Merge pull request #47824 from mbohlool/revert2

Automatic merge from submit-queue (batch tested with PRs 47851, 47824, 47858, 46099) Revert 44714 manually #44714 broke backward compatibility for old swagger spec that kubectl still uses. The decision on #47448 was to revert this change but the change was not automatically revertible. Here I semi-manually remove all references to UnixUserID and UnixGroupID and updated generated files accordingly. Please wait for tests to pass then review that as there may still be tests that are failing. Fixes #47448 Adding release note just because the original PR has a release note. If possible, we should remove both release notes as they cancel each other. **Release note**: (removed by caesarxuchao) UnixUserID and UnixGroupID is reverted back as int64 to keep backward compatibility.
2017-06-21 15:21:14 -07:00
parent 5d30190b3b 222f6ae37f
commit 03014f486c
119 changed files with 1810 additions and 2252 deletions
--- a/api/swagger-spec/apps_v1beta1.json
+++ b/api/swagger-spec/apps_v1beta1.json
@@ -5320,7 +5320,8 @@
      "description": "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container.  May also be set in PodSecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence."
     },
     "runAsUser": {
-      "$ref": "types.UnixUserID",
+      "type": "integer",
      "format": "int64",
      "description": "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence."
     },
     "runAsNonRoot": {
@@ -5379,10 +5380,6 @@
     }
    }
   },
   "types.UnixUserID": {
    "id": "types.UnixUserID",
    "properties": {}
   },
   "v1.PodSecurityContext": {
    "id": "v1.PodSecurityContext",
    "description": "PodSecurityContext holds pod-level security attributes and common container settings. Some fields are also present in container.securityContext.  Field values of container.securityContext take precedence over field values of PodSecurityContext.",
@@ -5392,7 +5389,8 @@
      "description": "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container.  May also be set in SecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container."
     },
     "runAsUser": {
-      "$ref": "types.UnixUserID",
+      "type": "integer",
      "format": "int64",
      "description": "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container."
     },
     "runAsNonRoot": {
@@ -5402,20 +5400,17 @@
     "supplementalGroups": {
      "type": "array",
      "items": {
-       "$ref": "types.UnixGroupID"
+       "type": "integer"
      },
      "description": "A list of groups applied to the first process run in each container, in addition to the container's primary GID.  If unspecified, no groups will be added to any container."
     },
     "fsGroup": {
-      "$ref": "types.UnixGroupID",
+      "type": "integer",
      "format": "int64",
      "description": "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod:\n\n1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw "
     }
    }
   },
   "types.UnixGroupID": {
    "id": "types.UnixGroupID",
    "properties": {}
   },
   "v1.Affinity": {
    "id": "v1.Affinity",
    "description": "Affinity is a group of affinity scheduling rules.",
--- a/api/swagger-spec/batch_v1.json
+++ b/api/swagger-spec/batch_v1.json
@@ -3067,7 +3067,8 @@
      "description": "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container.  May also be set in PodSecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence."
     },
     "runAsUser": {
-      "$ref": "types.UnixUserID",
+      "type": "integer",
      "format": "int64",
      "description": "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence."
     },
     "runAsNonRoot": {
@@ -3126,10 +3127,6 @@
     }
    }
   },
   "types.UnixUserID": {
    "id": "types.UnixUserID",
    "properties": {}
   },
   "v1.PodSecurityContext": {
    "id": "v1.PodSecurityContext",
    "description": "PodSecurityContext holds pod-level security attributes and common container settings. Some fields are also present in container.securityContext.  Field values of container.securityContext take precedence over field values of PodSecurityContext.",
@@ -3139,7 +3136,8 @@
      "description": "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container.  May also be set in SecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container."
     },
     "runAsUser": {
-      "$ref": "types.UnixUserID",
+      "type": "integer",
      "format": "int64",
      "description": "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container."
     },
     "runAsNonRoot": {
@@ -3149,20 +3147,17 @@
     "supplementalGroups": {
      "type": "array",
      "items": {
-       "$ref": "types.UnixGroupID"
+       "type": "integer"
      },
      "description": "A list of groups applied to the first process run in each container, in addition to the container's primary GID.  If unspecified, no groups will be added to any container."
     },
     "fsGroup": {
-      "$ref": "types.UnixGroupID",
+      "type": "integer",
      "format": "int64",
      "description": "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod:\n\n1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw "
     }
    }
   },
   "types.UnixGroupID": {
    "id": "types.UnixGroupID",
    "properties": {}
   },
   "v1.Affinity": {
    "id": "v1.Affinity",
    "description": "Affinity is a group of affinity scheduling rules.",
--- a/api/swagger-spec/batch_v2alpha1.json
+++ b/api/swagger-spec/batch_v2alpha1.json
@@ -4148,7 +4148,8 @@
      "description": "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container.  May also be set in PodSecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence."
     },
     "runAsUser": {
-      "$ref": "types.UnixUserID",
+      "type": "integer",
      "format": "int64",
      "description": "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence."
     },
     "runAsNonRoot": {
@@ -4207,10 +4208,6 @@
     }
    }
   },
   "types.UnixUserID": {
    "id": "types.UnixUserID",
    "properties": {}
   },
   "v1.PodSecurityContext": {
    "id": "v1.PodSecurityContext",
    "description": "PodSecurityContext holds pod-level security attributes and common container settings. Some fields are also present in container.securityContext.  Field values of container.securityContext take precedence over field values of PodSecurityContext.",
@@ -4220,7 +4217,8 @@
      "description": "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container.  May also be set in SecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container."
     },
     "runAsUser": {
-      "$ref": "types.UnixUserID",
+      "type": "integer",
      "format": "int64",
      "description": "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container."
     },
     "runAsNonRoot": {
@@ -4230,20 +4228,17 @@
     "supplementalGroups": {
      "type": "array",
      "items": {
-       "$ref": "types.UnixGroupID"
+       "type": "integer"
      },
      "description": "A list of groups applied to the first process run in each container, in addition to the container's primary GID.  If unspecified, no groups will be added to any container."
     },
     "fsGroup": {
-      "$ref": "types.UnixGroupID",
+      "type": "integer",
      "format": "int64",
      "description": "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod:\n\n1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw "
     }
    }
   },
   "types.UnixGroupID": {
    "id": "types.UnixGroupID",
    "properties": {}
   },
   "v1.Affinity": {
    "id": "v1.Affinity",
    "description": "Affinity is a group of affinity scheduling rules.",
--- a/api/swagger-spec/extensions_v1beta1.json
+++ b/api/swagger-spec/extensions_v1beta1.json
@@ -8792,7 +8792,8 @@
      "description": "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container.  May also be set in PodSecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence."
     },
     "runAsUser": {
-      "$ref": "types.UnixUserID",
+      "type": "integer",
      "format": "int64",
      "description": "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence."
     },
     "runAsNonRoot": {
@@ -8851,10 +8852,6 @@
     }
    }
   },
   "types.UnixUserID": {
    "id": "types.UnixUserID",
    "properties": {}
   },
   "v1.PodSecurityContext": {
    "id": "v1.PodSecurityContext",
    "description": "PodSecurityContext holds pod-level security attributes and common container settings. Some fields are also present in container.securityContext.  Field values of container.securityContext take precedence over field values of PodSecurityContext.",
@@ -8864,7 +8861,8 @@
      "description": "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container.  May also be set in SecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container."
     },
     "runAsUser": {
-      "$ref": "types.UnixUserID",
+      "type": "integer",
      "format": "int64",
      "description": "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container."
     },
     "runAsNonRoot": {
@@ -8874,20 +8872,17 @@
     "supplementalGroups": {
      "type": "array",
      "items": {
-       "$ref": "types.UnixGroupID"
+       "type": "integer"
      },
      "description": "A list of groups applied to the first process run in each container, in addition to the container's primary GID.  If unspecified, no groups will be added to any container."
     },
     "fsGroup": {
-      "$ref": "types.UnixGroupID",
+      "type": "integer",
      "format": "int64",
      "description": "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod:\n\n1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw "
     }
    }
   },
   "types.UnixGroupID": {
    "id": "types.UnixGroupID",
    "properties": {}
   },
   "v1.Affinity": {
    "id": "v1.Affinity",
    "description": "Affinity is a group of affinity scheduling rules.",
--- a/api/swagger-spec/v1.json
+++ b/api/swagger-spec/v1.json
@@ -20623,7 +20623,8 @@
      "description": "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container.  May also be set in PodSecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence."
     },
     "runAsUser": {
-      "$ref": "types.UnixUserID",
+      "type": "integer",
      "format": "int64",
      "description": "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence."
     },
     "runAsNonRoot": {
@@ -20682,10 +20683,6 @@
     }
    }
   },
   "types.UnixUserID": {
    "id": "types.UnixUserID",
    "properties": {}
   },
   "v1.PodSecurityContext": {
    "id": "v1.PodSecurityContext",
    "description": "PodSecurityContext holds pod-level security attributes and common container settings. Some fields are also present in container.securityContext.  Field values of container.securityContext take precedence over field values of PodSecurityContext.",
@@ -20695,7 +20692,8 @@
      "description": "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container.  May also be set in SecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container."
     },
     "runAsUser": {
-      "$ref": "types.UnixUserID",
+      "type": "integer",
      "format": "int64",
      "description": "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container."
     },
     "runAsNonRoot": {
@@ -20705,20 +20703,17 @@
     "supplementalGroups": {
      "type": "array",
      "items": {
-       "$ref": "types.UnixGroupID"
+       "type": "integer"
      },
      "description": "A list of groups applied to the first process run in each container, in addition to the container's primary GID.  If unspecified, no groups will be added to any container."
     },
     "fsGroup": {
-      "$ref": "types.UnixGroupID",
+      "type": "integer",
      "format": "int64",
      "description": "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod:\n\n1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw "
     }
    }
   },
   "types.UnixGroupID": {
    "id": "types.UnixGroupID",
    "properties": {}
   },
   "v1.Affinity": {
    "id": "v1.Affinity",
    "description": "Affinity is a group of affinity scheduling rules.",
--- a/docs/api-reference/apps/v1beta1/definitions.html
+++ b/docs/api-reference/apps/v1beta1/definitions.html
@@ -4426,10 +4426,6 @@ Examples:<br>
 </tbody>
 </table>
 </div>
 <div class="sect2">
 <h3 id="_types_unixuserid">types.UnixUserID</h3>
 </div>
 <div class="sect2">
 <h3 id="_v1_photonpersistentdiskvolumesource">v1.PhotonPersistentDiskVolumeSource</h3>
@@ -4843,10 +4839,6 @@ Examples:<br>
 </tbody>
 </table>
 </div>
 <div class="sect2">
 <h3 id="_types_unixgroupid">types.UnixGroupID</h3>
 </div>
 <div class="sect2">
 <h3 id="_v1beta1_deploymentrollback">v1beta1.DeploymentRollback</h3>
@@ -5541,7 +5533,7 @@ Examples:<br>
 <td class="tableblock halign-left valign-top"><p class="tableblock">runAsUser</p></td>
 <td class="tableblock halign-left valign-top"><p class="tableblock">The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container.</p></td>
 <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td>
-<td class="tableblock halign-left valign-top"><p class="tableblock"><a href="#_types_unixuserid">types.UnixUserID</a></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">integer (int64)</p></td>
 <td class="tableblock halign-left valign-top"></td>
 </tr>
 <tr>
@@ -5555,7 +5547,7 @@ Examples:<br>
 <td class="tableblock halign-left valign-top"><p class="tableblock">supplementalGroups</p></td>
 <td class="tableblock halign-left valign-top"><p class="tableblock">A list of groups applied to the first process run in each container, in addition to the container&#8217;s primary GID.  If unspecified, no groups will be added to any container.</p></td>
 <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td>
-<td class="tableblock halign-left valign-top"><p class="tableblock"><a href="#_types_unixgroupid">types.UnixGroupID</a> array</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">integer (int32) array</p></td>
 <td class="tableblock halign-left valign-top"></td>
 </tr>
 <tr>
@@ -5564,7 +5556,7 @@ Examples:<br>
 <br>
 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR&#8217;d with rw-rw</p></td>
 <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td>
-<td class="tableblock halign-left valign-top"><p class="tableblock"><a href="#_types_unixgroupid">types.UnixGroupID</a></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">integer (int64)</p></td>
 <td class="tableblock halign-left valign-top"></td>
 </tr>
 </tbody>
@@ -6000,7 +5992,7 @@ Examples:<br>
 <td class="tableblock halign-left valign-top"><p class="tableblock">runAsUser</p></td>
 <td class="tableblock halign-left valign-top"><p class="tableblock">The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.</p></td>
 <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td>
-<td class="tableblock halign-left valign-top"><p class="tableblock"><a href="#_types_unixuserid">types.UnixUserID</a></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">integer (int64)</p></td>
 <td class="tableblock halign-left valign-top"></td>
 </tr>
 <tr>
--- a/docs/api-reference/batch/v1/definitions.html
+++ b/docs/api-reference/batch/v1/definitions.html
@@ -1483,10 +1483,6 @@ When an object is created, the system will populate this list with the current s
 </tbody>
 </table>
 </div>
 <div class="sect2">
 <h3 id="_types_uid">types.UID</h3>
 </div>
 <div class="sect2">
 <h3 id="_v1_azurefilevolumesource">v1.AzureFileVolumeSource</h3>
@@ -1535,6 +1531,10 @@ When an object is created, the system will populate this list with the current s
 </tbody>
 </table>
 </div>
 <div class="sect2">
 <h3 id="_types_uid">types.UID</h3>
 </div>
 <div class="sect2">
 <h3 id="_v1_iscsivolumesource">v1.ISCSIVolumeSource</h3>
@@ -3672,10 +3672,6 @@ Examples:<br>
 </tbody>
 </table>
 </div>
 <div class="sect2">
 <h3 id="_types_unixuserid">types.UnixUserID</h3>
 </div>
 <div class="sect2">
 <h3 id="_v1_photonpersistentdiskvolumesource">v1.PhotonPersistentDiskVolumeSource</h3>
@@ -3986,10 +3982,6 @@ Examples:<br>
 </tbody>
 </table>
 </div>
 <div class="sect2">
 <h3 id="_types_unixgroupid">types.UnixGroupID</h3>
 </div>
 <div class="sect2">
 <h3 id="_v1_httpheader">v1.HTTPHeader</h3>
@@ -4505,7 +4497,7 @@ Examples:<br>
 <td class="tableblock halign-left valign-top"><p class="tableblock">runAsUser</p></td>
 <td class="tableblock halign-left valign-top"><p class="tableblock">The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container.</p></td>
 <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td>
-<td class="tableblock halign-left valign-top"><p class="tableblock"><a href="#_types_unixuserid">types.UnixUserID</a></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">integer (int64)</p></td>
 <td class="tableblock halign-left valign-top"></td>
 </tr>
 <tr>
@@ -4519,7 +4511,7 @@ Examples:<br>
 <td class="tableblock halign-left valign-top"><p class="tableblock">supplementalGroups</p></td>
 <td class="tableblock halign-left valign-top"><p class="tableblock">A list of groups applied to the first process run in each container, in addition to the container&#8217;s primary GID.  If unspecified, no groups will be added to any container.</p></td>
 <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td>
-<td class="tableblock halign-left valign-top"><p class="tableblock"><a href="#_types_unixgroupid">types.UnixGroupID</a> array</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">integer (int32) array</p></td>
 <td class="tableblock halign-left valign-top"></td>
 </tr>
 <tr>
@@ -4528,7 +4520,7 @@ Examples:<br>
 <br>
 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR&#8217;d with rw-rw</p></td>
 <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td>
-<td class="tableblock halign-left valign-top"><p class="tableblock"><a href="#_types_unixgroupid">types.UnixGroupID</a></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">integer (int64)</p></td>
 <td class="tableblock halign-left valign-top"></td>
 </tr>
 </tbody>
@@ -4978,7 +4970,7 @@ Examples:<br>
 <td class="tableblock halign-left valign-top"><p class="tableblock">runAsUser</p></td>
 <td class="tableblock halign-left valign-top"><p class="tableblock">The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.</p></td>
 <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td>
-<td class="tableblock halign-left valign-top"><p class="tableblock"><a href="#_types_unixuserid">types.UnixUserID</a></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">integer (int64)</p></td>
 <td class="tableblock halign-left valign-top"></td>
 </tr>
 <tr>
--- a/docs/api-reference/batch/v2alpha1/definitions.html
+++ b/docs/api-reference/batch/v2alpha1/definitions.html
@@ -3679,10 +3679,6 @@ Examples:<br>
 </tbody>
 </table>
 </div>
 <div class="sect2">
 <h3 id="_types_unixuserid">types.UnixUserID</h3>
 </div>
 <div class="sect2">
 <h3 id="_v1_photonpersistentdiskvolumesource">v1.PhotonPersistentDiskVolumeSource</h3>
@@ -3993,10 +3989,6 @@ Examples:<br>
 </tbody>
 </table>
 </div>
 <div class="sect2">
 <h3 id="_types_unixgroupid">types.UnixGroupID</h3>
 </div>
 <div class="sect2">
 <h3 id="_v1_httpheader">v1.HTTPHeader</h3>
@@ -4512,7 +4504,7 @@ Examples:<br>
 <td class="tableblock halign-left valign-top"><p class="tableblock">runAsUser</p></td>
 <td class="tableblock halign-left valign-top"><p class="tableblock">The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container.</p></td>
 <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td>
-<td class="tableblock halign-left valign-top"><p class="tableblock"><a href="#_types_unixuserid">types.UnixUserID</a></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">integer (int64)</p></td>
 <td class="tableblock halign-left valign-top"></td>
 </tr>
 <tr>
@@ -4526,7 +4518,7 @@ Examples:<br>
 <td class="tableblock halign-left valign-top"><p class="tableblock">supplementalGroups</p></td>
 <td class="tableblock halign-left valign-top"><p class="tableblock">A list of groups applied to the first process run in each container, in addition to the container&#8217;s primary GID.  If unspecified, no groups will be added to any container.</p></td>
 <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td>
-<td class="tableblock halign-left valign-top"><p class="tableblock"><a href="#_types_unixgroupid">types.UnixGroupID</a> array</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">integer (int32) array</p></td>
 <td class="tableblock halign-left valign-top"></td>
 </tr>
 <tr>
@@ -4535,7 +4527,7 @@ Examples:<br>
 <br>
 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR&#8217;d with rw-rw</p></td>
 <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td>
-<td class="tableblock halign-left valign-top"><p class="tableblock"><a href="#_types_unixgroupid">types.UnixGroupID</a></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">integer (int64)</p></td>
 <td class="tableblock halign-left valign-top"></td>
 </tr>
 </tbody>
@@ -4916,7 +4908,7 @@ Examples:<br>
 <td class="tableblock halign-left valign-top"><p class="tableblock">runAsUser</p></td>
 <td class="tableblock halign-left valign-top"><p class="tableblock">The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.</p></td>
 <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td>
-<td class="tableblock halign-left valign-top"><p class="tableblock"><a href="#_types_unixuserid">types.UnixUserID</a></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">integer (int64)</p></td>
 <td class="tableblock halign-left valign-top"></td>
 </tr>
 <tr>
--- a/docs/api-reference/extensions/v1beta1/definitions.html
+++ b/docs/api-reference/extensions/v1beta1/definitions.html
@@ -5094,10 +5094,6 @@ Examples:<br>
 </tbody>
 </table>
 </div>
 <div class="sect2">
 <h3 id="_types_unixuserid">types.UnixUserID</h3>
 </div>
 <div class="sect2">
 <h3 id="_v1_photonpersistentdiskvolumesource">v1.PhotonPersistentDiskVolumeSource</h3>
@@ -5608,10 +5604,6 @@ Examples:<br>
 </tbody>
 </table>
 </div>
 <div class="sect2">
 <h3 id="_types_unixgroupid">types.UnixGroupID</h3>
 </div>
 <div class="sect2">
 <h3 id="_v1beta1_deploymentrollback">v1beta1.DeploymentRollback</h3>
@@ -6410,7 +6402,7 @@ Both these may change in the future. Incoming requests are matched against the h
 <td class="tableblock halign-left valign-top"><p class="tableblock">runAsUser</p></td>
 <td class="tableblock halign-left valign-top"><p class="tableblock">The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container.</p></td>
 <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td>
-<td class="tableblock halign-left valign-top"><p class="tableblock"><a href="#_types_unixuserid">types.UnixUserID</a></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">integer (int64)</p></td>
 <td class="tableblock halign-left valign-top"></td>
 </tr>
 <tr>
@@ -6424,7 +6416,7 @@ Both these may change in the future. Incoming requests are matched against the h
 <td class="tableblock halign-left valign-top"><p class="tableblock">supplementalGroups</p></td>
 <td class="tableblock halign-left valign-top"><p class="tableblock">A list of groups applied to the first process run in each container, in addition to the container&#8217;s primary GID.  If unspecified, no groups will be added to any container.</p></td>
 <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td>
-<td class="tableblock halign-left valign-top"><p class="tableblock"><a href="#_types_unixgroupid">types.UnixGroupID</a> array</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">integer (int32) array</p></td>
 <td class="tableblock halign-left valign-top"></td>
 </tr>
 <tr>
@@ -6433,7 +6425,7 @@ Both these may change in the future. Incoming requests are matched against the h
 <br>
 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR&#8217;d with rw-rw</p></td>
 <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td>
-<td class="tableblock halign-left valign-top"><p class="tableblock"><a href="#_types_unixgroupid">types.UnixGroupID</a></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">integer (int64)</p></td>
 <td class="tableblock halign-left valign-top"></td>
 </tr>
 </tbody>
@@ -7048,7 +7040,7 @@ Both these may change in the future. Incoming requests are matched against the h
 <td class="tableblock halign-left valign-top"><p class="tableblock">runAsUser</p></td>
 <td class="tableblock halign-left valign-top"><p class="tableblock">The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.</p></td>
 <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td>
-<td class="tableblock halign-left valign-top"><p class="tableblock"><a href="#_types_unixuserid">types.UnixUserID</a></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">integer (int64)</p></td>
 <td class="tableblock halign-left valign-top"></td>
 </tr>
 <tr>
--- a/docs/api-reference/v1/definitions.html
+++ b/docs/api-reference/v1/definitions.html
@@ -6213,10 +6213,6 @@ Examples:<br>
 </tbody>
 </table>
 </div>
 <div class="sect2">
 <h3 id="_types_unixuserid">types.UnixUserID</h3>
 </div>
 <div class="sect2">
 <h3 id="_v1_photonpersistentdiskvolumesource">v1.PhotonPersistentDiskVolumeSource</h3>
@@ -6616,10 +6612,6 @@ Examples:<br>
 </tbody>
 </table>
 </div>
 <div class="sect2">
 <h3 id="_types_unixgroupid">types.UnixGroupID</h3>
 </div>
 <div class="sect2">
 <h3 id="_v1_httpheader">v1.HTTPHeader</h3>
@@ -7272,7 +7264,7 @@ Examples:<br>
 <td class="tableblock halign-left valign-top"><p class="tableblock">runAsUser</p></td>
 <td class="tableblock halign-left valign-top"><p class="tableblock">The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container.</p></td>
 <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td>
-<td class="tableblock halign-left valign-top"><p class="tableblock"><a href="#_types_unixuserid">types.UnixUserID</a></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">integer (int64)</p></td>
 <td class="tableblock halign-left valign-top"></td>
 </tr>
 <tr>
@@ -7286,7 +7278,7 @@ Examples:<br>
 <td class="tableblock halign-left valign-top"><p class="tableblock">supplementalGroups</p></td>
 <td class="tableblock halign-left valign-top"><p class="tableblock">A list of groups applied to the first process run in each container, in addition to the container&#8217;s primary GID.  If unspecified, no groups will be added to any container.</p></td>
 <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td>
-<td class="tableblock halign-left valign-top"><p class="tableblock"><a href="#_types_unixgroupid">types.UnixGroupID</a> array</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">integer (int32) array</p></td>
 <td class="tableblock halign-left valign-top"></td>
 </tr>
 <tr>
@@ -7295,7 +7287,7 @@ Examples:<br>
 <br>
 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR&#8217;d with rw-rw</p></td>
 <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td>
-<td class="tableblock halign-left valign-top"><p class="tableblock"><a href="#_types_unixgroupid">types.UnixGroupID</a></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">integer (int64)</p></td>
 <td class="tableblock halign-left valign-top"></td>
 </tr>
 </tbody>
@@ -8343,7 +8335,7 @@ Examples:<br>
 <td class="tableblock halign-left valign-top"><p class="tableblock">runAsUser</p></td>
 <td class="tableblock halign-left valign-top"><p class="tableblock">The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.</p></td>
 <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td>
-<td class="tableblock halign-left valign-top"><p class="tableblock"><a href="#_types_unixuserid">types.UnixUserID</a></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">integer (int64)</p></td>
 <td class="tableblock halign-left valign-top"></td>
 </tr>
 <tr>
--- a/federation/apis/swagger-spec/extensions_v1beta1.json
+++ b/federation/apis/swagger-spec/extensions_v1beta1.json
@@ -6536,7 +6536,8 @@
      "description": "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container.  May also be set in PodSecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence."
     },
     "runAsUser": {
-      "$ref": "types.UnixUserID",
+      "type": "integer",
      "format": "int64",
      "description": "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence."
     },
     "runAsNonRoot": {
@@ -6595,10 +6596,6 @@
     }
    }
   },
   "types.UnixUserID": {
    "id": "types.UnixUserID",
    "properties": {}
   },
   "v1.PodSecurityContext": {
    "id": "v1.PodSecurityContext",
    "description": "PodSecurityContext holds pod-level security attributes and common container settings. Some fields are also present in container.securityContext.  Field values of container.securityContext take precedence over field values of PodSecurityContext.",
@@ -6608,7 +6605,8 @@
      "description": "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container.  May also be set in SecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container."
     },
     "runAsUser": {
-      "$ref": "types.UnixUserID",
+      "type": "integer",
      "format": "int64",
      "description": "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container."
     },
     "runAsNonRoot": {
@@ -6618,20 +6616,17 @@
     "supplementalGroups": {
      "type": "array",
      "items": {
-       "$ref": "types.UnixGroupID"
+       "type": "integer"
      },
      "description": "A list of groups applied to the first process run in each container, in addition to the container's primary GID.  If unspecified, no groups will be added to any container."
     },
     "fsGroup": {
-      "$ref": "types.UnixGroupID",
+      "type": "integer",
      "format": "int64",
      "description": "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod:\n\n1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw "
     }
    }
   },
   "types.UnixGroupID": {
    "id": "types.UnixGroupID",
    "properties": {}
   },
   "v1.Affinity": {
    "id": "v1.Affinity",
    "description": "Affinity is a group of affinity scheduling rules.",
--- a/federation/docs/api-reference/extensions/v1beta1/definitions.html
+++ b/federation/docs/api-reference/extensions/v1beta1/definitions.html
@@ -4713,10 +4713,6 @@ Examples:<br>
 </tbody>
 </table>
 </div>
 <div class="sect2">
 <h3 id="_types_unixuserid">types.UnixUserID</h3>
 </div>
 <div class="sect2">
 <h3 id="_v1_photonpersistentdiskvolumesource">v1.PhotonPersistentDiskVolumeSource</h3>
@@ -5130,10 +5126,6 @@ Examples:<br>
 </tbody>
 </table>
 </div>
 <div class="sect2">
 <h3 id="_types_unixgroupid">types.UnixGroupID</h3>
 </div>
 <div class="sect2">
 <h3 id="_v1beta1_deploymentrollback">v1beta1.DeploymentRollback</h3>
@@ -5832,7 +5824,7 @@ Both these may change in the future. Incoming requests are matched against the h
 <td class="tableblock halign-left valign-top"><p class="tableblock">runAsUser</p></td>
 <td class="tableblock halign-left valign-top"><p class="tableblock">The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container.</p></td>
 <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td>
-<td class="tableblock halign-left valign-top"><p class="tableblock"><a href="#_types_unixuserid">types.UnixUserID</a></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">integer (int64)</p></td>
 <td class="tableblock halign-left valign-top"></td>
 </tr>
 <tr>
@@ -5846,7 +5838,7 @@ Both these may change in the future. Incoming requests are matched against the h
 <td class="tableblock halign-left valign-top"><p class="tableblock">supplementalGroups</p></td>
 <td class="tableblock halign-left valign-top"><p class="tableblock">A list of groups applied to the first process run in each container, in addition to the container&#8217;s primary GID.  If unspecified, no groups will be added to any container.</p></td>
 <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td>
-<td class="tableblock halign-left valign-top"><p class="tableblock"><a href="#_types_unixgroupid">types.UnixGroupID</a> array</p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">integer (int32) array</p></td>
 <td class="tableblock halign-left valign-top"></td>
 </tr>
 <tr>
@@ -5855,7 +5847,7 @@ Both these may change in the future. Incoming requests are matched against the h
 <br>
 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR&#8217;d with rw-rw</p></td>
 <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td>
-<td class="tableblock halign-left valign-top"><p class="tableblock"><a href="#_types_unixgroupid">types.UnixGroupID</a></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">integer (int64)</p></td>
 <td class="tableblock halign-left valign-top"></td>
 </tr>
 </tbody>
@@ -6429,7 +6421,7 @@ Both these may change in the future. Incoming requests are matched against the h
 <td class="tableblock halign-left valign-top"><p class="tableblock">runAsUser</p></td>
 <td class="tableblock halign-left valign-top"><p class="tableblock">The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext.  If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.</p></td>
 <td class="tableblock halign-left valign-top"><p class="tableblock">false</p></td>
-<td class="tableblock halign-left valign-top"><p class="tableblock"><a href="#_types_unixuserid">types.UnixUserID</a></p></td>
+<td class="tableblock halign-left valign-top"><p class="tableblock">integer (int64)</p></td>
 <td class="tableblock halign-left valign-top"></td>
 </tr>
 <tr>
--- a/hack/make-rules/test-cmd-util.sh
+++ b/hack/make-rules/test-cmd-util.sh
@@ -2851,6 +2851,16 @@ run_deployment_tests() {
  # Clean up
  kubectl delete deployment test-nginx-apps "${kube_flags[@]}"
  ### Test kubectl create deployment should not fail validation
  # Pre-Condition: No deployment exists.
  kube::test::get_object_assert deployment "{{range.items}}{{$id_field}}:{{end}}" ''
  # Command
  kubectl create -f hack/testdata/deployment-with-UnixUserID.yaml "${kube_flags[@]}"
  # Post-Condition: Deployment "deployment-with-unixuserid" is created.
  kube::test::get_object_assert deployment "{{range.items}}{{$id_field}}:{{end}}" 'deployment-with-unixuserid:'
  # Clean up
  kubectl delete deployment deployment-with-unixuserid "${kube_flags[@]}"
  ### Test cascading deletion
  ## Test that rs is deleted when deployment is deleted.
  # Pre-condition: no deployment exists
--- a/hack/testdata/deployment-with-UnixUserID.yaml
+++ b/hack/testdata/deployment-with-UnixUserID.yaml
@@ -0,0 +1,18 @@
 apiVersion: extensions/v1beta1
 kind: Deployment
 metadata:
  name: deployment-with-unixuserid
 spec:
  replicas: 1
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: nginx:1.7.9
      securityContext:
        runAsNonRoot: true
        runAsUser: 65534
--- a/pkg/api/types.go
+++ b/pkg/api/types.go
@@ -2263,7 +2263,7 @@ type PodSecurityContext struct {
 	// PodSecurityContext, the value specified in SecurityContext takes precedence
 	// for that container.
 	// +optional
-	RunAsUser *types.UnixUserID
+	RunAsUser *int64
 	// Indicates that the container must run as a non-root user.
 	// If true, the Kubelet will validate the image at runtime to ensure that it
 	// does not run as UID 0 (root) and fail to start the container if it does.
@@ -2276,7 +2276,7 @@ type PodSecurityContext struct {
 	// to the container's primary GID.  If unspecified, no groups will be added to
 	// any container.
 	// +optional
-	SupplementalGroups []types.UnixGroupID
+	SupplementalGroups []int64
 	// A special supplemental group that applies to all containers in a pod.
 	// Some volume types allow the Kubelet to change the ownership of that volume
 	// to be owned by the pod:
@@ -2287,7 +2287,7 @@ type PodSecurityContext struct {
 	//
 	// If unset, the Kubelet will not modify the ownership and permissions of any volume.
 	// +optional
-	FSGroup *types.UnixGroupID
+	FSGroup *int64
 }
 // PodQOSClass defines the supported qos classes of Pods.
@@ -3924,7 +3924,7 @@ type SecurityContext struct {
 	// May also be set in PodSecurityContext.  If set in both SecurityContext and
 	// PodSecurityContext, the value specified in SecurityContext takes precedence.
 	// +optional
-	RunAsUser *types.UnixUserID
+	RunAsUser *int64
 	// Indicates that the container must run as a non-root user.
 	// If true, the Kubelet will validate the image at runtime to ensure that it
 	// does not run as UID 0 (root) and fail to start the container if it does.
--- a/pkg/api/v1/generated.pb.go
+++ b/pkg/api/v1/generated.pb.go
--- a/pkg/api/v1/types.generated.go
+++ b/pkg/api/v1/types.generated.go
@@ -37619,7 +37619,6 @@ func (x *PodSecurityContext) CodecEncodeSelf(e *codec1978.Encoder) {
 						yym8 := z.EncBinary()
 						_ = yym8
 						if false {
 						} else if z.HasExtensions() && z.EncExt(yy7) {
 						} else {
 							r.EncodeInt(int64(yy7))
 						}
@@ -37639,7 +37638,6 @@ func (x *PodSecurityContext) CodecEncodeSelf(e *codec1978.Encoder) {
 						yym10 := z.EncBinary()
 						_ = yym10
 						if false {
 						} else if z.HasExtensions() && z.EncExt(yy9) {
 						} else {
 							r.EncodeInt(int64(yy9))
 						}
@@ -37691,7 +37689,7 @@ func (x *PodSecurityContext) CodecEncodeSelf(e *codec1978.Encoder) {
 						_ = yym17
 						if false {
 						} else {
-							h.encSlicetypes_UnixGroupID(([]pkg1_types.UnixGroupID)(x.SupplementalGroups), e)
+							z.F.EncSliceInt64V(x.SupplementalGroups, false, e)
 						}
 					}
 				} else {
@@ -37709,7 +37707,7 @@ func (x *PodSecurityContext) CodecEncodeSelf(e *codec1978.Encoder) {
 						_ = yym18
 						if false {
 						} else {
-							h.encSlicetypes_UnixGroupID(([]pkg1_types.UnixGroupID)(x.SupplementalGroups), e)
+							z.F.EncSliceInt64V(x.SupplementalGroups, false, e)
 						}
 					}
 				}
@@ -37724,7 +37722,6 @@ func (x *PodSecurityContext) CodecEncodeSelf(e *codec1978.Encoder) {
 						yym21 := z.EncBinary()
 						_ = yym21
 						if false {
 						} else if z.HasExtensions() && z.EncExt(yy20) {
 						} else {
 							r.EncodeInt(int64(yy20))
 						}
@@ -37744,7 +37741,6 @@ func (x *PodSecurityContext) CodecEncodeSelf(e *codec1978.Encoder) {
 						yym23 := z.EncBinary()
 						_ = yym23
 						if false {
 						} else if z.HasExtensions() && z.EncExt(yy22) {
 						} else {
 							r.EncodeInt(int64(yy22))
 						}
@@ -37830,12 +37826,11 @@ func (x *PodSecurityContext) codecDecodeSelfFromMap(l int, d *codec1978.Decoder)
 				}
 			} else {
 				if x.RunAsUser == nil {
-					x.RunAsUser = new(pkg1_types.UnixUserID)
+					x.RunAsUser = new(int64)
 				}
 				yym6 := z.DecBinary()
 				_ = yym6
 				if false {
 				} else if z.HasExtensions() && z.DecExt(x.RunAsUser) {
 				} else {
 					*((*int64)(x.RunAsUser)) = int64(r.DecodeInt(64))
 				}
@@ -37865,7 +37860,7 @@ func (x *PodSecurityContext) codecDecodeSelfFromMap(l int, d *codec1978.Decoder)
 				_ = yym10
 				if false {
 				} else {
-					h.decSlicetypes_UnixGroupID((*[]pkg1_types.UnixGroupID)(yyv9), d)
+					z.F.DecSliceInt64X(yyv9, false, d)
 				}
 			}
 		case "fsGroup":
@@ -37875,12 +37870,11 @@ func (x *PodSecurityContext) codecDecodeSelfFromMap(l int, d *codec1978.Decoder)
 				}
 			} else {
 				if x.FSGroup == nil {
-					x.FSGroup = new(pkg1_types.UnixGroupID)
+					x.FSGroup = new(int64)
 				}
 				yym12 := z.DecBinary()
 				_ = yym12
 				if false {
 				} else if z.HasExtensions() && z.DecExt(x.FSGroup) {
 				} else {
 					*((*int64)(x.FSGroup)) = int64(r.DecodeInt(64))
 				}
@@ -37937,12 +37931,11 @@ func (x *PodSecurityContext) codecDecodeSelfFromArray(l int, d *codec1978.Decode
 		}
 	} else {
 		if x.RunAsUser == nil {
-			x.RunAsUser = new(pkg1_types.UnixUserID)
+			x.RunAsUser = new(int64)
 		}
 		yym16 := z.DecBinary()
 		_ = yym16
 		if false {
 		} else if z.HasExtensions() && z.DecExt(x.RunAsUser) {
 		} else {
 			*((*int64)(x.RunAsUser)) = int64(r.DecodeInt(64))
 		}
@@ -37992,7 +37985,7 @@ func (x *PodSecurityContext) codecDecodeSelfFromArray(l int, d *codec1978.Decode
 		_ = yym20
 		if false {
 		} else {
-			h.decSlicetypes_UnixGroupID((*[]pkg1_types.UnixGroupID)(yyv19), d)
+			z.F.DecSliceInt64X(yyv19, false, d)
 		}
 	}
 	yyj13++
@@ -38012,12 +38005,11 @@ func (x *PodSecurityContext) codecDecodeSelfFromArray(l int, d *codec1978.Decode
 		}
 	} else {
 		if x.FSGroup == nil {
-			x.FSGroup = new(pkg1_types.UnixGroupID)
+			x.FSGroup = new(int64)
 		}
 		yym22 := z.DecBinary()
 		_ = yym22
 		if false {
 		} else if z.HasExtensions() && z.DecExt(x.FSGroup) {
 		} else {
 			*((*int64)(x.FSGroup)) = int64(r.DecodeInt(64))
 		}
@@ -67969,7 +67961,6 @@ func (x *SecurityContext) CodecEncodeSelf(e *codec1978.Encoder) {
 						yym16 := z.EncBinary()
 						_ = yym16
 						if false {
 						} else if z.HasExtensions() && z.EncExt(yy15) {
 						} else {
 							r.EncodeInt(int64(yy15))
 						}
@@ -67989,7 +67980,6 @@ func (x *SecurityContext) CodecEncodeSelf(e *codec1978.Encoder) {
 						yym18 := z.EncBinary()
 						_ = yym18
 						if false {
 						} else if z.HasExtensions() && z.EncExt(yy17) {
 						} else {
 							r.EncodeInt(int64(yy17))
 						}
@@ -68172,12 +68162,11 @@ func (x *SecurityContext) codecDecodeSelfFromMap(l int, d *codec1978.Decoder) {
 				}
 			} else {
 				if x.RunAsUser == nil {
-					x.RunAsUser = new(pkg1_types.UnixUserID)
+					x.RunAsUser = new(int64)
 				}
 				yym9 := z.DecBinary()
 				_ = yym9
 				if false {
 				} else if z.HasExtensions() && z.DecExt(x.RunAsUser) {
 				} else {
 					*((*int64)(x.RunAsUser)) = int64(r.DecodeInt(64))
 				}
@@ -68313,12 +68302,11 @@ func (x *SecurityContext) codecDecodeSelfFromArray(l int, d *codec1978.Decoder)
 		}
 	} else {
 		if x.RunAsUser == nil {
-			x.RunAsUser = new(pkg1_types.UnixUserID)
+			x.RunAsUser = new(int64)
 		}
 		yym20 := z.DecBinary()
 		_ = yym20
 		if false {
 		} else if z.HasExtensions() && z.DecExt(x.RunAsUser) {
 		} else {
 			*((*int64)(x.RunAsUser)) = int64(r.DecodeInt(64))
 		}
@@ -72192,143 +72180,6 @@ func (x codecSelfer1234) decSliceHostAlias(v *[]HostAlias, d *codec1978.Decoder)
 	}
 }
 func (x codecSelfer1234) encSlicetypes_UnixGroupID(v []pkg1_types.UnixGroupID, e *codec1978.Encoder) {
 	var h codecSelfer1234
 	z, r := codec1978.GenHelperEncoder(e)
 	_, _, _ = h, z, r
 	r.EncodeArrayStart(len(v))
 	for _, yyv1 := range v {
 		z.EncSendContainerState(codecSelfer_containerArrayElem1234)
 		yym2 := z.EncBinary()
 		_ = yym2
 		if false {
 		} else if z.HasExtensions() && z.EncExt(yyv1) {
 		} else {
 			r.EncodeInt(int64(yyv1))
 		}
 	}
 	z.EncSendContainerState(codecSelfer_containerArrayEnd1234)
 }
 func (x codecSelfer1234) decSlicetypes_UnixGroupID(v *[]pkg1_types.UnixGroupID, d *codec1978.Decoder) {
 	var h codecSelfer1234
 	z, r := codec1978.GenHelperDecoder(d)
 	_, _, _ = h, z, r
 	yyv1 := *v
 	yyh1, yyl1 := z.DecSliceHelperStart()
 	var yyc1 bool
 	_ = yyc1
 	if yyl1 == 0 {
 		if yyv1 == nil {
 			yyv1 = []pkg1_types.UnixGroupID{}
 			yyc1 = true
 		} else if len(yyv1) != 0 {
 			yyv1 = yyv1[:0]
 			yyc1 = true
 		}
 	} else if yyl1 > 0 {
 		var yyrr1, yyrl1 int
 		var yyrt1 bool
 		_, _ = yyrl1, yyrt1
 		yyrr1 = yyl1 // len(yyv1)
 		if yyl1 > cap(yyv1) {
 			yyrl1, yyrt1 = z.DecInferLen(yyl1, z.DecBasicHandle().MaxInitLen, 8)
 			if yyrt1 {
 				if yyrl1 <= cap(yyv1) {
 					yyv1 = yyv1[:yyrl1]
 				} else {
 					yyv1 = make([]pkg1_types.UnixGroupID, yyrl1)
 				}
 			} else {
 				yyv1 = make([]pkg1_types.UnixGroupID, yyrl1)
 			}
 			yyc1 = true
 			yyrr1 = len(yyv1)
 		} else if yyl1 != len(yyv1) {
 			yyv1 = yyv1[:yyl1]
 			yyc1 = true
 		}
 		yyj1 := 0
 		for ; yyj1 < yyrr1; yyj1++ {
 			yyh1.ElemContainerState(yyj1)
 			if r.TryDecodeAsNil() {
 				yyv1[yyj1] = 0
 			} else {
 				yyv2 := &yyv1[yyj1]
 				yym3 := z.DecBinary()
 				_ = yym3
 				if false {
 				} else if z.HasExtensions() && z.DecExt(yyv2) {
 				} else {
 					*((*int64)(yyv2)) = int64(r.DecodeInt(64))
 				}
 			}
 		}
 		if yyrt1 {
 			for ; yyj1 < yyl1; yyj1++ {
 				yyv1 = append(yyv1, 0)
 				yyh1.ElemContainerState(yyj1)
 				if r.TryDecodeAsNil() {
 					yyv1[yyj1] = 0
 				} else {
 					yyv4 := &yyv1[yyj1]
 					yym5 := z.DecBinary()
 					_ = yym5
 					if false {
 					} else if z.HasExtensions() && z.DecExt(yyv4) {
 					} else {
 						*((*int64)(yyv4)) = int64(r.DecodeInt(64))
 					}
 				}
 			}
 		}
 	} else {
 		yyj1 := 0
 		for ; !r.CheckBreak(); yyj1++ {
 			if yyj1 >= len(yyv1) {
 				yyv1 = append(yyv1, 0) // var yyz1 pkg1_types.UnixGroupID
 				yyc1 = true
 			}
 			yyh1.ElemContainerState(yyj1)
 			if yyj1 < len(yyv1) {
 				if r.TryDecodeAsNil() {
 					yyv1[yyj1] = 0
 				} else {
 					yyv6 := &yyv1[yyj1]
 					yym7 := z.DecBinary()
 					_ = yym7
 					if false {
 					} else if z.HasExtensions() && z.DecExt(yyv6) {
 					} else {
 						*((*int64)(yyv6)) = int64(r.DecodeInt(64))
 					}
 				}
 			} else {
 				z.DecSwallow()
 			}
 		}
 		if yyj1 < len(yyv1) {
 			yyv1 = yyv1[:yyj1]
 			yyc1 = true
 		} else if yyj1 == 0 && yyv1 == nil {
 			yyv1 = []pkg1_types.UnixGroupID{}
 			yyc1 = true
 		}
 	}
 	yyh1.End()
 	if yyc1 {
 		*v = yyv1
 	}
 }
 func (x codecSelfer1234) encSlicePodCondition(v []PodCondition, e *codec1978.Encoder) {
 	var h codecSelfer1234
 	z, r := codec1978.GenHelperEncoder(e)
--- a/pkg/api/v1/types.go
+++ b/pkg/api/v1/types.go
@@ -2548,7 +2548,7 @@ type PodSecurityContext struct {
 	// PodSecurityContext, the value specified in SecurityContext takes precedence
 	// for that container.
 	// +optional
-	RunAsUser *types.UnixUserID `json:"runAsUser,omitempty" protobuf:"varint,2,opt,name=runAsUser,casttype=k8s.io/apimachinery/pkg/types.UnixUserID"`
+	RunAsUser *int64 `json:"runAsUser,omitempty" protobuf:"varint,2,opt,name=runAsUser"`
 	// Indicates that the container must run as a non-root user.
 	// If true, the Kubelet will validate the image at runtime to ensure that it
 	// does not run as UID 0 (root) and fail to start the container if it does.
@@ -2561,7 +2561,7 @@ type PodSecurityContext struct {
 	// to the container's primary GID.  If unspecified, no groups will be added to
 	// any container.
 	// +optional
-	SupplementalGroups []types.UnixGroupID `json:"supplementalGroups,omitempty" protobuf:"varint,4,rep,name=supplementalGroups,casttype=k8s.io/apimachinery/pkg/types.UnixGroupID"`
+	SupplementalGroups []int64 `json:"supplementalGroups,omitempty" protobuf:"varint,4,rep,name=supplementalGroups"`
 	// A special supplemental group that applies to all containers in a pod.
 	// Some volume types allow the Kubelet to change the ownership of that volume
 	// to be owned by the pod:
@@ -2572,7 +2572,7 @@ type PodSecurityContext struct {
 	//
 	// If unset, the Kubelet will not modify the ownership and permissions of any volume.
 	// +optional
-	FSGroup *types.UnixGroupID `json:"fsGroup,omitempty" protobuf:"varint,5,opt,name=fsGroup,casttype=k8s.io/apimachinery/pkg/types.UnixGroupID"`
+	FSGroup *int64 `json:"fsGroup,omitempty" protobuf:"varint,5,opt,name=fsGroup"`
 }
 // PodQOSClass defines the supported qos classes of Pods.
@@ -4511,7 +4511,7 @@ type SecurityContext struct {
 	// May also be set in PodSecurityContext.  If set in both SecurityContext and
 	// PodSecurityContext, the value specified in SecurityContext takes precedence.
 	// +optional
-	RunAsUser *types.UnixUserID `json:"runAsUser,omitempty" protobuf:"varint,4,opt,name=runAsUser,casttype=k8s.io/apimachinery/pkg/types.UnixUserID"`
+	RunAsUser *int64 `json:"runAsUser,omitempty" protobuf:"varint,4,opt,name=runAsUser"`
 	// Indicates that the container must run as a non-root user.
 	// If true, the Kubelet will validate the image at runtime to ensure that it
 	// does not run as UID 0 (root) and fail to start the container if it does.
--- a/pkg/api/v1/zz_generated.conversion.go
+++ b/pkg/api/v1/zz_generated.conversion.go
@@ -3450,10 +3450,10 @@ func Convert_api_PodProxyOptions_To_v1_PodProxyOptions(in *api.PodProxyOptions,
 func autoConvert_v1_PodSecurityContext_To_api_PodSecurityContext(in *PodSecurityContext, out *api.PodSecurityContext, s conversion.Scope) error {
 	out.SELinuxOptions = (*api.SELinuxOptions)(unsafe.Pointer(in.SELinuxOptions))
-	out.RunAsUser = (*types.UnixUserID)(unsafe.Pointer(in.RunAsUser))
+	out.RunAsUser = (*int64)(unsafe.Pointer(in.RunAsUser))
 	out.RunAsNonRoot = (*bool)(unsafe.Pointer(in.RunAsNonRoot))
-	out.SupplementalGroups = *(*[]types.UnixGroupID)(unsafe.Pointer(&in.SupplementalGroups))
+	out.SupplementalGroups = *(*[]int64)(unsafe.Pointer(&in.SupplementalGroups))
-	out.FSGroup = (*types.UnixGroupID)(unsafe.Pointer(in.FSGroup))
+	out.FSGroup = (*int64)(unsafe.Pointer(in.FSGroup))
 	return nil
 }
@@ -3462,10 +3462,10 @@ func autoConvert_api_PodSecurityContext_To_v1_PodSecurityContext(in *api.PodSecu
 	// INFO: in.HostPID opted out of conversion generation
 	// INFO: in.HostIPC opted out of conversion generation
 	out.SELinuxOptions = (*SELinuxOptions)(unsafe.Pointer(in.SELinuxOptions))
-	out.RunAsUser = (*types.UnixUserID)(unsafe.Pointer(in.RunAsUser))
+	out.RunAsUser = (*int64)(unsafe.Pointer(in.RunAsUser))
 	out.RunAsNonRoot = (*bool)(unsafe.Pointer(in.RunAsNonRoot))
-	out.SupplementalGroups = *(*[]types.UnixGroupID)(unsafe.Pointer(&in.SupplementalGroups))
+	out.SupplementalGroups = *(*[]int64)(unsafe.Pointer(&in.SupplementalGroups))
-	out.FSGroup = (*types.UnixGroupID)(unsafe.Pointer(in.FSGroup))
+	out.FSGroup = (*int64)(unsafe.Pointer(in.FSGroup))
 	return nil
 }
@@ -4525,7 +4525,7 @@ func autoConvert_v1_SecurityContext_To_api_SecurityContext(in *SecurityContext,
 	out.Capabilities = (*api.Capabilities)(unsafe.Pointer(in.Capabilities))
 	out.Privileged = (*bool)(unsafe.Pointer(in.Privileged))
 	out.SELinuxOptions = (*api.SELinuxOptions)(unsafe.Pointer(in.SELinuxOptions))
-	out.RunAsUser = (*types.UnixUserID)(unsafe.Pointer(in.RunAsUser))
+	out.RunAsUser = (*int64)(unsafe.Pointer(in.RunAsUser))
 	out.RunAsNonRoot = (*bool)(unsafe.Pointer(in.RunAsNonRoot))
 	out.ReadOnlyRootFilesystem = (*bool)(unsafe.Pointer(in.ReadOnlyRootFilesystem))
 	return nil
@@ -4540,7 +4540,7 @@ func autoConvert_api_SecurityContext_To_v1_SecurityContext(in *api.SecurityConte
 	out.Capabilities = (*Capabilities)(unsafe.Pointer(in.Capabilities))
 	out.Privileged = (*bool)(unsafe.Pointer(in.Privileged))
 	out.SELinuxOptions = (*SELinuxOptions)(unsafe.Pointer(in.SELinuxOptions))
-	out.RunAsUser = (*types.UnixUserID)(unsafe.Pointer(in.RunAsUser))
+	out.RunAsUser = (*int64)(unsafe.Pointer(in.RunAsUser))
 	out.RunAsNonRoot = (*bool)(unsafe.Pointer(in.RunAsNonRoot))
 	out.ReadOnlyRootFilesystem = (*bool)(unsafe.Pointer(in.ReadOnlyRootFilesystem))
 	return nil
--- a/pkg/api/v1/zz_generated.deepcopy.go
+++ b/pkg/api/v1/zz_generated.deepcopy.go
@@ -2469,7 +2469,7 @@ func DeepCopy_v1_PodSecurityContext(in interface{}, out interface{}, c *conversi
 		}
 		if in.RunAsUser != nil {
 			in, out := &in.RunAsUser, &out.RunAsUser
-			*out = new(types.UnixUserID)
+			*out = new(int64)
 			**out = **in
 		}
 		if in.RunAsNonRoot != nil {
@@ -2479,12 +2479,12 @@ func DeepCopy_v1_PodSecurityContext(in interface{}, out interface{}, c *conversi
 		}
 		if in.SupplementalGroups != nil {
 			in, out := &in.SupplementalGroups, &out.SupplementalGroups
-			*out = make([]types.UnixGroupID, len(*in))
+			*out = make([]int64, len(*in))
 			copy(*out, *in)
 		}
 		if in.FSGroup != nil {
 			in, out := &in.FSGroup, &out.FSGroup
-			*out = new(types.UnixGroupID)
+			*out = new(int64)
 			**out = **in
 		}
 		return nil
@@ -3264,7 +3264,7 @@ func DeepCopy_v1_SecurityContext(in interface{}, out interface{}, c *conversion.
 		}
 		if in.RunAsUser != nil {
 			in, out := &in.RunAsUser, &out.RunAsUser
-			*out = new(types.UnixUserID)
+			*out = new(int64)
 			**out = **in
 		}
 		if in.RunAsNonRoot != nil {
--- a/pkg/api/validation/BUILD
+++ b/pkg/api/validation/BUILD
@@ -81,7 +81,6 @@ go_test(
        "//vendor/k8s.io/apimachinery/pkg/api/testing:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/util/intstr:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/util/validation/field:go_default_library",
--- a/pkg/api/validation/validation_test.go
+++ b/pkg/api/validation/validation_test.go
@@ -24,7 +24,6 @@ import (
 	"k8s.io/apimachinery/pkg/api/resource"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/intstr"
 	"k8s.io/apimachinery/pkg/util/sets"
 	"k8s.io/apimachinery/pkg/util/validation/field"
@@ -3627,10 +3626,10 @@ func TestValidatePodSpec(t *testing.T) {
 	activeDeadlineSeconds := int64(30)
 	activeDeadlineSecondsMax := int64(math.MaxInt32)
-	minUserID := types.UnixUserID(0)
+	minUserID := int64(0)
-	maxUserID := types.UnixUserID(2147483647)
+	maxUserID := int64(2147483647)
-	minGroupID := types.UnixGroupID(0)
+	minGroupID := int64(0)
-	maxGroupID := types.UnixGroupID(2147483647)
+	maxGroupID := int64(2147483647)
 	successCases := []api.PodSpec{
 		{ // Populate basic fields, leave defaults for most.
@@ -3685,7 +3684,7 @@ func TestValidatePodSpec(t *testing.T) {
 		{ // Populate RunAsUser SupplementalGroups FSGroup with minID 0
 			Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent", TerminationMessagePolicy: "File"}},
 			SecurityContext: &api.PodSecurityContext{
-				SupplementalGroups: []types.UnixGroupID{minGroupID},
+				SupplementalGroups: []int64{minGroupID},
 				RunAsUser:          &minUserID,
 				FSGroup:            &minGroupID,
 			},
@@ -3695,7 +3694,7 @@ func TestValidatePodSpec(t *testing.T) {
 		{ // Populate RunAsUser SupplementalGroups FSGroup with maxID 2147483647
 			Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent", TerminationMessagePolicy: "File"}},
 			SecurityContext: &api.PodSecurityContext{
-				SupplementalGroups: []types.UnixGroupID{maxGroupID},
+				SupplementalGroups: []int64{maxGroupID},
 				RunAsUser:          &maxUserID,
 				FSGroup:            &maxGroupID,
 			},
@@ -3750,10 +3749,10 @@ func TestValidatePodSpec(t *testing.T) {
 	activeDeadlineSeconds = int64(0)
 	activeDeadlineSecondsTooLarge := int64(math.MaxInt32 + 1)
-	minUserID = types.UnixUserID(-1)
+	minUserID = int64(-1)
-	maxUserID = types.UnixUserID(2147483648)
+	maxUserID = int64(2147483648)
-	minGroupID = types.UnixGroupID(-1)
+	minGroupID = int64(-1)
-	maxGroupID = types.UnixGroupID(2147483648)
+	maxGroupID = int64(2147483648)
 	failureCases := map[string]api.PodSpec{
 		"bad volume": {
@@ -3827,7 +3826,7 @@ func TestValidatePodSpec(t *testing.T) {
 			Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent", TerminationMessagePolicy: "File"}},
 			SecurityContext: &api.PodSecurityContext{
 				HostNetwork:        false,
-				SupplementalGroups: []types.UnixGroupID{maxGroupID, 1234},
+				SupplementalGroups: []int64{maxGroupID, 1234},
 			},
 			RestartPolicy: api.RestartPolicyAlways,
 			DNSPolicy:     api.DNSClusterFirst,
@@ -3836,7 +3835,7 @@ func TestValidatePodSpec(t *testing.T) {
 			Containers: []api.Container{{Name: "ctr", Image: "image", ImagePullPolicy: "IfNotPresent", TerminationMessagePolicy: "File"}},
 			SecurityContext: &api.PodSecurityContext{
 				HostNetwork:        false,
-				SupplementalGroups: []types.UnixGroupID{minGroupID, 1234},
+				SupplementalGroups: []int64{minGroupID, 1234},
 			},
 			RestartPolicy: api.RestartPolicyAlways,
 			DNSPolicy:     api.DNSClusterFirst,
@@ -9597,7 +9596,7 @@ func TestValidateTLSSecret(t *testing.T) {
 func TestValidateSecurityContext(t *testing.T) {
 	priv := false
-	runAsUser := types.UnixUserID(1)
+	runAsUser := int64(1)
 	fullValidSC := func() *api.SecurityContext {
 		return &api.SecurityContext{
 			Privileged: &priv,
@@ -9649,7 +9648,7 @@ func TestValidateSecurityContext(t *testing.T) {
 	privRequestWithGlobalDeny.Privileged = &requestPrivileged
 	negativeRunAsUser := fullValidSC()
-	negativeUser := types.UnixUserID(-1)
+	negativeUser := int64(-1)
 	negativeRunAsUser.RunAsUser = &negativeUser
 	errorCases := map[string]struct {
--- a/pkg/api/zz_generated.deepcopy.go
+++ b/pkg/api/zz_generated.deepcopy.go
@@ -2487,7 +2487,7 @@ func DeepCopy_api_PodSecurityContext(in interface{}, out interface{}, c *convers
 		}
 		if in.RunAsUser != nil {
 			in, out := &in.RunAsUser, &out.RunAsUser
-			*out = new(types.UnixUserID)
+			*out = new(int64)
 			**out = **in
 		}
 		if in.RunAsNonRoot != nil {
@@ -2497,12 +2497,12 @@ func DeepCopy_api_PodSecurityContext(in interface{}, out interface{}, c *convers
 		}
 		if in.SupplementalGroups != nil {
 			in, out := &in.SupplementalGroups, &out.SupplementalGroups
-			*out = make([]types.UnixGroupID, len(*in))
+			*out = make([]int64, len(*in))
 			copy(*out, *in)
 		}
 		if in.FSGroup != nil {
 			in, out := &in.FSGroup, &out.FSGroup
-			*out = new(types.UnixGroupID)
+			*out = new(int64)
 			**out = **in
 		}
 		return nil
@@ -3270,7 +3270,7 @@ func DeepCopy_api_SecurityContext(in interface{}, out interface{}, c *conversion
 		}
 		if in.RunAsUser != nil {
 			in, out := &in.RunAsUser, &out.RunAsUser
-			*out = new(types.UnixUserID)
+			*out = new(int64)
 			**out = **in
 		}
 		if in.RunAsNonRoot != nil {
--- a/pkg/apis/extensions/BUILD
+++ b/pkg/apis/extensions/BUILD
@@ -32,7 +32,6 @@ go_library(
        "//vendor/k8s.io/apimachinery/pkg/conversion:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/runtime:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/util/intstr:go_default_library",
    ],
 )
--- a/pkg/apis/extensions/types.go
+++ b/pkg/apis/extensions/types.go
@@ -31,7 +31,6 @@ package extensions
 import (
 	"k8s.io/apimachinery/pkg/api/resource"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/intstr"
 	"k8s.io/kubernetes/pkg/api"
 )
@@ -976,17 +975,17 @@ type RunAsUserStrategyOptions struct {
 // UserIDRange provides a min/max of an allowed range of UserIDs.
 type UserIDRange struct {
 	// Min is the start of the range, inclusive.
-	Min types.UnixUserID
+	Min int64
 	// Max is the end of the range, inclusive.
-	Max types.UnixUserID
+	Max int64
 }
 // GroupIDRange provides a min/max of an allowed range of GroupIDs.
 type GroupIDRange struct {
 	// Min is the start of the range, inclusive.
-	Min types.UnixGroupID
+	Min int64
 	// Max is the end of the range, inclusive.
-	Max types.UnixGroupID
+	Max int64
 }
 // RunAsUserStrategy denotes strategy types for generating RunAsUser values for a
--- a/pkg/kubelet/dockershim/securitycontext/BUILD
+++ b/pkg/kubelet/dockershim/securitycontext/BUILD
@@ -36,7 +36,6 @@ go_test(
        "//pkg/api/testing:go_default_library",
        "//pkg/api/v1:go_default_library",
        "//vendor/github.com/docker/engine-api/types/container:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
    ],
 )
--- a/pkg/kubelet/dockershim/securitycontext/provider_test.go
+++ b/pkg/kubelet/dockershim/securitycontext/provider_test.go
@@ -23,14 +23,13 @@ import (
 	"testing"
 	dockercontainer "github.com/docker/engine-api/types/container"
 	"k8s.io/apimachinery/pkg/types"
 	apitesting "k8s.io/kubernetes/pkg/api/testing"
 	"k8s.io/kubernetes/pkg/api/v1"
 )
 func TestModifyContainerConfig(t *testing.T) {
-	userID := types.UnixUserID(123)
+	userID := int64(123)
-	overrideUserID := types.UnixUserID(321)
+	overrideUserID := int64(321)
 	cases := []struct {
 		name     string
@@ -177,7 +176,7 @@ func TestModifyHostConfig(t *testing.T) {
 func TestModifyHostConfigPodSecurityContext(t *testing.T) {
 	supplementalGroupsSC := &v1.PodSecurityContext{}
-	supplementalGroupsSC.SupplementalGroups = []types.UnixGroupID{2222}
+	supplementalGroupsSC.SupplementalGroups = []int64{2222}
 	supplementalGroupHC := fullValidHostConfig()
 	supplementalGroupHC.GroupAdd = []string{"2222"}
 	fsGroupHC := fullValidHostConfig()
@@ -186,7 +185,7 @@ func TestModifyHostConfigPodSecurityContext(t *testing.T) {
 	extraSupplementalGroupHC.GroupAdd = []string{"1234"}
 	bothHC := fullValidHostConfig()
 	bothHC.GroupAdd = []string{"2222", "1234"}
-	fsGroup := types.UnixGroupID(1234)
+	fsGroup := int64(1234)
 	extraSupplementalGroup := []int64{1234}
 	testCases := map[string]struct {
@@ -211,7 +210,7 @@ func TestModifyHostConfigPodSecurityContext(t *testing.T) {
 		},
 		"FSGroup + SupplementalGroups": {
 			securityContext: &v1.PodSecurityContext{
-				SupplementalGroups: []types.UnixGroupID{2222},
+				SupplementalGroups: []int64{2222},
 				FSGroup:            &fsGroup,
 			},
 			expected:                bothHC,
--- a/pkg/kubelet/kubelet_volumes_test.go
+++ b/pkg/kubelet/kubelet_volumes_test.go
@@ -453,10 +453,10 @@ func (f *stubVolume) CanMount() error {
 	return nil
 }
-func (f *stubVolume) SetUp(fsGroup *types.UnixGroupID) error {
+func (f *stubVolume) SetUp(fsGroup *int64) error {
 	return nil
 }
-func (f *stubVolume) SetUpAt(dir string, fsGroup *types.UnixGroupID) error {
+func (f *stubVolume) SetUpAt(dir string, fsGroup *int64) error {
 	return nil
 }
--- a/pkg/kubelet/kuberuntime/kuberuntime_container_test.go
+++ b/pkg/kubelet/kuberuntime/kuberuntime_container_test.go
@@ -24,7 +24,6 @@ import (
 	"github.com/stretchr/testify/assert"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/kubernetes/pkg/api/v1"
 	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/v1alpha1/runtime"
 	kubecontainer "k8s.io/kubernetes/pkg/kubelet/container"
@@ -227,7 +226,7 @@ func TestGenerateContainerConfig(t *testing.T) {
 	assert.NoError(t, err)
 	assert.Equal(t, expectedConfig, containerConfig, "generate container config for kubelet runtime v1.")
-	runAsUser := types.UnixUserID(0)
+	runAsUser := int64(0)
 	runAsNonRootTrue := true
 	podWithContainerSecurityContext := &v1.Pod{
 		ObjectMeta: metav1.ObjectMeta{
--- a/pkg/kubelet/kuberuntime/security_context_test.go
+++ b/pkg/kubelet/kuberuntime/security_context_test.go
@@ -18,7 +18,6 @@ package kuberuntime
 import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/kubernetes/pkg/api/v1"
 	"github.com/stretchr/testify/assert"
@@ -45,7 +44,7 @@ func TestVerifyRunAsNonRoot(t *testing.T) {
 		},
 	}
-	rootUser := types.UnixUserID(0)
+	rootUser := int64(0)
 	runAsNonRootTrue := true
 	runAsNonRootFalse := false
 	imageRootUser := int64(0)
--- a/pkg/kubelet/rkt/rkt_test.go
+++ b/pkg/kubelet/rkt/rkt_test.go
@@ -983,10 +983,10 @@ func TestSetApp(t *testing.T) {
 	}
 	defer os.RemoveAll(tmpDir)
-	rootUser := kubetypes.UnixUserID(0)
+	rootUser := int64(0)
-	nonRootUser := kubetypes.UnixUserID(42)
+	nonRootUser := int64(42)
 	runAsNonRootTrue := true
-	fsgid := kubetypes.UnixGroupID(3)
+	fsgid := int64(3)
 	tests := []struct {
 		container        *v1.Container
@@ -1092,9 +1092,9 @@ func TestSetApp(t *testing.T) {
 				RunAsNonRoot: &runAsNonRootTrue,
 			},
 			podCtx: &v1.PodSecurityContext{
-				SupplementalGroups: []kubetypes.UnixGroupID{
+				SupplementalGroups: []int64{
-					kubetypes.UnixGroupID(1),
+					int64(1),
-					kubetypes.UnixGroupID(2),
+					int64(2),
 				},
 				FSGroup: &fsgid,
 			},
@@ -1157,9 +1157,9 @@ func TestSetApp(t *testing.T) {
 				RunAsNonRoot: &runAsNonRootTrue,
 			},
 			podCtx: &v1.PodSecurityContext{
-				SupplementalGroups: []kubetypes.UnixGroupID{
+				SupplementalGroups: []int64{
-					kubetypes.UnixGroupID(1),
+					int64(1),
-					kubetypes.UnixGroupID(2),
+					int64(2),
 				},
 				FSGroup: &fsgid,
 			},
--- a/pkg/kubelet/volumemanager/BUILD
+++ b/pkg/kubelet/volumemanager/BUILD
@@ -60,7 +60,6 @@ go_test(
        "//pkg/volume/util/types:go_default_library",
        "//pkg/volume/util/volumehelper:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
        "//vendor/k8s.io/client-go/tools/record:go_default_library",
        "//vendor/k8s.io/client-go/util/testing:go_default_library",
--- a/pkg/kubelet/volumemanager/volume_manager_test.go
+++ b/pkg/kubelet/volumemanager/volume_manager_test.go
@@ -24,7 +24,6 @@ import (
 	"time"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	kubetypes "k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/sets"
 	"k8s.io/client-go/tools/record"
 	utiltesting "k8s.io/client-go/util/testing"
@@ -239,7 +238,7 @@ func createObjects() (*v1.Node, *v1.Pod, *v1.PersistentVolume, *v1.PersistentVol
 				},
 			},
 			SecurityContext: &v1.PodSecurityContext{
-				SupplementalGroups: []kubetypes.UnixGroupID{555},
+				SupplementalGroups: []int64{555},
 			},
 		},
 	}
--- a/pkg/security/podsecuritypolicy/BUILD
+++ b/pkg/security/podsecuritypolicy/BUILD
@@ -29,7 +29,6 @@ go_library(
        "//pkg/security/podsecuritypolicy/user:go_default_library",
        "//pkg/security/podsecuritypolicy/util:go_default_library",
        "//pkg/util/maps:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/util/errors:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/util/validation/field:go_default_library",
    ],
@@ -49,7 +48,6 @@ go_test(
        "//pkg/security/podsecuritypolicy/util:go_default_library",
        "//vendor/github.com/davecgh/go-spew/spew:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/util/diff:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/util/validation/field:go_default_library",
    ],
--- a/pkg/security/podsecuritypolicy/group/BUILD
+++ b/pkg/security/podsecuritypolicy/group/BUILD
@@ -21,7 +21,6 @@ go_library(
        "//pkg/api:go_default_library",
        "//pkg/apis/extensions:go_default_library",
        "//pkg/security/podsecuritypolicy/util:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/util/validation/field:go_default_library",
    ],
 )
@@ -37,7 +36,6 @@ go_test(
    deps = [
        "//pkg/api:go_default_library",
        "//pkg/apis/extensions:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
    ],
 )
--- a/pkg/security/podsecuritypolicy/group/mustrunas.go
+++ b/pkg/security/podsecuritypolicy/group/mustrunas.go
@@ -19,7 +19,6 @@ package group
 import (
 	"fmt"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/validation/field"
 	"k8s.io/kubernetes/pkg/api"
 	"k8s.io/kubernetes/pkg/apis/extensions"
@@ -47,14 +46,14 @@ func NewMustRunAs(ranges []extensions.GroupIDRange, field string) (GroupStrategy
 // Generate creates the group based on policy rules.  By default this returns the first group of the
 // first range (min val).
-func (s *mustRunAs) Generate(pod *api.Pod) ([]types.UnixGroupID, error) {
+func (s *mustRunAs) Generate(pod *api.Pod) ([]int64, error) {
-	return []types.UnixGroupID{s.ranges[0].Min}, nil
+	return []int64{s.ranges[0].Min}, nil
 }
 // Generate a single value to be applied.  This is used for FSGroup.  This strategy will return
 // the first group of the first range (min val).
-func (s *mustRunAs) GenerateSingle(pod *api.Pod) (*types.UnixGroupID, error) {
+func (s *mustRunAs) GenerateSingle(pod *api.Pod) (*int64, error) {
-	single := new(types.UnixGroupID)
+	single := new(int64)
 	*single = s.ranges[0].Min
 	return single, nil
 }
@@ -62,7 +61,7 @@ func (s *mustRunAs) GenerateSingle(pod *api.Pod) (*types.UnixGroupID, error) {
 // Validate ensures that the specified values fall within the range of the strategy.
 // Groups are passed in here to allow this strategy to support multiple group fields (fsgroup and
 // supplemental groups).
-func (s *mustRunAs) Validate(pod *api.Pod, groups []types.UnixGroupID) field.ErrorList {
+func (s *mustRunAs) Validate(pod *api.Pod, groups []int64) field.ErrorList {
 	allErrs := field.ErrorList{}
 	if pod.Spec.SecurityContext == nil {
@@ -84,7 +83,7 @@ func (s *mustRunAs) Validate(pod *api.Pod, groups []types.UnixGroupID) field.Err
 	return allErrs
 }
-func (s *mustRunAs) isGroupValid(group types.UnixGroupID) bool {
+func (s *mustRunAs) isGroupValid(group int64) bool {
 	for _, rng := range s.ranges {
 		if psputil.GroupFallsInRange(group, rng) {
 			return true
--- a/pkg/security/podsecuritypolicy/group/mustrunas_test.go
+++ b/pkg/security/podsecuritypolicy/group/mustrunas_test.go
@@ -19,7 +19,6 @@ package group
 import (
 	"testing"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/kubernetes/pkg/api"
 	"k8s.io/kubernetes/pkg/apis/extensions"
 )
@@ -54,26 +53,26 @@ func TestMustRunAsOptions(t *testing.T) {
 func TestGenerate(t *testing.T) {
 	tests := map[string]struct {
 		ranges   []extensions.GroupIDRange
-		expected []types.UnixGroupID
+		expected []int64
 	}{
 		"multi value": {
 			ranges: []extensions.GroupIDRange{
 				{Min: 1, Max: 2},
 			},
-			expected: []types.UnixGroupID{1},
+			expected: []int64{1},
 		},
 		"single value": {
 			ranges: []extensions.GroupIDRange{
 				{Min: 1, Max: 1},
 			},
-			expected: []types.UnixGroupID{1},
+			expected: []int64{1},
 		},
 		"multi range": {
 			ranges: []extensions.GroupIDRange{
 				{Min: 1, Max: 1},
 				{Min: 2, Max: 500},
 			},
-			expected: []types.UnixGroupID{1},
+			expected: []int64{1},
 		},
 	}
@@ -121,7 +120,7 @@ func TestValidate(t *testing.T) {
 	tests := map[string]struct {
 		ranges []extensions.GroupIDRange
 		pod    *api.Pod
-		groups []types.UnixGroupID
+		groups []int64
 		pass   bool
 	}{
 		"nil security context": {
@@ -138,7 +137,7 @@ func TestValidate(t *testing.T) {
 		},
 		"not in range": {
 			pod:    validPod(),
-			groups: []types.UnixGroupID{5},
+			groups: []int64{5},
 			ranges: []extensions.GroupIDRange{
 				{Min: 1, Max: 3},
 				{Min: 4, Max: 4},
@@ -146,7 +145,7 @@ func TestValidate(t *testing.T) {
 		},
 		"in range 1": {
 			pod:    validPod(),
-			groups: []types.UnixGroupID{2},
+			groups: []int64{2},
 			ranges: []extensions.GroupIDRange{
 				{Min: 1, Max: 3},
 			},
@@ -154,7 +153,7 @@ func TestValidate(t *testing.T) {
 		},
 		"in range boundry min": {
 			pod:    validPod(),
-			groups: []types.UnixGroupID{1},
+			groups: []int64{1},
 			ranges: []extensions.GroupIDRange{
 				{Min: 1, Max: 3},
 			},
@@ -162,7 +161,7 @@ func TestValidate(t *testing.T) {
 		},
 		"in range boundry max": {
 			pod:    validPod(),
-			groups: []types.UnixGroupID{3},
+			groups: []int64{3},
 			ranges: []extensions.GroupIDRange{
 				{Min: 1, Max: 3},
 			},
@@ -170,7 +169,7 @@ func TestValidate(t *testing.T) {
 		},
 		"singular range": {
 			pod:    validPod(),
-			groups: []types.UnixGroupID{4},
+			groups: []int64{4},
 			ranges: []extensions.GroupIDRange{
 				{Min: 4, Max: 4},
 			},
--- a/pkg/security/podsecuritypolicy/group/runasany.go
+++ b/pkg/security/podsecuritypolicy/group/runasany.go
@@ -17,7 +17,6 @@ limitations under the License.
 package group
 import (
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/validation/field"
 	"k8s.io/kubernetes/pkg/api"
 )
@@ -34,17 +33,17 @@ func NewRunAsAny() (GroupStrategy, error) {
 }
 // Generate creates the group based on policy rules.  This strategy returns an empty slice.
-func (s *runAsAny) Generate(pod *api.Pod) ([]types.UnixGroupID, error) {
+func (s *runAsAny) Generate(pod *api.Pod) ([]int64, error) {
-	return []types.UnixGroupID{}, nil
+	return []int64{}, nil
 }
 // Generate a single value to be applied.  This is used for FSGroup.  This strategy returns nil.
-func (s *runAsAny) GenerateSingle(pod *api.Pod) (*types.UnixGroupID, error) {
+func (s *runAsAny) GenerateSingle(pod *api.Pod) (*int64, error) {
 	return nil, nil
 }
 // Validate ensures that the specified values fall within the range of the strategy.
-func (s *runAsAny) Validate(pod *api.Pod, groups []types.UnixGroupID) field.ErrorList {
+func (s *runAsAny) Validate(pod *api.Pod, groups []int64) field.ErrorList {
 	return field.ErrorList{}
 }
--- a/pkg/security/podsecuritypolicy/group/types.go
+++ b/pkg/security/podsecuritypolicy/group/types.go
@@ -17,7 +17,6 @@ limitations under the License.
 package group
 import (
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/validation/field"
 	"k8s.io/kubernetes/pkg/api"
 )
@@ -27,10 +26,10 @@ type GroupStrategy interface {
 	// Generate creates the group based on policy rules.  The underlying implementation can
 	// decide whether it will return a full range of values or a subset of values from the
 	// configured ranges.
-	Generate(pod *api.Pod) ([]types.UnixGroupID, error)
+	Generate(pod *api.Pod) ([]int64, error)
 	// Generate a single value to be applied.  The underlying implementation decides which
 	// value to return if configured with multiple ranges.  This is used for FSGroup.
-	GenerateSingle(pod *api.Pod) (*types.UnixGroupID, error)
+	GenerateSingle(pod *api.Pod) (*int64, error)
 	// Validate ensures that the specified values fall within the range of the strategy.
-	Validate(pod *api.Pod, groups []types.UnixGroupID) field.ErrorList
+	Validate(pod *api.Pod, groups []int64) field.ErrorList
 }
--- a/pkg/security/podsecuritypolicy/provider.go
+++ b/pkg/security/podsecuritypolicy/provider.go
@@ -19,7 +19,6 @@ package podsecuritypolicy
 import (
 	"fmt"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/validation/field"
 	"k8s.io/kubernetes/pkg/api"
 	"k8s.io/kubernetes/pkg/apis/extensions"
@@ -195,7 +194,7 @@ func (s *simpleProvider) ValidatePodSecurityContext(pod *api.Pod, fldPath *field
 		return allErrs
 	}
-	fsGroups := []types.UnixGroupID{}
+	fsGroups := []int64{}
 	if pod.Spec.SecurityContext.FSGroup != nil {
 		fsGroups = append(fsGroups, *pod.Spec.SecurityContext.FSGroup)
 	}
--- a/pkg/security/podsecuritypolicy/provider_test.go
+++ b/pkg/security/podsecuritypolicy/provider_test.go
@@ -25,7 +25,6 @@ import (
 	"github.com/davecgh/go-spew/spew"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/diff"
 	"k8s.io/apimachinery/pkg/util/validation/field"
 	"k8s.io/kubernetes/pkg/api"
@@ -134,7 +133,7 @@ func TestCreateContainerSecurityContextNonmutating(t *testing.T) {
 		// Create a PSP with strategies that will populate a blank security context
 		createPSP := func() *extensions.PodSecurityPolicy {
-			uid := types.UnixUserID(1)
+			uid := int64(1)
 			return &extensions.PodSecurityPolicy{
 				ObjectMeta: metav1.ObjectMeta{
 					Name: "psp-sa",
@@ -206,7 +205,7 @@ func TestValidatePodSecurityContextFailures(t *testing.T) {
 	failHostIPCPod.Spec.SecurityContext.HostIPC = true
 	failSupplementalGroupPod := defaultPod()
-	failSupplementalGroupPod.Spec.SecurityContext.SupplementalGroups = []types.UnixGroupID{999}
+	failSupplementalGroupPod.Spec.SecurityContext.SupplementalGroups = []int64{999}
 	failSupplementalGroupPSP := defaultPSP()
 	failSupplementalGroupPSP.Spec.SupplementalGroups = extensions.SupplementalGroupsStrategyOptions{
 		Rule: extensions.SupplementalGroupsStrategyMustRunAs,
@@ -216,7 +215,7 @@ func TestValidatePodSecurityContextFailures(t *testing.T) {
 	}
 	failFSGroupPod := defaultPod()
-	fsGroup := types.UnixGroupID(999)
+	fsGroup := int64(999)
 	failFSGroupPod.Spec.SecurityContext.FSGroup = &fsGroup
 	failFSGroupPSP := defaultPSP()
 	failFSGroupPSP.Spec.FSGroup = extensions.FSGroupStrategyOptions{
@@ -363,8 +362,8 @@ func TestValidatePodSecurityContextFailures(t *testing.T) {
 func TestValidateContainerSecurityContextFailures(t *testing.T) {
 	// fail user strat
 	failUserPSP := defaultPSP()
-	uid := types.UnixUserID(999)
+	uid := int64(999)
-	badUID := types.UnixUserID(1)
+	badUID := int64(1)
 	failUserPSP.Spec.RunAsUser = extensions.RunAsUserStrategyOptions{
 		Rule:   extensions.RunAsUserStrategyMustRunAs,
 		Ranges: []extensions.UserIDRange{{Min: uid, Max: uid}},
@@ -527,7 +526,7 @@ func TestValidatePodSecurityContextSuccess(t *testing.T) {
 		},
 	}
 	supGroupPod := defaultPod()
-	supGroupPod.Spec.SecurityContext.SupplementalGroups = []types.UnixGroupID{3}
+	supGroupPod.Spec.SecurityContext.SupplementalGroups = []int64{3}
 	fsGroupPSP := defaultPSP()
 	fsGroupPSP.Spec.FSGroup = extensions.FSGroupStrategyOptions{
@@ -537,7 +536,7 @@ func TestValidatePodSecurityContextSuccess(t *testing.T) {
 		},
 	}
 	fsGroupPod := defaultPod()
-	fsGroup := types.UnixGroupID(3)
+	fsGroup := int64(3)
 	fsGroupPod.Spec.SecurityContext.FSGroup = &fsGroup
 	seLinuxPod := defaultPod()
@@ -660,7 +659,7 @@ func TestValidateContainerSecurityContextSuccess(t *testing.T) {
 	// success user strat
 	userPSP := defaultPSP()
-	uid := types.UnixUserID(999)
+	uid := int64(999)
 	userPSP.Spec.RunAsUser = extensions.RunAsUserStrategyOptions{
 		Rule:   extensions.RunAsUserStrategyMustRunAs,
 		Ranges: []extensions.UserIDRange{{Min: uid, Max: uid}},
--- a/pkg/security/podsecuritypolicy/user/BUILD
+++ b/pkg/security/podsecuritypolicy/user/BUILD
@@ -22,7 +22,6 @@ go_library(
        "//pkg/api:go_default_library",
        "//pkg/apis/extensions:go_default_library",
        "//pkg/security/podsecuritypolicy/util:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/util/validation/field:go_default_library",
    ],
 )
@@ -39,7 +38,6 @@ go_test(
    deps = [
        "//pkg/api:go_default_library",
        "//pkg/apis/extensions:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
    ],
 )
--- a/pkg/security/podsecuritypolicy/user/mustrunas.go
+++ b/pkg/security/podsecuritypolicy/user/mustrunas.go
@@ -19,7 +19,6 @@ package user
 import (
 	"fmt"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/validation/field"
 	"k8s.io/kubernetes/pkg/api"
 	"k8s.io/kubernetes/pkg/apis/extensions"
@@ -45,7 +44,7 @@ func NewMustRunAs(options *extensions.RunAsUserStrategyOptions) (RunAsUserStrate
 }
 // Generate creates the uid based on policy rules.  MustRunAs returns the first range's Min.
-func (s *mustRunAs) Generate(pod *api.Pod, container *api.Container) (*types.UnixUserID, error) {
+func (s *mustRunAs) Generate(pod *api.Pod, container *api.Container) (*int64, error) {
 	return &s.opts.Ranges[0].Min, nil
 }
@@ -75,7 +74,7 @@ func (s *mustRunAs) Validate(pod *api.Pod, container *api.Container) field.Error
 	return allErrs
 }
-func (s *mustRunAs) isValidUID(id types.UnixUserID) bool {
+func (s *mustRunAs) isValidUID(id int64) bool {
 	for _, rng := range s.opts.Ranges {
 		if psputil.UserFallsInRange(id, rng) {
 			return true
--- a/pkg/security/podsecuritypolicy/user/mustrunas_test.go
+++ b/pkg/security/podsecuritypolicy/user/mustrunas_test.go
@@ -20,7 +20,6 @@ import (
 	"strings"
 	"testing"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/kubernetes/pkg/api"
 	"k8s.io/kubernetes/pkg/apis/extensions"
 )
@@ -85,8 +84,8 @@ func TestValidate(t *testing.T) {
 		},
 	}
-	validID := types.UnixUserID(15)
+	validID := int64(15)
-	invalidID := types.UnixUserID(21)
+	invalidID := int64(21)
 	tests := map[string]struct {
 		container   *api.Container
--- a/pkg/security/podsecuritypolicy/user/nonroot.go
+++ b/pkg/security/podsecuritypolicy/user/nonroot.go
@@ -19,7 +19,6 @@ package user
 import (
 	"fmt"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/validation/field"
 	"k8s.io/kubernetes/pkg/api"
 	"k8s.io/kubernetes/pkg/apis/extensions"
@@ -35,7 +34,7 @@ func NewRunAsNonRoot(options *extensions.RunAsUserStrategyOptions) (RunAsUserStr
 // Generate creates the uid based on policy rules.  This strategy does return a UID.  It assumes
 // that the user will specify a UID or the container image specifies a UID.
-func (s *nonRoot) Generate(pod *api.Pod, container *api.Container) (*types.UnixUserID, error) {
+func (s *nonRoot) Generate(pod *api.Pod, container *api.Container) (*int64, error) {
 	return nil, nil
 }
--- a/pkg/security/podsecuritypolicy/user/nonroot_test.go
+++ b/pkg/security/podsecuritypolicy/user/nonroot_test.go
@@ -19,7 +19,6 @@ package user
 import (
 	"testing"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/kubernetes/pkg/api"
 	"k8s.io/kubernetes/pkg/apis/extensions"
 )
@@ -50,8 +49,8 @@ func TestNonRootGenerate(t *testing.T) {
 }
 func TestNonRootValidate(t *testing.T) {
-	goodUID := types.UnixUserID(1)
+	goodUID := int64(1)
-	badUID := types.UnixUserID(0)
+	badUID := int64(0)
 	untrue := false
 	unfalse := true
 	s, err := NewRunAsNonRoot(&extensions.RunAsUserStrategyOptions{})
--- a/pkg/security/podsecuritypolicy/user/runasany.go
+++ b/pkg/security/podsecuritypolicy/user/runasany.go
@@ -17,7 +17,6 @@ limitations under the License.
 package user
 import (
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/validation/field"
 	"k8s.io/kubernetes/pkg/api"
 	"k8s.io/kubernetes/pkg/apis/extensions"
@@ -34,7 +33,7 @@ func NewRunAsAny(options *extensions.RunAsUserStrategyOptions) (RunAsUserStrateg
 }
 // Generate creates the uid based on policy rules.
-func (s *runAsAny) Generate(pod *api.Pod, container *api.Container) (*types.UnixUserID, error) {
+func (s *runAsAny) Generate(pod *api.Pod, container *api.Container) (*int64, error) {
 	return nil, nil
 }
--- a/pkg/security/podsecuritypolicy/user/types.go
+++ b/pkg/security/podsecuritypolicy/user/types.go
@@ -17,7 +17,6 @@ limitations under the License.
 package user
 import (
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/validation/field"
 	"k8s.io/kubernetes/pkg/api"
 )
@@ -25,7 +24,7 @@ import (
 // RunAsUserStrategy defines the interface for all uid constraint strategies.
 type RunAsUserStrategy interface {
 	// Generate creates the uid based on policy rules.
-	Generate(pod *api.Pod, container *api.Container) (*types.UnixUserID, error)
+	Generate(pod *api.Pod, container *api.Container) (*int64, error)
 	// Validate ensures that the specified values fall within the range of the strategy.
 	Validate(pod *api.Pod, container *api.Container) field.ErrorList
 }
--- a/pkg/security/podsecuritypolicy/util/BUILD
+++ b/pkg/security/podsecuritypolicy/util/BUILD
@@ -18,7 +18,6 @@ go_library(
    deps = [
        "//pkg/api:go_default_library",
        "//pkg/apis/extensions:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
    ],
 )
--- a/pkg/security/podsecuritypolicy/util/util.go
+++ b/pkg/security/podsecuritypolicy/util/util.go
@@ -19,7 +19,6 @@ package util
 import (
 	"fmt"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/sets"
 	"k8s.io/kubernetes/pkg/api"
 	"k8s.io/kubernetes/pkg/apis/extensions"
@@ -163,11 +162,11 @@ func PSPAllowsFSType(psp *extensions.PodSecurityPolicy, fsType extensions.FSType
 }
 // UserFallsInRange is a utility to determine it the id falls in the valid range.
-func UserFallsInRange(id types.UnixUserID, rng extensions.UserIDRange) bool {
+func UserFallsInRange(id int64, rng extensions.UserIDRange) bool {
 	return id >= rng.Min && id <= rng.Max
 }
 // GroupFallsInRange is a utility to determine it the id falls in the valid range.
-func GroupFallsInRange(id types.UnixGroupID, rng extensions.GroupIDRange) bool {
+func GroupFallsInRange(id int64, rng extensions.GroupIDRange) bool {
 	return id >= rng.Min && id <= rng.Max
 }
--- a/pkg/securitycontext/BUILD
+++ b/pkg/securitycontext/BUILD
@@ -19,7 +19,6 @@ go_library(
    deps = [
        "//pkg/api:go_default_library",
        "//pkg/api/v1:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
    ],
 )
@@ -28,10 +27,7 @@ go_test(
    srcs = ["util_test.go"],
    library = ":go_default_library",
    tags = ["automanaged"],
-    deps = [
+    deps = ["//pkg/api/v1:go_default_library"],
        "//pkg/api/v1:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
    ],
 )
 filegroup(
--- a/pkg/securitycontext/util.go
+++ b/pkg/securitycontext/util.go
@@ -20,7 +20,6 @@ import (
 	"fmt"
 	"strings"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/kubernetes/pkg/api"
 	"k8s.io/kubernetes/pkg/api/v1"
 )
@@ -120,7 +119,7 @@ func DetermineEffectiveSecurityContext(pod *v1.Pod, container *v1.Container) *v1
 	}
 	if containerSc.RunAsUser != nil {
-		effectiveSc.RunAsUser = new(types.UnixUserID)
+		effectiveSc.RunAsUser = new(int64)
 		*effectiveSc.RunAsUser = *containerSc.RunAsUser
 	}
@@ -149,7 +148,7 @@ func securityContextFromPodSecurityContext(pod *v1.Pod) *v1.SecurityContext {
 		*synthesized.SELinuxOptions = *pod.Spec.SecurityContext.SELinuxOptions
 	}
 	if pod.Spec.SecurityContext.RunAsUser != nil {
-		synthesized.RunAsUser = new(types.UnixUserID)
+		synthesized.RunAsUser = new(int64)
 		*synthesized.RunAsUser = *pod.Spec.SecurityContext.RunAsUser
 	}
@@ -192,7 +191,7 @@ func InternalDetermineEffectiveSecurityContext(pod *api.Pod, container *api.Cont
 	}
 	if containerSc.RunAsUser != nil {
-		effectiveSc.RunAsUser = new(types.UnixUserID)
+		effectiveSc.RunAsUser = new(int64)
 		*effectiveSc.RunAsUser = *containerSc.RunAsUser
 	}
@@ -221,7 +220,7 @@ func internalSecurityContextFromPodSecurityContext(pod *api.Pod) *api.SecurityCo
 		*synthesized.SELinuxOptions = *pod.Spec.SecurityContext.SELinuxOptions
 	}
 	if pod.Spec.SecurityContext.RunAsUser != nil {
-		synthesized.RunAsUser = new(types.UnixUserID)
+		synthesized.RunAsUser = new(int64)
 		*synthesized.RunAsUser = *pod.Spec.SecurityContext.RunAsUser
 	}
--- a/pkg/securitycontext/util_test.go
+++ b/pkg/securitycontext/util_test.go
@@ -19,7 +19,6 @@ package securitycontext
 import (
 	"testing"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/kubernetes/pkg/api/v1"
 )
@@ -85,13 +84,13 @@ func compareContexts(name string, ex, ac *v1.SELinuxOptions, t *testing.T) {
 	}
 }
-func containerWithUser(ptr *types.UnixUserID) *v1.Container {
+func containerWithUser(ptr *int64) *v1.Container {
 	return &v1.Container{SecurityContext: &v1.SecurityContext{RunAsUser: ptr}}
 }
 func TestHaRootUID(t *testing.T) {
-	nonRoot := types.UnixUserID(1)
+	nonRoot := int64(1)
-	root := types.UnixUserID(0)
+	root := int64(0)
 	tests := map[string]struct {
 		container *v1.Container
@@ -121,7 +120,7 @@ func TestHaRootUID(t *testing.T) {
 }
 func TestHasRunAsUser(t *testing.T) {
-	runAsUser := types.UnixUserID(0)
+	runAsUser := int64(0)
 	tests := map[string]struct {
 		container *v1.Container
@@ -148,8 +147,8 @@ func TestHasRunAsUser(t *testing.T) {
 }
 func TestHasRootRunAsUser(t *testing.T) {
-	nonRoot := types.UnixUserID(1)
+	nonRoot := int64(1)
-	root := types.UnixUserID(0)
+	root := int64(0)
 	tests := map[string]struct {
 		container *v1.Container
--- a/pkg/volume/aws_ebs/aws_ebs.go
+++ b/pkg/volume/aws_ebs/aws_ebs.go
@@ -294,12 +294,12 @@ func (b *awsElasticBlockStoreMounter) CanMount() error {
 }
 // SetUp attaches the disk and bind mounts to the volume path.
-func (b *awsElasticBlockStoreMounter) SetUp(fsGroup *types.UnixGroupID) error {
+func (b *awsElasticBlockStoreMounter) SetUp(fsGroup *int64) error {
 	return b.SetUpAt(b.GetPath(), fsGroup)
 }
 // SetUpAt attaches the disk and bind mounts to the volume path.
-func (b *awsElasticBlockStoreMounter) SetUpAt(dir string, fsGroup *types.UnixGroupID) error {
+func (b *awsElasticBlockStoreMounter) SetUpAt(dir string, fsGroup *int64) error {
 	// TODO: handle failed mounts here.
 	notMnt, err := b.mounter.IsLikelyNotMountPoint(dir)
 	glog.V(4).Infof("PersistentDisk set up: %s %v %v", dir, !notMnt, err)
--- a/pkg/volume/azure_dd/azure_dd.go
+++ b/pkg/volume/azure_dd/azure_dd.go
@@ -234,12 +234,12 @@ func (b *azureDiskMounter) CanMount() error {
 }
 // SetUp attaches the disk and bind mounts to the volume path.
-func (b *azureDiskMounter) SetUp(fsGroup *types.UnixGroupID) error {
+func (b *azureDiskMounter) SetUp(fsGroup *int64) error {
 	return b.SetUpAt(b.GetPath(), fsGroup)
 }
 // SetUpAt attaches the disk and bind mounts to the volume path.
-func (b *azureDiskMounter) SetUpAt(dir string, fsGroup *types.UnixGroupID) error {
+func (b *azureDiskMounter) SetUpAt(dir string, fsGroup *int64) error {
 	b.plugin.volumeLocks.LockKey(b.diskName)
 	defer b.plugin.volumeLocks.UnlockKey(b.diskName)
--- a/pkg/volume/azure_file/azure_file.go
+++ b/pkg/volume/azure_file/azure_file.go
@@ -189,11 +189,11 @@ func (b *azureFileMounter) CanMount() error {
 }
 // SetUp attaches the disk and bind mounts to the volume path.
-func (b *azureFileMounter) SetUp(fsGroup *types.UnixGroupID) error {
+func (b *azureFileMounter) SetUp(fsGroup *int64) error {
 	return b.SetUpAt(b.GetPath(), fsGroup)
 }
-func (b *azureFileMounter) SetUpAt(dir string, fsGroup *types.UnixGroupID) error {
+func (b *azureFileMounter) SetUpAt(dir string, fsGroup *int64) error {
 	notMnt, err := b.mounter.IsLikelyNotMountPoint(dir)
 	glog.V(4).Infof("AzureFile mount set up: %s %v %v", dir, !notMnt, err)
 	if err != nil && !os.IsNotExist(err) {
--- a/pkg/volume/cephfs/cephfs.go
+++ b/pkg/volume/cephfs/cephfs.go
@@ -217,12 +217,12 @@ func (cephfsMounter *cephfsMounter) CanMount() error {
 }
 // SetUp attaches the disk and bind mounts to the volume path.
-func (cephfsVolume *cephfsMounter) SetUp(fsGroup *types.UnixGroupID) error {
+func (cephfsVolume *cephfsMounter) SetUp(fsGroup *int64) error {
 	return cephfsVolume.SetUpAt(cephfsVolume.GetPath(), fsGroup)
 }
 // SetUpAt attaches the disk and bind mounts to the volume path.
-func (cephfsVolume *cephfsMounter) SetUpAt(dir string, fsGroup *types.UnixGroupID) error {
+func (cephfsVolume *cephfsMounter) SetUpAt(dir string, fsGroup *int64) error {
 	notMnt, err := cephfsVolume.mounter.IsLikelyNotMountPoint(dir)
 	glog.V(4).Infof("CephFS mount set up: %s %v %v", dir, !notMnt, err)
 	if err != nil && !os.IsNotExist(err) {
--- a/pkg/volume/cinder/cinder.go
+++ b/pkg/volume/cinder/cinder.go
@@ -298,12 +298,12 @@ func (b *cinderVolumeMounter) CanMount() error {
 	return nil
 }
-func (b *cinderVolumeMounter) SetUp(fsGroup *types.UnixGroupID) error {
+func (b *cinderVolumeMounter) SetUp(fsGroup *int64) error {
 	return b.SetUpAt(b.GetPath(), fsGroup)
 }
 // SetUp bind mounts to the volume path.
-func (b *cinderVolumeMounter) SetUpAt(dir string, fsGroup *types.UnixGroupID) error {
+func (b *cinderVolumeMounter) SetUpAt(dir string, fsGroup *int64) error {
 	glog.V(5).Infof("Cinder SetUp %s to %s", b.pdName, dir)
 	b.plugin.volumeLocks.LockKey(b.pdName)
--- a/pkg/volume/configmap/configmap.go
+++ b/pkg/volume/configmap/configmap.go
@@ -179,11 +179,11 @@ func (b *configMapVolumeMounter) CanMount() error {
 	return nil
 }
-func (b *configMapVolumeMounter) SetUp(fsGroup *types.UnixGroupID) error {
+func (b *configMapVolumeMounter) SetUp(fsGroup *int64) error {
 	return b.SetUpAt(b.GetPath(), fsGroup)
 }
-func (b *configMapVolumeMounter) SetUpAt(dir string, fsGroup *types.UnixGroupID) error {
+func (b *configMapVolumeMounter) SetUpAt(dir string, fsGroup *int64) error {
 	glog.V(3).Infof("Setting up volume %v for pod %v at %v", b.volName, b.pod.UID, dir)
 	// Wrap EmptyDir, let it do the setup.
--- a/pkg/volume/configmap/configmap_test.go
+++ b/pkg/volume/configmap/configmap_test.go
@@ -333,7 +333,7 @@ func TestPlugin(t *testing.T) {
 		t.Errorf("Got unexpected path: %s", volumePath)
 	}
-	fsGroup := types.UnixGroupID(1001)
+	fsGroup := int64(1001)
 	err = mounter.SetUp(&fsGroup)
 	if err != nil {
 		t.Errorf("Failed to setup volume: %v", err)
@@ -391,7 +391,7 @@ func TestPluginReboot(t *testing.T) {
 		t.Errorf("Got unexpected path: %s", volumePath)
 	}
-	fsGroup := types.UnixGroupID(1001)
+	fsGroup := int64(1001)
 	err = mounter.SetUp(&fsGroup)
 	if err != nil {
 		t.Errorf("Failed to setup volume: %v", err)
@@ -453,7 +453,7 @@ func TestPluginOptional(t *testing.T) {
 		t.Errorf("Got unexpected path: %s", volumePath)
 	}
-	fsGroup := types.UnixGroupID(1001)
+	fsGroup := int64(1001)
 	err = mounter.SetUp(&fsGroup)
 	if err != nil {
 		t.Errorf("Failed to setup volume: %v", err)
@@ -528,7 +528,7 @@ func TestPluginKeysOptional(t *testing.T) {
 		t.Errorf("Got unexpected path: %s", volumePath)
 	}
-	fsGroup := types.UnixGroupID(1001)
+	fsGroup := int64(1001)
 	err = mounter.SetUp(&fsGroup)
 	if err != nil {
 		t.Errorf("Failed to setup volume: %v", err)
--- a/pkg/volume/downwardapi/downwardapi.go
+++ b/pkg/volume/downwardapi/downwardapi.go
@@ -168,11 +168,11 @@ func (b *downwardAPIVolumeMounter) CanMount() error {
 // This function is not idempotent by design. We want the data to be refreshed periodically.
 // The internal sync interval of kubelet will drive the refresh of data.
 // TODO: Add volume specific ticker and refresh loop
-func (b *downwardAPIVolumeMounter) SetUp(fsGroup *types.UnixGroupID) error {
+func (b *downwardAPIVolumeMounter) SetUp(fsGroup *int64) error {
 	return b.SetUpAt(b.GetPath(), fsGroup)
 }
-func (b *downwardAPIVolumeMounter) SetUpAt(dir string, fsGroup *types.UnixGroupID) error {
+func (b *downwardAPIVolumeMounter) SetUpAt(dir string, fsGroup *int64) error {
 	glog.V(3).Infof("Setting up a downwardAPI volume %v for pod %v/%v at %v", b.volName, b.pod.Namespace, b.pod.Name, dir)
 	// Wrap EmptyDir. Here we rely on the idempotency of the wrapped plugin to avoid repeatedly mounting
 	wrapped, err := b.plugin.host.NewWrapperMounter(b.volName, wrappedVolumeSpec(), b.pod, *b.opts)
--- a/pkg/volume/empty_dir/empty_dir.go
+++ b/pkg/volume/empty_dir/empty_dir.go
@@ -191,12 +191,12 @@ func (b *emptyDir) CanMount() error {
 }
 // SetUp creates new directory.
-func (ed *emptyDir) SetUp(fsGroup *types.UnixGroupID) error {
+func (ed *emptyDir) SetUp(fsGroup *int64) error {
 	return ed.SetUpAt(ed.GetPath(), fsGroup)
 }
 // SetUpAt creates new directory.
-func (ed *emptyDir) SetUpAt(dir string, fsGroup *types.UnixGroupID) error {
+func (ed *emptyDir) SetUpAt(dir string, fsGroup *int64) error {
 	notMnt, err := ed.mounter.IsLikelyNotMountPoint(dir)
 	// Getting an os.IsNotExist err from is a contingency; the directory
 	// may not exist yet, in which case, setup should run.
--- a/pkg/volume/fc/disk_manager.go
+++ b/pkg/volume/fc/disk_manager.go
@@ -20,7 +20,6 @@ import (
 	"os"
 	"github.com/golang/glog"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/kubernetes/pkg/util/mount"
 	"k8s.io/kubernetes/pkg/volume"
 )
@@ -35,7 +34,7 @@ type diskManager interface {
 }
 // utility to mount a disk based filesystem
-func diskSetUp(manager diskManager, b fcDiskMounter, volPath string, mounter mount.Interface, fsGroup *types.UnixGroupID) error {
+func diskSetUp(manager diskManager, b fcDiskMounter, volPath string, mounter mount.Interface, fsGroup *int64) error {
 	globalPDPath := manager.MakeGlobalPDName(*b.fcDisk)
 	// TODO: handle failed mounts here.
 	noMnt, err := mounter.IsLikelyNotMountPoint(volPath)
--- a/pkg/volume/fc/fc.go
+++ b/pkg/volume/fc/fc.go
@@ -204,11 +204,11 @@ func (b *fcDiskMounter) CanMount() error {
 	return nil
 }
-func (b *fcDiskMounter) SetUp(fsGroup *types.UnixGroupID) error {
+func (b *fcDiskMounter) SetUp(fsGroup *int64) error {
 	return b.SetUpAt(b.GetPath(), fsGroup)
 }
-func (b *fcDiskMounter) SetUpAt(dir string, fsGroup *types.UnixGroupID) error {
+func (b *fcDiskMounter) SetUpAt(dir string, fsGroup *int64) error {
 	// diskSetUp checks mountpoints and prevent repeated calls
 	err := diskSetUp(b.manager, *b, dir, b.mounter, fsGroup)
 	if err != nil {
--- a/pkg/volume/flexvolume/mounter-defaults.go
+++ b/pkg/volume/flexvolume/mounter-defaults.go
@@ -21,7 +21,6 @@ import (
 	"github.com/golang/glog"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/kubernetes/pkg/volume"
 )
@@ -29,7 +28,7 @@ type mounterDefaults flexVolumeMounter
 // SetUpAt is part of the volume.Mounter interface.
 // This implementation relies on the attacher's device mount path and does a bind mount to dir.
-func (f *mounterDefaults) SetUpAt(dir string, fsGroup *types.UnixGroupID) error {
+func (f *mounterDefaults) SetUpAt(dir string, fsGroup *int64) error {
 	glog.Warning(logPrefix(f.plugin), "using default SetUpAt to ", dir)
 	a, err := f.plugin.NewAttacher()
--- a/pkg/volume/flexvolume/mounter.go
+++ b/pkg/volume/flexvolume/mounter.go
@@ -19,7 +19,6 @@ package flexvolume
 import (
 	"strconv"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/kubernetes/pkg/util/exec"
 	"k8s.io/kubernetes/pkg/util/mount"
 	"k8s.io/kubernetes/pkg/volume"
@@ -44,12 +43,12 @@ var _ volume.Mounter = &flexVolumeMounter{}
 // Mounter interface
 // SetUp creates new directory.
-func (f *flexVolumeMounter) SetUp(fsGroup *types.UnixGroupID) error {
+func (f *flexVolumeMounter) SetUp(fsGroup *int64) error {
 	return f.SetUpAt(f.GetPath(), fsGroup)
 }
 // SetUpAt creates new directory.
-func (f *flexVolumeMounter) SetUpAt(dir string, fsGroup *types.UnixGroupID) error {
+func (f *flexVolumeMounter) SetUpAt(dir string, fsGroup *int64) error {
 	// Mount only once.
 	alreadyMounted, err := prepareForMount(f.mounter, dir)
 	if err != nil {
--- a/pkg/volume/flexvolume/mounter_test.go
+++ b/pkg/volume/flexvolume/mounter_test.go
@@ -67,6 +67,6 @@ func TestSetUpAt(t *testing.T) {
 	m, _ := plugin.newMounterInternal(spec, pod, mounter, plugin.runner)
 	m.SetUpAt(rootDir+"/mount-dir", nil)
-	fsGroup := types.UnixGroupID(42)
+	fsGroup := int64(42)
 	m.SetUpAt(rootDir+"/mount-dir", &fsGroup)
 }
--- a/pkg/volume/flocker/flocker.go
+++ b/pkg/volume/flocker/flocker.go
@@ -232,7 +232,7 @@ func (b *flockerVolumeMounter) GetPath() string {
 }
 // SetUp bind mounts the disk global mount to the volume path.
-func (b *flockerVolumeMounter) SetUp(fsGroup *types.UnixGroupID) error {
+func (b *flockerVolumeMounter) SetUp(fsGroup *int64) error {
 	return b.SetUpAt(b.GetPath(), fsGroup)
 }
@@ -274,7 +274,7 @@ control service:
   need to update the Primary UUID for this volume.
 5. Wait until the Primary UUID was updated or timeout.
 */
-func (b *flockerVolumeMounter) SetUpAt(dir string, fsGroup *types.UnixGroupID) error {
+func (b *flockerVolumeMounter) SetUpAt(dir string, fsGroup *int64) error {
 	var err error
 	if b.flockerClient == nil {
 		b.flockerClient, err = b.newFlockerClient()
--- a/pkg/volume/gce_pd/gce_pd.go
+++ b/pkg/volume/gce_pd/gce_pd.go
@@ -257,12 +257,12 @@ func (b *gcePersistentDiskMounter) CanMount() error {
 }
 // SetUp bind mounts the disk global mount to the volume path.
-func (b *gcePersistentDiskMounter) SetUp(fsGroup *types.UnixGroupID) error {
+func (b *gcePersistentDiskMounter) SetUp(fsGroup *int64) error {
 	return b.SetUpAt(b.GetPath(), fsGroup)
 }
 // SetUp bind mounts the disk global mount to the give volume path.
-func (b *gcePersistentDiskMounter) SetUpAt(dir string, fsGroup *types.UnixGroupID) error {
+func (b *gcePersistentDiskMounter) SetUpAt(dir string, fsGroup *int64) error {
 	// TODO: handle failed mounts here.
 	notMnt, err := b.mounter.IsLikelyNotMountPoint(dir)
 	glog.V(4).Infof("GCE PersistentDisk set up: Dir (%s) PD name (%q) Mounted (%t) Error (%v), ReadOnly (%t)", dir, b.pdName, !notMnt, err, b.readOnly)
--- a/pkg/volume/git_repo/git_repo.go
+++ b/pkg/volume/git_repo/git_repo.go
@@ -171,12 +171,12 @@ func (b *gitRepoVolumeMounter) CanMount() error {
 }
 // SetUp creates new directory and clones a git repo.
-func (b *gitRepoVolumeMounter) SetUp(fsGroup *types.UnixGroupID) error {
+func (b *gitRepoVolumeMounter) SetUp(fsGroup *int64) error {
 	return b.SetUpAt(b.GetPath(), fsGroup)
 }
 // SetUpAt creates new directory and clones a git repo.
-func (b *gitRepoVolumeMounter) SetUpAt(dir string, fsGroup *types.UnixGroupID) error {
+func (b *gitRepoVolumeMounter) SetUpAt(dir string, fsGroup *int64) error {
 	if volumeutil.IsReady(b.getMetaDir()) {
 		return nil
 	}
--- a/pkg/volume/glusterfs/glusterfs.go
+++ b/pkg/volume/glusterfs/glusterfs.go
@@ -252,11 +252,11 @@ func (b *glusterfsMounter) CanMount() error {
 }
 // SetUp attaches the disk and bind mounts to the volume path.
-func (b *glusterfsMounter) SetUp(fsGroup *types.UnixGroupID) error {
+func (b *glusterfsMounter) SetUp(fsGroup *int64) error {
 	return b.SetUpAt(b.GetPath(), fsGroup)
 }
-func (b *glusterfsMounter) SetUpAt(dir string, fsGroup *types.UnixGroupID) error {
+func (b *glusterfsMounter) SetUpAt(dir string, fsGroup *int64) error {
 	notMnt, err := b.mounter.IsLikelyNotMountPoint(dir)
 	glog.V(4).Infof("glusterfs: mount set up: %s %v %v", dir, !notMnt, err)
 	if err != nil && !os.IsNotExist(err) {
--- a/pkg/volume/host_path/host_path.go
+++ b/pkg/volume/host_path/host_path.go
@@ -206,7 +206,7 @@ func (b *hostPathMounter) CanMount() error {
 }
 // SetUp does nothing.
-func (b *hostPathMounter) SetUp(fsGroup *types.UnixGroupID) error {
+func (b *hostPathMounter) SetUp(fsGroup *int64) error {
 	err := validation.ValidatePathNoBacksteps(b.GetPath())
 	if err != nil {
 		return fmt.Errorf("invalid HostPath `%s`: %v", b.GetPath(), err)
@@ -215,7 +215,7 @@ func (b *hostPathMounter) SetUp(fsGroup *types.UnixGroupID) error {
 }
 // SetUpAt does not make sense for host paths - probably programmer error.
-func (b *hostPathMounter) SetUpAt(dir string, fsGroup *types.UnixGroupID) error {
+func (b *hostPathMounter) SetUpAt(dir string, fsGroup *int64) error {
 	return fmt.Errorf("SetUpAt() does not make sense for host paths")
 }
--- a/pkg/volume/iscsi/disk_manager.go
+++ b/pkg/volume/iscsi/disk_manager.go
@@ -20,7 +20,6 @@ import (
 	"os"
 	"github.com/golang/glog"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/kubernetes/pkg/util/mount"
 	"k8s.io/kubernetes/pkg/volume"
 )
@@ -35,7 +34,7 @@ type diskManager interface {
 }
 // utility to mount a disk based filesystem
-func diskSetUp(manager diskManager, b iscsiDiskMounter, volPath string, mounter mount.Interface, fsGroup *types.UnixGroupID) error {
+func diskSetUp(manager diskManager, b iscsiDiskMounter, volPath string, mounter mount.Interface, fsGroup *int64) error {
 	globalPDPath := manager.MakeGlobalPDName(*b.iscsiDisk)
 	// TODO: handle failed mounts here.
 	notMnt, err := mounter.IsLikelyNotMountPoint(volPath)
--- a/pkg/volume/iscsi/iscsi.go
+++ b/pkg/volume/iscsi/iscsi.go
@@ -236,11 +236,11 @@ func (b *iscsiDiskMounter) CanMount() error {
 	return nil
 }
-func (b *iscsiDiskMounter) SetUp(fsGroup *types.UnixGroupID) error {
+func (b *iscsiDiskMounter) SetUp(fsGroup *int64) error {
 	return b.SetUpAt(b.GetPath(), fsGroup)
 }
-func (b *iscsiDiskMounter) SetUpAt(dir string, fsGroup *types.UnixGroupID) error {
+func (b *iscsiDiskMounter) SetUpAt(dir string, fsGroup *int64) error {
 	// diskSetUp checks mountpoints and prevent repeated calls
 	err := diskSetUp(b.manager, *b, dir, b.mounter, fsGroup)
 	if err != nil {
--- a/pkg/volume/local/local.go
+++ b/pkg/volume/local/local.go
@@ -182,12 +182,12 @@ func (m *localVolumeMounter) CanMount() error {
 }
 // SetUp bind mounts the directory to the volume path
-func (m *localVolumeMounter) SetUp(fsGroup *types.UnixGroupID) error {
+func (m *localVolumeMounter) SetUp(fsGroup *int64) error {
 	return m.SetUpAt(m.GetPath(), fsGroup)
 }
 // SetUpAt bind mounts the directory to the volume path and sets up volume ownership
-func (m *localVolumeMounter) SetUpAt(dir string, fsGroup *types.UnixGroupID) error {
+func (m *localVolumeMounter) SetUpAt(dir string, fsGroup *int64) error {
 	if m.globalPath == "" {
 		err := fmt.Errorf("LocalVolume volume %q path is empty", m.volName)
 		return err
--- a/pkg/volume/nfs/nfs.go
+++ b/pkg/volume/nfs/nfs.go
@@ -229,11 +229,11 @@ func (b *nfsMounter) GetAttributes() volume.Attributes {
 }
 // SetUp attaches the disk and bind mounts to the volume path.
-func (b *nfsMounter) SetUp(fsGroup *types.UnixGroupID) error {
+func (b *nfsMounter) SetUp(fsGroup *int64) error {
 	return b.SetUpAt(b.GetPath(), fsGroup)
 }
-func (b *nfsMounter) SetUpAt(dir string, fsGroup *types.UnixGroupID) error {
+func (b *nfsMounter) SetUpAt(dir string, fsGroup *int64) error {
 	notMnt, err := b.mounter.IsLikelyNotMountPoint(dir)
 	glog.V(4).Infof("NFS mount set up: %s %v %v", dir, !notMnt, err)
 	if err != nil && !os.IsNotExist(err) {
--- a/pkg/volume/photon_pd/photon_pd.go
+++ b/pkg/volume/photon_pd/photon_pd.go
@@ -195,12 +195,12 @@ func (b *photonPersistentDiskMounter) CanMount() error {
 }
 // SetUp attaches the disk and bind mounts to the volume path.
-func (b *photonPersistentDiskMounter) SetUp(fsGroup *types.UnixGroupID) error {
+func (b *photonPersistentDiskMounter) SetUp(fsGroup *int64) error {
 	return b.SetUpAt(b.GetPath(), fsGroup)
 }
 // SetUp attaches the disk and bind mounts to the volume path.
-func (b *photonPersistentDiskMounter) SetUpAt(dir string, fsGroup *types.UnixGroupID) error {
+func (b *photonPersistentDiskMounter) SetUpAt(dir string, fsGroup *int64) error {
 	glog.V(4).Infof("Photon Persistent Disk setup %s to %s", b.pdID, dir)
 	// TODO: handle failed mounts here.
--- a/pkg/volume/portworx/portworx.go
+++ b/pkg/volume/portworx/portworx.go
@@ -259,12 +259,12 @@ func (b *portworxVolumeMounter) CanMount() error {
 }
 // SetUp attaches the disk and bind mounts to the volume path.
-func (b *portworxVolumeMounter) SetUp(fsGroup *types.UnixGroupID) error {
+func (b *portworxVolumeMounter) SetUp(fsGroup *int64) error {
 	return b.SetUpAt(b.GetPath(), fsGroup)
 }
 // SetUpAt attaches the disk and bind mounts to the volume path.
-func (b *portworxVolumeMounter) SetUpAt(dir string, fsGroup *types.UnixGroupID) error {
+func (b *portworxVolumeMounter) SetUpAt(dir string, fsGroup *int64) error {
 	notMnt, err := b.mounter.IsLikelyNotMountPoint(dir)
 	glog.V(4).Infof("Portworx Volume set up: %s %v %v", dir, !notMnt, err)
 	if err != nil && !os.IsNotExist(err) {
--- a/pkg/volume/projected/projected.go
+++ b/pkg/volume/projected/projected.go
@@ -177,11 +177,11 @@ func (s *projectedVolumeMounter) CanMount() error {
 	return nil
 }
-func (s *projectedVolumeMounter) SetUp(fsGroup *types.UnixGroupID) error {
+func (s *projectedVolumeMounter) SetUp(fsGroup *int64) error {
 	return s.SetUpAt(s.GetPath(), fsGroup)
 }
-func (s *projectedVolumeMounter) SetUpAt(dir string, fsGroup *types.UnixGroupID) error {
+func (s *projectedVolumeMounter) SetUpAt(dir string, fsGroup *int64) error {
 	glog.V(3).Infof("Setting up volume %v for pod %v at %v", s.volName, s.pod.UID, dir)
 	wrapped, err := s.plugin.host.NewWrapperMounter(s.volName, wrappedVolumeSpec(), s.pod, *s.opts)
--- a/pkg/volume/quobyte/quobyte.go
+++ b/pkg/volume/quobyte/quobyte.go
@@ -234,12 +234,12 @@ func (mounter *quobyteMounter) CanMount() error {
 }
 // SetUp attaches the disk and bind mounts to the volume path.
-func (mounter *quobyteMounter) SetUp(fsGroup *types.UnixGroupID) error {
+func (mounter *quobyteMounter) SetUp(fsGroup *int64) error {
 	pluginDir := mounter.plugin.host.GetPluginDir(strings.EscapeQualifiedNameForDisk(quobytePluginName))
 	return mounter.SetUpAt(pluginDir, fsGroup)
 }
-func (mounter *quobyteMounter) SetUpAt(dir string, fsGroup *types.UnixGroupID) error {
+func (mounter *quobyteMounter) SetUpAt(dir string, fsGroup *int64) error {
 	// Check if Quobyte is already mounted on the host in the Plugin Dir
 	// if so we can use this mountpoint instead of creating a new one
 	// IsLikelyNotMountPoint wouldn't check the mount type
--- a/pkg/volume/rbd/disk_manager.go
+++ b/pkg/volume/rbd/disk_manager.go
@@ -26,7 +26,6 @@ import (
 	"os"
 	"github.com/golang/glog"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/kubernetes/pkg/api/v1"
 	"k8s.io/kubernetes/pkg/util/mount"
 	"k8s.io/kubernetes/pkg/volume"
@@ -46,7 +45,7 @@ type diskManager interface {
 }
 // utility to mount a disk based filesystem
-func diskSetUp(manager diskManager, b rbdMounter, volPath string, mounter mount.Interface, fsGroup *types.UnixGroupID) error {
+func diskSetUp(manager diskManager, b rbdMounter, volPath string, mounter mount.Interface, fsGroup *int64) error {
 	globalPDPath := manager.MakeGlobalPDName(*b.rbd)
 	// TODO: handle failed mounts here.
 	notMnt, err := mounter.IsLikelyNotMountPoint(volPath)
--- a/pkg/volume/rbd/rbd.go
+++ b/pkg/volume/rbd/rbd.go
@@ -403,11 +403,11 @@ func (b *rbdMounter) CanMount() error {
 	return nil
 }
-func (b *rbdMounter) SetUp(fsGroup *types.UnixGroupID) error {
+func (b *rbdMounter) SetUp(fsGroup *int64) error {
 	return b.SetUpAt(b.GetPath(), fsGroup)
 }
-func (b *rbdMounter) SetUpAt(dir string, fsGroup *types.UnixGroupID) error {
+func (b *rbdMounter) SetUpAt(dir string, fsGroup *int64) error {
 	// diskSetUp checks mountpoints and prevent repeated calls
 	glog.V(4).Infof("rbd: attempting to SetUp and mount %s", dir)
 	err := diskSetUp(b.manager, *b, dir, b.mounter, fsGroup)
--- a/pkg/volume/scaleio/sio_volume.go
+++ b/pkg/volume/scaleio/sio_volume.go
@@ -79,12 +79,12 @@ func (v *sioVolume) CanMount() error {
 	return nil
 }
-func (v *sioVolume) SetUp(fsGroup *types.UnixGroupID) error {
+func (v *sioVolume) SetUp(fsGroup *int64) error {
 	return v.SetUpAt(v.GetPath(), fsGroup)
 }
 // SetUp bind mounts the disk global mount to the volume path.
-func (v *sioVolume) SetUpAt(dir string, fsGroup *types.UnixGroupID) error {
+func (v *sioVolume) SetUpAt(dir string, fsGroup *int64) error {
 	v.plugin.volumeMtx.LockKey(v.volSpecName)
 	defer v.plugin.volumeMtx.UnlockKey(v.volSpecName)
--- a/pkg/volume/secret/secret.go
+++ b/pkg/volume/secret/secret.go
@@ -178,11 +178,11 @@ func (b *secretVolumeMounter) CanMount() error {
 	return nil
 }
-func (b *secretVolumeMounter) SetUp(fsGroup *types.UnixGroupID) error {
+func (b *secretVolumeMounter) SetUp(fsGroup *int64) error {
 	return b.SetUpAt(b.GetPath(), fsGroup)
 }
-func (b *secretVolumeMounter) SetUpAt(dir string, fsGroup *types.UnixGroupID) error {
+func (b *secretVolumeMounter) SetUpAt(dir string, fsGroup *int64) error {
 	glog.V(3).Infof("Setting up volume %v for pod %v at %v", b.volName, b.pod.UID, dir)
 	// Wrap EmptyDir, let it do the setup.
--- a/pkg/volume/storageos/storageos.go
+++ b/pkg/volume/storageos/storageos.go
@@ -333,7 +333,7 @@ func (b *storageosMounter) CanMount() error {
 }
 // SetUp attaches the disk and bind mounts to the volume path.
-func (b *storageosMounter) SetUp(fsGroup *types.UnixGroupID) error {
+func (b *storageosMounter) SetUp(fsGroup *int64) error {
 	// Need a namespace to find the volume, try pod's namespace if not set.
 	if b.volNamespace == "" {
 		glog.V(2).Infof("Setting StorageOS volume namespace to pod namespace: %s", b.podNamespace)
@@ -360,7 +360,7 @@ func (b *storageosMounter) SetUp(fsGroup *types.UnixGroupID) error {
 }
 // SetUp bind mounts the disk global mount to the give volume path.
-func (b *storageosMounter) SetUpAt(dir string, fsGroup *types.UnixGroupID) error {
+func (b *storageosMounter) SetUpAt(dir string, fsGroup *int64) error {
 	notMnt, err := b.mounter.IsLikelyNotMountPoint(dir)
 	glog.V(4).Infof("StorageOS volume set up: %s %v %v", dir, !notMnt, err)
 	if err != nil && !os.IsNotExist(err) {
--- a/pkg/volume/testing/testing.go
+++ b/pkg/volume/testing/testing.go
@@ -354,7 +354,7 @@ func (fv *FakeVolume) CanMount() error {
 	return nil
 }
-func (fv *FakeVolume) SetUp(fsGroup *types.UnixGroupID) error {
+func (fv *FakeVolume) SetUp(fsGroup *int64) error {
 	fv.Lock()
 	defer fv.Unlock()
 	fv.SetUpCallCount++
@@ -367,7 +367,7 @@ func (fv *FakeVolume) GetSetUpCallCount() int {
 	return fv.SetUpCallCount
 }
-func (fv *FakeVolume) SetUpAt(dir string, fsGroup *types.UnixGroupID) error {
+func (fv *FakeVolume) SetUpAt(dir string, fsGroup *int64) error {
 	return os.MkdirAll(dir, 0750)
 }
--- a/pkg/volume/util/operationexecutor/operation_generator.go
+++ b/pkg/volume/util/operationexecutor/operation_generator.go
@@ -392,7 +392,7 @@ func (og *operationGenerator) GenerateMountVolumeFunc(
 		volumeAttacher, _ = attachableVolumePlugin.NewAttacher()
 	}
-	var fsGroup *types.UnixGroupID
+	var fsGroup *int64
 	if volumeToMount.Pod.Spec.SecurityContext != nil &&
 		volumeToMount.Pod.Spec.SecurityContext.FSGroup != nil {
 		fsGroup = volumeToMount.Pod.Spec.SecurityContext.FSGroup
--- a/pkg/volume/volume.go
+++ b/pkg/volume/volume.go
@@ -109,14 +109,14 @@ type Mounter interface {
 	// content should be owned by 'fsGroup' so that it can be
 	// accessed by the pod. This may be called more than once, so
 	// implementations must be idempotent.
-	SetUp(fsGroup *types.UnixGroupID) error
+	SetUp(fsGroup *int64) error
 	// SetUpAt prepares and mounts/unpacks the volume to the
 	// specified directory path, which may or may not exist yet.
 	// The mount point and its content should be owned by
 	// 'fsGroup' so that it can be accessed by the pod. This may
 	// be called more than once, so implementations must be
 	// idempotent.
-	SetUpAt(dir string, fsGroup *types.UnixGroupID) error
+	SetUpAt(dir string, fsGroup *int64) error
 	// GetAttributes returns the attributes of the mounter.
 	GetAttributes() Attributes
 }
--- a/pkg/volume/volume_linux.go
+++ b/pkg/volume/volume_linux.go
@@ -24,8 +24,6 @@ import (
 	"os"
 	"k8s.io/apimachinery/pkg/types"
 	"github.com/golang/glog"
 )
@@ -37,7 +35,7 @@ const (
 // SetVolumeOwnership modifies the given volume to be owned by
 // fsGroup, and sets SetGid so that newly created files are owned by
 // fsGroup. If fsGroup is nil nothing is done.
-func SetVolumeOwnership(mounter Mounter, fsGroup *types.UnixGroupID) error {
+func SetVolumeOwnership(mounter Mounter, fsGroup *int64) error {
 	if fsGroup == nil {
 		return nil
--- a/pkg/volume/volume_unsupported.go
+++ b/pkg/volume/volume_unsupported.go
@@ -18,8 +18,6 @@ limitations under the License.
 package volume
-import "k8s.io/apimachinery/pkg/types"
+func SetVolumeOwnership(mounter Mounter, fsGroup *int64) error {
 func SetVolumeOwnership(mounter Mounter, fsGroup *types.UnixGroupID) error {
 	return nil
 }
--- a/pkg/volume/vsphere_volume/vsphere_volume.go
+++ b/pkg/volume/vsphere_volume/vsphere_volume.go
@@ -194,7 +194,7 @@ func (b *vsphereVolumeMounter) GetAttributes() volume.Attributes {
 }
 // SetUp attaches the disk and bind mounts to the volume path.
-func (b *vsphereVolumeMounter) SetUp(fsGroup *types.UnixGroupID) error {
+func (b *vsphereVolumeMounter) SetUp(fsGroup *int64) error {
 	return b.SetUpAt(b.GetPath(), fsGroup)
 }
@@ -206,7 +206,7 @@ func (b *vsphereVolumeMounter) CanMount() error {
 }
 // SetUp attaches the disk and bind mounts to the volume path.
-func (b *vsphereVolumeMounter) SetUpAt(dir string, fsGroup *types.UnixGroupID) error {
+func (b *vsphereVolumeMounter) SetUpAt(dir string, fsGroup *int64) error {
 	glog.V(5).Infof("vSphere volume setup %s to %s", b.volPath, dir)
 	// TODO: handle failed mounts here.
--- a/plugin/pkg/admission/security/podsecuritypolicy/BUILD
+++ b/plugin/pkg/admission/security/podsecuritypolicy/BUILD
@@ -50,7 +50,6 @@ go_test(
        "//pkg/security/podsecuritypolicy/util:go_default_library",
        "//vendor/github.com/stretchr/testify/assert:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/util/diff:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
        "//vendor/k8s.io/apiserver/pkg/admission:go_default_library",
--- a/plugin/pkg/admission/security/podsecuritypolicy/admission_test.go
+++ b/plugin/pkg/admission/security/podsecuritypolicy/admission_test.go
@@ -25,7 +25,6 @@ import (
 	"github.com/stretchr/testify/assert"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/diff"
 	"k8s.io/apimachinery/pkg/util/sets"
 	kadmission "k8s.io/apiserver/pkg/admission"
@@ -835,7 +834,7 @@ func TestAdmitRunAsUser(t *testing.T) {
 		// doesn't matter if we set it here or on the container, the
 		// admission controller uses DetermineEffectiveSC to get the defaulting
 		// behavior so it can validate what will be applied at runtime
-		userID := types.UnixUserID(user)
+		userID := int64(user)
 		pod.Spec.SecurityContext.RunAsUser = &userID
 		return pod
 	}
@@ -855,7 +854,7 @@ func TestAdmitRunAsUser(t *testing.T) {
 		pod               *kapi.Pod
 		psps              []*extensions.PodSecurityPolicy
 		shouldPass        bool
-		expectedRunAsUser *types.UnixUserID
+		expectedRunAsUser *int64
 		expectedPSP       string
 	}{
 		"runAsAny no pod request": {
@@ -941,8 +940,8 @@ func TestAdmitSupplementalGroups(t *testing.T) {
 		// doesn't matter if we set it here or on the container, the
 		// admission controller uses DetermineEffectiveSC to get the defaulting
 		// behavior so it can validate what will be applied at runtime
-		groupID := types.UnixGroupID(group)
+		groupID := int64(group)
-		pod.Spec.SecurityContext.SupplementalGroups = []types.UnixGroupID{groupID}
+		pod.Spec.SecurityContext.SupplementalGroups = []int64{groupID}
 		return pod
 	}
@@ -957,28 +956,28 @@ func TestAdmitSupplementalGroups(t *testing.T) {
 		pod               *kapi.Pod
 		psps              []*extensions.PodSecurityPolicy
 		shouldPass        bool
-		expectedSupGroups []types.UnixGroupID
+		expectedSupGroups []int64
 		expectedPSP       string
 	}{
 		"runAsAny no pod request": {
 			pod:               goodPod(),
 			psps:              []*extensions.PodSecurityPolicy{runAsAny},
 			shouldPass:        true,
-			expectedSupGroups: []types.UnixGroupID{},
+			expectedSupGroups: []int64{},
 			expectedPSP:       runAsAny.Name,
 		},
 		"runAsAny pod request": {
 			pod:               createPodWithSupGroup(1),
 			psps:              []*extensions.PodSecurityPolicy{runAsAny},
 			shouldPass:        true,
-			expectedSupGroups: []types.UnixGroupID{1},
+			expectedSupGroups: []int64{1},
 			expectedPSP:       runAsAny.Name,
 		},
 		"mustRunAs no pod request": {
 			pod:               goodPod(),
 			psps:              []*extensions.PodSecurityPolicy{mustRunAs},
 			shouldPass:        true,
-			expectedSupGroups: []types.UnixGroupID{mustRunAs.Spec.SupplementalGroups.Ranges[0].Min},
+			expectedSupGroups: []int64{mustRunAs.Spec.SupplementalGroups.Ranges[0].Min},
 			expectedPSP:       mustRunAs.Name,
 		},
 		"mustRunAs bad pod request": {
@@ -990,7 +989,7 @@ func TestAdmitSupplementalGroups(t *testing.T) {
 			pod:               createPodWithSupGroup(999),
 			psps:              []*extensions.PodSecurityPolicy{mustRunAs},
 			shouldPass:        true,
-			expectedSupGroups: []types.UnixGroupID{999},
+			expectedSupGroups: []int64{999},
 			expectedPSP:       mustRunAs.Name,
 		},
 	}
@@ -1035,7 +1034,7 @@ func TestAdmitFSGroup(t *testing.T) {
 		pod             *kapi.Pod
 		psps            []*extensions.PodSecurityPolicy
 		shouldPass      bool
-		expectedFSGroup *types.UnixGroupID
+		expectedFSGroup *int64
 		expectedPSP     string
 	}{
 		"runAsAny no pod request": {
@@ -1711,7 +1710,7 @@ func restrictivePSP() *extensions.PodSecurityPolicy {
 			RunAsUser: extensions.RunAsUserStrategyOptions{
 				Rule: extensions.RunAsUserStrategyMustRunAs,
 				Ranges: []extensions.UserIDRange{
-					{Min: types.UnixUserID(999), Max: types.UnixUserID(999)},
+					{Min: int64(999), Max: int64(999)},
 				},
 			},
 			SELinux: extensions.SELinuxStrategyOptions{
@@ -1723,13 +1722,13 @@ func restrictivePSP() *extensions.PodSecurityPolicy {
 			FSGroup: extensions.FSGroupStrategyOptions{
 				Rule: extensions.FSGroupStrategyMustRunAs,
 				Ranges: []extensions.GroupIDRange{
-					{Min: types.UnixGroupID(999), Max: types.UnixGroupID(999)},
+					{Min: int64(999), Max: int64(999)},
 				},
 			},
 			SupplementalGroups: extensions.SupplementalGroupsStrategyOptions{
 				Rule: extensions.SupplementalGroupsStrategyMustRunAs,
 				Ranges: []extensions.GroupIDRange{
-					{Min: types.UnixGroupID(999), Max: types.UnixGroupID(999)},
+					{Min: int64(999), Max: int64(999)},
 				},
 			},
 		},
@@ -1774,12 +1773,12 @@ func goodPod() *kapi.Pod {
 	}
 }
-func userIDPtr(i int) *types.UnixUserID {
+func userIDPtr(i int) *int64 {
-	userID := types.UnixUserID(i)
+	userID := int64(i)
 	return &userID
 }
-func groupIDPtr(i int) *types.UnixGroupID {
+func groupIDPtr(i int) *int64 {
-	groupID := types.UnixGroupID(i)
+	groupID := int64(i)
 	return &groupID
 }
--- a/plugin/pkg/admission/securitycontext/scdeny/BUILD
+++ b/plugin/pkg/admission/securitycontext/scdeny/BUILD
@@ -26,7 +26,6 @@ go_test(
    tags = ["automanaged"],
    deps = [
        "//pkg/api:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/types:go_default_library",
        "//vendor/k8s.io/apiserver/pkg/admission:go_default_library",
    ],
 )
--- a/plugin/pkg/admission/securitycontext/scdeny/admission_test.go
+++ b/plugin/pkg/admission/securitycontext/scdeny/admission_test.go
@@ -19,7 +19,6 @@ package scdeny
 import (
 	"testing"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apiserver/pkg/admission"
 	"k8s.io/kubernetes/pkg/api"
 )
@@ -28,7 +27,7 @@ import (
 func TestAdmission(t *testing.T) {
 	handler := NewSecurityContextDeny()
-	runAsUser := types.UnixUserID(1)
+	runAsUser := int64(1)
 	priv := true
 	cases := []struct {
@@ -116,7 +115,7 @@ func TestPodSecurityContextAdmission(t *testing.T) {
 		},
 	}
-	fsGroup := types.UnixGroupID(1001)
+	fsGroup := int64(1001)
 	tests := []struct {
 		securityContext api.PodSecurityContext
@@ -128,7 +127,7 @@ func TestPodSecurityContextAdmission(t *testing.T) {
 		},
 		{
 			securityContext: api.PodSecurityContext{
-				SupplementalGroups: []types.UnixGroupID{types.UnixGroupID(1234)},
+				SupplementalGroups: []int64{int64(1234)},
 			},
 			errorExpected: true,
 		},
--- a/staging/src/k8s.io/apimachinery/pkg/types/BUILD
+++ b/staging/src/k8s.io/apimachinery/pkg/types/BUILD
@@ -15,7 +15,6 @@ go_library(
        "nodename.go",
        "patch.go",
        "uid.go",
        "unix_user_id.go",
    ],
    tags = ["automanaged"],
 )
--- a/staging/src/k8s.io/apimachinery/pkg/types/unix_user_id.go
+++ b/staging/src/k8s.io/apimachinery/pkg/types/unix_user_id.go
@@ -1,23 +0,0 @@
 /*
 Copyright 2016 The Kubernetes Authors.
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
    http://www.apache.org/licenses/LICENSE-2.0
 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
 */
 package types
 // int64 is used as a safe bet against wrap-around (uid's are general
 // int32) and to support uid_t -1, and -2.
 type UnixUserID int64
 type UnixGroupID int64
--- a/staging/src/k8s.io/apimachinery/pkg/util/validation/BUILD
+++ b/staging/src/k8s.io/apimachinery/pkg/util/validation/BUILD
@@ -13,12 +13,10 @@ go_test(
    srcs = ["validation_test.go"],
    library = ":go_default_library",
    tags = ["automanaged"],
    deps = ["//vendor/k8s.io/apimachinery/pkg/types:go_default_library"],
 )
 go_library(
    name = "go_default_library",
    srcs = ["validation.go"],
    tags = ["automanaged"],
    deps = ["//vendor/k8s.io/apimachinery/pkg/types:go_default_library"],
 )
--- a/staging/src/k8s.io/apimachinery/pkg/util/validation/validation.go
+++ b/staging/src/k8s.io/apimachinery/pkg/util/validation/validation.go
@@ -22,8 +22,6 @@ import (
 	"net"
 	"regexp"
 	"strings"
 	"k8s.io/apimachinery/pkg/types"
 )
 const qnameCharFmt string = "[A-Za-z0-9]"
@@ -200,7 +198,7 @@ const (
 )
 // IsValidGroupID tests that the argument is a valid Unix GID.
-func IsValidGroupID(gid types.UnixGroupID) []string {
+func IsValidGroupID(gid int64) []string {
 	if minGroupID <= gid && gid <= maxGroupID {
 		return nil
 	}
@@ -208,7 +206,7 @@ func IsValidGroupID(gid types.UnixGroupID) []string {
 }
 // IsValidUserID tests that the argument is a valid Unix UID.
-func IsValidUserID(uid types.UnixUserID) []string {
+func IsValidUserID(uid int64) []string {
 	if minUserID <= uid && uid <= maxUserID {
 		return nil
 	}
--- a/staging/src/k8s.io/apimachinery/pkg/util/validation/validation_test.go
+++ b/staging/src/k8s.io/apimachinery/pkg/util/validation/validation_test.go
@@ -19,8 +19,6 @@ package validation
 import (
 	"strings"
 	"testing"
 	"k8s.io/apimachinery/pkg/types"
 )
 func TestIsDNS1123Label(t *testing.T) {
@@ -156,18 +154,18 @@ func TestIsValidPortNum(t *testing.T) {
 	}
 }
-func createGroupIDs(ids ...int64) []types.UnixGroupID {
+func createGroupIDs(ids ...int64) []int64 {
-	var output []types.UnixGroupID
+	var output []int64
 	for _, id := range ids {
-		output = append(output, types.UnixGroupID(id))
+		output = append(output, int64(id))
 	}
 	return output
 }
-func createUserIDs(ids ...int64) []types.UnixUserID {
+func createUserIDs(ids ...int64) []int64 {
-	var output []types.UnixUserID
+	var output []int64
 	for _, id := range ids {
-		output = append(output, types.UnixUserID(id))
+		output = append(output, int64(id))
 	}
 	return output
 }
--- a/Show More
+++ b/Show More