Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Zh-trans:/docs/concepts/extend-kubernetes/extend-cluster.md #16537

Merged
merged 5 commits into from Oct 3, 2019
Merged

Zh-trans:/docs/concepts/extend-kubernetes/extend-cluster.md #16537

merged 5 commits into from Oct 3, 2019

Conversation

MJ-CJM
Copy link

@MJ-CJM MJ-CJM commented Sep 24, 2019

No description provided.

@k8s-ci-robot k8s-ci-robot added cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. size/L Denotes a PR that changes 100-499 lines, ignoring generated files. labels Sep 24, 2019
@k8s-ci-robot k8s-ci-robot added language/zh Issues or PRs related to Chinese language sig/docs Categorizes an issue or PR as relevant to SIG Docs. labels Sep 24, 2019
sftim
sftim reviewed Sep 24, 2019
View reviewed changes
Copy link
Contributor

@sftim sftim left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Two minor suggestions

content/zh/docs/concepts/extend-kubernetes/extend-cluster.md Outdated

在托管的 Kubernetes 服务或受控安装的 Kubernetes 版本中,标志和配置文件可能并不总是可以更改的。而且当它们可以进行更改时,它们通常只能由集群管理员进行更改。此外,标志和配置文件在未来的 Kubernetes 版本中可能会发生变化,并且更改设置后它们可能需要重新启动进程。出于这些原因,只有在没有其他选择的情况下才使用它们。

*内置策略 API* ,例如 [ResourceQuota](/docs/concepts/policy/resource-quotas/)、[PodSecurityPolicies](/docs/concepts/policy/pod-security-policy/)、[NetworkPolicy](/docs/concepts/services-networking/network-policies/) 和基于角色的权限控制 ([RBAC](/docs/reference/access-authn-authz/rbac/)),是内置的 Kubernetes API。API 通常与托管的 Kubernetes 服务和受控的 Kubernetes 安装一起使用。
Copy link
Contributor

@sftim sftim Sep 24, 2019
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit:

Suggested change
*内置策略 API* ,例如 [ResourceQuota](/docs/concepts/policy/resource-quotas/)[PodSecurityPolicies](/docs/concepts/policy/pod-security-policy/)[NetworkPolicy](/docs/concepts/services-networking/network-policies/) 和基于角色的权限控制 ([RBAC](/docs/reference/access-authn-authz/rbac/)),是内置的 Kubernetes API。API 通常与托管的 Kubernetes 服务和受控的 Kubernetes 安装一起使用。
*内置策略 API* ,例如 [ResourceQuota](/docs/concepts/policy/resource-quotas/)[PodSecurityPolicy](/docs/concepts/policy/pod-security-policy/)[NetworkPolicy](/docs/concepts/services-networking/network-policies/) 和基于角色的权限控制 ([RBAC](/docs/reference/access-authn-authz/rbac/)),是内置的 Kubernetes API。API 通常与托管的 Kubernetes 服务和受控的 Kubernetes 安装一起使用。

content/zh/docs/concepts/extend-kubernetes/extend-cluster.md Outdated
1. 用户通常使用 `kubectl` 与 Kubernetes API 进行交互。[kubectl 插件](/docs/tasks/extend-kubectl/kubectl-plugins/)扩展了 kubectl 二进制程序。它们只影响个人用户的本地环境,因此不能执行站点范围的策略。
2. apiserver 处理所有请求。apiserver 中的几种类型的扩展点允许对请求进行身份认证或根据其内容对其进行阻止、编辑内容以及处理删除操作。这些内容在[API 访问扩展](/docs/concepts/overview/extending#api-access-extensions)小节中描述。
3. apiserver 提供各种 *资源* 。 *内置的资源种类* ,如 `pods`,由 Kubernetes 项目定义,不能更改。您还可以添加您自己定义的资源或其他项目已定义的资源,称为 自定义资源,如[自定义资源](/docs/concepts/overview/extending#user-defined-types)部分所述。自定义资源通常与 API 访问扩展一起使用。
4. Kubernetes 调度器决定将 pod 放置到哪个节点。有几种方法可以扩展调度器。这些内容在 [Scheduler Extensions](/docs/concepts/overview/extending#scheduler-extensions) 小节中描述。
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit:

Suggested change
4. Kubernetes 调度器决定将 pod 放置到哪个节点。有几种方法可以扩展调度器。这些内容在 [Scheduler Extensions](/docs/concepts/overview/extending#scheduler-extensions) 小节中描述。
4. Kubernetes 调度器决定将 Pod 放置到哪个节点。有几种方法可以扩展调度器。这些内容在 [Scheduler Extensions](/docs/concepts/overview/extending#scheduler-extensions) 小节中描述。

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you very much for your review,i have modied it.

it2911
it2911 reviewed Sep 25, 2019
View reviewed changes
content/zh/docs/concepts/extend-kubernetes/extend-cluster.md Outdated

在托管的 Kubernetes 服务或受控安装的 Kubernetes 版本中,标志和配置文件可能并不总是可以更改的。而且当它们可以进行更改时,它们通常只能由集群管理员进行更改。此外,标志和配置文件在未来的 Kubernetes 版本中可能会发生变化,并且更改设置后它们可能需要重新启动进程。出于这些原因,只有在没有其他选择的情况下才使用它们。

*内置策略 API* ,例如 [ResourceQuota](/docs/concepts/policy/resource-quotas/)、[PodSecurityPolicies](/docs/concepts/policy/pod-security-policy/)、[NetworkPolicy](/docs/concepts/services-networking/network-policies/) 和基于角色的权限控制 ([RBAC](/docs/reference/access-authn-authz/rbac/)),是内置的 Kubernetes API。API 通常与托管的 Kubernetes 服务和受控的 Kubernetes 安装一起使用。
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

是内置的 Kubernetes API 是什么意思?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

API 通常与托管的 Kubernetes 服务和受控的 Kubernetes 安装一起使用。
这句话也不通顺

content/zh/docs/concepts/extend-kubernetes/extend-cluster.md
在托管的 Kubernetes 服务或受控安装的 Kubernetes 版本中,标志和配置文件可能并不总是可以更改的。而且当它们可以进行更改时,它们通常只能由集群管理员进行更改。此外,标志和配置文件在未来的 Kubernetes 版本中可能会发生变化,并且更改设置后它们可能需要重新启动进程。出于这些原因,只有在没有其他选择的情况下才使用它们。

*内置策略 API* ,例如 [ResourceQuota](/docs/concepts/policy/resource-quotas/)、[PodSecurityPolicies](/docs/concepts/policy/pod-security-policy/)、[NetworkPolicy](/docs/concepts/services-networking/network-policies/) 和基于角色的权限控制 ([RBAC](/docs/reference/access-authn-authz/rbac/)),是内置的 Kubernetes API。API 通常与托管的 Kubernetes 服务和受控的 Kubernetes 安装一起使用。
它们是声明性的,并使用与其他 Kubernetes 资源(如 Pod )相同的约定,所以新的集群配置可以重复使用,并以与应用程序相同的方式进行管理。而且,当他们变稳定后,他们和其他 Kubernetes API 一样享受[定义支持政策](/docs/reference/deprecation-policy/)。出于这些原因,在合适的情况下它们优先于 *配置文件* 和 *标志* 被使用。
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

大哥,您这是机器翻译的么,机器翻译的您也整理一下呀,完全不通顺呀。

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

非常感谢您的审阅,可能翻译时有错误,不过不是机器翻译的,麻烦您给我纠正下。

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

我觉得倒还行

chenrui333
chenrui333 reviewed Oct 1, 2019
View reviewed changes
content/zh/docs/concepts/extend-kubernetes/extend-cluster.md Outdated

上述每个步骤都提供了扩展点。

Kubernetes 有几个它支持的内置认证方法。它还可以位于身份验证代理之后,并将授权 header 中的 token 发送给远程服务进行验证(webhook)。所有这些方法都在[身份验证文档](/docs/reference/access-authn-authz/authentication/)中介绍。
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
Kubernetes 有几个它支持的内置认证方法。它还可以位于身份验证代理之后,并将授权 header 中的 token 发送给远程服务进行验证(webhook)。所有这些方法都在[身份验证文档](/docs/reference/access-authn-authz/authentication/)中介绍。
Kubernetes 有几个它支持的内置认证方法。它还可以位于身份验证代理之后,并将授权 header 中的令牌发送给远程服务进行验证(webhook)。所有这些方法都在[身份验证文档](/docs/reference/access-authn-authz/authentication/)中介绍。

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

非常感谢睿哥的审阅,我已经把相关的段落修改完毕。

chenrui333
chenrui333 reviewed Oct 1, 2019
View reviewed changes
Copy link
Member

@chenrui333 chenrui333 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Oct 1, 2019
@k8s-ci-robot k8s-ci-robot removed the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Oct 3, 2019
@chenrui333
Copy link
Member

/lgtm
/approve

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Oct 3, 2019
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: chenrui333

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Oct 3, 2019
@chenrui333
Copy link
Member

谢谢!

@k8s-ci-robot k8s-ci-robot merged commit 5caf703 into kubernetes:release-1.14 Oct 3, 2019
SataQiu pushed a commit to SataQiu/website that referenced this pull request Oct 9, 2019
@MJ-CJM @SataQiu
Zh-trans:/docs/concepts/extend-kubernetes/extend-cluster.md (kubernet…
d95246e 
…es#16537)

* .

* .

* .

* .

* .
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@chenrui333 chenrui333 chenrui333 left review comments

@it2911 it2911 it2911 left review comments

@sftim sftim sftim left review comments

@xichengliudui xichengliudui Awaiting requested review from xichengliudui

@zhangxiaoyu-zidif zhangxiaoyu-zidif Awaiting requested review from zhangxiaoyu-zidif

Assignees

@chenrui333 chenrui333

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. language/zh Issues or PRs related to Chinese language lgtm "Looks good to me", indicates that a PR is ready to be merged. sig/docs Categorizes an issue or PR as relevant to SIG Docs. size/L Denotes a PR that changes 100-499 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@MJ-CJM @chenrui333 @k8s-ci-robot @it2911 @sftim