Merge pull request #34564 from Sea-n/zh-fix-conecpts-links

[zh] Fix some 404 links in concepts

content/zh-cn/docs/concepts/overview/working-with-objects/finalizers.md

@@ -87,7 +87,7 @@ Kubernetes 清除 `pv-protection` Finalizer，控制器就会删除该卷。
 ## Owner references, labels, and finalizers {#owners-labels-finalizers}
 
 Like {{<glossary_tooltip text="labels" term_id="label">}},
-[owner references](/concepts/overview/working-with-objects/owners-dependents/)
+[owner references](/docs/concepts/overview/working-with-objects/owners-dependents/)
 describe the relationships between objects in Kubernetes, but are used for a
 different purpose. When a
 {{<glossary_tooltip text="controller" term_id="controller">}} manages objects
@@ -99,7 +99,7 @@ any Pods in the cluster with the same label.
 ## 属主引用、标签和 Finalizers {#owners-labels-finalizers}
 
 与{{<glossary_tooltip text="标签" term_id="label">}}类似，
-[属主引用](/zh-cn/concepts/overview/working-with-objects/owners-dependents/)
+[属主引用](/zh-cn/docs/concepts/overview/working-with-objects/owners-dependents/)
 描述了 Kubernetes 中对象之间的关系，但它们作用不同。
 当一个{{<glossary_tooltip text="控制器" term_id="controller">}}
 管理类似于 Pod 的对象时，它使用标签来跟踪相关对象组的变化。
@@ -154,4 +154,3 @@ Finalizers 通常因为特殊原因被添加到资源上，所以强行删除它
   on the Kubernetes blog.
 -->
 * 在 Kubernetes 博客上阅读[使用 Finalizers 控制删除](/blog/2021/05/14/using-finalizers-to-control-deletion/)。
-

content/zh-cn/docs/concepts/security/pod-security-policy.md

@@ -58,7 +58,7 @@ Pod 安全策略允许管理员控制如下方面：
 
 <!--
 | Control Aspect                                      | Field Names                                 |
-| ----------------------------------------------------| ----------------------------------------- |
+| ----------------------------------------------------| ------------------------------------------- |
 | Running of privileged containers                    | [`privileged`](#privileged)                                |
 | Usage of host namespaces                            | [`hostPID`, `hostIPC`](#host-namespaces)    |
 | Usage of host networking and ports                  | [`hostNetwork`, `hostPorts`](#host-namespaces) |
@@ -458,11 +458,11 @@ alias kubectl-user='kubectl --as=system:serviceaccount:psp-example:fake-user -n
 ### Create a policy and a pod
 
 Define the example PodSecurityPolicy object in a file. This is a policy that
-simply prevents the creation of privileged pods.
+prevents the creation of privileged pods.
 The name of a PodSecurityPolicy object must be a valid
 [DNS subdomain name](/docs/concepts/overview/working-with-objects/names#dns-subdomain-names).
 -->
-### 创建一个策略和一个 Pod
+### 创建一个策略和一个 Pod   {#create-a-policy-and-a-pod}
 
 在一个文件中定义一个示例的 PodSecurityPolicy 对象。
 这里的策略只是用来禁止创建有特权要求的 Pods。
@@ -588,7 +588,7 @@ spec:
 EOF
 ```
 <!--
-The output is similar to this:
+The output is similar to this
 -->
 输出类似于：
 
@@ -791,7 +791,8 @@ several security mechanisms.
 {{< codenew file="policy/restricted-psp.yaml" >}}
 
 <!--
-See [Pod Security Standards](/docs/concepts/security/pod-security-standards/#policy-instantiation) for more examples.
+See [Pod Security Standards](/docs/concepts/security/pod-security-standards/#policy-instantiation)
+for more examples.
 -->
 更多的示例可参考
 [Pod 安全标准](/zh-cn/docs/concepts/security/pod-security-standards/#policy-instantiation)。
@@ -1140,7 +1141,7 @@ the PodSecurityPolicy. For more details on Linux capabilities, see
 [capabilities(7)](http://man7.org/linux/man-pages/man7/capabilities.7.html).
 
 The following fields take a list of capabilities, specified as the capability
-name in ALL_CAPS without the `CAP\_` prefix.
+name in ALL_CAPS without the `CAP_` prefix.
 -->
 ### 权能字    {#capabilities}
 
@@ -1228,14 +1229,14 @@ denoted as the string `Unmasked`.
 <!--
 ### AppArmor
 
-Controlled via annotations on the PodSecurityPolicy. Refer to the [AppArmor
+Controlled via annotations on the PodSecurityPolicy. Refer to the
-documentation](/docs/tutorials/policy/apparmor/#podsecuritypolicy-annotations).
+[AppArmor documentation](/docs/tutorials/security/apparmor/#podsecuritypolicy-annotations).
 -->
 ### AppArmor
 
 通过 PodSecurityPolicy 上的注解来控制。
 详情请参阅
-[AppArmor 文档](/zh-cn/docs/tutorials/policy/apparmor/#podsecuritypolicy-annotations)。
+[AppArmor 文档](/zh-cn/docs/tutorials/security/apparmor/#podsecuritypolicy-annotations)。
 
 
 <!--
@@ -1270,7 +1271,7 @@ are:
   of Kubernetes 1.11. Use `runtime/default` instead.
 - `localhost/<path>` - Specify a profile as a file on the node located at
   `<seccomp_root>/<path>`, where `<seccomp_root>` is defined via the
-  `-seccomp-profile-root` flag on the Kubelet. If the `--seccomp-profile-root`
+  `--seccomp-profile-root` flag on the Kubelet. If the `--seccomp-profile-root`
   flag is not defined, the default path will be used, which is
   `<root-dir>/seccomp` where `<root-dir>` is specified by the `--root-dir` flag.
 
@@ -1341,13 +1342,14 @@ Refer to the [Sysctl documentation](/docs/tasks/administer-cluster/sysctl-cluste
 ## {{% heading "whatsnext" %}}
 
 <!--
-- See [PodSecurityPolicy Deprecation: Past, Present, and
+- See [PodSecurityPolicy Deprecation: Past, Present, and Future](/blog/2021/04/06/podsecuritypolicy-deprecation-past-present-and-future/)
-  Future](/blog/2021/04/06/podsecuritypolicy-deprecation-past-present-and-future/) to learn about
+  to learn about the future of pod security policy.
-  the future of pod security policy.
 
-- See [Pod Security Standards](/docs/concepts/security/pod-security-standards/) for policy recommendations.
+- See [Pod Security Standards](/docs/concepts/security/pod-security-standards/)
+  for policy recommendations.
 
-- Refer to [Pod Security Policy Reference](/docs/reference/generated/kubernetes-api/{{< param "version" >}}/#podsecuritypolicy-v1beta1-policy) for the api details.
+- Refer to [PodSecurityPolicy reference](/docs/reference/generated/kubernetes-api/{{< param "version" >}}/#podsecuritypolicy-v1beta1-policy)
+  for the API details.
 -->
 - 参阅 [PodSecurityPolicy Deprecation: Past, Present, and
   Future](/blog/2021/04/06/podsecuritypolicy-deprecation-past-present-and-future/)，
@@ -1355,6 +1357,6 @@ Refer to the [Sysctl documentation](/docs/tasks/administer-cluster/sysctl-cluste
 
 - 参阅 [Pod 安全标准](/zh-cn/docs/concepts/security/pod-security-standards/)，
   了解策略建议。
-- 阅读 [Pod 安全策略参考](/docs/reference/generated/kubernetes-api/{{< param "version" >}}/#podsecuritypolicy-v1beta1-policy)，
+- 阅读 [PodSecurityPolicy 参考](/docs/reference/generated/kubernetes-api/{{< param "version" >}}/#podsecuritypolicy-v1beta1-policy)，
   了解 API 细节。
 

content/zh-cn/docs/concepts/windows/intro.md

@@ -637,7 +637,7 @@ Windows Server SAC release
 <!--
 The Kubernetes [version-skew policy](/docs/setup/release/version-skew-policy/) also applies.
 -->
-也适用 Kubernetes [版本偏差策略](/zh-cn/docs/setup/release/version-skew-policy/)。
+也适用 Kubernetes [版本偏差策略](/zh-cn/releases/version-skew-policy/)。
 
 <!--
 ## Getting help and troubleshooting {#troubleshooting}

content/zh-cn/docs/concepts/workloads/controllers/replicationcontroller.md

@@ -341,7 +341,7 @@ When using the REST API or [client library](/docs/reference/using-api/client-lib
 
 使用 kubectl，为 [`kubectl delete`](/docs/reference/generated/kubectl/kubectl-commands#delete) 指定 `--cascade=orphan` 选项。
 
-当使用 REST API 或客户端库(/zh-cn/docs/reference/using-api/client-libraries)时，只需删除 ReplicationController 对象。
+当使用 REST API 或[客户端库](/zh-cn/docs/reference/using-api/client-libraries)时，只需删除 ReplicationController 对象。
 
 <!--
 Once the original is deleted, you can create a new ReplicationController to replace it.  As long

content/zh-cn/docs/concepts/workloads/controllers/statefulset.md

@@ -27,7 +27,7 @@ StatefulSet 是用来管理有状态应用的工作负载 API 对象。
 StatefulSets are valuable for applications that require one or more of the
 following.
 -->
-## 使用 StatefulSets
+## 使用 StatefulSets   {#using-statefulsets}
 
 StatefulSets 对于需要满足以下一个或多个需求的应用程序很有价值：
 
@@ -417,7 +417,7 @@ StatefulSet 允许你放宽其排序保证，
 `OrderedReady` pod management is the default for StatefulSets. It implements the behavior
 described [above](#deployment-and-scaling-guarantees).
 -->
-#### OrderedReady Pod 管理
+#### OrderedReady Pod 管理   {#orderedready-pod-management}
 
 `OrderedReady` Pod 管理是 StatefulSet 的默认设置。它实现了
 [上面](#deployment-and-scaling-guarantees)描述的功能。
@@ -518,7 +518,7 @@ update, roll out a canary, or perform a phased roll out.
 <!--
 ### Maximum unavailable Pods
 -->
-### 最大不可用 Pod
+### 最大不可用 Pod   {#maximum-unavailable-pods}
 
 {{< feature-state for_k8s_version="v1.24" state="alpha" >}}
 
@@ -547,13 +547,13 @@ unavailable Pod in the range `0` to `replicas - 1`, it will be counted towards
 {{< note >}}
 The `maxUnavailable` field is in Alpha stage and it is honored only by API servers
 that are running with the `MaxUnavailableStatefulSet`
-[feature gate](/docs/reference/commmand-line-tools-reference/feature-gates/)
+[feature gate](/docs/reference/command-line-tools-reference/feature-gates/)
 enabled.
 {{< /note >}}
 -->
 {{< note >}}
 `maxUnavailable` 字段处于 Alpha 阶段，仅当 API 服务器启用了 `MaxUnavailableStatefulSet`
-[特性门控](/zh-cn/docs/reference/commmand-line-tools-reference/feature-gates/)时才起作用。
+[特性门控](/zh-cn/docs/reference/command-line-tools-reference/feature-gates/)时才起作用。
 {{< /note >}}
 
 <!--

content/zh-cn/docs/concepts/workloads/pods/pod-lifecycle.md

@@ -484,7 +484,7 @@ Each probe must define exactly one of these four mechanisms:
   [gRPC健康检查](https://grpc.io/grpc/core/md_doc_health-checking.html)。
   如果响应的状态是 "SERVING"，则认为诊断成功。
   gRPC 探针是一个 alpha 特性，只有在你启用了
-  "GRPCContainerProbe" [特性门控](/zh-cn/docs/reference/command-line-tools-reference/feature-gate/)时才能使用。
+  "GRPCContainerProbe" [特性门控](/zh-cn/docs/reference/command-line-tools-reference/feature-gates/)时才能使用。
 
 `httpGet`
 : 对容器的 IP 地址上指定端口和路径执行 HTTP `GET` 请求。如果响应的状态码大于等于 200