kubernetes
/
website
mirror of https://github.com/kubernetes/website.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #48822 from my-git9/pp-24144 

[zh-cn]sync and improve volumes.md
pull/48867/head
Kubernetes Prow Robot 2024-11-27 01:04:56 +00:00 committed by GitHub
parent 2253b8b8ae c2d02d80fa
commit b6408350a5
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 126 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

145
content/zh-cn/docs/concepts/storage/volumes.md
View File

@ -497,7 +497,7 @@ to mount in a Pod. You can specify single or multiple target world wide names (W
using the parameter `targetWWNs` in your Volume configuration. If multiple WWNs are specified, using the parameter `targetWWNs` in your Volume configuration. If multiple WWNs are specified,
targetWWNs expect that those WWNs are from multi-path connections. targetWWNs expect that those WWNs are from multi-path connections.
--> -->
### fc (光纤通道) {#fc} ### fc(光纤通道) {#fc}
`fc` 卷类型允许将现有的光纤通道块存储卷挂载到 Pod 中。 `fc` 卷类型允许将现有的光纤通道块存储卷挂载到 Pod 中。
可以使用卷配置中的参数 `targetWWNs` 来指定单个或多个目标 WWNWorld Wide Names 可以使用卷配置中的参数 `targetWWNs` 来指定单个或多个目标 WWNWorld Wide Names
@ -580,7 +580,7 @@ clones the repo using Git, then mount the
`gitRepo` 卷类型已经被弃用。 `gitRepo` 卷类型已经被弃用。
如果需要制备已挂载 Git 仓库的 Pod你可以将 如果需要制备已挂载 Git 仓库的 Pod你可以将
[EmptyDir](#emptydir) 卷挂载到 [Init 容器](/zh-cn/docs/concepts/workloads/pods/init-containers/) 中, [EmptyDir](#emptydir) 卷挂载到 [Init 容器](/zh-cn/docs/concepts/workloads/pods/init-containers/)中,
使用 Git 命令完成仓库的克隆操作,然后将 [EmptyDir](#emptydir) 卷挂载到 Pod 的容器中。 使用 Git 命令完成仓库的克隆操作,然后将 [EmptyDir](#emptydir) 卷挂载到 Pod 的容器中。
--- ---
@ -591,12 +591,12 @@ You can restrict the use of `gitRepo` volumes in your cluster using
[ValidatingAdmissionPolicy](/docs/reference/access-authn-authz/validating-admission-policy/). [ValidatingAdmissionPolicy](/docs/reference/access-authn-authz/validating-admission-policy/).
You can use the following Common Expression Language (CEL) expression as You can use the following Common Expression Language (CEL) expression as
part of a policy to reject use of `gitRepo` volumes: part of a policy to reject use of `gitRepo` volumes:
`has(object.spec.volumes) || !object.spec.volumes.exists(v, has(v.gitRepo))`. `!has(object.spec.volumes) || !object.spec.volumes.exists(v, has(v.gitRepo))`.
--> -->
你可以使用 [ValidatingAdmissionPolicy](/zh-cn/docs/reference/access-authn-authz/validating-admission-policy/) 你可以使用 [ValidatingAdmissionPolicy](/zh-cn/docs/reference/access-authn-authz/validating-admission-policy/)
这类[策略](/zh-cn/docs/concepts/policy/)来限制在你的集群中使用 `gitRepo` 卷。 这类[策略](/zh-cn/docs/concepts/policy/)来限制在你的集群中使用 `gitRepo` 卷。
你可以使用以下通用表达语言CEL表达式作为策略的一部分以拒绝使用 `gitRepo` 卷: 你可以使用以下通用表达语言CEL表达式作为策略的一部分以拒绝使用 `gitRepo` 卷:
`has(object.spec.volumes) || !object.spec.volumes.exists(v, has(v.gitRepo))`。 `!has(object.spec.volumes) || !object.spec.volumes.exists(v, has(v.gitRepo))`。
{{< /warning >}} {{< /warning >}}
<!-- <!--
@ -788,19 +788,38 @@ root 身份运行进程,或者修改主机上的文件权限,以便能够从
--> -->
#### hostPath 配置示例 #### hostPath 配置示例
{{< tabs name="hostpath_examples" >}}
<!-- <!--
Linux node Linux node
---
# This manifest mounts /data/foo on the host as /foo inside the # This manifest mounts /data/foo on the host as /foo inside the
# single container that runs within the hostpath-example-linux Pod. # single container that runs within the hostpath-example-linux Pod.
# #
# The mount into the container is read-only. # The mount into the container is read-only.
apiVersion: v1
# mount /data/foo, but only if that directory already exists kind: Pod
metadata:
# directory location on host name: hostpath-example-linux
# this field is optional spec:
os: { name: linux }
nodeSelector:
kubernetes.io/os: linux
containers:
- name: example-container
image: registry.k8s.io/test-webserver
volumeMounts:
- mountPath: /foo
name: example-volume
readOnly: true
volumes:
- name: example-volume
# mount /data/foo, but only if that directory already exists
hostPath:
path: /data/foo # directory location on host
type: Directory # this field is optional
--> -->
{{< tabs name="hostpath_examples" >}}
{{< tab name="Linux 节点" codelang="yaml" >}} {{< tab name="Linux 节点" codelang="yaml" >}}
--- ---
# 此清单将主机上的 /data/foo 挂载为 hostpath-example-linux Pod 中运行的单个容器内的 /foo # 此清单将主机上的 /data/foo 挂载为 hostpath-example-linux Pod 中运行的单个容器内的 /foo
@ -831,15 +850,32 @@ spec:
<!-- <!--
Windows node Windows node
---
# This manifest mounts C:\Data\foo on the host as C:\foo, inside the # This manifest mounts C:\Data\foo on the host as C:\foo, inside the
# single container that runs within the hostpath-example-windows Pod. # single container that runs within the hostpath-example-windows Pod.
# #
# The mount into the container is read-only. # The mount into the container is read-only.
apiVersion: v1
# mount C:\Data\foo from the host, but only if that directory already exists kind: Pod
metadata:
# directory location on host name: hostpath-example-windows
# this field is optional spec:
os: { name: windows }
nodeSelector:
kubernetes.io/os: windows
containers:
- name: example-container
image: microsoft/windowsservercore:1709
volumeMounts:
- name: example-volume
mountPath: "C:\\foo"
readOnly: true
volumes:
# mount C:\Data\foo from the host, but only if that directory already exists
- name: example-volume
hostPath:
path: "C:\\Data\\foo" # directory location on host
type: Directory # this field is optional
--> -->
{{< tab name="Windows 节点" codelang="yaml" >}} {{< tab name="Windows 节点" codelang="yaml" >}}
--- ---
@ -899,7 +935,34 @@ Here's the example manifest:
以下是清单示例: 以下是清单示例:
<!-- <!--
# Ensure the file directory is created. ```yaml
apiVersion: v1
kind: Pod
metadata:
name: test-webserver
spec:
os: { name: linux }
nodeSelector:
kubernetes.io/os: linux
containers:
- name: test-webserver
image: registry.k8s.io/test-webserver:latest
volumeMounts:
- mountPath: /var/local/aaa
name: mydir
- mountPath: /var/local/aaa/1.txt
name: myfile
volumes:
- name: mydir
hostPath:
# Ensure the file directory is created.
path: /var/local/aaa
type: DirectoryOrCreate
- name: myfile
hostPath:
path: /var/local/aaa/1.txt
type: FileOrCreate
```
--> -->
```yaml ```yaml
apiVersion: v1 apiVersion: v1
@ -1307,7 +1370,25 @@ Here is an example Pod referencing a pre-provisioned Portworx volume:
下面是一个引用预先配备的 Portworx 卷的示例 Pod 下面是一个引用预先配备的 Portworx 卷的示例 Pod
<!-- <!--
# This Portworx volume must already exist. ```yaml
apiVersion: v1
kind: Pod
metadata:
name: test-portworx-volume-pod
spec:
containers:
- image: registry.k8s.io/test-webserver
name: test-container
volumeMounts:
- mountPath: /mnt
name: pxvol
volumes:
- name: pxvol
# This Portworx volume must already exist.
portworxVolume:
volumeID: "pxvol"
fsType: "<fs-type>"
```
--> -->
```yaml ```yaml
apiVersion: v1 apiVersion: v1
@ -1432,7 +1513,7 @@ receive Secret updates.
<!-- <!--
For more details, see [Configuring Secrets](/docs/concepts/configuration/secret/). For more details, see [Configuring Secrets](/docs/concepts/configuration/secret/).
--> -->
更多详情请参考[配置 Secrets](/zh-cn/docs/concepts/configuration/secret/)。 更多详情请参考[配置 Secret](/zh-cn/docs/concepts/configuration/secret/)。
<!-- <!--
### vsphereVolume (deprecated) {#vspherevolume} ### vsphereVolume (deprecated) {#vspherevolume}
@ -1612,7 +1693,33 @@ The host directory `/var/log/pods/pod1` is mounted at `/logs` in the container.
宿主机目录 `/var/log/pods/pod1` 被挂载到容器的 `/logs` 中。 宿主机目录 `/var/log/pods/pod1` 被挂载到容器的 `/logs` 中。
<!-- <!--
# The variable expansion uses round brackets (not curly brackets). ```yaml
apiVersion: v1
kind: Pod
metadata:
name: pod1
spec:
containers:
- name: container1
env:
- name: POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
image: busybox:1.28
command: [ "sh", "-c", "while [ true ]; do echo 'Hello'; sleep 10; done | tee -a /logs/hello.txt" ]
volumeMounts:
- name: workdir1
mountPath: /logs
# The variable expansion uses round brackets (not curly brackets).
subPathExpr: $(POD_NAME)
restartPolicy: Never
volumes:
- name: workdir1
hostPath:
path: /var/log/pods
```
--> -->
```yaml ```yaml
apiVersion: v1 apiVersion: v1