From 57deb4fddcd7b76f280abceb5c2053f8047c31e6 Mon Sep 17 00:00:00 2001
From: Mengjiao Liu <mengjiao.liu@daocloud.io>
Date: Thu, 26 Aug 2021 17:07:01 +0800
Subject: [PATCH] [zh] Setup files to sync for 1.22(kubeadm part-2)

---
 .../tools/kubeadm/control-plane-flags.md      | 283 +++++++++++++++---
 1 file changed, 249 insertions(+), 34 deletions(-)

diff --git a/content/zh/docs/setup/production-environment/tools/kubeadm/control-plane-flags.md b/content/zh/docs/setup/production-environment/tools/kubeadm/control-plane-flags.md
index 5ee1199d64..771888f4ab 100644
--- a/content/zh/docs/setup/production-environment/tools/kubeadm/control-plane-flags.md
+++ b/content/zh/docs/setup/production-environment/tools/kubeadm/control-plane-flags.md
@@ -1,5 +1,5 @@
 ---
-title: 使用 kubeadm 定制控制平面配置
+title: 使用 kubeadm API 定制组件
 content_type: concept
 weight: 40
 ---
@@ -7,7 +7,7 @@ weight: 40
 ---
 reviewers:
 - sig-cluster-lifecycle
-title: Customizing control plane configuration with kubeadm
+title: Customizing components with the kubeadm API
 content_type: concept
 weight: 40
 ---
@@ -15,54 +15,109 @@ weight: 40
 
 <!-- overview -->
 
+<!--
+This page covers how to customize the components that kubeadm deploys. For control plane components
+you can use flags in the `ClusteConfiguration` structure or patches per-node. For the kubelet
+and kube-proxy you can use `KubeletConfiguration` and `KubeProxyConfiguration`, accordingly.
+
+All of these options are possible via the kubeadm configuration API.
+For more details on each field in the configuration you can navigate to our
+[API reference pages](https://godoc.org/k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1beta3).
+-->
+本页面介绍了如何自定义 kubeadm 部署的组件。
+你可以使用 `ClusteConfiguration` 结构中定义的参数，或者在每个节点上应用补丁来定制控制平面组件。
+你可以使用 `KubeletConfiguration` 和 `KubeProxyConfiguration` 结构分别定制 kubelet 和 kube-proxy 组件。
+
+所有这些选项都可以通过 kubeadm 配置 API 实现。
+有关配置中的每个字段的详细信息，你可以导航到我们的 
+[API 参考页面](/docs/reference/config-api/kubeadm-config.v1beta3/) 。
+
+{{< note >}}
+<!--
+Customizing the CoreDNS deployment of kubeadm is currently not supported. You must manually
+patch the `kube-system/coredns` {{< glossary_tooltip text="ConfigMap" term_id="configmap" >}}
+and recreate the CoreDNS {{< glossary_tooltip text="Pods" term_id="pod" >}} after that. Alternatively,
+you can skip the default CoreDNS deployment and deploy your own variant.
+For more details on that see [Using init phases with kubeadm](/docs/reference/setup-tools/kubeadm/kubeadm-init/#init-phases).
+-->
+kubeadm 目前不支持对 CoreDNS 部署进行定制。
+你必须手动更新 `kube-system/coredns` {{< glossary_tooltip text="ConfigMap" term_id="configmap" >}} 
+并在更新后重新创建 CoreDNS {{< glossary_tooltip text="Pods" term_id="pod" >}}。
+或者，你可以跳过默认的 CoreDNS 部署并部署你自己的 CoreDNS 变种。
+有关更多详细信息，请参阅[在 kubeadm 中使用 init phases](/zh/docs/reference/setup-tools/kubeadm/kubeadm-init/#init-phases).
+{{< /note >}}
+
+<!-- body -->
+
 {{< feature-state for_k8s_version="1.12" state="stable" >}}
 
 <!--
-The kubeadm `ClusterConfiguration` object exposes the field `extraArgs` that can override the default flags passed to control plane
-components such as the APIServer, ControllerManager and Scheduler. The components are defined using the following fields:
+## Customizing the control plane with flags in `ClusterConfiguration`
+
+The kubeadm `ClusterConfiguration` object exposes a way for users to override the default
+flags passed to control plane components such as the APIServer, ControllerManager, Scheduler and Etcd.
+The components are defined using the following structures:
 -->
-kubeadm `ClusterConfiguration` 对象公开了 `extraArgs` 字段，它可以覆盖传递给控制平面组件（如 APIServer、ControllerManager 和 Scheduler）的默认参数。各组件配置使用如下字段定义：
+## 使用 `ClusterConfiguration` 中的标志自定义控制平面   {#customizing-the-control-plane-with-flags-in-clusterconfiguration}
+
+kubeadm `ClusterConfiguration` 对象为用户提供了一种方法，
+用以覆盖传递给控制平面组件（如 APIServer、ControllerManager、Scheduler 和 Etcd）的默认参数。
+各组件配置使用如下字段定义：
 
 - `apiServer`
 - `controllerManager`
 - `scheduler`
+- `etcd`
 
 <!--
-The `extraArgs` field consist of `key: value` pairs. To override a flag for a control plane component:
+These structures contain a common `extraArgs` field, that consists of `key: value` pairs.
+To override a flag for a control plane component:
 -->
-`extraArgs` 字段由 `key: value` 对组成。
-要覆盖控制平面组件的参数:
+这些结构包含一个通用的 `extraArgs` 字段，该字段由 `key: value` 组成。
+要覆盖控制平面组件的参数：
 
 <!--
-1.  Add the appropriate field to your configuration.
-2.  Add the flags to override to the field.
+1.  Add the appropriate `extraArgs` to your configuration.
+2.  Add flags to the `extraArgs` field.
 3.  Run `kubeadm init` with `--config <YOUR CONFIG YAML>`.
 -->
-1.  将适当的字段添加到配置中。
-2.  向字段添加要覆盖的参数值。
+1.  将适当的字段 `extraArgs` 添加到配置中。
+2.  向字段 `extraArgs` 添加要覆盖的参数值。
 3.  用 `--config <YOUR CONFIG YAML>` 运行 `kubeadm init`。
 
-<!--
-For more details on each field in the configuration you can navigate to our
-[API reference pages](https://godoc.org/k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1beta2#ClusterConfiguration).
--->
-有关配置中的每个字段的详细信息，您可以导航到我们的 [API 参考页面](https://godoc.org/k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1beta2#ClusterConfiguration)。
-
 {{< note >}}
 <!-- 
-You can generate a `ClusterConfiguration` object with default values by running `kubeadm config print init-defaults` and saving the output to a file of your choice. 
+You can generate a `ClusterConfiguration` object with default values by running `kubeadm config print init-defaults` 
+and saving the output to a file of your choice. 
 -->
-您可以通过运行 `kubeadm config print init-defaults` 并将输出保存到您选择的文件中，以默认值形式生成 `ClusterConfiguration` 对象。
+你可以通过运行 `kubeadm config print init-defaults` 并将输出保存到你所选的文件中，
+以默认值形式生成 `ClusterConfiguration` 对象。
 {{< /note >}}
 
+{{< note >}}
+<!-- 
+The `ClusterConfiguration` object is currently global in kubeadm clusters. This means that any flags that you add,
+will apply to all instances of the same component on different nodes. To apply individual configuration per component
+on different nodes you can use [patches](#patches).
+-->
+`ClusterConfiguration` 对象目前在 kubeadm 集群中是全局的。
+这意味着你添加的任何标志都将应用于同一组件在不同节点上的所有实例。
+要在不同节点上为每个组件应用单独的配置，您可以使用[补丁](#patches)。
+{{< /note >}}
 
-
-<!-- body -->
+{{< note >}}
+<!-- 
+Duplicate flags (keys), or passing the same flag `--foo` multiple times, is currently not supported.
+To workaround that you must use [patches](#patches).
+-->
+当前不支持重复的参数（keys）或多次传递相同的参数 `--foo`。
+要解决此问题，你必须使用[补丁](#patches)。
+{{< /note >}}
 
 <!--
 ## APIServer flags
 -->
-## APIServer 参数
+### APIServer 参数   {#apiserver-flags}
 
 <!--
 For details, see the [reference documentation for kube-apiserver](/docs/reference/command-line-tools-reference/kube-apiserver/).
@@ -74,12 +129,11 @@ Example usage:
 -->
 使用示例：
 ```yaml
-apiVersion: kubeadm.k8s.io/v1beta2
+apiVersion: kubeadm.k8s.io/v1beta3
 kind: ClusterConfiguration
 kubernetesVersion: v1.16.0
 apiServer:
   extraArgs:
-    advertise-address: 192.168.0.103
     anonymous-auth: "false"
     enable-admission-plugins: AlwaysPullImages,DefaultStorageClass
     audit-log-path: /home/johndoe/audit.log
@@ -88,7 +142,7 @@ apiServer:
 <!--
 ## ControllerManager flags
 -->
-## ControllerManager 参数
+### ControllerManager 参数   {#controllermanager-flags}
 
 <!--
 For details, see the [reference documentation for kube-controller-manager](/docs/reference/command-line-tools-reference/kube-controller-manager/).
@@ -100,20 +154,19 @@ Example usage:
 -->
 使用示例：
 ```yaml
-apiVersion: kubeadm.k8s.io/v1beta2
+apiVersion: kubeadm.k8s.io/v1beta3
 kind: ClusterConfiguration
 kubernetesVersion: v1.16.0
 controllerManager:
   extraArgs:
     cluster-signing-key-file: /home/johndoe/keys/ca.key
-    bind-address: 0.0.0.0
     deployment-controller-sync-period: "50"
 ```
 
 <!--
-## Scheduler flags
+### Scheduler flags
 -->
-## Scheduler 参数
+## Scheduler 参数   {#scheduler-flags}
 
 <!--
 For details, see the [reference documentation for kube-scheduler](/docs/reference/command-line-tools-reference/kube-scheduler/).
@@ -125,14 +178,176 @@ Example usage:
 -->
 使用示例：
 ```yaml
-apiVersion: kubeadm.k8s.io/v1beta2
+apiVersion: kubeadm.k8s.io/v1beta3
 kind: ClusterConfiguration
 kubernetesVersion: v1.16.0
 scheduler:
   extraArgs:
-    bind-address: 0.0.0.0
-    config: /home/johndoe/schedconfig.yaml
-    kubeconfig: /home/johndoe/kubeconfig.yaml
+    config: /etc/kubernetes/scheduler-config.yaml
+  extraVolumes:
+    - name: schedulerconfig
+      hostPath: /home/johndoe/schedconfig.yaml
+      mountPath: /etc/kubernetes/scheduler-config.yaml
+      readOnly: true
+      pathType: "File"
+```
+<!--
+### Etcd flags
+
+For details, see the [etcd server documentation](https://etcd.io/docs/).
+
+Example usage:
+-->
+### Etcd 参数   {#etcd-flags} 
+
+有关详细信息，请参阅 [etcd 服务文档](https://etcd.io/docs/).
+
+使用示例：
+
+```yaml
+apiVersion: kubeadm.k8s.io/v1beta3
+kind: ClusterConfiguration
+etcd:
+  local:
+    extraArgs:
+      election-timeout: 1000
+```
+<!--
+## Customizing the control plane with patches {#patches}
+
+{{< feature-state for_k8s_version="v1.22" state="beta" >}}
+
+Kubeadm allows you to pass a directory with patch files to `InitConfiguration` and `JoinConfiguration`
+on individual nodes. These patches can be used as the last customization step before the control
+plane component manifests are written to disk.
+
+You can pass this file to `kubeadm init` with `--config <YOUR CONFIG YAML>`:
+-->
+## 使用补丁定制控制平面   {#patches}
+
+{{< feature-state for_k8s_version="v1.22" state="beta" >}}
+
+Kubeadm 允许将包含补丁文件的目录传递给各个节点上的 `InitConfiguration` 和 `JoinConfiguration`。
+这些补丁可被用作控制平面组件清单写入磁盘之前的最后一个自定义步骤。
+
+可以使用 `--config <你的 YAML 格式控制文件>` 将配置文件传递给 `kubeadm init`：
+
+```yaml
+apiVersion: kubeadm.k8s.io/v1beta3
+kind: InitConfiguration
+nodeRegistration:
+  patches:
+    directory: /home/user/somedir
 ```
 
+{{< note >}}
+<!--
+For `kubeadm init` you can pass a file containing both a `ClusterConfiguration` and `InitConfiguration`
+separated by `---`.
+-->
+对于 `kubeadm init`，你可以传递一个包含 `ClusterConfiguration` 和 `InitConfiguration` 的文件，以 `---` 分隔。
+{{< /note >}}
+
+<!--
+You can pass this file to `kubeadm join` with `--config <YOUR CONFIG YAML>`:
+-->
+你可以使用 `--config <你的 YAML 格式配置文件>` 将配置文件传递给 `kubeadm join`：
+
+```yaml
+apiVersion: kubeadm.k8s.io/v1beta3
+kind: JoinConfiguration
+nodeRegistration:
+  patches:
+    directory: /home/user/somedir
+```
+
+<!--
+The directory must contain files named `target[suffix][+patchtype].extension`.
+For example, `kube-apiserver0+merge.yaml` or just `etcd.json`.
+-->
+补丁目录必须包含名为 `target[suffix][+patchtype].extension` 的文件。
+例如，`kube-apiserver0+merge.yaml`  或只是 `etcd.json`。
+
+<!--
+- `target` can be one of `kube-apiserver`, `kube-controller-manager`, `kube-scheduler` and `etcd`.
+- `patchtype` can be one of `strategic`, `merge` or `json` and these must match the patching formats
+[supported by kubectl](/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch).
+The default `patchtype` is `strategic`.
+- `extension` must be either `json` or `yaml`.
+- `suffix` is an optional string that can be used to determine which patches are applied first
+alpha-numerically.
+-->
+- `target` 可以是 `kube-apiserver`、`kube-controller-manager`、`kube-scheduler` 和 `etcd` 之一。
+- `patchtype` 可以是 `strategy`、`merge` 或 `json` 之一，并且这些必须匹配 
+  [kubectl 支持](/zh/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch) 的补丁格式。
+  默认补丁类型是 `strategic` 的。
+- `extension` 必须是 `json` 或 `yaml`。
+- `suffix` 是一个可选字符串，可用于确定首先按字母数字应用哪些补丁。
+
+{{< note >}}
+<!--
+If you are using `kubeadm upgrade` to upgrade your kubeadm nodes you must again provide the same
+patches, so that the customization is preserved after upgrade. To do that you can use the `--patches`
+flag, which must point to the same directory. `kubeadm upgrade` currently does not support a configuration
+API structure that can be used for the same purpose.
+-->
+如果你使用 `kubeadm upgrade` 升级 kubeadm 节点，你必须再次提供相同的补丁，以便在升级后保留自定义配置。
+为此，你可以使用 `--patches` 参数，该参数必须指向同一目录。 `kubeadm upgrade` 目前不支持用于相同目的的 API 结构配置。
+{{< /note >}}
+
+<!--
+## Customizing the kubelet
+
+To customize the kubelet you can add a `KubeletConfiguration` next to the `ClusterConfiguration` or
+`InitConfiguration` separated by `---` within the same configuration file. This file can then be passed to `kubeadm init`.
+-->
+## 自定义 kubelet   {#customizing-the-kubelet}
+
+要自定义 kubelet，你可以在同一配置文件中的 `ClusterConfiguration` 或 `InitConfiguration` 
+之外添加一个 `KubeletConfiguration`，用 `---` 分隔。
+然后可以将此文件传递给 `kubeadm init`。
+
+{{< note >}}
+<!--
+kubeadm applies the same `KubeletConfiguration` to all nodes in the cluster. To apply node
+specific settings you can use kubelet flags as overrides by passing them in the `nodeRegistration.kubeletExtraArgs`
+field supported by both `InitConfiguration` and `JoinConfiguration`. Some kubelet flags are deprecated,
+so check their status in the [kubelet reference documentation](/docs/reference/command-line-tools-reference/kubelet)
+before using them.
+-->
+kubeadm 将相同的 `KubeletConfiguration` 配置应用于集群中的所有节点。
+要应用节点特定设置，你可以使用 `kubelet` 参数进行覆盖，方法是将它们传递到 `InitConfiguration` 和 `JoinConfiguration` 
+支持的 `nodeRegistration.kubeletExtraArgs` 字段中。一些 kubelet 参数已被弃用，
+因此在使用这些参数之前，请在 [kubelet 参考文档](/zh/docs/reference/command-line-tools-reference/kubelet) 中检查它们的状态。
+{{< /note >}}
+
+<!--
+For more details see [Configuring each kubelet in your cluster using kubeadm](/docs/setup/production-environment/tools/kubeadm/kubelet-integration)
+-->
+更多详情，请参阅[使用 kubeadm 配置集群中的每个 kubelet](/zh/docs/setup/production-environment/tools/kubeadm/kubelet-integration)
+
+<!--
+## Customizing kube-proxy
+
+To customize kube-proxy you can pass a `KubeProxyConfiguration` next your `ClusterConfiguration` or
+`InitConfiguration` to `kubeadm init` separated by `---`.
+
+For more details you can navigate to our [API reference pages](https://godoc.org/k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1beta3).
+-->
+## 自定义 kube-proxy   {#customizing-kube-proxy}
+
+要自定义 kube-proxy，你可以在 `ClusterConfiguration` 或 `InitConfiguration` 之外添加一个
+由 `---` 分隔的 `KubeProxyConfiguration`， 传递给 `kubeadm init`。
+
+可以导航到 [API 参考页面](/docs/reference/config-api/kubeadm-config.v1beta3/) 查看更多详情，
+
+{{< note >}}
+<!--
+kubeadm deploys kube-proxy as a {{< glossary_tooltip text="DaemonSet" term_id="daemonset" >}}, which means
+that the `KubeProxyConfiguration` would apply to all instances of kube-proxy in the cluster.
+-->
+kubeadm 将 kube-proxy 部署为 {{< glossary_tooltip text="DaemonSet" term_id="daemonset" >}}，
+这意味着 `KubeProxyConfiguration` 将应用于集群中的所有 kube-proxy 实例。
+{{< /note >}}
+