sync configure-upgrade-etc kubeadm-certs verify-signed-artifacts

2023-10-07 13:12:46 +08:00 · 2023-10-07 13:12:46 +08:00 · dd7930f5d7
parent 9d88e756e7
commit dd7930f5d7
3 changed files with 16 additions and 4 deletions
--- a/content/zh-cn/docs/tasks/administer-cluster/configure-upgrade-etcd.md
+++ b/content/zh-cn/docs/tasks/administer-cluster/configure-upgrade-etcd.md
@ -21,6 +21,17 @@ weight: 270

 {{< include "task-tutorial-prereqs.md" >}} {{< version-check >}}

+<!--
+You need to have a Kubernetes cluster, and the kubectl command-line tool must
+be configured to communicate with your cluster. It is recommended to run this
+task on a cluster with at least two nodes that are not acting as control plane
+nodes . If you do not already have a cluster, you can create one by using
+[minikube](https://minikube.sigs.k8s.io/docs/tutorials/multi_node/).
+-->
+你需要有一个 Kubernetes 集群，并且必须配置 kubectl 命令行工具以与你的集群通信。
+建议在至少有两个不充当控制平面的节点上运行此任务。如果你还没有集群，
+你可以使用 [minikube](https://minikube.sigs.k8s.io/docs/tutorials/multi_node/) 创建一个。
+
 <!-- steps -->

 <!--
--- a/content/zh-cn/docs/tasks/administer-cluster/kubeadm/kubeadm-certs.md
+++ b/content/zh-cn/docs/tasks/administer-cluster/kubeadm/kubeadm-certs.md
@ -607,13 +607,14 @@ IP 或域名请求服务证书。
 During cluster creation, kubeadm signs the certificate in the `admin.conf` to have
 `Subject: O = system:masters, CN = kubernetes-admin`.
 [`system:masters`](/docs/reference/access-authn-authz/rbac/#user-facing-roles)
-is a break-glass, super user group that bypasses the authorization layer (e.g. RBAC).
+is a break-glass, super user group that bypasses the authorization layer (for example,
+[RBAC](/docs/reference/access-authn-authz/rbac/)).
 Sharing the `admin.conf` with additional users is **not recommended**!
 -->
 在集群创建过程中，kubeadm 对 `admin.conf` 中的证书进行签名时，将其配置为
 `Subject: O = system:masters, CN = kubernetes-admin`。
 [`system:masters`](/zh-cn/docs/reference/access-authn-authz/rbac/#user-facing-roles)
-是一个例外的超级用户组，可以绕过鉴权层（例如 RBAC）。
+是一个例外的超级用户组，可以绕过鉴权层（例如 [RBAC](/zh-cn/docs/reference/access-authn-authz/rbac/)）。
 强烈建议不要将 `admin.conf` 文件与任何人共享。

 <!--
--- a/content/zh-cn/docs/tasks/administer-cluster/verify-signed-artifacts.md
+++ b/content/zh-cn/docs/tasks/administer-cluster/verify-signed-artifacts.md
@ -22,13 +22,13 @@ You will need to have the following tools installed:

 - `cosign` ([install guide](https://docs.sigstore.dev/cosign/installation/))
 - `curl` (often provided by your operating system)
- `jq` ([download jq](https://stedolan.github.io/jq/download/))
+- `jq` ([download jq](https://jqlang.github.io/jq/download/))
 -->
 你需要安装以下工具：

 - `cosign`（[安装指南](https://docs.sigstore.dev/cosign/installation/)）
 - `curl`（通常由你的操作系统提供）
- `jq`（[下载 jq](https://stedlan.github.io/jq/download/)）
+- `jq`（[下载 jq](https://jqlang.github.io/jq/download/)）


 <!--