kubernetes
/
website
mirror of https://github.com/kubernetes/website.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

update the markdown file in the glossary directory.

pull/25244/head
jialaijun 2020-11-25 18:29:43 +08:00
parent bd59f5578a
commit 7260dbf1c6
38 changed files with 799 additions and 586 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
content/zh/docs/reference/glossary/addons.md
View File

@ -1,23 +1,10 @@
---
title: 附加组件
id: addons
date: 2019-12-15
full_link: /zh/docs/concepts/cluster-administration/addons/
short_description: >
扩展 Kubernetes 功能的资源。
aka:
tags:
- tool
---
扩展 Kubernetes 功能的资源。
<!--
---
title: Add-ons
id: addons
date: 2019-12-15
full_link: /zh/docs/concepts/cluster-administration/addons/
full_link: /docs/concepts/cluster-administration/addons/
short_description: >
Resources that extend the functionality of Kubernetes.
@ -25,8 +12,25 @@ aka:
tags:
- tool
---
-->
---
title: Add-ons附加组件
id: addons
date: 2019-12-15
full_link: /zh/docs/concepts/cluster-administration/addons/
short_description: >
扩展 Kubernetes 功能的资源。
aka:
tags:
- tool
---
<!--
Resources that extend the functionality of Kubernetes.
-->
扩展 Kubernetes 功能的资源。
<!--more-->

36
content/zh/docs/reference/glossary/admission-controller.md
View File

@ -1,5 +1,23 @@
<!--
---
title: 准入控制器
title: Admission Controller
id: admission-controller
date: 2019-06-28
full_link: /docs/reference/access-authn-authz/admission-controllers/
short_description: >
A piece of code that intercepts requests to the Kubernetes API server prior to persistence of the object.
aka:
tags:
- extension
- security
---
-->
---
title: Admission Controller准入控制器
id: admission-controller
date: 2019-06-28
full_link: /zh/docs/reference/access-authn-authz/admission-controllers/
@ -12,24 +30,12 @@ tags:
---
<!--
---
title: Admission Controller
id: admission-controller
date: 2019-06-28
full_link: /zh/docs/reference/access-authn-authz/admission-controllers/
short_description: >
A piece of code that intercepts requests to the Kubernetes API server prior to persistence of the object.
aka:
tags:
- extension
- security
---
-->
在对象持久化之前拦截 Kubernetes Api 服务器请求的一段代码
<!--more-->
<!--
Admission controllers are configurable for the Kubernetes API server and may be “validating”, “mutating”, or
both. Any admission controller may reject the request. Mutating controllers may modify the objects they admit;
@ -41,4 +47,4 @@ validating controllers may not.
准入控制器可针对 Kubernetes Api 服务器进行配置,可以执行验证,变更或两者都执行。任何准入控制器都可以拒绝访问请求。
变更mutating控制器可以修改其允许的对象验证validating控制器则不可以。
* [Kubernetes 文档中的准入控制器](/docs/reference/access-authn-authz/admission-controllers/)
* [Kubernetes 文档中的准入控制器](/zh/docs/reference/access-authn-authz/admission-controllers/)

42
content/zh/docs/reference/glossary/aggregation-layer.md
View File

@ -1,5 +1,24 @@
<!--
---
title: 聚合层
title: Aggregation Layer
id: aggregation-layer
date: 2018-10-08
full_link: /docs/concepts/extend-kubernetes/api-extension/apiserver-aggregation/
short_description: >
The aggregation layer lets you install additional Kubernetes-style APIs in your cluster.
aka:
tags:
- architecture
- extension
- operation
---
-->
---
title: Aggregation Layer聚合层
id: aggregation-layer
date: 2018-10-08
full_link: /zh/docs/concepts/extend-kubernetes/api-extension/apiserver-aggregation/
@ -13,22 +32,6 @@ tags:
- operation
---
<!--
---
title: Aggregation Layer
id: aggregation-layer
date: 2018-10-08
full_link: /zh/docs/concepts/extend-kubernetes/api-extension/apiserver-aggregation/
short_description: >
The aggregation layer lets you install additional Kubernetes-style APIs in your cluster.
aka:
tags:
- architecture
- extension
- operation
---
-->
<!--
The aggregation layer lets you install additional Kubernetes-style APIs in your cluster.
@ -38,8 +41,9 @@ tags:
<!--more-->
<!--
When you've configured the {{< glossary_tooltip text="Kubernetes API Server" term_id="kube-apiserver" >}} to [support additional APIs](/docs/tasks/access-kubernetes-api/configure-aggregation-layer/), you can add `APIService` objects to "claim" a URL path in the Kubernetes API.
When you've configured the {{< glossary_tooltip text="Kubernetes API Server" term_id="kube-apiserver" >}} to [support additional APIs](/docs/tasks/extend-kubernetes/configure-aggregation-layer/), you can add `APIService` objects to "claim" a URL path in the Kubernetes API.
-->
当您配置了 {{< glossary_tooltip text="Kubernetes API Server" term_id="kube-apiserver" >}} 来 [支持额外的 API](/docs/tasks/access-kubernetes-api/configure-aggregation-layer/),您就可以在 Kubernetes API 中增加 `APIService` 对象来 "申领Claim" 一个 URL 路径。
当您配置了 {{< glossary_tooltip text="Kubernetes API Server" term_id="kube-apiserver" >}} 来 [支持额外的 API](/zh/docs/tasks/extend-kubernetes/configure-aggregation-layer/),您就可以在 Kubernetes API 中增加 `APIService` 对象来 "申领Claim" 一个 URL 路径。

38
content/zh/docs/reference/glossary/annotation.md
View File

@ -1,5 +1,22 @@
<!--
---
title: 注解
title: Annotation
id: annotation
date: 2018-04-12
full_link: /docs/concepts/overview/working-with-objects/annotations
short_description: >
A key-value pair that is used to attach arbitrary non-identifying metadata to objects.
aka:
tags:
- fundamental
---
-->
---
title: Annotation注解
id: annotation
date: 2018-04-12
full_link: /zh/docs/concepts/overview/working-with-objects/annotations/
@ -11,21 +28,6 @@ tags:
- fundamental
---
<!--
---
title: Annotation
id: annotation
date: 2018-04-12
full_link: /zh/docs/concepts/overview/working-with-objects/annotations/
short_description: >
A key-value pair that is used to attach arbitrary non-identifying metadata to objects.
aka:
tags:
- fundamental
---
-->
<!--
A key-value pair that is used to attach arbitrary non-identifying metadata to objects.
-->
@ -35,8 +37,8 @@ tags:
<!--more-->
<!--
The metadata in an annotation can be small or large, structured or unstructured, and can include characters not permitted by labels. Clients such as tools and libraries can retrieve this metadata.
The metadata in an annotation can be small or large, structured or unstructured, and can include characters not permitted by {{< glossary_tooltip text="labels" term_id="label" >}}. Clients such as tools and libraries can retrieve this metadata.
-->
注解中的元数据可大可小,可以是结构化的也可以是非结构化的,并且能包含标签不允许使用的字符。像工具和软件库这样的客户端可以检索这些元数据。
注解中的元数据可大可小,可以是结构化的也可以是非结构化的,并且能包含{{< glossary_tooltip text="标签" term_id="label" >}}不允许使用的字符。像工具和软件库这样的客户端可以检索这些元数据。

34
content/zh/docs/reference/glossary/api-group.md
View File

@ -1,3 +1,21 @@
<!--
---
title: API Group
id: api-group
date: 2019-09-02
full_link: /docs/concepts/overview/kubernetes-api/#api-groups
short_description: >
A set of related paths in the Kubernetes API.
aka:
tags:
- fundamental
- architecture
---
-->
---
title: API Group
id: api-group
@ -11,21 +29,7 @@ tags:
- fundamental
- architecture
---
<!--
---
title: API Group
id: api-group
date: 2019-09-02
full_link: /zh/docs/concepts/overview/kubernetes-api/#api-groups
short_description: >
A set of related paths in the Kubernetes API.
aka:
tags:
- fundamental
- architecture
---
-->
<!--
A set of related paths in Kubernetes API.
@ -42,4 +46,4 @@ You can enable or disable each API group by changing the configuration of your A
<!--
* Read [API Group](/docs/concepts/overview/kubernetes-api/#api-groups) for more information.
-->
* 阅读 [API Group](/docs/concepts/overview/kubernetes-api/#api-groups) 了解更多信息。
* 阅读 [API Group](/zh/docs/concepts/overview/kubernetes-api/#api-groups) 了解更多信息。

34
content/zh/docs/reference/glossary/app-container.md
View File

@ -1,18 +1,5 @@
---
title: 应用程序容器
id: app-container
date: 2019-02-12
full_link:
short_description: >
用于运行部分工作负载的容器。与初始化容器比较而言。
aka:
tags:
- workload
---
应用程序容器(或 app 容器){{< glossary_tooltip text="容器" term_id="container" >}} 在 {{< glossary_tooltip text="pod" term_id="pod" >}} 中,在 {{< glossary_tooltip text="初始化容器" term_id="init-container" >}} 启动完毕后才开始启动。
<!--
---
title: App Container
id: app-container
@ -25,8 +12,27 @@ aka:
tags:
- workload
---
-->
---
title: App Container应用程序容器
id: app-container
date: 2019-02-12
full_link:
short_description: >
用于运行部分工作负载的容器。与初始化容器比较而言。
aka:
tags:
- workload
---
<!--
Application containers (or app containers) are the {{< glossary_tooltip text="containers" term_id="container" >}} in a {{< glossary_tooltip text="pod" term_id="pod" >}} that are started after any {{< glossary_tooltip text="init containers" term_id="init-container" >}} have completed.
-->
应用程序 {{< glossary_tooltip text="容器" term_id="container" >}} (或 app 容器)在 {{< glossary_tooltip text="pod" term_id="pod" >}} 中,在 {{< glossary_tooltip text="初始化容器" term_id="init-container" >}} 启动完毕后才开始启动。
<!--more-->

35
content/zh/docs/reference/glossary/application-architect.md
View File

@ -1,18 +1,5 @@
---
title: 应用架构师
id: application-architect
date: 2018-04-12
full_link:
short_description: >
应用架构师是负责应用高级设计的人。
aka:
tags:
- user-type
---
应用架构师是负责应用高级设计的人。
<!--
---
title: Application Architect
id: application-architect
@ -25,8 +12,28 @@ aka:
tags:
- user-type
---
-->
---
title: Application Architect应用架构师
id: application-architect
date: 2018-04-12
full_link:
short_description: >
应用架构师是负责应用高级设计的人。
aka:
tags:
- user-type
---
<!--
A person responsible for the high-level design of an application.
-->
应用架构师是负责应用高级设计的人。
<!--more-->
<!--

28
content/zh/docs/reference/glossary/application-developer.md
View File

@ -1,17 +1,5 @@
---
title: 应用开发者
id: application-developer
date: 2018-04-12
full_link:
short_description: >
编写可以在 Kubernetes 集群上运行的应用的人。
aka:
tags:
- user-type
---
<!--
---
title: Application Developer
id: application-developer
@ -24,8 +12,22 @@ aka:
tags:
- user-type
---
-->
---
title: Application Developer应用开发者
id: application-developer
date: 2018-04-12
full_link:
short_description: >
编写可以在 Kubernetes 集群上运行的应用的人。
aka:
tags:
- user-type
---
<!--
A person who writes an application that runs in a Kubernetes cluster.
-->

28
content/zh/docs/reference/glossary/applications.md
View File

@ -1,16 +1,5 @@
---
title: 应用
id: applications
date: 2019-05-12
full_link:
short_description: >
各种容器化应用运行所在的层。
aka:
tags:
- fundamental
---
<!--
---
title: Applications
id: applications
@ -22,6 +11,21 @@ aka:
tags:
- fundamental
---
-->
---
title: Applications应用
id: applications
date: 2019-05-12
full_link:
short_description: >
各种容器化应用运行所在的层。
aka:
tags:
- fundamental
---
<!--
The layer where various containerized applications run.
-->
各种容器化应用运行所在的层。

30
content/zh/docs/reference/glossary/approver.md
View File

@ -1,17 +1,5 @@
---
title: 批准者
id: approver
date: 2018-04-12
full_link:
short_description: >
可以审核并批准 Kubernetes 代码贡献的人。
aka:
tags:
- community
---
<!--
---
title: Approver
id: approver
@ -24,8 +12,24 @@ aka:
tags:
- community
---
-->
---
title: Approver批准者
id: approver
date: 2018-04-12
full_link:
short_description: >
可以审核并批准 Kubernetes 代码贡献的人。
aka:
tags:
- community
---
<!--
A person who can review and approve Kubernetes code contributions.
-->
可以审核并批准 Kubernetes 代码贡献的人。
<!--more-->

33
content/zh/docs/reference/glossary/certificate.md
View File

@ -1,5 +1,22 @@
<!--
---
title: 证书
title: Certificate
id: certificate
date: 2018-04-12
full_link: /docs/tasks/tls/managing-tls-in-a-cluster/
short_description: >
A cryptographically secure file used to validate access to the Kubernetes cluster.
aka:
tags:
- security
---
-->
---
title: Certificate证书
id: certificate
date: 2018-04-12
full_link: /zh/docs/tasks/tls/managing-tls-in-a-cluster/
@ -11,20 +28,6 @@ tags:
- security
---
<!--
---
title: Certificate
id: certificate
date: 2018-04-12
full_link: /zh/docs/tasks/tls/managing-tls-in-a-cluster/
short_description: >
A cryptographically secure file used to validate access to the Kubernetes cluster.
aka:
tags:
- security
---
-->
<!--
A cryptographically secure file used to validate access to the Kubernetes cluster.

27
content/zh/docs/reference/glossary/cgroup.md
View File

@ -1,17 +1,5 @@
---
title: cgroup (控制组)
id: cgroup
date: 2019-06-25
full_link:
short_description: >
一组具有可选资源隔离、审计和限制的 Linux 进程。
aka:
tags:
- fundamental
---
<!--
---
title: cgroup (control group)
id: cgroup
@ -24,8 +12,21 @@ aka:
tags:
- fundamental
---
-->
---
title: cgroup (控制组)
id: cgroup
date: 2019-06-25
full_link:
short_description: >
一组具有可选资源隔离、审计和限制的 Linux 进程。
aka:
tags:
- fundamental
---
<!--
A group of Linux processes with optional resource isolation, accounting and limits.
-->

33
content/zh/docs/reference/glossary/cidr.md
View File

@ -1,18 +1,5 @@
---
title: CIDR
id: cidr
date: 2019-11-12
full_link:
short_description: >
CIDR 是一种描述 IP 地址块的符号,被广泛使用于各种网络配置中。
aka:
tags:
- networking
---
CIDR (无类域间路由) 是一种描述 IP 地址块的符号,被广泛使用于各种网络配置中。
<!--
---
title: CIDR
id: cidr
@ -25,8 +12,26 @@ aka:
tags:
- networking
---
-->
---
title: CIDR
id: cidr
date: 2019-11-12
full_link:
short_description: >
CIDR 是一种描述 IP 地址块的符号,被广泛使用于各种网络配置中。
aka:
tags:
- networking
---
<!--
CIDR (Classless Inter-Domain Routing) is a notation for describing blocks of IP addresses and is used heavily in various networking configurations.
-->
CIDR (无类域间路由) 是一种描述 IP 地址块的符号,被广泛使用于各种网络配置中。
<!--more-->

30
content/zh/docs/reference/glossary/cla.md
View File

@ -1,17 +1,5 @@
---
title: CLA (贡献者许可协议)
id: cla
date: 2018-04-12
full_link: https://github.com/kubernetes/community/blob/master/CLA.md
short_description: >
贡献者对他们在开源项目中所贡献的代码的授权许可条款。
aka:
tags:
- community
---
<!--
---
title: CLA (Contributor License Agreement)
id: cla
@ -24,8 +12,24 @@ aka:
tags:
- community
---
-->
---
title: CLA (贡献者许可协议)
id: cla
date: 2018-04-12
full_link: https://github.com/kubernetes/community/blob/master/CLA.md
short_description: >
贡献者对他们在开源项目中所贡献的代码的授权许可条款。
aka:
tags:
- community
---
<!--
Terms under which a {{< glossary_tooltip text="contributor" term_id="contributor" >}} grants a license to an open source project for their contributions.
-->
{{< glossary_tooltip text="贡献者" term_id="contributor" >}} 对他们在开源项目中所贡献的代码的授权许可条款。
<!--more-->

60
content/zh/docs/reference/glossary/cloud-controller-manager.md
View File

@ -1,24 +1,10 @@
---
title: 云控制器管理器
id: cloud-controller-manager
date: 2018-04-12
full_link: /zh/docs/tasks/administer-cluster/running-cloud-controller/
short_description: >
云控制器管理器是 1.8 的 alpha 特性。在未来发布的版本中,这是将 Kubernetes 与任何其他云集成的最佳方式。
aka:
tags:
- core-object
- architecture
- operation
---
<!--
---
title: Cloud Controller Manager
id: cloud-controller-manager
date: 2018-04-12
full_link: /zh/docs/tasks/administer-cluster/running-cloud-controller/
full_link: /docs/concepts/architecture/cloud-controller/
short_description: >
Cloud Controller Manager is an alpha feature in 1.8. In upcoming releases it will be the preferred way to integrate Kubernetes with any cloud.
@ -28,20 +14,44 @@ tags:
- architecture
- operation
---
-->
<!--
Cloud Controller Manager is an alpha feature in 1.8. In upcoming releases it will be the preferred way to integrate Kubernetes with any cloud.
-->
---
title: Cloud Controller Manager云控制器管理器
id: cloud-controller-manager
date: 2018-04-12
full_link: /zh/docs/tasks/administer-cluster/running-cloud-controller/
short_description: >
云控制器管理器是 1.8 的 alpha 特性。在未来发布的版本中,这是将 Kubernetes 与任何其他云集成的最佳方式。
aka:
tags:
- core-object
- architecture
- operation
---
<!--
A Kubernetes {{< glossary_tooltip text="control plane" term_id="control-plane" >}} component
that embeds cloud-specific control logic. The cloud controller manager lets you link your
cluster into your cloud provider's API, and separates out the components that interact
with that cloud platform from components that just interact with your cluster.
-->
Cloud Controller Manager云控制器管理器是指 嵌入特定云的控制逻辑的 {{< glossary_tooltip text="控制平面" term_id="control-plane" >}} 组件
。云控制器管理器允许您链接
聚合到云提供商的应用编程接口中,并分离出相互作用的组件
与您的集群交互的组件。
<!--more-->
<!--
Kubernetes v1.6 contains a new binary called cloud-controller-manager. cloud-controller-manager is a daemon that embeds cloud-specific control loops. These cloud-specific control loops were originally in the kube-controller-manager. Since cloud providers develop and release at a different pace compared to the Kubernetes project, abstracting the provider-specific code to the cloud-controller-manager binary allows cloud vendors to evolve independently from the core Kubernetes code.
By decoupling the interoperability logic between Kubernetes and the underlying cloud
infrastructure, the cloud-controller-manager component enables cloud providers to release
features at a different pace compared to the main Kubernetes project.
-->
Kubernetes v1.6 包含一个新的可执行文件叫做 cloud-controller-manager。cloud-controller-manager 是一个守护进程,其中嵌入了特定于某云环境的控制环。
这些特定于云环境的控制环最初位于 kube-controller-manager 中。
由于云供应商的开发和发布节奏与 Kubernetes 项目不同步,将特定于供应商的代码抽象到 cloud-controller-manager 可执行文件可以允许云供应商独立于核心 Kubernetes 代码进行演进。
通过分离Kubernates和底层云基础设置之间的互操作性逻辑云控制器管理器组件使云提供商能够以不同于Kubernates主项目的速度进行发布新特征。

37
content/zh/docs/reference/glossary/cloud-provider.md
View File

@ -1,5 +1,22 @@
<!--
---
title: 云供应商Cloud Provider
title: Cloud Provider
id: cloud-provider
date: 2018-04-12
short_description: >
An organization that offers a cloud computing platform.
aka:
- Cloud Service Provider
tags:
- community
---
-->
---
title: Cloud Provider云供应商
id: cloud-provider
date: 2018-04-12
short_description: >
@ -10,22 +27,12 @@ aka:
tags:
- community
---
一个提供云计算平台的商业机构或其他组织。
<!--
Cloud Provider
id: cloud-provider
date: 2018-04-12
short_description: >
An organization that offers a cloud computing platform.
aka:
- Cloud Service Provider
tags:
- community
A business or other organization that offers a cloud computing platform.
-->
一个提供云计算平台的商业机构或其他组织。
<!--more-->
@ -42,7 +49,7 @@ such as running a Kubernetes cluster.
You can also find Kubernetes as a managed service; sometimes called
Platform as a Service, or PaaS. With managed Kubernetes, your
cloud provider is responsible for the Kubernetes control plane as well
as the glossary_tooltip term_id="node" text="nodes" and the
as the {{< glossary_tooltip term_id="node" text="nodes" >}} and the
infrastructure they rely on: networking, storage, and possibly other
elements such as load balancers.
-->

49
content/zh/docs/reference/glossary/cluster.md
View File

@ -1,36 +1,47 @@
---
title: 集群
id: cluster
date: 2019-06-15
full_link:
short_description: >
集群由一组被称作节点的机器组成。这些节点上运行 Kubernetes 所管理的容器化应用。集群具有至少一个工作节点和至少一个主节点。
aka:
tags:
- fundamental
- operation
---
<!--
---
title: Cluster
id: cluster
date: 2019-06-15
full_link:
short_description: >
A set of machines, called nodes, that run containerized applications managed by Kubernetes. A cluster has at least one worker node and at least one master node.
A set of worker machines, called nodes, that run containerized applications. Every cluster has at least one worker node.
aka:
tags:
- fundamental
- operation
---
-->
<!-- A set of machines, called nodes, that run containerized applications managed by Kubernetes. A cluster has at least one worker node and at least one master node. -->
集群由一组被称作节点的机器组成。这些节点上运行 Kubernetes 所管理的容器化应用。集群具有至少一个工作节点和至少一个主节点。
---
title: Cluster集群
id: cluster
date: 2019-06-15
full_link:
short_description: >
集群由一组被称作节点的机器组成。这些节点上运行 Kubernetes 所管理的容器化应用。集群具有至少一个工作节点。
aka:
tags:
- fundamental
- operation
---
<!--
A set of worker machines, called {{< glossary_tooltip text="nodes" term_id="node" >}},
that run containerized applications. Every cluster has at least one worker node.
-->
集群由一组被称作节点的机器组成。这些节点上运行 Kubernetes 所管理的容器化应用。集群具有至少一个工作节点。
<!--more-->
<!-- The worker node(s) host the pods that are the components of the application. The master node(s) manages the worker nodes and the pods in the cluster. Multiple master nodes are used to provide a cluster with failover and high availability. -->
工作节点托管作为应用程序组件的 Pod 。主节点管理集群中的工作节点和 Pod 。多个主节点用于为集群提供故障转移和高可用性。
<!--
The worker node(s) host the {{< glossary_tooltip text="Pods" term_id="pod" >}} that are
the components of the application workload. The
{{< glossary_tooltip text="control plane" term_id="control-plane" >}} manages the worker
nodes and the Pods in the cluster. In production environments, the control plane usually
runs across multiple computers and a cluster usually runs multiple nodes, providing
fault-tolerance and high availability.
-->
工作节点托管作为应用负载的组件的 Pod 。控制平面管理集群中的工作节点和 Pod 。为集群提供故障转移和高可用性,这些控制平面一般跨多主机运行,集群跨多个节点运行。

32
content/zh/docs/reference/glossary/secret.md
View File

@ -1,18 +1,5 @@
---
title: Secret
id: secret
date: 2018-04-12
full_link: /zh/docs/concepts/configuration/secret/
short_description: >
Secret 用于存储敏感信息如密码、OAuth 令牌和 SSH 密钥。
aka:
tags:
- core-object
- security
---
<!--
---
title: Secret
id: secret
@ -28,6 +15,21 @@ tags:
---
-->
---
title: Secret
id: secret
date: 2018-04-12
full_link: /zh/docs/concepts/configuration/secret/
short_description: >
Secret 用于存储敏感信息如密码、OAuth 令牌和 SSH 密钥。
aka:
tags:
- core-object
- security
---
<!--
Stores sensitive information, such as passwords, OAuth tokens, and ssh keys.
-->
@ -40,6 +42,6 @@ tags:
Allows for more control over how sensitive information is used and reduces the risk of accidental exposure, including [encryption](/docs/tasks/administer-cluster/encrypt-data/#ensure-all-secrets-are-encrypted) at rest. A {{< glossary_tooltip text="Pod" term_id="pod" >}} references the secret as a file in a volume mount or by the kubelet pulling images for a pod. Secrets are great for confidential data and [ConfigMaps](/docs/tasks/configure-pod-container/configure-pod-configmap/) for non-confidential data.
-->
Secret 允许用户对如何使用敏感信息进行更多的控制,并减少信息意外暴露的风险,包括静态[加密](/docs/tasks/administer-cluster/encrypt-data/#ensure-all-secrets-are-encrypted)。
Secret 允许用户对如何使用敏感信息进行更多的控制,并减少信息意外暴露的风险,包括静态[encryption加密](/docs/tasks/administer-cluster/encrypt-data/#ensure-all-secrets-are-encrypted)。
{{< glossary_tooltip text="Pod" term_id="pod" >}} 通过挂载卷中的文件的方式引用 Secret或者通过 kubelet 为 pod 拉取镜像时引用。
Secret 非常适合机密数据使用,而 [ConfigMaps](/docs/tasks/configure-pod-container/configure-pod-configmap/) 适用于非机密数据。

48
content/zh/docs/reference/glossary/security-context.md
View File

@ -1,16 +1,3 @@
---
title: 安全上下文Security Context
id: security-context
date: 2018-04-12
full_link: /docs/tasks/configure-pod-container/security-context/
short_description: >
securityContext 字段定义 Pod 或容器的特权和访问控制设置,包括运行时 UID 和 GID。
aka:
tags:
- security
---
<!--
---
title: Security Context
@ -18,7 +5,7 @@ id: security-context
date: 2018-04-12
full_link: /docs/tasks/configure-pod-container/security-context/
short_description: >
The securityContext field defines privilege and access control settings for a Pod or Container, including the runtime UID and GID.
The securityContext field defines privilege and access control settings for a Pod or container.
aka:
tags:
@ -26,18 +13,39 @@ tags:
---
-->
<!--
The securityContext field defines privilege and access control settings for a Pod or Container, including the runtime UID and GID.
-->
---
title: 安全上下文Security Context
id: security-context
date: 2018-04-12
full_link: /zh/docs/tasks/configure-pod-container/security-context/
short_description: >
securityContext 字段定义 Pod 或容器的特权和访问控制设置,包括运行时 UID 和 GID。
aka:
tags:
- security
---
<!--
The `securityContext` field defines privilege and access control settings for
a {{< glossary_tooltip text="Pod" term_id="pod" >}} or
{{< glossary_tooltip text="container" term_id="container" >}}.
-->
securityContext 字段定义 {{< glossary_tooltip text="Pod" term_id="pod" >}} 或 {{< glossary_tooltip text="container容器" term_id="container" >}} 的特权和访问控制设置。
<!--more-->
<!--
The securityContext field in a {{< glossary_tooltip term_id="pod" >}} (applying to all containers) or container is used to set the user (runAsUser) and group (fsGroup), capabilities, privilege settings, and security policies (SELinux/AppArmor/Seccomp) that container processes use.
In a `securityContext`, you can define: the user that processes run as,
the group that processes run as, and privilege settings.
You can also configure security policies (for example: SELinux, AppArmor or seccomp).
-->
{{< glossary_tooltip term_id="pod" >}} 或者容器中的 securityContext 字段应用于所有容器用于设置容器进程使用的用户runAsUser和组 fsGroup、权能字、特权设置和安全策略SELinux/AppArmor/Seccomp
在一个 securityContext 字段中可以设置进程所属用户和用户组、权限相关设置。你也可以设置安全策略例如SELinux、AppArmor、seccomp
<!--
The `PodSpec.securityContext` setting applies to all containers in a Pod.
-->
PodSpec.securityContext字段配置会应用到一个Pod中的所有的container。

22
content/zh/docs/reference/glossary/selector.md
View File

@ -1,42 +1,44 @@
<!--
---
title: 选择算符
title: Selector
id: selector
date: 2018-04-12
full_link: /zh/docs/concepts/overview/working-with-objects/labels/
full_link: /docs/concepts/overview/working-with-objects/labels/
short_description: >
选择算符允许用户通过标签对一组资源对象进行筛选过滤。
Allows users to filter a list of resources based on labels.
aka:
tags:
- fundamental
---
-->
<!--
---
title: Selector
id: selector
date: 2018-04-12
full_link: /zh/docs/concepts/overview/working-with-objects/labels/
short_description: >
Allows users to filter a list of resources based on labels.
Selector选择器允许用户通过标签对一组资源对象进行筛选过滤。
aka:
tags:
- fundamental
---
-->
<!--
Allows users to filter a list of resources based on labels.
Allows users to filter a list of resources based on {{< glossary_tooltip text="labels" term_id="label" >}}.
-->
选择算符允许用户通过标签对一组资源对象进行筛选过滤。
Selector 允许用户通过{{< glossary_tooltip text="labels标签" term_id="label" >}}对一组资源对象进行筛选过滤。
<!--more-->
<!--
Selectors are applied when querying lists of resources to filter them by {{< glossary_tooltip text="Labels" term_id="label" >}}.
Selectors are applied when querying lists of resources to filter them by labels.
-->
在查询资源列表时,选择算符可以通过 {{< glossary_tooltip text="标签" term_id="label" >}} 对资源进行过滤筛选。
在查询资源列表时,选择器可以通过标签对资源进行过滤筛选。

39
content/zh/docs/reference/glossary/service-account.md
View File

@ -1,5 +1,23 @@
<!--
---
title: 服务账户
title: ServiceAccount
id: service-account
date: 2018-04-12
full_link: /docs/tasks/configure-pod-container/configure-service-account/
short_description: >
Provides an identity for processes that run in a Pod.
aka:
tags:
- fundamental
- core-object
---
-->
---
title: ServiceAccount
id: service-account
date: 2018-04-12
full_link: /zh/docs/tasks/configure-pod-container/configure-service-account/
@ -12,21 +30,6 @@ tags:
- core-object
---
<!--
---
title: Service Account
id: service-account
date: 2018-04-12
full_link: /zh/docs/tasks/configure-pod-container/configure-service-account/
short_description: >
Provides an identity for processes that run in a Pod.
aka:
tags:
- fundamental
- core-object
---
-->
<!--
Provides an identity for processes that run in a {{< glossary_tooltip text="Pod" term_id="pod" >}}.
@ -36,8 +39,8 @@ tags:
<!--more-->
<!--
When processes inside Pods access the cluster, they are authenticated by the API server as a particular service account, for example, `default`. When you create a Pod, if you do not specify a service account, it is automatically assigned the default service account in the same namespace {{< glossary_tooltip text="Namespace" term_id="namespace" >}}.
When processes inside Pods access the cluster, they are authenticated by the API server as a particular service account, for example, `default`. When you create a Pod, if you do not specify a service account, it is automatically assigned the default service account in the same {{< glossary_tooltip text="Namespace" term_id="namespace" >}}.
-->
当 Pod 中的进程访问集群时API 服务器将它们作为特定的服务帐户进行身份验证,例如 `default`。当您创建 Pod 时,如果您没有指定服务帐户,它将在相同的命名空间 {{< glossary_tooltip text="命名空间" term_id="namespace" >}} 中自动分配 default 服务账户。
当 Pod 中的进程访问集群时API 服务器将它们作为特定的服务帐户进行身份验证,例如 `default`。当您创建 Pod 时,如果您没有指定服务帐户,它将在相同的{{< glossary_tooltip text="Namespace" term_id="namespace" >}} 中自动分配 default 服务账户。

45
content/zh/docs/reference/glossary/service-broker.md
View File

@ -1,5 +1,22 @@
<!--
---
title: 服务代理Service Broker
title: Service Broker
id: service-broker
date: 2018-04-12
full_link:
short_description: >
An endpoint for a set of Managed Services offered and maintained by a third-party.
aka:
tags:
- extension
---
-->
---
title: Service Broker服务代理
id: service-broker
date: 2018-04-12
full_link:
@ -11,32 +28,24 @@ tags:
- extension
---
<!--
title: Service Broker
id: service-broker
date: 2018-04-12
full_link:
short_description: >
An endpoint for a set of Managed Services offered and maintained by a third-party.
aka:
tags:
- extension
-->
<!--
An endpoint for a set of {{< glossary_tooltip text="Managed Service" term_id="managed-service">}} offered and maintained by a third-party.
An endpoint for a set of {{< glossary_tooltip text="Managed Services" term_id="managed-service" >}} offered and maintained by a third-party.
-->
由第三方提供并维护的一组{{< glossary_tooltip text="托管服务" term_id="managed-service">}} 的访问端点。
由第三方提供并维护的一组{{< glossary_tooltip text="Managed Services托管服务" term_id="managed-service">}} 的访问端点。
<!--more-->
<!--
{{< glossary_tooltip text="Service Brokers" term_id="service-broker" >}} implement the [Open Service Broker API spec](https://github.com/openservicebrokerapi/servicebroker/blob/v2.13/spec.md) and provide a standard interface for applications to use their Managed Services. [Service Catalog](/docs/concepts/service-catalog/) provides a way to list, provision, and bind with Managed Services offered by Service Brokers.
{{< glossary_tooltip text="Service Brokers" term_id="service-broker" >}} implement the
[Open Service Broker API spec](https://github.com/openservicebrokerapi/servicebroker/blob/v2.13/spec.md)
and provide a standard interface for applications to use their Managed Services.
[Service Catalog](/docs/concepts/extend-kubernetes/service-catalog/) provides a way to
list, provision, and bind with Managed Services offered by Service Brokers.
-->
{{< glossary_tooltip text="服务代理" term_id="service-broker">}}会实现
{{< glossary_tooltip text="Service Brokers服务代理" term_id="service-broker">}}会实现
[开放服务代理 API 规范](https://github.com/openservicebrokerapi/servicebroker/blob/v2.13/spec.md)
并为应用提供使用其托管服务的标准接口。
[服务目录Service Catalog](/docs/concepts/service-catalog/)则提供一种方法,用来列举、供应和绑定服务代理商所提供的托管服务。
[服务目录Service Catalog](/zh/docs/concepts/extend-kubernetes/service-catalog/)则提供一种方法,用来列举、供应和绑定服务代理商所提供的托管服务。

34
content/zh/docs/reference/glossary/service-catalog.md
View File

@ -1,18 +1,5 @@
---
title: 服务目录
id: service-catalog
date: 2018-04-12
full_link:
short_description: >
服务目录是一种扩展 API它能让 Kubernetes 集群中运行的应用易于使用外部托管的软件服务,例如云供应商提供的数据仓库服务。
An extension API that enables applications running in Kubernetes clusters to easily use external managed software offerings, such as a datastore service offered by a cloud provider.
aka:
tags:
- extension
---
<!--
---
title: Service Catalog
id: service-catalog
@ -25,13 +12,28 @@ aka:
tags:
- extension
---
-->
---
title: Service Catalog
id: service-catalog
date: 2018-04-12
full_link:
short_description: >
Service Catalog服务目录是一种扩展 API它能让 Kubernetes 集群中运行的应用易于使用外部托管的软件服务,例如云供应商提供的数据仓库服务。
aka:
tags:
- extension
---
<!--
An extension API that enables applications running in Kubernetes clusters to easily use external managed software offerings, such as a datastore service offered by a cloud provider.
-->
服务目录Service Catalog是一种扩展 API它能让 Kubernetes 集群中运行的应用易于使用外部托管的的软件服务,例如云供应商提供的数据仓库服务。
Service Catalog(服务目录)是一种扩展 API它能让 Kubernetes 集群中运行的应用易于使用外部托管的的软件服务,例如云供应商提供的数据仓库服务。
<!--more-->
@ -39,5 +41,5 @@ tags:
It provides a way to list, provision, and bind with external {{< glossary_tooltip text="Managed Services" term_id="managed-service" >}} from {{< glossary_tooltip text="Service Brokers" term_id="service-broker" >}} without needing detailed knowledge about how those services are created or managed.
-->
服务目录可以检索、供应、和绑定由 {{< glossary_tooltip text="服务代理人(Service Brokers" term_id="service-broker" >}} 提供的外部 {{< glossary_tooltip text="托管服务" term_id="managed-service" >}},而无需知道那些服务具体是怎样创建和托管的。
服务目录可以检索、供应、和绑定由 {{< glossary_tooltip text="Service Brokers(服务代理人" term_id="service-broker" >}} 提供的外部 {{< glossary_tooltip text="Managed Services托管服务" term_id="managed-service" >}},而无需知道那些服务具体是怎样创建和托管的。

22
content/zh/docs/reference/glossary/service.md
View File

@ -1,3 +1,22 @@
<!--
---
title: Service
id: service
date: 2018-04-12
full_link: /docs/concepts/services-networking/service/
short_description: >
A way to expose an application running on a set of Pods as a network service.
aka:
tags:
- fundamental
- core-object
---
-->
---
title: Service
id: service
@ -11,6 +30,7 @@ tags:
- fundamental
- core-object
---
<!--
An abstract way to expose an application running on a set of {{< glossary_tooltip text="Pods" term_id="pod" >}} as a network service.
-->
@ -22,4 +42,4 @@ An abstract way to expose an application running on a set of {{< glossary_toolti
<!--
The set of Pods targeted by a Service is (usually) determined by a {{< glossary_tooltip text="selector" term_id="selector" >}}. If more Pods are added or removed, the set of Pods matching the selector will change. The Service makes sure that network traffic can be directed to the current set of Pods for the workload.
-->
服务所针对的Pod集通常由 {{< glossary_tooltip text="selector" term_id="selector" >}} 确定。 如果添加或删除了更多Pod则与选择器匹配的Pod集将发生变化。 该服务确保可以将网络流量定向到该工作负载的当前Pod集。
服务所针对的Pod集通常由 {{< glossary_tooltip text="Selector" term_id="selector" >}} 确定。 如果添加或删除了更多Pod则与选择器匹配的Pod集将发生变化。 该服务确保可以将网络流量定向到该工作负载的当前Pod集。

36
content/zh/docs/reference/glossary/shuffle-sharding.md
View File

@ -1,18 +1,6 @@
---
title: 混排切片Shuffle Sharding
id: shuffle-sharding
date: 2020-03-04
full_link:
short_description: >
一种将请求指派给队列的技术,其隔离性好过对队列个数哈希取模的方式。
aka:
tags:
- fundamental
---
一种将请求指派给队列的技术,其隔离性好过对队列个数哈希取模的方式。
<!--
---
title: shuffle sharding
id: shuffle-sharding
date: 2020-03-04
@ -23,8 +11,28 @@ short_description: >
aka:
tags:
- fundamental
---
-->
---
title: Shuffle Sharding混排切片
id: shuffle-sharding
date: 2020-03-04
full_link:
short_description: >
一种将请求指派给队列的技术,其隔离性好过对队列个数哈希取模的方式。
aka:
tags:
- fundamental
---
<!--
A technique for assigning requests to queues that provides better isolation than hashing modulo the number of queues.
-->
Shuffle Sharding混排切片是指一种将请求指派给队列的技术其隔离性好过对队列个数哈希取模的方式。
<!--more-->

33
content/zh/docs/reference/glossary/sig.md
View File

@ -1,3 +1,20 @@
<!--
---
title: SIG (special interest group)
id: sig
date: 2018-04-12
full_link: https://github.com/kubernetes/community/blob/master/sig-list.md#master-sig-list
short_description: >
Community members who collectively manage an ongoing piece or aspect of the larger Kubernetes open source project.
aka:
tags:
- community
---
-->
---
title: SIG (特别兴趣小组)
id: sig
@ -11,18 +28,6 @@ tags:
- community
---
<!--
title: SIG (special interest group)
id: sig
date: 2018-04-12
full_link: https://github.com/kubernetes/community/blob/master/sig-list.md#master-sig-list
short_description: >
Community members who collectively manage an ongoing piece or aspect of the larger Kubernetes open source project.
aka:
tags:
- community
-->
<!--
{{< glossary_tooltip text="Community members" term_id="member" >}} who collectively manage an ongoing piece or aspect of the larger Kubernetes open source project.
@ -34,13 +39,13 @@ tags:
<!--
Members within a SIG have a shared interest in advancing a specific area, such as architecture, API machinery, or documentation.
SIGs must follow the [SIG Governance](https://github.com/kubernetes/community/blob/master/sig-governance.md) guidelines but can have their own contribution policy and channels of communication.
SIGs must follow the SIG [governance guidelines](https://github.com/kubernetes/community/blob/master/committee-steering/governance/sig-governance.md), but can have their own contribution policy and channels of communication.
For more information, see the [kubernetes/community](https://github.com/kubernetes/community) repo and the current list of [SIGs and Working Groups](https://github.com/kubernetes/community/blob/master/sig-list.md).
-->
SIG 中的成员对推进某个领域如体系结构、API 机制构件或者文档)具有相同的兴趣。
SIGs 必须遵从 [SIG Governance](https://github.com/kubernetes/community/blob/master/sig-governance.md) 的规定,
SIGs 必须遵从 [governance guidelines](https://github.com/kubernetes/community/blob/master/committee-steering/governance/sig-governance.md) 的规定,
不过可以有自己的贡献策略以及通信渠道(方式)。
更多的详细信息可参阅 [kubernetes/community](https://github.com/kubernetes/community) 仓库以及

49
content/zh/docs/reference/glossary/statefulset.md
View File

@ -1,10 +1,31 @@
<!--
---
title: StatefulSet
id: statefulset
date: 2018-04-12
full_link: /docs/concepts/workloads/controllers/statefulset/
short_description: >
Manages deployment and scaling of a set of Pods, with durable storage and persistent identifiers for each Pod.
aka:
tags:
- fundamental
- core-object
- workload
- storage
---
-->
---
title: StatefulSet
id: statefulset
date: 2018-04-12
full_link: /zh/docs/concepts/workloads/controllers/statefulset/
short_description: >
StatefulSet 用来管理 Deployment 和伸缩一组 Pod并且能为这些 Pod 提供*序号和唯一性保证*。
StatefulSet 用来管理部署和伸缩一组 Pod包括这些 Pod 的持久存储和持久标识符
aka:
tags:
- fundamental
@ -14,24 +35,9 @@ tags:
---
<!--
---
title: StatefulSet
id: statefulset
date: 2018-04-12
full_link: /zh/docs/concepts/workloads/controllers/statefulset/
short_description: >
Manages the deployment and scaling of a set of Pods, *and provides guarantees about the ordering and uniqueness* of these Pods.
aka:
tags:
- fundamental
- core-object
- workload
- storage
---
Manages the deployment and scaling of a set of {{< glossary_tooltip text="Pods" term_id="pod" >}}, *and provides guarantees about the ordering and uniqueness* of these Pods.
-->
StatefulSet 用来管理 Deployment 和扩展一组 Pod并且能为这些 Pod 提供*序号和唯一性保证*。
StatefulSet 用来管理部署和伸缩一组 {{< glossary_tooltip text="Pod" term_id="pod" >}},包括这些 Pod 的持久存储和持久标识符。
<!--more-->
@ -39,11 +45,10 @@ tags:
Like a {{< glossary_tooltip term_id="deployment" >}}, a StatefulSet manages Pods that are based on an identical container spec. Unlike a Deployment, a StatefulSet maintains a sticky identity for each of their Pods. These pods are created from the same spec, but are not interchangeable&#58; each has a persistent identifier that it maintains across any rescheduling.
-->
和 {{< glossary_tooltip term_id="Deployment" >}} 相同的是StatefulSet 管理了基于相同容器定义的一组 Pod。但和 Deployment 不同的是StatefulSet 为它们的每个 Pod 维护了一个固定的 ID。这些 Pod 是基于相同的声明来创建的,但是不能相互替换:无论怎么调度,每个 Pod 都有一个永久不变的 ID。
和 {{< glossary_tooltip text="Deployment" term_id="deployment" >}} 相同的是StatefulSet 管理了基于相同容器定义的一组 Pod。但和 Deployment 不同的是StatefulSet 为它们的每个 Pod 维护了一个固定的 ID。这些 Pod 是基于相同的声明来创建的,但是不能相互替换:无论怎么调度,每个 Pod 都有一个永久不变的 ID。
<!--
A StatefulSet operates under the same pattern as any other Controller. You define your desired state in a StatefulSet *object*, and the StatefulSet *controller* makes any necessary updates to get there from the current state.
If you want to use storage volumes to provide persistence for your workload, you can use a StatefulSet as part of the solution. Although individual Pods in a StatefulSet are susceptible to failure, the persistent Pod identifiers make it easier to match existing volumes to the new Pods that replace any that have failed.
-->
StatefulSet 和其他控制器使用相同的工作模式。你在 StatefulSet *对象* 中定义你期望的状态,然后 StatefulSet 的 *控制器* 就会通过各种更新来达到那种你想要的状态。
如果希望使用存储卷为工作负载提供持久性可以使用状态集作为解决方案的一部分。尽管状态完整集中的单个Pod很容易出现故障但持久的Pod标识符使得将现有卷与替换任何出现故障的新Pod相匹配变得更加容易。如果希望使用存储卷为工作负载提供持久性可以使用状态集作为解决方案的一部分。尽管状态完整集中的单个Pod很容易出现故障但持久的Pod标识符使得将现有卷与替换任何出现故障的新Pod相匹配变得更加容易。

32
content/zh/docs/reference/glossary/static-pod.md
View File

@ -1,22 +1,10 @@
---
title: 静态 Pod
id: static-pod
date: 2019-02-12
full_link: /zh/docs/tasks/configure-pod-container/static-pod/
short_description: >
由特定节点上的 kubelet 守护进程直接管理的 pod。
aka:
tags:
- fundamental
---
<!--
---
title: Static Pod
id: static-pod
date: 2019-02-12
full_link: /zh/docs/tasks/configure-pod-container/static-pod/
full_link: /docs/tasks/configure-pod-container/static-pod/
short_description: >
A pod managed directly by the kubelet daemon on a specific node.
@ -24,8 +12,24 @@ aka:
tags:
- fundamental
---
-->
---
title: Static Pod
id: static-pod
date: 2019-02-12
full_link: /zh/docs/tasks/configure-pod-container/static-pod/
short_description: >
Static Pod静态Pod是指由特定节点上的 kubelet 守护进程直接管理的 pod。
aka:
tags:
- fundamental
---
<!--
A {{< glossary_tooltip text="pod" term_id="pod" >}} managed directly by the kubelet
daemon on a specific node,

18
content/zh/docs/reference/glossary/storage-class.md
View File

@ -1,10 +1,12 @@
<!--
---
title: 存储类别
title: Storage Class
id: storageclass
date: 2018-04-12
full_link: /zh/docs/concepts/storage/storage-classes/
full_link: /docs/concepts/storage/storage-classes
short_description: >
StorageClass 是管理员用来描述不同的可用存储类型的一种方法。
A StorageClass provides a way for administrators to describe different available storage types.
aka:
tags:
@ -12,26 +14,26 @@ tags:
- storage
---
<!--
-->
---
title: StorageClass
id: storageclass
date: 2018-04-12
full_link: /zh/docs/concepts/storage/storage-classes/
short_description: >
A StorageClass provides a way for administrators to describe different available storage types.
StorageClass存储类别 是管理员用来描述不同的可用存储类型的一种方法。
aka:
tags:
- core-object
- storage
---
-->
<!--
A StorageClass provides a way for administrators to describe different available storage types.
-->
StorageClass 是管理员用来描述不同的可用存储类型的一种方法。
<!--more-->
@ -40,5 +42,5 @@ tags:
StorageClasses can map to quality-of-service levels, backup policies, or to arbitrary policies determined by cluster administrators. Each StorageClass contains the fields `provisioner`, `parameters`, and `reclaimPolicy`, which are used when a {{< glossary_tooltip text="Persistent Volume" term_id="persistent-volume" >}} belonging to the class needs to be dynamically provisioned. Users can request a particular class using the name of a StorageClass object.
-->
StorageClass 可以映射到服务质量等级QoS、备份策略、或者管理员随机定义的策略。每个 StorageClass 对象包含的域有 `provisioner``parameters``reclaimPolicy`属于该存储类别的 {{< glossary_tooltip text="永久卷" term_id="persistent-volume" >}} 需要动态分配时就要用到这些参数。通过 StorageClass 对象的名称,用户可以请求他们需要的特定存储类别。
StorageClass 可以映射到服务质量等级QoS、备份策略、或者管理员随机定义的策略。每个 StorageClass 对象包含的域有 `provisioner``parameters``reclaimPolicy`每个 StorageClass 对象包含字段`provisioner`、`parameters`、and `reclaimPolicy`,一般该存储类别的 {{< glossary_tooltip text="永久卷" term_id="persistent-volume" >}} 需要动态分配时就要用到这些字段参数。通过 StorageClass 对象的名称,用户可以请求他们需要的特定存储类别。

29
content/zh/docs/reference/glossary/sysctl.md
View File

@ -1,3 +1,19 @@
<!--
---
title: sysctl
id: sysctl
date: 2019-02-12
full_link: /docs/tasks/administer-cluster/sysctl-cluster/
short_description: >
An interface for getting and setting Unix kernel parameters
aka:
tags:
- tool
---
-->
---
title: sysctl
id: sysctl
@ -11,20 +27,7 @@ tags:
- 工具
---
<!--
---
title: sysctl
id: sysctl
date: 2019-02-12
full_link: /zh/docs/tasks/administer-cluster/sysctl-cluster/
short_description: >
An interface for getting and setting Unix kernel parameters
aka:
tags:
- tool
---
-->
<!--
`sysctl` is a semi-standardized interface for reading or changing the

40
content/zh/docs/reference/glossary/taint.md
View File

@ -1,19 +1,5 @@
---
title: 污点
id: taint
date: 2019-01-11
full_link: /docs/concepts/configuration/taint-and-toleration/
short_description: >
一个核心对象,由三个必需的属性组成:键,值和效果。污点会阻止在节点或节点组上调度 Pod。
aka:
tags:
- core-object
- fundamental
---
一个核心对象,由三个必需的属性组成:键,值和效果。污点会阻止在节点或节点组上调度 Pod。
<!--
---
title: Taint
id: taint
@ -27,13 +13,33 @@ tags:
- core-object
- fundamental
---
A core object consisting of three required properties: key, value, and effect. Taints prevent the scheduling of pods on nodes or node groups.
-->
---
title: Taint污点
id: taint
date: 2019-01-11
full_link: /docs/concepts/configuration/taint-and-toleration/
short_description: >
一个核心对象由三个必需的属性组成值和效果。Taint污点会阻止在节点或节点组上调度 Pod。
aka:
tags:
- core-object
- fundamental
---
<!--
A core object consisting of three required properties: key, value, and effect. Taints prevent the scheduling of {{< glossary_tooltip text="Pods" term_id="pod" >}} on {{< glossary_tooltip text="nodes" term_id="node" >}} or node groups.
-->
一个核心对象,由三个必需的属性组成:键、值和效果。污点会阻止在{{< glossary_tooltip text="节点" term_id="node" >}}或节点组上调度 {{< glossary_tooltip text="Pods" term_id="pod" >}}。
<!--more-->
<!--
Taints and {{< glossary_tooltip text="tolerations" term_id="toleration" >}} work together to ensure that pods are not scheduled onto inappropriate nodes. One or more taints are applied to a {{< glossary_tooltip text="node" term_id="node" >}}. A node should only schedule a pod with the matching tolerations for the configured taints.
Taints and {{< glossary_tooltip text="tolerations" term_id="toleration" >}} work together to ensure that pods are not scheduled onto inappropriate nodes. One or more taints are applied to a node. A node should only schedule a Pod with the matching tolerations for the configured taints.
-->
污点和 {{< glossary_tooltip text="容忍度" term_id="toleration" >}} 一起工作,以确保不会将 Pod 调度到不适合的节点上。一个或多个污点应用于 {{< glossary_tooltip text="节点" term_id="node" >}}。节点应该仅能调度那些带着能与污点相匹配容忍度的 pod。

38
content/zh/docs/reference/glossary/toleration.md
View File

@ -1,24 +1,10 @@
---
title: 容忍度
id: toleration
date: 2019-01-11
full_link: /docs/concepts/configuration/taint-and-toleration/
short_description: >
一个核心对象由三个必需的属性组成key、value 和 effect。容忍度允许将 Pod 调度到具有对应污点的节点或节点组上。
aka:
tags:
- core-object
- fundamental
---
一个核心对象由三个必需的属性组成key、value 和 effect。
容忍度允许将 Pod 调度到具有匹配 {{< glossary_tooltip text="污点" term_id="taint" >}} 的节点或节点组上。
<!--
---
title: Toleration
id: toleration
date: 2019-01-11
full_link: /docs/concepts/configuration/taint-and-toleration/
full_link: /docs/concepts/scheduling-eviction/taint-and-toleration/
short_description: >
A core object consisting of three required properties: key, value, and effect. Tolerations enable the scheduling of pods on nodes or node groups that have a matching taint.
@ -27,8 +13,28 @@ tags:
- core-object
- fundamental
---
-->
---
title: toleration容忍度
id: toleration
date: 2019-01-11
full_link: /zh/docs/concepts/scheduling-eviction/taint-and-toleration/
short_description: >
一个核心对象由三个必需的属性组成key、value 和 effect。容忍度允许将 Pod 调度到具有对应污点的节点或节点组上。
aka:
tags:
- core-object
- fundamental
---
<!--
A core object consisting of three required properties: key, value, and effect. Tolerations enable the scheduling of pods on nodes or node groups that have matching {{< glossary_tooltip text="taints" term_id="taint" >}}.
-->
一个核心对象由三个必需的属性组成key、value 和 effect。容忍度允许将 Pod 调度到具有匹配 {{< glossary_tooltip text="污点" term_id="taint" >}} 的节点或节点组上。
<!--more-->

30
content/zh/docs/reference/glossary/uid.md
View File

@ -1,3 +1,20 @@
<!--
---
title: UID
id: uid
date: 2018-04-12
full_link: /docs/concepts/overview/working-with-objects/names
short_description: >
A Kubernetes systems-generated string to uniquely identify objects.
aka:
tags:
- fundamental
---
-->
---
title: UID
id: uid
@ -11,20 +28,7 @@ tags:
- fundamental
---
<!--
---
title: UID
id: uid
date: 2018-04-12
full_link: /zh/docs/concepts/overview/working-with-objects/names/
short_description: >
A Kubernetes systems-generated string to uniquely identify objects.
aka:
tags:
- fundamental
---
-->
<!--
A Kubernetes systems-generated string to uniquely identify objects.

24
content/zh/docs/reference/glossary/upstream.md
View File

@ -1,3 +1,20 @@
<!--
---
title: Upstream (disambiguation)
id: upstream
date: 2018-04-12
full_link:
short_description: >
May refer to: core Kubernetes or the source repo from which a repo was forked.
aka:
tags:
- community
---
-->
---
title: Upstream (disambiguation)
id: upstream
@ -13,15 +30,14 @@ tags:
<!--
May refer to: core Kubernetes or the source repo from which a repo was forked.
-->
可以参考:核心 Kubernetes 仓库或作为当前仓库派生来源的来源仓库。
<!--more-->
<!--
* In the **Kubernetes Community**: Conversations often use *upstream* to mean the core Kubernetes codebase, which the general ecosystem, other code, or third-party tools relies upon. For example, [community members](#term-member) may suggest that a feature is moved upstream so that it is in the core codebase instead of in a plugin or third-party tool.
* In **GitHub** or **git**: The convention is to refer to a source repo as *upstream*, whereas the forked repo is considered *downstream*.
-->
可以参考:核心 Kubernetes 仓库或作为当前仓库派生来源的来源仓库。
<!-- 更多 -->
* 在 **Kubernetes社区**:对话中通常使用 *upstream* 来表示核心 Kubernetes 代码库,也就是更广泛的 kubernetes 生态系统、其他代码或第三方工具所依赖的仓库。 例如,[社区成员](#term-member)可能会建议将某个功能特性贡献到 upstream使其位于核心代码库中而不是维护于插件或第三方工具中。
* 在 **GitHub****git** 中:约定是将源仓库称为 *upstream*,而派生的仓库则被视为 *downstream*

30
content/zh/docs/reference/glossary/volume-plugin.md
View File

@ -1,18 +1,5 @@
---
title: 卷Volume插件
id: volumeplugin
date: 2018-04-12
full_link:
short_description: >
Volume插件可以让 Pod 集成存储。
aka:
tags:
- core-object
- storage
---
<!--
---
title: Volume Plugin
id: volumeplugin
@ -26,8 +13,23 @@ tags:
- core-object
- storage
---
-->
---
title: Volume Plugin卷插件
id: volumeplugin
date: 2018-04-12
full_link:
short_description: >
卷插件可以让 Pod 集成存储。
aka:
tags:
- core-object
- storage
---
<!--
A Volume Plugin enables integration of storage within a {{< glossary_tooltip text="Pod" term_id="pod" >}}.
-->

49
content/zh/docs/reference/glossary/volume.md
View File

@ -1,5 +1,23 @@
<!--
---
title: 卷
title: Volume
id: volume
date: 2018-04-12
full_link: /docs/concepts/storage/volumes/
short_description: >
A directory containing data, accessible to the containers in a pod.
aka:
tags:
- core-object
- fundamental
---
-->
---
title: Volume
id: volume
date: 2018-04-12
full_link: /zh/docs/concepts/storage/volumes/
@ -12,32 +30,23 @@ tags:
- fundamental
---
<!--
title: Volume
id: volume
date: 2018-04-12
full_link: /zh/docs/concepts/storage/volumes/
short_description: >
A directory containing data, accessible to the containers in a pod.
aka:
tags:
- core-object
- fundamental
<!--
A directory containing data, accessible to the {{< glossary_tooltip text="containers" term_id="container" >}} in a {{< glossary_tooltip term_id="pod" >}}.
-->
包含可被 {{< glossary_tooltip text="pod" term_id="pod" >}} 中{{< glossary_tooltip text="容器" term_id="container" >}}访问的数据的目录。
<!--
A directory containing data, accessible to the containers in a {{< glossary_tooltip text="pod" term_id="pod" >}}.
-->
包含可被 {{< glossary_tooltip text="pod" term_id="pod" >}} 中容器访问的数据的目录。
<!--more-->
<!--
A Kubernetes volume lives as long as the {{< glossary_tooltip text="pod" term_id="pod" >}} that encloses it. Consequently, a volume outlives any {{< glossary_tooltip text="containers" term_id="container" >}} that run within the {{< glossary_tooltip text="pod" term_id="pod" >}}, and data is preserved across {{< glossary_tooltip text="container" term_id="container" >}} restarts.
A Kubernetes volume lives as long as the Pod that encloses it. Consequently, a volume outlives any containers that run within the Pod, and data in the volume is preserved across container restarts.
-->
每个 Kubernetes 卷在所处的{{< glossary_tooltip text="pod" term_id="pod" >}} 存在期间保持存在状态。
因此,卷的生命期会超出 {{< glossary_tooltip text="pod" term_id="pod" >}} 中运行的{{< glossary_tooltip text="容器" term_id="container" >}}
并且保证{{< glossary_tooltip text="容器" term_id="container" >}}重启之后仍保留数据。
<!--
See [storage](/docs/concepts/storage/) for more information.
-->
更多信息可参考[storage](/zh/docs/concepts/storage/)

30
content/zh/docs/reference/glossary/wg.md
View File

@ -1,3 +1,20 @@
<!--
---
title: WG (working group)
id: wg
date: 2018-04-12
full_link: https://github.com/kubernetes/community/blob/master/sig-list.md#master-working-group-list
short_description: >
Facilitates the discussion and/or implementation of a short-lived, narrow, or decoupled project for a committee, SIG, or cross-SIG effort.
aka:
tags:
- community
---
-->
---
title: WG (工作组)
id: wg
@ -11,20 +28,7 @@ tags:
- community
---
<!--
---
title: WG (working group)
id: wg
date: 2018-04-12
full_link: https://github.com/kubernetes/community/blob/master/sig-list.md#master-working-group-list
short_description: >
Facilitates the discussion and/or implementation of a short-lived, narrow, or decoupled project for a committee, SIG, or cross-SIG effort.
aka:
tags:
- community
---
-->
<!--
Facilitates the discussion and/or implementation of a short-lived, narrow, or decoupled project for a committee, {{< glossary_tooltip text="SIG" term_id="sig" >}}, or cross-SIG effort.

43
content/zh/docs/reference/glossary/workload.md
View File

@ -1,39 +1,48 @@
---
title: 工作负载
id: workloads
date: 2019-02-13
full_link: /zh/docs/concepts/workloads/
short_description: >
工作负载是在 Kubernetes 上运行的应用程序。
<!--
aka:
tags:
- fundamental
---
<!-- ---
title: Workload
id: workloads
date: 2019-02-13
full_link: /zh/docs/concepts/workloads/
full_link: /docs/concepts/workloads/
short_description: >
A workload is an application running on Kubernetes.
aka:
tags:
- fundamental
--- -->
<!-- A workload is an application running on Kubernetes. -->
---
-->
---
title: Workload工作负载
id: workloads
date: 2019-02-13
full_link: /zh/docs/concepts/workloads/
short_description: >
工作负载是在 Kubernetes 上运行的应用程序。
aka:
tags:
- fundamental
---
<!--
A workload is an application running on Kubernetes.
-->
工作负载是在 Kubernetes 上运行的应用程序。
<!--more-->
<!-- Various core objects that represent different types or parts of a workload
<!--
Various core objects that represent different types or parts of a workload
include the DaemonSet, Deployment, Job, ReplicaSet, and StatefulSet objects.
For example, a workload that has a web server and a database might run the
database in one {{< glossary_tooltip term_id="StatefulSet" >}} and the web server
in a {{< glossary_tooltip term_id="Deployment" >}}. -->
in a {{< glossary_tooltip term_id="Deployment" >}}.
-->
代表不同类型或部分工作负载的各种核心对象包括 DaemonSet, Deployment, Job, ReplicaSet, and StatefulSet。
例如,具有 Web 服务器和数据库的工作负载可能在一个 {{< glossary_tooltip term_id="StatefulSet" >}} 中运行数据库,而 Web 服务器运行在 {{< glossary_tooltip term_id="Deployment" >}}。