diff --git a/content/ko/examples/admin/logging/two-files-counter-pod-agent-sidecar.yaml b/content/ko/examples/admin/logging/two-files-counter-pod-agent-sidecar.yaml index b37b616e6f..ddfb8104cb 100644 --- a/content/ko/examples/admin/logging/two-files-counter-pod-agent-sidecar.yaml +++ b/content/ko/examples/admin/logging/two-files-counter-pod-agent-sidecar.yaml @@ -5,7 +5,7 @@ metadata: spec: containers: - name: count - image: busybox + image: busybox:1.28 args: - /bin/sh - -c diff --git a/content/ko/examples/admin/logging/two-files-counter-pod-streaming-sidecar.yaml b/content/ko/examples/admin/logging/two-files-counter-pod-streaming-sidecar.yaml index 87bd198cfd..ac19efe4a2 100644 --- a/content/ko/examples/admin/logging/two-files-counter-pod-streaming-sidecar.yaml +++ b/content/ko/examples/admin/logging/two-files-counter-pod-streaming-sidecar.yaml @@ -5,7 +5,7 @@ metadata: spec: containers: - name: count - image: busybox + image: busybox:1.28 args: - /bin/sh - -c @@ -22,14 +22,14 @@ spec: - name: varlog mountPath: /var/log - name: count-log-1 - image: busybox - args: [/bin/sh, -c, 'tail -n+1 -f /var/log/1.log'] + image: busybox:1.28 + args: [/bin/sh, -c, 'tail -n+1 -F /var/log/1.log'] volumeMounts: - name: varlog mountPath: /var/log - name: count-log-2 - image: busybox - args: [/bin/sh, -c, 'tail -n+1 -f /var/log/2.log'] + image: busybox:1.28 + args: [/bin/sh, -c, 'tail -n+1 -F /var/log/2.log'] volumeMounts: - name: varlog mountPath: /var/log diff --git a/content/ko/examples/admin/logging/two-files-counter-pod.yaml b/content/ko/examples/admin/logging/two-files-counter-pod.yaml index 6ebeb717a1..31bbed3cf8 100644 --- a/content/ko/examples/admin/logging/two-files-counter-pod.yaml +++ b/content/ko/examples/admin/logging/two-files-counter-pod.yaml @@ -5,7 +5,7 @@ metadata: spec: containers: - name: count - image: busybox + image: busybox:1.28 args: - /bin/sh - -c diff --git a/content/ko/examples/admin/resource/limit-range-pod-1.yaml b/content/ko/examples/admin/resource/limit-range-pod-1.yaml index 0457792af9..b9bd20d06a 100644 --- a/content/ko/examples/admin/resource/limit-range-pod-1.yaml +++ b/content/ko/examples/admin/resource/limit-range-pod-1.yaml @@ -5,7 +5,7 @@ metadata: spec: containers: - name: busybox-cnt01 - image: busybox + image: busybox:1.28 command: ["/bin/sh"] args: ["-c", "while true; do echo hello from cnt01; sleep 10;done"] resources: @@ -16,7 +16,7 @@ spec: memory: "200Mi" cpu: "500m" - name: busybox-cnt02 - image: busybox + image: busybox:1.28 command: ["/bin/sh"] args: ["-c", "while true; do echo hello from cnt02; sleep 10;done"] resources: @@ -24,7 +24,7 @@ spec: memory: "100Mi" cpu: "100m" - name: busybox-cnt03 - image: busybox + image: busybox:1.28 command: ["/bin/sh"] args: ["-c", "while true; do echo hello from cnt03; sleep 10;done"] resources: @@ -32,6 +32,6 @@ spec: memory: "200Mi" cpu: "500m" - name: busybox-cnt04 - image: busybox + image: busybox:1.28 command: ["/bin/sh"] args: ["-c", "while true; do echo hello from cnt04; sleep 10;done"] diff --git a/content/ko/examples/admin/resource/limit-range-pod-2.yaml b/content/ko/examples/admin/resource/limit-range-pod-2.yaml index efac440269..40da19c1ae 100644 --- a/content/ko/examples/admin/resource/limit-range-pod-2.yaml +++ b/content/ko/examples/admin/resource/limit-range-pod-2.yaml @@ -5,7 +5,7 @@ metadata: spec: containers: - name: busybox-cnt01 - image: busybox + image: busybox:1.28 command: ["/bin/sh"] args: ["-c", "while true; do echo hello from cnt01; sleep 10;done"] resources: @@ -16,7 +16,7 @@ spec: memory: "200Mi" cpu: "500m" - name: busybox-cnt02 - image: busybox + image: busybox:1.28 command: ["/bin/sh"] args: ["-c", "while true; do echo hello from cnt02; sleep 10;done"] resources: @@ -24,7 +24,7 @@ spec: memory: "100Mi" cpu: "100m" - name: busybox-cnt03 - image: busybox + image: busybox:1.28 command: ["/bin/sh"] args: ["-c", "while true; do echo hello from cnt03; sleep 10;done"] resources: @@ -32,6 +32,6 @@ spec: memory: "200Mi" cpu: "500m" - name: busybox-cnt04 - image: busybox + image: busybox:1.28 command: ["/bin/sh"] args: ["-c", "while true; do echo hello from cnt04; sleep 10;done"] diff --git a/content/ko/examples/admin/resource/limit-range-pod-3.yaml b/content/ko/examples/admin/resource/limit-range-pod-3.yaml index 8afdb6379c..503200a966 100644 --- a/content/ko/examples/admin/resource/limit-range-pod-3.yaml +++ b/content/ko/examples/admin/resource/limit-range-pod-3.yaml @@ -5,7 +5,7 @@ metadata: spec: containers: - name: busybox-cnt01 - image: busybox + image: busybox:1.28 resources: limits: memory: "300Mi" diff --git a/content/ko/examples/application/job/cronjob.yaml b/content/ko/examples/application/job/cronjob.yaml index 9f06ca7bd6..78d0e2d314 100644 --- a/content/ko/examples/application/job/cronjob.yaml +++ b/content/ko/examples/application/job/cronjob.yaml @@ -10,7 +10,7 @@ spec: spec: containers: - name: hello - image: busybox + image: busybox:1.28 imagePullPolicy: IfNotPresent command: - /bin/sh diff --git a/content/ko/examples/application/job/job-tmpl.yaml b/content/ko/examples/application/job/job-tmpl.yaml index 790025b38b..d7dbbafd62 100644 --- a/content/ko/examples/application/job/job-tmpl.yaml +++ b/content/ko/examples/application/job/job-tmpl.yaml @@ -13,6 +13,6 @@ spec: spec: containers: - name: c - image: busybox + image: busybox:1.28 command: ["sh", "-c", "echo Processing item $ITEM && sleep 5"] restartPolicy: Never diff --git a/content/ko/examples/application/mysql/mysql-configmap.yaml b/content/ko/examples/application/mysql/mysql-configmap.yaml index 6dd50665a2..538f9f3324 100644 --- a/content/ko/examples/application/mysql/mysql-configmap.yaml +++ b/content/ko/examples/application/mysql/mysql-configmap.yaml @@ -9,8 +9,10 @@ data: # Primary에만 이 구성을 적용한다. [mysqld] log-bin + datadir=/var/lib/mysql/mysql replica.cnf: | # 레플리카에만 이 구성을 적용한다. [mysqld] super-read-only + datadir=/var/lib/mysql/mysql diff --git a/content/ko/examples/application/mysql/mysql-services.yaml b/content/ko/examples/application/mysql/mysql-services.yaml index 17279dd7f9..c5cfa4936b 100644 --- a/content/ko/examples/application/mysql/mysql-services.yaml +++ b/content/ko/examples/application/mysql/mysql-services.yaml @@ -27,4 +27,3 @@ spec: port: 3306 selector: app: mysql - diff --git a/content/ko/examples/controllers/daemonset.yaml b/content/ko/examples/controllers/daemonset.yaml index 685a137244..c17ebfe5c5 100644 --- a/content/ko/examples/controllers/daemonset.yaml +++ b/content/ko/examples/controllers/daemonset.yaml @@ -15,8 +15,11 @@ spec: name: fluentd-elasticsearch spec: tolerations: - # this toleration is to have the daemonset runnable on master nodes - # remove it if your masters can't run pods + # 이 톨러레이션(toleration)은 데몬셋이 컨트롤 플레인 노드에서 실행될 수 있도록 만든다. + # 컨트롤 플레인 노드가 이 파드를 실행해서는 안 되는 경우, 이 톨러레이션을 제거한다. + - key: node-role.kubernetes.io/control-plane + operator: Exists + effect: NoSchedule - key: node-role.kubernetes.io/master operator: Exists effect: NoSchedule diff --git a/content/ko/examples/controllers/fluentd-daemonset-update.yaml b/content/ko/examples/controllers/fluentd-daemonset-update.yaml index 48adc99ce9..fc8c7f984e 100644 --- a/content/ko/examples/controllers/fluentd-daemonset-update.yaml +++ b/content/ko/examples/controllers/fluentd-daemonset-update.yaml @@ -19,9 +19,13 @@ spec: name: fluentd-elasticsearch spec: tolerations: - # 이 톨러레이션(toleration)은 마스터 노드에서 실행 가능한 데몬셋이 - # 마스터에서 파드를 실행할 수 없는 경우 이를 제거하는 것이다 + # 이 톨러레이션(toleration)은 데몬셋이 컨트롤 플레인 노드에서 실행될 수 있도록 만든다. + # 컨트롤 플레인 노드가 이 파드를 실행해서는 안 되는 경우, 이 톨러레이션을 제거한다. + - key: node-role.kubernetes.io/control-plane + operator: Exists + effect: NoSchedule - key: node-role.kubernetes.io/master + operator: Exists effect: NoSchedule containers: - name: fluentd-elasticsearch diff --git a/content/ko/examples/controllers/fluentd-daemonset.yaml b/content/ko/examples/controllers/fluentd-daemonset.yaml index 2ff2e66014..02b0eb2b1d 100644 --- a/content/ko/examples/controllers/fluentd-daemonset.yaml +++ b/content/ko/examples/controllers/fluentd-daemonset.yaml @@ -19,9 +19,13 @@ spec: name: fluentd-elasticsearch spec: tolerations: - # 이 톨러레이션(toleration)은 마스터 노드에서 실행 가능한 데몬셋이 - # 마스터에서 파드를 실행할 수 없는 경우 이를 제거하는 것이다 + # 이 톨러레이션(toleration)은 데몬셋이 컨트롤 플레인 노드에서 실행될 수 있도록 만든다. + # 컨트롤 플레인 노드가 이 파드를 실행해서는 안 되는 경우, 이 톨러레이션을 제거한다. + - key: node-role.kubernetes.io/control-plane + operator: Exists + effect: NoSchedule - key: node-role.kubernetes.io/master + operator: Exists effect: NoSchedule containers: - name: fluentd-elasticsearch diff --git a/content/ko/examples/debug/counter-pod.yaml b/content/ko/examples/debug/counter-pod.yaml index f997886386..a91b2f8915 100644 --- a/content/ko/examples/debug/counter-pod.yaml +++ b/content/ko/examples/debug/counter-pod.yaml @@ -5,6 +5,6 @@ metadata: spec: containers: - name: count - image: busybox + image: busybox:1.28 args: [/bin/sh, -c, 'i=0; while true; do echo "$i: $(date)"; i=$((i+1)); sleep 1; done'] diff --git a/content/ko/examples/pods/init-containers.yaml b/content/ko/examples/pods/init-containers.yaml index e83beec9af..b99775c24a 100644 --- a/content/ko/examples/pods/init-containers.yaml +++ b/content/ko/examples/pods/init-containers.yaml @@ -14,7 +14,7 @@ spec: # 이 컨테이너들은 파드 초기화 중에 실행된다. initContainers: - name: install - image: busybox + image: busybox:1.28 command: - wget - "-O" diff --git a/content/ko/examples/pods/inject/dependent-envars.yaml b/content/ko/examples/pods/inject/dependent-envars.yaml index 2509c6f47b..67d07098ba 100644 --- a/content/ko/examples/pods/inject/dependent-envars.yaml +++ b/content/ko/examples/pods/inject/dependent-envars.yaml @@ -10,7 +10,7 @@ spec: command: - sh - -c - image: busybox + image: busybox:1.28 env: - name: SERVICE_PORT value: "80" diff --git a/content/ko/examples/pods/pod-with-node-affinity.yaml b/content/ko/examples/pods/pod-with-node-affinity.yaml index 253d2b21ea..e077f79883 100644 --- a/content/ko/examples/pods/pod-with-node-affinity.yaml +++ b/content/ko/examples/pods/pod-with-node-affinity.yaml @@ -8,11 +8,10 @@ spec: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - - key: kubernetes.io/e2e-az-name + - key: kubernetes.io/os operator: In values: - - e2e-az1 - - e2e-az2 + - linux preferredDuringSchedulingIgnoredDuringExecution: - weight: 1 preference: diff --git a/content/ko/examples/pods/resource/memory-request-limit-3.yaml b/content/ko/examples/pods/resource/memory-request-limit-3.yaml index 9f089c4a7a..d816393986 100644 --- a/content/ko/examples/pods/resource/memory-request-limit-3.yaml +++ b/content/ko/examples/pods/resource/memory-request-limit-3.yaml @@ -8,9 +8,9 @@ spec: - name: memory-demo-3-ctr image: polinux/stress resources: - limits: - memory: "1000Gi" requests: memory: "1000Gi" + limits: + memory: "1000Gi" command: ["stress"] args: ["--vm", "1", "--vm-bytes", "150M", "--vm-hang", "1"] diff --git a/content/ko/examples/pods/resource/memory-request-limit.yaml b/content/ko/examples/pods/resource/memory-request-limit.yaml index 985b1308d9..07ce3e7d3c 100644 --- a/content/ko/examples/pods/resource/memory-request-limit.yaml +++ b/content/ko/examples/pods/resource/memory-request-limit.yaml @@ -8,9 +8,9 @@ spec: - name: memory-demo-ctr image: polinux/stress resources: - limits: - memory: "200Mi" requests: memory: "100Mi" + limits: + memory: "200Mi" command: ["stress"] args: ["--vm", "1", "--vm-bytes", "150M", "--vm-hang", "1"] diff --git a/content/ko/examples/pods/security/hello-apparmor.yaml b/content/ko/examples/pods/security/hello-apparmor.yaml index 2aca197e76..e988073856 100644 --- a/content/ko/examples/pods/security/hello-apparmor.yaml +++ b/content/ko/examples/pods/security/hello-apparmor.yaml @@ -9,5 +9,5 @@ metadata: spec: containers: - name: hello - image: busybox - command: [ "sh", "-c", "echo 'Hello AppArmor!' && sleep 1h" ] \ No newline at end of file + image: busybox:1.28 + command: [ "sh", "-c", "echo 'Hello AppArmor!' && sleep 1h" ] diff --git a/content/ko/examples/policy/restricted-psp.yaml b/content/ko/examples/policy/restricted-psp.yaml index 4cdc12639a..9d5f6ed21a 100644 --- a/content/ko/examples/policy/restricted-psp.yaml +++ b/content/ko/examples/policy/restricted-psp.yaml @@ -3,6 +3,7 @@ kind: PodSecurityPolicy metadata: name: restricted annotations: + # docker/default 는 seccomp를 위한 프로파일을 나타내지만, 특별히 도커 런타임에 묶여 있는 것은 아니다. seccomp.security.alpha.kubernetes.io/allowedProfileNames: 'docker/default,runtime/default' apparmor.security.beta.kubernetes.io/allowedProfileNames: 'runtime/default' apparmor.security.beta.kubernetes.io/defaultProfileName: 'runtime/default' diff --git a/content/ko/examples/service/networking/hostaliases-pod.yaml b/content/ko/examples/service/networking/hostaliases-pod.yaml index 643813b34a..268bffbbf5 100644 --- a/content/ko/examples/service/networking/hostaliases-pod.yaml +++ b/content/ko/examples/service/networking/hostaliases-pod.yaml @@ -15,7 +15,7 @@ spec: - "bar.remote" containers: - name: cat-hosts - image: busybox + image: busybox:1.28 command: - cat args: diff --git a/content/ko/releases/_index.md b/content/ko/releases/_index.md index aa6a306f8a..0bc57340a3 100644 --- a/content/ko/releases/_index.md +++ b/content/ko/releases/_index.md @@ -7,7 +7,7 @@ type: docs -쿠버네티스 프로젝트는 가장 최신의 3개 마이너(minor) 릴리스({{< skew latestVersion >}}, {{< skew prevMinorVersion >}}, {{< skew oldestMinorVersion >}})에 대해서 릴리스 브랜치를 관리한다. 쿠버네티스 1.19 및 이후 신규 버전은 약 1년간 패치 지원을 받을 수 있다. 쿠버네티스 1.18 및 이전 버전은 약 9개월간의 패치 지원을 받을 수 있다. +쿠버네티스 프로젝트는 가장 최신의 3개 마이너(minor) 릴리스({{< skew latestVersion >}}, {{< skew prevMinorVersion >}}, {{< skew oldestMinorVersion >}})에 대해서 릴리스 브랜치를 관리한다. 쿠버네티스 1.19 및 이후 신규 버전은 [약 1년간 패치 지원](/releases/patch-releases/#support-period)을 받을 수 있다. 쿠버네티스 1.18 및 이전 버전은 약 9개월간의 패치 지원을 받을 수 있다. 쿠버네티스 버전은 **x.y.z** 의 형태로 표현되는데, **x** 는 메이저(major) 버전, **y** 는 마이너(minor), **z** 는 패치(patch) 버전을 의미하며, 이는 [시맨틱 버전](https://semver.org/)의 용어를 따른 것이다.