Merge pull request #49504 from windsonsea/resetyh

k8s-ci-robot · web-flow · commit e1eac164f293 · 2025-01-20T08:32:36.000-08:00
[zh] Sync kubeadm/kubeadm-reset.md
diff --git a/content/zh-cn/docs/reference/setup-tools/kubeadm/kubeadm-reset.md b/content/zh-cn/docs/reference/setup-tools/kubeadm/kubeadm-reset.md
@@ -45,9 +45,16 @@ the `kubeadm join` and `kubeadm init` phase runners.
 要跳过阶段列表，你可以使用 `--skip-phases` 参数，该参数的工作方式类似于 `kubeadm join` 和 `kubeadm init` 阶段运行器。
 
 <!--
-### External etcd clean up
+`kubeadm reset` also supports the `--config` flag for passing
+a [`ResetConfiguration` structure](/docs/reference/config-api/kubeadm-config.v1beta4/).
 -->
-### 外部 etcd 清理   {#external-etcd-clean-up}
+`kubeadm reset` 也支持使用 `--config` 参数来传递
+[`ResetConfiguration` 结构](/zh-cn/docs/reference/config-api/kubeadm-config.v1beta4/)。
+
+<!--
+### Cleanup of external etcd members
+-->
+### 清理外部 etcd 成员   {#cleanup-of-external-etcd-members}
 
 <!--
 `kubeadm reset` will not delete any etcd data if external etcd is used. This means that if you run `kubeadm init` again using the same etcd endpoints, you will see state from previous clusters.
@@ -69,6 +76,103 @@ See the [etcd documentation](https://github.com/coreos/etcd/tree/master/etcdctl)
 -->
 更多详情请参考 [etcd 文档](https://github.com/coreos/etcd/tree/master/etcdctl)。
 
+<!--
+### Cleanup of CNI configuration
+
+CNI plugins use the directory `/etc/cni/net.d` to store their configuration.
+The `kubeadm reset` command does not cleanup that directory. Leaving the configuration
+of a CNI plugin on a host can be problematic if the same host is later used
+as a new Kubernetes node and a different CNI plugin happens to be deployed in that cluster.
+It can result in a configuration conflict between CNI plugins.
+-->
+### 清理 CNI 配置   {#cleanup-of-cni-configuration}
+
+CNI 插件使用 `/etc/cni/net.d` 目录来存储其配置。
+`kubeadm reset` 命令不会清理该目录。
+如果同一个主机之后被用作新的 Kubernetes 节点，并且另一个 CNI 插件要被部署到该集群中，
+那在主机上保留 CNI 插件的配置可能会出现问题。这可能会导致 CNI 插件之间的配置冲突。
+
+<!--
+To cleanup the directory, backup its contents if needed and then execute
+the following command:
+-->
+要清理此目录，必要时先备份其内容，再执行以下命令：
+
+```bash
+sudo rm -rf /etc/cni/net.d
+```
+
+<!--
+### Cleanup of network traffic rules
+
+The `kubeadm reset` command does not clean any iptables, nftables or IPVS rules applied
+to the host by kube-proxy. A control loop in kube-proxy ensures that the rules on each node
+host are synchronized. For additional details please see
+[Virtual IPs and Service Proxies](/docs/reference/networking/virtual-ips/).
+-->
+### 清理网络流量规则   {#cleanup-of-network-traffic-rules}
+
+`kubeadm reset` 命令不会清理由 kube-proxy 应用到主机的任何 iptables、nftables 或 IPVS 规则。
+kube-proxy 中的控制循环确保每个节点主机上的规则是同步的。
+有关细节请参阅[虚拟 IP 和服务代理](/zh-cn/docs/reference/networking/virtual-ips/)。
+
+<!--
+Leaving the rules without cleanup should not cause any issues if the host is
+later reused as a Kubernetes node or if it will serve a different purpose.
+
+If you wish to perform this cleanup, you can use the same kube-proxy container
+which was used in your cluster and the `--cleanup` flag of the
+`kube-proxy` binary:
+-->
+如果主机之后被重新用作 Kubernetes 节点或将其用于其他目的，不清理这些规则应该不会导致任何问题。
+
+如果你希望执行此清理操作，可以使用集群中使用过的相同 kube-proxy 容器以及
+`kube-proxy` 可执行文件的 `--cleanup` 参数：
+
+<!--
+The output of the above command should print `DONE` at the end.
+Instead of Docker, you can use your preferred container runtime to start the container.
+-->
+上一条命令的输出应该在最后打印 `DONE`。除了 Docker，你还可以使用自己喜欢的容器运行时来启动容器。
+
+<!--
+### Cleanup of $HOME/.kube
+
+The `$HOME/.kube` directory typically contains configuration files and kubectl cache.
+While not cleaning the contents of `$HOME/.kube/cache` is not an issue, there is one important
+file in the directory. That is `$HOME/.kube/config` and it is used by kubectl to authenticate
+to the Kubernetes API server. After `kubeadm init` finishes, the user is instructed to copy the
+`/etc/kubernetes/admin.conf` file to the `$HOME/.kube/config` location and grant the current
+user access to it.
+-->
+### $HOME/.kube 的清理   {#cleanup-of-home-kube}
+
+`$HOME/.kube` 目录通常包含配置文件和 kubectl 缓存。
+虽然不清理 `$HOME/.kube/cache` 的内容不是问题，但该目录中有一个重要文件。
+即 `$HOME/.kube/config`，kubectl 使用此文件来对 Kubernetes API 服务器实施身份验证。
+在 `kubeadm init` 执行完成后，用户会被指示将 `/etc/kubernetes/admin.conf`
+文件复制到 `$HOME/.kube/config` 位置，并授予当前用户对其的访问权限。
+
+<!--
+The `kubeadm reset` command does not clean any of the contents of the `$HOME/.kube` directory.
+Leaving the `$HOME/.kube/config` file without deleting it, can be problematic depending
+on who will have access to this host after `kubeadm reset` was called.
+If the same cluster continues to exist, it is highly recommended to delete the file,
+as the admin credentials stored in it will continue to be valid.
+
+To cleanup the directory, examine its contents, perform backup if needed and execute
+the following command:
+-->
+`kubeadm reset` 命令不会清理 `$HOME/.kube` 目录中的任何内容。
+不删除 `$HOME/.kube/config` 文件可能会产生问题，具体取决于在调用 `kubeadm reset` 之后谁将有权访问此主机。
+如果同一集群仍然存在，强烈建议删除此文件，因为存放在其中的管理员凭证将继续有效。
+
+要清理此目录，先检查其内容，必要时执行备份，再执行以下命令：
+
+```bash
+rm -rf $HOME/.kube
+```
+
 <!--
 ### Graceful kube-apiserver shutdown
 
