kubernetes
/
website
mirror of https://github.com/kubernetes/website.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #47401 from chanieljdan/merged-main-dev-1.31 

Merge main branch into dev 1.31
pull/47452/head
Kubernetes Prow Robot 2024-08-09 13:09:45 -07:00 committed by GitHub
parent 8bdcb806aa 3c5c4fcc1f
commit 13a402a7a7
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
17 changed files with 558 additions and 319 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
OWNERS_ALIASES
View File

@ -16,6 +16,7 @@ aliases:
- salaxander
- sftim
- tengqm
- drewhagen # RT 1.31 temp acting Docs lead
sig-docs-localization-owners: # Admins for localization content
- a-mccarthy
- divya-mohan0209
@ -64,6 +65,7 @@ aliases:
- sftim
- tengqm
- Princesso # RT 1.31 Docs Lead
- drewhagen # RT 1.31 temp acting Docs lead
sig-docs-en-reviews: # PR reviews for English content
- dipesh-rawat
- divya-mohan0209
@ -80,6 +82,7 @@ aliases:
- tengqm
- windsonsea
- Princesso # RT 1.31 Docs Lead
- drewhagen # RT 1.31 temp acting Docs lead
sig-docs-es-owners: # Admins for Spanish content
- electrocucaracha
- krol3

0
static/css/glossary.css → assets/css/glossary.css
View File

0
static/js/glossary.js → assets/js/glossary.js
View File

0
static/js/zoom.js → assets/js/zoom.js
View File

11
assets/scss/_custom.scss
View File

@ -1469,4 +1469,15 @@ body.td-search #search {
section.k8s-birthday-override:has(div.k8s-birthday-override.revert-to-previous input:not(:checked)) + section {
display: none;
visibility: hidden;
}
/* Apply site-wide table styles for tables in alert callouts (note, caution, warning) */
.alert {
&.alert-info, &.alert-caution, &.alert-danger {
> table {
@extend .table-striped;
@extend .table-responsive;
@extend .table;
}
}
}

2
content/en/docs/reference/using-api/cel.md
View File

@ -51,7 +51,7 @@ Example CEL expressions:
| `self.minReplicas <= self.replicas && self.replicas <= self.maxReplicas` | Validate that the three fields defining replicas are ordered appropriately |
| `'Available' in self.stateCounts` | Validate that an entry with the 'Available' key exists in a map |
| `(self.list1.size() == 0) != (self.list2.size() == 0)` | Validate that one of two lists is non-empty, but not both |
| `self.envars.filter(e, e.name = 'MY_ENV').all(e, e.value.matches('^[a-zA-Z]*$')` | Validate the 'value' field of a listMap entry where key field 'name' is 'MY_ENV' |
| `self.envars.filter(e, e.name = 'MY_ENV').all(e, e.value.matches('^[a-zA-Z]*$'))` | Validate the 'value' field of a listMap entry where key field 'name' is 'MY_ENV' |
| `has(self.expired) && self.created + self.ttl < self.expired` | Validate that 'expired' date is after a 'create' date plus a 'ttl' duration |
| `self.health.startsWith('ok')` | Validate a 'health' string field has the prefix 'ok' |
| `self.widgets.exists(w, w.key == 'x' && w.foo < 10)` | Validate that the 'foo' property of a listMap item with a key 'x' is less than 10 |

7
content/en/docs/test.md
View File

@ -370,7 +370,12 @@ Notes catch the reader's attention without a sense of urgency.
You can have multiple paragraphs and block-level elements inside an admonition.
| Or | a | table |
You can also add tables to organize and highlight key information.
| Header 1 | Header 2 | Header 3 |
| -------- | -------- | -------- |
| Data 1 | Data A | Info X |
| Data 2 | Data B | Info Y |
{{< /note >}}
{{< caution >}}

292
content/fr/docs/tutorials/hello-minikube.md
View File

@ -1,14 +1,7 @@
---
title: Hello Minikube
title: Bienvenue sur Minikube
content_type: tutorial
weight: 5
description: Tutoriel Minikube
menu:
main:
title: "Démarrer"
weight: 10
post: >
<p>Prêt à mettre les mains dans le cambouis ? Créez un cluster Kubernetes simple qui exécute "Hello World" avec Node.js.</p>>.
card:
name: tutorials
weight: 10
@ -16,260 +9,329 @@ card:
<!-- overview -->
Ce tutoriel vous montre comment exécuter une simple application Hello World Node.js sur Kubernetes en utilisant [Minikube](/docs/getting-started-guides/minikube/) et Katacoda.
Katacoda fournit un environnement Kubernetes gratuit dans le navigateur.
Ce tutoriel vous montre comment exécuter une application exemple sur Kubernetes en utilisant minikube.
Le tutoriel fournit une image de conteneur qui utilise NGINX pour renvoyer toutes les requêtes.
## {{% heading "objectifs" %}}
* Déployer une application exemple sur minikube.
* Exécuter l'application.
* Afficher les journaux de l'application.
## {{% heading "prérequis²" %}}
Ce tutoriel suppose que vous avez déjà configuré `minikube`.
Voir __Étape 1__ dans [minikube start](https://minikube.pour les instructions d'installation installation instructions.
{{< note >}}
Vous pouvez également suivre ce tutoriel si vous avez installé [Minikube localement](/docs/tasks/tools/install-minikube/).
Exécutez uniquement les instructions de l'__Étape 1, Installation__. Le reste est couvert sur cette page.
{{< /note >}}
## {{% heading "objectives" %}}
* Déployez une application Hello World sur Minikube.
* Lancez l'application.
* Afficher les journaux des applications.
## {{% heading "prerequisites" %}}
Ce tutoriel fournit une image de conteneur construite à partir des fichiers suivants :
{{% codenew language="js" file="minikube/server.js" %}}
{{% codenew language="conf" file="minikube/Dockerfile" %}}
Pour plus d'informations sur la commande `docker build`, lisez la documentation de [Docker](https://docs.docker.com/engine/reference/commandline/build/).
Vous devez également installer `kubectl`.
Voir [Installer les outils](/docs/tasks/tools/#kubectl) pour les instructions d'installation.
<!-- lessoncontent -->
## Créer un cluster Minikube
## Créer un cluster minikube
1. Cliquez sur **Lancer le terminal**.
```shell
minikube start
```
{{< kat-button >}}
## Ouvrir le Tableau de bord
{{< note >}} Si vous avez installé Minikube localement, lancez `minikube start`. {{< /note >}}
Ouvrez le tableau de bord Kubernetes. Vous pouvez le faire de deux façons différentes :
2. Ouvrez le tableau de bord Kubernetes dans un navigateur :
{{< tabs name="dashboard" >}}
{{% tab name="Launch a browser" %}}
Ouvrez un **nouveau** terminal, et exécutez:
```shell
# Démarrez un nouveau terminal et laissez-le en cours d'exécution..
minikube dashboard
```
Maintenant, revenez au terminal où vous avez exécuté `minikube start`.
{{< note >}}
La commande `dashboard` active l'extension du tableau de bord et ouvre le proxy dans le navigateur par défaut.
Vous pouvez créer des ressources Kubernetes sur le tableau de bord, telles que Deployment et Service.
Pour savoir comment éviter d'invoquer directement le navigateur à partir du terminal et obtenir une URL pour le tableau de bord Web, consultez l'onglet "Copier et coller l'URL".
Par défaut, le tableau de bord n'est accessible que depuis le réseau virtuel interne de Kubernetes. La commande `dashboard` crée un proxy temporaire pour rendre le tableau de bord accessible depuis l'extérieur du réseau virtuel Kubernetes.
Pour arrêter le proxy, exécutez `Ctrl+C` pour quitter le processus. Une fois la commande terminée, le tableau de bord reste en cours d'exécution dans le cluster Kubernetes. Vous pouvez exécuter à nouveau la commande `dashboard` pour créer un autre proxy pour accéder au tableau de bord.
{{< /note >}}
{{% /tab %}}
{{% tab name="Copier et coller l'URL" %}}
Si vous ne souhaitez pas que minikube ouvre un navigateur pour vous, exécutez la sous-commande `dashboard` avec le drapeau `--url`. `minikube` affiche une URL que vous pouvez ouvrir dans le navigateur de votre choix.
Ouvrez un **nouveau** terminal et exécutez:
```shell
# Démarrez un nouveau terminal et laissez-le en cours d'exécution.
minikube dashboard --url
```
Maintenant, vous pouvez utiliser cette URL et revenir au terminal où vous avez exécuté `minikube start`.
{{% /tab %}}
{{< /tabs >}}
## Créer un Deployment
Un [*Pod*](/docs/concepts/workloads/pods/) Kubernetes est un groupe de un ou plusieurs conteneurs, liés ensemble pour les besoins de l'administration et du réseau. Le Pod de ce tutoriel n'a qu'un seul conteneur. Un [*Deployment*](/docs/concepts/workloads/controllers/deployment/) Kubernetes vérifie l'état de santé de votre Pod et redémarre le conteneur du Pod s'il se termine. Les Deployments sont la méthode recommandée pour gérer la création et la mise à l'échelle des Pods.
1. Utilisez la commande `kubectl` create pour créer un Deployment qui gère un Pod. Le Pod exécute un conteneur basé sur l'image Docker fournie.
```shell
minikube dashboard
# Exécutez une image de conteneur de test qui inclut un serveur web
kubectl create deployment hello-node --image=registry.k8s.io/e2e-test-images/agnhost:2.39 -- /agnhost netexec --http-port=8080
```
3. Environnement Katacoda seulement : En haut du volet du terminal, cliquez sur le signe plus, puis cliquez sur **Sélectionner le port pour afficher sur l'hôte 1**.
4. Environnement Katacoda seulement : Tapez `30000`, puis cliquez sur **Afficher le port**.
## Créer un déploiement
Un [*Pod*](/fr/docs/concepts/workloads/pods/pod/) Kubernetes est un groupe d'un ou plusieurs conteneurs, liés entre eux à des fins d'administration et de mise en réseau.
Dans ce tutoriel, le Pod n'a qu'un seul conteneur.
Un [*Déploiement*](/docs/concepts/workloads/controllers/deployment/) Kubernetes vérifie l'état de santé de votre Pod et redémarre le conteneur du Pod s'il se termine.
Les déploiements sont le moyen recommandé pour gérer la création et la mise à l'échelle des Pods.
1. Utilisez la commande `kubectl create` pour créer un déploiement qui gère un Pod. Le
Pod utilise un conteneur basé sur l'image Docker fournie.
```shell
kubectl create deployment hello-node --image=registry.k8s.io/echoserver:1.4
```
2. Affichez le déploiement :
2. Afficher le Deployment:
```shell
kubectl get deployments
```
Sortie :
La sortie ressemble à:
```shell
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
hello-node 1 1 1 1 1m
```
NAME READY UP-TO-DATE AVAILABLE AGE
hello-node 1/1 1 1 1m
```
3. Voir le Pod :
(Il peut s'écouler un certain temps avant que le pod ne soit disponible. Si vous voyez "0/1", réessayez dans quelques secondes.)
3. Afficher le Pod:
```shell
kubectl get pods
```
Sortie :
```shell
La sortie ressemble à:
```
NAME READY STATUS RESTARTS AGE
hello-node-5f76cf6ccf-br9b5 1/1 Running 0 1m
```
4. Afficher les événements du cluster :
4. Afficher les événements du cluster:
```shell
kubectl get events
```
5. Voir la configuration de `kubectl` :
5. Afficher la configuration `kubectl`:
```shell
kubectl config view
```
{{< note >}}Pour plus d'informations sur les commandes `kubectl`, voir la [vue d'ensemble de kubectl](/docs/user-guide/kubectl-overview/) {{< /note >}}.
6. Afficher les journaux de l'application pour un conteneur dans un pod (remplacez le nom du pod par celui que vous avez obtenu avec la commande `kubectl get pods`).
{{< note >}}
Remplacez `hello-node-5f76cf6ccf-br9b5` dans la commande `kubectl logs` par le nom du pod de la sortie de la commande `kubectl get pods`.
{{< /note >}}
```shell
kubectl logs hello-node-5f76cf6ccf-br9b5
```
## Créer un service
La sortie ressemble à:
Par défaut, le Pod n'est accessible que par son adresse IP interne dans le cluster Kubernetes.
Pour rendre le conteneur `hello-node` accessible depuis l'extérieur du réseau virtuel Kubernetes, vous devez exposer le Pod comme un [*Service*](/docs/concepts/services-networking/service/) Kubernetes.
```
I0911 09:19:26.677397 1 log.go:195] Started HTTP server on port 8080
I0911 09:19:26.677586 1 log.go:195] Started UDP server on port 8081
```
1. Exposez le Pod à internet en utilisant la commande `kubectl expose` :
{{< note >}}
Pour plus d'informations sur les commandes `kubectl`, consultez la [kubectl overview](/docs/reference/kubectl/).
{{< /note >}}
## Créer un Service
Par défaut, le Pod est accessible uniquement par son adresse IP interne au sein du réseau Kubernetes. Pour rendre le conteneur `hello-node` accessible depuis l'extérieur du réseau virtuel Kubernetes, vous devez exposer le Pod en tant que Kubernetes [*Service*](/docs/concepts/services-networking/service/).
{{< warning >}}
Le conteneur agnhost a un point de terminaison `/shell`, qui est utile pour le débogage, mais dangereux à exposer à Internet. Ne l'exécutez pas sur un cluster Internet-facing ou un cluster de production.
{{< /warning >}}
1. Exposez le Pod au réseau public en utilisant la commande `kubectl expose`:
```shell
kubectl expose deployment hello-node --type=LoadBalancer --port=8080
```
L'indicateur `--type=LoadBalancer` indique que vous voulez exposer votre Service
à l'extérieur du cluster.
Le drapeau `--type=LoadBalancer` indique que vous souhaitez exposer votre Service en dehors du cluster.
2. Affichez le Service que vous venez de créer :
Le code de l'application à l'intérieur de l'image de test ne répond qu'aux requêtes sur le port TCP 8080. Si vous avez utilisé `kubectl expose` pour exposer un port différent, les clients ne pourront pas se connecter à ce port.
2. Afficher le Service que vous avez créé:
```shell
kubectl get services
```
Sortie :
La sortie ressemble à:
```shell
```
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
hello-node LoadBalancer 10.108.144.78 <pending> 8080:30369/TCP 21s
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 23m
```
Sur les fournisseurs de cloud qui supportent les load balancers, une adresse IP externe serait fournie pour accéder au Service.
Sur Minikube, le type `LoadBalancer` rend le Service accessible via la commande `minikube service`.
Sur les fournisseurs de cloud qui prennent en charge les équilibreurs de charge, Une adresse IP externe sera provisionnée pour accéder au Service. Sur minikube, le type `LoadBalancer` rend le Service accessible via la commande `minikube service`.
3. Exécutez la commande suivante :
3. Exécutez la commande suivante:
```shell
minikube service hello-node
```
4. Environnement Katacoda seulement : Cliquez sur le signe plus, puis cliquez sur **Sélectionner le port pour afficher sur l'hôte 1**.
5. Environnement Katacoda seulement : Tapez `30369` (voir port en face de `8080` dans la sortie services), puis cliquez sur **Afficher le port**.
Cela ouvre une fenêtre de navigateur qui sert votre application et affiche le message `Hello World`.
Cette commande ouvre une fenêtre de navigateur qui sert votre application et affiche la réponse de l'application.
## Activer les extensions
Minikube dispose d'un ensemble d'extensions intégrées qui peuvent être activées, désactivées et ouvertes dans l'environnement Kubernetes local.
La commande `minikube` inclut un ensemble intégré d'{{< glossary_tooltip text="addons" term_id="addons" >}} qui peuvent être activés, désactivés et ouverts dans l'environnement local Kubernetes.
1. Énumérer les extensions actuellement pris en charge :
1. Liste des extensions pris en charge actuellement:
```shell
minikube addons list
```
Sortie:
La sortie ressemble à:
```
addon-manager: enabled
coredns: disabled
dashboard: enabled
default-storageclass: enabled
efk: disabled
freshpod: disabled
heapster: disabled
gvisor: disabled
helm-tiller: disabled
ingress: disabled
kube-dns: enabled
ingress-dns: disabled
logviewer: disabled
metrics-server: disabled
nvidia-driver-installer: disabled
nvidia-gpu-device-plugin: disabled
registry: disabled
registry-creds: disabled
storage-provisioner: enabled
storage-provisioner-gluster: disabled
```
2. Activez une extension, par exemple, `heapster` :
2. Activer une extension, par exemple, `metrics-server`:
```shell
minikube addons enable heapster
minikube addons enable metrics-server
```
Sortie :
La sortie ressemble à:
```shell
heapster was successfully enabled
```
The 'metrics-server' addon is enabled
```
3. Affichez le pod et le service que vous venez de créer :
3. Afficher le Pod et le Service que vous avez créés en installant cette extension:
```shell
kubectl get pod,svc -n kube-system
```
Sortie :
La sortie devrait être simulaire à :
```shell
```
NAME READY STATUS RESTARTS AGE
pod/heapster-9jttx 1/1 Running 0 26s
pod/coredns-5644d7b6d9-mh9ll 1/1 Running 0 34m
pod/coredns-5644d7b6d9-pqd2t 1/1 Running 0 34m
pod/metrics-server-67fb648c5 1/1 Running 0 26s
pod/etcd-minikube 1/1 Running 0 34m
pod/influxdb-grafana-b29w8 2/2 Running 0 26s
pod/kube-addon-manager-minikube 1/1 Running 0 34m
pod/kube-dns-6dcb57bcc8-gv7mw 3/3 Running 0 34m
pod/kubernetes-dashboard-5498ccf677-cgspw 1/1 Running 0 34m
pod/kube-apiserver-minikube 1/1 Running 0 34m
pod/kube-controller-manager-minikube 1/1 Running 0 34m
pod/kube-proxy-rnlps 1/1 Running 0 34m
pod/kube-scheduler-minikube 1/1 Running 0 34m
pod/storage-provisioner 1/1 Running 0 34m
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/heapster ClusterIP 10.96.241.45 <none> 80/TCP 26s
service/metrics-server ClusterIP 10.96.241.45 <none> 80/TCP 26s
service/kube-dns ClusterIP 10.96.0.10 <none> 53/UDP,53/TCP 34m
service/kubernetes-dashboard NodePort 10.109.29.1 <none> 80:30000/TCP 34m
service/monitoring-grafana NodePort 10.99.24.54 <none> 80:30002/TCP 26s
service/monitoring-influxdb ClusterIP 10.111.169.94 <none> 8083/TCP,8086/TCP 26s
```
4. Désactivez `heapster` :
4. Vérifier la sortie de `metrics-server`:
```shell
minikube addons disable heapster
kubectl top pods
```
Sortie :
La sortie ressemble à:
```
NAME CPU(cores) MEMORY(bytes)
hello-node-ccf4b9788-4jn97 1m 6Mi
```
Si vous voyez le message suivant, attendez un peu et réessayez:
```
error: Metrics API not available
```
5. Désactiver `metrics-server`:
```shell
heapster was successfully disabled
minikube addons disable metrics-server
```
La sortie ressemble à:
```
metrics-server was successfully disabled
```
## Nettoyage
Vous pouvez maintenant nettoyer les ressources que vous avez créées dans votre cluster :
Vous pouvez maintenant nettoyer les ressources que vous avez créées dans votre cluster:
```shell
kubectl delete service hello-node
kubectl delete deployment hello-node
```
Si nécessaire, arrêtez la machine virtuelle Minikube (VM) :
Si nécessaire, arrêtez la machine virtuelle Minikube (VM)
```shell
minikube stop
```
Si nécessaire, effacez la VM Minikube :
Si nécessaire, effacez la VM Minikube:
```shell
# Facultatif
minikube delete
```
Si vous souhaitez à nouveau utiliser minikube pour en apprendre davantage sur Kubernetes, vous n'avez pas besoin de le supprimer.
## Conclusion
Cette page a couvert les aspects de base pour mettre en route un cluster minikube. Vous êtes maintenant prêt à déployer des applications.
## {{% heading "whatsnext" %}}
* En savoir plus sur les [déploiement](/docs/concepts/workloads/controllers/deployment/).
* En savoir plus sur le [Déploiement d'applications](/docs/user-guide/deploying-applications/).
* En savoir plus sur les [Services](/docs/concepts/services-networking/service/).
* Tutoriel pour _[déployer votre première application sur Kubernetes avec kubectl.](/docs/tutorials/kubernetes-basics/deploy-app/deploy-intro/)_.
* En savoir plus sur les [objets Deployment](/docs/concepts/workloads/controllers/deployment/).
* En savoir plus sur le [déploiement d'applications](/docs/tasks/run-application/run-stateless-application-deployment/).
* En savoir plus sur les [objets Service](/docs/concepts/services-networking/service/).

4
content/ja/examples/application/cassandra/cassandra-statefulset.yaml
View File

@ -15,7 +15,7 @@ spec:
labels:
app: cassandra
spec:
terminationGracePeriodSeconds: 1800
terminationGracePeriodSeconds: 500
containers:
- name: cassandra
image: gcr.io/google-samples/cassandra:v13
@ -43,7 +43,7 @@ spec:
lifecycle:
preStop:
exec:
command:
command:
- /bin/sh
- -c
- nodetool drain

499
content/zh-cn/docs/reference/config-api/kube-proxy-config.v1alpha1.md
View File

@ -27,8 +27,6 @@ auto_generated: true
- [KubeProxyConfiguration](#kubeproxy-config-k8s-io-v1alpha1-KubeProxyConfiguration)
- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1beta3-KubeSchedulerConfiguration)
- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1-KubeSchedulerConfiguration)
- [GenericControllerManagerConfiguration](#controllermanager-config-k8s-io-v1alpha1-GenericControllerManagerConfiguration)
@ -105,8 +103,6 @@ default value of 'application/json'. This field will control all connections to
-->
**出现在:**
- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1beta3-KubeSchedulerConfiguration)
- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1-KubeSchedulerConfiguration)
- [GenericControllerManagerConfiguration](#controllermanager-config-k8s-io-v1alpha1-GenericControllerManagerConfiguration)
@ -154,8 +150,6 @@ enableProfiling is true.
-->
**出现在:**
- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1beta3-KubeSchedulerConfiguration)
- [KubeSchedulerConfiguration](#kubescheduler-config-k8s-io-v1-KubeSchedulerConfiguration)
- [GenericControllerManagerConfiguration](#controllermanager-config-k8s-io-v1alpha1-GenericControllerManagerConfiguration)
@ -298,16 +292,61 @@ KubeProxyConfiguration 包含用来配置 Kubernetes 代理服务器的所有配
用来启用或者禁用测试性质的功能特性。</p>
</td>
</tr>
<tr><td><code>clientConnection</code> <B><!--[Required]-->[必需]</B><br/>
<a href="#ClientConnectionConfiguration"><code>ClientConnectionConfiguration</code></a>
</td>
<td>
<p>
<!--
clientConnection specifies the kubeconfig file and client connection settings for the proxy
server to use when communicating with the apiserver.
-->
<code>clientConnection</code> 指定了代理服务器与 apiserver 通信时应使用的 <code>kubeconfig</code> 文件和客户端连接设置。
</p>
</td>
</tr>
<tr><td><code>logging</code> <B><!--[Required]-->[必需]</B><br/>
<a href="#LoggingConfiguration"><code>LoggingConfiguration</code></a>
</td>
<td>
<p>
<!--
logging specifies the options of logging.
Refer to <a href="https://github.com/kubernetes/component-base/blob/master/logs/options.go">Logs Options</a>
for more information.
-->
<code>logging</code> 指定了日志记录的选项。有关更多信息,
请参阅<a href="https://github.com/kubernetes/component-base/blob/master/logs/options.go">日志选项</a>
</p>
</td>
</tr>
<tr><td><code>hostnameOverride</code> <B><!--[Required]-->[必需]</B><br/>
<code>string</code>
</td>
<td>
<p>
<!--
hostnameOverride, if non-empty, will be used as the name of the Node that
kube-proxy is running on. If unset, the node name is assumed to be the same as
the node's hostname.
-->
<code>hostnameOverride</code> 如果不为空,将作为 kube-proxy 所运行节点的名称使用。
如果未设置,则默认使用节点的主机名作为节点名称。
</p>
</td>
</tr>
<tr><td><code>bindAddress</code> <B><!--[Required]-->[必需]</B><br/>
<code>string</code>
</td>
<td>
<!--
bindAddress is the IP address for the proxy server to serve on (set to 0.0.0.0
for all interfaces)
bindAddress can be used to override kube-proxy's idea of what its node's
primary IP is. Note that the name is a historical artifact, and kube-proxy does
not actually bind any sockets to this IP.
-->
<p><code>bindAddress</code> 字段是代理服务器提供服务时所用 IP 地址(设置为 0.0.0.0
时意味着在所有网络接口上提供服务)。</p>
<p><code>bindAddress</code> 可以用来指定 kube-proxy 所认为的节点主 IP。请注意
虽然名称中有绑定的意思,但实际上 kube-proxy 并不会将任何套接字绑定到这个 IP 地址上。
</p>
</td>
</tr>
<tr><td><code>healthzBindAddress</code> <B><!--[Required]-->[必需]</B><br/>
@ -315,11 +354,13 @@ for all interfaces)
</td>
<td>
<!--
healthzBindAddress is the IP address and port for the health check server to serve on,
defaulting to 0.0.0.0:10256
healthzBindAddress is the IP address and port for the health check server to
serve on, defaulting to &quot;0.0.0.0:10256&quot; (if bindAddress is unset or IPv4), or
&quot;[::]:10256&quot; (if bindAddress is IPv6).
-->
<p><code>healthzBindAddress</code> 字段是健康状态检查服务器提供服务时所使用的 IP 地址和端口,
默认设置为 '0.0.0.0:10256'。</p>
<p><code>healthzBindAddress</code> 是健康检查服务器的 IP 地址和端口,默认情况下,
如果 bindAddress 未设置或为 IPv4则为 "0.0.0.0:10256";如果 bindAddress 为 IPv6
则为 "[::]:10256"。</p>
</td>
</tr>
<tr><td><code>metricsBindAddress</code> <B><!--[Required]-->[必需]</B><br/>
@ -327,11 +368,15 @@ defaulting to 0.0.0.0:10256
</td>
<td>
<!--
metricsBindAddress is the IP address and port for the metrics server to serve on,
defaulting to 127.0.0.1:10249 (set to 0.0.0.0 for all interfaces)
metricsBindAddress is the IP address and port for the metrics server to serve
on, defaulting to &quot;127.0.0.1:10249&quot; (if bindAddress is unset or IPv4), or
&quot;[::1]:10249&quot; (if bindAddress is IPv6). (Set to &quot;0.0.0.0:10249&quot; / &quot;[::]:10249&quot;
to bind on all interfaces.)
-->
<p><code>metricsBindAddress</code> 字段是指标服务器提供服务时所使用的 IP 地址和端口,
默认设置为 '127.0.0.1:10249'(设置为 0.0.0.0 意味着在所有接口上提供服务)。</p>
<p><code>metricsBindAddress</code> 是指标服务器监听的 IP 地址和端口,默认情况下,
如果 bindAddress 未设置或为 IPv4则为 "127.0.0.1:10249"
如果 bindAddress 为 IPv6则为 "[::1]:10249"。
(设置为 "0.0.0.0:10249" / "[::]:10249" 以绑定到所有接口。)。</p>
</td>
</tr>
<tr><td><code>bindAddressHardFail</code> <B><!--[Required]-->[必需]</B><br/>
@ -339,7 +384,8 @@ defaulting to 127.0.0.1:10249 (set to 0.0.0.0 for all interfaces)
</td>
<td>
<!--
bindAddressHardFail, if true, kube-proxy will treat failure to bind to a port as fatal and exit
bindAddressHardFail, if true, tells kube-proxy to treat failure to bind to a
port as fatal and exit
-->
<p><code>bindAddressHardFail</code> 字段设置为 true 时,
kube-proxy 将无法绑定到某端口这类问题视为致命错误并直接退出。</p>
@ -357,41 +403,24 @@ Profiling handlers will be handled by metrics server.
性能分析处理程序将由指标服务器执行。</p>
</td>
</tr>
<tr><td><code>clusterCIDR</code> <B><!--[Required]-->[必需]</B><br/>
<tr><td><code>showHiddenMetricsForVersion</code> <B><!--[Required]-->[必需]</B><br/>
<code>string</code>
</td>
<td>
<!--
clusterCIDR is the CIDR range of the pods in the cluster. It is used to
bridge traffic coming from outside of the cluster. If not provided,
no off-cluster bridging will be performed.
showHiddenMetricsForVersion is the version for which you want to show hidden metrics.
-->
<p><code>clusterCIDR</code> 字段是集群中 Pod 所使用的 CIDR 范围。
这一地址范围用于对来自集群外的请求流量进行桥接。
如果未设置,则 kube-proxy 不会对非集群内部的流量做桥接。</p>
<p><code>showHiddenMetricsForVersion</code> 用于指定要显示隐藏指标的版本。</p>
</td>
</tr>
<tr><td><code>hostnameOverride</code> <B><!--[Required]-->[必需]</B><br/>
<code>string</code>
<tr><td><code>mode</code> <B><!--[Required]-->[必需]</B><br/>
<a href="#kubeproxy-config-k8s-io-v1alpha1-ProxyMode"><code>ProxyMode</code></a>
</td>
<td>
<!--
hostnameOverride, if non-empty, will be used as the identity instead of the actual hostname.
mode specifies which proxy mode to use.
-->
<p><code>hostnameOverride</code> 字段非空时,
所给的字符串(而不是实际的主机名)将被用作 kube-proxy 的标识。</p>
</td>
</tr>
<tr><td><code>clientConnection</code> <B><!--[Required]-->[必需]</B><br/>
<a href="#ClientConnectionConfiguration"><code>ClientConnectionConfiguration</code></a>
</td>
<td>
<!--
clientConnection specifies the kubeconfig file and client connection settings for the proxy
server to use when communicating with the apiserver.
-->
<p><code>clientConnection</code> 字段给出代理服务器与 API
服务器通信时要使用的 kubeconfig 文件和客户端链接设置。</p>
<p><code>mode</code> 指定要使用的代理模式。</p>
</td>
</tr>
<tr><td><code>iptables</code> <B><!--[Required]-->[必需]</B><br/>
@ -414,83 +443,14 @@ server to use when communicating with the apiserver.
<p><code>ipvs</code> 字段中包含与 ipvs 相关的配置选项。</p>
</td>
</tr>
<tr><td><code>oomScoreAdj</code> <B><!--[Required]-->[必需]</B><br/>
<code>int32</code>
<tr><td><code>nftables</code> <B><!--[Required]-->[必需]</B><br/>
<a href="#kubeproxy-config-k8s-io-v1alpha1-KubeProxyNFTablesConfiguration"><code>KubeProxyNFTablesConfiguration</code></a>
</td>
<td>
<!--
oomScoreAdj is the oom-score-adj value for kube-proxy process. Values must be within
the range [-1000, 1000]
nftables contains nftables-related configuration options
-->
<p><code>oomScoreAdj</code> 字段是为 kube-proxy 进程所设置的 oom-score-adj 值。
此设置值必须介于 [-1000, 1000] 范围内。</p>
</td>
</tr>
<tr><td><code>mode</code> <B><!--[Required]-->[必需]</B><br/>
<a href="#kubeproxy-config-k8s-io-v1alpha1-ProxyMode"><code>ProxyMode</code></a>
</td>
<td>
<!--
mode specifies which proxy mode to use.
-->
<p><code>mode</code> 字段用来设置将使用的代理模式。</p>
</td>
</tr>
<tr><td><code>portRange</code> <B><!--[Required]-->[必需]</B><br/>
<code>string</code>
</td>
<td>
<!--
portRange is the range of host ports (beginPort-endPort, inclusive) that may be consumed
in order to proxy service traffic. If unspecified (0-0) then ports will be randomly chosen.
-->
<p><code>portRange</code> 字段是主机端口的范围,形式为 beginPort-endPort包含边界
用来设置代理服务所使用的端口。如果未指定(即 0-0则代理服务会随机选择端口号。</p>
</td>
</tr>
<tr><td><code>conntrack</code> <B><!--[Required]-->[必需]</B><br/>
<a href="#kubeproxy-config-k8s-io-v1alpha1-KubeProxyConntrackConfiguration"><code>KubeProxyConntrackConfiguration</code></a>
</td>
<td>
<!--
conntrack contains conntrack-related configuration options.
-->
<p><code>conntrack</code> 字段包含与 conntrack 相关的配置选项。</p>
</td>
</tr>
<tr><td><code>configSyncPeriod</code> <B><!--[Required]-->[必需]</B><br/>
<a href="https://pkg.go.dev/k8s.io/apimachinery/pkg/apis/meta/v1#Duration"><code>meta/v1.Duration</code></a>
</td>
<td>
<!--
configSyncPeriod is how often configuration from the apiserver is refreshed. Must be greater
than 0.
-->
<p><code>configSyncPeriod</code> 字段是从 API 服务器刷新配置的频率。此值必须大于 0。</p>
</td>
</tr>
<tr><td><code>nodePortAddresses</code> <B><!--[Required]-->[必需]</B><br/>
<code>[]string</code>
</td>
<td>
<!--
nodePortAddresses is the --nodeport-addresses value for kube-proxy process. Values must be valid
IP blocks. These values are as a parameter to select the interfaces where nodeport works.
In case someone would like to expose a service on localhost for local visit and some other interfaces for
particular purpose, a list of IP blocks would do that.
If set it to "127.0.0.0/8", kube-proxy will only select the loopback interface for NodePort.
If set it to a non-zero IP block, kube-proxy will filter that down to just the IPs that applied to the node.
An empty string slice is meant to select all network interfaces.
-->
<p><code>nodePortAddresses</code> 字段是 kube-proxy 进程的
<code>--nodeport-addresses</code> 命令行参数设置。
此值必须是合法的 IP 段。所给的 IP 段会作为参数来选择 NodePort 类型服务所使用的接口。
如果有人希望将本地主机Localhost上的服务暴露给本地访问
同时暴露在某些其他网络接口上以实现某种目标,可以使用 IP 段的列表。
如果此值被设置为 &quot;127.0.0.0/8&quot;,则 kube-proxy 将仅为 NodePort
服务选择本地回路loopback接口。
如果此值被设置为非零的 IP 段,则 kube-proxy 会对 IP 作过滤,仅使用适用于当前节点的 IP 地址。
空的字符串列表意味着选择所有网络接口。</p>
<p><code>nftables</code> 包含与 nftables 相关的配置选项。</p>
</td>
</tr>
<tr><td><code>winkernel</code> <B><!--[Required]-->[必需]</B><br/>
@ -500,18 +460,7 @@ An empty string slice is meant to select all network interfaces.
<!--
winkernel contains winkernel-related configuration options.
-->
<p><code>winkernel</code> 字段包含与 winkernel 相关的配置选项。</p>
</td>
</tr>
<tr><td><code>showHiddenMetricsForVersion</code> <B><!--[Required]-->[必需]</B><br/>
<code>string</code>
</td>
<td>
<!--
ShowHiddenMetricsForVersion is the version for which you want to show hidden metrics.
-->
<p><code>showHiddenMetricsForVersion</code> 字段给出的是一个 Kubernetes 版本号字符串,
用来设置你希望显示隐藏指标的版本。</p>
<p><code>winkernel</code> 包含与 winkernel 相关的配置选项。</p>
</td>
</tr>
<tr><td><code>detectLocalMode</code> <B><!--[Required]-->[必需]</B><br/>
@ -519,33 +468,94 @@ An empty string slice is meant to select all network interfaces.
</td>
<td>
<!--
DetectLocalMode determines mode to use for detecting local traffic, defaults to LocalModeClusterCIDR
detectLocalMode determines mode to use for detecting local traffic, defaults to LocalModeClusterCIDR.
-->
<p><code>detectLocalMode</code> 字段用来确定检测本地流量的方式,默认为 LocalModeClusterCIDR。</p>
<p><code>detectLocalMode</code> 确定用于检测本地流量的模式,默认为 LocalModeClusterCIDR。</p>
</td>
</tr>
<tr><td><code>detectLocal</code> <B><!--[Required]-->[必需]</B><br/>
<a href="#kubeproxy-config-k8s-io-v1alpha1-DetectLocalConfiguration"><code>DetectLocalConfiguration</code></a>
</td>
<td>
<!--
DetectLocal contains optional configuration settings related to DetectLocalMode.
-->
<p><code>detectLocal</code> 字段包含与 DetectLocalMode 相关的可选配置设置。</p>
<!--
detectLocal contains optional configuration settings related to DetectLocalMode.
-->
<p><code>detectLocal</code> 包含与 DetectLocalMode 相关的可选配置设置。</p>
</td>
</tr>
<tr><td><code>logging</code> <B><!--[Required]-->[必需]</B><br/>
<a href="#LoggingConfiguration"><code>LoggingConfiguration</code></a>
<tr><td><code>clusterCIDR</code> <B><!--[Required]-->[必需]</B><br/>
<code>string</code>
</td>
<td>
<!--
logging specifies the options of logging.
Refer to <a href="https://github.com/kubernetes/component-base/blob/master/logs/options.go">Logs Options</a>
for more information.
clusterCIDR is the CIDR range of the pods in the cluster. (For dual-stack
clusters, this can be a comma-separated dual-stack pair of CIDR ranges.). When
DetectLocalMode is set to LocalModeClusterCIDR, kube-proxy will consider
traffic to be local if its source IP is in this range. (Otherwise it is not
used.)
-->
<p><code>logging</code> 字段指定记录日志的选项。更多细节参阅
<a href="https://github.com/kubernetes/component-base/blob/master/logs/options.go">Logs Options</a></p>
<p><code>clusterCIDR</code> 指定集群中 Pod 的 CIDR 范围。
(对于双栈集群,这个参数可以是一个用逗号分隔的双栈 CIDR 范围对。)
当 DetectLocalMode 设置为 LocalModeClusterCIDR 时,如果流量的源 IP 在这个范围内,
kube-proxy 会将其视为本地流量。(否则不会使用此设置。)</p>
</td>
</tr>
<tr><td><code>nodePortAddresses</code> <B><!--[Required]-->[必需]</B><br/>
<code>[]string</code>
</td>
<td>
<!--
nodePortAddresses is a list of CIDR ranges that contain valid node IPs. If set,
connections to NodePort services will only be accepted on node IPs in one of
the indicated ranges. If unset, NodePort connections will be accepted on all
local IPs.
-->
<p><code>nodePortAddresses</code> 是一个包含有效节点 IP 的 CIDR 范围列表。
如果设置了此项,只有来自这些范围内的节点 IP 的 NodePort 服务连接才会被接受。
如果未设置,将接受所有本地 IP 的 NodePort 连接。</p>
</td>
</tr>
<tr><td><code>oomScoreAdj</code> <B><!--[Required]-->[必需]</B><br/>
<code>int32</code>
</td>
<td>
<!--
oomScoreAdj is the oom-score-adj value for kube-proxy process. Values must be within
the range [-1000, 1000]
-->
<p><code>oomScoreAdj</code> 是 kube-proxy 进程的 OOM 评分调整值。该值必须在 [-1000, 1000] 范围内。</p>
</td>
</tr>
<tr><td><code>conntrack</code> <B><!--[Required]-->[必需]</B><br/>
<a href="#kubeproxy-config-k8s-io-v1alpha1-KubeProxyConntrackConfiguration"><code>KubeProxyConntrackConfiguration</code></a>
</td>
<td>
<!--
conntrack contains conntrack-related configuration options.
-->
<p><code>conntrack</code> 包含与 conntrack 相关的配置选项。</p>
</td>
</tr>
<tr><td><code>configSyncPeriod</code> <B><!--[Required]-->[必需]</B><br/>
<a href="https://pkg.go.dev/k8s.io/apimachinery/pkg/apis/meta/v1#Duration"><code>meta/v1.Duration</code></a>
</td>
<td>
<!--
configSyncPeriod is how often configuration from the apiserver is refreshed. Must be greater
than 0.
-->
<p><code>configSyncPeriod</code> 指定从 apiserver 刷新配置的频率,必须大于 0。</p>
</td>
</tr>
<tr><td><code>portRange</code> <B><!--[Required]-->[必需]</B><br/>
<code>string</code>
</td>
<td>
<!--
portRange was previously used to configure the userspace proxy, but is now unused.
-->
<p><code>portRange</code> 之前用于配置用户空间代理,但现在已不再使用。</p>
</td>
</tr>
@ -575,13 +585,13 @@ DetectLocalConfiguration 包含与 DetectLocalMode 选项相关的可选设置
</td>
<td>
<!--
BridgeInterface is a string argument which represents a single bridge interface name.
Kube-proxy considers traffic as local if originating from this given bridge.
This argument should be set if DetectLocalMode is set to LocalModeBridgeInterface.
bridgeInterface is a bridge interface name. When DetectLocalMode is set to
LocalModeBridgeInterface, kube-proxy will consider traffic to be local if
it originates from this bridge.
-->
<p><code>bridgeInterface</code> 字段是一个表示单个桥接接口名称的字符串参数
Kube-proxy 将来自这个给定桥接接口的流量视为本地流量。
如果 DetectLocalMode 设置为 LocalModeBridgeInterface则应设置该参数</p>
<p><code>bridgeInterface</code> 指的是桥接接口的名称
当 DetectLocalMode 设置为 LocalModeBridgeInterface 时,
如果流量来自这个桥接接口kube-proxy 会将其视为本地流量</p>
</td>
</tr>
<tr><td><code>interfaceNamePrefix</code> <B><!--[Required]-->[必需]</B><br/>
@ -589,13 +599,13 @@ This argument should be set if DetectLocalMode is set to LocalModeBridgeInterfac
</td>
<td>
<!--
InterfaceNamePrefix is a string argument which represents a single interface prefix name.
Kube-proxy considers traffic as local if originating from one or more interfaces which match
the given prefix. This argument should be set if DetectLocalMode is set to LocalModeInterfaceNamePrefix.
interfaceNamePrefix is an interface name prefix. When DetectLocalMode is set to
LocalModeInterfaceNamePrefix, kube-proxy will consider traffic to be local if
it originates from any interface whose name begins with this prefix.
-->
<p><code>interfaceNamePrefix</code> 字段是一个表示单个接口前缀名称的字符串参数
Kube-proxy 将来自一个或多个与给定前缀匹配的接口流量视为本地流量。
如果 DetectLocalMode 设置为 LocalModeInterfaceNamePrefix则应设置该参数</p>
<p><code>interfaceNamePrefix</code> 是接口名称的前缀
当 DetectLocalMode 设置为 LocalModeInterfaceNamePrefix 时,
如果流量来自任何名称以该前缀开头的接口kube-proxy 会将其视为本地流量</p>
</td>
</tr>
</tbody>
@ -638,7 +648,7 @@ per CPU core (0 to leave the limit as-is and ignore min).
<td>
<!--
min is the minimum value of connect-tracking records to allocate,
regardless of conntrackMaxPerCore (set maxPerCore=0 to leave the limit as-is).
regardless of maxPerCore (set maxPerCore=0 to leave the limit as-is).
-->
<p><code>min</code> 字段给出要分配的链接跟踪记录个数下限。
设置此值时会忽略 maxPerCore 的值(将 maxPerCore 设置为 0 时不会调整上限值)。</p>
@ -670,6 +680,46 @@ table. (e.g. '60s'). Must be greater than 0 to set.
此设置值必须大于 0。</p>
</td>
</tr>
<tr><td><code>tcpBeLiberal</code> <B><!--[Required]-->[必需]</B><br/>
<code>bool</code>
</td>
<td>
<!--
tcpBeLiberal, if true, kube-proxy will configure conntrack
to run in liberal mode for TCP connections and packets with
out-of-window sequence numbers won't be marked INVALID.
-->
<p><code>tcpBeLiberal</code> 如果设置为 true
kube-proxy 将配置 conntrack 以宽松模式运行,
对于 TCP 连接和超出窗口序列号的报文不会被标记为 INVALID。</p>
</td>
</tr>
<tr><td><code>udpTimeout</code> <B><!--[Required]-->[必需]</B><br/>
<a href="https://pkg.go.dev/k8s.io/apimachinery/pkg/apis/meta/v1#Duration"><code>meta/v1.Duration</code></a>
</td>
<td>
<!--
udpTimeout is how long an idle UDP conntrack entry in
UNREPLIED state will remain in the conntrack table
(e.g. '30s'). Must be greater than 0 to set.
-->
<p><code>udpTimeout</code> 指定处于 UNREPLIED 状态的空闲 UDP conntrack 条目在 conntrack 表中保留的时间
(例如 '30s')。该值必须大于 0。</p>
</td>
</tr>
<tr><td><code>udpStreamTimeout</code> <B><!--[Required]-->[必需]</B><br/>
<a href="https://pkg.go.dev/k8s.io/apimachinery/pkg/apis/meta/v1#Duration"><code>meta/v1.Duration</code></a>
</td>
<td>
<!--
udpStreamTimeout is how long an idle UDP conntrack entry in
ASSURED state will remain in the conntrack table
(e.g. '300s'). Must be greater than 0 to set.
-->
<p><code>udpStreamTimeout</code> 指定处于 ASSURED 状态的空闲 UDP conntrack 条目在 conntrack 表中保留的时间
(例如 '300s')。该值必须大于 0。</p>
</td>
</tr>
</tbody>
</table>
@ -698,10 +748,10 @@ KubeProxyIPTablesConfiguration 包含用于 Kubernetes 代理服务器的、与
<td>
<!--
masqueradeBit is the bit of the iptables fwmark space to use for SNAT if using
the pure iptables proxy mode. Values must be within the range [0, 31].
the iptables or ipvs proxy mode. Values must be within the range [0, 31].
-->
<p><code>masqueradeBit</code> 字段是 iptables fwmark 空间中的具体一位,
用来在 iptables 代理模式下设置 SNAT。此值必须介于 [0, 31](含边界值)。</p>
用来在 iptables 或 ipvs 代理模式下设置 SNAT。此值必须介于 [0, 31](含边界值)。</p>
</td>
</tr>
<tr><td><code>masqueradeAll</code> <B><!--[Required]-->[必需]</B><br/>
@ -709,19 +759,25 @@ the pure iptables proxy mode. Values must be within the range [0, 31].
</td>
<td>
<!--
masqueradeAll tells kube-proxy to SNAT everything if using the pure iptables proxy mode.
masqueradeAll tells kube-proxy to SNAT all traffic sent to Service cluster IPs,
when using the iptables or ipvs proxy mode. This may be required with some CNI
plugins.
-->
<p><code>masqueradeAll</code> 字段用来通知 kube-proxy
在使用 iptables 代理模式时对所有流量执行 SNAT 操作。</p>
在使用 iptables 或 ipvs 代理模式时对所有流量执行 SNAT 操作。这在某些 CNI 插件中可能是必需的</p>
</td>
</tr>
<tr><td><code>localhostNodePorts</code> <B><!--[Required]-->[必需]</B><br/>
<code>bool</code>
</td>
<td>
<!--LocalhostNodePorts tells kube-proxy to allow service NodePorts to be accessed via
localhost (iptables mode only)-->
<p>localhostNodePorts 告知 kube-proxy 允许通过 localhost 访问服务 NodePorts仅 iptables 模式)</p>
<!--localhostNodePorts, if false, tells kube-proxy to disable the legacy behavior
of allowing NodePort services to be accessed via localhost. (Applies only to
iptables mode and IPv4; localhost NodePorts are never allowed with other proxy
modes or with IPv6.)-->
<p><code>localhostNodePorts</code> 如果设置为 false
则会通知 kube-proxy 禁用通过本地主机访问 NodePort 服务的旧有行为。
(仅适用于 iptables 模式和 IPv4在其他代理模式或 IPv6 下,不允许本地主机访问 NodePort 服务。)</p>
</td>
</tr>
<tr><td><code>syncPeriod</code> <B><!--[Required]-->[必需]</B><br/>
@ -729,11 +785,12 @@ localhost (iptables mode only)-->
</td>
<td>
<!--
syncPeriod is the period that iptables rules are refreshed (e.g. '5s', '1m',
'2h22m'). Must be greater than 0.
syncPeriod is an interval (e.g. '5s', '1m', '2h22m') indicating how frequently
various re-synchronizing and cleanup operations are performed. Must be greater
than 0.
-->
<p><code>syncPeriod</code> 字段给出 iptables
规则的刷新周期(例如,'5s'、'1m'、'2h22m')。此值必须大于 0。</p>
<p><code>syncPeriod</code> 是时间间隔(例如 '5s'、'1m'、'2h22m'
指示各种重新同步和清理操作的执行频率。该值必须大于 0。</p>
</td>
</tr>
<tr><td><code>minSyncPeriod</code> <B><!--[Required]-->[必需]</B><br/>
@ -741,10 +798,12 @@ localhost (iptables mode only)-->
</td>
<td>
<!--
minSyncPeriod is the minimum period that iptables rules are refreshed (e.g. '5s', '1m', '2h22m').
minSyncPeriod is the minimum period between iptables rule resyncs (e.g. '5s',
'1m', '2h22m'). A value of 0 means every Service or EndpointSlice change will
result in an immediate iptables resync.
-->
<p><code>minSyncPeriod</code> 字段给出 iptables
规则被刷新的最小周期(例如,'5s'、'1m'、'2h22m'</p>
<p><code>minSyncPeriod</code> 是 iptables 规则重新同步的最小时间间隔(例如 '5s'、'1m'、'2h22m')。
如果值为 0表示每次服务或 EndpointSlice 发生变化时都会立即重新同步 iptables</p>
</td>
</tr>
</tbody>
@ -774,11 +833,12 @@ KubeProxyIPVSConfiguration 包含用于 Kubernetes 代理服务器的、与 ipvs
</td>
<td>
<!--
syncPeriod is the period that ipvs rules are refreshed (e.g. '5s', '1m',
'2h22m'). Must be greater than 0.
syncPeriod is an interval (e.g. '5s', '1m', '2h22m') indicating how frequently
various re-synchronizing and cleanup operations are performed. Must be greater
than 0.
-->
<p><code>syncPeriod</code> 字段给出 ipvs 规则的刷新周期(例如,'5s'、'1m'、'2h22m')。
此值必须大于 0。</p>
<p><code>syncPeriod</code> 是各种重新同步和清理操作执行频率的时间间隔(例如 '5s', '1m', '2h22m')。
该值必须大于 0</p>
</td>
</tr>
<tr><td><code>minSyncPeriod</code> <B><!--[Required]-->[必需]</B><br/>
@ -786,9 +846,12 @@ KubeProxyIPVSConfiguration 包含用于 Kubernetes 代理服务器的、与 ipvs
</td>
<td>
<!--
minSyncPeriod is the minimum period that ipvs rules are refreshed (e.g. '5s', '1m', '2h22m').
mminSyncPeriod is the minimum period between IPVS rule resyncs (e.g. '5s', '1m',
'2h22m'). A value of 0 means every Service or EndpointSlice change will result
in an immediate IPVS resync.
-->
<p><code>minSyncPeriod</code> 字段给出 ipvs 规则被刷新的最小周期(例如,'5s'、'1m'、'2h22m')。</p>
<p><code>minSyncPeriod</code> 是 IPVS 规则重新同步之间的最小时间间隔(例如 '5s', '1m', '2h22m')。
值为 0 表示每次服务或 EndpointSlice 发生变化时都会立即触发 IPVS 重新同步。</p>
</td>
</tr>
<tr><td><code>scheduler</code> <B><!--[Required]-->[必需]</B><br/>
@ -796,9 +859,9 @@ KubeProxyIPVSConfiguration 包含用于 Kubernetes 代理服务器的、与 ipvs
</td>
<td>
<!--
ipvs scheduler
scheduler is the IPVS scheduler to use
-->
<p>IPVS 调度器。</p>
<p><code>scheduler</code> 是用于 IPVS 调度器。</p>
</td>
</tr>
<tr><td><code>excludeCIDRs</code> <B><!--[Required]-->[必需]</B><br/>
@ -806,7 +869,7 @@ KubeProxyIPVSConfiguration 包含用于 Kubernetes 代理服务器的、与 ipvs
</td>
<td>
<!--
excludeCIDRs is a list of CIDR's which the ipvs proxier should not touch
excludeCIDRs is a list of CIDRs which the ipvs proxier should not touch
when cleaning up ipvs services.
-->
<p><code>excludeCIDRs</code> 字段取值为一个 CIDR 列表ipvs 代理程序在清理 IPVS 服务时不应触碰这些 IP 地址。</p>
@ -817,7 +880,7 @@ when cleaning up ipvs services.
</td>
<td>
<!--
strict ARP configure arp_ignore and arp_announce to avoid answering ARP queries
strictARP configures arp_ignore and arp_announce to avoid answering ARP queries
from kube-ipvs0 interface
-->
<p><code>strictARP</code> 字段用来配置 arp_ignore 和 arp_announce以避免错误地响应来自 kube-ipvs0 接口的
@ -863,6 +926,78 @@ The default value is 0, which preserves the current timeout value on the system.
</tbody>
</table>
## `KubeProxyNFTablesConfiguration` {#kubeproxy-config-k8s-io-v1alpha1-KubeProxyNFTablesConfiguration}
<!--
**Appears in:**
-->
**出现在:**
- [KubeProxyConfiguration](#kubeproxy-config-k8s-io-v1alpha1-KubeProxyConfiguration)
<!--
KubeProxyNFTablesConfiguration contains nftables-related configuration
+details for the Kubernetes proxy server.
-->
<p>KubeProxyNFTablesConfiguration 包含 Kubernetes 代理服务器的 nftables 相关配置详细信息。</p>
<table class="table">
<thead><tr><th width="30%">Field</th><th>Description</th></tr></thead>
<tbody>
<tr><td><code>masqueradeBit</code> <B><!--[Required]-->[必需]</B><br/>
<code>int32</code>
</td>
<td>
<!--
masqueradeBit is the bit of the iptables fwmark space to use for SNAT if using
the nftables proxy mode. Values must be within the range [0, 31].
-->
<p><code>masqueradeBit</code> 字段是 iptables fwmark 空间中的具体一位,
用来在 nftables 代理模式下设置 SNAT。此值必须介于 [0, 31](含边界值)。</p>
</td>
</tr>
<tr><td><code>masqueradeAll</code> <B><!--[Required]-->[必需]</B><br/>
<code>bool</code>
</td>
<td>
<!--
masqueradeAll tells kube-proxy to SNAT all traffic sent to Service cluster IPs,
when using the nftables mode. This may be required with some CNI plugins.
-->
<p><code>masqueradeAll</code> 通知 kube-proxy 在使用 nftables 模式时,
对发送到服务集群 IP 的所有流量执行 SNAT。这在某些 CNI 插件中可能是必需的。</p>
</td>
</tr>
<tr><td><code>syncPeriod</code> <B><!--[Required]-->[必需]</B><br/>
<a href="https://pkg.go.dev/k8s.io/apimachinery/pkg/apis/meta/v1#Duration"><code>meta/v1.Duration</code></a>
</td>
<td>
<!--
syncPeriod is an interval (e.g. '5s', '1m', '2h22m') indicating how frequently
various re-synchronizing and cleanup operations are performed. Must be greater
than 0.
-->
<p><code>syncPeriod</code> 表示各种重新同步和清理操作执行频率的时间间隔(例如 '5s', '1m', '2h22m')。
该值必须大于 0。</p>
</td>
</tr>
<tr><td><code>minSyncPeriod</code> <B><!--[Required]-->[必需]</B><br/>
<a href="https://pkg.go.dev/k8s.io/apimachinery/pkg/apis/meta/v1#Duration"><code>meta/v1.Duration</code></a>
</td>
<td>
<!--
minSyncPeriod is the minimum period between iptables rule resyncs (e.g. '5s',
'1m', '2h22m'). A value of 0 means every Service or EndpointSlice change will
result in an immediate iptables resync.
-->
<p><code>minSyncPeriod</code>是 iptables 规则重新同步之间的最小时间间隔(例如 '5s', '1m', '2h22m')。
值为 0 时,表示每次服务或 EndpointSlice 发生变化时都会立即重新同步 iptables。</p>
</td>
</tr>
</tbody>
</table>
## `KubeProxyWinkernelConfiguration` {#kubeproxy-config-k8s-io-v1alpha1-KubeProxyWinkernelConfiguration}
<!--
@ -898,7 +1033,7 @@ to create endpoints and policies
</td>
<td>
<!--
sourceVip is the IP address of the source VIP endoint used for
sourceVip is the IP address of the source VIP endpoint used for
NAT when loadbalancing
-->
<p><code>sourceVip</code> 字段是执行负载均衡时进行 NAT 转换所使用的源端 VIP 端点 IP 地址。</p>
@ -920,7 +1055,7 @@ with DSR
</td>
<td>
<!--
RootHnsEndpointName is the name of hnsendpoint that is attached to
rootHnsEndpointName is the name of hnsendpoint that is attached to
l2bridge for root network namespace
-->
<p><code>rootHnsEndpointName</code>
@ -932,7 +1067,7 @@ l2bridge for root network namespace
</td>
<td>
<!--
ForwardHealthCheckVip forwards service VIP for health check port on
forwardHealthCheckVip forwards service VIP for health check port on
Windows
-->
<p><code>forwardHealthCheckVip</code>

4
content/zh-cn/docs/reference/using-api/cel.md
View File

@ -85,7 +85,7 @@ CEL 表达式示例:
| `self.minReplicas <= self.replicas && self.replicas <= self.maxReplicas` | Validate that the three fields defining replicas are ordered appropriately |
| `'Available' in self.stateCounts` | Validate that an entry with the 'Available' key exists in a map |
| `(self.list1.size() == 0) != (self.list2.size() == 0)` | Validate that one of two lists is non-empty, but not both |
| `self.envars.filter(e, e.name = 'MY_ENV').all(e, e.value.matches('^[a-zA-Z]*$')` | Validate the 'value' field of a listMap entry where key field 'name' is 'MY_ENV' |
| `self.envars.filter(e, e.name = 'MY_ENV').all(e, e.value.matches('^[a-zA-Z]*$'))` | Validate the 'value' field of a listMap entry where key field 'name' is 'MY_ENV' |
| `has(self.expired) && self.created + self.ttl < self.expired` | Validate that 'expired' date is after a 'create' date plus a 'ttl' duration |
| `self.health.startsWith('ok')` | Validate a 'health' string field has the prefix 'ok' |
| `self.widgets.exists(w, w.key == 'x' && w.foo < 10)` | Validate that the 'foo' property of a listMap item with a key 'x' is less than 10 |
@ -103,7 +103,7 @@ CEL 表达式示例:
| `self.minReplicas <= self.replicas && self.replicas <= self.maxReplicas` | 验证定义副本的三个字段被正确排序 |
| `'Available' in self.stateCounts` | 验证映射中存在主键为 'Available' 的条目 |
| `(self.list1.size() == 0) != (self.list2.size() == 0)` | 验证两个列表中有一个非空,但不是两个都非空 |
| `self.envars.filter(e, e.name = 'MY_ENV').all(e, e.value.matches('^[a-zA-Z]*$')` | 验证 listMap 条目的 'value' 字段,其主键字段 'name' 是 'MY_ENV' |
| `self.envars.filter(e, e.name = 'MY_ENV').all(e, e.value.matches('^[a-zA-Z]*$'))` | 验证 listMap 条目的 'value' 字段,其主键字段 'name' 是 'MY_ENV' |
| `has(self.expired) && self.created + self.ttl < self.expired` | 验证 'expired' 日期在 'create' 日期加上 'ttl' 持续时间之后 |
| `self.health.startsWith('ok')` | 验证 'health' 字符串字段具有前缀 'ok' |
| `self.widgets.exists(w, w.key == 'x' && w.foo < 10)` | 验证具有键 'x' 的 listMap 项的 'foo' 属性小于 10 |

14
content/zh-cn/docs/test.md
View File

@ -829,13 +829,21 @@ Notes catch the reader's attention without a sense of urgency.
You can have multiple paragraphs and block-level elements inside an admonition.
| Or | a | table |
You can also add tables to organize and highlight key information.
| Header 1 | Header 2 | Header 3 |
| -------- | -------- | -------- |
| Data 1 | Data A | Info X |
| Data 2 | Data B | Info Y |
-->
说明信息用来引起读者的注意,但不过分强调其紧迫性。
你可以在提醒框内包含多个段落和块级元素。
还可以添加表格来组织和突出关键信息
| 甚至 | 包含 | 表格 |
| 表头 1 | 表头 2 | 表头 3 |
| -------- | -------- | -------- |
| 数据 1 | 数据 A | 信息 X |
| 数据 2 | 数据 B | 信息 Y |
{{< /note >}}
{{< caution >}}

4
content/zh-cn/examples/application/cassandra/cassandra-statefulset.yaml
View File

@ -15,7 +15,7 @@ spec:
labels:
app: cassandra
spec:
terminationGracePeriodSeconds: 1800
terminationGracePeriodSeconds: 500
containers:
- name: cassandra
image: gcr.io/google-samples/cassandra:v13
@ -43,7 +43,7 @@ spec:
lifecycle:
preStop:
exec:
command:
command:
- /bin/sh
- -c
- nodetool drain

8
data/releases/schedule.yaml
View File

@ -17,7 +17,7 @@ schedules:
next:
cherryPickDeadline: "2024-08-09"
release: 1.30.4
targetDate: "2024-08-13"
targetDate: "2024-08-14"
previousPatches:
- cherryPickDeadline: "2024-07-12"
release: 1.30.3
@ -37,7 +37,7 @@ schedules:
next:
cherryPickDeadline: "2024-08-09"
release: 1.29.8
targetDate: "2024-08-13"
targetDate: "2024-08-14"
previousPatches:
- cherryPickDeadline: "2024-07-12"
release: 1.29.7
@ -69,7 +69,7 @@ schedules:
next:
cherryPickDeadline: "2024-08-09"
release: 1.28.13
targetDate: "2024-08-13"
targetDate: "2024-08-14"
previousPatches:
- cherryPickDeadline: "2024-07-12"
release: 1.28.12
@ -114,7 +114,7 @@ schedules:
releaseDate: "2023-08-15"
upcoming_releases:
- cherryPickDeadline: "2024-08-09"
targetDate: "2024-08-13"
targetDate: "2024-08-14"
- cherryPickDeadline: "2024-09-06"
targetDate: "2024-09-10"
- cherryPickDeadline: "2024-10-11"

5
layouts/docs/glossary.html
View File

@ -4,8 +4,9 @@
{{ define "main" }}
<h1>{{ .Title }}</h1>
<link href="{{ "css/glossary.css" | relURL }}" rel="stylesheet">
<script src="{{ "js/glossary.js" | relURL }}"></script>
{{- with resources.Get "css/glossary.css" -}}
<link href="{{ .RelPermalink }}" rel="stylesheet">
{{- end -}}
<p>{{ T "layouts_docs_glossary_description" }}</p>
<div id="tag-container">
<p>{{ T "layouts_docs_glossary_filter" }}</p>

5
layouts/partials/head.html
View File

@ -91,11 +91,6 @@
<script defer src="{{ "js/release_binaries.js" | relURL }}"></script>
{{- end -}}
<!-- Enable zoom-on-click for figures that opt in to this -->
{{- if .HasShortcode "figure" -}}
<script defer src="{{ "js/zoom.js" | relURL }}"></script>
{{- end -}}
{{- if eq (lower .Params.cid) "community" -}}
{{- if eq .Params.community_styles_migrated true -}}
<link href="/css/community.css" rel="stylesheet"><!-- legacy styles -->

19
layouts/partials/hooks/head-end.html
View File

@ -13,3 +13,22 @@
{{- if .HasShortcode "cncf-landscape" -}}
<script src="https://cdnjs.cloudflare.com/ajax/libs/iframe-resizer/4.3.9/iframeResizer.min.js" integrity="sha384-hHTwgxzjpO1G1NI0wMHWQYUxnGtpWyDjVSZrFnDrlWa5OL+DFY57qnDWw/5WSJOl" crossorigin="anonymous"></script>
{{- end -}}
{{- if .HasShortcode "figure" -}}
<!-- Enable zoom-on-click for figures that opt in to this -->
{{- if hugo.IsProduction -}}
{{- $zoomJs := resources.Get "js/zoom.js" | minify | fingerprint -}}
<script defer src="{{ $zoomJs.RelPermalink }}" integrity="{{ $zoomJs.Data.Integrity }}" crossorigin="anonymous"></script>
{{- else -}}
{{- $zoomJs := resources.Get "js/zoom.js" -}}
<script defer src="{{ $zoomJs.RelPermalink }}"></script>
{{- end -}}
{{- end -}}
{{- if eq .Layout "glossary" -}}
{{- with resources.Get "js/glossary.js" -}}
<script defer src="{{ .RelPermalink }}"></script>
{{- else -}}
{{- errorf "Unable to find the glossary helper script" -}}
{{- end -}}
{{- end -}}