Merge pull request #41153 from my-git9/path-273
[zh-cn] sync manage-resources-containers secretpull/38902/head
Kubernetes Prow Robot
GitHub
commit
6b2a25959e
|
|
@ -405,7 +405,7 @@ see the [Troubleshooting](#troubleshooting) section.
|
|||
### Monitoring compute & memory resource usage
|
||||
|
||||
The kubelet reports the resource usage of a Pod as part of the Pod
|
||||
[`status`](/docs/concepts/overview/working-with-objects/kubernetes-objects/#object-spec-and-status).
|
||||
[`status`](/docs/concepts/overview/working-with-objects/#object-spec-and-status).
|
||||
|
||||
If optional [tools for monitoring](/docs/tasks/debug/debug-cluster/resource-usage-monitoring/)
|
||||
are available in your cluster, then Pod resource usage can be retrieved either
|
||||
|
|
@ -415,7 +415,7 @@ directly or from your monitoring tools.
|
|||
### 监控计算和内存资源用量 {#monitoring-compute-memory-resource-usage}
|
||||
|
||||
kubelet 会将 Pod 的资源使用情况作为 Pod
|
||||
[`status`](/zh-cn/docs/concepts/overview/working-with-objects/kubernetes-objects/#object-spec-and-status)
|
||||
[`status`](/zh-cn/docs/concepts/overview/working-with-objects/#object-spec-and-status)
|
||||
的一部分来报告的。
|
||||
|
||||
如果为集群配置了可选的[监控工具](/zh-cn/docs/tasks/debug/debug-cluster/resource-usage-monitoring/),
|
||||
|
|
@ -566,7 +566,6 @@ ephemeral storage.
|
|||
If you have a different configuration, then the kubelet does not apply resource
|
||||
limits for ephemeral local storage.
|
||||
-->
|
||||
|
||||
kubelet 能够度量其本地存储的用量。
|
||||
实现度量机制的前提是你已使用本地临时存储所支持的配置之一对节点进行配置。
|
||||
|
||||
|
|
|
|||
|
|
@ -137,11 +137,11 @@ Here are some of your options:
|
|||
下面是一些选项:
|
||||
|
||||
<!--
|
||||
- if your cloud-native component needs to authenticate to another application that you
|
||||
- If your cloud-native component needs to authenticate to another application that you
|
||||
know is running within the same Kubernetes cluster, you can use a
|
||||
[ServiceAccount](/docs/reference/access-authn-authz/authentication/#service-account-tokens)
|
||||
and its tokens to identify your client.
|
||||
- there are third-party tools that you can run, either within or outside your cluster,
|
||||
- There are third-party tools that you can run, either within or outside your cluster,
|
||||
that provide secrets management. For example, a service that Pods access over HTTPS,
|
||||
that reveals a secret if the client correctly authenticates (for example, with a ServiceAccount
|
||||
token).
|
||||
|
|
@ -153,10 +153,10 @@ Here are some of your options:
|
|||
例如,这一工具可能是 Pod 通过 HTTPS 访问的一个服务,该服务在客户端能够正确地通过身份认证
|
||||
(例如,通过 ServiceAccount 令牌)时,提供机密数据内容。
|
||||
<!--
|
||||
- for authentication, you can implement a custom signer for X.509 certificates, and use
|
||||
- For authentication, you can implement a custom signer for X.509 certificates, and use
|
||||
[CertificateSigningRequests](/docs/reference/access-authn-authz/certificate-signing-requests/)
|
||||
to let that custom signer issue certificates to Pods that need them.
|
||||
- you can use a [device plugin](/docs/concepts/extend-kubernetes/compute-storage-net/device-plugins/)
|
||||
- You can use a [device plugin](/docs/concepts/extend-kubernetes/compute-storage-net/device-plugins/)
|
||||
to expose node-local encryption hardware to a specific Pod. For example, you can schedule
|
||||
trusted Pods onto nodes that provide a Trusted Platform Module, configured out-of-band.
|
||||
-->
|
||||
|
|
|
|||
Loading…
Reference in New Issue