Merge pull request #42094 from windsonsea/kubesy

k8s-ci-robot · web-flow · commit 6013fb11df6c · 2023-07-26T01:08:19.000-07:00
[zh] sync dual-stack-support.md and kubespray.md
diff --git a/content/zh-cn/docs/setup/production-environment/tools/kubeadm/dual-stack-support.md b/content/zh-cn/docs/setup/production-environment/tools/kubeadm/dual-stack-support.md
@@ -4,7 +4,6 @@ content_type: task
 weight: 100
 min-kubernetes-server-version: 1.21
 ---
-
 <!--
 title: Dual-stack support with kubeadm
 content_type: task
@@ -17,28 +16,35 @@ min-kubernetes-server-version: 1.21
 {{< feature-state for_k8s_version="v1.23" state="stable" >}}
 
 <!--
-Your Kubernetes cluster includes [dual-stack](/docs/concepts/services-networking/dual-stack/) networking, which means that cluster networking lets you use either address family. In a cluster, the control plane can assign both an IPv4 address and an IPv6 address to a single {{< glossary_tooltip text="Pod" term_id="pod" >}} or a {{< glossary_tooltip text="Service" term_id="service" >}}.
+Your Kubernetes cluster includes [dual-stack](/docs/concepts/services-networking/dual-stack/)
+networking, which means that cluster networking lets you use either address family.
+In a cluster, the control plane can assign both an IPv4 address and an IPv6 address to a single
+{{< glossary_tooltip text="Pod" term_id="pod" >}} or a {{< glossary_tooltip text="Service" term_id="service" >}}.
 -->
 你的集群包含[双协议栈](/zh-cn/docs/concepts/services-networking/dual-stack/)组网支持，
 这意味着集群网络允许你在两种地址族间任选其一。在集群中，控制面可以为同一个
-{{< glossary_tooltip text="Pod" term_id="pod" >}} 或者 {{< glossary_tooltip text="Service" term_id="service" >}}
+{{< glossary_tooltip text="Pod" term_id="pod" >}} 或者
+{{< glossary_tooltip text="Service" term_id="service" >}}
 同时赋予 IPv4 和 IPv6 地址。
 
 <!-- body -->
 
 ## {{% heading "prerequisites" %}}
 
 <!--
-You need to have installed the {{< glossary_tooltip text="kubeadm" term_id="kubeadm" >}} tool, following the steps from [Installing kubeadm](/docs/setup/production-environment/tools/kubeadm/install-kubeadm/).
+You need to have installed the {{< glossary_tooltip text="kubeadm" term_id="kubeadm" >}} tool,
+following the steps from [Installing kubeadm](/docs/setup/production-environment/tools/kubeadm/install-kubeadm/).
 -->
 你需要已经遵从[安装 kubeadm](/zh-cn/docs/setup/production-environment/tools/kubeadm/install-kubeadm/)
 中所给的步骤安装了 {{< glossary_tooltip text="kubeadm" term_id="kubeadm" >}} 工具。
 
 <!--
-For each server that you want to use as a {{< glossary_tooltip text="node" term_id="node" >}}, make sure it allows IPv6 forwarding. On Linux, you can set this by running run `sysctl -w net.ipv6.conf.all.forwarding=1` as the root user on each server.
+For each server that you want to use as a {{< glossary_tooltip text="node" term_id="node" >}},
+make sure it allows IPv6 forwarding. On Linux, you can set this by running run
+`sysctl -w net.ipv6.conf.all.forwarding=1` as the root user on each server.
 -->
 针对你要作为{{< glossary_tooltip text="节点" term_id="node" >}}使用的每台服务器，
-确保其允许 IPv6 转发。在 Linux 节点上，你可以通过以 root 用户在每台服务器上运行 
+确保其允许 IPv6 转发。在 Linux 节点上，你可以通过以 root 用户在每台服务器上运行
 `sysctl -w net.ipv6.conf.all.forwarding=1` 来完成设置。
 
 <!--
@@ -50,10 +56,9 @@ You don't have to route the cluster's IP address ranges to the public internet.
 The size of the IP address allocations should be suitable for the number of Pods and
 Services that you are planning to run.
 -->
-你需要一个可以使用的 IPv4 和 IPv6 地址范围。集群操作人员通常为 IPv4 使用
+你需要一个可以使用的 IPv4 和 IPv6 地址范围。集群操作人员通常对于 IPv4 使用
 私有地址范围。对于 IPv6，集群操作人员通常会基于分配给该操作人员的地址范围，
-从 `2000::/3` 中选择一个全局的单播地址块。你不需要将集群的 IP 地址范围路由
-到公众互联网。
+从 `2000::/3` 中选择一个全局的单播地址块。你不需要将集群的 IP 地址范围路由到公众互联网。
 
 所分配的 IP 地址数量应该与你计划运行的 Pod 和 Service 的数量相适应。
 
@@ -77,6 +82,9 @@ similar to the following example:
 
 要使用 `kubeadm init` 创建一个双协议栈集群，你可以传递与下面的例子类似的命令行参数：
 
+<!--
+# These address ranges are examples
+-->
 ```shell
 # 这里的地址范围仅作示例使用
 kubeadm init --pod-network-cidr=10.244.0.0/16,2001:db8:42:0::/56 --service-cidr=10.96.0.0/16,2001:db8:42:1::/112
@@ -110,7 +118,9 @@ nodeRegistration:
 ```
 
 <!--
-`advertiseAddress` in InitConfiguration specifies the IP address that the API Server will advertise it is listening on. The value of `advertiseAddress` equals the `--apiserver-advertise-address` flag of `kubeadm init`
+`advertiseAddress` in InitConfiguration specifies the IP address that the API Server
+will advertise it is listening on. The value of `advertiseAddress` equals the
+`--apiserver-advertise-address` flag of `kubeadm init`.
 
 Run kubeadm to initiate the dual-stack control plane node:
 -->
@@ -125,7 +135,8 @@ kubeadm init --config=kubeadm-config.yaml
 ```
 
 <!--
-The kube-controller-manager flags `--node-cidr-mask-size-ipv4|--node-cidr-mask-size-ipv6` are set with default values. See [configure IPv4/IPv6 dual stack](/docs/concepts/services-networking/dual-stack#configure-ipv4-ipv6-dual-stack).
+The kube-controller-manager flags `--node-cidr-mask-size-ipv4|--node-cidr-mask-size-ipv6`
+are set with default values. See [configure IPv4/IPv6 dual stack](/docs/concepts/services-networking/dual-stack#configure-ipv4-ipv6-dual-stack).
 -->
 kube-controller-manager 标志 `--node-cidr-mask-size-ipv4|--node-cidr-mask-size-ipv6`
 是使用默认值来设置的。参见[配置 IPv4/IPv6 双协议栈](/zh-cn/docs/concepts/services-networking/dual-stack#configure-ipv4-ipv6-dual-stack)。
@@ -153,6 +164,9 @@ Here is an example kubeadm [configuration file](/docs/reference/config-api/kubea
 [配置文件](/zh-cn/docs/reference/config-api/kubeadm-config.v1beta3/)
 示例用于向集群中添加工作节点。
 
+<!--
+# change auth info above to match the actual token and CA certificate hash for your cluster
+-->
 ```yaml
 apiVersion: kubeadm.k8s.io/v1beta3
 kind: JoinConfiguration
@@ -176,6 +190,9 @@ Also, here is an example kubeadm [configuration file](/docs/reference/config-api
 [配置文件](/zh-cn/docs/reference/config-api/kubeadm-config.v1beta3/)
 示例用于向集群中添加另一个控制面节点。
 
+<!--
+# change auth info above to match the actual token and CA certificate hash for your cluster
+-->
 ```yaml
 apiVersion: kubeadm.k8s.io/v1beta3
 kind: JoinConfiguration
@@ -196,7 +213,9 @@ nodeRegistration:
 ```
 
 <!--
-`advertiseAddress` in JoinConfiguration.controlPlane specifies the IP address that the API Server will advertise it is listening on. The value of `advertiseAddress` equals the `--apiserver-advertise-address` flag of `kubeadm join`.
+`advertiseAddress` in JoinConfiguration.controlPlane specifies the IP address that the
+API Server will advertise it is listening on. The value of `advertiseAddress` equals
+the `--apiserver-advertise-address` flag of `kubeadm join`.
 -->
 JoinConfiguration.controlPlane 中的 `advertiseAddress` 设定 API 服务器将公告自身要监听的
 IP 地址。`advertiseAddress` 的取值与 `kubeadm join` 的标志
@@ -246,5 +265,4 @@ networking:
 -->
 * [验证 IPv4/IPv6 双协议栈](/zh-cn/docs/tasks/network/validate-dual-stack)联网
 * 阅读[双协议栈](/zh-cn/docs/concepts/services-networking/dual-stack/)集群网络
-* 进一步了解 kubeadm [配置格式](/docs/reference/config-api/kubeadm-config.v1beta3/)
-
+* 进一步了解 kubeadm [配置格式](/zh-cn/docs/reference/config-api/kubeadm-config.v1beta3/)
diff --git a/content/zh-cn/docs/setup/production-environment/tools/kubespray.md b/content/zh-cn/docs/setup/production-environment/tools/kubespray.md
@@ -12,14 +12,18 @@ weight: 30
 <!-- overview -->
 
 <!--
-This quickstart helps to install a Kubernetes cluster hosted on GCE, Azure, OpenStack, AWS, vSphere, Equinix Metal (formerly Packet), Oracle Cloud Infrastructure (Experimental) or Baremetal with [Kubespray](https://github.com/kubernetes-sigs/kubespray).
+This quickstart helps to install a Kubernetes cluster hosted on GCE, Azure, OpenStack,
+AWS, vSphere, Equinix Metal (formerly Packet), Oracle Cloud Infrastructure (Experimental)
+or Baremetal with [Kubespray](https://github.com/kubernetes-sigs/kubespray).
 -->
 此快速入门有助于使用 [Kubespray](https://github.com/kubernetes-sigs/kubespray)
 安装在 GCE、Azure、OpenStack、AWS、vSphere、Equinix Metal（曾用名 Packet）、Oracle Cloud
 Infrastructure（实验性）或 Baremetal 上托管的 Kubernetes 集群。
 
 <!--
-Kubespray is a composition of [Ansible](https://docs.ansible.com/) playbooks, [inventory](https://github.com/kubernetes-sigs/kubespray/blob/master/docs/ansible.md#inventory), provisioning tools, and domain knowledge for generic OS/Kubernetes clusters configuration management tasks. 
+Kubespray is a composition of [Ansible](https://docs.ansible.com/) playbooks,
+[inventory](https://github.com/kubernetes-sigs/kubespray/blob/master/docs/ansible.md#inventory),
+provisioning tools, and domain knowledge for generic OS/Kubernetes clusters configuration management tasks.
 
 Kubespray provides:
 -->
@@ -65,7 +69,8 @@ Kubespray 提供：
 - 持续集成测试
 
 <!--
-To choose a tool which best fits your use case, read [this comparison](https://github.com/kubernetes-sigs/kubespray/blob/master/docs/comparisons.md) to
+To choose a tool which best fits your use case, read
+[this comparison](https://github.com/kubernetes-sigs/kubespray/blob/master/docs/comparisons.md) to
 [kubeadm](/docs/reference/setup-tools/kubeadm/) and [kops](/docs/setup/production-environment/tools/kops/).
 -->
 要选择最适合你的用例的工具，请阅读
@@ -95,8 +100,11 @@ Provision servers with the following [requirements](https://github.com/kubernete
 * The target servers must have **access to the Internet** in order to pull docker images. Otherwise, additional configuration is required See ([Offline Environment](https://github.com/kubernetes-sigs/kubespray/blob/master/docs/offline-environment.md))
 * The target servers are configured to allow **IPv4 forwarding**.
 * If using IPv6 for pods and services, the target servers are configured to allow **IPv6 forwarding**.
-* The **firewalls are not managed**, you'll need to implement your own rules the way you used to. in order to avoid any issue during deployment you should disable your firewall.
-* If kubespray is run from non-root user account, correct privilege escalation method should be configured in the target servers. Then the `ansible_become` flag or command parameters `--become` or `-b` should be specified.
+* The **firewalls are not managed**, you'll need to implement your own rules the way you used to.
+  in order to avoid any issue during deployment you should disable your firewall.
+* If kubespray is run from non-root user account, correct privilege escalation method
+  should be configured in the target servers. Then the `ansible_become` flag or command
+  parameters `--become` or `-b` should be specified.
 -->
 * **Kubernetes** 的最低版本要求为 V1.22
 * **在将运行 Ansible 命令的计算机上安装 Ansible v2.11（或更高版本）、Jinja 2.11（或更高版本）和 python-netaddr**
@@ -126,7 +134,10 @@ Kubespray 提供以下实用程序来帮助你设置环境：
 <!--
 ### (2/5) Compose an inventory file
 
-After you provision your servers, create an [inventory file for Ansible](https://docs.ansible.com/ansible/latest/network/getting_started/first_inventory.html). You can do this manually or via a dynamic inventory script. For more information, see "[Building your own inventory](https://github.com/kubernetes-sigs/kubespray/blob/master/docs/getting-started.md#building-your-own-inventory)".
+After you provision your servers, create an
+[inventory file for Ansible](https://docs.ansible.com/ansible/latest/network/getting_started/first_inventory.html).
+You can do this manually or via a dynamic inventory script. For more information,
+see "[Building your own inventory](https://github.com/kubernetes-sigs/kubespray/blob/master/docs/getting-started.md#building-your-own-inventory)".
 
 ### (3/5) Plan your cluster deployment
 
@@ -156,7 +167,7 @@ Kubespray 能够自定义部署的许多方面：
   * {{< glossary_tooltip term_id="cri-o" >}}
 * Certificate generation methods
 -->
-* 选择部署模式： kubeadm 或非 kubeadm
+* 选择部署模式：kubeadm 或非 kubeadm
 * CNI（网络）插件
 * DNS 配置
 * 控制平面的选择：本机/可执行文件或容器化
@@ -169,7 +180,10 @@ Kubespray 能够自定义部署的许多方面：
 * 证书生成方式
 
 <!--
-Kubespray customizations can be made to a [variable file](https://docs.ansible.com/ansible/latest/user_guide/playbooks_variables.html). If you are getting started with Kubespray, consider using the Kubespray defaults to deploy your cluster and explore Kubernetes.
+Kubespray customizations can be made to a
+[variable file](https://docs.ansible.com/ansible/latest/user_guide/playbooks_variables.html).
+If you are getting started with Kubespray, consider using the Kubespray
+defaults to deploy your cluster and explore Kubernetes.
 -->
 可以修改[变量文件](https://docs.ansible.com/ansible/latest/user_guide/playbooks_variables.html)以进行
 Kubespray 定制。
@@ -180,7 +194,8 @@ Kubespray 定制。
 
 Next, deploy your cluster:
 
-Cluster deployment using [ansible-playbook](https://github.com/kubernetes-sigs/kubespray/blob/master/docs/getting-started.md#starting-custom-deployment).
+Cluster deployment using
+[ansible-playbook](https://github.com/kubernetes-sigs/kubespray/blob/master/docs/getting-started.md#starting-custom-deployment).
 -->
 ### （4/5）部署集群
 
@@ -195,7 +210,9 @@ ansible-playbook -i your/inventory/inventory.ini cluster.yml -b -v \
 ```
 
 <!--
-Large deployments (100+ nodes) may require [specific adjustments](https://github.com/kubernetes-sigs/kubespray/blob/master/docs/large-deployments.md) for best results.
+Large deployments (100+ nodes) may require
+[specific adjustments](https://github.com/kubernetes-sigs/kubespray/blob/master/docs/large-deployments.md)
+for best results.
 -->
 大型部署（超过 100 个节点）
 可能需要[特定的调整](https://github.com/kubernetes-sigs/kubespray/blob/master/docs/large-deployments.md)，
@@ -204,7 +221,11 @@ Large deployments (100+ nodes) may require [specific adjustments](https://github
 <!--
 ### (5/5) Verify the deployment
 
-Kubespray provides a way to verify inter-pod connectivity and DNS resolve with [Netchecker](https://github.com/kubernetes-sigs/kubespray/blob/master/docs/netcheck.md). Netchecker ensures the netchecker-agents pods can resolve DNS requests and ping each over within the default namespace. Those pods mimic similar behavior as the rest of the workloads and serve as cluster health indicators.
+Kubespray provides a way to verify inter-pod connectivity and DNS resolve with
+[Netchecker](https://github.com/kubernetes-sigs/kubespray/blob/master/docs/netcheck.md).
+Netchecker ensures the netchecker-agents pods can resolve DNS requests and ping each
+over within the default namespace. Those pods mimic similar behavior as the rest
+of the workloads and serve as cluster health indicators.
 -->
 ### （5/5）验证部署
 
@@ -227,8 +248,10 @@ Kubespray 提供了其他 Playbook 来管理集群： **scale** 和 **upgrade**
 <!--
 ### Scale your cluster
 
-You can add worker nodes from your cluster by running the scale playbook. For more information, see "[Adding nodes](https://github.com/kubernetes-sigs/kubespray/blob/master/docs/getting-started.md#adding-nodes)".
-You can remove worker nodes from your cluster by running the remove-node playbook. For more information, see "[Remove nodes](https://github.com/kubernetes-sigs/kubespray/blob/master/docs/getting-started.md#remove-nodes)".
+You can add worker nodes from your cluster by running the scale playbook. For more information,
+see "[Adding nodes](https://github.com/kubernetes-sigs/kubespray/blob/master/docs/getting-started.md#adding-nodes)".
+You can remove worker nodes from your cluster by running the remove-node playbook. For more information,
+see "[Remove nodes](https://github.com/kubernetes-sigs/kubespray/blob/master/docs/getting-started.md#remove-nodes)".
 -->
 ### 扩展集群   {#scale-your-cluster}
 
@@ -240,7 +263,8 @@ You can remove worker nodes from your cluster by running the remove-node playboo
 <!--
 ### Upgrade your cluster
 
-You can upgrade your cluster by running the upgrade-cluster playbook. For more information, see "[Upgrades](https://github.com/kubernetes-sigs/kubespray/blob/master/docs/upgrades.md)".
+You can upgrade your cluster by running the upgrade-cluster playbook. For more information,
+see "[Upgrades](https://github.com/kubernetes-sigs/kubespray/blob/master/docs/upgrades.md)".
 -->
 ### 升级集群   {#upgrade-your-cluster}
 
@@ -250,7 +274,8 @@ You can upgrade your cluster by running the upgrade-cluster playbook. For more i
 <!--
 ## Cleanup
 
-You can reset your nodes and wipe out all components installed with Kubespray via the [reset playbook](https://github.com/kubernetes-sigs/kubespray/blob/master/reset.yml).
+You can reset your nodes and wipe out all components installed with Kubespray
+via the [reset playbook](https://github.com/kubernetes-sigs/kubespray/blob/master/reset.yml).
 -->
 ## 清理   {#cleanup}
 
@@ -267,7 +292,8 @@ When running the reset playbook, be sure not to accidentally target your product
 <!--
 ## Feedback
 
-* Slack Channel: [#kubespray](https://kubernetes.slack.com/messages/kubespray/) (You can get your invite [here](https://slack.k8s.io/)).
+* Slack Channel: [#kubespray](https://kubernetes.slack.com/messages/kubespray/)
+  (You can get your invite [here](https://slack.k8s.io/)).
 * [GitHub Issues](https://github.com/kubernetes-sigs/kubespray/issues).
 -->
 ## 反馈   {#feedback}
@@ -282,6 +308,6 @@ When running the reset playbook, be sure not to accidentally target your product
 * Check out planned work on Kubespray's [roadmap](https://github.com/kubernetes-sigs/kubespray/blob/master/docs/roadmap.md).
 * Learn more about [Kubespray](https://github.com/kubernetes-sigs/kubespray).
 -->
-* 查看有关 Kubespray 的
+* 查看有关 Kubespray
   [路线图](https://github.com/kubernetes-sigs/kubespray/blob/master/docs/roadmap.md)的计划工作。
 * 查阅有关 [Kubespray](https://github.com/kubernetes-sigs/kubespray) 的更多信息。
