From 32ca0e3ce46f2548a39d81d7398e10f28711fe85 Mon Sep 17 00:00:00 2001 From: Billy Tat Date: Mon, 16 Sep 2024 17:11:50 -0700 Subject: [PATCH] Fix zh/latest links --- .../current/faq/general-faq.md | 2 +- ...install-upgrade-on-a-kubernetes-cluster.md | 4 +- .../rollbacks.md | 2 +- .../installation-requirements.md | 2 +- .../rancher-on-a-single-node-with-docker.md | 4 +- .../enable-api-audit-log.md | 4 +- .../configure-azure-ad.md | 3 +- .../configure-rancher-for-ms-adfs.md | 6 +- .../configure-openldap/configure-openldap.md | 2 +- .../configure-shibboleth-saml.md | 2 +- .../global-permissions.md | 2 +- .../pod-security-standards.md | 8 +- .../back-up-rancher.md | 2 +- .../set-up-cloud-providers/amazon.md | 568 ++++++++++++++++++ .../kubernetes-resources-setup.md | 6 +- .../nutanix/nutanix.md | 6 +- .../integrations-in-rancher/fleet/overview.md | 8 +- .../harvester/overview.md | 2 +- .../kubernetes-distributions.md | 4 +- .../rbac-for-monitoring.md | 4 +- .../cluster-configuration.md | 2 +- .../rke2-cluster-configuration.md | 6 +- .../use-existing-nodes/use-existing-nodes.md | 2 +- 23 files changed, 608 insertions(+), 43 deletions(-) diff --git a/i18n/zh/docusaurus-plugin-content-docs/current/faq/general-faq.md b/i18n/zh/docusaurus-plugin-content-docs/current/faq/general-faq.md index 5cf116534af7..88abf26f063c 100644 --- a/i18n/zh/docusaurus-plugin-content-docs/current/faq/general-faq.md +++ b/i18n/zh/docusaurus-plugin-content-docs/current/faq/general-faq.md @@ -16,7 +16,7 @@ title: 一般常见问题解答 ## 是否可以使用 Rancher 2.x 管理 Azure Kubernetes 服务? -是的。请参阅我们的[集群管理]((../how-to-guides/new-user-guides/manage-clusters/manage-clusters.md))指南,了解 AKS 上可用的 Rancher 功能,以及相关的 [AKS 的文档](../getting-started/installation-and-upgrade/install-upgrade-on-a-kubernetes-cluster/rancher-on-aks.md) +是的。请参阅我们的[集群管理](../how-to-guides/new-user-guides/manage-clusters/manage-clusters.md)指南,了解 AKS 上可用的 Rancher 功能,以及相关的 [AKS 的文档](../getting-started/installation-and-upgrade/install-upgrade-on-a-kubernetes-cluster/rancher-on-aks.md) ## Rancher 是否支持 Windows? diff --git a/i18n/zh/docusaurus-plugin-content-docs/current/getting-started/installation-and-upgrade/install-upgrade-on-a-kubernetes-cluster/install-upgrade-on-a-kubernetes-cluster.md b/i18n/zh/docusaurus-plugin-content-docs/current/getting-started/installation-and-upgrade/install-upgrade-on-a-kubernetes-cluster/install-upgrade-on-a-kubernetes-cluster.md index 437bc35815e9..d2f716b4038d 100644 --- a/i18n/zh/docusaurus-plugin-content-docs/current/getting-started/installation-and-upgrade/install-upgrade-on-a-kubernetes-cluster/install-upgrade-on-a-kubernetes-cluster.md +++ b/i18n/zh/docusaurus-plugin-content-docs/current/getting-started/installation-and-upgrade/install-upgrade-on-a-kubernetes-cluster/install-upgrade-on-a-kubernetes-cluster.md @@ -73,7 +73,7 @@ Rancher 是使用 Kubernetes 的 [Helm](https://helm.sh/) 包管理器安装的 ### 1. 添加 Helm Chart 仓库 -执行 `helm repo add` 命令,以添加包含安装 Rancher 的 Chart 的 Helm Chart 仓库。有关如何选择仓库,以及哪个仓库最适合你的用例,请参见[选择 Rancher 版本](../getting-started/installation-and-upgrade/resources/choose-a-rancher-version.md)。 +执行 `helm repo add` 命令,以添加包含安装 Rancher 的 Chart 的 Helm Chart 仓库。有关如何选择仓库,以及哪个仓库最适合你的用例,请参见[选择 Rancher 版本](../resources/choose-a-rancher-version.md)。 - Latest:建议用于试用最新功能 ``` @@ -103,7 +103,7 @@ Rancher Management Server 默认需要 SSL/TLS 配置来保证访问的安全性 :::note -如果你想在外部终止 SSL/TLS,请参见[外部负载均衡器的 TLS 终止](../getting-started/installation-and-upgrade/installation-references/helm-chart-options.md#外部-tls-终止)。 +如果你想在外部终止 SSL/TLS,请参见[外部负载均衡器的 TLS 终止](../installation-references/helm-chart-options.md#外部-tls-终止)。 ::: diff --git a/i18n/zh/docusaurus-plugin-content-docs/current/getting-started/installation-and-upgrade/install-upgrade-on-a-kubernetes-cluster/rollbacks.md b/i18n/zh/docusaurus-plugin-content-docs/current/getting-started/installation-and-upgrade/install-upgrade-on-a-kubernetes-cluster/rollbacks.md index d5c661c421fa..b834e7f6e11c 100644 --- a/i18n/zh/docusaurus-plugin-content-docs/current/getting-started/installation-and-upgrade/install-upgrade-on-a-kubernetes-cluster/rollbacks.md +++ b/i18n/zh/docusaurus-plugin-content-docs/current/getting-started/installation-and-upgrade/install-upgrade-on-a-kubernetes-cluster/rollbacks.md @@ -75,7 +75,7 @@ Rancher v2.6.4 将 cluster-api 模块从 v0.4.4 升级到 v1.0.2。反过来,c 1. 在左侧导航栏中,点击 **Rancher 备份 > 还原**。 :::note - 如果 Rancher Backups 应用不可见,你需要到 **Apps** 的 Charts 页面中安装应用。详情请参见[此处](../../../how-to-guides/new-user-guides/helm-charts-in-rancher/helm-charts-in-rancher.md#access-charts)。 + 如果 Rancher Backups 应用不可见,你需要到 **Apps** 的 Charts 页面中安装应用。详情请参见[此处](../../../how-to-guides/new-user-guides/helm-charts-in-rancher/helm-charts-in-rancher.md#访问-charts)。 ::: diff --git a/i18n/zh/docusaurus-plugin-content-docs/current/getting-started/installation-and-upgrade/installation-requirements/installation-requirements.md b/i18n/zh/docusaurus-plugin-content-docs/current/getting-started/installation-and-upgrade/installation-requirements/installation-requirements.md index e4800c2528f1..9de7379796d7 100644 --- a/i18n/zh/docusaurus-plugin-content-docs/current/getting-started/installation-and-upgrade/installation-requirements/installation-requirements.md +++ b/i18n/zh/docusaurus-plugin-content-docs/current/getting-started/installation-and-upgrade/installation-requirements/installation-requirements.md @@ -75,7 +75,7 @@ Rancher 的硬件占用空间取决于许多因素,包括: - 工作负载数量 (例如: Kubernetes 部署,Fleet 部署)。 - 使用模式 (例如:主动使用的功能集合,使用频率,并发用户数量). -由于存在许多可能随时间变化的影响因素,因此此处列出的要求为适合大多数用例的起点。 然而,你的用例可能有不同的要求。 若你需要对于特定场景的咨询,请[联系 Rancher]((https://rancher.com/contact/)) 以获得进一步指导。 +由于存在许多可能随时间变化的影响因素,因此此处列出的要求为适合大多数用例的起点。 然而,你的用例可能有不同的要求。 若你需要对于特定场景的咨询,请[联系 Rancher](https://rancher.com/contact/) 以获得进一步指导。 特别指出,本页面中的要求基于以下假设的环境提出,包括: diff --git a/i18n/zh/docusaurus-plugin-content-docs/current/getting-started/installation-and-upgrade/other-installation-methods/rancher-on-a-single-node-with-docker/rancher-on-a-single-node-with-docker.md b/i18n/zh/docusaurus-plugin-content-docs/current/getting-started/installation-and-upgrade/other-installation-methods/rancher-on-a-single-node-with-docker/rancher-on-a-single-node-with-docker.md index c2a63b86a5e7..ae91e2512943 100644 --- a/i18n/zh/docusaurus-plugin-content-docs/current/getting-started/installation-and-upgrade/other-installation-methods/rancher-on-a-single-node-with-docker/rancher-on-a-single-node-with-docker.md +++ b/i18n/zh/docusaurus-plugin-content-docs/current/getting-started/installation-and-upgrade/other-installation-methods/rancher-on-a-single-node-with-docker/rancher-on-a-single-node-with-docker.md @@ -73,7 +73,7 @@ docker run -d --restart=unless-stopped \ 使用 [OpenSSL](https://www.openssl.org/) 或其他方法创建自签名证书。 - 证书文件的格式必须是 PEM。 -- 在你的证书文件中,包括链中的所有中间证书。你需要对你的证书进行排序,把你的证书放在最前面,后面跟着中间证书。如需查看示例,请参见[证书故障排除](../getting-started/installation-and-upgrade/other-installation-methods/rancher-on-a-single-node-with-docker/certificate-troubleshooting.md)。 +- 在你的证书文件中,包括链中的所有中间证书。你需要对你的证书进行排序,把你的证书放在最前面,后面跟着中间证书。如需查看示例,请参见[证书故障排除](./certificate-troubleshooting.md)。 ::: @@ -107,7 +107,7 @@ docker run -d --restart=unless-stopped \ :::note 先决条件: - 证书文件的格式必须是 PEM。 -- 在你的证书文件中,包括可信 CA 提供的所有中间证书。你需要对你的证书进行排序,把你的证书放在最前面,后面跟着中间证书。如需查看示例,请参见[证书故障排除](../getting-started/installation-and-upgrade/other-installation-methods/rancher-on-a-single-node-with-docker/certificate-troubleshooting.md)。 +- 在你的证书文件中,包括可信 CA 提供的所有中间证书。你需要对你的证书进行排序,把你的证书放在最前面,后面跟着中间证书。如需查看示例,请参见[证书故障排除](./certificate-troubleshooting.md)。 ::: diff --git a/i18n/zh/docusaurus-plugin-content-docs/current/how-to-guides/advanced-user-guides/enable-api-audit-log.md b/i18n/zh/docusaurus-plugin-content-docs/current/how-to-guides/advanced-user-guides/enable-api-audit-log.md index 94974cb52f78..c28a12334599 100644 --- a/i18n/zh/docusaurus-plugin-content-docs/current/how-to-guides/advanced-user-guides/enable-api-audit-log.md +++ b/i18n/zh/docusaurus-plugin-content-docs/current/how-to-guides/advanced-user-guides/enable-api-audit-log.md @@ -20,7 +20,7 @@ API 审计可以在 Rancher 安装或升级期间启用。 | 参数 | 描述 | | ------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| `AUDIT_LEVEL` | `0` - 禁用审计日志(默认)
`1` - 日志事件元数据
`2` - 日志事件元数据和请求体
`3` - 日志事件元数据,请求体和响应体。请求/响应对的每个日志事务都使用同一个的 `auditID`。
如需了解每个设置记录的日志内容,请参见[审计日志级别](#审核日志级别)。 | +| `AUDIT_LEVEL` | `0` - 禁用审计日志(默认)
`1` - 日志事件元数据
`2` - 日志事件元数据和请求体
`3` - 日志事件元数据,请求体和响应体。请求/响应对的每个日志事务都使用同一个的 `auditID`。
如需了解每个设置记录的日志内容,请参见[审计日志级别](#审核日志级别)。 | | `AUDIT_LOG_PATH` | Rancher Server API 的日志路径。默认路径:`/var/log/auditlog/rancher-api-audit.log`。你可以将日志目录挂载到主机。

示例:`AUDIT_LOG_PATH=/my/custom/path/`
| | `AUDIT_LOG_MAXAGE` | 旧审计日志文件可保留的最大天数。默认为 10 天。 | | `AUDIT_LOG_MAXBACKUP` | 保留的审计日志最大文件个数。默认值为 10。 | @@ -30,7 +30,7 @@ API 审计可以在 Rancher 安装或升级期间启用。 ### 审核日志级别 -下表介绍了每个 [`AUDIT_LEVEL`](#audit-level) 记录的 API 事务: +下表介绍了每个 [`AUDIT_LEVEL`](#api-审计日志选项) 记录的 API 事务: | `AUDIT_LEVEL` 设置 | 请求元数据 | 请求体 | 响应元数据 | 响应体 | | --------------------- | ---------------- | ------------ | ----------------- | ------------- | diff --git a/i18n/zh/docusaurus-plugin-content-docs/current/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-azure-ad.md b/i18n/zh/docusaurus-plugin-content-docs/current/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-azure-ad.md index 77d51e007bfe..eafb85572c5e 100644 --- a/i18n/zh/docusaurus-plugin-content-docs/current/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-azure-ad.md +++ b/i18n/zh/docusaurus-plugin-content-docs/current/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-azure-ad.md @@ -43,7 +43,6 @@ Rancher 中的 Microsoft Graph API 流程正在不断发展。建议你使用最 ![New App Registration](/img/new-app-registration.png) 1. 输入 **Name**(例如 `Rancher`)。 - 1. 在 **Supported account types** 中,选择 **Accounts in this organizational directory only (AzureADTest only - Single tenant)**。这对应于旧版应用注册选项。 @@ -260,7 +259,7 @@ Rancher 未测试也未完全支持自定义端点。 #### 离线环境 -在离线环境中,由于 Graph Endpoint URL 正在更改,因此管理员需要确保其端点被[列入白名单](#3.2)。 +在离线环境中,由于 Graph Endpoint URL 正在更改,因此管理员需要确保其端点被[列入白名单](#1-在-azure-注册-rancher)。 #### 回滚迁移 diff --git a/i18n/zh/docusaurus-plugin-content-docs/current/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/configure-microsoft-ad-federation-service-saml/configure-rancher-for-ms-adfs.md b/i18n/zh/docusaurus-plugin-content-docs/current/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/configure-microsoft-ad-federation-service-saml/configure-rancher-for-ms-adfs.md index 26e89e2058d7..78bdfea1506b 100644 --- a/i18n/zh/docusaurus-plugin-content-docs/current/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/configure-microsoft-ad-federation-service-saml/configure-rancher-for-ms-adfs.md +++ b/i18n/zh/docusaurus-plugin-content-docs/current/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/configure-microsoft-ad-federation-service-saml/configure-rancher-for-ms-adfs.md @@ -41,17 +41,15 @@ title: 2. 在 Rancher 中配置 Microsoft AD FS | UID 字段 | 每个用户独有的 AD 属性。

示例:`http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn` | | 用户组字段 | 创建用于管理组成员关系的条目。

示例:`http://schemas.xmlsoap.org/claims/Group` | | Rancher API 主机 | Rancher Server 的 URL。 | -| 私钥/证书 | 在 Rancher 和你的 AD FS 之间创建安全外壳(SSH)的密钥/证书对。确保将 Common Name (CN) 设置为 Rancher Server URL。

[证书创建命令](#cert-command) | +| 私钥/证书 | 在 Rancher 和你的 AD FS 之间创建安全外壳(SSH)的密钥/证书对。确保将 Common Name (CN) 设置为 Rancher Server URL。

[证书创建命令](#example-certificate-creation-command) | | 元数据 XML | 从 AD FS 服务器导出的 `federationmetadata.xml` 文件。

你可以在 `https:///federationmetadata/2007-06/federationmetadata.xml` 找到该文件。 | -:::tip +### Example Certificate Creation Command 你可以使用 openssl 命令生成证书。例如: ``` openssl req -x509 -newkey rsa:2048 -keyout myservice.key -out myservice.cert -days 365 -nodes -subj "/CN=myservice.example.com" ``` - -::: diff --git a/i18n/zh/docusaurus-plugin-content-docs/current/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/configure-openldap/configure-openldap.md b/i18n/zh/docusaurus-plugin-content-docs/current/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/configure-openldap/configure-openldap.md index 7594371a296e..652e2457f37b 100644 --- a/i18n/zh/docusaurus-plugin-content-docs/current/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/configure-openldap/configure-openldap.md +++ b/i18n/zh/docusaurus-plugin-content-docs/current/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/configure-openldap/configure-openldap.md @@ -53,4 +53,4 @@ title: 配置 OpenLDAP ## 附录:故障排除 -如果在测试与 OpenLDAP 服务器的连接时遇到问题,请首先仔细检查为 ServiceAccount 输入的凭证以及搜索库配置。你还可以检查 Rancher 日志来查明问题的原因。调试日志可能包含有关错误的更详细信息。详情请参见[如何启用调试日志](../../../../faq/technical-items.md#how-can-i-enable-debug-logging)。 +如果在测试与 OpenLDAP 服务器的连接时遇到问题,请首先仔细检查为 ServiceAccount 输入的凭证以及搜索库配置。你还可以检查 Rancher 日志来查明问题的原因。调试日志可能包含有关错误的更详细信息。详情请参见[如何启用调试日志](../../../../faq/technical-items.md#如何启用调试日志记录)。 diff --git a/i18n/zh/docusaurus-plugin-content-docs/current/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/configure-shibboleth-saml/configure-shibboleth-saml.md b/i18n/zh/docusaurus-plugin-content-docs/current/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/configure-shibboleth-saml/configure-shibboleth-saml.md index 285a5d3e6aa0..fe0c5cde49bc 100644 --- a/i18n/zh/docusaurus-plugin-content-docs/current/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/configure-shibboleth-saml/configure-shibboleth-saml.md +++ b/i18n/zh/docusaurus-plugin-content-docs/current/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/configure-shibboleth-saml/configure-shibboleth-saml.md @@ -101,4 +101,4 @@ SAML 协议不支持用户或用户组的搜索或查找。因此,如果你没 ## 故障排除 -如果在测试与 OpenLDAP 服务器的连接时遇到问题,请首先仔细检查为 ServiceAccount 输入的凭证以及搜索库配置。你还可以检查 Rancher 日志来查明问题的原因。调试日志可能包含有关错误的更详细信息。详情请参见[如何启用调试日志](../../../../faq/technical-items.md#how-can-i-enable-debug-logging)。 +如果在测试与 OpenLDAP 服务器的连接时遇到问题,请首先仔细检查为 ServiceAccount 输入的凭证以及搜索库配置。你还可以检查 Rancher 日志来查明问题的原因。调试日志可能包含有关错误的更详细信息。详情请参见[如何启用调试日志](../../../../faq/technical-items.md#如何启用调试日志记录)。 diff --git a/i18n/zh/docusaurus-plugin-content-docs/current/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/manage-role-based-access-control-rbac/global-permissions.md b/i18n/zh/docusaurus-plugin-content-docs/current/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/manage-role-based-access-control-rbac/global-permissions.md index 7f7606413f18..7eb2cd0457ed 100644 --- a/i18n/zh/docusaurus-plugin-content-docs/current/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/manage-role-based-access-control-rbac/global-permissions.md +++ b/i18n/zh/docusaurus-plugin-content-docs/current/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/manage-role-based-access-control-rbac/global-permissions.md @@ -254,7 +254,7 @@ inheritedClusterRoles: 只有在以下情况下,你才能将全局角色分配给组: -- 你已设置[外部认证](../authentication-config/authentication-config.md#external-vs-local-authentication) +- 你已设置[外部认证](../authentication-config/authentication-config.md#外部认证与本地认证) - 外部认证服务支持[用户组](../authentication-config/manage-users-and-groups.md) - 你已使用外部认证服务设置了至少一个用户组。 diff --git a/i18n/zh/docusaurus-plugin-content-docs/current/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/pod-security-standards.md b/i18n/zh/docusaurus-plugin-content-docs/current/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/pod-security-standards.md index 1f56b62762f4..7c16ac101924 100644 --- a/i18n/zh/docusaurus-plugin-content-docs/current/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/pod-security-standards.md +++ b/i18n/zh/docusaurus-plugin-content-docs/current/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/pod-security-standards.md @@ -15,12 +15,12 @@ PSS 定义了工作负载的安全级别。PSA 描述了 Pod 安全上下文和 必须在删除 PodSecurityPolicy 对象_之前_添加新的策略执行机制。否则,你可能会为集群内的特权升级攻击创造机会。 ::: -### 从 Rancher 维护的应用程序和市场工作负载中删除 PodSecurityPolicies {#remove-psp-rancher-workloads} +### 从 Rancher 维护的应用程序和市场工作负载中删除 PodSecurityPolicies Rancher v2.7.2 提供了 Rancher 维护的 Helm Chart 的新主要版本。v102.x.y 允许你删除与以前的 Chart 版本一起安装的 PSP。这个新版本使用标准化的 `global.cattle.psp.enabled` 开关(默认关闭)替换了非标准的 PSP 开关。 你必须在_仍使用 Kubernetes v1.24_ 时执行以下步骤: -1. 根据需要配置 PSA 控制器。你可以使用 Rancher 的内置 [PSA 配置模板](#psa-config-templates),或创建自定义模板并将其应用于正在迁移的集群。 +1. 根据需要配置 PSA 控制器。你可以使用 Rancher 的内置 [PSA 配置模板](#pod-安全准入配置模板),或创建自定义模板并将其应用于正在迁移的集群。 1. 将活动的 PSP 映射到 Pod 安全标准: 1. 查看集群中哪些 PSP 仍处于活动状态: @@ -108,14 +108,14 @@ Helm 尝试在集群中查询存储在先前版本的数据 blob 中的对象时 #### 将 Chart 升级到支持 Kubernetes v1.25 的版本 -清理了具有 PSP 的所有版本后,你就可以继续升级了。对于 Rancher 维护的工作负载,请按照本文档[从 Rancher 维护的应用程序和市场工作负载中删除 PodSecurityPolicies](#remove-psp-rancher-workloads) 部分中的步骤进行操作。 +清理了具有 PSP 的所有版本后,你就可以继续升级了。对于 Rancher 维护的工作负载,请按照本文档[从 Rancher 维护的应用程序和市场工作负载中删除 PodSecurityPolicies](#从-rancher-维护的应用程序和市场工作负载中删除-podsecuritypolicies) 部分中的步骤进行操作。 如果工作负载不是由 Rancher 维护的,请参阅对应的提供商的文档。 :::caution 不要跳过此步骤。与 Kubernetes v1.25 不兼容的应用程序不能保证在清理后正常工作。 ::: -## Pod 安全准入配置模板 {#psa-config-templates} +## Pod 安全准入配置模板 Rancher 提供了 PSA 配置模板。它们是可以应用到集群的预定义安全配置。Rancher 管理员(或具有权限的人员)可以[创建、管理和编辑](./psa-config-templates.md) PSA 模板。 diff --git a/i18n/zh/docusaurus-plugin-content-docs/current/how-to-guides/new-user-guides/backup-restore-and-disaster-recovery/back-up-rancher.md b/i18n/zh/docusaurus-plugin-content-docs/current/how-to-guides/new-user-guides/backup-restore-and-disaster-recovery/back-up-rancher.md index cf023f56e0a2..f5cf0dee5d1f 100644 --- a/i18n/zh/docusaurus-plugin-content-docs/current/how-to-guides/new-user-guides/backup-restore-and-disaster-recovery/back-up-rancher.md +++ b/i18n/zh/docusaurus-plugin-content-docs/current/how-to-guides/new-user-guides/backup-restore-and-disaster-recovery/back-up-rancher.md @@ -36,7 +36,7 @@ Rancher 必须是 2.5.0 或更高版本。 :::note -使用 `backup-restore` operator 执行恢复后,Fleet 中会出现一个已知问题:用于 `clientSecretName` 和 `helmSecretName` 的密文不包含在 Fleet 的 Git 仓库中。请参见[此处](../deploy-apps-across-clusters/fleet.md#故障排除)获得解决方法。 +使用 `backup-restore` operator 执行恢复后,Fleet 中会出现一个已知问题:用于 `clientSecretName` 和 `helmSecretName` 的密文不包含在 Fleet 的 Git 仓库中。请参见[此处](../../../integrations-in-rancher/fleet/overview.md#故障排除)获得解决方法。 ::: diff --git a/i18n/zh/docusaurus-plugin-content-docs/current/how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup/set-up-cloud-providers/amazon.md b/i18n/zh/docusaurus-plugin-content-docs/current/how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup/set-up-cloud-providers/amazon.md index 3c31569bf956..015602b6e522 100644 --- a/i18n/zh/docusaurus-plugin-content-docs/current/how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup/set-up-cloud-providers/amazon.md +++ b/i18n/zh/docusaurus-plugin-content-docs/current/how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup/set-up-cloud-providers/amazon.md @@ -158,3 +158,571 @@ weight: 1 ### 使用 Amazon Elastic Container Registry (ECR) 在将[创建 IAM 角色并附加到实例](#1-创建-iam-角色并附加到实例)中的 IAM 配置文件附加到实例时,kubelet 组件能够自动获取 ECR 凭证。使用低于 v1.15.0 的 Kubernetes 版本时,需要在集群中配置 Amazon 云提供商。从 Kubernetes 版本 v1.15.0 开始,kubelet 无需在集群中配置 Amazon 云提供商即可获取 ECR 凭证。 + +### Using the Out-of-Tree AWS Cloud Provider + + + + +1. [Node name conventions and other prerequisites](https://cloud-provider-aws.sigs.k8s.io/prerequisites/) must be followed for the cloud provider to find the instance correctly. + +2. Rancher managed RKE2/K3s clusters don't support configuring `providerID`. However, the engine will set the node name correctly if the following configuration is set on the provisioning cluster object: + +```yaml +spec: + rkeConfig: + machineGlobalConfig: + cloud-provider-name: aws +``` + +This option will be passed to the configuration of the various Kubernetes components that run on the node, and must be overridden per component to prevent the in-tree provider from running unintentionally: + + +**Override on Etcd:** + +```yaml +spec: + rkeConfig: + machineSelectorConfig: + - config: + kubelet-arg: + - cloud-provider=external + machineLabelSelector: + matchExpressions: + - key: rke.cattle.io/etcd-role + operator: In + values: + - 'true' +``` + +**Override on Control Plane:** + +```yaml +spec: + rkeConfig: + machineSelectorConfig: + - config: + disable-cloud-controller: true + kube-apiserver-arg: + - cloud-provider=external + kube-controller-manager-arg: + - cloud-provider=external + kubelet-arg: + - cloud-provider=external + machineLabelSelector: + matchExpressions: + - key: rke.cattle.io/control-plane-role + operator: In + values: + - 'true' +``` + +**Override on Worker:** + +```yaml +spec: + rkeConfig: + machineSelectorConfig: + - config: + kubelet-arg: + - cloud-provider=external + machineLabelSelector: + matchExpressions: + - key: rke.cattle.io/worker-role + operator: In + values: + - 'true' +``` + +2. Select `Amazon` if relying on the above mechanism to set the provider ID. Otherwise, select **External (out-of-tree)** cloud provider, which sets `--cloud-provider=external` for Kubernetes components. + +3. Specify the `aws-cloud-controller-manager` Helm chart as an additional manifest to install: + +```yaml +spec: + rkeConfig: + additionalManifest: |- + apiVersion: helm.cattle.io/v1 + kind: HelmChart + metadata: + name: aws-cloud-controller-manager + namespace: kube-system + spec: + chart: aws-cloud-controller-manager + repo: https://kubernetes.github.io/cloud-provider-aws + targetNamespace: kube-system + bootstrap: true + valuesContent: |- + hostNetworking: true + nodeSelector: + node-role.kubernetes.io/control-plane: "true" + args: + - --configure-cloud-routes=false + - --v=5 + - --cloud-provider=aws +``` + + + + + +1. [Node name conventions and other prerequisites ](https://cloud-provider-aws.sigs.k8s.io/prerequisites/) must be followed so that the cloud provider can find the instance. Rancher provisioned clusters don't support configuring `providerID`. + +:::note + +If you use IP-based naming, the nodes must be named after the instance followed by the regional domain name (`ip-xxx-xxx-xxx-xxx.ec2..internal`). If you have a custom domain name set in the DHCP options, you must set `--hostname-override` on `kube-proxy` and `kubelet` to match this naming convention. + +::: + +To meet node naming conventions, Rancher allows setting `useInstanceMetadataHostname` when the `External Amazon` cloud provider is selected. Enabling `useInstanceMetadataHostname` will query ec2 metadata service and set `/hostname` as `hostname-override` for `kubelet` and `kube-proxy`: + +```yaml +rancher_kubernetes_engine_config: + cloud_provider: + name: external-aws + useInstanceMetadataHostname: true +``` + +You must not enable `useInstanceMetadataHostname` when setting custom values for `hostname-override` for custom clusters. When you create a [custom cluster](../../../../reference-guides/cluster-configuration/rancher-server-configuration/use-existing-nodes/use-existing-nodes.md), add [`--node-name`](../../../../reference-guides/cluster-configuration/rancher-server-configuration/use-existing-nodes/rancher-agent-options.md) to the `docker run` node registration command to set `hostname-override` — for example, `"$(hostname -f)"`. This can be done manually or by using **Show Advanced Options** in the Rancher UI to add **Node Name**. + +2. Select the cloud provider. + +Selecting **External Amazon (out-of-tree)** sets `--cloud-provider=external` and enables `useInstanceMetadataHostname`. As mentioned in step 1, enabling `useInstanceMetadataHostname` will query the EC2 metadata service and set `http://169.254.169.254/latest/meta-data/hostname` as `hostname-override` for `kubelet` and `kube-proxy`. + +:::note + +You must disable `useInstanceMetadataHostname` when setting a custom node name for custom clusters via `node-name`. + +::: + +```yaml +rancher_kubernetes_engine_config: + cloud_provider: + name: external-aws + useInstanceMetadataHostname: true/false +``` + +Existing clusters that use an **External** cloud provider will set `--cloud-provider=external` for Kubernetes components but won't set the node name. + +3. Install the AWS cloud controller manager after the cluster finishes provisioning. Note that the cluster isn't successfully provisioned and nodes are still in an `uninitialized` state until you deploy the cloud controller manager. This can be done manually, or via [Helm charts in UI](#helm-chart-installation-from-ui). + +Refer to the offical AWS upstream documentation for the [cloud controller manager](https://kubernetes.github.io/cloud-provider-aws). + + + + +### Helm Chart Installation from CLI + + + + +Official upstream docs for [Helm chart installation](https://github.com/kubernetes/cloud-provider-aws/tree/master/charts/aws-cloud-controller-manager) can be found on GitHub. + +1. Add the Helm repository: + +```shell +helm repo add aws-cloud-controller-manager https://kubernetes.github.io/cloud-provider-aws +helm repo update +``` + +2. Create a `values.yaml` file with the following contents to override the default `values.yaml`: + +```yaml +# values.yaml +hostNetworking: true +tolerations: + - effect: NoSchedule + key: node.cloudprovider.kubernetes.io/uninitialized + value: 'true' + - effect: NoSchedule + value: 'true' + key: node-role.kubernetes.io/control-plane +nodeSelector: + node-role.kubernetes.io/control-plane: 'true' +args: + - --configure-cloud-routes=false + - --use-service-account-credentials=true + - --v=2 + - --cloud-provider=aws +clusterRoleRules: + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + - update + - apiGroups: + - "" + resources: + - nodes + verbs: + - '*' + - apiGroups: + - "" + resources: + - nodes/status + verbs: + - patch + - apiGroups: + - "" + resources: + - services + verbs: + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - services/status + verbs: + - list + - patch + - update + - watch + - apiGroups: + - '' + resources: + - serviceaccounts + verbs: + - create + - get + - apiGroups: + - "" + resources: + - persistentvolumes + verbs: + - get + - list + - update + - watch + - apiGroups: + - "" + resources: + - endpoints + verbs: + - create + - get + - list + - watch + - update + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - create + - get + - list + - watch + - update + - apiGroups: + - "" + resources: + - serviceaccounts/token + verbs: + - create +``` + +3. Install the Helm chart: + +```shell +helm upgrade --install aws-cloud-controller-manager aws-cloud-controller-manager/aws-cloud-controller-manager --values values.yaml +``` + +Verify that the Helm chart installed successfully: + +```shell +helm status -n kube-system aws-cloud-controller-manager +``` + +4. (Optional) Verify that the cloud controller manager update succeeded: + +```shell +kubectl rollout status daemonset -n kube-system aws-cloud-controller-manager +``` + + + + + +Official upstream docs for [Helm chart installation](https://github.com/kubernetes/cloud-provider-aws/tree/master/charts/aws-cloud-controller-manager) can be found on GitHub. + +1. Add the Helm repository: + +```shell +helm repo add aws-cloud-controller-manager https://kubernetes.github.io/cloud-provider-aws +helm repo update +``` + +2. Create a `values.yaml` file with the following contents, to override the default `values.yaml`: + +```yaml +# values.yaml +hostNetworking: true +tolerations: + - effect: NoSchedule + key: node.cloudprovider.kubernetes.io/uninitialized + value: 'true' + - effect: NoSchedule + value: 'true' + key: node-role.kubernetes.io/controlplane +nodeSelector: + node-role.kubernetes.io/controlplane: 'true' +args: + - --configure-cloud-routes=false + - --use-service-account-credentials=true + - --v=2 + - --cloud-provider=aws +clusterRoleRules: + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + - update + - apiGroups: + - "" + resources: + - nodes + verbs: + - '*' + - apiGroups: + - "" + resources: + - nodes/status + verbs: + - patch + - apiGroups: + - "" + resources: + - services + verbs: + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - services/status + verbs: + - list + - patch + - update + - watch + - apiGroups: + - '' + resources: + - serviceaccounts + verbs: + - create + - get + - apiGroups: + - "" + resources: + - persistentvolumes + verbs: + - get + - list + - update + - watch + - apiGroups: + - "" + resources: + - endpoints + verbs: + - create + - get + - list + - watch + - update + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - create + - get + - list + - watch + - update + - apiGroups: + - "" + resources: + - serviceaccounts/token + verbs: + - create +``` + +3. Install the Helm chart: + +```shell +helm upgrade --install aws-cloud-controller-manager -n kube-system aws-cloud-controller-manager/aws-cloud-controller-manager --values values.yaml +``` + +Verify that the Helm chart installed successfully: + +```shell +helm status -n kube-system aws-cloud-controller-manager +``` + +4. If present, edit the Daemonset to remove the default node selector `node-role.kubernetes.io/control-plane: ""`: + +```shell +kubectl edit daemonset aws-cloud-controller-manager -n kube-system +``` + +5. (Optional) Verify that the cloud controller manager update succeeded: + +```shell +kubectl rollout status daemonset -n kube-system aws-cloud-controller-manager +``` + + + + +### Helm Chart Installation from UI + + + + +1. Click **☰**, then select the name of the cluster from the left navigation. + +2. Select **Apps** > **Repositories**. + +3. Click the **Create** button. + +4. Enter `https://kubernetes.github.io/cloud-provider-aws` in the **Index URL** field. + +5. Select **Apps** > **Charts** from the left navigation and install **aws-cloud-controller-manager**. + +6. Select the namespace, `kube-system`, and enable **Customize Helm options before install**. + +7. Add the following container arguments: + +```yaml + - '--use-service-account-credentials=true' + - '--configure-cloud-routes=false' +``` + +8. Add `get` to `verbs` for `serviceaccounts` resources in `clusterRoleRules`. This allows the cloud controller manager to get service accounts upon startup. + +```yaml + - apiGroups: + - '' + resources: + - serviceaccounts + verbs: + - create + - get +``` + +9. Rancher-provisioned RKE2 nodes are tainted `node-role.kubernetes.io/control-plane`. Update tolerations and the nodeSelector: + +```yaml +tolerations: + - effect: NoSchedule + key: node.cloudprovider.kubernetes.io/uninitialized + value: 'true' + - effect: NoSchedule + value: 'true' + key: node-role.kubernetes.io/control-plane + +``` + +```yaml +nodeSelector: + node-role.kubernetes.io/control-plane: 'true' +``` + +:::note + +There's currently a [known issue](https://github.com/rancher/dashboard/issues/9249) where nodeSelector can't be updated from the Rancher UI. Continue installing the chart and then edit the Daemonset manually to set the `nodeSelector`: + +```yaml +nodeSelector: + node-role.kubernetes.io/control-plane: 'true' +``` + +::: + +10. Install the chart and confirm that the Daemonset `aws-cloud-controller-manager` is running. Verify `aws-cloud-controller-manager` pods are running in target namespace (`kube-system` unless modified in step 6). + + + + + +1. Click **☰**, then select the name of the cluster from the left navigation. + +2. Select **Apps** > **Repositories**. + +3. Click the **Create** button. + +4. Enter `https://kubernetes.github.io/cloud-provider-aws` in the **Index URL** field. + +5. Select **Apps** > **Charts** from the left navigation and install **aws-cloud-controller-manager**. + +6. Select the namespace, `kube-system`, and enable **Customize Helm options before install**. + +7. Add the following container arguments: + +```yaml + - '--use-service-account-credentials=true' + - '--configure-cloud-routes=false' +``` + +8. Add `get` to `verbs` for `serviceaccounts` resources in `clusterRoleRules`. This allows the cloud controller manager to get service accounts upon startup: + +```yaml + - apiGroups: + - '' + resources: + - serviceaccounts + verbs: + - create + - get +``` + +9. Rancher-provisioned RKE nodes are tainted `node-role.kubernetes.io/controlplane`. Update tolerations and the nodeSelector: + +```yaml +tolerations: + - effect: NoSchedule + key: node.cloudprovider.kubernetes.io/uninitialized + value: 'true' + - effect: NoSchedule + value: 'true' + key: node-role.kubernetes.io/controlplane + +``` + +```yaml +nodeSelector: + node-role.kubernetes.io/controlplane: 'true' +``` + +:::note + +There's currently a [known issue](https://github.com/rancher/dashboard/issues/9249) where `nodeSelector` can't be updated from the Rancher UI. Continue installing the chart and then Daemonset manually to set the `nodeSelector`: + +``` yaml +nodeSelector: + node-role.kubernetes.io/controlplane: 'true' +``` + +::: + +10. Install the chart and confirm that the Daemonset `aws-cloud-controller-manager` deploys successfully: + +```shell +kubectl rollout status deployment -n kube-system aws-cloud-controller-manager +``` + + + \ No newline at end of file diff --git a/i18n/zh/docusaurus-plugin-content-docs/current/how-to-guides/new-user-guides/kubernetes-resources-setup/kubernetes-resources-setup.md b/i18n/zh/docusaurus-plugin-content-docs/current/how-to-guides/new-user-guides/kubernetes-resources-setup/kubernetes-resources-setup.md index 4dd86bb2a6c5..8b80ea3272d9 100644 --- a/i18n/zh/docusaurus-plugin-content-docs/current/how-to-guides/new-user-guides/kubernetes-resources-setup/kubernetes-resources-setup.md +++ b/i18n/zh/docusaurus-plugin-content-docs/current/how-to-guides/new-user-guides/kubernetes-resources-setup/kubernetes-resources-setup.md @@ -30,10 +30,10 @@ title: Kubernetes 资源 Rancher 支持两种类型的负载均衡器: -- [Layer-4 负载均衡器](load-balancer-and-ingress-controller/layer-4-and-layer-7-load-balancing.md#layer-4-load-balancer#四层负载均衡器) -- [Layer-7 负载均衡器](load-balancer-and-ingress-controller/layer-4-and-layer-7-load-balancing.md#七层负载均衡器) +- [Layer-4 负载均衡器](./load-balancer-and-ingress-controller/layer-4-and-layer-7-load-balancing.md#四层负载均衡器) +- [Layer-7 负载均衡器](./load-balancer-and-ingress-controller/layer-4-and-layer-7-load-balancing.md#七层负载均衡器) -有关详细信息,请参阅[负载均衡器](load-balancer-and-ingress-controller/layer-4-and-layer-7-load-balancing.md)。 +有关详细信息,请参阅[负载均衡器](./load-balancer-and-ingress-controller/layer-4-and-layer-7-load-balancing.md)。 #### Ingress diff --git a/i18n/zh/docusaurus-plugin-content-docs/current/how-to-guides/new-user-guides/launch-kubernetes-with-rancher/use-new-nodes-in-an-infra-provider/nutanix/nutanix.md b/i18n/zh/docusaurus-plugin-content-docs/current/how-to-guides/new-user-guides/launch-kubernetes-with-rancher/use-new-nodes-in-an-infra-provider/nutanix/nutanix.md index 9eb5ce53af61..c32a765cb3c3 100644 --- a/i18n/zh/docusaurus-plugin-content-docs/current/how-to-guides/new-user-guides/launch-kubernetes-with-rancher/use-new-nodes-in-an-infra-provider/nutanix/nutanix.md +++ b/i18n/zh/docusaurus-plugin-content-docs/current/how-to-guides/new-user-guides/launch-kubernetes-with-rancher/use-new-nodes-in-an-infra-provider/nutanix/nutanix.md @@ -13,9 +13,9 @@ Rancher 可以在 AOS (AHV) 中配置节点并在其上安装 Kubernetes。在 A Nutanix 集群可能由多组具有不同属性(例如内存或 vCPU 数量)的 VM 组成。这种分组允许对每个 Kubernetes 角色的节点大小进行细粒度控制。 -- [创建 Nutanix 集群](provision-kubernetes-clusters-in-aos.md#creating-a-nutanix-aos-cluster) -- [配置存储](provision-kubernetes-clusters-in-aos.md) +- [创建 Nutanix 集群](./provision-kubernetes-clusters-in-aos.md#1-创建节点模板) +- [配置存储](./provision-kubernetes-clusters-in-aos.md) ## 创建 Nutanix 集群 -在[本节](provision-kubernetes-clusters-in-aos.md)中,你将学习如何使用 Rancher 在 Nutanix AOS 中安装 [RKE](https://rancher.com/docs/rke/latest/en/) Kubernetes 集群。 \ No newline at end of file +在[本节](./provision-kubernetes-clusters-in-aos.md)中,你将学习如何使用 Rancher 在 Nutanix AOS 中安装 [RKE](https://rancher.com/docs/rke/latest/en/) Kubernetes 集群。 \ No newline at end of file diff --git a/i18n/zh/docusaurus-plugin-content-docs/current/integrations-in-rancher/fleet/overview.md b/i18n/zh/docusaurus-plugin-content-docs/current/integrations-in-rancher/fleet/overview.md index cedc5ee7a363..b26b821dc23f 100644 --- a/i18n/zh/docusaurus-plugin-content-docs/current/integrations-in-rancher/fleet/overview.md +++ b/i18n/zh/docusaurus-plugin-content-docs/current/integrations-in-rancher/fleet/overview.md @@ -12,7 +12,7 @@ Fleet 是 Rancher 的一个独立项目,可以通过 Helm 安装在任何 Kube ## 架构 -有关 Fleet 如何运作的信息,请参阅[架构](./architecture)页面。 +有关 Fleet 如何运作的信息,请参阅[架构](./architecture.md)页面。 ## 在 Rancher UI 中访问 Fleet @@ -40,7 +40,7 @@ Fleet 预安装在 Rancher 中,并由 Rancher UI 中的**持续交付**选项 ## Windows 支持 -有关对具有 Windows 节点的集群的支持的详细信息,请参阅 [Windows 支持](./windows-support)页面。 +有关对具有 Windows 节点的集群的支持的详细信息,请参阅 [Windows 支持](./windows-support.md)页面。 ## GitHub 仓库 @@ -48,7 +48,7 @@ Fleet Helm charts 可在[此处](https://github.com/rancher/fleet/releases)获 ## 在代理后使用 Fleet -有关在代理后面使用 Fleet 的详细信息,请参阅[在代理后使用 Fleet](./use-fleet-behind-a-proxy) 页面。 +有关在代理后面使用 Fleet 的详细信息,请参阅[在代理后使用 Fleet](./use-fleet-behind-a-proxy.md) 页面。 ## Helm Chart 依赖 @@ -58,7 +58,7 @@ git 仓库中的 Helm Chart 必须在 Chart 子目录中包含其依赖。 你 ## 故障排除 -- **已知问题**:Fleet gitrepos 的 clientSecretName 和 helmSecretName 密文不包含在 [backup-restore-operator](../../how-to-guides/new-user-guides/backup-restore-and-disaster-recovery/back-up-rancher.md#1-install-the-rancher-backup-operator) 创建的备份或恢复中。一旦有永久的解决方案,我们将更新社区内容。 +- **已知问题**:Fleet gitrepos 的 clientSecretName 和 helmSecretName 密文不包含在 [backup-restore-operator](../../how-to-guides/new-user-guides/backup-restore-and-disaster-recovery/back-up-rancher.md#1-安装-rancher-backup-operator) 创建的备份或恢复中。一旦有永久的解决方案,我们将更新社区内容。 - **临时解决方法**:默认情况下,用户定义的密文不会在 Fleet 中备份。如果执行灾难恢复或将 Rancher 迁移到新集群,则有必要重新创建密文。要修改 ResourceSet 以包含要备份的额外资源,请参阅文档[此处](https://github.com/rancher/backup-restore-operator#user-flow)。 diff --git a/i18n/zh/docusaurus-plugin-content-docs/current/integrations-in-rancher/harvester/overview.md b/i18n/zh/docusaurus-plugin-content-docs/current/integrations-in-rancher/harvester/overview.md index ac720bec060a..796257c729f8 100644 --- a/i18n/zh/docusaurus-plugin-content-docs/current/integrations-in-rancher/harvester/overview.md +++ b/i18n/zh/docusaurus-plugin-content-docs/current/integrations-in-rancher/harvester/overview.md @@ -28,7 +28,7 @@ Harvester 功能开关用于管理对 Rancher 中虚拟化管理(VM)页面 Harvester 允许通过 Harvester UI 上传和显示 `.ISO` 镜像,但 Rancher UI 是不支持的。这是因为 `.ISO` 镜像通常需要额外的设置,这会干扰干净的部署(即无需用户干预),并且它们通常不用于云环境。 -如需了解 Rancher 中主机驱动的更多详细信息,请单击[此处](../../how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/about-provisioning-drivers/about-provisioning-drivers#主机驱动)。 +如需了解 Rancher 中主机驱动的更多详细信息,请单击[此处](../../how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/about-provisioning-drivers/about-provisioning-drivers.md#主机驱动)。 ### 端口要求 diff --git a/i18n/zh/docusaurus-plugin-content-docs/current/integrations-in-rancher/kubernetes-distributions/kubernetes-distributions.md b/i18n/zh/docusaurus-plugin-content-docs/current/integrations-in-rancher/kubernetes-distributions/kubernetes-distributions.md index b45cce6b4d7b..8752645ed967 100644 --- a/i18n/zh/docusaurus-plugin-content-docs/current/integrations-in-rancher/kubernetes-distributions/kubernetes-distributions.md +++ b/i18n/zh/docusaurus-plugin-content-docs/current/integrations-in-rancher/kubernetes-distributions/kubernetes-distributions.md @@ -13,7 +13,7 @@ K3s 是一款轻量级、完全兼容的 Kubernetes 发行版,专为一系列 ### K3s 与 Rancher - Rancher 允许在一系列平台上轻松配置 K3s,包括 Amazon EC2、DigitalOcean、Azure、vSphere 或现有服务器。 -- Kubernetes 集群的标准 Rancher 管理,包括所有概述[集群管理功能](../how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup#cluster-management-capabilities-by-cluster-type)。 +- Kubernetes 集群的标准 Rancher 管理,包括所有概述[集群管理功能](../../how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup/kubernetes-clusters-in-rancher-setup.md#不同类型集群的管理功能)。 ## RKE2 @@ -31,4 +31,4 @@ RKE2 的主要特性包括: ## RKE2 与 Rancher - Rancher 允许在一系列平台上轻松配置 RKE2,包括 Amazon EC2、DigitalOcean、Azure、vSphere 或现有服务器。 -- Kubernetes 集群的标准 Rancher 管理,包括所有概述[集群管理功能](../how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup#cluster-management-capabilities-by-cluster-type)。 +- Kubernetes 集群的标准 Rancher 管理,包括所有概述[集群管理功能](../../how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup/kubernetes-clusters-in-rancher-setup.md#不同类型集群的管理功能)。 diff --git a/i18n/zh/docusaurus-plugin-content-docs/current/integrations-in-rancher/monitoring-and-alerting/rbac-for-monitoring.md b/i18n/zh/docusaurus-plugin-content-docs/current/integrations-in-rancher/monitoring-and-alerting/rbac-for-monitoring.md index dfeefda6f971..978ff27d4f33 100644 --- a/i18n/zh/docusaurus-plugin-content-docs/current/integrations-in-rancher/monitoring-and-alerting/rbac-for-monitoring.md +++ b/i18n/zh/docusaurus-plugin-content-docs/current/integrations-in-rancher/monitoring-and-alerting/rbac-for-monitoring.md @@ -107,7 +107,7 @@ Monitoring 还会创建其他 `ClusterRole`,这些角色默认情况下不会 | 角色 | 用途 | | ------------------------------| ---------------------------| -| monitoring-ui-view | _自 Monitoring v2 14.5.100+ 起可用_ 此 ClusterRole 允许用户在 Rancher UI 中查看指定集群的指标图。这是通过授予对外部监控 UI 的只读访问权限来实现的。具有此角色的用户有权限列出 Prometheus、Alertmanager 和 Grafana 端点,并通过 Rancher 代理向 Prometheus、Grafana 和 Alertmanager UI 发出 GET 请求。 | +| monitoring-ui-view | _自 Monitoring v2 14.5.100+ 起可用_ 此 ClusterRole 允许用户在 Rancher UI 中查看指定集群的指标图。这是通过授予对外部监控 UI 的只读访问权限来实现的。具有此角色的用户有权限列出 Prometheus、Alertmanager 和 Grafana 端点,并通过 Rancher 代理向 Prometheus、Grafana 和 Alertmanager UI 发出 GET 请求。 | ### 使用 kubectl 分配 Role 和 ClusterRole @@ -203,7 +203,7 @@ Rancher 部署的默认角色(即 cluster-owner、cluster-member、project-own | Rancher 角色 | Kubernetes ClusterRole | 可用 Rancher 版本 | 可用 Monitoring V2 版本 | |--------------------------|-------------------------------|-------|------| -| 查看 Monitoring\* | [monitoring-ui-view](#monitoring-ui-view) | 2.4.8+ | 9.4.204+ | +| 查看 Monitoring\* | [monitoring-ui-view](#具有-rancher-权限的用户) | 2.4.8+ | 9.4.204+ | \* 如果某个用户绑定了 Rancher 的 **View Monitoring** 角色,该用户只有在有 UI 链接时才有权访问外部 Monitoring UI。要访问 Monitoring Pane 以获取这些链接,用户必须是至少一个项目的项目成员。 diff --git a/i18n/zh/docusaurus-plugin-content-docs/current/reference-guides/cluster-configuration/cluster-configuration.md b/i18n/zh/docusaurus-plugin-content-docs/current/reference-guides/cluster-configuration/cluster-configuration.md index 111aa5afbf6a..99fd92c6ae4b 100644 --- a/i18n/zh/docusaurus-plugin-content-docs/current/reference-guides/cluster-configuration/cluster-configuration.md +++ b/i18n/zh/docusaurus-plugin-content-docs/current/reference-guides/cluster-configuration/cluster-configuration.md @@ -8,7 +8,7 @@ title: 集群配置 使用 Rancher 配置 Kubernetes 集群后,你仍然可以编辑集群的选项和设置。 -有关编辑集群成员资格的信息,请转至[此页面](../how-to-guides/new-user-guides/manage-clusters/access-clusters/add-users-to-clusters.md)。 +有关编辑集群成员资格的信息,请转至[此页面](../../how-to-guides/new-user-guides/manage-clusters/access-clusters/add-users-to-clusters.md)。 ### 集群配置参考 diff --git a/i18n/zh/docusaurus-plugin-content-docs/current/reference-guides/cluster-configuration/rancher-server-configuration/rke2-cluster-configuration.md b/i18n/zh/docusaurus-plugin-content-docs/current/reference-guides/cluster-configuration/rancher-server-configuration/rke2-cluster-configuration.md index 96e2cc566030..38f7277a323c 100644 --- a/i18n/zh/docusaurus-plugin-content-docs/current/reference-guides/cluster-configuration/rancher-server-configuration/rke2-cluster-configuration.md +++ b/i18n/zh/docusaurus-plugin-content-docs/current/reference-guides/cluster-configuration/rancher-server-configuration/rke2-cluster-configuration.md @@ -110,7 +110,7 @@ Rancher 与以下开箱即用的网络提供商兼容: 所有 CNI 网络插件都支持[双栈](https://docs.rke2.io/install/network_options#dual-stack-configuration)网络。要在双栈模式下配置 RKE2,请为你的[集群 CIDR](#集群-cidr) 和/或 [Service CIDR](#service-cidr) 设置有效的 IPv4/IPv6 CIDR。 -###### 额外配置 {#dual-stack-additional-config} +###### 额外配置 使用 `cilium` 或 `multus,cilium` 作为容器网络接口提供商时,请确保**启用 IPv6 支持**选项。 @@ -182,7 +182,7 @@ Rancher 与以下开箱即用的网络提供商兼容: 要配置[双栈](https://docs.rke2.io/install/network_options#dual-stack-configuration)模式,请输入有效的 IPv4/IPv6 CIDR。例如 `10.42.0.0/16,2001:cafe:42:0::/56`。 -使用 `cilium` 或 `multus,cilium` 作为[容器网络](#容器网络提供商)接口提供商时,你需要进行[附加配置](#dual-stack-additional-config)。 +使用 `cilium` 或 `multus,cilium` 作为[容器网络](#容器网络提供商)接口提供商时,你需要进行[附加配置](#额外配置)。 #### Service CIDR @@ -192,7 +192,7 @@ Rancher 与以下开箱即用的网络提供商兼容: 要配置[双栈](https://docs.rke2.io/install/network_options#dual-stack-configuration)模式,请输入有效的 IPv4/IPv6 CIDR。例如 `10.42.0.0/16,2001:cafe:42:0::/56`。 -使用 `cilium` 或 `multus,cilium` 作为[容器网络](#容器网络提供商)接口提供商时,你需要进行[附加配置](#dual-stack-additional-config)。 +使用 `cilium` 或 `multus,cilium` 作为[容器网络](#容器网络提供商)接口提供商时,你需要进行[附加配置](#额外配置)。 #### 集群 DNS diff --git a/i18n/zh/docusaurus-plugin-content-docs/current/reference-guides/cluster-configuration/rancher-server-configuration/use-existing-nodes/use-existing-nodes.md b/i18n/zh/docusaurus-plugin-content-docs/current/reference-guides/cluster-configuration/rancher-server-configuration/use-existing-nodes/use-existing-nodes.md index 555b50a4a417..aaa9b78100e7 100644 --- a/i18n/zh/docusaurus-plugin-content-docs/current/reference-guides/cluster-configuration/rancher-server-configuration/use-existing-nodes/use-existing-nodes.md +++ b/i18n/zh/docusaurus-plugin-content-docs/current/reference-guides/cluster-configuration/rancher-server-configuration/use-existing-nodes/use-existing-nodes.md @@ -69,7 +69,7 @@ description: 要创建具有自定义节点的集群,你需要访问集群中 ::: -8. **可选**:点击**[显示高级选项](../how-to-guides/new-user-guides/launch-kubernetes-with-rancher/about-rancher-agents.md)**来指定注册节点时使用的 IP 地址,覆盖节点的主机名,或将[标签](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/)或[污点](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/)添加到节点。 +8. **可选**:点击**[显示高级选项](../../../../how-to-guides/new-user-guides/launch-kubernetes-with-rancher/about-rancher-agents.md)**来指定注册节点时使用的 IP 地址,覆盖节点的主机名,或将[标签](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/)或[污点](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/)添加到节点。 9. 将屏幕上显示的命令复制到剪贴板。