From 6da498d1962aa48833b4cede8e55c0ce8149497e Mon Sep 17 00:00:00 2001 From: huangshanhui <1137852140@qq.com> Date: Tue, 30 Mar 2021 10:53:44 +0800 Subject: [PATCH 1/2] Update pod-security-policy.md fix the translation of "PodSecurityPolicies which allow the pod as-is, without changing defaults or mutating the pod, are preferred" --- content/zh/docs/concepts/policy/pod-security-policy.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/content/zh/docs/concepts/policy/pod-security-policy.md b/content/zh/docs/concepts/policy/pod-security-policy.md index 9ea3577de8..d05d967db1 100644 --- a/content/zh/docs/concepts/policy/pod-security-policy.md +++ b/content/zh/docs/concepts/policy/pod-security-policy.md @@ -316,8 +316,7 @@ controller selects policies according to the following criteria: 2. If the pod must be defaulted or mutated, the first PodSecurityPolicy (ordered by name) to allow the pod is selected. --> -1. 优先考虑中允许 Pod 不经修改地创建或更新的 PodSecurityPolicy,这些策略 - 不会更改 Pod 字段的默认值或者其他配置。 +1. 优先考虑允许pod保持原样,不会更改Pod字段的默认值或其他配置的PodSecurityPolicy。 这类非更改性质的 PodSecurityPolicy 对象之间的顺序无关紧要。 2. 如果必须要为 Pod 设置默认值或者其他配置,(按名称顺序)选择第一个允许 Pod 操作的 PodSecurityPolicy 对象。 From 1e64fb0a484bba5c2f04c6b212ecb22c6b70f91b Mon Sep 17 00:00:00 2001 From: huangshanhui <1137852140@qq.com> Date: Tue, 30 Mar 2021 11:10:29 +0800 Subject: [PATCH 2/2] Update content/zh/docs/concepts/policy/pod-security-policy.md Co-authored-by: Qiming Teng --- content/zh/docs/concepts/policy/pod-security-policy.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/content/zh/docs/concepts/policy/pod-security-policy.md b/content/zh/docs/concepts/policy/pod-security-policy.md index d05d967db1..111aef303d 100644 --- a/content/zh/docs/concepts/policy/pod-security-policy.md +++ b/content/zh/docs/concepts/policy/pod-security-policy.md @@ -316,7 +316,7 @@ controller selects policies according to the following criteria: 2. If the pod must be defaulted or mutated, the first PodSecurityPolicy (ordered by name) to allow the pod is selected. --> -1. 优先考虑允许pod保持原样,不会更改Pod字段的默认值或其他配置的PodSecurityPolicy。 +1. 优先考虑允许 Pod 保持原样,不会更改 Pod 字段默认值或其他配置的 PodSecurityPolicy。 这类非更改性质的 PodSecurityPolicy 对象之间的顺序无关紧要。 2. 如果必须要为 Pod 设置默认值或者其他配置,(按名称顺序)选择第一个允许 Pod 操作的 PodSecurityPolicy 对象。 @@ -1232,4 +1232,3 @@ By default, all safe sysctls are allowed. - 参阅[Pod 安全标准](/zh/docs/concepts/security/pod-security-standards/) 了解策略建议。 - 阅读 [Pod 安全策略参考](/docs/reference/generated/kubernetes-api/{{< param "version" >}}/#podsecuritypolicy-v1beta1-policy)了解 API 细节。 -