Merge pull request #40157 from asa3311/Reference-files-to-sync-task-2

[zh-cn]Reference files to sync task 3

Author: k8s-ci-robot

content/zh-cn/docs/reference/kubernetes-api/common-parameters/common-parameters.md

@@ -6,7 +6,7 @@ api_metadata:
 content_type: "api_reference"
 description: ""
 title: "常用参数"
-weight: 10
+weight: 11
 auto_generated: true
 ---
 

content/zh-cn/docs/reference/kubernetes-api/policy-resources/network-policy-v1.md

@@ -136,36 +136,36 @@ NetworkPolicySpec 定义特定 NetworkPolicy 所需的所有信息.
       IPBlock defines policy on a particular IPBlock. If this field is set then neither of the other fields can be.
 
       <a name="IPBlock"></a>
-      *IPBlock describes a particular CIDR (Ex. "192.168.1.1/24","2001:db9::/64") that is allowed to the pods matched by a NetworkPolicySpec's podSelector. The except entry describes CIDRs that should not be included within this rule.*
+      *IPBlock describes a particular CIDR (Ex. "192.168.1.0/24","2001:db8::/64") that is allowed to the pods matched by a NetworkPolicySpec's podSelector. The except entry describes CIDRs that should not be included within this rule.*
     -->  
 
     - **ingress.from.ipBlock** (IPBlock)
 
       IPBlock 针对特定的 IP CIDR 范围设置策略。如果设置了此字段，则不可以设置其他字段。
 
       <a name="IPBlock"></a>
-      IPBlock 定义一个特定的 CIDR 范围（例如 `192.168.1.1/24`、`2001:db9::/64`），
+      IPBlock 定义一个特定的 CIDR 范围（例如 `192.168.1.0/24`、`2001:db8::/64`），
       来自这个 IP 范围的流量来源将会被允许访问与 NetworkPolicySpec 的 podSelector 匹配的 Pod 集合。
       except 字段则设置应排除在此规则之外的 CIDR 范围。
 
       <!--
       - **ingress.from.ipBlock.cidr** (string), required
 
-        CIDR is a string representing the IP Block Valid examples are "192.168.1.1/24" or "2001:db9::/64"
+        CIDR is a string representing the IP Block Valid examples are "192.168.1.0/24" or "2001:db8::/64"
 
       - **ingress.from.ipBlock.except** ([]string)
 
-        Except is a slice of CIDRs that should not be included within an IP Block Valid examples are "192.168.1.1/24" or "2001:db9::/64" Except values will be rejected if they are outside the CIDR range
+        Except is a slice of CIDRs that should not be included within an IP Block Valid examples are "192.168.1.0/24" or "2001:db8::/64" Except values will be rejected if they are outside the CIDR range
       -->
       
       - **ingress.from.ipBlock.cidr** (string)，必需
 
-        CIDR 是指定 IP 组块的字符串，例如 `"192.168.1.1/24"` 或 `"2001:db9::/64"`。
+        CIDR 是指定 IP 组块的字符串，例如 `"192.168.1.0/24"` 或 `"2001:db8::/64"`。
 
       - **ingress.from.ipBlock.except** ([]string)
 
         except 是一个由 CIDR 范围组成的列表，其中指定的 CIDR 都应排除在此 IP 区块范围之外。
-        例如 `"192.168.1.1/24"` 或 `"2001:db9::/64"`。
+        例如 `"192.168.1.0/24"` 或 `"2001:db8::/64"`。
         如果 except 字段的值超出 ipBlock.cidr 的范围则被视为无效策略。
 
     <!--
@@ -302,35 +302,35 @@ NetworkPolicySpec 定义特定 NetworkPolicy 所需的所有信息.
       IPBlock defines policy on a particular IPBlock. If this field is set then neither of the other fields can be.
 
       <a name="IPBlock"></a>
-      *IPBlock describes a particular CIDR (Ex. "192.168.1.1/24","2001:db9::/64") that is allowed to the pods matched by a NetworkPolicySpec's podSelector. The except entry describes CIDRs that should not be included within this rule.*
+      *IPBlock describes a particular CIDR (Ex. "192.168.1.0/24","2001:db8::/64") that is allowed to the pods matched by a NetworkPolicySpec's podSelector. The except entry describes CIDRs that should not be included within this rule.*
     -->
 
     - **egress.to.ipBlock** (IPBlock)
 
       ipBlock 针对特定的 IP 区块定义策略。如果设置了此字段，则其他不可以设置其他字段。
 
       <a name="IPBlock"></a>
-      **IPBlock 描述一个特定的 CIDR 范围（例如 `192.168.1.1/24`、`2001:db9::/64`），
+      **IPBlock 描述一个特定的 CIDR 范围（例如 `192.168.1.0/24`、`2001:db8::/64`），
       与 NetworkPolicySpec 的 podSelector 匹配的 Pod 将被允许连接到这个 IP 范围，作为其出口流量目的地。
       except 字段则设置了不被此规则影响的 CIDR 范围。**
 
       <!--
       - **egress.to.ipBlock.cidr** (string), required
 
-        CIDR is a string representing the IP Block Valid examples are "192.168.1.1/24" or "2001:db9::/64"
+        CIDR is a string representing the IP Block Valid examples are "192.168.1.0/24" or "2001:db8::/64"
 
       - **egress.to.ipBlock.except** ([]string)
 
-        Except is a slice of CIDRs that should not be included within an IP Block Valid examples are "192.168.1.1/24" or "2001:db9::/64" Except values will be rejected if they are outside the CIDR range
+        Except is a slice of CIDRs that should not be included within an IP Block Valid examples are "192.168.1.0/24" or "2001:db8::/64" Except values will be rejected if they are outside the CIDR range
       -->
 
       - **egress.to.ipBlock.cidr** (string)，必需
 
-        CIDR 是用来表达 IP 组块的字符串，例如 `"192.168.1.1/24"` 或 `"2001:db9::/64"`。
+        CIDR 是用来表达 IP 组块的字符串，例如 `"192.168.1.0/24"` 或 `"2001:db8::/64"`。
 
       - **egress.to.ipBlock.except** ([]string)
 
-        except 定义不应包含在 ipBlock 内的 CIDR 范围列表。例如 `"192.168.1.1/24"` 或 `"2001:db9::/64"`。
+        except 定义不应包含在 ipBlock 内的 CIDR 范围列表。例如 `"192.168.1.0/24"` 或 `"2001:db8::/64"`。
         如果 except 的值超出 ipBlock.cidr 的范围则被拒绝。
 
     <!--

content/zh-cn/docs/reference/kubernetes-api/service-resources/endpoint-slice-v1.md

@@ -119,24 +119,22 @@ EndpointSlice 是实现某 Service 的端点的子集。一个 Service 可以有
     - **endpoints.conditions.serving** (boolean)
 
       <!--
-      Serving is identical to ready except that it is set regardless of the terminating state of endpoints. This condition should be set to true for a ready endpoint that is terminating. If nil, consumers should defer to the ready condition. This field can be enabled with the EndpointSliceTerminatingCondition feature gate.
+      Serving is identical to ready except that it is set regardless of the terminating state of endpoints. This condition should be set to true for a ready endpoint that is terminating. If nil, consumers should defer to the ready condition.
       -->
       
       serving 和 ready 非常相似。唯一的不同在于,
       即便某端点的状态为 Terminating 也可以设置 serving。
       对于处在终止过程中的就绪端点，此状况应被设置为 “true”。
       如果设置为 nil，则消费者应该以 ready 值为准。
-      可以在 EndpointSliceTerminatingCondition 特性开关中启用此字段。
 
     - **endpoints.conditions.terminating** (boolean)
 
       <!--
-      terminating indicates that this endpoint is terminating. A nil value indicates an unknown state. Consumers should interpret this unknown state to mean that the endpoint is not terminating. This field can be enabled with the EndpointSliceTerminatingCondition feature gate.
+      terminating indicates that this endpoint is terminating. A nil value indicates an unknown state. Consumers should interpret this unknown state to mean that the endpoint is not terminating.
       -->
       
       terminating 说明当前端点正在终止过程中。nil 值表示状态未知。
       消费者应将这种未知状态视为端点并不处于终止过程中。
-      可以通过 EndpointSliceTerminatingCondition 特性门控启用此字段。
 
   - **endpoints.deprecatedTopology** (map[string]string)
 

content/zh-cn/docs/reference/kubernetes-api/service-resources/service-v1.md

@@ -363,33 +363,35 @@ ServiceSpec 描述用户在服务上创建的属性。
 - **externalTrafficPolicy** (string)
 
   <!-- 
-  externalTrafficPolicy denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints. "Local" preserves the client source IP and avoids a second hop for LoadBalancer and Nodeport type services, but risks potentially imbalanced traffic spreading. "Cluster" obscures the client source IP and may cause a second hop to another node, but should have good overall load-spreading. 
+  externalTrafficPolicy describes how nodes distribute service traffic they receive on one of the Service's "externally-facing" addresses (NodePorts, ExternalIPs, and LoadBalancer IPs). If set to "Local", the proxy will configure the service in a way that assumes that external load balancers will take care of balancing the service traffic between nodes, and so each node will deliver traffic only to the node-local endpoints of the service, without masquerading the client source IP. (Traffic mistakenly sent to a node with no endpoints will be dropped.) The default value, "Cluster", uses the standard behavior of routing to all endpoints evenly (possibly modified by topology and other features). Note that traffic sent to an External IP or LoadBalancer IP from within the cluster will always get "Cluster" semantics, but clients sending to a NodePort from within the cluster may need to take traffic policy into account when picking a node.
   -->
-  externalTrafficPolicy 表示此 Service 是否希望将外部流量路由到节点本地或集群范围的 Endpoint。
-  字段值 “Local” 保留客户端 IP 并可避免 LoadBalancer 和 Nodeport 类型 Service 的第二跳，但存在潜在流量传播不平衡的风险。
-  字段值 “Cluster” 则会掩盖客户端源 IP，可能会导致第二次跳转到另一个节点，但整体流量负载分布较好。
+  externalTrafficPolicy 描述了节点如何分发它们在 Service 的“外部访问”地址（NodePort、ExternalIP 和 LoadBalancer IP）接收到的服务流量。
+  如果设置为“Local”，代理将以一种假设外部负载均衡器将负责在节点之间服务流量负载均衡，因此每个节点将仅向服务的节点本地端点传递流量，而不会伪装客户端源 IP。
+ （将丢弃错误发送到没有端点的节点的流量。）
+  “Cluster”默认值使用负载均衡路由到所有端点的策略（可能会根据拓扑和其他特性进行修改）。
+  请注意，从集群内部发送到 External IP 或 LoadBalancer IP 的流量始终具有“Cluster”语义，但是从集群内部发送到 NodePort 的客户端需要在选择节点时考虑流量路由策略。
 
 - **internalTrafficPolicy** (string)
 
   <!-- 
-  InternalTrafficPolicy specifies if the cluster internal traffic should be routed to all endpoints or node-local endpoints only. "Cluster" routes internal traffic to a Service to all endpoints. "Local" routes traffic to node-local endpoints only, traffic is dropped if no node-local endpoints are ready. The default value is "Cluster". 
+  InternalTrafficPolicy describes how nodes distribute service traffic they receive on the ClusterIP. If set to "Local", the proxy will assume that pods only want to talk to endpoints of the service on the same node as the pod, dropping the traffic if there are no local endpoints. The default value, "Cluster", uses the standard behavior of routing to all endpoints evenly (possibly modified by topology and other features).
   -->
-  internalTrafficPolicy 指定是将集群内部流量路由到所有端点还是仅路由到节点本地的端点。
-  字段值 “Cluster” 将 Service 的内部流量路由到所有端点。
-  字段值 ”Local” 意味着仅将流量路由到节点本地的端点；如果节点本地端点未准备好，则丢弃流量。
-  默认值为 “Cluster”。
+  InternalTrafficPolicy描述节点如何分发它们在ClusterIP上接收到的服务流量。
+  如果设置为"Local"，代理将假定pod只想与在同一节点上的服务端点通信，如果没有本地端点，它将丢弃流量。
+  "Cluster"默认将流量路由到所有端点（可能会根据拓扑和其他特性进行修改）。
 
 - **healthCheckNodePort** (int32)
 
   <!-- 
-  healthCheckNodePort specifies the healthcheck nodePort for the service. This only applies when type is set to LoadBalancer and externalTrafficPolicy is set to Local. If a value is specified, is in-range, and is not in use, it will be used.  If not specified, a value will be automatically allocated.  External systems (e.g. load-balancers) can use this port to determine if a given node holds endpoints for this service or not.  If this field is specified when creating a Service which does not need it, creation will fail. This field will be wiped when updating a Service to no longer need it (e.g. changing type). 
+  healthCheckNodePort specifies the healthcheck nodePort for the service. This only applies when type is set to LoadBalancer and externalTrafficPolicy is set to Local. If a value is specified, is in-range, and is not in use, it will be used.  If not specified, a value will be automatically allocated.  External systems (e.g. load-balancers) can use this port to determine if a given node holds endpoints for this service or not.  If this field is specified when creating a Service which does not need it, creation will fail. This field will be wiped when updating a Service to no longer need it (e.g. changing type). This field cannot be updated once set.
   -->
   healthCheckNodePort 指定 Service 的健康检查节点端口。
   仅适用于 type 为 LoadBalancer 且 externalTrafficPolicy 设置为 Local 的情况。
   如果为此字段设定了一个值，该值在合法范围内且没有被使用，则使用所指定的值。
   如果未设置此字段，则自动分配字段值。外部系统（例如负载平衡器）可以使用此端口来确定给定节点是否拥有此服务的端点。
   在创建不需要 healthCheckNodePort 的 Service 时指定了此字段，则 Service 创建会失败。
   要移除 healthCheckNodePort，需要更改 Service 的 type。
+  该字段一旦设置就无法更改。
 
 - **publishNotReadyAddresses** (boolean)