From 6b139b085d5def2775d5dea72708ef317b3de258 Mon Sep 17 00:00:00 2001
From: "xin.li" <xin.li@daocloud.io>
Date: Sun, 15 Sep 2024 19:40:01 +0800
Subject: [PATCH] [zh-cn] sync kubeadm/create-cluster-kubeadm.md

Signed-off-by: xin.li <xin.li@daocloud.io>
---
 .../tools/kubeadm/create-cluster-kubeadm.md   | 170 +++++-------------
 1 file changed, 44 insertions(+), 126 deletions(-)

diff --git a/content/zh-cn/docs/setup/production-environment/tools/kubeadm/create-cluster-kubeadm.md b/content/zh-cn/docs/setup/production-environment/tools/kubeadm/create-cluster-kubeadm.md
index 1c9ce07476..d11bc526a3 100644
--- a/content/zh-cn/docs/setup/production-environment/tools/kubeadm/create-cluster-kubeadm.md
+++ b/content/zh-cn/docs/setup/production-environment/tools/kubeadm/create-cluster-kubeadm.md
@@ -311,14 +311,15 @@ communicates with).
 
 <!--
 1. (Recommended) If you have plans to upgrade this single control-plane `kubeadm` cluster
-to high availability you should specify the `--control-plane-endpoint` to set the shared endpoint
-for all control-plane nodes. Such an endpoint can be either a DNS name or an IP address of a load-balancer.
+to [high availability](/docs/setup/production-environment/tools/kubeadm/high-availability/)
+you should specify the `--control-plane-endpoint` to set the shared endpoint for all control-plane nodes.
+Such an endpoint can be either a DNS name or an IP address of a load-balancer.
 1. Choose a Pod network add-on, and verify whether it requires any arguments to
 be passed to `kubeadm init`. Depending on which
 third-party provider you choose, you might need to set the `--pod-network-cidr` to
 a provider-specific value. See [Installing a Pod network add-on](#pod-network).
 -->
-1. （推荐）如果计划将单个控制平面 kubeadm 集群升级成高可用，
+1. （推荐）如果计划将单个控制平面 kubeadm 集群升级成[高可用](/zh-cn/docs/setup/production-environment/tools/kubeadm/high-availability/)，
    你应该指定 `--control-plane-endpoint` 为所有控制平面节点设置共享端点。
    端点可以是负载均衡器的 DNS 名称或 IP 地址。
 2. 选择一个 Pod 网络插件，并验证是否需要为 `kubeadm init` 传递参数。
@@ -633,6 +634,15 @@ control-plane node or a node that has the kubeconfig credentials:
 kubectl apply -f <add-on.yaml>
 ```
 
+{{< note >}}
+<!--
+Only a few CNI plugins support Windows. More details and setup instructions can be found
+in [Adding Windows worker nodes](/docs/tasks/administer-cluster/kubeadm/adding-windows-nodes/#network-config).
+-->
+只有少数 CNI 插件支持 Windows，
+更多详细信息和设置说明请参阅[添加 Windows 工作节点](/zh-cn/docs/tasks/administer-cluster/kubeadm/adding-windows-nodes/#network-config)。
+{{< /note >}}
+
 <!--
 You can install only one Pod network per cluster.
 -->
@@ -725,135 +735,43 @@ kubectl label nodes --all node.kubernetes.io/exclude-from-external-load-balancer
 ```
 
 <!--
-### Joining your nodes {#join-nodes}
+### Adding more control plane nodes
+
+See [Creating Highly Available Clusters with kubeadm](/docs/setup/production-environment/tools/kubeadm/high-availability/) for steps on creating a high availability kubeadm cluster by adding more control plane
+nodes.
+
+### Adding worker nodes {#join-nodes}
+
+The worker nodes are where your workloads run.
+
+The following pages show how to add Linux and Windows worker nodes to the cluster by using
+the `kubeadm join` command:
+
+* [Adding Linux worker nodes](/docs/tasks/administer-cluster/kubeadm/adding-linux-nodes/)
+* [Adding Windows worker nodes](/docs/tasks/administer-cluster/kubeadm/adding-windows-nodes/)
 -->
-### 加入节点 {#join-nodes}
+### 添加更多控制平面节点
+
+请参阅[使用 kubeadm 创建高可用性集群](/zh-cn/docs/setup/production-environment/tools/kubeadm/high-availability/)，
+了解通过添加更多控制平面节点创建高可用性 kubeadm 集群的步骤。
+
+### 添加工作节点 {#join-nodes}
 
 <!--
-The nodes are where your workloads (containers and Pods, etc) run. To add new nodes to your cluster do the following for each machine:
+The worker nodes are where your workloads run.
+
+The following pages show how to add Linux and Windows worker nodes to the cluster by using
+the `kubeadm join` command:
+
+* [Adding Linux worker nodes](/docs/tasks/administer-cluster/kubeadm/adding-linux-nodes/)
+* [Adding Windows worker nodes](/docs/tasks/administer-cluster/kubeadm/adding-windows-nodes/)
 -->
-节点是你的工作负载（容器和 Pod 等）运行的地方。要将新节点添加到集群，请对每台计算机执行以下操作：
+工作节点是工作负载运行的地方。
 
-<!--
-* SSH to the machine
-* Become root (e.g. `sudo su -`)
-* [Install a runtime](/docs/setup/production-environment/tools/kubeadm/install-kubeadm/#installing-runtime)
-  if needed
-* Run the command that was output by `kubeadm init`. For example:
--->
-* SSH 到机器
-* 成为 root （例如 `sudo su -`）
-* 必要时[安装一个运行时](/zh-cn/docs/setup/production-environment/tools/kubeadm/install-kubeadm/#installing-runtime)
-* 运行 `kubeadm init` 输出的命令，例如：
+以下页面展示如何使用 `kubeadm join` 命令将 Linux 和 Windows 工作节点添加到集群：
 
-  ```bash
-  kubeadm join --token <token> <control-plane-host>:<control-plane-port> --discovery-token-ca-cert-hash sha256:<hash>
-  ```
-
-<!--
-If you do not have the token, you can get it by running the following command on the control-plane node:
--->
-如果你没有令牌，可以通过在控制平面节点上运行以下命令来获取令牌：
-
-```bash
-kubeadm token list
-```
-
-<!--
-The output is similar to this:
--->
-输出类似于以下内容：
-
-```console
-TOKEN                    TTL  EXPIRES              USAGES           DESCRIPTION            EXTRA GROUPS
-8ewj1p.9r9hcjoqgajrj4gi  23h  2018-06-12T02:51:28Z authentication,  The default bootstrap  system:
-                                                   signing          token generated by     bootstrappers:
-                                                                    'kubeadm init'.        kubeadm:
-                                                                                           default-node-token
-```
-
-<!--
-By default, tokens expire after 24 hours. If you are joining a node to the cluster after the current token has expired,
-you can create a new token by running the following command on the control-plane node:
--->
-默认情况下，令牌会在 24 小时后过期。如果要在当前令牌过期后将节点加入集群，
-则可以通过在控制平面节点上运行以下命令来创建新令牌：
-
-```bash
-kubeadm token create
-```
-
-<!--
-The output is similar to this:
--->
-输出类似于以下内容：
-
-```console
-5didvk.d09sbcov8ph2amjw
-```
-
-<!--
-If you don't have the value of `--discovery-token-ca-cert-hash`, you can get it by running the
-following command chain on the control-plane node:
--->
-如果你没有 `--discovery-token-ca-cert-hash` 的值，则可以通过在控制平面节点上执行以下命令链来获取它：
-
-```bash
-openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | \
-   openssl dgst -sha256 -hex | sed 's/^.* //'
-```
-
-<!--
-The output is similar to:
--->
-输出类似于以下内容：
-
-```console
-8cb2de97839780a412b93877f8507ad6c94f73add17d5d7058e91741c9d5ec78
-```
-
-{{< note >}}
-<!--
-To specify an IPv6 tuple for `<control-plane-host>:<control-plane-port>`, IPv6 address must be enclosed in square brackets, for example: `[2001:db8::101]:2073`.
--->
-要为 `<control-plane-host>:<control-plane-port>` 指定 IPv6 元组，必须将 IPv6
-地址括在方括号中，例如 `[2001:db8::101]:2073`。
-{{< /note >}}
-
-<!--
-The output should look something like:
--->
-输出应类似于：
-
-```console
-[preflight] Running pre-flight checks
-
-... (log output of join workflow) ...
-
-Node join complete:
-* Certificate signing request sent to control-plane and response
-  received.
-* Kubelet informed of new secure connection details.
-
-Run 'kubectl get nodes' on control-plane to see this machine join.
-```
-
-<!--
-A few seconds later, you should notice this node in the output from `kubectl get
-nodes` when run on the control-plane node.
--->
-几秒钟后，当你在控制平面节点上执行 `kubectl get nodes`，你会注意到该节点出现在输出中。
-
-{{< note >}}
-<!--
-As the cluster nodes are usually initialized sequentially, the CoreDNS Pods are likely to all run
-on the first control-plane node. To provide higher availability, please rebalance the CoreDNS Pods
-with `kubectl -n kube-system rollout restart deployment coredns` after at least one new node is joined.
--->
-由于集群节点通常是按顺序初始化的，CoreDNS Pod 很可能都运行在第一个控制面节点上。
-为了提供更高的可用性，请在加入至少一个新节点后使用
-`kubectl -n kube-system rollout restart deployment coredns` 命令，重新平衡这些 CoreDNS Pod。
-{{< /note >}}
+* [添加 Linux 工作节点](/zh-cn/docs/tasks/administer-cluster/kubeadm/adding-linux-nodes/)
+* [添加 Windows 工作节点](/zh-cn/docs/tasks/administer-cluster/kubeadm/adding-windows-nodes/)
 
 <!--
 ### (Optional) Controlling your cluster from machines other than the control-plane node