From bf84c6a5a0065e6f2a9e3640be685ff5c8655e94 Mon Sep 17 00:00:00 2001
From: "wei.wang" <wei.wang@daocloud.io>
Date: Fri, 29 Apr 2022 01:39:44 +0800
Subject: [PATCH] [zh]Sync content/zh/examples/policy/restricted-psp.yaml

[zh]Sync content/zh/examples/policy/restricted-psp.yaml
---
 content/zh/examples/policy/restricted-psp.yaml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/content/zh/examples/policy/restricted-psp.yaml b/content/zh/examples/policy/restricted-psp.yaml
index 99c836b9ff..53dec3a1af 100644
--- a/content/zh/examples/policy/restricted-psp.yaml
+++ b/content/zh/examples/policy/restricted-psp.yaml
@@ -3,6 +3,7 @@ kind: PodSecurityPolicy
 metadata:
   name: restricted
   annotations:
+    # docker/default 标识 seccomp 的配置文件，但它与 Docker 运行时没有特别关联
     seccomp.security.alpha.kubernetes.io/allowedProfileNames: 'docker/default,runtime/default'
     apparmor.security.beta.kubernetes.io/allowedProfileNames: 'runtime/default'
     apparmor.security.beta.kubernetes.io/defaultProfileName:  'runtime/default'
@@ -45,3 +46,4 @@ spec:
       - min: 1
         max: 65535
   readOnlyRootFilesystem: false
+