Merge pull request #42170 from my-git9/path-9296

k8s-ci-robot · web-flow · commit 3c791b84ff92 · 2023-07-24T19:56:04.000-07:00
[zh-cn] sync user-namespace
diff --git a/content/zh-cn/docs/concepts/workloads/pods/user-namespaces.md b/content/zh-cn/docs/concepts/workloads/pods/user-namespaces.md
@@ -80,33 +80,39 @@ ext4, xfs, fat, tmpfs, overlayfs.
 Linux 6.3 中支持 idmap 挂载的一些比较流行的文件系统是：btrfs、ext4、xfs、fat、
 tmpfs、overlayfs。
 
-<!-- When merging this with the dev-1.27 branch conflicts will arise. The text
-as it is in the dev-1.27 branch should be used. -->
 <!--
 In addition, support is needed in the
 {{< glossary_tooltip text="container runtime" term_id="container-runtime" >}}
 to use this feature with Kubernetes stateless pods:
 
 * CRI-O: version 1.25 (and later) supports user namespaces for containers.
-
-Please note that containerd v1.7 supports user namespaces for containers,
-compatible with Kubernetes {{< skew currentPatchVersion >}}. It should not be used
-with Kubernetes 1.27 (and later).
-
-Support for this in [cri-dockerd is not planned][CRI-dockerd-issue] yet.
 -->
 
 此外，需要在{{< glossary_tooltip text="容器运行时" term_id="container-runtime" >}}提供支持，
 才能在 Kubernetes 无状态 Pod 中使用这一功能：
 
 * CRI-O：1.25（及更高）版本支持配置容器的用户命名空间。
 
-请注意，containerd v1.7 支持配置容器的用户命名空间，与 Kubernetes {{< skew currentPatchVersion >}}
-兼容。它不应与 Kubernetes 1.27（及更高）版本一起使用。
-
-目前 [cri-dockerd 没有计划][CRI-dockerd-issue]支持此功能。
-
-[CRI-dockerd-issue]: https://github.com/Mirantis/cri-dockerd/issues/74
+<!--
+containerd v1.7 is not compatible with the userns support in Kubernetes v{{< skew currentVersion >}}.
+Kubernetes v1.25 and v1.26 used an earlier implementation that **is** compatible with containerd v1.7,
+in terms of userns support.
+If you are using a version of Kubernetes other than {{< skew currentVersion >}},
+check the documentation for that version of Kubernetes for the most relevant information.
+If there is a newer release of containerd than v1.7 available for use, also check the containerd
+documentation for compatibility information.
+
+You can see the status of user namespaces support in cri-dockerd tracked in an [issue][CRI-dockerd-issue]
+on GitHub.
+-->
+containerd v1.7 与 Kubernetes v{{< skew currentVersion >}} 中的用户命名空间不兼容。
+Kubernetes v1.25 和 v1.26 使用了早期的实现，在用户命名空间方面与 containerd v1.7 兼容。
+如果你使用的 Kubernetes 版本不是 {{< skew currentVersion >}}，请查看该版本 Kubernetes
+的文档以获取更准确的信息。
+如果有比 v1.7 更新的 containerd 版本可供使用，请检查 containerd 文档以获取兼容性信息。
+
+你可以在 GitHub 上的 [issue][CRI-dockerd-issue] 中查看 cri-dockerd
+中用户命名空间支持的状态。
 
 <!--
 ## Introduction
