Apply concept template to extend-kubernetes and configuration dirs (#8995)

2018-06-11 12:38:26 -07:00 · 2018-06-11 12:38:26 -07:00 · 89a06bdb29
parent b11a514313
commit 89a06bdb29
9 changed files with 112 additions and 15 deletions
--- a/content/en/docs/concepts/configuration/assign-pod-node.md
+++ b/content/en/docs/concepts/configuration/assign-pod-node.md
@ -4,9 +4,14 @@ reviewers:
 - kevin-wangzefeng
 - bsalamat
 title: Assigning Pods to Nodes
+content_template: templates/concept
 weight: 30
 ---

+{{< toc >}}
+
+{{% capture overview %}}
+
 You can constrain a [pod](/docs/concepts/workloads/pods/pod/) to only be able to run on particular [nodes](/docs/concepts/architecture/nodes/) or to prefer to
 run on particular nodes. There are several ways to do this, and they all use
 [label selectors](/docs/concepts/overview/working-with-objects/labels/) to make the selection.
@ -19,7 +24,9 @@ services that communicate a lot into the same availability zone.
 You can find all the files for these examples [in our docs
 repo here](https://github.com/kubernetes/website/tree/{{< param "docsbranch" >}}/docs/concepts/configuration/).

-{{< toc >}}
+{{% /capture %}}
+
+{{% capture body %}}

 ## nodeSelector

@ -332,3 +339,9 @@ For more information on inter-pod affinity/anti-affinity, see the

 You may want to check [Taints](/docs/concepts/configuration/taint-and-toleration/)
 as well, which allow a *node* to *repel* a set of pods.
+
+{{% /capture %}}
+
+{{% capture whatsnext %}}
+
+{{% /capture %}}
--- a/content/en/docs/concepts/configuration/secret.md
+++ b/content/en/docs/concepts/configuration/secret.md
@ -2,15 +2,22 @@
 reviewers:
 - mikedanese
 title: Secrets
+content_template: templates/concept
 weight: 50
 ---

+{{< toc >}}
+
+{{% capture overview %}}
+
 Objects of type `secret` are intended to hold sensitive information, such as
 passwords, OAuth tokens, and ssh keys.  Putting this information in a `secret`
 is safer and more flexible than putting it verbatim in a `pod` definition or in
 a docker image. See [Secrets design document](https://git.k8s.io/community/contributors/design-proposals/auth/secrets.md) for more information.

-{{< toc >}}
+{{% /capture %}}
+
+{{% capture body %}}

 ## Overview of Secrets

@ -638,11 +645,10 @@ The `secret-volume` will contain a single file, called `.secret-file`, and
 the `dotfile-test-container` will have this file present at the path
 `/etc/secret-volume/.secret-file`.

-**NOTE**
-
-Files beginning with dot characters are hidden from the output of  `ls -l`;
+{{< note >}}
+**Note**: Files beginning with dot characters are hidden from the output of  `ls -l`;
 you must use `ls -la` to see them when listing directory contents.
-
+{{< /note >}}

 ### Use-case: Secret visible to one container in a pod

@ -751,3 +757,7 @@ Pod level](#use-case-secret-visible-to-one-container-in-a-pod).
 {{< note >}}
 **Note:** As of 1.7 [encryption of secret data at rest is supported](/docs/tasks/administer-cluster/encrypt-data/).
 {{< /note >}}
+
+{{% capture whatsnext %}}
+
+{{% /capture %}}
--- a/content/en/docs/concepts/configuration/taint-and-toleration.md
+++ b/content/en/docs/concepts/configuration/taint-and-toleration.md
@ -4,9 +4,13 @@ reviewers:
 - kevin-wangzefeng
 - bsalamat
 title: Taints and Tolerations
+content_template: templates/concept
 weight: 40
 ---

+{{< toc >}}
+
+{{% capture overview %}}
 Node affinity, described [here](/docs/concepts/configuration/assign-pod-node/#node-affinity-beta-feature),
 is a property of *pods* that *attracts* them to a set of nodes (either as a
 preference or a hard requirement). Taints are the opposite -- they allow a
@ -18,7 +22,9 @@ marks that the node should not accept any pods that do not tolerate the taints.
 Tolerations are applied to pods, and allow (but do not require) the pods to schedule
 onto nodes with matching taints.

-{{< toc >}}
+{{% /capture %}}
+
+{{% capture body %}}

 ## Concepts

@ -279,3 +285,9 @@ To make sure that turning on this feature doesn't break DaemonSets, starting in

 The above settings ensure backward compatibility, but we understand they may not fit all user's needs, which is why
 cluster admin may choose to add arbitrary tolerations to DaemonSets.
+
+{{% /capture %}}
+
+{{% capture whatsnext %}}
+
+{{% /capture %}}
--- a/content/en/docs/concepts/extend-kubernetes/compute-storage-net/network-plugins.md
+++ b/content/en/docs/concepts/extend-kubernetes/compute-storage-net/network-plugins.md
@ -4,18 +4,26 @@ reviewers:
 - freehan
 - thockin
 title: Network Plugins
+content_template: templates/concept
 weight: 10
 ---

 {{< toc >}}

-__Disclaimer__: Network plugins are in alpha. Its contents will change rapidly.
+{{% capture overview %}}
+
+{{< feature-state state="alpha" >}}
+{{< warning >}}Alpha features change rapidly. {{< /warning >}}

 Network plugins in Kubernetes come in a few flavors:

 * CNI plugins: adhere to the appc/CNI specification, designed for interoperability.
 * Kubenet plugin: implements basic `cbr0` using the `bridge` and `host-local` CNI plugins

+{{% /capture %}}
+
+{{% capture body %}}
+
 ## Installation

 The kubelet has a single default network plugin, and a default network common to the entire cluster. It probes for plugins when it starts up, remembers what it found, and executes the selected plugin at appropriate times in the pod lifecycle (this is only true for Docker, as rkt manages its own CNI plugins). There are two Kubelet command line parameters to keep in mind when using plugins:
@ -71,3 +79,9 @@ This option is provided to the network-plugin; currently **only kubenet supports
 * `--network-plugin=cni` specifies that we use the `cni` network plugin with actual CNI plugin binaries located in `--cni-bin-dir` (default `/opt/cni/bin`) and CNI plugin configuration located in `--cni-conf-dir` (default `/etc/cni/net.d`).
 * `--network-plugin=kubenet` specifies that we use the `kubenet` network plugin with CNI `bridge` and `host-local` plugins placed in `/opt/cni/bin` or `cni-bin-dir`.
 * `--network-plugin-mtu=9001` specifies the MTU to use, currently only used by the `kubenet` network plugin.
+
+{{% /capture %}}
+
+{{% capture whatsnext %}}
+
+{{% /capture %}}
--- a/content/en/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases.md
+++ b/content/en/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases.md
@ -3,14 +3,19 @@ reviewers:
 - rickypai
 - thockin
 title: Adding entries to Pod /etc/hosts with HostAliases
+content_template: templates/concept
 weight: 60
 ---

 {{< toc >}}

+{{% capture overview %}}
 Adding entries to a Pod's /etc/hosts file provides Pod-level override of hostname resolution when DNS and other options are not applicable. In 1.7, users can add these custom entries with the HostAliases field in PodSpec.

 Modification not using HostAliases is not suggested because the file is managed by Kubelet and can be overwritten on during Pod creation/restart.
+{{% /capture %}}
+
+{{% capture body %}}

 ## Default Hosts File Content

@ -91,3 +96,9 @@ In 1.8, HostAlias is supported for all Pods regardless of network configuration.
 Kubelet [manages](https://github.com/kubernetes/kubernetes/issues/14633) the hosts file for each container of the Pod to prevent Docker from [modifying](https://github.com/moby/moby/issues/17190) the file after the containers have already been started.

 Because of the managed-nature of the file, any user-written content will be overwritten whenever the hosts file is remounted by Kubelet in the event of a container restart or a Pod reschedule. Thus, it is not suggested to modify the contents of the file.
+
+{{% /capture %}}
+
+{{% capture whatsnext %}}
+
+{{% /capture %}}
--- a/content/en/docs/concepts/services-networking/connect-applications-service.md
+++ b/content/en/docs/concepts/services-networking/connect-applications-service.md
@ -4,11 +4,14 @@ reviewers:
 - lavalamp
 - thockin
 title: Connecting Applications with Services
+content_template: templates/concept
 weight: 30
 ---

 {{< toc >}}

+{{% capture overview %}}
+
 ## The Kubernetes model for connecting containers

 Now that you have a continuously running, replicated application you can expose it on a network. Before discussing the Kubernetes approach to networking, it is worthwhile to contrast it with the "normal" way networking works with Docker.
@ -19,6 +22,10 @@ Coordinating ports across multiple developers is very difficult to do at scale a

 This guide uses a simple nginx server to demonstrate proof of concept. The same principles are embodied in a more complete [Jenkins CI application](http://blog.kubernetes.io/2015/07/strong-simple-ssl-for-kubernetes.html).

+{{% /capture %}}
+
+{{% capture body %}}
+
 ## Exposing pods to the cluster

 We did this in a previous example, but let's do it once again and focus on the networking perspective. Create an nginx pod, and note that it has a container port specification:
@ -319,10 +326,15 @@ LoadBalancer Ingress:   a320587ffd19711e5a37606cf4a74574-1142138393.us-east-1.el
 ...
 ```

-## Further reading
+{{% /capture %}}
+
+{{% capture whatsnext %}}

 Kubernetes also supports Federated Services, which can span multiple
 clusters and cloud providers, to provide increased availability,
 better fault tolerance and greater scalability for your services. See
 the [Federated Services User Guide](/docs/concepts/cluster-administration/federation-service-discovery/)
 for further information.
+
+{{% /capture %}}
+
--- a/content/en/docs/concepts/services-networking/ingress.md
+++ b/content/en/docs/concepts/services-networking/ingress.md
@ -11,7 +11,7 @@ weight: 40
 {{% /capture %}}

 {{% capture body %}}
-__Terminology__
+## Terminology

 Throughout this doc you will see a few terms that are sometimes used interchangeably elsewhere, that might cause confusion. This section attempts to clarify them.

@ -25,7 +25,7 @@ Throughout this doc you will see a few terms that are sometimes used interchange

 Typically, services and pods have IPs only routable by the cluster network. All traffic that ends up at an edge router is either dropped or forwarded elsewhere. Conceptually, this might look like:

-```
+```none
    internet
        |
  ------------
@ -172,7 +172,7 @@ The Ingress controller will provision an implementation specific loadbalancer th

 Name-based virtual hosts use multiple host names for the same IP address.

-```
+```none
 foo.bar.com --|                 |-> foo.bar.com s1:80
              | 178.91.123.132  |
 bar.foo.com --|                 |-> bar.foo.com s2:80
@ -313,4 +313,7 @@ You can expose a Service in multiple ways that don't directly involve the Ingres
 * Use a [Port Proxy](https://git.k8s.io/contrib/for-demos/proxy-to-service)
 {{% /capture %}}

+{{% capture whatsnext %}}
+
+{{% /capture %}}

--- a/content/en/docs/concepts/services-networking/network-policies.md
+++ b/content/en/docs/concepts/services-networking/network-policies.md
@ -4,15 +4,20 @@ reviewers:
 - caseydavenport
 - danwinship
 title: Network Policies
+content_template: templates/concept
 weight: 50
 ---

 {{< toc >}}

+{{% capture overview %}}
 A network policy is a specification of how groups of pods are allowed to communicate with each other and other network endpoints.

 `NetworkPolicy` resources use labels to select pods and define rules which specify what traffic is allowed to the selected pods.

+{{% /capture %}}
+
+{{% capture body %}}
 ## Prerequisites

 Network policies are implemented by the network plugin, so you must be using a networking solution which supports `NetworkPolicy` - simply creating the resource without a controller to implement it will have no effect.
@ -184,8 +189,13 @@ spec:

 This ensures that even pods that aren't selected by any other NetworkPolicy will not be allowed ingress or egress traffic.

-## What's next?
+{{% /capture %}}
+
+{{% capture whatsnext %}}

 - See the [Declare Network Policy](/docs/tasks/administer-cluster/declare-network-policy/)
  walkthrough for further examples.
 - See more [Recipes](https://github.com/ahmetb/kubernetes-network-policy-recipes) for common scenarios enabled by the NetworkPolicy resource.
+
+{{% /capture %}}
+
--- a/content/en/docs/concepts/services-networking/service.md
+++ b/content/en/docs/concepts/services-networking/service.md
@ -2,9 +2,14 @@
 reviewers:
 - bprashanth
 title: Services
+content_template: templates/concept
 weight: 10
 ---

+{{< toc >}}
+
+{{% capture overview %}}
+
 Kubernetes [`Pods`](/docs/concepts/workloads/pods/pod/) are mortal. They are born and when they die, they
 are not resurrected.  [`ReplicaSets`](/docs/concepts/workloads/controllers/replicaset/) in
 particular create and destroy `Pods` dynamically (e.g. when scaling up or down).  While each `Pod` gets its own IP address, even
@ -33,7 +38,9 @@ that is updated whenever the set of `Pods` in a `Service` changes.  For
 non-native applications, Kubernetes offers a virtual-IP-based bridge to Services
 which redirects to the backend `Pods`.

-{{< toc >}}
+{{% /capture %}}
+
+{{% capture body %}}

 ## Defining a service

@ -890,6 +897,11 @@ Service is a top-level resource in the Kubernetes REST API. More details about t
 API object can be found at:
 [Service API object](/docs/reference/generated/kubernetes-api/{{< param "version" >}}/#service-v1-core).

-## For More Information
+{{% /capture %}}
+
+{{% capture whatsnext %}}

 Read [Connecting a Front End to a Back End Using a Service](/docs/tasks/access-application-cluster/connecting-frontend-backend/).
+
+{{% /capture %}}
+