Merge pull request #49258 from windsonsea/gloss

[zh] Update glossary: drain, rbac, addons, replicaset
2024-12-30 15:44:13 +01:00 · 2024-12-30 15:44:13 +01:00 · 2ec33f6d95
parent 2c0aee805d 95fa74ff28
commit 2ec33f6d95
5 changed files with 85 additions and 25 deletions
--- a/content/zh-cn/docs/reference/glossary/addons.md
+++ b/content/zh-cn/docs/reference/glossary/addons.md
@ -23,10 +23,10 @@ tags:
 - tool
 -->
-  <!--
+<!--
-  Resources that extend the functionality of Kubernetes.
+Resources that extend the functionality of Kubernetes.
-  -->
+-->
-  扩展 Kubernetes 功能的资源。
+扩展 Kubernetes 功能的资源。
 <!--more-->
--- a/content/zh-cn/docs/reference/glossary/admission-controller.md
+++ b/content/zh-cn/docs/reference/glossary/admission-controller.md
@ -21,7 +21,7 @@ short_description: >
 aka:
 tags:
 - extension
- security																							 
+- security
 -->
 <!--
--- a/content/zh-cn/docs/reference/glossary/drain.md
+++ b/content/zh-cn/docs/reference/glossary/drain.md
@ -0,0 +1,43 @@
 ---
 title: 腾空
 id: drain
 date: 2024-12-27
 full_link:
 short_description: >
  从 Node 中安全地驱逐 Pod，为节点维护或移除做好准备。
 tags:
 - fundamental
 - operation
 ---
 <!--
 title: Drain
 id: drain
 date: 2024-12-27
 full_link:
 short_description: >
  Safely evicts Pods from a Node to prepare for maintenance or removal.
 tags:
 - fundamental
 - operation
 -->
 <!--
 The process of safely evicting {{< glossary_tooltip text="Pods" term_id="pod" >}} from a {{< glossary_tooltip text="Node" term_id="node" >}} to prepare it for maintenance or removal from a {{< glossary_tooltip text="cluster" term_id="cluster" >}}.
 -->
 从 {{< glossary_tooltip text="Node" term_id="node" >}} 中安全驱逐
 {{< glossary_tooltip text="Pod" term_id="pod" >}} 的过程，
 为维护或从{{< glossary_tooltip text="集群" term_id="cluster" >}}中移除节点做好准备。
 <!--more-->
 <!--
 The `kubectl drain` command is used to mark a {{< glossary_tooltip text="Node" term_id="node" >}} as going out of service. 
 When executed, it evicts all {{< glossary_tooltip text="Pods" term_id="pod" >}} from the {{< glossary_tooltip text="Node" term_id="node" >}}. 
 If an eviction request is temporarily rejected, `kubectl drain` retries until all {{< glossary_tooltip text="Pods" term_id="pod" >}} are terminated or a configurable timeout is reached.
 -->
 `kubectl drain` 命令用于将 {{< glossary_tooltip text="Node" term_id="node" >}} 标记为停止服务。
 执行此命令时，它会从 {{< glossary_tooltip text="Node" term_id="node" >}} 驱逐所有
 {{< glossary_tooltip text="Pod" term_id="pod" >}}。 
 如果驱逐请求临时被拒绝，`kubectl drain` 会重试，直到所有
 {{< glossary_tooltip text="Pod" term_id="pod" >}} 被终止或达到可配置的超时时限。
--- a/content/zh-cn/docs/reference/glossary/rbac.md
+++ b/content/zh-cn/docs/reference/glossary/rbac.md
@ -11,13 +11,11 @@ tags:
 - security
 - fundamental
 ---
 <!--
 ---
 title: RBAC (Role-Based Access Control)
 id: rbac
 date: 2018-04-12
-full_link: /zh-cn/docs/reference/access-authn-authz/rbac/
+full_link: /docs/reference/access-authn-authz/rbac/
 short_description: >
  Manages authorization decisions, allowing admins to dynamically configure access policies through the Kubernetes API.
@ -25,7 +23,6 @@ aka:
 tags:
 - security
 - fundamental
 ---
 -->
 <!--
@ -33,11 +30,33 @@ tags:
 -->
 管理授权决策，允许管理员通过 {{< glossary_tooltip text="Kubernetes API" term_id="kubernetes-api" >}} 动态配置访问策略。
-<!--more--> 
+<!--more-->
 <!--
-RBAC utilizes *roles*, which contain permission rules, and *role bindings*, which grant the permissions defined in a role to a set of users.
+RBAC utilizes four kinds of Kubernetes objects:
 Role
 : Defines permission rules in a specific namespace.
 ClusterRole
 : Defines permission rules cluster-wide.
 RoleBinding
 : Grants the permissions defined in a role to a set of users in a specific namespace.
 ClusterRoleBinding
 : Grants the permissions defined in a role to a set of users cluster-wide.
 For more information, see [RBAC](/docs/reference/access-authn-authz/rbac/).
 -->
-RBAC 使用 *角色* (包含权限规则)和 *角色绑定* (将角色中定义的权限授予一组用户)。
+RBAC 使用四种类别的 Kubernetes 对象：
 - **Role**：在特定命名空间中定义权限规则。
 - **ClusterRole**：定义集群范围内的权限规则。
 - **RoleBinding**：将角色中定义的权限授予特定命名空间中的一组用户。
 - **ClusterRoleBinding**：将角色中定义的权限授予集群范围内的一组用户。
 更多信息参见 [RBAC](/zh-cn/docs/reference/access-authn-authz/rbac/)。
--- a/content/zh-cn/docs/reference/glossary/replica-set.md
+++ b/content/zh-cn/docs/reference/glossary/replica-set.md
@ -4,7 +4,7 @@ id: replica-set
 date: 2018-04-12
 full_link: /zh-cn/docs/concepts/workloads/controllers/replicaset/
 short_description: >
-  ReplicaSet 是下一代副本控制器。
+  ReplicaSet 确保一次运行指定数量的 Pod 副本。
 aka: 
 tags:
@ -12,34 +12,32 @@ tags:
 - core-object
 - workload
 ---
 <!--
 ---
 title: ReplicaSet
 id: replica-set
 date: 2018-04-12
-full_link: /zh-cn/docs/concepts/workloads/controllers/replicaset/
+full_link: /docs/concepts/workloads/controllers/replicaset/
 short_description: >
-  ReplicaSet is the next-generation Replication Controller.
+ ReplicaSet ensures that a specified number of Pod replicas are running at one time
 aka: 
 tags:
 - fundamental
 - core-object
 - workload
 ---
 -->
 <!--
- ReplicaSet is the next-generation Replication Controller.
+ A ReplicaSet (aims to) maintain a set of replica Pods running at any given time.
 -->
 ReplicaSet（旨在）在任何给定时间确保运行一组 Pod 副本。
-ReplicaSet 是下一代副本控制器。
+<!--more-->
 <!--more--> 
 <!--
-ReplicaSet, like ReplicationController, ensures that a specified number of pods replicas are running at one time. ReplicaSet supports the new set-based selector requirements as described in the labels user guide, whereas a Replication Controller only supports equality-based selector requirements.
+Workload objects such as {{< glossary_tooltip term_id="deployment" >}} make use of ReplicaSets
 to ensure that the configured number of {{< glossary_tooltip term_id="pod" text="Pods" >}} are
 running in your cluster, based on the spec of that ReplicaSet.
 -->
-
+像 {{< glossary_tooltip term_id="deployment" >}} 这类工作负载对象利用 ReplicaSet
-ReplicaSet 就像 ReplicationController 那样，确保一次运行指定数量的 Pod 副本。ReplicaSet 支持新的基于集合的选择器需求（在标签的用户指南中有相关描述），而副本控制器只支持基于等值的选择器需求。
+基于其规约来确保集群中运行的 {{< glossary_tooltip term_id="pod" text="Pod" >}} 数量符合配置要求。