 0xb0, 0x2a, 0xc4, 0xc4, 0x2c, 0x54, 0x92, 0xdb, 0xd9, 0x46, 0xe6,

-	0xfa, 0x6a, 0x6b, 0xf5, 0xf8, 0xf8, 0x31, 0x96, 0x32, 0xf4, 0x26, 0x00, 0xf3, 0xa9, 0xd7, 0x0b,

-	0x84, 0xed, 0x78, 0x26, 0x92, 0x08, 0x9c, 0x93, 0x92, 0xae, 0x14, 0xa0, 0x7b, 0xb2, 0x72, 0x11,

-	0xbb, 0xc7, 0x3c, 0x77, 0x62, 0xbe, 0xa2, 0xbe, 0x66, 0xa5, 0xe0, 0xc8, 0x73, 0x27, 0x68, 0x0b,

-	0x8c, 0x40, 0x30, 0xbf, 0x17, 0x38, 0x03, 0x8f, 0xb8, 0xe6, 0x5d, 0xe5, 0x39, 0x48, 0x51, 0x57,

-	0x49, 0xd0, 0x4f, 0x20, 0x3d, 0x62, 0x63, 0x4f, 0x04, 0x66, 0x56, 0x1d, 0xe4, 0xe6, 0x22, 0x1f,

-	0x1f, 0x49, 0x84, 0xce, 0x3a, 0x0d, 0x47, 0x2d, 0xd8, 0x50, 0x9a, 0x07, 0x9c, 0x58, 0xb4, 0xe7,

-	0x53, 0xee, 0x30, 0x5b, 0xdf, 0xcf, 0x9b, 0xcf, 0x78, 0xdb, 0xd4, 0x4f, 0x01, 0x7c, 0x47, 0x72,

-	0xf6, 0x25, 0xa5, 0xa3, 0x18, 0xa8, 0x03, 0x79, 0x7f, 0xec, 0xba, 0x3d, 0xe6, 0x87, 0xb7, 0x51,

-	0x58, 0xc0, 0x5f, 0x20, 0x9c, 0x3a, 0x63, 0xd7, 0x3d, 0x0a, 0x49, 0xd8, 0xf0, 0xa7, 0x13, 0xf4,

-	0x39, 0x64, 0x02, 0x6a, 0x71, 0x2a, 0x02, 0x33, 0xaf, 0x5c, 0x7a, 0x7b, 0x91, 0xb2, 0xae, 0x82,

-	0xc4, 0x75, 0x01, 0x47, 0x1c, 0x49, 0xb7, 0x54, 0x59, 0x0b, 0xcc, 0x57, 0x97, 0xd3, 0x75, 0xe5,

-	0x9b, 0xd2, 0x35, 0x47, 0xa6, 0x8b, 0x8c, 0xc9, 0xc0, 0xdc, 0x50, 0xe1, 0x14, 0x4e, 0xd0, 0x63,

-	0x00, 0xdb, 0x0b, 0x7a, 0x21, 0xc8, 0xbc, 0xa3, 0x7c, 0xfc, 0xe0, 0x76, 0x1f, 0x9b, 0x87, 0x5d,

-	0xdd, 0x87, 0x14, 0xae, 0xaf, 0xb6, 0x72, 0xf1, 0x14, 0xe7, 0x6c, 0x2f, 0x08, 0x87, 0xa8, 0x01,

-	0xc6, 0x90, 0x12, 0x57, 0x0c, 0xad, 0x21, 0xb5, 0xce, 0xcc, 0xe2, 0xf2, 0xb6, 0xe4, 0x40, 0xc1,

-	0xb4, 0x86, 0x59, 0x12, 0x6a, 0x43, 0xce, 0x09, 0x98, 0xab, 0x8e, 0xc8, 0x34, 0x55, 0x7d, 0x7b,

-	0x01, 0xeb, 0xda, 0x11, 0x05, 0x4f, 0xd9, 0xe8, 0x0d, 0xc8, 0xf9, 0x8e, 0x1d, 0x3c, 0x74, 0x46,

-	0x8e, 0x30, 0x37, 0x2b, 0xc9, 0xed, 0x55, 0x3c, 0x15, 0xa0, 0x03, 0xc8, 0x04, 0x93, 0xc0, 0x12,

-	0x6e, 0x60, 0x96, 0xd4, 0xe6, 0xd6, 0x6e, 0x5f, 0xa6, 0x1b, 0x12, 0xc2, 0xc2, 0x11, 0xd1, 0x51,

-	0x15, 0xf2, 0x16, 0xf1, 0xc3, 0xb7, 0x80, 0x43, 0x03, 0xf3, 0x9e, 0xda, 0xee, 0x39, 0x59, 0xe9,

-	0x13, 0x30, 0x66, 0x8a, 0x8e, 0x2c, 0x08, 0x67, 0x74, 0xa2, 0xeb, 0x98, 0x1c, 0xca, 0xc3, 0x3a,

-	0x97, 0x39, 0xa8, 0x0a, 0x6d, 0x0e, 0x87, 0x93, 0x4f, 0x57, 0x3e, 0x4e, 0x96, 0x76, 0xc1, 0x98,

-	0x09, 0x30, 0xf4, 0xb6, 0xbc, 0x04, 0x06, 0x4e, 0x20, 0xf8, 0xa4, 0x47, 0xc6, 0x62, 0x68, 0xfe,

-	0x42, 0x11, 0xf2, 0x91, 0xb0, 0x3e, 0x16, 0xc3, 0x52, 0x0f, 0xa6, 0x27, 0x84, 0x2a, 0x60, 0xc8,

-	0xba, 0x14, 0x50, 0x7e, 0x4e, 0xb9, 0x6c, 0xe9, 0xa4, 0x79, 0xb3, 0x22, 0x59, 0x79, 0x02, 0x4a,

-	0xb8, 0x35, 0x54, 0x25, 0x34, 0x87, 0xf5, 0x4c, 0xd6, 0xc4, 0x28, 0x19, 0x74, 0x4d, 0xd4, 0xd3,

-	0xd2, 0xa7, 0x90, 0x9f, 0xdd, 0x8c, 0xff, 0xc4, 0xa1, 0xea, 0x5f, 0x93, 0x90, 0x8b, 0x0f, 0x0c,

-	0x7d, 0x08, 0x1b, 0xed, 0xee, 0xd1, 0xc3, 0xfa, 0x71, 0xfb, 0xe8, 0xb0, 0xd7, 0x6c, 0x7d, 0x51,

-	0xff, 0xea, 0xe1, 0x71, 0x31, 0x51, 0x7a, 0xf3, 0xe2, 0xb2, 0xb2, 0x39, 0xbd, 0x1b, 0x22, 0x78,

-	0x93, 0x9e, 0x92, 0xb1, 0x2b, 0xe6, 0x59, 0x1d, 0x7c, 0xb4, 0xd7, 0xea, 0x76, 0x8b, 0xc9, 0x65,

-	0xac, 0x0e, 0x67, 0x16, 0x0d, 0x02, 0xb4, 0x0b, 0xc5, 0x29, 0xeb, 0xe0, 0x71, 0xa7, 0x85, 0x4f,

-	0x8a, 0x2b, 0xa5, 0x37, 0x2e, 0x2e, 0x2b, 0xe6, 0xb3, 0xa4, 0x83, 0x89, 0x4f, 0xf9, 0x89, 0x7e,

-	0xd6, 0xfd, 0x23, 0x09, 0xf9, 0xd9, 0x5e, 0x1a, 0xed, 0x85, 0x1d, 0xb4, 0xf2, 0x78, 0x7d, 0x77,

-	0xe7, 0xb6, 0xde, 0x5b, 0xdd, 0xc7, 0xee, 0x58, 0xea, 0x7d, 0x24, 0x1f, 0xf0, 0x8a, 0x8c, 0x3e,

-	0x84, 0x35, 0x9f, 0x71, 0x11, 0xdd, 0x5c, 0x8b, 0x8b, 0x3a, 0xe3, 0x51, 0x73, 0x13, 0x82, 0xab,

-	0x43, 0x58, 0x9f, 0xd7, 0x86, 0xee, 0xc3, 0xea, 0x49, 0xbb, 0x53, 0x4c, 0x94, 0xee, 0x5d, 0x5c,

-	0x56, 0x5e, 0x9f, 0xff, 0x78, 0xe2, 0x70, 0x31, 0x26, 0x6e, 0xbb, 0x83, 0xde, 0x87, 0xb5, 0xe6,

-	0x61, 0x17, 0xe3, 0x62, 0xb2, 0xb4, 0x75, 0x71, 0x59, 0xb9, 0x37, 0x8f, 0x93, 0x9f, 0xd8, 0xd8,

-	0xb3, 0x31, 0xeb, 0xc7, 0x8f, 0xd9, 0x7f, 0xae, 0x80, 0xa1, 0x2f, 0xf4, 0x97, 0xfd, 0xbf, 0xa3,

-	0x10, 0x36, 0x87, 0x51, 0x1d, 0x5a, 0xb9, 0xb5, 0x47, 0xcc, 0x87, 0x04, 0x1d, 0xd3, 0x6f, 0x41,

-	0xde, 0xf1, 0xcf, 0x3f, 0xea, 0x51, 0x8f, 0xf4, 0x5d, 0xfd, 0xae, 0xcd, 0x62, 0x43, 0xca, 0x5a,

-	0xa1, 0x48, 0x5e, 0xd1, 0x8e, 0x27, 0x28, 0xf7, 0xf4, 0x8b, 0x35, 0x8b, 0xe3, 0x39, 0xfa, 0x1c,

-	0x52, 0x8e, 0x4f, 0x46, 0xba, 0xb1, 0x5d, 0xe8, 0x41, 0xbb, 0x53, 0x7f, 0xa4, 0x73, 0xae, 0x91,

-	0xbd, 0xbe, 0xda, 0x4a, 0x49, 0x01, 0x56, 0x34, 0x54, 0x8e, 0x5e, 0x1d, 0x72, 0x25, 0x75, 0xad,

-	0x67, 0xf1, 0x8c, 0x44, 0xe6, 0x8d, 0xe3, 0x0d, 0x38, 0x0d, 0x02, 0x75, 0xc1, 0x67, 0x71, 0x34,

-	0x45, 0x25, 0xc8, 0xe8, 0x0e, 0x55, 0x3d, 0x56, 0x72, 0xb2, 0xef, 0xd7, 0x82, 0x46, 0x01, 0x8c,

-	0x70, 0x37, 0x7a, 0xa7, 0x9c, 0x8d, 0xaa, 0xff, 0x4a, 0x81, 0xb1, 0xe7, 0x8e, 0x03, 0xa1, 0xbb,

-	0x9f, 0x97, 0xb6, 0xf9, 0x8f, 0x61, 0x83, 0xa8, 0xff, 0x27, 0xc4, 0x93, 0xd7, 0xa5, 0x6a, 0xfc,

-	0xf5, 0x01, 0xdc, 0x5f, 0xa8, 0x2e, 0x06, 0x87, 0x8f, 0x84, 0x46, 0x5a, 0xea, 0x34, 0x93, 0xb8,

-	0x48, 0x6e, 0x7c, 0x41, 0x5d, 0x28, 0x30, 0x6e, 0x0d, 0x69, 0x20, 0xc2, 0x4b, 0x56, 0xff, 0x6f,

-	0x58, 0xf8, 0x27, 0xea, 0x68, 0x16, 0xa8, 0xef, 0x96, 0xd0, 0xda, 0x79, 0x1d, 0xe8, 0x63, 0x48,

-	0x71, 0x72, 0x1a, 0x3d, 0x62, 0x16, 0x26, 0x09, 0x26, 0xa7, 0x62, 0x4e, 0x85, 0x62, 0xa0, 0x2f,

-	0x01, 0x6c, 0x27, 0xf0, 0x89, 0xb0, 0x86, 0x94, 0xeb, 0xc3, 0x5e, 0xe8, 0x62, 0x33, 0x46, 0xcd,

-	0x69, 0x99, 0x61, 0xa3, 0x07, 0x90, 0xb3, 0x48, 0x14, 0xae, 0xe9, 0xe5, 0x3f, 0x61, 0xf6, 0xea,

-	0x5a, 0x45, 0x51, 0xaa, 0xb8, 0xbe, 0xda, 0xca, 0x46, 0x12, 0x9c, 0xb5, 0x88, 0x0e, 0xdf, 0x07,

-	0x50, 0x10, 0x24, 0x38, 0xeb, 0xd9, 0x61, 0x39, 0x0b, 0xc3, 0x64, 0xc9, 0x5d, 0x29, 0xdf, 0xba,

-	0xba, 0xec, 0x45, 0xc7, 0x99, 0x17, 0x33, 0x32, 0xf4, 0x4b, 0xd8, 0xa0, 0x9e, 0xc5, 0x27, 0x2a,

-	0x58, 0x23, 0x0b, 0xb3, 0xcb, 0x9d, 0x6d, 0xc5, 0xe0, 0x39, 0x67, 0x8b, 0xf4, 0x86, 0xbc, 0xfa,

-	0xb7, 0x24, 0x40, 0xd8, 0x9c, 0xbc, 0xdc, 0x00, 0x44, 0x90, 0xb2, 0x89, 0x20, 0x2a, 0xe6, 0xf2,

-	0x58, 0x8d, 0xd1, 0xa7, 0x00, 0x82, 0x8e, 0x7c, 0x59, 0x7a, 0xbd, 0x81, 0x0e, 0x9b, 0xe7, 0x95,

-	0x83, 0x19, 0x34, 0xda, 0x85, 0xb4, 0x7e, 0x6a, 0xa6, 0x6e, 0xe5, 0x69, 0x64, 0xf5, 0x4f, 0x49,

-	0x80, 0xd0, 0xcd, 0xff, 0x69, 0xdf, 0x1a, 0xf7, 0x9f, 0xfc, 0x50, 0x4e, 0x7c, 0xff, 0x43, 0x39,

-	0xf1, 0xbb, 0xeb, 0x72, 0xf2, 0xc9, 0x75, 0x39, 0xf9, 0xdd, 0x75, 0x39, 0xf9, 0xf7, 0xeb, 0x72,

-	0xf2, 0x0f, 0x4f, 0xcb, 0x89, 0xef, 0x9e, 0x96, 0x13, 0xdf, 0x3f, 0x2d, 0x27, 0xfa, 0x69, 0xd5,

-	0xde, 0xfe, 0xf8, 0xdf, 0x01, 0x00, 0x00, 0xff, 0xff, 0x91, 0x6d, 0x50, 0x31, 0x7b, 0x17, 0x00,

-	0x00,

+	// 2311 bytes of a gzipped FileDescriptorProto

+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xcc, 0x58, 0x4d, 0x73, 0x1b, 0xc7,

+	0xd1, 0x06, 0x48, 0x10, 0x1f, 0xbd, 0x00, 0x05, 0x8e, 0x65, 0x7b, 0x09, 0xc9, 0x20, 0x0c, 0xcb,

+	0x36, 0x6d, 0xd7, 0x0b, 0xd6, 0xcb, 0xb8, 0x1c, 0x7f, 0xc4, 0x49, 0x00, 0x02, 0x96, 0x60, 0x49,

+	0x14, 0x6a, 0x40, 0x2b, 0x51, 0x55, 0xaa, 0x50, 0x83, 0xdd, 0x21, 0xb0, 0xe1, 0x62, 0x67, 0x33,

+	0x3b, 0xa0, 0x8d, 0x5b, 0x8e, 0x2e, 0xe6, 0x92, 0x3f, 0xc0, 0x53, 0x2a, 0xa7, 0x5c, 0x92, 0x4b,

+	0x7e, 0x83, 0x8f, 0x3e, 0x3a, 0x17, 0x56, 0x4c, 0xff, 0x84, 0xdc, 0x72, 0x49, 0x6a, 0x66, 0x67,

+	0x17, 0x0b, 0x0a, 0x10, 0x95, 0x8a, 0x0e, 0xb9, 0xcd, 0xf4, 0x3e, 0x4f, 0x4f, 0xf7, 0x4c, 0x77,

+	0x4f, 0xcf, 0xc2, 0xbb, 0x23, 0x47, 0x8c, 0xa7, 0xc3, 0x86, 0xc5, 0x26, 0x7b, 0x36, 0xb3, 0x4e,

+	0x28, 0xdf, 0x0b, 0xbe, 0x24, 0x7c, 0x72, 0xe2, 0x88, 0x3d, 0xe2, 0x3b, 0x7b, 0x81, 0x4f, 0xad,

+	0xa0, 0xe1, 0x73, 0x26, 0x18, 0x42, 0x21, 0xa0, 0x11, 0x01, 0x1a, 0xa7, 0xff, 0x5f, 0xb9, 0x8e,

+	0x2f, 0x66, 0x3e, 0xd5, 0xfc, 0xca, 0xcd, 0x11, 0x1b, 0x31, 0x35, 0xdc, 0x93, 0x23, 0x2d, 0xad,

+	0x8e, 0x18, 0x1b, 0xb9, 0x74, 0x4f, 0xcd, 0x86, 0xd3, 0xe3, 0x3d, 0x7b, 0xca, 0x89, 0x70, 0x98,

+	0xa7, 0xbf, 0x6f, 0x5f, 0xfd, 0x4e, 0xbc, 0xd9, 0x2a, 0xea, 0x97, 0x9c, 0xf8, 0x3e, 0xe5, 0x7a,

+	0xc1, 0xfa, 0x79, 0x06, 0xf2, 0x87, 0xcc, 0xa6, 0x7d, 0x9f, 0x5a, 0xe8, 0x2e, 0x18, 0xc4, 0xf3,

+	0x98, 0x50, 0xba, 0x03, 0x33, 0x5d, 0x4b, 0xef, 0x1a, 0xfb, 0x3b, 0x8d, 0xa7, 0x7d, 0x6a, 0x34,

+	0xe7, 0xb0, 0x56, 0xe6, 0x9b, 0x8b, 0x9d, 0x14, 0x4e, 0x32, 0xd1, 0xcf, 0xa0, 0x68, 0xd3, 0xc0,

+	0xe1, 0xd4, 0x1e, 0x70, 0xe6, 0x52, 0x73, 0xad, 0x96, 0xde, 0xdd, 0xdc, 0xbf, 0xbd, 0x4c, 0x93,

+	0x5c, 0x1c, 0x33, 0x97, 0x62, 0x43, 0x33, 0xe4, 0x04, 0xdd, 0x05, 0x98, 0xd0, 0xc9, 0x90, 0xf2,

+	0x60, 0xec, 0xf8, 0xe6, 0xba, 0xa2, 0xbf, 0xbd, 0x8a, 0x2e, 0x6d, 0x6f, 0x3c, 0x8c, 0xe1, 0x38,

+	0x41, 0x45, 0x0f, 0xa1, 0x48, 0x4e, 0x89, 0xe3, 0x92, 0xa1, 0xe3, 0x3a, 0x62, 0x66, 0x66, 0x94,

+	0xaa, 0x77, 0x9e, 0xa9, 0xaa, 0x99, 0x20, 0xe0, 0x05, 0x7a, 0xdd, 0x06, 0x98, 0x2f, 0x84, 0xde,

+	0x82, 0x5c, 0xaf, 0x73, 0xd8, 0xee, 0x1e, 0xde, 0x2d, 0xa7, 0x2a, 0xdb, 0x67, 0xe7, 0xb5, 0x97,

+	0xa5, 0x8e, 0x39, 0xa0, 0x47, 0x3d, 0xdb, 0xf1, 0x46, 0x68, 0x17, 0xf2, 0xcd, 0x83, 0x83, 0x4e,

+	0xef, 0xa8, 0xd3, 0x2e, 0xa7, 0x2b, 0x95, 0xb3, 0xf3, 0xda, 0x2b, 0x8b, 0xc0, 0xa6, 0x65, 0x51,

+	0x5f, 0x50, 0xbb, 0x92, 0xf9, 0xfa, 0x0f, 0xd5, 0x54, 0xfd, 0xeb, 0x34, 0x14, 0x93, 0x46, 0xa0,

+	0xb7, 0x20, 0xdb, 0x3c, 0x38, 0xea, 0x3e, 0xee, 0x94, 0x53, 0x73, 0x7a, 0x12, 0xd1, 0xb4, 0x84,

+	0x73, 0x4a, 0xd1, 0x1d, 0xd8, 0xe8, 0x35, 0xbf, 0xe8, 0x77, 0xca, 0xe9, 0xb9, 0x39, 0x49, 0x58,

+	0x8f, 0x4c, 0x03, 0x85, 0x6a, 0xe3, 0x66, 0xf7, 0xb0, 0xbc, 0xb6, 0x1c, 0xd5, 0xe6, 0xc4, 0xf1,

+	0xb4, 0x29, 0x7f, 0xda, 0x00, 0xa3, 0x4f, 0xf9, 0xa9, 0x63, 0xbd, 0xe0, 0x10, 0xf9, 0x00, 0x32,

+	0x82, 0x04, 0x27, 0x2a, 0x34, 0x8c, 0xe5, 0xa1, 0x71, 0x44, 0x82, 0x13, 0xb9, 0xa8, 0xa6, 0x2b,

+	0xbc, 0x8c, 0x0c, 0x4e, 0x7d, 0xd7, 0xb1, 0x88, 0xa0, 0xb6, 0x8a, 0x0c, 0x63, 0xff, 0xcd, 0x65,

+	0x6c, 0x1c, 0xa3, 0xb4, 0xfd, 0xf7, 0x52, 0x38, 0x41, 0x45, 0x9f, 0x40, 0x76, 0xe4, 0xb2, 0x21,

+	0x71, 0x55, 0x4c, 0x18, 0xfb, 0xaf, 0x2f, 0x53, 0x72, 0x57, 0x21, 0xe6, 0x0a, 0x34, 0x05, 0x7d,

+	0x0e, 0x9b, 0x73, 0x55, 0x83, 0x5f, 0xb3, 0xa1, 0x09, 0xab, 0x95, 0xcc, 0x2d, 0xf9, 0x9c, 0x0d,

+	0xef, 0xa5, 0x70, 0x89, 0x27, 0x05, 0xe8, 0xa7, 0x00, 0xa1, 0x56, 0xa5, 0xc7, 0x50, 0x7a, 0x5e,

+	0x5b, 0x6d, 0x4c, 0xa8, 0xa3, 0x30, 0x8a, 0x26, 0xe8, 0x43, 0xc8, 0x4e, 0x7d, 0x9b, 0x08, 0x6a,

+	0x66, 0x15, 0xb7, 0xb6, 0x8c, 0xfb, 0x85, 0x42, 0x1c, 0x30, 0xef, 0xd8, 0x19, 0x61, 0x8d, 0x47,

+	0x3f, 0x81, 0x3c, 0x67, 0xae, 0x3b, 0x24, 0xd6, 0x89, 0x59, 0x78, 0x4e, 0x6e, 0xcc, 0x40, 0xf7,

+	0x21, 0xef, 0x51, 0xf1, 0x25, 0xe3, 0x27, 0x81, 0x99, 0xab, 0xad, 0xef, 0x1a, 0xfb, 0xef, 0x2d,

+	0x4d, 0xab, 0x10, 0xd3, 0x14, 0x82, 0x58, 0xe3, 0x09, 0xf5, 0x44, 0xa8, 0xa8, 0xb5, 0x66, 0xa6,

+	0x71, 0xac, 0x40, 0x9a, 0x42, 0x3d, 0xdb, 0x67, 0x8e, 0x27, 0xcc, 0xfc, 0x6a, 0x53, 0x3a, 0x1a,

+	0x23, 0xc3, 0x02, 0xc7, 0x8c, 0x56, 0x16, 0x32, 0x13, 0x66, 0xd3, 0xfa, 0x1e, 0x6c, 0x3d, 0x75,

+	0xec, 0xa8, 0x02, 0x79, 0xbd, 0xe1, 0x61, 0xbc, 0x66, 0x70, 0x3c, 0xaf, 0xdf, 0x80, 0xd2, 0xc2,

+	0x11, 0xd7, 0x2d, 0x28, 0x2d, 0x1c, 0x17, 0x7a, 0x13, 0x36, 0x27, 0xe4, 0xab, 0x81, 0xc5, 0x3c,

+	0x6b, 0xca, 0x39, 0xf5, 0x84, 0xd6, 0x51, 0x9a, 0x90, 0xaf, 0x0e, 0x62, 0x21, 0x7a, 0x0f, 0xb6,

+	0x04, 0x13, 0xc4, 0x1d, 0x58, 0x6c, 0xe2, 0xbb, 0x34, 0xcc, 0x8e, 0x35, 0x85, 0x2c, 0xab, 0x0f,

+	0x07, 0x73, 0x79, 0xdd, 0x80, 0x42, 0x7c, 0x96, 0xf5, 0x3f, 0x6f, 0x40, 0x3e, 0x8a, 0x74, 0x74,

+	0x1f, 0x80, 0xc4, 0x1b, 0xa5, 0x37, 0xe2, 0x9d, 0xe7, 0xda, 0x55, 0x49, 0x97, 0x11, 0x3e, 0xa7,

+	0xa3, 0x26, 0x14, 0x2c, 0xe6, 0x09, 0xe2, 0x78, 0x94, 0xeb, 0x4c, 0x5d, 0x1a, 0x9f, 0x07, 0x11,

+	0x48, 0xeb, 0x98, 0xb3, 0x50, 0x0b, 0x72, 0x23, 0xea, 0x51, 0xee, 0x58, 0x3a, 0xc0, 0xdf, 0x5a,

+	0x1a, 0x98, 0x21, 0x04, 0x4f, 0x3d, 0xe1, 0x4c, 0xa8, 0xd6, 0x12, 0x11, 0xd1, 0x67, 0x50, 0xe0,

+	0x34, 0x60, 0x53, 0x6e, 0xd1, 0x40, 0xa7, 0xfb, 0xee, 0xf2, 0x34, 0x09, 0x41, 0x98, 0xfe, 0x66,

+	0xea, 0x70, 0x2a, 0x5d, 0x08, 0xf0, 0x9c, 0x8a, 0x3e, 0x81, 0x1c, 0xa7, 0x81, 0x20, 0x5c, 0x3c,

+	0x2b, 0x63, 0x71, 0x08, 0xe9, 0x31, 0xd7, 0xb1, 0x66, 0x38, 0x62, 0xa0, 0x4f, 0xa0, 0xe0, 0xbb,

+	0xc4, 0x52, 0x5a, 0xcd, 0x8d, 0xd5, 0x39, 0xd6, 0x8b, 0x40, 0x78, 0x8e, 0x47, 0x1f, 0x01, 0xb8,

+	0x6c, 0x34, 0xb0, 0xb9, 0x73, 0x4a, 0xb9, 0xce, 0xb2, 0xca, 0x32, 0x76, 0x5b, 0x21, 0x70, 0xc1,

+	0x65, 0xa3, 0x70, 0x88, 0xee, 0xfe, 0x57, 0x49, 0x92, 0x48, 0x90, 0xd7, 0xa1, 0x78, 0xcc, 0xb8,

+	0x45, 0x07, 0x3a, 0xd7, 0x0b, 0x2a, 0xb6, 0x0c, 0x25, 0x0b, 0x13, 0x14, 0xfd, 0x0a, 0x5e, 0x8a,

+	0x76, 0x6b, 0xc0, 0xe9, 0x31, 0xe5, 0xd4, 0x93, 0x5b, 0x6e, 0xa8, 0x65, 0xdf, 0x7c, 0xf6, 0x96,

+	0x6b, 0xb4, 0x2e, 0xb5, 0x88, 0x5f, 0xfd, 0x10, 0xb4, 0x0a, 0x90, 0xe3, 0xe1, 0x01, 0xd7, 0x7f,

+	0x97, 0x96, 0x79, 0x76, 0x05, 0x81, 0xf6, 0xc0, 0x88, 0x97, 0x77, 0x6c, 0x15, 0x70, 0x85, 0xd6,

+	0xe6, 0xe5, 0xc5, 0x0e, 0x44, 0xd8, 0x6e, 0x5b, 0x56, 0x60, 0x3d, 0xb6, 0x51, 0x07, 0x4a, 0x31,

+	0x41, 0x36, 0x41, 0xba, 0x4d, 0xa8, 0x3d, 0xcb, 0xd2, 0xa3, 0x99, 0x4f, 0x71, 0x91, 0x27, 0x66,

+	0xf5, 0x5f, 0x02, 0x7a, 0x3a, 0x00, 0x11, 0x82, 0xcc, 0x89, 0xe3, 0x69, 0x33, 0xb0, 0x1a, 0xa3,

+	0x06, 0xe4, 0x7c, 0x32, 0x73, 0x19, 0xb1, 0x75, 0x1c, 0xde, 0x6c, 0x84, 0xed, 0x51, 0x23, 0x6a,

+	0x8f, 0x1a, 0x4d, 0x6f, 0x86, 0x23, 0x50, 0xfd, 0x3e, 0xbc, 0xbc, 0x34, 0xcf, 0xd0, 0x3e, 0x14,

+	0xe3, 0x1c, 0x99, 0xfb, 0x7a, 0xe3, 0xf2, 0x62, 0xc7, 0x88, 0x93, 0xa9, 0xdb, 0xc6, 0x46, 0x0c,

+	0xea, 0xda, 0xf5, 0xbf, 0x96, 0xa0, 0xb4, 0x90, 0x69, 0xe8, 0x26, 0x6c, 0x38, 0x13, 0x32, 0xa2,

+	0xda, 0xc6, 0x70, 0x82, 0x3a, 0x90, 0x75, 0xc9, 0x90, 0xba, 0x32, 0x57, 0xe4, 0xc1, 0xfd, 0xdf,

+	0xb5, 0x29, 0xdb, 0x78, 0xa0, 0xf0, 0x1d, 0x4f, 0xf0, 0x19, 0xd6, 0x64, 0x64, 0x42, 0xce, 0x62,

+	0x93, 0x09, 0xf1, 0xe4, 0x25, 0xb9, 0xbe, 0x5b, 0xc0, 0xd1, 0x54, 0xee, 0x0c, 0xe1, 0xa3, 0xc0,

+	0xcc, 0x28, 0xb1, 0x1a, 0xcb, 0x1a, 0x39, 0x66, 0x81, 0xf0, 0xc8, 0x84, 0x9a, 0x9b, 0xca, 0x9a,

+	0x78, 0x8e, 0xca, 0xb0, 0x4e, 0xbd, 0x53, 0x73, 0x43, 0xc1, 0xe5, 0x50, 0x4a, 0x6c, 0x27, 0x4c,

+	0x84, 0x02, 0x96, 0x43, 0xa9, 0x73, 0x1a, 0x50, 0x6e, 0xe6, 0xc2, 0xdd, 0x96, 0x63, 0xf4, 0x0a,

+	0x64, 0x47, 0x9c, 0x4d, 0xfd, 0x30, 0x02, 0x0b, 0x58, 0xcf, 0xe4, 0x7d, 0xe7, 0x73, 0xe7, 0xd4,

+	0x71, 0xe9, 0x88, 0x06, 0xe6, 0x2b, 0xea, 0x20, 0xaa, 0x4b, 0x73, 0x31, 0x46, 0xe1, 0x04, 0x03,

+	0x35, 0x20, 0xe3, 0x78, 0x8e, 0x30, 0x5f, 0xd5, 0x79, 0x78, 0xf5, 0x08, 0x5b, 0x8c, 0xb9, 0x8f,

+	0x89, 0x3b, 0xa5, 0x58, 0xe1, 0xd0, 0x36, 0xac, 0x0b, 0x31, 0x33, 0x4b, 0xb5, 0xf4, 0x6e, 0xbe,

+	0x95, 0xbb, 0xbc, 0xd8, 0x59, 0x3f, 0x3a, 0x7a, 0x82, 0xa5, 0x0c, 0xbd, 0x06, 0xc0, 0x7c, 0xea,

+	0x0d, 0x02, 0x61, 0x3b, 0x9e, 0x89, 0x24, 0x02, 0x17, 0xa4, 0xa4, 0x2f, 0x05, 0xe8, 0x96, 0xac,

+	0x5c, 0xc4, 0x1e, 0x30, 0xcf, 0x9d, 0x99, 0x2f, 0xa9, 0xaf, 0x79, 0x29, 0x78, 0xe4, 0xb9, 0x33,

+	0xb4, 0x03, 0x46, 0x20, 0x98, 0x3f, 0x08, 0x9c, 0x91, 0x47, 0x5c, 0xf3, 0xa6, 0xf2, 0x1c, 0xa4,

+	0xa8, 0xaf, 0x24, 0xe8, 0xc7, 0x90, 0x9d, 0xb0, 0xa9, 0x27, 0x02, 0x33, 0xaf, 0x0e, 0x72, 0x7b,

+	0x99, 0x8f, 0x0f, 0x25, 0x42, 0x67, 0x9d, 0x86, 0xa3, 0x0e, 0x6c, 0x29, 0xcd, 0x23, 0x4e, 0x2c,

+	0x3a, 0xf0, 0x29, 0x77, 0x98, 0xad, 0xef, 0xe7, 0xed, 0xa7, 0xbc, 0x6d, 0xeb, 0xa7, 0x00, 0xbe,

+	0x21, 0x39, 0x77, 0x25, 0xa5, 0xa7, 0x18, 0xa8, 0x07, 0x45, 0x7f, 0xea, 0xba, 0x03, 0xe6, 0x87,

+	0xb7, 0x51, 0x58, 0xc0, 0x9f, 0x23, 0x9c, 0x7a, 0x53, 0xd7, 0x7d, 0x14, 0x92, 0xb0, 0xe1, 0xcf,

+	0x27, 0xe8, 0x53, 0xc8, 0x05, 0xd4, 0xe2, 0x54, 0x04, 0x66, 0x51, 0xb9, 0xf4, 0xc6, 0x32, 0x65,

+	0x7d, 0x05, 0x89, 0xeb, 0x02, 0x8e, 0x38, 0x92, 0x6e, 0xa9, 0xb2, 0x16, 0x98, 0x2f, 0xaf, 0xa6,

+	0xeb, 0xca, 0x37, 0xa7, 0x6b, 0x8e, 0x4c, 0x17, 0x19, 0x93, 0x81, 0xb9, 0xa5, 0xc2, 0x29, 0x9c,

+	0xa0, 0x27, 0x00, 0xb6, 0x17, 0x0c, 0x42, 0x90, 0x79, 0x43, 0xf9, 0xf8, 0xde, 0xf5, 0x3e, 0xb6,

+	0x0f, 0xfb, 0xba, 0x0f, 0x29, 0x5d, 0x5e, 0xec, 0x14, 0xe2, 0x29, 0x2e, 0xd8, 0x5e, 0x10, 0x0e,

+	0x51, 0x0b, 0x8c, 0x31, 0x25, 0xae, 0x18, 0x5b, 0x63, 0x6a, 0x9d, 0x98, 0xe5, 0xd5, 0x6d, 0xc9,

+	0x3d, 0x05, 0xd3, 0x1a, 0x92, 0x24, 0xd4, 0x85, 0x82, 0x13, 0x30, 0x57, 0x1d, 0x91, 0x69, 0xaa,

+	0xfa, 0xf6, 0x1c, 0xd6, 0x75, 0x23, 0x0a, 0x9e, 0xb3, 0xd1, 0x6d, 0x28, 0xf8, 0x8e, 0x1d, 0x3c,

+	0x70, 0x26, 0x8e, 0x30, 0xb7, 0x6b, 0xe9, 0xdd, 0x75, 0x3c, 0x17, 0xa0, 0x7b, 0x90, 0x0b, 0x66,

+	0x81, 0x25, 0xdc, 0xc0, 0xac, 0xa8, 0xcd, 0x6d, 0x5c, 0xbf, 0x4c, 0x3f, 0x24, 0x84, 0x85, 0x23,

+	0xa2, 0xcb, 0x8e, 0xc7, 0x22, 0xbe, 0x7e, 0x0b, 0x0c, 0x88, 0x6d, 0x9b, 0xb7, 0xd4, 0x86, 0x97,

+	0xe6, 0xd2, 0xa6, 0x6d, 0xa3, 0xb7, 0xe1, 0x46, 0x02, 0x66, 0x73, 0xe6, 0x9b, 0xb7, 0x15, 0x2e,

+	0xc1, 0x6e, 0x73, 0xe6, 0x57, 0x3e, 0x02, 0x23, 0x51, 0xa0, 0x64, 0xf1, 0x38, 0xa1, 0x33, 0x5d,

+	0xf3, 0xe4, 0x50, 0x1e, 0xec, 0xa9, 0xcc, 0x57, 0x55, 0x94, 0x0b, 0x38, 0x9c, 0x7c, 0xbc, 0xf6,

+	0x61, 0xba, 0xb2, 0x0f, 0x46, 0x22, 0x18, 0xd1, 0x1b, 0xf2, 0xc2, 0x18, 0x39, 0x81, 0xe0, 0xb3,

+	0x01, 0x99, 0x8a, 0xb1, 0xf9, 0x73, 0x45, 0x28, 0x46, 0xc2, 0xe6, 0x54, 0x8c, 0x2b, 0x03, 0x98,

+	0x9f, 0x26, 0xaa, 0x81, 0x21, 0x6b, 0x58, 0x40, 0xf9, 0x29, 0xe5, 0xb2, 0xfd, 0x93, 0x06, 0x26,

+	0x45, 0xb2, 0x4a, 0x05, 0x94, 0x70, 0x6b, 0xac, 0xca, 0x6d, 0x01, 0xeb, 0x99, 0xac, 0x9f, 0x51,

+	0xe2, 0xe8, 0xfa, 0xa9, 0xa7, 0x95, 0x8f, 0xa1, 0x98, 0xdc, 0xb8, 0xff, 0xc4, 0xa1, 0xfa, 0x5f,

+	0xd2, 0x50, 0x88, 0x0f, 0x17, 0xbd, 0x0f, 0x5b, 0xdd, 0xfe, 0xa3, 0x07, 0xcd, 0xa3, 0xee, 0xa3,

+	0xc3, 0x41, 0xbb, 0xf3, 0x59, 0xf3, 0x8b, 0x07, 0x47, 0xe5, 0x54, 0xe5, 0xb5, 0xb3, 0xf3, 0xda,

+	0xf6, 0xfc, 0x1e, 0x89, 0xe0, 0x6d, 0x7a, 0x4c, 0xa6, 0xae, 0x58, 0x64, 0xf5, 0xf0, 0xa3, 0x83,

+	0x4e, 0xbf, 0x5f, 0x4e, 0xaf, 0x62, 0xf5, 0x38, 0xb3, 0x68, 0x10, 0xa0, 0x7d, 0x28, 0xcf, 0x59,

+	0xf7, 0x9e, 0xf4, 0x3a, 0xf8, 0x71, 0x79, 0xad, 0x72, 0xfb, 0xec, 0xbc, 0x66, 0x3e, 0x4d, 0xba,

+	0x37, 0xf3, 0x29, 0x7f, 0xac, 0x9f, 0x80, 0xff, 0x48, 0x43, 0x31, 0xd9, 0x77, 0xa3, 0x83, 0xb0,

+	0xdb, 0x56, 0x1e, 0x6f, 0xee, 0xef, 0x5d, 0xd7, 0xa7, 0xab, 0xbb, 0xdb, 0x9d, 0x4a, 0xbd, 0x0f,

+	0xe5, 0x63, 0x5f, 0x91, 0xd1, 0xfb, 0xb0, 0xe1, 0x33, 0x2e, 0xa2, 0x5b, 0x6e, 0xf9, 0x05, 0xc0,

+	0x78, 0xd4, 0x08, 0x85, 0xe0, 0xfa, 0x18, 0x36, 0x17, 0xb5, 0xa1, 0x3b, 0xb0, 0xfe, 0xb8, 0xdb,

+	0x2b, 0xa7, 0x2a, 0xb7, 0xce, 0xce, 0x6b, 0xaf, 0x2e, 0x7e, 0x7c, 0xec, 0x70, 0x31, 0x25, 0x6e,

+	0xb7, 0x87, 0xde, 0x85, 0x8d, 0xf6, 0x61, 0x1f, 0xe3, 0x72, 0xba, 0xb2, 0x73, 0x76, 0x5e, 0xbb,

+	0xb5, 0x88, 0x93, 0x9f, 0xd8, 0xd4, 0xb3, 0x31, 0x1b, 0xc6, 0x0f, 0xdf, 0x7f, 0xae, 0x81, 0xa1,

+	0x2f, 0xff, 0x17, 0xfd, 0x6f, 0xa4, 0x14, 0x36, 0x92, 0x51, 0xcd, 0x5a, 0xbb, 0xb6, 0x9f, 0x2c,

+	0x86, 0x04, 0x1d, 0xd3, 0xaf, 0x43, 0xd1, 0xf1, 0x4f, 0x3f, 0x18, 0x50, 0x8f, 0x0c, 0x5d, 0xfd,

+	0x06, 0xce, 0x63, 0x43, 0xca, 0x3a, 0xa1, 0x48, 0x5e, 0xe7, 0x8e, 0x27, 0x28, 0xf7, 0xf4, 0xeb,

+	0x36, 0x8f, 0xe3, 0x39, 0xfa, 0x14, 0x32, 0x8e, 0x4f, 0x26, 0xba, 0x09, 0x5e, 0xea, 0x41, 0xb7,

+	0xd7, 0x7c, 0xa8, 0x73, 0xae, 0x95, 0xbf, 0xbc, 0xd8, 0xc9, 0x48, 0x01, 0x56, 0x34, 0x54, 0x8d,

+	0x5e, 0x28, 0x72, 0x25, 0xd5, 0x02, 0xe4, 0x71, 0x42, 0x22, 0xf3, 0xc6, 0xf1, 0x46, 0x9c, 0x06,

+	0x81, 0x6a, 0x06, 0xf2, 0x38, 0x9a, 0xa2, 0x0a, 0xe4, 0x74, 0x37, 0xab, 0x1e, 0x36, 0x05, 0xf9,

+	0x46, 0xd0, 0x82, 0x56, 0x09, 0x8c, 0x70, 0x37, 0x06, 0xc7, 0x9c, 0x4d, 0xea, 0xff, 0xca, 0x80,

+	0x71, 0xe0, 0x4e, 0x03, 0xa1, 0x3b, 0xa5, 0x17, 0xb6, 0xf9, 0x4f, 0x60, 0x8b, 0xa8, 0x7f, 0x2d,

+	0xc4, 0x93, 0x57, 0xab, 0x7a, 0x24, 0xe8, 0x03, 0xb8, 0xb3, 0x54, 0x5d, 0x0c, 0x0e, 0x1f, 0x14,

+	0xad, 0xac, 0xd4, 0x69, 0xa6, 0x71, 0x99, 0x5c, 0xf9, 0x82, 0xfa, 0x50, 0x62, 0xdc, 0x1a, 0xd3,

+	0x40, 0x84, 0x17, 0xb2, 0xfe, 0x37, 0xb1, 0xf4, 0xaf, 0xd5, 0xa3, 0x24, 0x50, 0xdf, 0x43, 0xa1,

+	0xb5, 0x8b, 0x3a, 0xd0, 0x87, 0x90, 0xe1, 0xe4, 0x38, 0x7a, 0xf0, 0x2c, 0x4d, 0x12, 0x4c, 0x8e,

+	0xc5, 0x82, 0x0a, 0xc5, 0x40, 0x9f, 0x03, 0xd8, 0x4e, 0xe0, 0x13, 0x61, 0x8d, 0x29, 0xd7, 0x87,

+	0xbd, 0xd4, 0xc5, 0x76, 0x8c, 0x5a, 0xd0, 0x92, 0x60, 0xa3, 0xfb, 0x50, 0xb0, 0x48, 0x14, 0xae,

+	0xd9, 0xd5, 0x3f, 0x6c, 0x0e, 0x9a, 0x5a, 0x45, 0x59, 0xaa, 0xb8, 0xbc, 0xd8, 0xc9, 0x47, 0x12,

+	0x9c, 0xb7, 0x88, 0x0e, 0xdf, 0xfb, 0x50, 0x12, 0x24, 0x38, 0x19, 0xd8, 0x61, 0x39, 0x0b, 0xc3,

+	0x64, 0xc5, 0xbd, 0x2a, 0xdf, 0xc5, 0xba, 0xec, 0x45, 0xc7, 0x59, 0x14, 0x09, 0x19, 0xfa, 0x05,

+	0x6c, 0x51, 0xcf, 0xe2, 0x33, 0x15, 0xac, 0x91, 0x85, 0xf9, 0xd5, 0xce, 0x76, 0x62, 0xf0, 0x82,

+	0xb3, 0x65, 0x7a, 0x45, 0x5e, 0xff, 0x5b, 0x1a, 0x20, 0x6c, 0x64, 0x5e, 0x6c, 0x00, 0x22, 0xc8,

+	0xd8, 0x44, 0x10, 0x15, 0x73, 0x45, 0xac, 0xc6, 0xe8, 0x63, 0x00, 0x41, 0x27, 0xbe, 0x2c, 0xbd,

+	0xde, 0x48, 0x87, 0xcd, 0xb3, 0xca, 0x41, 0x02, 0x8d, 0xf6, 0x21, 0xab, 0x9f, 0xa5, 0x99, 0x6b,

+	0x79, 0x1a, 0x59, 0xff, 0x63, 0x1a, 0x20, 0x74, 0xf3, 0x7f, 0xda, 0xb7, 0xd6, 0x9d, 0x6f, 0xbe,

+	0xaf, 0xa6, 0xbe, 0xfb, 0xbe, 0x9a, 0xfa, 0xed, 0x65, 0x35, 0xfd, 0xcd, 0x65, 0x35, 0xfd, 0xed,

+	0x65, 0x35, 0xfd, 0xf7, 0xcb, 0x6a, 0xfa, 0xf7, 0x3f, 0x54, 0x53, 0xdf, 0xfe, 0x50, 0x4d, 0x7d,

+	0xf7, 0x43, 0x35, 0x35, 0xcc, 0xaa, 0x56, 0xf8, 0x47, 0xff, 0x0e, 0x00, 0x00, 0xff, 0xff, 0x92,

+	0xc4, 0x34, 0xad, 0xa7, 0x17, 0x00, 0x00,

 }

 func (m *NodeSpec) Copy() *NodeSpec {

@@ -1997,9 +2000,14 @@ func (m *ContainerSpec) CopyFrom(src interface{}) {

 		}

 	}

-	if o.Capabilities != nil {

-		m.Capabilities = make([]string, len(o.Capabilities))

-		copy(m.Capabilities, o.Capabilities)

+	if o.CapabilityAdd != nil {

+		m.CapabilityAdd = make([]string, len(o.CapabilityAdd))

+		copy(m.CapabilityAdd, o.CapabilityAdd)

+	}

+

+	if o.CapabilityDrop != nil {

+		m.CapabilityDrop = make([]string, len(o.CapabilityDrop))

+		copy(m.CapabilityDrop, o.CapabilityDrop)

 	}

 }

@@ -2983,8 +2991,8 @@ func (m *ContainerSpec) MarshalTo(dAtA []byte) (int, error) {

 			i += copy(dAtA[i:], v)

 		}

 	}

-	if len(m.Capabilities) > 0 {

-		for _, s := range m.Capabilities {

+	if len(m.CapabilityAdd) > 0 {

+		for _, s := range m.CapabilityAdd {

 			dAtA[i] = 0xda

 			i++

 			dAtA[i] = 0x1

@@ -3000,6 +3008,23 @@ func (m *ContainerSpec) MarshalTo(dAtA []byte) (int, error) {

 			i += copy(dAtA[i:], s)

 		}

 	}

+	if len(m.CapabilityDrop) > 0 {

+		for _, s := range m.CapabilityDrop {

+			dAtA[i] = 0xe2

+			i++

+			dAtA[i] = 0x1

+			i++

+			l = len(s)

+			for l >= 1<<7 {

+				dAtA[i] = uint8(uint64(l)&0x7f | 0x80)

+				l >>= 7

+				i++

+			}

+			dAtA[i] = uint8(l)

+			i++

+			i += copy(dAtA[i:], s)

+		}

+	}

 	return i, nil

 }