CINXE.COM

<!doctype html> <html lang="zh-cn" class="no-js"> <head> <meta name="robots" content="noindex, nofollow"> <link rel="alternate" hreflang="en" href="https://kubernetes.io/docs/reference/access-authn-authz/certificate-signing-requests/"> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"> <meta name="generator" content="Hugo 0.111.3"> <link rel="shortcut icon" type="image/png" href="/images/favicon.png"> <link rel="apple-touch-icon" href="/favicons/apple-touch-icon-180x180.png" sizes="180x180"> <link rel="manifest" href="/manifest.webmanifest"> <link rel="apple-touch-icon" href="/images/kubernetes-192x192.png"> <title>证书和证书签名请求 | Kubernetes</title><meta property="og:title" content="证书和证书签名请求" /> <meta property="og:description" content="特性状态： Kubernetes v1.19 [stable] Kubernetes 证书和信任包（trust bundle）API 可以通过为 Kubernetes API 的客户端提供编程接口，实现 X.509 凭据的自动化制备，从而请求并获取证书颁发机构 (CA) 发布的 X.509 证书。此外，Kubernetes 还对分发信任包提供了实验性（Alpha）支持。证书签名请求特性状态： Kubernetes v1.19 [stable] CertificateSigningRequest（CSR）资源用来向指定的签名者申请证书签名，在最终签名之前，申请可能被批准，也可能被拒绝。请求签名流程 CertificateSigningRequest 资源类型允许客户端基于签名请求申请发放 X.509 证书。 CertificateSigningRequest 对象在 spec.request 字段中包含一个 PEM 编码的 PKCS#10 签名请求。 CertificateSigningRequest 使用 spec.signerName 字段标示签名者（请求的接收方）。注意，spec.signerName 在 certificates.k8s.io/v1 之后的 API 版本是必填项。在 Kubernetes v1.22 和以后的版本，客户可以可选地设置 spec.expirationSeconds 字段来为颁发的证书设定一个特定的有效期。该字段的最小有效值是 600，也就是 10 分钟。创建完成的 CertificateSigningRequest，要先通过批准，然后才能签名。根据所选的签名者，CertificateSigningRequest 可能会被控制器自动批准。否则，就必须人工批准，人工批准可以使用 REST API（或 go 客户端），也可以执行 kubectl certificate approve 命令。同样，CertificateSigningRequest 也可能被驳回，这就相当于通知了指定的签名者，这个证书不能签名。" /> <meta property="og:type" content="article" /> <meta property="og:url" content="https://kubernetes.io/zh-cn/docs/reference/access-authn-authz/certificate-signing-requests/" /><meta property="article:section" content="docs" /> <meta property="article:modified_time" content="2023-11-02T19:38:23+08:00" /><meta property="og:site_name" content="Kubernetes" /> <meta itemprop="name" content="证书和证书签名请求"> <meta itemprop="description" content="特性状态： Kubernetes v1.19 [stable] Kubernetes 证书和信任包（trust bundle）API 可以通过为 Kubernetes API 的客户端提供编程接口，实现 X.509 凭据的自动化制备，从而请求并获取证书颁发机构 (CA) 发布的 X.509 证书。此外，Kubernetes 还对分发信任包提供了实验性（Alpha）支持。证书签名请求特性状态： Kubernetes v1.19 [stable] CertificateSigningRequest（CSR）资源用来向指定的签名者申请证书签名，在最终签名之前，申请可能被批准，也可能被拒绝。请求签名流程 CertificateSigningRequest 资源类型允许客户端基于签名请求申请发放 X.509 证书。 CertificateSigningRequest 对象在 spec.request 字段中包含一个 PEM 编码的 PKCS#10 签名请求。 CertificateSigningRequest 使用 spec.signerName 字段标示签名者（请求的接收方）。注意，spec.signerName 在 certificates.k8s.io/v1 之后的 API 版本是必填项。在 Kubernetes v1.22 和以后的版本，客户可以可选地设置 spec.expirationSeconds 字段来为颁发的证书设定一个特定的有效期。该字段的最小有效值是 600，也就是 10 分钟。创建完成的 CertificateSigningRequest，要先通过批准，然后才能签名。根据所选的签名者，CertificateSigningRequest 可能会被控制器自动批准。否则，就必须人工批准，人工批准可以使用 REST API（或 go 客户端），也可以执行 kubectl certificate approve 命令。同样，CertificateSigningRequest 也可能被驳回，这就相当于通知了指定的签名者，这个证书不能签名。"> <meta itemprop="dateModified" content="2023-11-02T19:38:23+08:00" /> <meta itemprop="wordCount" content="1275"> <meta itemprop="keywords" content="" /><meta name="twitter:card" content="summary"/> <meta name="twitter:title" content="证书和证书签名请求"/> <meta name="twitter:description" content="特性状态： Kubernetes v1.19 [stable] Kubernetes 证书和信任包（trust bundle）API 可以通过为 Kubernetes API 的客户端提供编程接口，实现 X.509 凭据的自动化制备，从而请求并获取证书颁发机构 (CA) 发布的 X.509 证书。此外，Kubernetes 还对分发信任包提供了实验性（Alpha）支持。证书签名请求特性状态： Kubernetes v1.19 [stable] CertificateSigningRequest（CSR）资源用来向指定的签名者申请证书签名，在最终签名之前，申请可能被批准，也可能被拒绝。请求签名流程 CertificateSigningRequest 资源类型允许客户端基于签名请求申请发放 X.509 证书。 CertificateSigningRequest 对象在 spec.request 字段中包含一个 PEM 编码的 PKCS#10 签名请求。 CertificateSigningRequest 使用 spec.signerName 字段标示签名者（请求的接收方）。注意，spec.signerName 在 certificates.k8s.io/v1 之后的 API 版本是必填项。在 Kubernetes v1.22 和以后的版本，客户可以可选地设置 spec.expirationSeconds 字段来为颁发的证书设定一个特定的有效期。该字段的最小有效值是 600，也就是 10 分钟。创建完成的 CertificateSigningRequest，要先通过批准，然后才能签名。根据所选的签名者，CertificateSigningRequest 可能会被控制器自动批准。否则，就必须人工批准，人工批准可以使用 REST API（或 go 客户端），也可以执行 kubectl certificate approve 命令。同样，CertificateSigningRequest 也可能被驳回，这就相当于通知了指定的签名者，这个证书不能签名。"/> <link href="/scss/main.css" rel="stylesheet"> <script type="application/ld+json"> { "@context": "https://schema.org", "@type": "Organization", "url": "https://kubernetes.io", "logo": "https://kubernetes.io/images/favicon.png", } </script> <meta name="theme-color" content="#326ce5"> <style> .gutter { background-color: #eee; background-repeat: no-repeat; background-position: 50%; } .gutter.gutter-horizontal { background-image: url('data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAUAAAAeCAYAAADkftS9AAAAIklEQVQoU2M4c+bMfxAGAgYYmwGrIIiDjrELjpo5aiZeMwF+yNnOs5KSvgAAAABJRU5ErkJggg=='); cursor: col-resize; } #sidebarnav, #maindoc { max-width: 100%; } #maindoc { overflow-wrap: break-word; } @media (max-width: 768px) { #sidebarnav { padding-left: 15px; padding-right: 15px; } } </style> <link rel="stylesheet" href="/css/feature-states.css"> <meta name="description" content="特性状态： Kubernetes v1.19 [stable] Kubernetes 证书和信任包（trust bundle）API 可以通过为 Kubernetes API 的客户端提供编程接口，实现 X.509 凭据的自动化制备，从而请求并获取证书颁发机构 (CA) 发布的 X.509 证书。此外，Kubernetes 还对分发信任包提供了实验性（Alpha）支持。证书签名请求特性状态： Kubernetes v1.19 [stable] CertificateSigningRequest（CSR）资源用来向指定的签名者申请证书签名，在最终签名之前，申请可能被批准，也可能被拒绝。请求签名流程 CertificateSigningRequest 资源类型允许客户端基于签名请求申请发放 X.509 证书。 CertificateSigningRequest 对象在 spec.request 字段中包含一个 PEM 编码的 PKCS#10 签名请求。 CertificateSigningRequest 使用 spec.signerName 字段标示签名者（请求的接收方）。注意，spec.signerName 在 certificates.k8s.io/v1 之后的 API 版本是必填项。在 Kubernetes v1.22 和以后的版本，客户可以可选地设置 spec.expirationSeconds 字段来为颁发的证书设定一个特定的有效期。该字段的最小有效值是 600，也就是 10 分钟。创建完成的 CertificateSigningRequest，要先通过批准，然后才能签名。根据所选的签名者，CertificateSigningRequest 可能会被控制器自动批准。否则，就必须人工批准，人工批准可以使用 REST API（或 go 客户端），也可以执行 kubectl certificate approve 命令。同样，CertificateSigningRequest 也可能被驳回，这就相当于通知了指定的签名者，这个证书不能签名。"> <meta property="og:description" content="特性状态： Kubernetes v1.19 [stable] Kubernetes 证书和信任包（trust bundle）API 可以通过为 Kubernetes API 的客户端提供编程接口，实现 X.509 凭据的自动化制备，从而请求并获取证书颁发机构 (CA) 发布的 X.509 证书。此外，Kubernetes 还对分发信任包提供了实验性（Alpha）支持。证书签名请求特性状态： Kubernetes v1.19 [stable] CertificateSigningRequest（CSR）资源用来向指定的签名者申请证书签名，在最终签名之前，申请可能被批准，也可能被拒绝。请求签名流程 CertificateSigningRequest 资源类型允许客户端基于签名请求申请发放 X.509 证书。 CertificateSigningRequest 对象在 spec.request 字段中包含一个 PEM 编码的 PKCS#10 签名请求。 CertificateSigningRequest 使用 spec.signerName 字段标示签名者（请求的接收方）。注意，spec.signerName 在 certificates.k8s.io/v1 之后的 API 版本是必填项。在 Kubernetes v1.22 和以后的版本，客户可以可选地设置 spec.expirationSeconds 字段来为颁发的证书设定一个特定的有效期。该字段的最小有效值是 600，也就是 10 分钟。创建完成的 CertificateSigningRequest，要先通过批准，然后才能签名。根据所选的签名者，CertificateSigningRequest 可能会被控制器自动批准。否则，就必须人工批准，人工批准可以使用 REST API（或 go 客户端），也可以执行 kubectl certificate approve 命令。同样，CertificateSigningRequest 也可能被驳回，这就相当于通知了指定的签名者，这个证书不能签名。"> <meta name="twitter:description" content="特性状态： Kubernetes v1.19 [stable] Kubernetes 证书和信任包（trust bundle）API 可以通过为 Kubernetes API 的客户端提供编程接口，实现 X.509 凭据的自动化制备，从而请求并获取证书颁发机构 (CA) 发布的 X.509 证书。此外，Kubernetes 还对分发信任包提供了实验性（Alpha）支持。证书签名请求特性状态： Kubernetes v1.19 [stable] CertificateSigningRequest（CSR）资源用来向指定的签名者申请证书签名，在最终签名之前，申请可能被批准，也可能被拒绝。请求签名流程 CertificateSigningRequest 资源类型允许客户端基于签名请求申请发放 X.509 证书。 CertificateSigningRequest 对象在 spec.request 字段中包含一个 PEM 编码的 PKCS#10 签名请求。 CertificateSigningRequest 使用 spec.signerName 字段标示签名者（请求的接收方）。注意，spec.signerName 在 certificates.k8s.io/v1 之后的 API 版本是必填项。在 Kubernetes v1.22 和以后的版本，客户可以可选地设置 spec.expirationSeconds 字段来为颁发的证书设定一个特定的有效期。该字段的最小有效值是 600，也就是 10 分钟。创建完成的 CertificateSigningRequest，要先通过批准，然后才能签名。根据所选的签名者，CertificateSigningRequest 可能会被控制器自动批准。否则，就必须人工批准，人工批准可以使用 REST API（或 go 客户端），也可以执行 kubectl certificate approve 命令。同样，CertificateSigningRequest 也可能被驳回，这就相当于通知了指定的签名者，这个证书不能签名。"> <meta property="og:url" content="https://kubernetes.io/zh-cn/docs/reference/access-authn-authz/certificate-signing-requests/"> <meta property="og:title" content="证书和证书签名请求"> <meta name="twitter:title" content="证书和证书签名请求"> <meta name="twitter:image" content="https://kubernetes.io/images/favicon.png" /> <meta name="twitter:image:alt" content="Kubernetes"> <meta property="og:image" content="/images/kubernetes-horizontal-color.png"> <meta property="og:type" content="article"> <script src="/js/jquery-3.6.0.min.js" intregrity="sha384-vtXRMe3mGCbOeY7l30aIg8H9p3GdeSe4IFlP6G8JMa7o7lXvnz3GFKzPxzJdPfGK" crossorigin="anonymous"></script> <script src="/js/split-1.6.0.js" intregrity="sha384-0blL3GqHy6+9fw0cyY2Aoiwg4onHAtslAs4OkqZY7UQBrR65/K4gI+hxLdWDrjpz"></script> <title>证书和证书签名请求 | Kubernetes</title> </head> <body class="td-page td-documentation"> <header> <nav class="js-navbar-scroll navbar navbar-expand navbar-dark flex-column flex-md-row td-navbar" data-auto-burger="primary"> <a class="navbar-brand img-fluid" href="/zh-cn/"></a> <div class="td-navbar-nav-scroll ml-md-auto" id="main_navbar"> <ul class="navbar-nav mt-2 mt-lg-0"> <li class="nav-item mr-2 mb-lg-0"> <a class="nav-link active" href="/zh-cn/docs/" >文档</a> </li> <li class="nav-item mr-2 mb-lg-0"> <a class="nav-link" href="/zh-cn/blog/" >Kubernetes 博客</a> </li> <li class="nav-item mr-2 mb-lg-0"> <a class="nav-link" href="/zh-cn/training/" >培训</a> </li> <li class="nav-item mr-2 mb-lg-0"> <a class="nav-link" href="/zh-cn/partners/" >合作伙伴</a> </li> <li class="nav-item mr-2 mb-lg-0"> <a class="nav-link" href="/zh-cn/community/" >社区</a> </li> <li class="nav-item mr-2 mb-lg-0"> <a class="nav-link" href="/zh-cn/case-studies/" >案例分析</a> </li> <li class="nav-item mr-n3 mr-lg-0 dropdown"> <a class="nav-link dropdown-toggle" href="#" id="navbarDropdown" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false"> 版本列表 </a> <div class="dropdown-menu dropdown-menu-right" aria-labelledby="navbarDropdownMenuLink"> <a class="dropdown-item" href="/zh-cn/releases">发布信息</a> <a class="dropdown-item" href="https://kubernetes.io/zh-cn/docs/reference/access-authn-authz/certificate-signing-requests/">v1.32</a> <a class="dropdown-item" href="https://v1-31.docs.kubernetes.io/zh-cn/docs/reference/access-authn-authz/certificate-signing-requests/">v1.31</a> <a class="dropdown-item" href="https://v1-30.docs.kubernetes.io/zh-cn/docs/reference/access-authn-authz/certificate-signing-requests/">v1.30</a> <a class="dropdown-item" href="https://v1-29.docs.kubernetes.io/zh-cn/docs/reference/access-authn-authz/certificate-signing-requests/">v1.29</a> <a class="dropdown-item" href="https://v1-28.docs.kubernetes.io/zh-cn/docs/reference/access-authn-authz/certificate-signing-requests/">v1.28</a> </div> </li> <li class="nav-item mr-n4 mr-lg-0 dropdown"> <a class="nav-link dropdown-toggle" href="#" id="navbarDropdownMenuLink" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false"> 中文 (Chinese) </a> <div class="dropdown-menu dropdown-menu-right" aria-labelledby="navbarDropdownMenuLink"> <a class="dropdown-item" href="/docs/reference/access-authn-authz/certificate-signing-requests/">English</a> </div> </li> </ul> </div> <button id="hamburger" onclick="kub.toggleMenu()" data-auto-burger-exclude><div></div></button> </nav> <section class="header-hero filler"> </section> </header> <div class="container-fluid td-outer"> <div class="td-main"> <div class="row flex-column flex-md-row"> <div id="sidebarnav" class="split td-sidebar d-print-none"> <script> $(function() { $("#td-section-nav a").removeClass("active"); $("#td-section-nav #m-zh-cn-docs-reference-access-authn-authz-certificate-signing-requests").addClass("active"); $("#td-section-nav #m-zh-cn-docs-reference-access-authn-authz-certificate-signing-requests-li span").addClass("td-sidebar-nav-active-item"); $("#td-section-nav #m-zh-cn-docs-reference-access-authn-authz-certificate-signing-requests").parents("li").addClass("active-path"); $("#td-section-nav li.active-path").addClass("show"); $("#td-section-nav li.active-path").children("input").prop('checked', true); $("#td-section-nav #m-zh-cn-docs-reference-access-authn-authz-certificate-signing-requests-li").siblings("li").addClass("show"); $("#td-section-nav #m-zh-cn-docs-reference-access-authn-authz-certificate-signing-requests-li").children("ul").children("li").addClass("show"); $("#td-sidebar-menu").toggleClass("d-none"); }); </script> <div id="td-sidebar-menu" class="td-sidebar__inner d-none"> <form class="td-sidebar__search d-flex align-items-center"> <input type="search" class="form-control td-search-input" name="q" placeholder="&#xf002 搜索" aria-label="搜索" autocomplete="off" > <button class="btn btn-link td-sidebar__toggle d-md-none p-0 ml-3 fas fa-bars" type="button" data-toggle="collapse" data-target="#td-section-nav" aria-controls="td-docs-nav" aria-expanded="false" aria-label="Toggle section navigation"> </button> </form> <nav class="collapse td-sidebar-nav foldable-nav" id="td-section-nav"> <ul class="td-sidebar-nav__section pr-md-3 ul-0"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-li"> <ul class="ul-1"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-home-li"> <input type="checkbox" id="m-zh-cn-docs-home-check"/> <label for="m-zh-cn-docs-home-check"><a href="/zh-cn/docs/home/" title="Kubernetes 文档" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-home"><span class="">文档</span></a></label> <ul class="ul-2 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-home-supported-doc-versions-li"> <input type="checkbox" id="m-zh-cn-docs-home-supported-doc-versions-check"/> <label for="m-zh-cn-docs-home-supported-doc-versions-check"><a href="/zh-cn/docs/home/supported-doc-versions/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-home-supported-doc-versions"><span class="">Kubernetes 文档支持的版本</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-setup-li"> <input type="checkbox" id="m-zh-cn-docs-setup-check"/> <label for="m-zh-cn-docs-setup-check"><a href="/zh-cn/docs/setup/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-setup"><span class="">入门</span></a></label> <ul class="ul-2 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-setup-learning-environment-li"> <input type="checkbox" id="m-zh-cn-docs-setup-learning-environment-check"/> <label for="m-zh-cn-docs-setup-learning-environment-check"><a href="/zh-cn/docs/setup/learning-environment/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-setup-learning-environment"><span class="">学习环境</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-setup-production-environment-li"> <input type="checkbox" id="m-zh-cn-docs-setup-production-environment-check"/> <label for="m-zh-cn-docs-setup-production-environment-check"><a href="/zh-cn/docs/setup/production-environment/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-setup-production-environment"><span class="">生产环境</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-setup-production-environment-container-runtimes-li"> <input type="checkbox" id="m-zh-cn-docs-setup-production-environment-container-runtimes-check"/> <label for="m-zh-cn-docs-setup-production-environment-container-runtimes-check"><a href="/zh-cn/docs/setup/production-environment/container-runtimes/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-setup-production-environment-container-runtimes"><span class="">容器运行时</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-setup-production-environment-tools-li"> <input type="checkbox" id="m-zh-cn-docs-setup-production-environment-tools-check"/> <label for="m-zh-cn-docs-setup-production-environment-tools-check"><a href="/zh-cn/docs/setup/production-environment/tools/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-setup-production-environment-tools"><span class="">使用部署工具安装 Kubernetes</span></a></label> <ul class="ul-4 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-setup-production-environment-tools-kubeadm-li"> <input type="checkbox" id="m-zh-cn-docs-setup-production-environment-tools-kubeadm-check"/> <label for="m-zh-cn-docs-setup-production-environment-tools-kubeadm-check"><a href="/zh-cn/docs/setup/production-environment/tools/kubeadm/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-setup-production-environment-tools-kubeadm"><span class="">使用 kubeadm 引导集群</span></a></label> <ul class="ul-5 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-setup-production-environment-tools-kubeadm-install-kubeadm-li"> <input type="checkbox" id="m-zh-cn-docs-setup-production-environment-tools-kubeadm-install-kubeadm-check"/> <label for="m-zh-cn-docs-setup-production-environment-tools-kubeadm-install-kubeadm-check"><a href="/zh-cn/docs/setup/production-environment/tools/kubeadm/install-kubeadm/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-setup-production-environment-tools-kubeadm-install-kubeadm"><span class="">安装 kubeadm</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-setup-production-environment-tools-kubeadm-troubleshooting-kubeadm-li"> <input type="checkbox" id="m-zh-cn-docs-setup-production-environment-tools-kubeadm-troubleshooting-kubeadm-check"/> <label for="m-zh-cn-docs-setup-production-environment-tools-kubeadm-troubleshooting-kubeadm-check"><a href="/zh-cn/docs/setup/production-environment/tools/kubeadm/troubleshooting-kubeadm/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-setup-production-environment-tools-kubeadm-troubleshooting-kubeadm"><span class="">对 kubeadm 进行故障排查</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-setup-production-environment-tools-kubeadm-create-cluster-kubeadm-li"> <input type="checkbox" id="m-zh-cn-docs-setup-production-environment-tools-kubeadm-create-cluster-kubeadm-check"/> <label for="m-zh-cn-docs-setup-production-environment-tools-kubeadm-create-cluster-kubeadm-check"><a href="/zh-cn/docs/setup/production-environment/tools/kubeadm/create-cluster-kubeadm/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-setup-production-environment-tools-kubeadm-create-cluster-kubeadm"><span class="">使用 kubeadm 创建集群</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-setup-production-environment-tools-kubeadm-control-plane-flags-li"> <input type="checkbox" id="m-zh-cn-docs-setup-production-environment-tools-kubeadm-control-plane-flags-check"/> <label for="m-zh-cn-docs-setup-production-environment-tools-kubeadm-control-plane-flags-check"><a href="/zh-cn/docs/setup/production-environment/tools/kubeadm/control-plane-flags/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-setup-production-environment-tools-kubeadm-control-plane-flags"><span class="">使用 kubeadm API 定制组件</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-setup-production-environment-tools-kubeadm-ha-topology-li"> <input type="checkbox" id="m-zh-cn-docs-setup-production-environment-tools-kubeadm-ha-topology-check"/> <label for="m-zh-cn-docs-setup-production-environment-tools-kubeadm-ha-topology-check"><a href="/zh-cn/docs/setup/production-environment/tools/kubeadm/ha-topology/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-setup-production-environment-tools-kubeadm-ha-topology"><span class="">高可用拓扑选项</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-setup-production-environment-tools-kubeadm-high-availability-li"> <input type="checkbox" id="m-zh-cn-docs-setup-production-environment-tools-kubeadm-high-availability-check"/> <label for="m-zh-cn-docs-setup-production-environment-tools-kubeadm-high-availability-check"><a href="/zh-cn/docs/setup/production-environment/tools/kubeadm/high-availability/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-setup-production-environment-tools-kubeadm-high-availability"><span class="">利用 kubeadm 创建高可用集群</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-setup-production-environment-tools-kubeadm-setup-ha-etcd-with-kubeadm-li"> <input type="checkbox" id="m-zh-cn-docs-setup-production-environment-tools-kubeadm-setup-ha-etcd-with-kubeadm-check"/> <label for="m-zh-cn-docs-setup-production-environment-tools-kubeadm-setup-ha-etcd-with-kubeadm-check"><a href="/zh-cn/docs/setup/production-environment/tools/kubeadm/setup-ha-etcd-with-kubeadm/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-setup-production-environment-tools-kubeadm-setup-ha-etcd-with-kubeadm"><span class="">使用 kubeadm 创建一个高可用 etcd 集群</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-setup-production-environment-tools-kubeadm-kubelet-integration-li"> <input type="checkbox" id="m-zh-cn-docs-setup-production-environment-tools-kubeadm-kubelet-integration-check"/> <label for="m-zh-cn-docs-setup-production-environment-tools-kubeadm-kubelet-integration-check"><a href="/zh-cn/docs/setup/production-environment/tools/kubeadm/kubelet-integration/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-setup-production-environment-tools-kubeadm-kubelet-integration"><span class="">使用 kubeadm 配置集群中的每个 kubelet</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-setup-production-environment-tools-kubeadm-dual-stack-support-li"> <input type="checkbox" id="m-zh-cn-docs-setup-production-environment-tools-kubeadm-dual-stack-support-check"/> <label for="m-zh-cn-docs-setup-production-environment-tools-kubeadm-dual-stack-support-check"><a href="/zh-cn/docs/setup/production-environment/tools/kubeadm/dual-stack-support/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-setup-production-environment-tools-kubeadm-dual-stack-support"><span class="">使用 kubeadm 支持双协议栈</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-setup-production-environment-tools-kops-li"> <input type="checkbox" id="m-zh-cn-docs-setup-production-environment-tools-kops-check"/> <label for="m-zh-cn-docs-setup-production-environment-tools-kops-check"><a href="/zh-cn/docs/setup/production-environment/tools/kops/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-setup-production-environment-tools-kops"><span class="">使用 kOps 安装 Kubernetes</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-setup-production-environment-tools-kubespray-li"> <input type="checkbox" id="m-zh-cn-docs-setup-production-environment-tools-kubespray-check"/> <label for="m-zh-cn-docs-setup-production-environment-tools-kubespray-check"><a href="/zh-cn/docs/setup/production-environment/tools/kubespray/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-setup-production-environment-tools-kubespray"><span class="">使用 Kubespray 安装 Kubernetes</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-setup-production-environment-turnkey-solutions-li"> <input type="checkbox" id="m-zh-cn-docs-setup-production-environment-turnkey-solutions-check"/> <label for="m-zh-cn-docs-setup-production-environment-turnkey-solutions-check"><a href="/zh-cn/docs/setup/production-environment/turnkey-solutions/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-setup-production-environment-turnkey-solutions"><span class="">Turnkey 云解决方案</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-setup-best-practices-li"> <input type="checkbox" id="m-zh-cn-docs-setup-best-practices-check"/> <label for="m-zh-cn-docs-setup-best-practices-check"><a href="/zh-cn/docs/setup/best-practices/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-setup-best-practices"><span class="">最佳实践</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-setup-best-practices-cluster-large-li"> <input type="checkbox" id="m-zh-cn-docs-setup-best-practices-cluster-large-check"/> <label for="m-zh-cn-docs-setup-best-practices-cluster-large-check"><a href="/zh-cn/docs/setup/best-practices/cluster-large/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-setup-best-practices-cluster-large"><span class="">大规模集群的注意事项</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-setup-best-practices-multiple-zones-li"> <input type="checkbox" id="m-zh-cn-docs-setup-best-practices-multiple-zones-check"/> <label for="m-zh-cn-docs-setup-best-practices-multiple-zones-check"><a href="/zh-cn/docs/setup/best-practices/multiple-zones/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-setup-best-practices-multiple-zones"><span class="">运行于多可用区环境</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-setup-best-practices-node-conformance-li"> <input type="checkbox" id="m-zh-cn-docs-setup-best-practices-node-conformance-check"/> <label for="m-zh-cn-docs-setup-best-practices-node-conformance-check"><a href="/zh-cn/docs/setup/best-practices/node-conformance/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-setup-best-practices-node-conformance"><span class="">校验节点设置</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-setup-best-practices-enforcing-pod-security-standards-li"> <input type="checkbox" id="m-zh-cn-docs-setup-best-practices-enforcing-pod-security-standards-check"/> <label for="m-zh-cn-docs-setup-best-practices-enforcing-pod-security-standards-check"><a href="/zh-cn/docs/setup/best-practices/enforcing-pod-security-standards/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-setup-best-practices-enforcing-pod-security-standards"><span class="">强制实施 Pod 安全性标准</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-setup-best-practices-certificates-li"> <input type="checkbox" id="m-zh-cn-docs-setup-best-practices-certificates-check"/> <label for="m-zh-cn-docs-setup-best-practices-certificates-check"><a href="/zh-cn/docs/setup/best-practices/certificates/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-setup-best-practices-certificates"><span class="">PKI 证书和要求</span></a></label> </li> </ul> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-concepts-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-check"/> <label for="m-zh-cn-docs-concepts-check"><a href="/zh-cn/docs/concepts/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-concepts"><span class="">概念</span></a></label> <ul class="ul-2 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-concepts-overview-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-overview-check"/> <label for="m-zh-cn-docs-concepts-overview-check"><a href="/zh-cn/docs/concepts/overview/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-concepts-overview"><span class="">概述</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-concepts-overview-working-with-objects-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-overview-working-with-objects-check"/> <label for="m-zh-cn-docs-concepts-overview-working-with-objects-check"><a href="/zh-cn/docs/concepts/overview/working-with-objects/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-concepts-overview-working-with-objects"><span class="">Kubernetes 对象</span></a></label> <ul class="ul-4 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-overview-working-with-objects-object-management-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-overview-working-with-objects-object-management-check"/> <label for="m-zh-cn-docs-concepts-overview-working-with-objects-object-management-check"><a href="/zh-cn/docs/concepts/overview/working-with-objects/object-management/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-overview-working-with-objects-object-management"><span class="">Kubernetes 对象管理</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-overview-working-with-objects-names-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-overview-working-with-objects-names-check"/> <label for="m-zh-cn-docs-concepts-overview-working-with-objects-names-check"><a href="/zh-cn/docs/concepts/overview/working-with-objects/names/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-overview-working-with-objects-names"><span class="">对象名称和 ID</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-overview-working-with-objects-labels-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-overview-working-with-objects-labels-check"/> <label for="m-zh-cn-docs-concepts-overview-working-with-objects-labels-check"><a href="/zh-cn/docs/concepts/overview/working-with-objects/labels/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-overview-working-with-objects-labels"><span class="">标签和选择算符</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-overview-working-with-objects-namespaces-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-overview-working-with-objects-namespaces-check"/> <label for="m-zh-cn-docs-concepts-overview-working-with-objects-namespaces-check"><a href="/zh-cn/docs/concepts/overview/working-with-objects/namespaces/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-overview-working-with-objects-namespaces"><span class="">名字空间</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-overview-working-with-objects-annotations-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-overview-working-with-objects-annotations-check"/> <label for="m-zh-cn-docs-concepts-overview-working-with-objects-annotations-check"><a href="/zh-cn/docs/concepts/overview/working-with-objects/annotations/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-overview-working-with-objects-annotations"><span class="">注解</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-overview-working-with-objects-field-selectors-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-overview-working-with-objects-field-selectors-check"/> <label for="m-zh-cn-docs-concepts-overview-working-with-objects-field-selectors-check"><a href="/zh-cn/docs/concepts/overview/working-with-objects/field-selectors/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-overview-working-with-objects-field-selectors"><span class="">字段选择器</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-overview-working-with-objects-finalizers-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-overview-working-with-objects-finalizers-check"/> <label for="m-zh-cn-docs-concepts-overview-working-with-objects-finalizers-check"><a href="/zh-cn/docs/concepts/overview/working-with-objects/finalizers/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-overview-working-with-objects-finalizers"><span class="">Finalizers</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-overview-working-with-objects-owners-dependents-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-overview-working-with-objects-owners-dependents-check"/> <label for="m-zh-cn-docs-concepts-overview-working-with-objects-owners-dependents-check"><a href="/zh-cn/docs/concepts/overview/working-with-objects/owners-dependents/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-overview-working-with-objects-owners-dependents"><span class="">属主与附属</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-overview-working-with-objects-common-labels-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-overview-working-with-objects-common-labels-check"/> <label for="m-zh-cn-docs-concepts-overview-working-with-objects-common-labels-check"><a href="/zh-cn/docs/concepts/overview/working-with-objects/common-labels/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-overview-working-with-objects-common-labels"><span class="">推荐使用的标签</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-overview-components-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-overview-components-check"/> <label for="m-zh-cn-docs-concepts-overview-components-check"><a href="/zh-cn/docs/concepts/overview/components/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-overview-components"><span class="">Kubernetes 组件</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-overview-kubernetes-api-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-overview-kubernetes-api-check"/> <label for="m-zh-cn-docs-concepts-overview-kubernetes-api-check"><a href="/zh-cn/docs/concepts/overview/kubernetes-api/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-overview-kubernetes-api"><span class="">Kubernetes API</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-concepts-architecture-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-architecture-check"/> <label for="m-zh-cn-docs-concepts-architecture-check"><a href="/zh-cn/docs/concepts/architecture/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-concepts-architecture"><span class="">Kubernetes 架构</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-architecture-nodes-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-architecture-nodes-check"/> <label for="m-zh-cn-docs-concepts-architecture-nodes-check"><a href="/zh-cn/docs/concepts/architecture/nodes/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-architecture-nodes"><span class="">节点</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-architecture-control-plane-node-communication-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-architecture-control-plane-node-communication-check"/> <label for="m-zh-cn-docs-concepts-architecture-control-plane-node-communication-check"><a href="/zh-cn/docs/concepts/architecture/control-plane-node-communication/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-architecture-control-plane-node-communication"><span class="">节点与控制面之间的通信</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-architecture-controller-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-architecture-controller-check"/> <label for="m-zh-cn-docs-concepts-architecture-controller-check"><a href="/zh-cn/docs/concepts/architecture/controller/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-architecture-controller"><span class="">控制器</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-architecture-leases-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-architecture-leases-check"/> <label for="m-zh-cn-docs-concepts-architecture-leases-check"><a href="/zh-cn/docs/concepts/architecture/leases/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-architecture-leases"><span class="">租约（Lease）</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-architecture-cloud-controller-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-architecture-cloud-controller-check"/> <label for="m-zh-cn-docs-concepts-architecture-cloud-controller-check"><a href="/zh-cn/docs/concepts/architecture/cloud-controller/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-architecture-cloud-controller"><span class="">云控制器管理器</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-architecture-cgroups-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-architecture-cgroups-check"/> <label for="m-zh-cn-docs-concepts-architecture-cgroups-check"><a href="/zh-cn/docs/concepts/architecture/cgroups/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-architecture-cgroups"><span class="">关于 cgroup v2</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-architecture-cri-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-architecture-cri-check"/> <label for="m-zh-cn-docs-concepts-architecture-cri-check"><a href="/zh-cn/docs/concepts/architecture/cri/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-architecture-cri"><span class="">容器运行时接口（CRI）</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-architecture-garbage-collection-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-architecture-garbage-collection-check"/> <label for="m-zh-cn-docs-concepts-architecture-garbage-collection-check"><a href="/zh-cn/docs/concepts/architecture/garbage-collection/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-architecture-garbage-collection"><span class="">垃圾收集</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-architecture-mixed-version-proxy-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-architecture-mixed-version-proxy-check"/> <label for="m-zh-cn-docs-concepts-architecture-mixed-version-proxy-check"><a href="/zh-cn/docs/concepts/architecture/mixed-version-proxy/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-architecture-mixed-version-proxy"><span class="">混合版本代理</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-concepts-containers-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-containers-check"/> <label for="m-zh-cn-docs-concepts-containers-check"><a href="/zh-cn/docs/concepts/containers/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-concepts-containers"><span class="">容器</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-containers-images-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-containers-images-check"/> <label for="m-zh-cn-docs-concepts-containers-images-check"><a href="/zh-cn/docs/concepts/containers/images/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-containers-images"><span class="">镜像</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-containers-container-environment-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-containers-container-environment-check"/> <label for="m-zh-cn-docs-concepts-containers-container-environment-check"><a href="/zh-cn/docs/concepts/containers/container-environment/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-containers-container-environment"><span class="">容器环境</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-containers-runtime-class-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-containers-runtime-class-check"/> <label for="m-zh-cn-docs-concepts-containers-runtime-class-check"><a href="/zh-cn/docs/concepts/containers/runtime-class/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-containers-runtime-class"><span class="">容器运行时类（Runtime Class）</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-containers-container-lifecycle-hooks-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-containers-container-lifecycle-hooks-check"/> <label for="m-zh-cn-docs-concepts-containers-container-lifecycle-hooks-check"><a href="/zh-cn/docs/concepts/containers/container-lifecycle-hooks/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-containers-container-lifecycle-hooks"><span class="">容器生命周期回调</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-concepts-workloads-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-workloads-check"/> <label for="m-zh-cn-docs-concepts-workloads-check"><a href="/zh-cn/docs/concepts/workloads/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-concepts-workloads"><span class="">工作负载</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-concepts-workloads-pods-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-workloads-pods-check"/> <label for="m-zh-cn-docs-concepts-workloads-pods-check"><a href="/zh-cn/docs/concepts/workloads/pods/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-concepts-workloads-pods"><span class="">Pod</span></a></label> <ul class="ul-4 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-workloads-pods-pod-lifecycle-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-workloads-pods-pod-lifecycle-check"/> <label for="m-zh-cn-docs-concepts-workloads-pods-pod-lifecycle-check"><a href="/zh-cn/docs/concepts/workloads/pods/pod-lifecycle/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-workloads-pods-pod-lifecycle"><span class="">Pod 的生命周期</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-workloads-pods-init-containers-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-workloads-pods-init-containers-check"/> <label for="m-zh-cn-docs-concepts-workloads-pods-init-containers-check"><a href="/zh-cn/docs/concepts/workloads/pods/init-containers/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-workloads-pods-init-containers"><span class="">Init 容器</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-docs-concepts-workloads-pods-sidecar-containers-li"> <input type="checkbox" id="m-docs-concepts-workloads-pods-sidecar-containers-check"/> <label for="m-docs-concepts-workloads-pods-sidecar-containers-check"><a href="/docs/concepts/workloads/pods/sidecar-containers/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-docs-concepts-workloads-pods-sidecar-containers"><span class="">Sidecar Containers</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-workloads-pods-disruptions-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-workloads-pods-disruptions-check"/> <label for="m-zh-cn-docs-concepts-workloads-pods-disruptions-check"><a href="/zh-cn/docs/concepts/workloads/pods/disruptions/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-workloads-pods-disruptions"><span class="">干扰（Disruptions）</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-workloads-pods-ephemeral-containers-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-workloads-pods-ephemeral-containers-check"/> <label for="m-zh-cn-docs-concepts-workloads-pods-ephemeral-containers-check"><a href="/zh-cn/docs/concepts/workloads/pods/ephemeral-containers/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-workloads-pods-ephemeral-containers"><span class="">临时容器</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-workloads-pods-pod-qos-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-workloads-pods-pod-qos-check"/> <label for="m-zh-cn-docs-concepts-workloads-pods-pod-qos-check"><a href="/zh-cn/docs/concepts/workloads/pods/pod-qos/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-workloads-pods-pod-qos"><span class="">Pod QoS 类</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-workloads-pods-user-namespaces-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-workloads-pods-user-namespaces-check"/> <label for="m-zh-cn-docs-concepts-workloads-pods-user-namespaces-check"><a href="/zh-cn/docs/concepts/workloads/pods/user-namespaces/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-workloads-pods-user-namespaces"><span class="">用户命名空间</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-workloads-pods-downward-api-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-workloads-pods-downward-api-check"/> <label for="m-zh-cn-docs-concepts-workloads-pods-downward-api-check"><a href="/zh-cn/docs/concepts/workloads/pods/downward-api/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-workloads-pods-downward-api"><span class="">Downward API</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-concepts-workloads-controllers-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-workloads-controllers-check"/> <label for="m-zh-cn-docs-concepts-workloads-controllers-check"><a href="/zh-cn/docs/concepts/workloads/controllers/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-concepts-workloads-controllers"><span class="">工作负载资源</span></a></label> <ul class="ul-4 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-workloads-controllers-deployment-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-workloads-controllers-deployment-check"/> <label for="m-zh-cn-docs-concepts-workloads-controllers-deployment-check"><a href="/zh-cn/docs/concepts/workloads/controllers/deployment/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-workloads-controllers-deployment"><span class="">Deployments</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-workloads-controllers-replicaset-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-workloads-controllers-replicaset-check"/> <label for="m-zh-cn-docs-concepts-workloads-controllers-replicaset-check"><a href="/zh-cn/docs/concepts/workloads/controllers/replicaset/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-workloads-controllers-replicaset"><span class="">ReplicaSet</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-workloads-controllers-statefulset-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-workloads-controllers-statefulset-check"/> <label for="m-zh-cn-docs-concepts-workloads-controllers-statefulset-check"><a href="/zh-cn/docs/concepts/workloads/controllers/statefulset/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-workloads-controllers-statefulset"><span class="">StatefulSet</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-workloads-controllers-daemonset-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-workloads-controllers-daemonset-check"/> <label for="m-zh-cn-docs-concepts-workloads-controllers-daemonset-check"><a href="/zh-cn/docs/concepts/workloads/controllers/daemonset/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-workloads-controllers-daemonset"><span class="">DaemonSet</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-workloads-controllers-job-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-workloads-controllers-job-check"/> <label for="m-zh-cn-docs-concepts-workloads-controllers-job-check"><a href="/zh-cn/docs/concepts/workloads/controllers/job/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-workloads-controllers-job"><span class="">Job</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-workloads-controllers-ttlafterfinished-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-workloads-controllers-ttlafterfinished-check"/> <label for="m-zh-cn-docs-concepts-workloads-controllers-ttlafterfinished-check"><a href="/zh-cn/docs/concepts/workloads/controllers/ttlafterfinished/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-workloads-controllers-ttlafterfinished"><span class="">已完成 Job 的自动清理</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-workloads-controllers-cron-jobs-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-workloads-controllers-cron-jobs-check"/> <label for="m-zh-cn-docs-concepts-workloads-controllers-cron-jobs-check"><a href="/zh-cn/docs/concepts/workloads/controllers/cron-jobs/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-workloads-controllers-cron-jobs"><span class="">CronJob</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-workloads-controllers-replicationcontroller-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-workloads-controllers-replicationcontroller-check"/> <label for="m-zh-cn-docs-concepts-workloads-controllers-replicationcontroller-check"><a href="/zh-cn/docs/concepts/workloads/controllers/replicationcontroller/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-workloads-controllers-replicationcontroller"><span class="">ReplicationController</span></a></label> </li> </ul> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-concepts-services-networking-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-services-networking-check"/> <label for="m-zh-cn-docs-concepts-services-networking-check"><a href="/zh-cn/docs/concepts/services-networking/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-concepts-services-networking"><span class="">服务、负载均衡和联网</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-services-networking-service-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-services-networking-service-check"/> <label for="m-zh-cn-docs-concepts-services-networking-service-check"><a href="/zh-cn/docs/concepts/services-networking/service/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-services-networking-service"><span class="">服务（Service）</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-services-networking-ingress-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-services-networking-ingress-check"/> <label for="m-zh-cn-docs-concepts-services-networking-ingress-check"><a href="/zh-cn/docs/concepts/services-networking/ingress/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-services-networking-ingress"><span class="">Ingress</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-services-networking-ingress-controllers-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-services-networking-ingress-controllers-check"/> <label for="m-zh-cn-docs-concepts-services-networking-ingress-controllers-check"><a href="/zh-cn/docs/concepts/services-networking/ingress-controllers/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-services-networking-ingress-controllers"><span class="">Ingress 控制器</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-docs-concepts-services-networking-gateway-li"> <input type="checkbox" id="m-docs-concepts-services-networking-gateway-check"/> <label for="m-docs-concepts-services-networking-gateway-check"><a href="/docs/concepts/services-networking/gateway/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-docs-concepts-services-networking-gateway"><span class="">Gateway API</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-services-networking-endpoint-slices-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-services-networking-endpoint-slices-check"/> <label for="m-zh-cn-docs-concepts-services-networking-endpoint-slices-check"><a href="/zh-cn/docs/concepts/services-networking/endpoint-slices/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-services-networking-endpoint-slices"><span class="">EndpointSlice</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-services-networking-network-policies-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-services-networking-network-policies-check"/> <label for="m-zh-cn-docs-concepts-services-networking-network-policies-check"><a href="/zh-cn/docs/concepts/services-networking/network-policies/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-services-networking-network-policies"><span class="">网络策略</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-services-networking-dns-pod-service-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-services-networking-dns-pod-service-check"/> <label for="m-zh-cn-docs-concepts-services-networking-dns-pod-service-check"><a href="/zh-cn/docs/concepts/services-networking/dns-pod-service/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-services-networking-dns-pod-service"><span class="">Service 与 Pod 的 DNS</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-services-networking-dual-stack-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-services-networking-dual-stack-check"/> <label for="m-zh-cn-docs-concepts-services-networking-dual-stack-check"><a href="/zh-cn/docs/concepts/services-networking/dual-stack/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-services-networking-dual-stack"><span class="">IPv4/IPv6 双协议栈</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-services-networking-topology-aware-routing-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-services-networking-topology-aware-routing-check"/> <label for="m-zh-cn-docs-concepts-services-networking-topology-aware-routing-check"><a href="/zh-cn/docs/concepts/services-networking/topology-aware-routing/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-services-networking-topology-aware-routing"><span class="">拓扑感知路由</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-services-networking-windows-networking-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-services-networking-windows-networking-check"/> <label for="m-zh-cn-docs-concepts-services-networking-windows-networking-check"><a href="/zh-cn/docs/concepts/services-networking/windows-networking/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-services-networking-windows-networking"><span class="">Windows 网络</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-services-networking-cluster-ip-allocation-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-services-networking-cluster-ip-allocation-check"/> <label for="m-zh-cn-docs-concepts-services-networking-cluster-ip-allocation-check"><a href="/zh-cn/docs/concepts/services-networking/cluster-ip-allocation/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-services-networking-cluster-ip-allocation"><span class="">Service ClusterIP 分配</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-services-networking-service-traffic-policy-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-services-networking-service-traffic-policy-check"/> <label for="m-zh-cn-docs-concepts-services-networking-service-traffic-policy-check"><a href="/zh-cn/docs/concepts/services-networking/service-traffic-policy/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-services-networking-service-traffic-policy"><span class="">服务内部流量策略</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-concepts-storage-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-storage-check"/> <label for="m-zh-cn-docs-concepts-storage-check"><a href="/zh-cn/docs/concepts/storage/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-concepts-storage"><span class="">存储</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-storage-volumes-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-storage-volumes-check"/> <label for="m-zh-cn-docs-concepts-storage-volumes-check"><a href="/zh-cn/docs/concepts/storage/volumes/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-storage-volumes"><span class="">卷</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-storage-persistent-volumes-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-storage-persistent-volumes-check"/> <label for="m-zh-cn-docs-concepts-storage-persistent-volumes-check"><a href="/zh-cn/docs/concepts/storage/persistent-volumes/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-storage-persistent-volumes"><span class="">持久卷</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-storage-projected-volumes-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-storage-projected-volumes-check"/> <label for="m-zh-cn-docs-concepts-storage-projected-volumes-check"><a href="/zh-cn/docs/concepts/storage/projected-volumes/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-storage-projected-volumes"><span class="">投射卷</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-storage-ephemeral-volumes-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-storage-ephemeral-volumes-check"/> <label for="m-zh-cn-docs-concepts-storage-ephemeral-volumes-check"><a href="/zh-cn/docs/concepts/storage/ephemeral-volumes/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-storage-ephemeral-volumes"><span class="">临时卷</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-storage-storage-classes-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-storage-storage-classes-check"/> <label for="m-zh-cn-docs-concepts-storage-storage-classes-check"><a href="/zh-cn/docs/concepts/storage/storage-classes/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-storage-storage-classes"><span class="">存储类</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-storage-dynamic-provisioning-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-storage-dynamic-provisioning-check"/> <label for="m-zh-cn-docs-concepts-storage-dynamic-provisioning-check"><a href="/zh-cn/docs/concepts/storage/dynamic-provisioning/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-storage-dynamic-provisioning"><span class="">动态卷制备</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-storage-volume-snapshots-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-storage-volume-snapshots-check"/> <label for="m-zh-cn-docs-concepts-storage-volume-snapshots-check"><a href="/zh-cn/docs/concepts/storage/volume-snapshots/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-storage-volume-snapshots"><span class="">卷快照</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-storage-volume-snapshot-classes-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-storage-volume-snapshot-classes-check"/> <label for="m-zh-cn-docs-concepts-storage-volume-snapshot-classes-check"><a href="/zh-cn/docs/concepts/storage/volume-snapshot-classes/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-storage-volume-snapshot-classes"><span class="">卷快照类</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-storage-volume-pvc-datasource-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-storage-volume-pvc-datasource-check"/> <label for="m-zh-cn-docs-concepts-storage-volume-pvc-datasource-check"><a href="/zh-cn/docs/concepts/storage/volume-pvc-datasource/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-storage-volume-pvc-datasource"><span class="">CSI 卷克隆</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-storage-storage-capacity-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-storage-storage-capacity-check"/> <label for="m-zh-cn-docs-concepts-storage-storage-capacity-check"><a href="/zh-cn/docs/concepts/storage/storage-capacity/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-storage-storage-capacity"><span class="">存储容量</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-storage-storage-limits-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-storage-storage-limits-check"/> <label for="m-zh-cn-docs-concepts-storage-storage-limits-check"><a href="/zh-cn/docs/concepts/storage/storage-limits/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-storage-storage-limits"><span class="">特定于节点的卷数限制</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-storage-volume-health-monitoring-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-storage-volume-health-monitoring-check"/> <label for="m-zh-cn-docs-concepts-storage-volume-health-monitoring-check"><a href="/zh-cn/docs/concepts/storage/volume-health-monitoring/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-storage-volume-health-monitoring"><span class="">卷健康监测</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-storage-windows-storage-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-storage-windows-storage-check"/> <label for="m-zh-cn-docs-concepts-storage-windows-storage-check"><a href="/zh-cn/docs/concepts/storage/windows-storage/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-storage-windows-storage"><span class="">Windows 存储</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-concepts-configuration-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-configuration-check"/> <label for="m-zh-cn-docs-concepts-configuration-check"><a href="/zh-cn/docs/concepts/configuration/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-concepts-configuration"><span class="">配置</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-configuration-overview-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-configuration-overview-check"/> <label for="m-zh-cn-docs-concepts-configuration-overview-check"><a href="/zh-cn/docs/concepts/configuration/overview/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-configuration-overview"><span class="">配置最佳实践</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-configuration-configmap-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-configuration-configmap-check"/> <label for="m-zh-cn-docs-concepts-configuration-configmap-check"><a href="/zh-cn/docs/concepts/configuration/configmap/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-configuration-configmap"><span class="">ConfigMap</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-configuration-secret-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-configuration-secret-check"/> <label for="m-zh-cn-docs-concepts-configuration-secret-check"><a href="/zh-cn/docs/concepts/configuration/secret/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-configuration-secret"><span class="">Secret</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-configuration-manage-resources-containers-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-configuration-manage-resources-containers-check"/> <label for="m-zh-cn-docs-concepts-configuration-manage-resources-containers-check"><a href="/zh-cn/docs/concepts/configuration/manage-resources-containers/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-configuration-manage-resources-containers"><span class="">为 Pod 和容器管理资源</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-configuration-organize-cluster-access-kubeconfig-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-configuration-organize-cluster-access-kubeconfig-check"/> <label for="m-zh-cn-docs-concepts-configuration-organize-cluster-access-kubeconfig-check"><a href="/zh-cn/docs/concepts/configuration/organize-cluster-access-kubeconfig/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-configuration-organize-cluster-access-kubeconfig"><span class="">使用 kubeconfig 文件组织集群访问</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-configuration-windows-resource-management-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-configuration-windows-resource-management-check"/> <label for="m-zh-cn-docs-concepts-configuration-windows-resource-management-check"><a href="/zh-cn/docs/concepts/configuration/windows-resource-management/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-configuration-windows-resource-management"><span class="">Windows 节点的资源管理</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-concepts-security-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-security-check"/> <label for="m-zh-cn-docs-concepts-security-check"><a href="/zh-cn/docs/concepts/security/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-concepts-security"><span class="">安全</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-security-overview-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-security-overview-check"/> <label for="m-zh-cn-docs-concepts-security-overview-check"><a href="/zh-cn/docs/concepts/security/overview/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-security-overview"><span class="">云原生安全概述</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-security-pod-security-standards-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-security-pod-security-standards-check"/> <label for="m-zh-cn-docs-concepts-security-pod-security-standards-check"><a href="/zh-cn/docs/concepts/security/pod-security-standards/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-security-pod-security-standards"><span class="">Pod 安全性标准</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-security-service-accounts-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-security-service-accounts-check"/> <label for="m-zh-cn-docs-concepts-security-service-accounts-check"><a href="/zh-cn/docs/concepts/security/service-accounts/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-security-service-accounts"><span class="">服务账号</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-security-pod-security-admission-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-security-pod-security-admission-check"/> <label for="m-zh-cn-docs-concepts-security-pod-security-admission-check"><a href="/zh-cn/docs/concepts/security/pod-security-admission/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-security-pod-security-admission"><span class="">Pod 安全性准入</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-security-pod-security-policy-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-security-pod-security-policy-check"/> <label for="m-zh-cn-docs-concepts-security-pod-security-policy-check"><a href="/zh-cn/docs/concepts/security/pod-security-policy/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-security-pod-security-policy"><span class="">Pod 安全策略</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-security-windows-security-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-security-windows-security-check"/> <label for="m-zh-cn-docs-concepts-security-windows-security-check"><a href="/zh-cn/docs/concepts/security/windows-security/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-security-windows-security"><span class="">Windows 节点的安全性</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-security-controlling-access-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-security-controlling-access-check"/> <label for="m-zh-cn-docs-concepts-security-controlling-access-check"><a href="/zh-cn/docs/concepts/security/controlling-access/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-security-controlling-access"><span class="">Kubernetes API 访问控制</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-security-rbac-good-practices-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-security-rbac-good-practices-check"/> <label for="m-zh-cn-docs-concepts-security-rbac-good-practices-check"><a href="/zh-cn/docs/concepts/security/rbac-good-practices/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-security-rbac-good-practices"><span class="">基于角色的访问控制良好实践</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-security-secrets-good-practices-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-security-secrets-good-practices-check"/> <label for="m-zh-cn-docs-concepts-security-secrets-good-practices-check"><a href="/zh-cn/docs/concepts/security/secrets-good-practices/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-security-secrets-good-practices"><span class="">Kubernetes Secret 良好实践</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-security-multi-tenancy-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-security-multi-tenancy-check"/> <label for="m-zh-cn-docs-concepts-security-multi-tenancy-check"><a href="/zh-cn/docs/concepts/security/multi-tenancy/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-security-multi-tenancy"><span class="">多租户</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-docs-concepts-security-hardening-guide-authentication-mechanisms-li"> <input type="checkbox" id="m-docs-concepts-security-hardening-guide-authentication-mechanisms-check"/> <label for="m-docs-concepts-security-hardening-guide-authentication-mechanisms-check"><a href="/docs/concepts/security/hardening-guide/authentication-mechanisms/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-docs-concepts-security-hardening-guide-authentication-mechanisms"><span class="">Hardening Guide - Authentication Mechanisms</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-security-api-server-bypass-risks-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-security-api-server-bypass-risks-check"/> <label for="m-zh-cn-docs-concepts-security-api-server-bypass-risks-check"><a href="/zh-cn/docs/concepts/security/api-server-bypass-risks/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-security-api-server-bypass-risks"><span class="">Kubernetes API 服务器旁路风险</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-security-security-checklist-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-security-security-checklist-check"/> <label for="m-zh-cn-docs-concepts-security-security-checklist-check"><a href="/zh-cn/docs/concepts/security/security-checklist/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-security-security-checklist"><span class="">安全检查清单</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-concepts-policy-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-policy-check"/> <label for="m-zh-cn-docs-concepts-policy-check"><a href="/zh-cn/docs/concepts/policy/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-concepts-policy"><span class="">策略</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-policy-limit-range-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-policy-limit-range-check"/> <label for="m-zh-cn-docs-concepts-policy-limit-range-check"><a href="/zh-cn/docs/concepts/policy/limit-range/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-policy-limit-range"><span class="">限制范围</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-policy-resource-quotas-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-policy-resource-quotas-check"/> <label for="m-zh-cn-docs-concepts-policy-resource-quotas-check"><a href="/zh-cn/docs/concepts/policy/resource-quotas/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-policy-resource-quotas"><span class="">资源配额</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-policy-pid-limiting-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-policy-pid-limiting-check"/> <label for="m-zh-cn-docs-concepts-policy-pid-limiting-check"><a href="/zh-cn/docs/concepts/policy/pid-limiting/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-policy-pid-limiting"><span class="">进程 ID 约束与预留</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-policy-node-resource-managers-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-policy-node-resource-managers-check"/> <label for="m-zh-cn-docs-concepts-policy-node-resource-managers-check"><a href="/zh-cn/docs/concepts/policy/node-resource-managers/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-policy-node-resource-managers"><span class="">节点资源管理器</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-concepts-scheduling-eviction-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-scheduling-eviction-check"/> <label for="m-zh-cn-docs-concepts-scheduling-eviction-check"><a href="/zh-cn/docs/concepts/scheduling-eviction/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-concepts-scheduling-eviction"><span class="">调度、抢占和驱逐</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-scheduling-eviction-kube-scheduler-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-scheduling-eviction-kube-scheduler-check"/> <label for="m-zh-cn-docs-concepts-scheduling-eviction-kube-scheduler-check"><a href="/zh-cn/docs/concepts/scheduling-eviction/kube-scheduler/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-scheduling-eviction-kube-scheduler"><span class="">Kubernetes 调度器</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-scheduling-eviction-assign-pod-node-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-scheduling-eviction-assign-pod-node-check"/> <label for="m-zh-cn-docs-concepts-scheduling-eviction-assign-pod-node-check"><a href="/zh-cn/docs/concepts/scheduling-eviction/assign-pod-node/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-scheduling-eviction-assign-pod-node"><span class="">将 Pod 指派给节点</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-scheduling-eviction-pod-overhead-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-scheduling-eviction-pod-overhead-check"/> <label for="m-zh-cn-docs-concepts-scheduling-eviction-pod-overhead-check"><a href="/zh-cn/docs/concepts/scheduling-eviction/pod-overhead/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-scheduling-eviction-pod-overhead"><span class="">Pod 开销</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-scheduling-eviction-pod-scheduling-readiness-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-scheduling-eviction-pod-scheduling-readiness-check"/> <label for="m-zh-cn-docs-concepts-scheduling-eviction-pod-scheduling-readiness-check"><a href="/zh-cn/docs/concepts/scheduling-eviction/pod-scheduling-readiness/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-scheduling-eviction-pod-scheduling-readiness"><span class="">Pod 调度就绪态</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-scheduling-eviction-topology-spread-constraints-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-scheduling-eviction-topology-spread-constraints-check"/> <label for="m-zh-cn-docs-concepts-scheduling-eviction-topology-spread-constraints-check"><a href="/zh-cn/docs/concepts/scheduling-eviction/topology-spread-constraints/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-scheduling-eviction-topology-spread-constraints"><span class="">Pod 拓扑分布约束</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-scheduling-eviction-taint-and-toleration-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-scheduling-eviction-taint-and-toleration-check"/> <label for="m-zh-cn-docs-concepts-scheduling-eviction-taint-and-toleration-check"><a href="/zh-cn/docs/concepts/scheduling-eviction/taint-and-toleration/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-scheduling-eviction-taint-and-toleration"><span class="">污点和容忍度</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-scheduling-eviction-scheduling-framework-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-scheduling-eviction-scheduling-framework-check"/> <label for="m-zh-cn-docs-concepts-scheduling-eviction-scheduling-framework-check"><a href="/zh-cn/docs/concepts/scheduling-eviction/scheduling-framework/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-scheduling-eviction-scheduling-framework"><span class="">调度框架</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-scheduling-eviction-dynamic-resource-allocation-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-scheduling-eviction-dynamic-resource-allocation-check"/> <label for="m-zh-cn-docs-concepts-scheduling-eviction-dynamic-resource-allocation-check"><a href="/zh-cn/docs/concepts/scheduling-eviction/dynamic-resource-allocation/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-scheduling-eviction-dynamic-resource-allocation"><span class="">动态资源分配</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-scheduling-eviction-scheduler-perf-tuning-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-scheduling-eviction-scheduler-perf-tuning-check"/> <label for="m-zh-cn-docs-concepts-scheduling-eviction-scheduler-perf-tuning-check"><a href="/zh-cn/docs/concepts/scheduling-eviction/scheduler-perf-tuning/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-scheduling-eviction-scheduler-perf-tuning"><span class="">调度器性能调优</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-scheduling-eviction-resource-bin-packing-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-scheduling-eviction-resource-bin-packing-check"/> <label for="m-zh-cn-docs-concepts-scheduling-eviction-resource-bin-packing-check"><a href="/zh-cn/docs/concepts/scheduling-eviction/resource-bin-packing/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-scheduling-eviction-resource-bin-packing"><span class="">资源装箱</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-scheduling-eviction-pod-priority-preemption-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-scheduling-eviction-pod-priority-preemption-check"/> <label for="m-zh-cn-docs-concepts-scheduling-eviction-pod-priority-preemption-check"><a href="/zh-cn/docs/concepts/scheduling-eviction/pod-priority-preemption/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-scheduling-eviction-pod-priority-preemption"><span class="">Pod 优先级和抢占</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-scheduling-eviction-node-pressure-eviction-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-scheduling-eviction-node-pressure-eviction-check"/> <label for="m-zh-cn-docs-concepts-scheduling-eviction-node-pressure-eviction-check"><a href="/zh-cn/docs/concepts/scheduling-eviction/node-pressure-eviction/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-scheduling-eviction-node-pressure-eviction"><span class="">节点压力驱逐</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-scheduling-eviction-api-eviction-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-scheduling-eviction-api-eviction-check"/> <label for="m-zh-cn-docs-concepts-scheduling-eviction-api-eviction-check"><a href="/zh-cn/docs/concepts/scheduling-eviction/api-eviction/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-scheduling-eviction-api-eviction"><span class="">API 发起的驱逐</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-concepts-cluster-administration-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-cluster-administration-check"/> <label for="m-zh-cn-docs-concepts-cluster-administration-check"><a href="/zh-cn/docs/concepts/cluster-administration/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-concepts-cluster-administration"><span class="">集群管理</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-cluster-administration-certificates-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-cluster-administration-certificates-check"/> <label for="m-zh-cn-docs-concepts-cluster-administration-certificates-check"><a href="/zh-cn/docs/concepts/cluster-administration/certificates/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-cluster-administration-certificates"><span class="">证书</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-cluster-administration-manage-deployment-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-cluster-administration-manage-deployment-check"/> <label for="m-zh-cn-docs-concepts-cluster-administration-manage-deployment-check"><a href="/zh-cn/docs/concepts/cluster-administration/manage-deployment/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-cluster-administration-manage-deployment"><span class="">管理资源</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-cluster-administration-networking-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-cluster-administration-networking-check"/> <label for="m-zh-cn-docs-concepts-cluster-administration-networking-check"><a href="/zh-cn/docs/concepts/cluster-administration/networking/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-cluster-administration-networking"><span class="">集群网络系统</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-cluster-administration-logging-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-cluster-administration-logging-check"/> <label for="m-zh-cn-docs-concepts-cluster-administration-logging-check"><a href="/zh-cn/docs/concepts/cluster-administration/logging/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-cluster-administration-logging"><span class="">日志架构</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-cluster-administration-system-metrics-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-cluster-administration-system-metrics-check"/> <label for="m-zh-cn-docs-concepts-cluster-administration-system-metrics-check"><a href="/zh-cn/docs/concepts/cluster-administration/system-metrics/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-cluster-administration-system-metrics"><span class="">Kubernetes 系统组件指标</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-cluster-administration-system-logs-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-cluster-administration-system-logs-check"/> <label for="m-zh-cn-docs-concepts-cluster-administration-system-logs-check"><a href="/zh-cn/docs/concepts/cluster-administration/system-logs/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-cluster-administration-system-logs"><span class="">系统日志</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-cluster-administration-system-traces-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-cluster-administration-system-traces-check"/> <label for="m-zh-cn-docs-concepts-cluster-administration-system-traces-check"><a href="/zh-cn/docs/concepts/cluster-administration/system-traces/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-cluster-administration-system-traces"><span class="">追踪 Kubernetes 系统组件</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-cluster-administration-proxies-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-cluster-administration-proxies-check"/> <label for="m-zh-cn-docs-concepts-cluster-administration-proxies-check"><a href="/zh-cn/docs/concepts/cluster-administration/proxies/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-cluster-administration-proxies"><span class="">Kubernetes 中的代理</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-cluster-administration-flow-control-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-cluster-administration-flow-control-check"/> <label for="m-zh-cn-docs-concepts-cluster-administration-flow-control-check"><a href="/zh-cn/docs/concepts/cluster-administration/flow-control/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-cluster-administration-flow-control"><span class="">API 优先级和公平性</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-cluster-administration-addons-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-cluster-administration-addons-check"/> <label for="m-zh-cn-docs-concepts-cluster-administration-addons-check"><a href="/zh-cn/docs/concepts/cluster-administration/addons/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-cluster-administration-addons"><span class="">安装扩展（Addon）</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-concepts-windows-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-windows-check"/> <label for="m-zh-cn-docs-concepts-windows-check"><a href="/zh-cn/docs/concepts/windows/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-concepts-windows"><span class="">Kubernetes 中的 Windows</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-windows-intro-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-windows-intro-check"/> <label for="m-zh-cn-docs-concepts-windows-intro-check"><a href="/zh-cn/docs/concepts/windows/intro/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-windows-intro"><span class="">Kubernetes 中的 Windows 容器</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-windows-user-guide-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-windows-user-guide-check"/> <label for="m-zh-cn-docs-concepts-windows-user-guide-check"><a href="/zh-cn/docs/concepts/windows/user-guide/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-windows-user-guide"><span class="">Kubernetes 中的 Windows 容器调度指南</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-concepts-extend-kubernetes-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-extend-kubernetes-check"/> <label for="m-zh-cn-docs-concepts-extend-kubernetes-check"><a href="/zh-cn/docs/concepts/extend-kubernetes/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-concepts-extend-kubernetes"><span class="">扩展 Kubernetes</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-extend-kubernetes-operator-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-extend-kubernetes-operator-check"/> <label for="m-zh-cn-docs-concepts-extend-kubernetes-operator-check"><a href="/zh-cn/docs/concepts/extend-kubernetes/operator/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-extend-kubernetes-operator"><span class="">Operator 模式</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-concepts-extend-kubernetes-compute-storage-net-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-extend-kubernetes-compute-storage-net-check"/> <label for="m-zh-cn-docs-concepts-extend-kubernetes-compute-storage-net-check"><a href="/zh-cn/docs/concepts/extend-kubernetes/compute-storage-net/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-concepts-extend-kubernetes-compute-storage-net"><span class="">计算、存储和网络扩展</span></a></label> <ul class="ul-4 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-extend-kubernetes-compute-storage-net-network-plugins-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-extend-kubernetes-compute-storage-net-network-plugins-check"/> <label for="m-zh-cn-docs-concepts-extend-kubernetes-compute-storage-net-network-plugins-check"><a href="/zh-cn/docs/concepts/extend-kubernetes/compute-storage-net/network-plugins/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-extend-kubernetes-compute-storage-net-network-plugins"><span class="">网络插件</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-extend-kubernetes-compute-storage-net-device-plugins-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-extend-kubernetes-compute-storage-net-device-plugins-check"/> <label for="m-zh-cn-docs-concepts-extend-kubernetes-compute-storage-net-device-plugins-check"><a href="/zh-cn/docs/concepts/extend-kubernetes/compute-storage-net/device-plugins/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-extend-kubernetes-compute-storage-net-device-plugins"><span class="">设备插件</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-concepts-extend-kubernetes-api-extension-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-extend-kubernetes-api-extension-check"/> <label for="m-zh-cn-docs-concepts-extend-kubernetes-api-extension-check"><a href="/zh-cn/docs/concepts/extend-kubernetes/api-extension/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-concepts-extend-kubernetes-api-extension"><span class="">扩展 Kubernetes API</span></a></label> <ul class="ul-4 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-extend-kubernetes-api-extension-custom-resources-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-extend-kubernetes-api-extension-custom-resources-check"/> <label for="m-zh-cn-docs-concepts-extend-kubernetes-api-extension-custom-resources-check"><a href="/zh-cn/docs/concepts/extend-kubernetes/api-extension/custom-resources/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-extend-kubernetes-api-extension-custom-resources"><span class="">定制资源</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-concepts-extend-kubernetes-api-extension-apiserver-aggregation-li"> <input type="checkbox" id="m-zh-cn-docs-concepts-extend-kubernetes-api-extension-apiserver-aggregation-check"/> <label for="m-zh-cn-docs-concepts-extend-kubernetes-api-extension-apiserver-aggregation-check"><a href="/zh-cn/docs/concepts/extend-kubernetes/api-extension/apiserver-aggregation/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-concepts-extend-kubernetes-api-extension-apiserver-aggregation"><span class="">Kubernetes API 聚合层</span></a></label> </li> </ul> </li> </ul> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-tasks-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-check"/> <label for="m-zh-cn-docs-tasks-check"><a href="/zh-cn/docs/tasks/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-tasks"><span class="">任务</span></a></label> <ul class="ul-2 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-tasks-tools-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-tools-check"/> <label for="m-zh-cn-docs-tasks-tools-check"><a href="/zh-cn/docs/tasks/tools/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-tasks-tools"><span class="">安装工具</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-tools-install-kubectl-linux-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-tools-install-kubectl-linux-check"/> <label for="m-zh-cn-docs-tasks-tools-install-kubectl-linux-check"><a href="/zh-cn/docs/tasks/tools/install-kubectl-linux/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-tools-install-kubectl-linux"><span class="">在 Linux 系统中安装并设置 kubectl</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-tools-install-kubectl-macos-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-tools-install-kubectl-macos-check"/> <label for="m-zh-cn-docs-tasks-tools-install-kubectl-macos-check"><a href="/zh-cn/docs/tasks/tools/install-kubectl-macos/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-tools-install-kubectl-macos"><span class="">在 macOS 系统上安装和设置 kubectl</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-tools-install-kubectl-windows-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-tools-install-kubectl-windows-check"/> <label for="m-zh-cn-docs-tasks-tools-install-kubectl-windows-check"><a href="/zh-cn/docs/tasks/tools/install-kubectl-windows/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-tools-install-kubectl-windows"><span class="">在 Windows 上安装 kubectl</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-tasks-administer-cluster-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-check"><a href="/zh-cn/docs/tasks/administer-cluster/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-tasks-administer-cluster"><span class="">管理集群</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-tasks-administer-cluster-kubeadm-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-kubeadm-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-kubeadm-check"><a href="/zh-cn/docs/tasks/administer-cluster/kubeadm/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-tasks-administer-cluster-kubeadm"><span class="">用 kubeadm 进行管理</span></a></label> <ul class="ul-4 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-kubeadm-kubeadm-certs-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-kubeadm-kubeadm-certs-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-kubeadm-kubeadm-certs-check"><a href="/zh-cn/docs/tasks/administer-cluster/kubeadm/kubeadm-certs/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-kubeadm-kubeadm-certs"><span class="">使用 kubeadm 进行证书管理</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-kubeadm-configure-cgroup-driver-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-kubeadm-configure-cgroup-driver-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-kubeadm-configure-cgroup-driver-check"><a href="/zh-cn/docs/tasks/administer-cluster/kubeadm/configure-cgroup-driver/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-kubeadm-configure-cgroup-driver"><span class="">配置 cgroup 驱动</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-kubeadm-kubeadm-reconfigure-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-kubeadm-kubeadm-reconfigure-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-kubeadm-kubeadm-reconfigure-check"><a href="/zh-cn/docs/tasks/administer-cluster/kubeadm/kubeadm-reconfigure/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-kubeadm-kubeadm-reconfigure"><span class="">重新配置 kubeadm 集群</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-kubeadm-kubeadm-upgrade-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-kubeadm-kubeadm-upgrade-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-kubeadm-kubeadm-upgrade-check"><a href="/zh-cn/docs/tasks/administer-cluster/kubeadm/kubeadm-upgrade/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-kubeadm-kubeadm-upgrade"><span class="">升级 kubeadm 集群</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-kubeadm-upgrading-linux-nodes-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-kubeadm-upgrading-linux-nodes-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-kubeadm-upgrading-linux-nodes-check"><a href="/zh-cn/docs/tasks/administer-cluster/kubeadm/upgrading-linux-nodes/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-kubeadm-upgrading-linux-nodes"><span class="">升级 Linux 节点</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-kubeadm-upgrading-windows-nodes-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-kubeadm-upgrading-windows-nodes-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-kubeadm-upgrading-windows-nodes-check"><a href="/zh-cn/docs/tasks/administer-cluster/kubeadm/upgrading-windows-nodes/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-kubeadm-upgrading-windows-nodes"><span class="">升级 Windows 节点</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-kubeadm-change-package-repository-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-kubeadm-change-package-repository-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-kubeadm-change-package-repository-check"><a href="/zh-cn/docs/tasks/administer-cluster/kubeadm/change-package-repository/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-kubeadm-change-package-repository"><span class="">更改 Kubernetes 软件包仓库</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-tasks-administer-cluster-migrating-from-dockershim-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-migrating-from-dockershim-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-migrating-from-dockershim-check"><a href="/zh-cn/docs/tasks/administer-cluster/migrating-from-dockershim/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-tasks-administer-cluster-migrating-from-dockershim"><span class="">从 dockershim 迁移</span></a></label> <ul class="ul-4 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-migrating-from-dockershim-change-runtime-containerd-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-migrating-from-dockershim-change-runtime-containerd-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-migrating-from-dockershim-change-runtime-containerd-check"><a href="/zh-cn/docs/tasks/administer-cluster/migrating-from-dockershim/change-runtime-containerd/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-migrating-from-dockershim-change-runtime-containerd"><span class="">将节点上的容器运行时从 Docker Engine 改为 containerd</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-migrating-from-dockershim-migrate-dockershim-dockerd-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-migrating-from-dockershim-migrate-dockershim-dockerd-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-migrating-from-dockershim-migrate-dockershim-dockerd-check"><a href="/zh-cn/docs/tasks/administer-cluster/migrating-from-dockershim/migrate-dockershim-dockerd/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-migrating-from-dockershim-migrate-dockershim-dockerd"><span class="">将 Docker Engine 节点从 dockershim 迁移到 cri-dockerd</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-migrating-from-dockershim-find-out-runtime-you-use-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-migrating-from-dockershim-find-out-runtime-you-use-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-migrating-from-dockershim-find-out-runtime-you-use-check"><a href="/zh-cn/docs/tasks/administer-cluster/migrating-from-dockershim/find-out-runtime-you-use/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-migrating-from-dockershim-find-out-runtime-you-use"><span class="">查明节点上所使用的容器运行时</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-migrating-from-dockershim-troubleshooting-cni-plugin-related-errors-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-migrating-from-dockershim-troubleshooting-cni-plugin-related-errors-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-migrating-from-dockershim-troubleshooting-cni-plugin-related-errors-check"><a href="/zh-cn/docs/tasks/administer-cluster/migrating-from-dockershim/troubleshooting-cni-plugin-related-errors/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-migrating-from-dockershim-troubleshooting-cni-plugin-related-errors"><span class="">排查 CNI 插件相关的错误</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-migrating-from-dockershim-check-if-dockershim-removal-affects-you-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-migrating-from-dockershim-check-if-dockershim-removal-affects-you-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-migrating-from-dockershim-check-if-dockershim-removal-affects-you-check"><a href="/zh-cn/docs/tasks/administer-cluster/migrating-from-dockershim/check-if-dockershim-removal-affects-you/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-migrating-from-dockershim-check-if-dockershim-removal-affects-you"><span class="">检查移除 Dockershim 是否对你有影响</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-migrating-from-dockershim-migrating-telemetry-and-security-agents-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-migrating-from-dockershim-migrating-telemetry-and-security-agents-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-migrating-from-dockershim-migrating-telemetry-and-security-agents-check"><a href="/zh-cn/docs/tasks/administer-cluster/migrating-from-dockershim/migrating-telemetry-and-security-agents/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-migrating-from-dockershim-migrating-telemetry-and-security-agents"><span class="">从 dockershim 迁移遥测和安全代理</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-certificates-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-certificates-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-certificates-check"><a href="/zh-cn/docs/tasks/administer-cluster/certificates/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-certificates"><span class="">手动生成证书</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-tasks-administer-cluster-manage-resources-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-manage-resources-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-manage-resources-check"><a href="/zh-cn/docs/tasks/administer-cluster/manage-resources/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-tasks-administer-cluster-manage-resources"><span class="">管理内存、CPU 和 API 资源</span></a></label> <ul class="ul-4 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-manage-resources-memory-default-namespace-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-manage-resources-memory-default-namespace-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-manage-resources-memory-default-namespace-check"><a href="/zh-cn/docs/tasks/administer-cluster/manage-resources/memory-default-namespace/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-manage-resources-memory-default-namespace"><span class="">为命名空间配置默认的内存请求和限制</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-manage-resources-cpu-default-namespace-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-manage-resources-cpu-default-namespace-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-manage-resources-cpu-default-namespace-check"><a href="/zh-cn/docs/tasks/administer-cluster/manage-resources/cpu-default-namespace/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-manage-resources-cpu-default-namespace"><span class="">为命名空间配置默认的 CPU 请求和限制</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-manage-resources-memory-constraint-namespace-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-manage-resources-memory-constraint-namespace-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-manage-resources-memory-constraint-namespace-check"><a href="/zh-cn/docs/tasks/administer-cluster/manage-resources/memory-constraint-namespace/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-manage-resources-memory-constraint-namespace"><span class="">配置命名空间的最小和最大内存约束</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-manage-resources-cpu-constraint-namespace-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-manage-resources-cpu-constraint-namespace-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-manage-resources-cpu-constraint-namespace-check"><a href="/zh-cn/docs/tasks/administer-cluster/manage-resources/cpu-constraint-namespace/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-manage-resources-cpu-constraint-namespace"><span class="">为命名空间配置 CPU 最小和最大约束</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-manage-resources-quota-memory-cpu-namespace-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-manage-resources-quota-memory-cpu-namespace-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-manage-resources-quota-memory-cpu-namespace-check"><a href="/zh-cn/docs/tasks/administer-cluster/manage-resources/quota-memory-cpu-namespace/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-manage-resources-quota-memory-cpu-namespace"><span class="">为命名空间配置内存和 CPU 配额</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-manage-resources-quota-pod-namespace-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-manage-resources-quota-pod-namespace-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-manage-resources-quota-pod-namespace-check"><a href="/zh-cn/docs/tasks/administer-cluster/manage-resources/quota-pod-namespace/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-manage-resources-quota-pod-namespace"><span class="">配置命名空间下 Pod 配额</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-tasks-administer-cluster-network-policy-provider-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-network-policy-provider-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-network-policy-provider-check"><a href="/zh-cn/docs/tasks/administer-cluster/network-policy-provider/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-tasks-administer-cluster-network-policy-provider"><span class="">安装网络策略驱动</span></a></label> <ul class="ul-4 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-network-policy-provider-antrea-network-policy-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-network-policy-provider-antrea-network-policy-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-network-policy-provider-antrea-network-policy-check"><a href="/zh-cn/docs/tasks/administer-cluster/network-policy-provider/antrea-network-policy/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-network-policy-provider-antrea-network-policy"><span class="">使用 Antrea 提供 NetworkPolicy</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-network-policy-provider-calico-network-policy-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-network-policy-provider-calico-network-policy-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-network-policy-provider-calico-network-policy-check"><a href="/zh-cn/docs/tasks/administer-cluster/network-policy-provider/calico-network-policy/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-network-policy-provider-calico-network-policy"><span class="">使用 Calico 提供 NetworkPolicy</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-network-policy-provider-cilium-network-policy-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-network-policy-provider-cilium-network-policy-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-network-policy-provider-cilium-network-policy-check"><a href="/zh-cn/docs/tasks/administer-cluster/network-policy-provider/cilium-network-policy/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-network-policy-provider-cilium-network-policy"><span class="">使用 Cilium 提供 NetworkPolicy</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-network-policy-provider-kube-router-network-policy-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-network-policy-provider-kube-router-network-policy-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-network-policy-provider-kube-router-network-policy-check"><a href="/zh-cn/docs/tasks/administer-cluster/network-policy-provider/kube-router-network-policy/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-network-policy-provider-kube-router-network-policy"><span class="">使用 kube-router 提供 NetworkPolicy</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-network-policy-provider-romana-network-policy-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-network-policy-provider-romana-network-policy-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-network-policy-provider-romana-network-policy-check"><a href="/zh-cn/docs/tasks/administer-cluster/network-policy-provider/romana-network-policy/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-network-policy-provider-romana-network-policy"><span class="">使用 Romana 提供 NetworkPolicy</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-network-policy-provider-weave-network-policy-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-network-policy-provider-weave-network-policy-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-network-policy-provider-weave-network-policy-check"><a href="/zh-cn/docs/tasks/administer-cluster/network-policy-provider/weave-network-policy/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-network-policy-provider-weave-network-policy"><span class="">使用 Weave Net 提供 NetworkPolicy</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-access-cluster-api-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-access-cluster-api-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-access-cluster-api-check"><a href="/zh-cn/docs/tasks/administer-cluster/access-cluster-api/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-access-cluster-api"><span class="">使用 Kubernetes API 访问集群</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-extended-resource-node-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-extended-resource-node-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-extended-resource-node-check"><a href="/zh-cn/docs/tasks/administer-cluster/extended-resource-node/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-extended-resource-node"><span class="">为节点发布扩展资源</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-dns-horizontal-autoscaling-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-dns-horizontal-autoscaling-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-dns-horizontal-autoscaling-check"><a href="/zh-cn/docs/tasks/administer-cluster/dns-horizontal-autoscaling/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-dns-horizontal-autoscaling"><span class="">自动扩缩集群 DNS 服务</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-switch-to-evented-pleg-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-switch-to-evented-pleg-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-switch-to-evented-pleg-check"><a href="/zh-cn/docs/tasks/administer-cluster/switch-to-evented-pleg/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-switch-to-evented-pleg"><span class="">从轮询切换为基于 CRI 事件的更新来获取容器状态</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-change-default-storage-class-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-change-default-storage-class-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-change-default-storage-class-check"><a href="/zh-cn/docs/tasks/administer-cluster/change-default-storage-class/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-change-default-storage-class"><span class="">改变默认 StorageClass</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-change-pv-reclaim-policy-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-change-pv-reclaim-policy-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-change-pv-reclaim-policy-check"><a href="/zh-cn/docs/tasks/administer-cluster/change-pv-reclaim-policy/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-change-pv-reclaim-policy"><span class="">更改 PersistentVolume 的回收策略</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-running-cloud-controller-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-running-cloud-controller-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-running-cloud-controller-check"><a href="/zh-cn/docs/tasks/administer-cluster/running-cloud-controller/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-running-cloud-controller"><span class="">Kubernetes 云管理控制器</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-kubelet-credential-provider-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-kubelet-credential-provider-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-kubelet-credential-provider-check"><a href="/zh-cn/docs/tasks/administer-cluster/kubelet-credential-provider/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-kubelet-credential-provider"><span class="">配置 kubelet 镜像凭据提供程序</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-quota-api-object-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-quota-api-object-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-quota-api-object-check"><a href="/zh-cn/docs/tasks/administer-cluster/quota-api-object/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-quota-api-object"><span class="">配置 API 对象配额</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-cpu-management-policies-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-cpu-management-policies-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-cpu-management-policies-check"><a href="/zh-cn/docs/tasks/administer-cluster/cpu-management-policies/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-cpu-management-policies"><span class="">控制节点上的 CPU 管理策略</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-topology-manager-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-topology-manager-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-topology-manager-check"><a href="/zh-cn/docs/tasks/administer-cluster/topology-manager/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-topology-manager"><span class="">控制节点上的拓扑管理策略</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-dns-custom-nameservers-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-dns-custom-nameservers-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-dns-custom-nameservers-check"><a href="/zh-cn/docs/tasks/administer-cluster/dns-custom-nameservers/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-dns-custom-nameservers"><span class="">自定义 DNS 服务</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-dns-debugging-resolution-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-dns-debugging-resolution-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-dns-debugging-resolution-check"><a href="/zh-cn/docs/tasks/administer-cluster/dns-debugging-resolution/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-dns-debugging-resolution"><span class="">调试 DNS 问题</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-declare-network-policy-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-declare-network-policy-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-declare-network-policy-check"><a href="/zh-cn/docs/tasks/administer-cluster/declare-network-policy/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-declare-network-policy"><span class="">声明网络策略</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-developing-cloud-controller-manager-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-developing-cloud-controller-manager-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-developing-cloud-controller-manager-check"><a href="/zh-cn/docs/tasks/administer-cluster/developing-cloud-controller-manager/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-developing-cloud-controller-manager"><span class="">开发云控制器管理器</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-enable-disable-api-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-enable-disable-api-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-enable-disable-api-check"><a href="/zh-cn/docs/tasks/administer-cluster/enable-disable-api/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-enable-disable-api"><span class="">启用/禁用 Kubernetes API</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-encrypt-data-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-encrypt-data-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-encrypt-data-check"><a href="/zh-cn/docs/tasks/administer-cluster/encrypt-data/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-encrypt-data"><span class="">静态加密机密数据</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-decrypt-data-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-decrypt-data-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-decrypt-data-check"><a href="/zh-cn/docs/tasks/administer-cluster/decrypt-data/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-decrypt-data"><span class="">解密已静态加密的机密数据</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-guaranteed-scheduling-critical-addon-pods-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-guaranteed-scheduling-critical-addon-pods-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-guaranteed-scheduling-critical-addon-pods-check"><a href="/zh-cn/docs/tasks/administer-cluster/guaranteed-scheduling-critical-addon-pods/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-guaranteed-scheduling-critical-addon-pods"><span class="">关键插件 Pod 的调度保证</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-ip-masq-agent-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-ip-masq-agent-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-ip-masq-agent-check"><a href="/zh-cn/docs/tasks/administer-cluster/ip-masq-agent/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-ip-masq-agent"><span class="">IP Masquerade Agent 用户指南</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-limit-storage-consumption-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-limit-storage-consumption-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-limit-storage-consumption-check"><a href="/zh-cn/docs/tasks/administer-cluster/limit-storage-consumption/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-limit-storage-consumption"><span class="">限制存储使用量</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-controller-manager-leader-migration-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-controller-manager-leader-migration-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-controller-manager-leader-migration-check"><a href="/zh-cn/docs/tasks/administer-cluster/controller-manager-leader-migration/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-controller-manager-leader-migration"><span class="">迁移多副本的控制面以使用云控制器管理器</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-namespaces-walkthrough-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-namespaces-walkthrough-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-namespaces-walkthrough-check"><a href="/zh-cn/docs/tasks/administer-cluster/namespaces-walkthrough/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-namespaces-walkthrough"><span class="">名字空间演练</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-configure-upgrade-etcd-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-configure-upgrade-etcd-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-configure-upgrade-etcd-check"><a href="/zh-cn/docs/tasks/administer-cluster/configure-upgrade-etcd/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-configure-upgrade-etcd"><span class="">操作 Kubernetes 中的 etcd 集群</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-reserve-compute-resources-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-reserve-compute-resources-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-reserve-compute-resources-check"><a href="/zh-cn/docs/tasks/administer-cluster/reserve-compute-resources/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-reserve-compute-resources"><span class="">为系统守护进程预留计算资源</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-kubelet-in-userns-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-kubelet-in-userns-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-kubelet-in-userns-check"><a href="/zh-cn/docs/tasks/administer-cluster/kubelet-in-userns/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-kubelet-in-userns"><span class="">以非 root 用户身份运行 Kubernetes 节点组件</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-safely-drain-node-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-safely-drain-node-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-safely-drain-node-check"><a href="/zh-cn/docs/tasks/administer-cluster/safely-drain-node/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-safely-drain-node"><span class="">安全地清空一个节点</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-securing-a-cluster-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-securing-a-cluster-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-securing-a-cluster-check"><a href="/zh-cn/docs/tasks/administer-cluster/securing-a-cluster/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-securing-a-cluster"><span class="">保护集群</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-kubelet-config-file-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-kubelet-config-file-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-kubelet-config-file-check"><a href="/zh-cn/docs/tasks/administer-cluster/kubelet-config-file/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-kubelet-config-file"><span class="">通过配置文件设置 kubelet 参数</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-namespaces-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-namespaces-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-namespaces-check"><a href="/zh-cn/docs/tasks/administer-cluster/namespaces/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-namespaces"><span class="">通过名字空间共享集群</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-cluster-upgrade-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-cluster-upgrade-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-cluster-upgrade-check"><a href="/zh-cn/docs/tasks/administer-cluster/cluster-upgrade/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-cluster-upgrade"><span class="">升级集群</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-use-cascading-deletion-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-use-cascading-deletion-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-use-cascading-deletion-check"><a href="/zh-cn/docs/tasks/administer-cluster/use-cascading-deletion/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-use-cascading-deletion"><span class="">在集群中使用级联删除</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-kms-provider-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-kms-provider-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-kms-provider-check"><a href="/zh-cn/docs/tasks/administer-cluster/kms-provider/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-kms-provider"><span class="">使用 KMS 驱动进行数据加密</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-coredns-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-coredns-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-coredns-check"><a href="/zh-cn/docs/tasks/administer-cluster/coredns/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-coredns"><span class="">使用 CoreDNS 进行服务发现</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-nodelocaldns-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-nodelocaldns-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-nodelocaldns-check"><a href="/zh-cn/docs/tasks/administer-cluster/nodelocaldns/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-nodelocaldns"><span class="">在 Kubernetes 集群中使用 NodeLocal DNSCache</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-sysctl-cluster-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-sysctl-cluster-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-sysctl-cluster-check"><a href="/zh-cn/docs/tasks/administer-cluster/sysctl-cluster/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-sysctl-cluster"><span class="">在 Kubernetes 集群中使用 sysctl</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-memory-manager-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-memory-manager-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-memory-manager-check"><a href="/zh-cn/docs/tasks/administer-cluster/memory-manager/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-memory-manager"><span class="">使用 NUMA 感知的内存管理器</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-administer-cluster-verify-signed-artifacts-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-administer-cluster-verify-signed-artifacts-check"/> <label for="m-zh-cn-docs-tasks-administer-cluster-verify-signed-artifacts-check"><a href="/zh-cn/docs/tasks/administer-cluster/verify-signed-artifacts/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-administer-cluster-verify-signed-artifacts"><span class="">验证已签名容器镜像</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-tasks-configure-pod-container-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-configure-pod-container-check"/> <label for="m-zh-cn-docs-tasks-configure-pod-container-check"><a href="/zh-cn/docs/tasks/configure-pod-container/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-tasks-configure-pod-container"><span class="">配置 Pods 和容器</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-configure-pod-container-assign-memory-resource-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-configure-pod-container-assign-memory-resource-check"/> <label for="m-zh-cn-docs-tasks-configure-pod-container-assign-memory-resource-check"><a href="/zh-cn/docs/tasks/configure-pod-container/assign-memory-resource/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-configure-pod-container-assign-memory-resource"><span class="">为容器和 Pod 分配内存资源</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-configure-pod-container-assign-cpu-resource-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-configure-pod-container-assign-cpu-resource-check"/> <label for="m-zh-cn-docs-tasks-configure-pod-container-assign-cpu-resource-check"><a href="/zh-cn/docs/tasks/configure-pod-container/assign-cpu-resource/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-configure-pod-container-assign-cpu-resource"><span class="">为容器和 Pods 分配 CPU 资源</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-configure-pod-container-resize-container-resources-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-configure-pod-container-resize-container-resources-check"/> <label for="m-zh-cn-docs-tasks-configure-pod-container-resize-container-resources-check"><a href="/zh-cn/docs/tasks/configure-pod-container/resize-container-resources/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-configure-pod-container-resize-container-resources"><span class="">调整分配给容器的 CPU 和内存资源</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-configure-pod-container-configure-gmsa-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-configure-pod-container-configure-gmsa-check"/> <label for="m-zh-cn-docs-tasks-configure-pod-container-configure-gmsa-check"><a href="/zh-cn/docs/tasks/configure-pod-container/configure-gmsa/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-configure-pod-container-configure-gmsa"><span class="">为 Windows Pod 和容器配置 GMSA</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-configure-pod-container-configure-runasusername-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-configure-pod-container-configure-runasusername-check"/> <label for="m-zh-cn-docs-tasks-configure-pod-container-configure-runasusername-check"><a href="/zh-cn/docs/tasks/configure-pod-container/configure-runasusername/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-configure-pod-container-configure-runasusername"><span class="">为 Windows 的 Pod 和容器配置 RunAsUserName</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-configure-pod-container-create-hostprocess-pod-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-configure-pod-container-create-hostprocess-pod-check"/> <label for="m-zh-cn-docs-tasks-configure-pod-container-create-hostprocess-pod-check"><a href="/zh-cn/docs/tasks/configure-pod-container/create-hostprocess-pod/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-configure-pod-container-create-hostprocess-pod"><span class="">创建 Windows HostProcess Pod</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-configure-pod-container-quality-service-pod-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-configure-pod-container-quality-service-pod-check"/> <label for="m-zh-cn-docs-tasks-configure-pod-container-quality-service-pod-check"><a href="/zh-cn/docs/tasks/configure-pod-container/quality-service-pod/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-configure-pod-container-quality-service-pod"><span class="">配置 Pod 的服务质量</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-configure-pod-container-extended-resource-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-configure-pod-container-extended-resource-check"/> <label for="m-zh-cn-docs-tasks-configure-pod-container-extended-resource-check"><a href="/zh-cn/docs/tasks/configure-pod-container/extended-resource/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-configure-pod-container-extended-resource"><span class="">为容器分派扩展资源</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-configure-pod-container-configure-volume-storage-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-configure-pod-container-configure-volume-storage-check"/> <label for="m-zh-cn-docs-tasks-configure-pod-container-configure-volume-storage-check"><a href="/zh-cn/docs/tasks/configure-pod-container/configure-volume-storage/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-configure-pod-container-configure-volume-storage"><span class="">配置 Pod 以使用卷进行存储</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-configure-pod-container-configure-persistent-volume-storage-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-configure-pod-container-configure-persistent-volume-storage-check"/> <label for="m-zh-cn-docs-tasks-configure-pod-container-configure-persistent-volume-storage-check"><a href="/zh-cn/docs/tasks/configure-pod-container/configure-persistent-volume-storage/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-configure-pod-container-configure-persistent-volume-storage"><span class="">配置 Pod 以使用 PersistentVolume 作为存储</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-configure-pod-container-configure-projected-volume-storage-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-configure-pod-container-configure-projected-volume-storage-check"/> <label for="m-zh-cn-docs-tasks-configure-pod-container-configure-projected-volume-storage-check"><a href="/zh-cn/docs/tasks/configure-pod-container/configure-projected-volume-storage/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-configure-pod-container-configure-projected-volume-storage"><span class="">配置 Pod 使用投射卷作存储</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-configure-pod-container-security-context-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-configure-pod-container-security-context-check"/> <label for="m-zh-cn-docs-tasks-configure-pod-container-security-context-check"><a href="/zh-cn/docs/tasks/configure-pod-container/security-context/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-configure-pod-container-security-context"><span class="">为 Pod 或容器配置安全上下文</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-configure-pod-container-configure-service-account-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-configure-pod-container-configure-service-account-check"/> <label for="m-zh-cn-docs-tasks-configure-pod-container-configure-service-account-check"><a href="/zh-cn/docs/tasks/configure-pod-container/configure-service-account/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-configure-pod-container-configure-service-account"><span class="">为 Pod 配置服务账号</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-configure-pod-container-pull-image-private-registry-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-configure-pod-container-pull-image-private-registry-check"/> <label for="m-zh-cn-docs-tasks-configure-pod-container-pull-image-private-registry-check"><a href="/zh-cn/docs/tasks/configure-pod-container/pull-image-private-registry/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-configure-pod-container-pull-image-private-registry"><span class="">从私有仓库拉取镜像</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-configure-pod-container-configure-liveness-readiness-startup-probes-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-configure-pod-container-configure-liveness-readiness-startup-probes-check"/> <label for="m-zh-cn-docs-tasks-configure-pod-container-configure-liveness-readiness-startup-probes-check"><a href="/zh-cn/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-configure-pod-container-configure-liveness-readiness-startup-probes"><span class="">配置存活、就绪和启动探针</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-configure-pod-container-assign-pods-nodes-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-configure-pod-container-assign-pods-nodes-check"/> <label for="m-zh-cn-docs-tasks-configure-pod-container-assign-pods-nodes-check"><a href="/zh-cn/docs/tasks/configure-pod-container/assign-pods-nodes/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-configure-pod-container-assign-pods-nodes"><span class="">将 Pod 分配给节点</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-configure-pod-container-assign-pods-nodes-using-node-affinity-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-configure-pod-container-assign-pods-nodes-using-node-affinity-check"/> <label for="m-zh-cn-docs-tasks-configure-pod-container-assign-pods-nodes-using-node-affinity-check"><a href="/zh-cn/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-configure-pod-container-assign-pods-nodes-using-node-affinity"><span class="">用节点亲和性把 Pod 分配到节点</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-configure-pod-container-configure-pod-initialization-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-configure-pod-container-configure-pod-initialization-check"/> <label for="m-zh-cn-docs-tasks-configure-pod-container-configure-pod-initialization-check"><a href="/zh-cn/docs/tasks/configure-pod-container/configure-pod-initialization/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-configure-pod-container-configure-pod-initialization"><span class="">配置 Pod 初始化</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-configure-pod-container-attach-handler-lifecycle-event-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-configure-pod-container-attach-handler-lifecycle-event-check"/> <label for="m-zh-cn-docs-tasks-configure-pod-container-attach-handler-lifecycle-event-check"><a href="/zh-cn/docs/tasks/configure-pod-container/attach-handler-lifecycle-event/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-configure-pod-container-attach-handler-lifecycle-event"><span class="">为容器的生命周期事件设置处理函数</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-configure-pod-container-configure-pod-configmap-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-configure-pod-container-configure-pod-configmap-check"/> <label for="m-zh-cn-docs-tasks-configure-pod-container-configure-pod-configmap-check"><a href="/zh-cn/docs/tasks/configure-pod-container/configure-pod-configmap/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-configure-pod-container-configure-pod-configmap"><span class="">配置 Pod 使用 ConfigMap</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-configure-pod-container-share-process-namespace-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-configure-pod-container-share-process-namespace-check"/> <label for="m-zh-cn-docs-tasks-configure-pod-container-share-process-namespace-check"><a href="/zh-cn/docs/tasks/configure-pod-container/share-process-namespace/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-configure-pod-container-share-process-namespace"><span class="">在 Pod 中的容器之间共享进程命名空间</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-configure-pod-container-user-namespaces-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-configure-pod-container-user-namespaces-check"/> <label for="m-zh-cn-docs-tasks-configure-pod-container-user-namespaces-check"><a href="/zh-cn/docs/tasks/configure-pod-container/user-namespaces/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-configure-pod-container-user-namespaces"><span class="">为 Pod 配置用户名字空间</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-configure-pod-container-static-pod-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-configure-pod-container-static-pod-check"/> <label for="m-zh-cn-docs-tasks-configure-pod-container-static-pod-check"><a href="/zh-cn/docs/tasks/configure-pod-container/static-pod/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-configure-pod-container-static-pod"><span class="">创建静态 Pod</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-configure-pod-container-translate-compose-kubernetes-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-configure-pod-container-translate-compose-kubernetes-check"/> <label for="m-zh-cn-docs-tasks-configure-pod-container-translate-compose-kubernetes-check"><a href="/zh-cn/docs/tasks/configure-pod-container/translate-compose-kubernetes/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-configure-pod-container-translate-compose-kubernetes"><span class="">将 Docker Compose 文件转换为 Kubernetes 资源</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-configure-pod-container-enforce-standards-admission-controller-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-configure-pod-container-enforce-standards-admission-controller-check"/> <label for="m-zh-cn-docs-tasks-configure-pod-container-enforce-standards-admission-controller-check"><a href="/zh-cn/docs/tasks/configure-pod-container/enforce-standards-admission-controller/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-configure-pod-container-enforce-standards-admission-controller"><span class="">通过配置内置准入控制器实施 Pod 安全标准</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-configure-pod-container-enforce-standards-namespace-labels-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-configure-pod-container-enforce-standards-namespace-labels-check"/> <label for="m-zh-cn-docs-tasks-configure-pod-container-enforce-standards-namespace-labels-check"><a href="/zh-cn/docs/tasks/configure-pod-container/enforce-standards-namespace-labels/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-configure-pod-container-enforce-standards-namespace-labels"><span class="">使用名字空间标签来实施 Pod 安全性标准</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-configure-pod-container-migrate-from-psp-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-configure-pod-container-migrate-from-psp-check"/> <label for="m-zh-cn-docs-tasks-configure-pod-container-migrate-from-psp-check"><a href="/zh-cn/docs/tasks/configure-pod-container/migrate-from-psp/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-configure-pod-container-migrate-from-psp"><span class="">从 PodSecurityPolicy 迁移到内置的 PodSecurity 准入控制器</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-tasks-debug-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-debug-check"/> <label for="m-zh-cn-docs-tasks-debug-check"><a href="/zh-cn/docs/tasks/debug/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-tasks-debug"><span class="">监控、日志和调试</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-tasks-debug-debug-cluster-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-debug-debug-cluster-check"/> <label for="m-zh-cn-docs-tasks-debug-debug-cluster-check"><a href="/zh-cn/docs/tasks/debug/debug-cluster/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-tasks-debug-debug-cluster"><span class="">集群故障排查</span></a></label> <ul class="ul-4 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-debug-debug-cluster-troubleshoot-kubectl-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-debug-debug-cluster-troubleshoot-kubectl-check"/> <label for="m-zh-cn-docs-tasks-debug-debug-cluster-troubleshoot-kubectl-check"><a href="/zh-cn/docs/tasks/debug/debug-cluster/troubleshoot-kubectl/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-debug-debug-cluster-troubleshoot-kubectl"><span class="">kubectl 故障排查</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-debug-debug-cluster-resource-usage-monitoring-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-debug-debug-cluster-resource-usage-monitoring-check"/> <label for="m-zh-cn-docs-tasks-debug-debug-cluster-resource-usage-monitoring-check"><a href="/zh-cn/docs/tasks/debug/debug-cluster/resource-usage-monitoring/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-debug-debug-cluster-resource-usage-monitoring"><span class="">资源监控工具</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-debug-debug-cluster-resource-metrics-pipeline-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-debug-debug-cluster-resource-metrics-pipeline-check"/> <label for="m-zh-cn-docs-tasks-debug-debug-cluster-resource-metrics-pipeline-check"><a href="/zh-cn/docs/tasks/debug/debug-cluster/resource-metrics-pipeline/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-debug-debug-cluster-resource-metrics-pipeline"><span class="">资源指标管道</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-debug-debug-cluster-monitor-node-health-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-debug-debug-cluster-monitor-node-health-check"/> <label for="m-zh-cn-docs-tasks-debug-debug-cluster-monitor-node-health-check"><a href="/zh-cn/docs/tasks/debug/debug-cluster/monitor-node-health/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-debug-debug-cluster-monitor-node-health"><span class="">节点健康监测</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-debug-debug-cluster-crictl-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-debug-debug-cluster-crictl-check"/> <label for="m-zh-cn-docs-tasks-debug-debug-cluster-crictl-check"><a href="/zh-cn/docs/tasks/debug/debug-cluster/crictl/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-debug-debug-cluster-crictl"><span class="">使用 crictl 对 Kubernetes 节点进行调试</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-debug-debug-cluster-windows-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-debug-debug-cluster-windows-check"/> <label for="m-zh-cn-docs-tasks-debug-debug-cluster-windows-check"><a href="/zh-cn/docs/tasks/debug/debug-cluster/windows/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-debug-debug-cluster-windows"><span class="">Windows 调试技巧</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-debug-debug-cluster-audit-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-debug-debug-cluster-audit-check"/> <label for="m-zh-cn-docs-tasks-debug-debug-cluster-audit-check"><a href="/zh-cn/docs/tasks/debug/debug-cluster/audit/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-debug-debug-cluster-audit"><span class="">审计</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-debug-debug-cluster-local-debugging-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-debug-debug-cluster-local-debugging-check"/> <label for="m-zh-cn-docs-tasks-debug-debug-cluster-local-debugging-check"><a href="/zh-cn/docs/tasks/debug/debug-cluster/local-debugging/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-debug-debug-cluster-local-debugging"><span class="">使用 telepresence 在本地开发和调试服务</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-debug-debug-cluster-kubectl-node-debug-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-debug-debug-cluster-kubectl-node-debug-check"/> <label for="m-zh-cn-docs-tasks-debug-debug-cluster-kubectl-node-debug-check"><a href="/zh-cn/docs/tasks/debug/debug-cluster/kubectl-node-debug/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-debug-debug-cluster-kubectl-node-debug"><span class="">用 Kubectl 调试 Kubernetes 节点</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-tasks-debug-debug-application-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-debug-debug-application-check"/> <label for="m-zh-cn-docs-tasks-debug-debug-application-check"><a href="/zh-cn/docs/tasks/debug/debug-application/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-tasks-debug-debug-application"><span class="">应用故障排除</span></a></label> <ul class="ul-4 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-debug-debug-application-debug-pods-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-debug-debug-application-debug-pods-check"/> <label for="m-zh-cn-docs-tasks-debug-debug-application-debug-pods-check"><a href="/zh-cn/docs/tasks/debug/debug-application/debug-pods/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-debug-debug-application-debug-pods"><span class="">调试 Pod</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-debug-debug-application-debug-service-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-debug-debug-application-debug-service-check"/> <label for="m-zh-cn-docs-tasks-debug-debug-application-debug-service-check"><a href="/zh-cn/docs/tasks/debug/debug-application/debug-service/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-debug-debug-application-debug-service"><span class="">调试 Service</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-debug-debug-application-debug-statefulset-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-debug-debug-application-debug-statefulset-check"/> <label for="m-zh-cn-docs-tasks-debug-debug-application-debug-statefulset-check"><a href="/zh-cn/docs/tasks/debug/debug-application/debug-statefulset/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-debug-debug-application-debug-statefulset"><span class="">调试 StatefulSet</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-debug-debug-application-determine-reason-pod-failure-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-debug-debug-application-determine-reason-pod-failure-check"/> <label for="m-zh-cn-docs-tasks-debug-debug-application-determine-reason-pod-failure-check"><a href="/zh-cn/docs/tasks/debug/debug-application/determine-reason-pod-failure/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-debug-debug-application-determine-reason-pod-failure"><span class="">确定 Pod 失败的原因</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-debug-debug-application-debug-init-containers-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-debug-debug-application-debug-init-containers-check"/> <label for="m-zh-cn-docs-tasks-debug-debug-application-debug-init-containers-check"><a href="/zh-cn/docs/tasks/debug/debug-application/debug-init-containers/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-debug-debug-application-debug-init-containers"><span class="">调试 Init 容器</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-debug-debug-application-debug-running-pod-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-debug-debug-application-debug-running-pod-check"/> <label for="m-zh-cn-docs-tasks-debug-debug-application-debug-running-pod-check"><a href="/zh-cn/docs/tasks/debug/debug-application/debug-running-pod/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-debug-debug-application-debug-running-pod"><span class="">调试运行中的 Pod</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-debug-debug-application-get-shell-running-container-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-debug-debug-application-get-shell-running-container-check"/> <label for="m-zh-cn-docs-tasks-debug-debug-application-get-shell-running-container-check"><a href="/zh-cn/docs/tasks/debug/debug-application/get-shell-running-container/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-debug-debug-application-get-shell-running-container"><span class="">获取正在运行容器的 Shell</span></a></label> </li> </ul> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-tasks-manage-kubernetes-objects-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-manage-kubernetes-objects-check"/> <label for="m-zh-cn-docs-tasks-manage-kubernetes-objects-check"><a href="/zh-cn/docs/tasks/manage-kubernetes-objects/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-tasks-manage-kubernetes-objects"><span class="">管理 Kubernetes 对象</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-manage-kubernetes-objects-declarative-config-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-manage-kubernetes-objects-declarative-config-check"/> <label for="m-zh-cn-docs-tasks-manage-kubernetes-objects-declarative-config-check"><a href="/zh-cn/docs/tasks/manage-kubernetes-objects/declarative-config/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-manage-kubernetes-objects-declarative-config"><span class="">使用配置文件对 Kubernetes 对象进行声明式管理</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-manage-kubernetes-objects-kustomization-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-manage-kubernetes-objects-kustomization-check"/> <label for="m-zh-cn-docs-tasks-manage-kubernetes-objects-kustomization-check"><a href="/zh-cn/docs/tasks/manage-kubernetes-objects/kustomization/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-manage-kubernetes-objects-kustomization"><span class="">使用 Kustomize 对 Kubernetes 对象进行声明式管理</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-manage-kubernetes-objects-imperative-command-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-manage-kubernetes-objects-imperative-command-check"/> <label for="m-zh-cn-docs-tasks-manage-kubernetes-objects-imperative-command-check"><a href="/zh-cn/docs/tasks/manage-kubernetes-objects/imperative-command/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-manage-kubernetes-objects-imperative-command"><span class="">使用指令式命令管理 Kubernetes 对象</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-manage-kubernetes-objects-imperative-config-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-manage-kubernetes-objects-imperative-config-check"/> <label for="m-zh-cn-docs-tasks-manage-kubernetes-objects-imperative-config-check"><a href="/zh-cn/docs/tasks/manage-kubernetes-objects/imperative-config/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-manage-kubernetes-objects-imperative-config"><span class="">使用配置文件对 Kubernetes 对象进行命令式管理</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-manage-kubernetes-objects-update-api-object-kubectl-patch-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-manage-kubernetes-objects-update-api-object-kubectl-patch-check"/> <label for="m-zh-cn-docs-tasks-manage-kubernetes-objects-update-api-object-kubectl-patch-check"><a href="/zh-cn/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-manage-kubernetes-objects-update-api-object-kubectl-patch"><span class="">使用 kubectl patch 更新 API 对象</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-tasks-configmap-secret-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-configmap-secret-check"/> <label for="m-zh-cn-docs-tasks-configmap-secret-check"><a href="/zh-cn/docs/tasks/configmap-secret/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-tasks-configmap-secret"><span class="">管理 Secrets</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-configmap-secret-managing-secret-using-kubectl-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-configmap-secret-managing-secret-using-kubectl-check"/> <label for="m-zh-cn-docs-tasks-configmap-secret-managing-secret-using-kubectl-check"><a href="/zh-cn/docs/tasks/configmap-secret/managing-secret-using-kubectl/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-configmap-secret-managing-secret-using-kubectl"><span class="">使用 kubectl 管理 Secret</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-configmap-secret-managing-secret-using-config-file-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-configmap-secret-managing-secret-using-config-file-check"/> <label for="m-zh-cn-docs-tasks-configmap-secret-managing-secret-using-config-file-check"><a href="/zh-cn/docs/tasks/configmap-secret/managing-secret-using-config-file/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-configmap-secret-managing-secret-using-config-file"><span class="">使用配置文件管理 Secret</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-configmap-secret-managing-secret-using-kustomize-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-configmap-secret-managing-secret-using-kustomize-check"/> <label for="m-zh-cn-docs-tasks-configmap-secret-managing-secret-using-kustomize-check"><a href="/zh-cn/docs/tasks/configmap-secret/managing-secret-using-kustomize/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-configmap-secret-managing-secret-using-kustomize"><span class="">使用 Kustomize 管理 Secret</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-tasks-inject-data-application-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-inject-data-application-check"/> <label for="m-zh-cn-docs-tasks-inject-data-application-check"><a href="/zh-cn/docs/tasks/inject-data-application/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-tasks-inject-data-application"><span class="">给应用注入数据</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-inject-data-application-define-command-argument-container-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-inject-data-application-define-command-argument-container-check"/> <label for="m-zh-cn-docs-tasks-inject-data-application-define-command-argument-container-check"><a href="/zh-cn/docs/tasks/inject-data-application/define-command-argument-container/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-inject-data-application-define-command-argument-container"><span class="">为容器设置启动时要执行的命令和参数</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-inject-data-application-define-interdependent-environment-variables-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-inject-data-application-define-interdependent-environment-variables-check"/> <label for="m-zh-cn-docs-tasks-inject-data-application-define-interdependent-environment-variables-check"><a href="/zh-cn/docs/tasks/inject-data-application/define-interdependent-environment-variables/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-inject-data-application-define-interdependent-environment-variables"><span class="">定义相互依赖的环境变量</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-inject-data-application-define-environment-variable-container-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-inject-data-application-define-environment-variable-container-check"/> <label for="m-zh-cn-docs-tasks-inject-data-application-define-environment-variable-container-check"><a href="/zh-cn/docs/tasks/inject-data-application/define-environment-variable-container/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-inject-data-application-define-environment-variable-container"><span class="">为容器设置环境变量</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-inject-data-application-environment-variable-expose-pod-information-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-inject-data-application-environment-variable-expose-pod-information-check"/> <label for="m-zh-cn-docs-tasks-inject-data-application-environment-variable-expose-pod-information-check"><a href="/zh-cn/docs/tasks/inject-data-application/environment-variable-expose-pod-information/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-inject-data-application-environment-variable-expose-pod-information"><span class="">通过环境变量将 Pod 信息呈现给容器</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-inject-data-application-downward-api-volume-expose-pod-information-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-inject-data-application-downward-api-volume-expose-pod-information-check"/> <label for="m-zh-cn-docs-tasks-inject-data-application-downward-api-volume-expose-pod-information-check"><a href="/zh-cn/docs/tasks/inject-data-application/downward-api-volume-expose-pod-information/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-inject-data-application-downward-api-volume-expose-pod-information"><span class="">通过文件将 Pod 信息呈现给容器</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-inject-data-application-distribute-credentials-secure-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-inject-data-application-distribute-credentials-secure-check"/> <label for="m-zh-cn-docs-tasks-inject-data-application-distribute-credentials-secure-check"><a href="/zh-cn/docs/tasks/inject-data-application/distribute-credentials-secure/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-inject-data-application-distribute-credentials-secure"><span class="">使用 Secret 安全地分发凭据</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-tasks-run-application-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-run-application-check"/> <label for="m-zh-cn-docs-tasks-run-application-check"><a href="/zh-cn/docs/tasks/run-application/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-tasks-run-application"><span class="">运行应用</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-run-application-run-stateless-application-deployment-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-run-application-run-stateless-application-deployment-check"/> <label for="m-zh-cn-docs-tasks-run-application-run-stateless-application-deployment-check"><a href="/zh-cn/docs/tasks/run-application/run-stateless-application-deployment/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-run-application-run-stateless-application-deployment"><span class="">使用 Deployment 运行一个无状态应用</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-run-application-run-single-instance-stateful-application-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-run-application-run-single-instance-stateful-application-check"/> <label for="m-zh-cn-docs-tasks-run-application-run-single-instance-stateful-application-check"><a href="/zh-cn/docs/tasks/run-application/run-single-instance-stateful-application/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-run-application-run-single-instance-stateful-application"><span class="">运行一个单实例有状态应用</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-run-application-run-replicated-stateful-application-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-run-application-run-replicated-stateful-application-check"/> <label for="m-zh-cn-docs-tasks-run-application-run-replicated-stateful-application-check"><a href="/zh-cn/docs/tasks/run-application/run-replicated-stateful-application/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-run-application-run-replicated-stateful-application"><span class="">运行一个有状态的应用程序</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-run-application-scale-stateful-set-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-run-application-scale-stateful-set-check"/> <label for="m-zh-cn-docs-tasks-run-application-scale-stateful-set-check"><a href="/zh-cn/docs/tasks/run-application/scale-stateful-set/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-run-application-scale-stateful-set"><span class="">扩缩 StatefulSet</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-run-application-delete-stateful-set-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-run-application-delete-stateful-set-check"/> <label for="m-zh-cn-docs-tasks-run-application-delete-stateful-set-check"><a href="/zh-cn/docs/tasks/run-application/delete-stateful-set/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-run-application-delete-stateful-set"><span class="">删除 StatefulSet</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-run-application-force-delete-stateful-set-pod-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-run-application-force-delete-stateful-set-pod-check"/> <label for="m-zh-cn-docs-tasks-run-application-force-delete-stateful-set-pod-check"><a href="/zh-cn/docs/tasks/run-application/force-delete-stateful-set-pod/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-run-application-force-delete-stateful-set-pod"><span class="">强制删除 StatefulSet 中的 Pod</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-run-application-horizontal-pod-autoscale-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-run-application-horizontal-pod-autoscale-check"/> <label for="m-zh-cn-docs-tasks-run-application-horizontal-pod-autoscale-check"><a href="/zh-cn/docs/tasks/run-application/horizontal-pod-autoscale/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-run-application-horizontal-pod-autoscale"><span class="">Pod 水平自动扩缩</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-run-application-horizontal-pod-autoscale-walkthrough-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-run-application-horizontal-pod-autoscale-walkthrough-check"/> <label for="m-zh-cn-docs-tasks-run-application-horizontal-pod-autoscale-walkthrough-check"><a href="/zh-cn/docs/tasks/run-application/horizontal-pod-autoscale-walkthrough/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-run-application-horizontal-pod-autoscale-walkthrough"><span class="">HorizontalPodAutoscaler 演练</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-run-application-configure-pdb-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-run-application-configure-pdb-check"/> <label for="m-zh-cn-docs-tasks-run-application-configure-pdb-check"><a href="/zh-cn/docs/tasks/run-application/configure-pdb/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-run-application-configure-pdb"><span class="">为应用程序设置干扰预算（Disruption Budget）</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-run-application-access-api-from-pod-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-run-application-access-api-from-pod-check"/> <label for="m-zh-cn-docs-tasks-run-application-access-api-from-pod-check"><a href="/zh-cn/docs/tasks/run-application/access-api-from-pod/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-run-application-access-api-from-pod"><span class="">从 Pod 中访问 Kubernetes API</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-tasks-job-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-job-check"/> <label for="m-zh-cn-docs-tasks-job-check"><a href="/zh-cn/docs/tasks/job/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-tasks-job"><span class="">运行 Jobs</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-job-automated-tasks-with-cron-jobs-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-job-automated-tasks-with-cron-jobs-check"/> <label for="m-zh-cn-docs-tasks-job-automated-tasks-with-cron-jobs-check"><a href="/zh-cn/docs/tasks/job/automated-tasks-with-cron-jobs/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-job-automated-tasks-with-cron-jobs"><span class="">使用 CronJob 运行自动化任务</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-job-coarse-parallel-processing-work-queue-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-job-coarse-parallel-processing-work-queue-check"/> <label for="m-zh-cn-docs-tasks-job-coarse-parallel-processing-work-queue-check"><a href="/zh-cn/docs/tasks/job/coarse-parallel-processing-work-queue/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-job-coarse-parallel-processing-work-queue"><span class="">使用工作队列进行粗粒度并行处理</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-job-job-with-pod-to-pod-communication-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-job-job-with-pod-to-pod-communication-check"/> <label for="m-zh-cn-docs-tasks-job-job-with-pod-to-pod-communication-check"><a href="/zh-cn/docs/tasks/job/job-with-pod-to-pod-communication/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-job-job-with-pod-to-pod-communication"><span class="">带 Pod 间通信的 Job</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-job-fine-parallel-processing-work-queue-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-job-fine-parallel-processing-work-queue-check"/> <label for="m-zh-cn-docs-tasks-job-fine-parallel-processing-work-queue-check"><a href="/zh-cn/docs/tasks/job/fine-parallel-processing-work-queue/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-job-fine-parallel-processing-work-queue"><span class="">使用工作队列进行精细的并行处理</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-job-indexed-parallel-processing-static-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-job-indexed-parallel-processing-static-check"/> <label for="m-zh-cn-docs-tasks-job-indexed-parallel-processing-static-check"><a href="/zh-cn/docs/tasks/job/indexed-parallel-processing-static/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-job-indexed-parallel-processing-static"><span class="">使用索引作业完成静态工作分配下的并行处理</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-job-parallel-processing-expansion-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-job-parallel-processing-expansion-check"/> <label for="m-zh-cn-docs-tasks-job-parallel-processing-expansion-check"><a href="/zh-cn/docs/tasks/job/parallel-processing-expansion/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-job-parallel-processing-expansion"><span class="">使用展开的方式进行并行处理</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-job-pod-failure-policy-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-job-pod-failure-policy-check"/> <label for="m-zh-cn-docs-tasks-job-pod-failure-policy-check"><a href="/zh-cn/docs/tasks/job/pod-failure-policy/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-job-pod-failure-policy"><span class="">使用 Pod 失效策略处理可重试和不可重试的 Pod 失效</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-tasks-access-application-cluster-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-access-application-cluster-check"/> <label for="m-zh-cn-docs-tasks-access-application-cluster-check"><a href="/zh-cn/docs/tasks/access-application-cluster/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-tasks-access-application-cluster"><span class="">访问集群中的应用程序</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-access-application-cluster-web-ui-dashboard-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-access-application-cluster-web-ui-dashboard-check"/> <label for="m-zh-cn-docs-tasks-access-application-cluster-web-ui-dashboard-check"><a href="/zh-cn/docs/tasks/access-application-cluster/web-ui-dashboard/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-access-application-cluster-web-ui-dashboard"><span class="">部署和访问 Kubernetes 仪表板（Dashboard）</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-access-application-cluster-access-cluster-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-access-application-cluster-access-cluster-check"/> <label for="m-zh-cn-docs-tasks-access-application-cluster-access-cluster-check"><a href="/zh-cn/docs/tasks/access-application-cluster/access-cluster/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-access-application-cluster-access-cluster"><span class="">访问集群</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-access-application-cluster-configure-access-multiple-clusters-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-access-application-cluster-configure-access-multiple-clusters-check"/> <label for="m-zh-cn-docs-tasks-access-application-cluster-configure-access-multiple-clusters-check"><a href="/zh-cn/docs/tasks/access-application-cluster/configure-access-multiple-clusters/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-access-application-cluster-configure-access-multiple-clusters"><span class="">配置对多集群的访问</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-access-application-cluster-port-forward-access-application-cluster-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-access-application-cluster-port-forward-access-application-cluster-check"/> <label for="m-zh-cn-docs-tasks-access-application-cluster-port-forward-access-application-cluster-check"><a href="/zh-cn/docs/tasks/access-application-cluster/port-forward-access-application-cluster/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-access-application-cluster-port-forward-access-application-cluster"><span class="">使用端口转发来访问集群中的应用</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-access-application-cluster-service-access-application-cluster-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-access-application-cluster-service-access-application-cluster-check"/> <label for="m-zh-cn-docs-tasks-access-application-cluster-service-access-application-cluster-check"><a href="/zh-cn/docs/tasks/access-application-cluster/service-access-application-cluster/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-access-application-cluster-service-access-application-cluster"><span class="">使用服务来访问集群中的应用</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-access-application-cluster-connecting-frontend-backend-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-access-application-cluster-connecting-frontend-backend-check"/> <label for="m-zh-cn-docs-tasks-access-application-cluster-connecting-frontend-backend-check"><a href="/zh-cn/docs/tasks/access-application-cluster/connecting-frontend-backend/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-access-application-cluster-connecting-frontend-backend"><span class="">使用 Service 把前端连接到后端</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-access-application-cluster-create-external-load-balancer-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-access-application-cluster-create-external-load-balancer-check"/> <label for="m-zh-cn-docs-tasks-access-application-cluster-create-external-load-balancer-check"><a href="/zh-cn/docs/tasks/access-application-cluster/create-external-load-balancer/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-access-application-cluster-create-external-load-balancer"><span class="">创建外部负载均衡器</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-access-application-cluster-list-all-running-container-images-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-access-application-cluster-list-all-running-container-images-check"/> <label for="m-zh-cn-docs-tasks-access-application-cluster-list-all-running-container-images-check"><a href="/zh-cn/docs/tasks/access-application-cluster/list-all-running-container-images/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-access-application-cluster-list-all-running-container-images"><span class="">列出集群中所有运行容器的镜像</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-access-application-cluster-ingress-minikube-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-access-application-cluster-ingress-minikube-check"/> <label for="m-zh-cn-docs-tasks-access-application-cluster-ingress-minikube-check"><a href="/zh-cn/docs/tasks/access-application-cluster/ingress-minikube/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-access-application-cluster-ingress-minikube"><span class="">在 Minikube 环境中使用 NGINX Ingress 控制器配置 Ingress</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-access-application-cluster-communicate-containers-same-pod-shared-volume-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-access-application-cluster-communicate-containers-same-pod-shared-volume-check"/> <label for="m-zh-cn-docs-tasks-access-application-cluster-communicate-containers-same-pod-shared-volume-check"><a href="/zh-cn/docs/tasks/access-application-cluster/communicate-containers-same-pod-shared-volume/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-access-application-cluster-communicate-containers-same-pod-shared-volume"><span class="">同 Pod 内的容器使用共享卷通信</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-access-application-cluster-configure-dns-cluster-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-access-application-cluster-configure-dns-cluster-check"/> <label for="m-zh-cn-docs-tasks-access-application-cluster-configure-dns-cluster-check"><a href="/zh-cn/docs/tasks/access-application-cluster/configure-dns-cluster/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-access-application-cluster-configure-dns-cluster"><span class="">为集群配置 DNS</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-access-application-cluster-access-cluster-services-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-access-application-cluster-access-cluster-services-check"/> <label for="m-zh-cn-docs-tasks-access-application-cluster-access-cluster-services-check"><a href="/zh-cn/docs/tasks/access-application-cluster/access-cluster-services/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-access-application-cluster-access-cluster-services"><span class="">访问集群上运行的服务</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-tasks-extend-kubernetes-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-extend-kubernetes-check"/> <label for="m-zh-cn-docs-tasks-extend-kubernetes-check"><a href="/zh-cn/docs/tasks/extend-kubernetes/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-tasks-extend-kubernetes"><span class="">扩展 Kubernetes</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-extend-kubernetes-configure-aggregation-layer-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-extend-kubernetes-configure-aggregation-layer-check"/> <label for="m-zh-cn-docs-tasks-extend-kubernetes-configure-aggregation-layer-check"><a href="/zh-cn/docs/tasks/extend-kubernetes/configure-aggregation-layer/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-extend-kubernetes-configure-aggregation-layer"><span class="">配置聚合层</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-tasks-extend-kubernetes-custom-resources-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-extend-kubernetes-custom-resources-check"/> <label for="m-zh-cn-docs-tasks-extend-kubernetes-custom-resources-check"><a href="/zh-cn/docs/tasks/extend-kubernetes/custom-resources/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-tasks-extend-kubernetes-custom-resources"><span class="">使用自定义资源</span></a></label> <ul class="ul-4 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-extend-kubernetes-custom-resources-custom-resource-definitions-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-extend-kubernetes-custom-resources-custom-resource-definitions-check"/> <label for="m-zh-cn-docs-tasks-extend-kubernetes-custom-resources-custom-resource-definitions-check"><a href="/zh-cn/docs/tasks/extend-kubernetes/custom-resources/custom-resource-definitions/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-extend-kubernetes-custom-resources-custom-resource-definitions"><span class="">使用 CustomResourceDefinition 扩展 Kubernetes API</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-extend-kubernetes-custom-resources-custom-resource-definition-versioning-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-extend-kubernetes-custom-resources-custom-resource-definition-versioning-check"/> <label for="m-zh-cn-docs-tasks-extend-kubernetes-custom-resources-custom-resource-definition-versioning-check"><a href="/zh-cn/docs/tasks/extend-kubernetes/custom-resources/custom-resource-definition-versioning/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-extend-kubernetes-custom-resources-custom-resource-definition-versioning"><span class="">CustomResourceDefinition 的版本</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-extend-kubernetes-setup-extension-api-server-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-extend-kubernetes-setup-extension-api-server-check"/> <label for="m-zh-cn-docs-tasks-extend-kubernetes-setup-extension-api-server-check"><a href="/zh-cn/docs/tasks/extend-kubernetes/setup-extension-api-server/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-extend-kubernetes-setup-extension-api-server"><span class="">安装一个扩展的 API server</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-extend-kubernetes-configure-multiple-schedulers-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-extend-kubernetes-configure-multiple-schedulers-check"/> <label for="m-zh-cn-docs-tasks-extend-kubernetes-configure-multiple-schedulers-check"><a href="/zh-cn/docs/tasks/extend-kubernetes/configure-multiple-schedulers/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-extend-kubernetes-configure-multiple-schedulers"><span class="">配置多个调度器</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-extend-kubernetes-http-proxy-access-api-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-extend-kubernetes-http-proxy-access-api-check"/> <label for="m-zh-cn-docs-tasks-extend-kubernetes-http-proxy-access-api-check"><a href="/zh-cn/docs/tasks/extend-kubernetes/http-proxy-access-api/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-extend-kubernetes-http-proxy-access-api"><span class="">使用 HTTP 代理访问 Kubernetes API</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-extend-kubernetes-socks5-proxy-access-api-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-extend-kubernetes-socks5-proxy-access-api-check"/> <label for="m-zh-cn-docs-tasks-extend-kubernetes-socks5-proxy-access-api-check"><a href="/zh-cn/docs/tasks/extend-kubernetes/socks5-proxy-access-api/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-extend-kubernetes-socks5-proxy-access-api"><span class="">使用 SOCKS5 代理访问 Kubernetes API</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-extend-kubernetes-setup-konnectivity-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-extend-kubernetes-setup-konnectivity-check"/> <label for="m-zh-cn-docs-tasks-extend-kubernetes-setup-konnectivity-check"><a href="/zh-cn/docs/tasks/extend-kubernetes/setup-konnectivity/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-extend-kubernetes-setup-konnectivity"><span class="">设置 Konnectivity 服务</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-tasks-tls-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-tls-check"/> <label for="m-zh-cn-docs-tasks-tls-check"><a href="/zh-cn/docs/tasks/tls/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-tasks-tls"><span class="">TLS</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-tls-managing-tls-in-a-cluster-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-tls-managing-tls-in-a-cluster-check"/> <label for="m-zh-cn-docs-tasks-tls-managing-tls-in-a-cluster-check"><a href="/zh-cn/docs/tasks/tls/managing-tls-in-a-cluster/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-tls-managing-tls-in-a-cluster"><span class="">管理集群中的 TLS 认证</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-tls-manual-rotation-of-ca-certificates-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-tls-manual-rotation-of-ca-certificates-check"/> <label for="m-zh-cn-docs-tasks-tls-manual-rotation-of-ca-certificates-check"><a href="/zh-cn/docs/tasks/tls/manual-rotation-of-ca-certificates/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-tls-manual-rotation-of-ca-certificates"><span class="">手动轮换 CA 证书</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-tls-certificate-rotation-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-tls-certificate-rotation-check"/> <label for="m-zh-cn-docs-tasks-tls-certificate-rotation-check"><a href="/zh-cn/docs/tasks/tls/certificate-rotation/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-tls-certificate-rotation"><span class="">为 kubelet 配置证书轮换</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-tasks-manage-daemon-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-manage-daemon-check"/> <label for="m-zh-cn-docs-tasks-manage-daemon-check"><a href="/zh-cn/docs/tasks/manage-daemon/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-tasks-manage-daemon"><span class="">管理集群守护进程</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-manage-daemon-update-daemon-set-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-manage-daemon-update-daemon-set-check"/> <label for="m-zh-cn-docs-tasks-manage-daemon-update-daemon-set-check"><a href="/zh-cn/docs/tasks/manage-daemon/update-daemon-set/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-manage-daemon-update-daemon-set"><span class="">对 DaemonSet 执行滚动更新</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-manage-daemon-rollback-daemon-set-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-manage-daemon-rollback-daemon-set-check"/> <label for="m-zh-cn-docs-tasks-manage-daemon-rollback-daemon-set-check"><a href="/zh-cn/docs/tasks/manage-daemon/rollback-daemon-set/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-manage-daemon-rollback-daemon-set"><span class="">对 DaemonSet 执行回滚</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-manage-daemon-pods-some-nodes-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-manage-daemon-pods-some-nodes-check"/> <label for="m-zh-cn-docs-tasks-manage-daemon-pods-some-nodes-check"><a href="/zh-cn/docs/tasks/manage-daemon/pods-some-nodes/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-manage-daemon-pods-some-nodes"><span class="">仅在某些节点上运行 Pod</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-tasks-network-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-network-check"/> <label for="m-zh-cn-docs-tasks-network-check"><a href="/zh-cn/docs/tasks/network/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-tasks-network"><span class="">网络</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-network-customize-hosts-file-for-pods-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-network-customize-hosts-file-for-pods-check"/> <label for="m-zh-cn-docs-tasks-network-customize-hosts-file-for-pods-check"><a href="/zh-cn/docs/tasks/network/customize-hosts-file-for-pods/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-network-customize-hosts-file-for-pods"><span class="">使用 HostAliases 向 Pod /etc/hosts 文件添加条目</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-network-validate-dual-stack-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-network-validate-dual-stack-check"/> <label for="m-zh-cn-docs-tasks-network-validate-dual-stack-check"><a href="/zh-cn/docs/tasks/network/validate-dual-stack/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-network-validate-dual-stack"><span class="">验证 IPv4/IPv6 双协议栈</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-manage-gpus-scheduling-gpus-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-manage-gpus-scheduling-gpus-check"/> <label for="m-zh-cn-docs-tasks-manage-gpus-scheduling-gpus-check"><a href="/zh-cn/docs/tasks/manage-gpus/scheduling-gpus/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-manage-gpus-scheduling-gpus"><span class="">调度 GPU</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-manage-hugepages-scheduling-hugepages-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-manage-hugepages-scheduling-hugepages-check"/> <label for="m-zh-cn-docs-tasks-manage-hugepages-scheduling-hugepages-check"><a href="/zh-cn/docs/tasks/manage-hugepages/scheduling-hugepages/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-manage-hugepages-scheduling-hugepages"><span class="">管理巨页（HugePage）</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tasks-extend-kubectl-kubectl-plugins-li"> <input type="checkbox" id="m-zh-cn-docs-tasks-extend-kubectl-kubectl-plugins-check"/> <label for="m-zh-cn-docs-tasks-extend-kubectl-kubectl-plugins-check"><a href="/zh-cn/docs/tasks/extend-kubectl/kubectl-plugins/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tasks-extend-kubectl-kubectl-plugins"><span class="">用插件扩展 kubectl</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-tutorials-li"> <input type="checkbox" id="m-zh-cn-docs-tutorials-check"/> <label for="m-zh-cn-docs-tutorials-check"><a href="/zh-cn/docs/tutorials/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-tutorials"><span class="">教程</span></a></label> <ul class="ul-2 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tutorials-hello-minikube-li"> <input type="checkbox" id="m-zh-cn-docs-tutorials-hello-minikube-check"/> <label for="m-zh-cn-docs-tutorials-hello-minikube-check"><a href="/zh-cn/docs/tutorials/hello-minikube/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tutorials-hello-minikube"><span class="">你好，Minikube</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-tutorials-kubernetes-basics-li"> <input type="checkbox" id="m-zh-cn-docs-tutorials-kubernetes-basics-check"/> <label for="m-zh-cn-docs-tutorials-kubernetes-basics-check"><a href="/zh-cn/docs/tutorials/kubernetes-basics/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-tutorials-kubernetes-basics"><span class="">学习 Kubernetes 基础知识</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-tutorials-kubernetes-basics-create-cluster-li"> <input type="checkbox" id="m-zh-cn-docs-tutorials-kubernetes-basics-create-cluster-check"/> <label for="m-zh-cn-docs-tutorials-kubernetes-basics-create-cluster-check"><a href="/zh-cn/docs/tutorials/kubernetes-basics/create-cluster/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-tutorials-kubernetes-basics-create-cluster"><span class="">创建集群</span></a></label> <ul class="ul-4 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tutorials-kubernetes-basics-create-cluster-cluster-intro-li"> <input type="checkbox" id="m-zh-cn-docs-tutorials-kubernetes-basics-create-cluster-cluster-intro-check"/> <label for="m-zh-cn-docs-tutorials-kubernetes-basics-create-cluster-cluster-intro-check"><a href="/zh-cn/docs/tutorials/kubernetes-basics/create-cluster/cluster-intro/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tutorials-kubernetes-basics-create-cluster-cluster-intro"><span class="">使用 Minikube 创建集群</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-tutorials-kubernetes-basics-deploy-app-li"> <input type="checkbox" id="m-zh-cn-docs-tutorials-kubernetes-basics-deploy-app-check"/> <label for="m-zh-cn-docs-tutorials-kubernetes-basics-deploy-app-check"><a href="/zh-cn/docs/tutorials/kubernetes-basics/deploy-app/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-tutorials-kubernetes-basics-deploy-app"><span class="">部署应用</span></a></label> <ul class="ul-4 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tutorials-kubernetes-basics-deploy-app-deploy-intro-li"> <input type="checkbox" id="m-zh-cn-docs-tutorials-kubernetes-basics-deploy-app-deploy-intro-check"/> <label for="m-zh-cn-docs-tutorials-kubernetes-basics-deploy-app-deploy-intro-check"><a href="/zh-cn/docs/tutorials/kubernetes-basics/deploy-app/deploy-intro/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tutorials-kubernetes-basics-deploy-app-deploy-intro"><span class="">使用 kubectl 创建 Deployment</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-tutorials-kubernetes-basics-explore-li"> <input type="checkbox" id="m-zh-cn-docs-tutorials-kubernetes-basics-explore-check"/> <label for="m-zh-cn-docs-tutorials-kubernetes-basics-explore-check"><a href="/zh-cn/docs/tutorials/kubernetes-basics/explore/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-tutorials-kubernetes-basics-explore"><span class="">了解你的应用</span></a></label> <ul class="ul-4 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tutorials-kubernetes-basics-explore-explore-intro-li"> <input type="checkbox" id="m-zh-cn-docs-tutorials-kubernetes-basics-explore-explore-intro-check"/> <label for="m-zh-cn-docs-tutorials-kubernetes-basics-explore-explore-intro-check"><a href="/zh-cn/docs/tutorials/kubernetes-basics/explore/explore-intro/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tutorials-kubernetes-basics-explore-explore-intro"><span class="">查看 Pod 和节点</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tutorials-kubernetes-basics-explore-explore-interactive-li"> <input type="checkbox" id="m-zh-cn-docs-tutorials-kubernetes-basics-explore-explore-interactive-check"/> <label for="m-zh-cn-docs-tutorials-kubernetes-basics-explore-explore-interactive-check"><a href="/zh-cn/docs/tutorials/kubernetes-basics/explore/explore-interactive/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tutorials-kubernetes-basics-explore-explore-interactive"><span class="">交互式教程 - 探索你的应用</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-tutorials-kubernetes-basics-expose-li"> <input type="checkbox" id="m-zh-cn-docs-tutorials-kubernetes-basics-expose-check"/> <label for="m-zh-cn-docs-tutorials-kubernetes-basics-expose-check"><a href="/zh-cn/docs/tutorials/kubernetes-basics/expose/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-tutorials-kubernetes-basics-expose"><span class="">公开地暴露你的应用</span></a></label> <ul class="ul-4 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tutorials-kubernetes-basics-expose-expose-intro-li"> <input type="checkbox" id="m-zh-cn-docs-tutorials-kubernetes-basics-expose-expose-intro-check"/> <label for="m-zh-cn-docs-tutorials-kubernetes-basics-expose-expose-intro-check"><a href="/zh-cn/docs/tutorials/kubernetes-basics/expose/expose-intro/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tutorials-kubernetes-basics-expose-expose-intro"><span class="">使用 Service 暴露你的应用</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-tutorials-kubernetes-basics-scale-li"> <input type="checkbox" id="m-zh-cn-docs-tutorials-kubernetes-basics-scale-check"/> <label for="m-zh-cn-docs-tutorials-kubernetes-basics-scale-check"><a href="/zh-cn/docs/tutorials/kubernetes-basics/scale/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-tutorials-kubernetes-basics-scale"><span class="">扩缩你的应用</span></a></label> <ul class="ul-4 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tutorials-kubernetes-basics-scale-scale-intro-li"> <input type="checkbox" id="m-zh-cn-docs-tutorials-kubernetes-basics-scale-scale-intro-check"/> <label for="m-zh-cn-docs-tutorials-kubernetes-basics-scale-scale-intro-check"><a href="/zh-cn/docs/tutorials/kubernetes-basics/scale/scale-intro/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tutorials-kubernetes-basics-scale-scale-intro"><span class="">运行应用程序的多个实例</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-tutorials-kubernetes-basics-update-li"> <input type="checkbox" id="m-zh-cn-docs-tutorials-kubernetes-basics-update-check"/> <label for="m-zh-cn-docs-tutorials-kubernetes-basics-update-check"><a href="/zh-cn/docs/tutorials/kubernetes-basics/update/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-tutorials-kubernetes-basics-update"><span class="">更新你的应用</span></a></label> <ul class="ul-4 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tutorials-kubernetes-basics-update-update-intro-li"> <input type="checkbox" id="m-zh-cn-docs-tutorials-kubernetes-basics-update-update-intro-check"/> <label for="m-zh-cn-docs-tutorials-kubernetes-basics-update-update-intro-check"><a href="/zh-cn/docs/tutorials/kubernetes-basics/update/update-intro/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tutorials-kubernetes-basics-update-update-intro"><span class="">执行滚动更新</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tutorials-kubernetes-basics-update-update-interactive-li"> <input type="checkbox" id="m-zh-cn-docs-tutorials-kubernetes-basics-update-update-interactive-check"/> <label for="m-zh-cn-docs-tutorials-kubernetes-basics-update-update-interactive-check"><a href="/zh-cn/docs/tutorials/kubernetes-basics/update/update-interactive/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tutorials-kubernetes-basics-update-update-interactive"><span class="">交互式教程 - 更新你的应用</span></a></label> </li> </ul> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-tutorials-configuration-li"> <input type="checkbox" id="m-zh-cn-docs-tutorials-configuration-check"/> <label for="m-zh-cn-docs-tutorials-configuration-check"><a href="/zh-cn/docs/tutorials/configuration/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-tutorials-configuration"><span class="">配置</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-tutorials-configuration-configure-java-microservice-li"> <input type="checkbox" id="m-zh-cn-docs-tutorials-configuration-configure-java-microservice-check"/> <label for="m-zh-cn-docs-tutorials-configuration-configure-java-microservice-check"><a href="/zh-cn/docs/tutorials/configuration/configure-java-microservice/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-tutorials-configuration-configure-java-microservice"><span class="">示例：配置 java 微服务</span></a></label> <ul class="ul-4 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tutorials-configuration-configure-java-microservice-configure-java-microservice-li"> <input type="checkbox" id="m-zh-cn-docs-tutorials-configuration-configure-java-microservice-configure-java-microservice-check"/> <label for="m-zh-cn-docs-tutorials-configuration-configure-java-microservice-configure-java-microservice-check"><a href="/zh-cn/docs/tutorials/configuration/configure-java-microservice/configure-java-microservice/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tutorials-configuration-configure-java-microservice-configure-java-microservice"><span class="">使用 MicroProfile、ConfigMaps、Secrets 实现外部化应用配置</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tutorials-configuration-configure-java-microservice-configure-java-microservice-interactive-li"> <input type="checkbox" id="m-zh-cn-docs-tutorials-configuration-configure-java-microservice-configure-java-microservice-interactive-check"/> <label for="m-zh-cn-docs-tutorials-configuration-configure-java-microservice-configure-java-microservice-interactive-check"><a href="/zh-cn/docs/tutorials/configuration/configure-java-microservice/configure-java-microservice-interactive/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tutorials-configuration-configure-java-microservice-configure-java-microservice-interactive"><span class="">互动教程 - 配置 java 微服务</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tutorials-configuration-configure-redis-using-configmap-li"> <input type="checkbox" id="m-zh-cn-docs-tutorials-configuration-configure-redis-using-configmap-check"/> <label for="m-zh-cn-docs-tutorials-configuration-configure-redis-using-configmap-check"><a href="/zh-cn/docs/tutorials/configuration/configure-redis-using-configmap/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tutorials-configuration-configure-redis-using-configmap"><span class="">使用 ConfigMap 来配置 Redis</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-tutorials-security-li"> <input type="checkbox" id="m-zh-cn-docs-tutorials-security-check"/> <label for="m-zh-cn-docs-tutorials-security-check"><a href="/zh-cn/docs/tutorials/security/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-tutorials-security"><span class="">安全</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tutorials-security-cluster-level-pss-li"> <input type="checkbox" id="m-zh-cn-docs-tutorials-security-cluster-level-pss-check"/> <label for="m-zh-cn-docs-tutorials-security-cluster-level-pss-check"><a href="/zh-cn/docs/tutorials/security/cluster-level-pss/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tutorials-security-cluster-level-pss"><span class="">在集群级别应用 Pod 安全标准</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tutorials-security-ns-level-pss-li"> <input type="checkbox" id="m-zh-cn-docs-tutorials-security-ns-level-pss-check"/> <label for="m-zh-cn-docs-tutorials-security-ns-level-pss-check"><a href="/zh-cn/docs/tutorials/security/ns-level-pss/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tutorials-security-ns-level-pss"><span class="">在名字空间级别应用 Pod 安全标准</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tutorials-security-apparmor-li"> <input type="checkbox" id="m-zh-cn-docs-tutorials-security-apparmor-check"/> <label for="m-zh-cn-docs-tutorials-security-apparmor-check"><a href="/zh-cn/docs/tutorials/security/apparmor/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tutorials-security-apparmor"><span class="">使用 AppArmor 限制容器对资源的访问</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tutorials-security-seccomp-li"> <input type="checkbox" id="m-zh-cn-docs-tutorials-security-seccomp-check"/> <label for="m-zh-cn-docs-tutorials-security-seccomp-check"><a href="/zh-cn/docs/tutorials/security/seccomp/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tutorials-security-seccomp"><span class="">使用 seccomp 限制容器的系统调用</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-tutorials-stateless-application-li"> <input type="checkbox" id="m-zh-cn-docs-tutorials-stateless-application-check"/> <label for="m-zh-cn-docs-tutorials-stateless-application-check"><a href="/zh-cn/docs/tutorials/stateless-application/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-tutorials-stateless-application"><span class="">无状态的应用</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tutorials-stateless-application-expose-external-ip-address-li"> <input type="checkbox" id="m-zh-cn-docs-tutorials-stateless-application-expose-external-ip-address-check"/> <label for="m-zh-cn-docs-tutorials-stateless-application-expose-external-ip-address-check"><a href="/zh-cn/docs/tutorials/stateless-application/expose-external-ip-address/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tutorials-stateless-application-expose-external-ip-address"><span class="">公开外部 IP 地址以访问集群中应用程序</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tutorials-stateless-application-guestbook-li"> <input type="checkbox" id="m-zh-cn-docs-tutorials-stateless-application-guestbook-check"/> <label for="m-zh-cn-docs-tutorials-stateless-application-guestbook-check"><a href="/zh-cn/docs/tutorials/stateless-application/guestbook/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tutorials-stateless-application-guestbook"><span class="">示例：使用 Redis 部署 PHP 留言板应用</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-tutorials-stateful-application-li"> <input type="checkbox" id="m-zh-cn-docs-tutorials-stateful-application-check"/> <label for="m-zh-cn-docs-tutorials-stateful-application-check"><a href="/zh-cn/docs/tutorials/stateful-application/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-tutorials-stateful-application"><span class="">有状态的应用</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tutorials-stateful-application-basic-stateful-set-li"> <input type="checkbox" id="m-zh-cn-docs-tutorials-stateful-application-basic-stateful-set-check"/> <label for="m-zh-cn-docs-tutorials-stateful-application-basic-stateful-set-check"><a href="/zh-cn/docs/tutorials/stateful-application/basic-stateful-set/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tutorials-stateful-application-basic-stateful-set"><span class="">StatefulSet 基础</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tutorials-stateful-application-mysql-wordpress-persistent-volume-li"> <input type="checkbox" id="m-zh-cn-docs-tutorials-stateful-application-mysql-wordpress-persistent-volume-check"/> <label for="m-zh-cn-docs-tutorials-stateful-application-mysql-wordpress-persistent-volume-check"><a href="/zh-cn/docs/tutorials/stateful-application/mysql-wordpress-persistent-volume/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tutorials-stateful-application-mysql-wordpress-persistent-volume"><span class="">示例：使用持久卷部署 WordPress 和 MySQL</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tutorials-stateful-application-cassandra-li"> <input type="checkbox" id="m-zh-cn-docs-tutorials-stateful-application-cassandra-check"/> <label for="m-zh-cn-docs-tutorials-stateful-application-cassandra-check"><a href="/zh-cn/docs/tutorials/stateful-application/cassandra/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tutorials-stateful-application-cassandra"><span class="">示例：使用 StatefulSet 部署 Cassandra</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tutorials-stateful-application-zookeeper-li"> <input type="checkbox" id="m-zh-cn-docs-tutorials-stateful-application-zookeeper-check"/> <label for="m-zh-cn-docs-tutorials-stateful-application-zookeeper-check"><a href="/zh-cn/docs/tutorials/stateful-application/zookeeper/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tutorials-stateful-application-zookeeper"><span class="">运行 ZooKeeper，一个分布式协调系统</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-tutorials-services-li"> <input type="checkbox" id="m-zh-cn-docs-tutorials-services-check"/> <label for="m-zh-cn-docs-tutorials-services-check"><a href="/zh-cn/docs/tutorials/services/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-tutorials-services"><span class="">Service</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tutorials-services-connect-applications-service-li"> <input type="checkbox" id="m-zh-cn-docs-tutorials-services-connect-applications-service-check"/> <label for="m-zh-cn-docs-tutorials-services-connect-applications-service-check"><a href="/zh-cn/docs/tutorials/services/connect-applications-service/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tutorials-services-connect-applications-service"><span class="">使用 Service 连接到应用</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tutorials-services-source-ip-li"> <input type="checkbox" id="m-zh-cn-docs-tutorials-services-source-ip-check"/> <label for="m-zh-cn-docs-tutorials-services-source-ip-check"><a href="/zh-cn/docs/tutorials/services/source-ip/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tutorials-services-source-ip"><span class="">使用源 IP</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-tutorials-services-pods-and-endpoint-termination-flow-li"> <input type="checkbox" id="m-zh-cn-docs-tutorials-services-pods-and-endpoint-termination-flow-check"/> <label for="m-zh-cn-docs-tutorials-services-pods-and-endpoint-termination-flow-check"><a href="/zh-cn/docs/tutorials/services/pods-and-endpoint-termination-flow/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-tutorials-services-pods-and-endpoint-termination-flow"><span class="">探索 Pod 及其端点的终止行为</span></a></label> </li> </ul> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-reference-li"> <input type="checkbox" id="m-zh-cn-docs-reference-check"/> <label for="m-zh-cn-docs-reference-check"><a href="/zh-cn/docs/reference/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-reference"><span class="">参考</span></a></label> <ul class="ul-2 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-glossary-li"> <input type="checkbox" id="m-zh-cn-docs-reference-glossary-check"/> <label for="m-zh-cn-docs-reference-glossary-check"><a href="/zh-cn/docs/reference/glossary/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-glossary"><span class="">词汇表</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-reference-using-api-li"> <input type="checkbox" id="m-zh-cn-docs-reference-using-api-check"/> <label for="m-zh-cn-docs-reference-using-api-check"><a href="/zh-cn/docs/reference/using-api/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-reference-using-api"><span class="">API 概述</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-using-api-api-concepts-li"> <input type="checkbox" id="m-zh-cn-docs-reference-using-api-api-concepts-check"/> <label for="m-zh-cn-docs-reference-using-api-api-concepts-check"><a href="/zh-cn/docs/reference/using-api/api-concepts/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-using-api-api-concepts"><span class="">Kubernetes API 概念</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-using-api-server-side-apply-li"> <input type="checkbox" id="m-zh-cn-docs-reference-using-api-server-side-apply-check"/> <label for="m-zh-cn-docs-reference-using-api-server-side-apply-check"><a href="/zh-cn/docs/reference/using-api/server-side-apply/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-using-api-server-side-apply"><span class="">服务器端应用（Server-Side Apply）</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-using-api-client-libraries-li"> <input type="checkbox" id="m-zh-cn-docs-reference-using-api-client-libraries-check"/> <label for="m-zh-cn-docs-reference-using-api-client-libraries-check"><a href="/zh-cn/docs/reference/using-api/client-libraries/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-using-api-client-libraries"><span class="">客户端库</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-using-api-cel-li"> <input type="checkbox" id="m-zh-cn-docs-reference-using-api-cel-check"/> <label for="m-zh-cn-docs-reference-using-api-cel-check"><a href="/zh-cn/docs/reference/using-api/cel/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-using-api-cel"><span class="">Kubernetes 中的通用表达式语言</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-using-api-deprecation-policy-li"> <input type="checkbox" id="m-zh-cn-docs-reference-using-api-deprecation-policy-check"/> <label for="m-zh-cn-docs-reference-using-api-deprecation-policy-check"><a href="/zh-cn/docs/reference/using-api/deprecation-policy/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-using-api-deprecation-policy"><span class="">Kubernetes 弃用策略</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-using-api-deprecation-guide-li"> <input type="checkbox" id="m-zh-cn-docs-reference-using-api-deprecation-guide-check"/> <label for="m-zh-cn-docs-reference-using-api-deprecation-guide-check"><a href="/zh-cn/docs/reference/using-api/deprecation-guide/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-using-api-deprecation-guide"><span class="">已弃用 API 的迁移指南</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-using-api-health-checks-li"> <input type="checkbox" id="m-zh-cn-docs-reference-using-api-health-checks-check"/> <label for="m-zh-cn-docs-reference-using-api-health-checks-check"><a href="/zh-cn/docs/reference/using-api/health-checks/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-using-api-health-checks"><span class="">Kubernetes API 健康端点</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-reference-access-authn-authz-li"> <input type="checkbox" id="m-zh-cn-docs-reference-access-authn-authz-check"/> <label for="m-zh-cn-docs-reference-access-authn-authz-check"><a href="/zh-cn/docs/reference/access-authn-authz/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-reference-access-authn-authz"><span class="">API 访问控制</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-access-authn-authz-authentication-li"> <input type="checkbox" id="m-zh-cn-docs-reference-access-authn-authz-authentication-check"/> <label for="m-zh-cn-docs-reference-access-authn-authz-authentication-check"><a href="/zh-cn/docs/reference/access-authn-authz/authentication/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-access-authn-authz-authentication"><span class="">用户认证</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-access-authn-authz-bootstrap-tokens-li"> <input type="checkbox" id="m-zh-cn-docs-reference-access-authn-authz-bootstrap-tokens-check"/> <label for="m-zh-cn-docs-reference-access-authn-authz-bootstrap-tokens-check"><a href="/zh-cn/docs/reference/access-authn-authz/bootstrap-tokens/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-access-authn-authz-bootstrap-tokens"><span class="">使用启动引导令牌（Bootstrap Tokens）认证</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-access-authn-authz-certificate-signing-requests-li"> <input type="checkbox" id="m-zh-cn-docs-reference-access-authn-authz-certificate-signing-requests-check"/> <label for="m-zh-cn-docs-reference-access-authn-authz-certificate-signing-requests-check"><a href="/zh-cn/docs/reference/access-authn-authz/certificate-signing-requests/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-access-authn-authz-certificate-signing-requests"><span class="">证书和证书签名请求</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-access-authn-authz-admission-controllers-li"> <input type="checkbox" id="m-zh-cn-docs-reference-access-authn-authz-admission-controllers-check"/> <label for="m-zh-cn-docs-reference-access-authn-authz-admission-controllers-check"><a href="/zh-cn/docs/reference/access-authn-authz/admission-controllers/" title="准入控制器参考" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-access-authn-authz-admission-controllers"><span class="">准入控制器</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-access-authn-authz-extensible-admission-controllers-li"> <input type="checkbox" id="m-zh-cn-docs-reference-access-authn-authz-extensible-admission-controllers-check"/> <label for="m-zh-cn-docs-reference-access-authn-authz-extensible-admission-controllers-check"><a href="/zh-cn/docs/reference/access-authn-authz/extensible-admission-controllers/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-access-authn-authz-extensible-admission-controllers"><span class="">动态准入控制</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-access-authn-authz-service-accounts-admin-li"> <input type="checkbox" id="m-zh-cn-docs-reference-access-authn-authz-service-accounts-admin-check"/> <label for="m-zh-cn-docs-reference-access-authn-authz-service-accounts-admin-check"><a href="/zh-cn/docs/reference/access-authn-authz/service-accounts-admin/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-access-authn-authz-service-accounts-admin"><span class="">管理服务账号</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-access-authn-authz-authorization-li"> <input type="checkbox" id="m-zh-cn-docs-reference-access-authn-authz-authorization-check"/> <label for="m-zh-cn-docs-reference-access-authn-authz-authorization-check"><a href="/zh-cn/docs/reference/access-authn-authz/authorization/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-access-authn-authz-authorization"><span class="">鉴权概述</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-access-authn-authz-rbac-li"> <input type="checkbox" id="m-zh-cn-docs-reference-access-authn-authz-rbac-check"/> <label for="m-zh-cn-docs-reference-access-authn-authz-rbac-check"><a href="/zh-cn/docs/reference/access-authn-authz/rbac/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-access-authn-authz-rbac"><span class="">使用 RBAC 鉴权</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-access-authn-authz-abac-li"> <input type="checkbox" id="m-zh-cn-docs-reference-access-authn-authz-abac-check"/> <label for="m-zh-cn-docs-reference-access-authn-authz-abac-check"><a href="/zh-cn/docs/reference/access-authn-authz/abac/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-access-authn-authz-abac"><span class="">使用 ABAC 鉴权</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-access-authn-authz-node-li"> <input type="checkbox" id="m-zh-cn-docs-reference-access-authn-authz-node-check"/> <label for="m-zh-cn-docs-reference-access-authn-authz-node-check"><a href="/zh-cn/docs/reference/access-authn-authz/node/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-access-authn-authz-node"><span class="">使用 Node 鉴权</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-access-authn-authz-psp-to-pod-security-standards-li"> <input type="checkbox" id="m-zh-cn-docs-reference-access-authn-authz-psp-to-pod-security-standards-check"/> <label for="m-zh-cn-docs-reference-access-authn-authz-psp-to-pod-security-standards-check"><a href="/zh-cn/docs/reference/access-authn-authz/psp-to-pod-security-standards/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-access-authn-authz-psp-to-pod-security-standards"><span class="">从 PodSecurityPolicy 映射到 Pod 安全性标准</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-access-authn-authz-webhook-li"> <input type="checkbox" id="m-zh-cn-docs-reference-access-authn-authz-webhook-check"/> <label for="m-zh-cn-docs-reference-access-authn-authz-webhook-check"><a href="/zh-cn/docs/reference/access-authn-authz/webhook/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-access-authn-authz-webhook"><span class="">Webhook 模式</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-access-authn-authz-kubelet-authn-authz-li"> <input type="checkbox" id="m-zh-cn-docs-reference-access-authn-authz-kubelet-authn-authz-check"/> <label for="m-zh-cn-docs-reference-access-authn-authz-kubelet-authn-authz-check"><a href="/zh-cn/docs/reference/access-authn-authz/kubelet-authn-authz/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-access-authn-authz-kubelet-authn-authz"><span class="">Kubelet 认证/鉴权</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-access-authn-authz-kubelet-tls-bootstrapping-li"> <input type="checkbox" id="m-zh-cn-docs-reference-access-authn-authz-kubelet-tls-bootstrapping-check"/> <label for="m-zh-cn-docs-reference-access-authn-authz-kubelet-tls-bootstrapping-check"><a href="/zh-cn/docs/reference/access-authn-authz/kubelet-tls-bootstrapping/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-access-authn-authz-kubelet-tls-bootstrapping"><span class="">TLS 启动引导</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-access-authn-authz-validating-admission-policy-li"> <input type="checkbox" id="m-zh-cn-docs-reference-access-authn-authz-validating-admission-policy-check"/> <label for="m-zh-cn-docs-reference-access-authn-authz-validating-admission-policy-check"><a href="/zh-cn/docs/reference/access-authn-authz/validating-admission-policy/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-access-authn-authz-validating-admission-policy"><span class="">验证准入策略（ValidatingAdmissionPolicy）</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-reference-labels-annotations-taints-li"> <input type="checkbox" id="m-zh-cn-docs-reference-labels-annotations-taints-check"/> <label for="m-zh-cn-docs-reference-labels-annotations-taints-check"><a href="/zh-cn/docs/reference/labels-annotations-taints/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-reference-labels-annotations-taints"><span class="">众所周知的标签、注解和污点</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-labels-annotations-taints-audit-annotations-li"> <input type="checkbox" id="m-zh-cn-docs-reference-labels-annotations-taints-audit-annotations-check"/> <label for="m-zh-cn-docs-reference-labels-annotations-taints-audit-annotations-check"><a href="/zh-cn/docs/reference/labels-annotations-taints/audit-annotations/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-labels-annotations-taints-audit-annotations"><span class="">审计注解</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-reference-kubernetes-api-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-check"><a href="/zh-cn/docs/reference/kubernetes-api/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-reference-kubernetes-api"><span class="">Kubernetes API</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-workload-resources-check"><a href="/zh-cn/docs/reference/kubernetes-api/workload-resources/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources"><span class="">工作负载资源</span></a></label> <ul class="ul-4 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-pod-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-pod-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-workload-resources-pod-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/workload-resources/pod-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-pod-v1"><span class="">Pod</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-pod-template-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-pod-template-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-workload-resources-pod-template-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/workload-resources/pod-template-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-pod-template-v1"><span class="">PodTemplate</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-replication-controller-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-replication-controller-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-workload-resources-replication-controller-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/workload-resources/replication-controller-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-replication-controller-v1"><span class="">ReplicationController</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-replica-set-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-replica-set-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-workload-resources-replica-set-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/workload-resources/replica-set-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-replica-set-v1"><span class="">ReplicaSet</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-deployment-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-deployment-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-workload-resources-deployment-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/workload-resources/deployment-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-deployment-v1"><span class="">Deployment</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-stateful-set-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-stateful-set-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-workload-resources-stateful-set-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/workload-resources/stateful-set-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-stateful-set-v1"><span class="">StatefulSet</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-controller-revision-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-controller-revision-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-workload-resources-controller-revision-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/workload-resources/controller-revision-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-controller-revision-v1"><span class="">ControllerRevision</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-daemon-set-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-daemon-set-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-workload-resources-daemon-set-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/workload-resources/daemon-set-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-daemon-set-v1"><span class="">DaemonSet</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-job-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-job-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-workload-resources-job-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/workload-resources/job-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-job-v1"><span class="">Job</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-cron-job-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-cron-job-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-workload-resources-cron-job-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/workload-resources/cron-job-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-cron-job-v1"><span class="">CronJob</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-horizontal-pod-autoscaler-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-horizontal-pod-autoscaler-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-workload-resources-horizontal-pod-autoscaler-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/workload-resources/horizontal-pod-autoscaler-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-horizontal-pod-autoscaler-v1"><span class="">HorizontalPodAutoscaler</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-horizontal-pod-autoscaler-v2-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-horizontal-pod-autoscaler-v2-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-workload-resources-horizontal-pod-autoscaler-v2-check"><a href="/zh-cn/docs/reference/kubernetes-api/workload-resources/horizontal-pod-autoscaler-v2/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-horizontal-pod-autoscaler-v2"><span class="">HorizontalPodAutoscaler</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-priority-class-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-priority-class-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-workload-resources-priority-class-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/workload-resources/priority-class-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-priority-class-v1"><span class="">PriorityClass</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-pod-scheduling-context-v1alpha2-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-pod-scheduling-context-v1alpha2-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-workload-resources-pod-scheduling-context-v1alpha2-check"><a href="/zh-cn/docs/reference/kubernetes-api/workload-resources/pod-scheduling-context-v1alpha2/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-pod-scheduling-context-v1alpha2"><span class="">PodSchedulingContext v1alpha2</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-resource-claim-v1alpha2-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-resource-claim-v1alpha2-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-workload-resources-resource-claim-v1alpha2-check"><a href="/zh-cn/docs/reference/kubernetes-api/workload-resources/resource-claim-v1alpha2/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-resource-claim-v1alpha2"><span class="">ResourceClaim v1alpha2</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-resource-claim-template-v1alpha2-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-resource-claim-template-v1alpha2-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-workload-resources-resource-claim-template-v1alpha2-check"><a href="/zh-cn/docs/reference/kubernetes-api/workload-resources/resource-claim-template-v1alpha2/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-resource-claim-template-v1alpha2"><span class="">ResourceClaimTemplate v1alpha2</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-resource-class-v1alpha2-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-resource-class-v1alpha2-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-workload-resources-resource-class-v1alpha2-check"><a href="/zh-cn/docs/reference/kubernetes-api/workload-resources/resource-class-v1alpha2/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-workload-resources-resource-class-v1alpha2"><span class="">ResourceClass v1alpha2</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-reference-kubernetes-api-service-resources-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-service-resources-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-service-resources-check"><a href="/zh-cn/docs/reference/kubernetes-api/service-resources/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-reference-kubernetes-api-service-resources"><span class="">Service 资源</span></a></label> <ul class="ul-4 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-service-resources-service-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-service-resources-service-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-service-resources-service-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/service-resources/service-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-service-resources-service-v1"><span class="">Service</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-service-resources-endpoints-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-service-resources-endpoints-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-service-resources-endpoints-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/service-resources/endpoints-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-service-resources-endpoints-v1"><span class="">Endpoints</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-service-resources-endpoint-slice-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-service-resources-endpoint-slice-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-service-resources-endpoint-slice-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/service-resources/endpoint-slice-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-service-resources-endpoint-slice-v1"><span class="">EndpointSlice</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-service-resources-ingress-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-service-resources-ingress-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-service-resources-ingress-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/service-resources/ingress-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-service-resources-ingress-v1"><span class="">Ingress</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-service-resources-ingress-class-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-service-resources-ingress-class-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-service-resources-ingress-class-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/service-resources/ingress-class-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-service-resources-ingress-class-v1"><span class="">IngressClass</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-reference-kubernetes-api-config-and-storage-resources-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-config-and-storage-resources-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-config-and-storage-resources-check"><a href="/zh-cn/docs/reference/kubernetes-api/config-and-storage-resources/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-reference-kubernetes-api-config-and-storage-resources"><span class="">配置和存储资源</span></a></label> <ul class="ul-4 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-config-and-storage-resources-config-map-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-config-and-storage-resources-config-map-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-config-and-storage-resources-config-map-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/config-and-storage-resources/config-map-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-config-and-storage-resources-config-map-v1"><span class="">ConfigMap</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-config-and-storage-resources-secret-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-config-and-storage-resources-secret-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-config-and-storage-resources-secret-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/config-and-storage-resources/secret-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-config-and-storage-resources-secret-v1"><span class="">Secret</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-config-and-storage-resources-volume-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-config-and-storage-resources-volume-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-config-and-storage-resources-volume-check"><a href="/zh-cn/docs/reference/kubernetes-api/config-and-storage-resources/volume/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-config-and-storage-resources-volume"><span class="">Volume</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-config-and-storage-resources-persistent-volume-claim-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-config-and-storage-resources-persistent-volume-claim-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-config-and-storage-resources-persistent-volume-claim-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-claim-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-config-and-storage-resources-persistent-volume-claim-v1"><span class="">PersistentVolumeClaim</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-config-and-storage-resources-persistent-volume-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-config-and-storage-resources-persistent-volume-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-config-and-storage-resources-persistent-volume-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/config-and-storage-resources/persistent-volume-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-config-and-storage-resources-persistent-volume-v1"><span class="">PersistentVolume</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-config-and-storage-resources-storage-class-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-config-and-storage-resources-storage-class-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-config-and-storage-resources-storage-class-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/config-and-storage-resources/storage-class-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-config-and-storage-resources-storage-class-v1"><span class="">StorageClass</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-config-and-storage-resources-volume-attachment-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-config-and-storage-resources-volume-attachment-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-config-and-storage-resources-volume-attachment-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/config-and-storage-resources/volume-attachment-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-config-and-storage-resources-volume-attachment-v1"><span class="">VolumeAttachment</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-config-and-storage-resources-csi-driver-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-config-and-storage-resources-csi-driver-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-config-and-storage-resources-csi-driver-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/config-and-storage-resources/csi-driver-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-config-and-storage-resources-csi-driver-v1"><span class="">CSIDriver</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-config-and-storage-resources-csi-node-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-config-and-storage-resources-csi-node-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-config-and-storage-resources-csi-node-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/config-and-storage-resources/csi-node-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-config-and-storage-resources-csi-node-v1"><span class="">CSINode</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-config-and-storage-resources-csi-storage-capacity-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-config-and-storage-resources-csi-storage-capacity-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-config-and-storage-resources-csi-storage-capacity-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/config-and-storage-resources/csi-storage-capacity-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-config-and-storage-resources-csi-storage-capacity-v1"><span class="">CSIStorageCapacity</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-reference-kubernetes-api-authentication-resources-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-authentication-resources-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-authentication-resources-check"><a href="/zh-cn/docs/reference/kubernetes-api/authentication-resources/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-reference-kubernetes-api-authentication-resources"><span class="">身份认证资源</span></a></label> <ul class="ul-4 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-authentication-resources-service-account-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-authentication-resources-service-account-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-authentication-resources-service-account-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/authentication-resources/service-account-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-authentication-resources-service-account-v1"><span class="">ServiceAccount</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-authentication-resources-token-request-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-authentication-resources-token-request-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-authentication-resources-token-request-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/authentication-resources/token-request-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-authentication-resources-token-request-v1"><span class="">TokenRequest</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-authentication-resources-token-review-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-authentication-resources-token-review-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-authentication-resources-token-review-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/authentication-resources/token-review-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-authentication-resources-token-review-v1"><span class="">TokenReview</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-authentication-resources-certificate-signing-request-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-authentication-resources-certificate-signing-request-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-authentication-resources-certificate-signing-request-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/authentication-resources/certificate-signing-request-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-authentication-resources-certificate-signing-request-v1"><span class="">CertificateSigningRequest</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-authentication-resources-cluster-trust-bundle-v1alpha1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-authentication-resources-cluster-trust-bundle-v1alpha1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-authentication-resources-cluster-trust-bundle-v1alpha1-check"><a href="/zh-cn/docs/reference/kubernetes-api/authentication-resources/cluster-trust-bundle-v1alpha1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-authentication-resources-cluster-trust-bundle-v1alpha1"><span class="">ClusterTrustBundle v1alpha1</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-authentication-resources-self-subject-review-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-authentication-resources-self-subject-review-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-authentication-resources-self-subject-review-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/authentication-resources/self-subject-review-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-authentication-resources-self-subject-review-v1"><span class="">SelfSubjectReview</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-reference-kubernetes-api-authorization-resources-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-authorization-resources-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-authorization-resources-check"><a href="/zh-cn/docs/reference/kubernetes-api/authorization-resources/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-reference-kubernetes-api-authorization-resources"><span class="">鉴权资源</span></a></label> <ul class="ul-4 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-authorization-resources-local-subject-access-review-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-authorization-resources-local-subject-access-review-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-authorization-resources-local-subject-access-review-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/authorization-resources/local-subject-access-review-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-authorization-resources-local-subject-access-review-v1"><span class="">LocalSubjectAccessReview</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-authorization-resources-self-subject-access-review-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-authorization-resources-self-subject-access-review-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-authorization-resources-self-subject-access-review-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/authorization-resources/self-subject-access-review-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-authorization-resources-self-subject-access-review-v1"><span class="">SelfSubjectAccessReview</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-authorization-resources-self-subject-rules-review-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-authorization-resources-self-subject-rules-review-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-authorization-resources-self-subject-rules-review-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/authorization-resources/self-subject-rules-review-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-authorization-resources-self-subject-rules-review-v1"><span class="">SelfSubjectRulesReview</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-authorization-resources-subject-access-review-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-authorization-resources-subject-access-review-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-authorization-resources-subject-access-review-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/authorization-resources/subject-access-review-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-authorization-resources-subject-access-review-v1"><span class="">SubjectAccessReview</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-authorization-resources-cluster-role-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-authorization-resources-cluster-role-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-authorization-resources-cluster-role-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/authorization-resources/cluster-role-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-authorization-resources-cluster-role-v1"><span class="">ClusterRole</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-authorization-resources-cluster-role-binding-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-authorization-resources-cluster-role-binding-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-authorization-resources-cluster-role-binding-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/authorization-resources/cluster-role-binding-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-authorization-resources-cluster-role-binding-v1"><span class="">ClusterRoleBinding</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-authorization-resources-role-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-authorization-resources-role-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-authorization-resources-role-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/authorization-resources/role-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-authorization-resources-role-v1"><span class="">Role</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-authorization-resources-role-binding-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-authorization-resources-role-binding-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-authorization-resources-role-binding-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/authorization-resources/role-binding-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-authorization-resources-role-binding-v1"><span class="">RoleBinding</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-reference-kubernetes-api-policy-resources-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-policy-resources-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-policy-resources-check"><a href="/zh-cn/docs/reference/kubernetes-api/policy-resources/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-reference-kubernetes-api-policy-resources"><span class="">策略资源</span></a></label> <ul class="ul-4 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-policy-resources-limit-range-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-policy-resources-limit-range-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-policy-resources-limit-range-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/policy-resources/limit-range-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-policy-resources-limit-range-v1"><span class="">LimitRange</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-policy-resources-resource-quota-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-policy-resources-resource-quota-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-policy-resources-resource-quota-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/policy-resources/resource-quota-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-policy-resources-resource-quota-v1"><span class="">ResourceQuota</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-policy-resources-network-policy-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-policy-resources-network-policy-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-policy-resources-network-policy-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/policy-resources/network-policy-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-policy-resources-network-policy-v1"><span class="">NetworkPolicy</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-policy-resources-pod-disruption-budget-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-policy-resources-pod-disruption-budget-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-policy-resources-pod-disruption-budget-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/policy-resources/pod-disruption-budget-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-policy-resources-pod-disruption-budget-v1"><span class="">PodDisruptionBudget</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-policy-resources-ip-address-v1alpha1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-policy-resources-ip-address-v1alpha1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-policy-resources-ip-address-v1alpha1-check"><a href="/zh-cn/docs/reference/kubernetes-api/policy-resources/ip-address-v1alpha1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-policy-resources-ip-address-v1alpha1"><span class="">IPAddress v1alpha1</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-reference-kubernetes-api-extend-resources-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-extend-resources-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-extend-resources-check"><a href="/zh-cn/docs/reference/kubernetes-api/extend-resources/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-reference-kubernetes-api-extend-resources"><span class="">扩展资源</span></a></label> <ul class="ul-4 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-extend-resources-custom-resource-definition-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-extend-resources-custom-resource-definition-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-extend-resources-custom-resource-definition-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/extend-resources/custom-resource-definition-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-extend-resources-custom-resource-definition-v1"><span class="">CustomResourceDefinition</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-extend-resources-mutating-webhook-configuration-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-extend-resources-mutating-webhook-configuration-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-extend-resources-mutating-webhook-configuration-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/extend-resources/mutating-webhook-configuration-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-extend-resources-mutating-webhook-configuration-v1"><span class="">MutatingWebhookConfiguration</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-extend-resources-validating-webhook-configuration-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-extend-resources-validating-webhook-configuration-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-extend-resources-validating-webhook-configuration-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/extend-resources/validating-webhook-configuration-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-extend-resources-validating-webhook-configuration-v1"><span class="">ValidatingWebhookConfiguration</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-docs-reference-kubernetes-api-extend-resources-validating-admission-policy-v1beta1-li"> <input type="checkbox" id="m-docs-reference-kubernetes-api-extend-resources-validating-admission-policy-v1beta1-check"/> <label for="m-docs-reference-kubernetes-api-extend-resources-validating-admission-policy-v1beta1-check"><a href="/docs/reference/kubernetes-api/extend-resources/validating-admission-policy-v1beta1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-docs-reference-kubernetes-api-extend-resources-validating-admission-policy-v1beta1"><span class="">ValidatingAdmissionPolicy v1beta1</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-reference-kubernetes-api-cluster-resources-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-cluster-resources-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-cluster-resources-check"><a href="/zh-cn/docs/reference/kubernetes-api/cluster-resources/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-reference-kubernetes-api-cluster-resources"><span class="">集群资源</span></a></label> <ul class="ul-4 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-cluster-resources-node-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-cluster-resources-node-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-cluster-resources-node-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/cluster-resources/node-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-cluster-resources-node-v1"><span class="">Node</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-cluster-resources-namespace-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-cluster-resources-namespace-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-cluster-resources-namespace-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/cluster-resources/namespace-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-cluster-resources-namespace-v1"><span class="">Namespace</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-cluster-resources-event-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-cluster-resources-event-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-cluster-resources-event-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/cluster-resources/event-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-cluster-resources-event-v1"><span class="">Event</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-cluster-resources-api-service-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-cluster-resources-api-service-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-cluster-resources-api-service-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/cluster-resources/api-service-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-cluster-resources-api-service-v1"><span class="">APIService</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-cluster-resources-lease-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-cluster-resources-lease-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-cluster-resources-lease-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/cluster-resources/lease-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-cluster-resources-lease-v1"><span class="">Lease</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-cluster-resources-runtime-class-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-cluster-resources-runtime-class-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-cluster-resources-runtime-class-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/cluster-resources/runtime-class-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-cluster-resources-runtime-class-v1"><span class="">RuntimeClass</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-cluster-resources-flow-schema-v1beta3-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-cluster-resources-flow-schema-v1beta3-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-cluster-resources-flow-schema-v1beta3-check"><a href="/zh-cn/docs/reference/kubernetes-api/cluster-resources/flow-schema-v1beta3/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-cluster-resources-flow-schema-v1beta3"><span class="">FlowSchema v1beta3</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-cluster-resources-priority-level-configuration-v1beta3-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-cluster-resources-priority-level-configuration-v1beta3-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-cluster-resources-priority-level-configuration-v1beta3-check"><a href="/zh-cn/docs/reference/kubernetes-api/cluster-resources/priority-level-configuration-v1beta3/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-cluster-resources-priority-level-configuration-v1beta3"><span class="">PriorityLevelConfiguration v1beta3</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-cluster-resources-binding-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-cluster-resources-binding-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-cluster-resources-binding-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/cluster-resources/binding-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-cluster-resources-binding-v1"><span class="">Binding</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-cluster-resources-component-status-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-cluster-resources-component-status-v1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-cluster-resources-component-status-v1-check"><a href="/zh-cn/docs/reference/kubernetes-api/cluster-resources/component-status-v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-cluster-resources-component-status-v1"><span class="">ComponentStatus</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-cluster-resources-cluster-cidr-v1alpha1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-cluster-resources-cluster-cidr-v1alpha1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-cluster-resources-cluster-cidr-v1alpha1-check"><a href="/zh-cn/docs/reference/kubernetes-api/cluster-resources/cluster-cidr-v1alpha1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-cluster-resources-cluster-cidr-v1alpha1"><span class="">ClusterCIDR v1alpha1</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-reference-kubernetes-api-common-definitions-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-common-definitions-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-common-definitions-check"><a href="/zh-cn/docs/reference/kubernetes-api/common-definitions/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-reference-kubernetes-api-common-definitions"><span class="">公共定义</span></a></label> <ul class="ul-4 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-common-definitions-delete-options-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-common-definitions-delete-options-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-common-definitions-delete-options-check"><a href="/zh-cn/docs/reference/kubernetes-api/common-definitions/delete-options/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-common-definitions-delete-options"><span class="">DeleteOptions</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-common-definitions-label-selector-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-common-definitions-label-selector-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-common-definitions-label-selector-check"><a href="/zh-cn/docs/reference/kubernetes-api/common-definitions/label-selector/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-common-definitions-label-selector"><span class="">LabelSelector</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-common-definitions-list-meta-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-common-definitions-list-meta-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-common-definitions-list-meta-check"><a href="/zh-cn/docs/reference/kubernetes-api/common-definitions/list-meta/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-common-definitions-list-meta"><span class="">ListMeta</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-common-definitions-local-object-reference-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-common-definitions-local-object-reference-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-common-definitions-local-object-reference-check"><a href="/zh-cn/docs/reference/kubernetes-api/common-definitions/local-object-reference/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-common-definitions-local-object-reference"><span class="">LocalObjectReference</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-common-definitions-node-selector-requirement-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-common-definitions-node-selector-requirement-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-common-definitions-node-selector-requirement-check"><a href="/zh-cn/docs/reference/kubernetes-api/common-definitions/node-selector-requirement/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-common-definitions-node-selector-requirement"><span class="">NodeSelectorRequirement</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-common-definitions-object-field-selector-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-common-definitions-object-field-selector-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-common-definitions-object-field-selector-check"><a href="/zh-cn/docs/reference/kubernetes-api/common-definitions/object-field-selector/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-common-definitions-object-field-selector"><span class="">ObjectFieldSelector</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-common-definitions-object-meta-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-common-definitions-object-meta-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-common-definitions-object-meta-check"><a href="/zh-cn/docs/reference/kubernetes-api/common-definitions/object-meta/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-common-definitions-object-meta"><span class="">ObjectMeta</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-common-definitions-object-reference-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-common-definitions-object-reference-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-common-definitions-object-reference-check"><a href="/zh-cn/docs/reference/kubernetes-api/common-definitions/object-reference/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-common-definitions-object-reference"><span class="">ObjectReference</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-common-definitions-patch-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-common-definitions-patch-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-common-definitions-patch-check"><a href="/zh-cn/docs/reference/kubernetes-api/common-definitions/patch/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-common-definitions-patch"><span class="">Patch</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-common-definitions-quantity-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-common-definitions-quantity-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-common-definitions-quantity-check"><a href="/zh-cn/docs/reference/kubernetes-api/common-definitions/quantity/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-common-definitions-quantity"><span class="">Quantity</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-common-definitions-resource-field-selector-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-common-definitions-resource-field-selector-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-common-definitions-resource-field-selector-check"><a href="/zh-cn/docs/reference/kubernetes-api/common-definitions/resource-field-selector/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-common-definitions-resource-field-selector"><span class="">ResourceFieldSelector</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-common-definitions-status-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-common-definitions-status-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-common-definitions-status-check"><a href="/zh-cn/docs/reference/kubernetes-api/common-definitions/status/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-common-definitions-status"><span class="">Status</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-common-definitions-typed-local-object-reference-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-common-definitions-typed-local-object-reference-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-common-definitions-typed-local-object-reference-check"><a href="/zh-cn/docs/reference/kubernetes-api/common-definitions/typed-local-object-reference/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-common-definitions-typed-local-object-reference"><span class="">TypedLocalObjectReference</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-reference-kubernetes-api-other-resources-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-other-resources-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-other-resources-check"><a href="/zh-cn/docs/reference/kubernetes-api/other-resources/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-reference-kubernetes-api-other-resources"><span class="">其他资源</span></a></label> <ul class="ul-4 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-docs-reference-kubernetes-api-other-resources-validating-admission-policy-binding-list-v1beta1-li"> <input type="checkbox" id="m-docs-reference-kubernetes-api-other-resources-validating-admission-policy-binding-list-v1beta1-check"/> <label for="m-docs-reference-kubernetes-api-other-resources-validating-admission-policy-binding-list-v1beta1-check"><a href="/docs/reference/kubernetes-api/other-resources/validating-admission-policy-binding-list-v1beta1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-docs-reference-kubernetes-api-other-resources-validating-admission-policy-binding-list-v1beta1"><span class="">ValidatingAdmissionPolicyBindingList v1beta1</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-other-resources-validating-admission-policy-binding-list-v1alpha1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-other-resources-validating-admission-policy-binding-list-v1alpha1-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-other-resources-validating-admission-policy-binding-list-v1alpha1-check"><a href="/zh-cn/docs/reference/kubernetes-api/other-resources/validating-admission-policy-binding-list-v1alpha1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-other-resources-validating-admission-policy-binding-list-v1alpha1"><span class="">ValidatingAdmissionPolicyBindingList v1beta1</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubernetes-api-common-parameters-common-parameters-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubernetes-api-common-parameters-common-parameters-check"/> <label for="m-zh-cn-docs-reference-kubernetes-api-common-parameters-common-parameters-check"><a href="/zh-cn/docs/reference/kubernetes-api/common-parameters/common-parameters/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubernetes-api-common-parameters-common-parameters"><span class="">常用参数</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-reference-instrumentation-li"> <input type="checkbox" id="m-zh-cn-docs-reference-instrumentation-check"/> <label for="m-zh-cn-docs-reference-instrumentation-check"><a href="/zh-cn/docs/reference/instrumentation/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-reference-instrumentation"><span class="">插桩</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-instrumentation-slis-li"> <input type="checkbox" id="m-zh-cn-docs-reference-instrumentation-slis-check"/> <label for="m-zh-cn-docs-reference-instrumentation-slis-check"><a href="/zh-cn/docs/reference/instrumentation/slis/" title="Kubernetes 组件 SLI 指标" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-instrumentation-slis"><span class="">服务水平指示器指标</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-instrumentation-cri-pod-container-metrics-li"> <input type="checkbox" id="m-zh-cn-docs-reference-instrumentation-cri-pod-container-metrics-check"/> <label for="m-zh-cn-docs-reference-instrumentation-cri-pod-container-metrics-check"><a href="/zh-cn/docs/reference/instrumentation/cri-pod-container-metrics/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-instrumentation-cri-pod-container-metrics"><span class="">CRI Pod 和容器指标</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-instrumentation-node-metrics-li"> <input type="checkbox" id="m-zh-cn-docs-reference-instrumentation-node-metrics-check"/> <label for="m-zh-cn-docs-reference-instrumentation-node-metrics-check"><a href="/zh-cn/docs/reference/instrumentation/node-metrics/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-instrumentation-node-metrics"><span class="">节点指标数据</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-docs-reference-instrumentation-metrics-li"> <input type="checkbox" id="m-docs-reference-instrumentation-metrics-check"/> <label for="m-docs-reference-instrumentation-metrics-check"><a href="/docs/reference/instrumentation/metrics/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-docs-reference-instrumentation-metrics"><span class="">Kubernetes Metrics Reference</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-reference-issues-security-li"> <input type="checkbox" id="m-zh-cn-docs-reference-issues-security-check"/> <label for="m-zh-cn-docs-reference-issues-security-check"><a href="/zh-cn/docs/reference/issues-security/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-reference-issues-security"><span class="">Kubernetes 问题和安全</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-issues-security-issues-li"> <input type="checkbox" id="m-zh-cn-docs-reference-issues-security-issues-check"/> <label for="m-zh-cn-docs-reference-issues-security-issues-check"><a href="/zh-cn/docs/reference/issues-security/issues/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-issues-security-issues"><span class="">Kubernetes 问题追踪</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-issues-security-security-li"> <input type="checkbox" id="m-zh-cn-docs-reference-issues-security-security-check"/> <label for="m-zh-cn-docs-reference-issues-security-security-check"><a href="/zh-cn/docs/reference/issues-security/security/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-issues-security-security"><span class="">Kubernetes 安全和信息披露</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-issues-security-official-cve-feed-li"> <input type="checkbox" id="m-zh-cn-docs-reference-issues-security-official-cve-feed-check"/> <label for="m-zh-cn-docs-reference-issues-security-official-cve-feed-check"><a href="/zh-cn/docs/reference/issues-security/official-cve-feed/" title="官方 CVE 订阅源" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-issues-security-official-cve-feed"><span class="">CVE feed</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-reference-node-li"> <input type="checkbox" id="m-zh-cn-docs-reference-node-check"/> <label for="m-zh-cn-docs-reference-node-check"><a href="/zh-cn/docs/reference/node/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-reference-node"><span class="">节点参考信息</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-node-kubelet-checkpoint-api-li"> <input type="checkbox" id="m-zh-cn-docs-reference-node-kubelet-checkpoint-api-check"/> <label for="m-zh-cn-docs-reference-node-kubelet-checkpoint-api-check"><a href="/zh-cn/docs/reference/node/kubelet-checkpoint-api/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-node-kubelet-checkpoint-api"><span class="">Kubelet Checkpoint API</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-node-topics-on-dockershim-and-cri-compatible-runtimes-li"> <input type="checkbox" id="m-zh-cn-docs-reference-node-topics-on-dockershim-and-cri-compatible-runtimes-check"/> <label for="m-zh-cn-docs-reference-node-topics-on-dockershim-and-cri-compatible-runtimes-check"><a href="/zh-cn/docs/reference/node/topics-on-dockershim-and-cri-compatible-runtimes/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-node-topics-on-dockershim-and-cri-compatible-runtimes"><span class="">关于 dockershim 移除和使用兼容 CRI 运行时的文章</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-node-device-plugin-api-versions-li"> <input type="checkbox" id="m-zh-cn-docs-reference-node-device-plugin-api-versions-check"/> <label for="m-zh-cn-docs-reference-node-device-plugin-api-versions-check"><a href="/zh-cn/docs/reference/node/device-plugin-api-versions/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-node-device-plugin-api-versions"><span class="">Kubelet 设备管理器 API 版本</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-node-node-status-li"> <input type="checkbox" id="m-zh-cn-docs-reference-node-node-status-check"/> <label for="m-zh-cn-docs-reference-node-node-status-check"><a href="/zh-cn/docs/reference/node/node-status/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-node-node-status"><span class="">节点状态</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-node-node-labels-li"> <input type="checkbox" id="m-zh-cn-docs-reference-node-node-labels-check"/> <label for="m-zh-cn-docs-reference-node-node-labels-check"><a href="/zh-cn/docs/reference/node/node-labels/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-node-node-labels"><span class=""></span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-reference-networking-li"> <input type="checkbox" id="m-zh-cn-docs-reference-networking-check"/> <label for="m-zh-cn-docs-reference-networking-check"><a href="/zh-cn/docs/reference/networking/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-reference-networking"><span class="">网络参考</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-networking-service-protocols-li"> <input type="checkbox" id="m-zh-cn-docs-reference-networking-service-protocols-check"/> <label for="m-zh-cn-docs-reference-networking-service-protocols-check"><a href="/zh-cn/docs/reference/networking/service-protocols/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-networking-service-protocols"><span class="">Service 所用的协议</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-networking-ports-and-protocols-li"> <input type="checkbox" id="m-zh-cn-docs-reference-networking-ports-and-protocols-check"/> <label for="m-zh-cn-docs-reference-networking-ports-and-protocols-check"><a href="/zh-cn/docs/reference/networking/ports-and-protocols/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-networking-ports-and-protocols"><span class="">端口和协议</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-networking-virtual-ips-li"> <input type="checkbox" id="m-zh-cn-docs-reference-networking-virtual-ips-check"/> <label for="m-zh-cn-docs-reference-networking-virtual-ips-check"><a href="/zh-cn/docs/reference/networking/virtual-ips/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-networking-virtual-ips"><span class="">虚拟 IP 和服务代理</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-reference-setup-tools-li"> <input type="checkbox" id="m-zh-cn-docs-reference-setup-tools-check"/> <label for="m-zh-cn-docs-reference-setup-tools-check"><a href="/zh-cn/docs/reference/setup-tools/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-reference-setup-tools"><span class="">安装工具</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-reference-setup-tools-kubeadm-li"> <input type="checkbox" id="m-zh-cn-docs-reference-setup-tools-kubeadm-check"/> <label for="m-zh-cn-docs-reference-setup-tools-kubeadm-check"><a href="/zh-cn/docs/reference/setup-tools/kubeadm/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-reference-setup-tools-kubeadm"><span class="">Kubeadm</span></a></label> <ul class="ul-4 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-init-li"> <input type="checkbox" id="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-init-check"/> <label for="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-init-check"><a href="/zh-cn/docs/reference/setup-tools/kubeadm/kubeadm-init/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-init"><span class="">kubeadm init</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-join-li"> <input type="checkbox" id="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-join-check"/> <label for="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-join-check"><a href="/zh-cn/docs/reference/setup-tools/kubeadm/kubeadm-join/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-join"><span class="">kubeadm join</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-upgrade-li"> <input type="checkbox" id="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-upgrade-check"/> <label for="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-upgrade-check"><a href="/zh-cn/docs/reference/setup-tools/kubeadm/kubeadm-upgrade/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-upgrade"><span class="">kubeadm upgrade</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-config-li"> <input type="checkbox" id="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-config-check"/> <label for="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-config-check"><a href="/zh-cn/docs/reference/setup-tools/kubeadm/kubeadm-config/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-config"><span class="">kubeadm config</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-reset-li"> <input type="checkbox" id="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-reset-check"/> <label for="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-reset-check"><a href="/zh-cn/docs/reference/setup-tools/kubeadm/kubeadm-reset/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-reset"><span class="">kubeadm reset</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-token-li"> <input type="checkbox" id="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-token-check"/> <label for="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-token-check"><a href="/zh-cn/docs/reference/setup-tools/kubeadm/kubeadm-token/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-token"><span class="">kubeadm token</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-version-li"> <input type="checkbox" id="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-version-check"/> <label for="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-version-check"><a href="/zh-cn/docs/reference/setup-tools/kubeadm/kubeadm-version/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-version"><span class="">kubeadm version</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-alpha-li"> <input type="checkbox" id="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-alpha-check"/> <label for="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-alpha-check"><a href="/zh-cn/docs/reference/setup-tools/kubeadm/kubeadm-alpha/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-alpha"><span class="">kubeadm alpha</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-certs-li"> <input type="checkbox" id="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-certs-check"/> <label for="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-certs-check"><a href="/zh-cn/docs/reference/setup-tools/kubeadm/kubeadm-certs/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-certs"><span class="">kubeadm certs</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-init-phase-li"> <input type="checkbox" id="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-init-phase-check"/> <label for="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-init-phase-check"><a href="/zh-cn/docs/reference/setup-tools/kubeadm/kubeadm-init-phase/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-init-phase"><span class="">kubeadm init phase</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-join-phase-li"> <input type="checkbox" id="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-join-phase-check"/> <label for="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-join-phase-check"><a href="/zh-cn/docs/reference/setup-tools/kubeadm/kubeadm-join-phase/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-join-phase"><span class="">kubeadm join phase</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-kubeconfig-li"> <input type="checkbox" id="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-kubeconfig-check"/> <label for="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-kubeconfig-check"><a href="/zh-cn/docs/reference/setup-tools/kubeadm/kubeadm-kubeconfig/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-kubeconfig"><span class="">kubeadm kubeconfig</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-reset-phase-li"> <input type="checkbox" id="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-reset-phase-check"/> <label for="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-reset-phase-check"><a href="/zh-cn/docs/reference/setup-tools/kubeadm/kubeadm-reset-phase/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-reset-phase"><span class="">kubeadm reset phase</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-upgrade-phase-li"> <input type="checkbox" id="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-upgrade-phase-check"/> <label for="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-upgrade-phase-check"><a href="/zh-cn/docs/reference/setup-tools/kubeadm/kubeadm-upgrade-phase/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-setup-tools-kubeadm-kubeadm-upgrade-phase"><span class="">kubeadm upgrade phase</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-setup-tools-kubeadm-implementation-details-li"> <input type="checkbox" id="m-zh-cn-docs-reference-setup-tools-kubeadm-implementation-details-check"/> <label for="m-zh-cn-docs-reference-setup-tools-kubeadm-implementation-details-check"><a href="/zh-cn/docs/reference/setup-tools/kubeadm/implementation-details/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-setup-tools-kubeadm-implementation-details"><span class="">实现细节</span></a></label> </li> </ul> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-reference-kubectl-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubectl-check"/> <label for="m-zh-cn-docs-reference-kubectl-check"><a href="/zh-cn/docs/reference/kubectl/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-reference-kubectl"><span class="">命令行工具 (kubectl)</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubectl-cheatsheet-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubectl-cheatsheet-check"/> <label for="m-zh-cn-docs-reference-kubectl-cheatsheet-check"><a href="/zh-cn/docs/reference/kubectl/cheatsheet/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubectl-cheatsheet"><span class="">kubectl 备忘单</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubectl-kubectl-cmds-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubectl-kubectl-cmds-check"/> <label for="m-zh-cn-docs-reference-kubectl-kubectl-cmds-check"><a href="/zh-cn/docs/reference/kubectl/kubectl-cmds/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubectl-kubectl-cmds"><span class="">kubectl 命令</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubectl-kubectl-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubectl-kubectl-check"/> <label for="m-zh-cn-docs-reference-kubectl-kubectl-check"><a href="/zh-cn/docs/reference/kubectl/kubectl/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubectl-kubectl"><span class="">kubectl</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubectl-jsonpath-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubectl-jsonpath-check"/> <label for="m-zh-cn-docs-reference-kubectl-jsonpath-check"><a href="/zh-cn/docs/reference/kubectl/jsonpath/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubectl-jsonpath"><span class="">JSONPath 支持</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubectl-docker-cli-to-kubectl-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubectl-docker-cli-to-kubectl-check"/> <label for="m-zh-cn-docs-reference-kubectl-docker-cli-to-kubectl-check"><a href="/zh-cn/docs/reference/kubectl/docker-cli-to-kubectl/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubectl-docker-cli-to-kubectl"><span class="">适用于 Docker 用户的 kubectl</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-kubectl-conventions-li"> <input type="checkbox" id="m-zh-cn-docs-reference-kubectl-conventions-check"/> <label for="m-zh-cn-docs-reference-kubectl-conventions-check"><a href="/zh-cn/docs/reference/kubectl/conventions/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-kubectl-conventions"><span class="">kubectl 的用法约定</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-reference-debug-cluster-li"> <input type="checkbox" id="m-zh-cn-docs-reference-debug-cluster-check"/> <label for="m-zh-cn-docs-reference-debug-cluster-check"><a href="/zh-cn/docs/reference/debug-cluster/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-reference-debug-cluster"><span class="">调试集群</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-debug-cluster-flow-control-li"> <input type="checkbox" id="m-zh-cn-docs-reference-debug-cluster-flow-control-check"/> <label for="m-zh-cn-docs-reference-debug-cluster-flow-control-check"><a href="/zh-cn/docs/reference/debug-cluster/flow-control/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-debug-cluster-flow-control"><span class="">流控</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-reference-command-line-tools-reference-li"> <input type="checkbox" id="m-zh-cn-docs-reference-command-line-tools-reference-check"/> <label for="m-zh-cn-docs-reference-command-line-tools-reference-check"><a href="/zh-cn/docs/reference/command-line-tools-reference/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-reference-command-line-tools-reference"><span class="">组件工具</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-command-line-tools-reference-feature-gates-li"> <input type="checkbox" id="m-zh-cn-docs-reference-command-line-tools-reference-feature-gates-check"/> <label for="m-zh-cn-docs-reference-command-line-tools-reference-feature-gates-check"><a href="/zh-cn/docs/reference/command-line-tools-reference/feature-gates/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-command-line-tools-reference-feature-gates"><span class="">特性门控</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-command-line-tools-reference-feature-gates-removed-li"> <input type="checkbox" id="m-zh-cn-docs-reference-command-line-tools-reference-feature-gates-removed-check"/> <label for="m-zh-cn-docs-reference-command-line-tools-reference-feature-gates-removed-check"><a href="/zh-cn/docs/reference/command-line-tools-reference/feature-gates-removed/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-command-line-tools-reference-feature-gates-removed"><span class="">特性门控（已移除）</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-command-line-tools-reference-kubelet-li"> <input type="checkbox" id="m-zh-cn-docs-reference-command-line-tools-reference-kubelet-check"/> <label for="m-zh-cn-docs-reference-command-line-tools-reference-kubelet-check"><a href="/zh-cn/docs/reference/command-line-tools-reference/kubelet/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-command-line-tools-reference-kubelet"><span class="">kubelet</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-command-line-tools-reference-kube-apiserver-li"> <input type="checkbox" id="m-zh-cn-docs-reference-command-line-tools-reference-kube-apiserver-check"/> <label for="m-zh-cn-docs-reference-command-line-tools-reference-kube-apiserver-check"><a href="/zh-cn/docs/reference/command-line-tools-reference/kube-apiserver/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-command-line-tools-reference-kube-apiserver"><span class="">kube-apiserver</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-command-line-tools-reference-kube-controller-manager-li"> <input type="checkbox" id="m-zh-cn-docs-reference-command-line-tools-reference-kube-controller-manager-check"/> <label for="m-zh-cn-docs-reference-command-line-tools-reference-kube-controller-manager-check"><a href="/zh-cn/docs/reference/command-line-tools-reference/kube-controller-manager/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-command-line-tools-reference-kube-controller-manager"><span class="">kube-controller-manager</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-command-line-tools-reference-kube-proxy-li"> <input type="checkbox" id="m-zh-cn-docs-reference-command-line-tools-reference-kube-proxy-check"/> <label for="m-zh-cn-docs-reference-command-line-tools-reference-kube-proxy-check"><a href="/zh-cn/docs/reference/command-line-tools-reference/kube-proxy/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-command-line-tools-reference-kube-proxy"><span class="">kube-proxy</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-command-line-tools-reference-kube-scheduler-li"> <input type="checkbox" id="m-zh-cn-docs-reference-command-line-tools-reference-kube-scheduler-check"/> <label for="m-zh-cn-docs-reference-command-line-tools-reference-kube-scheduler-check"><a href="/zh-cn/docs/reference/command-line-tools-reference/kube-scheduler/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-command-line-tools-reference-kube-scheduler"><span class="">kube-scheduler</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-reference-config-api-li"> <input type="checkbox" id="m-zh-cn-docs-reference-config-api-check"/> <label for="m-zh-cn-docs-reference-config-api-check"><a href="/zh-cn/docs/reference/config-api/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-reference-config-api"><span class="">配置 API</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-config-api-apiserver-eventratelimit-v1alpha1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-config-api-apiserver-eventratelimit-v1alpha1-check"/> <label for="m-zh-cn-docs-reference-config-api-apiserver-eventratelimit-v1alpha1-check"><a href="/zh-cn/docs/reference/config-api/apiserver-eventratelimit.v1alpha1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-config-api-apiserver-eventratelimit-v1alpha1"><span class="">Event Rate Limit Configuration (v1alpha1)</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-config-api-imagepolicy-v1alpha1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-config-api-imagepolicy-v1alpha1-check"/> <label for="m-zh-cn-docs-reference-config-api-imagepolicy-v1alpha1-check"><a href="/zh-cn/docs/reference/config-api/imagepolicy.v1alpha1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-config-api-imagepolicy-v1alpha1"><span class="">Image Policy API (v1alpha1)</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-config-api-kubeconfig-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-config-api-kubeconfig-v1-check"/> <label for="m-zh-cn-docs-reference-config-api-kubeconfig-v1-check"><a href="/zh-cn/docs/reference/config-api/kubeconfig.v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-config-api-kubeconfig-v1"><span class="">kube 配置 (v1)</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-config-api-apiserver-admission-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-config-api-apiserver-admission-v1-check"/> <label for="m-zh-cn-docs-reference-config-api-apiserver-admission-v1-check"><a href="/zh-cn/docs/reference/config-api/apiserver-admission.v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-config-api-apiserver-admission-v1"><span class="">kube-apiserver Admission (v1)</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-config-api-apiserver-audit-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-config-api-apiserver-audit-v1-check"/> <label for="m-zh-cn-docs-reference-config-api-apiserver-audit-v1-check"><a href="/zh-cn/docs/reference/config-api/apiserver-audit.v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-config-api-apiserver-audit-v1"><span class="">kube-apiserver Audit 配置 (v1)</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-config-api-apiserver-encryption-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-config-api-apiserver-encryption-v1-check"/> <label for="m-zh-cn-docs-reference-config-api-apiserver-encryption-v1-check"><a href="/zh-cn/docs/reference/config-api/apiserver-encryption.v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-config-api-apiserver-encryption-v1"><span class="">kube-apiserver 加密配置（v1）</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-config-api-apiserver-config-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-config-api-apiserver-config-v1-check"/> <label for="m-zh-cn-docs-reference-config-api-apiserver-config-v1-check"><a href="/zh-cn/docs/reference/config-api/apiserver-config.v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-config-api-apiserver-config-v1"><span class="">kube-apiserver 配置 (v1)</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-config-api-apiserver-config-v1alpha1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-config-api-apiserver-config-v1alpha1-check"/> <label for="m-zh-cn-docs-reference-config-api-apiserver-config-v1alpha1-check"><a href="/zh-cn/docs/reference/config-api/apiserver-config.v1alpha1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-config-api-apiserver-config-v1alpha1"><span class="">kube-apiserver 配置 (v1alpha1)</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-config-api-apiserver-config-v1beta1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-config-api-apiserver-config-v1beta1-check"/> <label for="m-zh-cn-docs-reference-config-api-apiserver-config-v1beta1-check"><a href="/zh-cn/docs/reference/config-api/apiserver-config.v1beta1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-config-api-apiserver-config-v1beta1"><span class="">kube-apiserver 配置 (v1beta1)</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-docs-reference-config-api-kube-controller-manager-config-v1alpha1-li"> <input type="checkbox" id="m-docs-reference-config-api-kube-controller-manager-config-v1alpha1-check"/> <label for="m-docs-reference-config-api-kube-controller-manager-config-v1alpha1-check"><a href="/docs/reference/config-api/kube-controller-manager-config.v1alpha1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-docs-reference-config-api-kube-controller-manager-config-v1alpha1"><span class="">kube-controller-manager Configuration (v1alpha1)</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-config-api-kube-proxy-config-v1alpha1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-config-api-kube-proxy-config-v1alpha1-check"/> <label for="m-zh-cn-docs-reference-config-api-kube-proxy-config-v1alpha1-check"><a href="/zh-cn/docs/reference/config-api/kube-proxy-config.v1alpha1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-config-api-kube-proxy-config-v1alpha1"><span class="">kube-proxy 配置 (v1alpha1)</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-config-api-kube-scheduler-config-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-config-api-kube-scheduler-config-v1-check"/> <label for="m-zh-cn-docs-reference-config-api-kube-scheduler-config-v1-check"><a href="/zh-cn/docs/reference/config-api/kube-scheduler-config.v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-config-api-kube-scheduler-config-v1"><span class="">kube-scheduler 配置 (v1)</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-config-api-kube-scheduler-config-v1beta3-li"> <input type="checkbox" id="m-zh-cn-docs-reference-config-api-kube-scheduler-config-v1beta3-check"/> <label for="m-zh-cn-docs-reference-config-api-kube-scheduler-config-v1beta3-check"><a href="/zh-cn/docs/reference/config-api/kube-scheduler-config.v1beta3/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-config-api-kube-scheduler-config-v1beta3"><span class="">kube-scheduler 配置 (v1beta3)</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-docs-reference-config-api-kubeadm-config-v1beta4-li"> <input type="checkbox" id="m-docs-reference-config-api-kubeadm-config-v1beta4-check"/> <label for="m-docs-reference-config-api-kubeadm-config-v1beta4-check"><a href="/docs/reference/config-api/kubeadm-config.v1beta4/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-docs-reference-config-api-kubeadm-config-v1beta4"><span class="">kubeadm Configuration (v1beta4)</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-config-api-kubeadm-config-v1beta3-li"> <input type="checkbox" id="m-zh-cn-docs-reference-config-api-kubeadm-config-v1beta3-check"/> <label for="m-zh-cn-docs-reference-config-api-kubeadm-config-v1beta3-check"><a href="/zh-cn/docs/reference/config-api/kubeadm-config.v1beta3/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-config-api-kubeadm-config-v1beta3"><span class="">kubeadm 配置 (v1beta3)</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-config-api-kubelet-credentialprovider-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-config-api-kubelet-credentialprovider-v1-check"/> <label for="m-zh-cn-docs-reference-config-api-kubelet-credentialprovider-v1-check"><a href="/zh-cn/docs/reference/config-api/kubelet-credentialprovider.v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-config-api-kubelet-credentialprovider-v1"><span class="">Kubelet CredentialProvider (v1)</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-config-api-kubelet-credentialprovider-v1alpha1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-config-api-kubelet-credentialprovider-v1alpha1-check"/> <label for="m-zh-cn-docs-reference-config-api-kubelet-credentialprovider-v1alpha1-check"><a href="/zh-cn/docs/reference/config-api/kubelet-credentialprovider.v1alpha1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-config-api-kubelet-credentialprovider-v1alpha1"><span class="">Kubelet CredentialProvider (v1alpha1)</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-config-api-kubelet-credentialprovider-v1beta1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-config-api-kubelet-credentialprovider-v1beta1-check"/> <label for="m-zh-cn-docs-reference-config-api-kubelet-credentialprovider-v1beta1-check"><a href="/zh-cn/docs/reference/config-api/kubelet-credentialprovider.v1beta1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-config-api-kubelet-credentialprovider-v1beta1"><span class="">Kubelet CredentialProvider (v1beta1)</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-config-api-kubelet-config-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-config-api-kubelet-config-v1-check"/> <label for="m-zh-cn-docs-reference-config-api-kubelet-config-v1-check"><a href="/zh-cn/docs/reference/config-api/kubelet-config.v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-config-api-kubelet-config-v1"><span class="">Kubelet 配置 (v1)</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-config-api-kubelet-config-v1alpha1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-config-api-kubelet-config-v1alpha1-check"/> <label for="m-zh-cn-docs-reference-config-api-kubelet-config-v1alpha1-check"><a href="/zh-cn/docs/reference/config-api/kubelet-config.v1alpha1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-config-api-kubelet-config-v1alpha1"><span class="">Kubelet 配置 (v1alpha1)</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-config-api-kubelet-config-v1beta1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-config-api-kubelet-config-v1beta1-check"/> <label for="m-zh-cn-docs-reference-config-api-kubelet-config-v1beta1-check"><a href="/zh-cn/docs/reference/config-api/kubelet-config.v1beta1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-config-api-kubelet-config-v1beta1"><span class="">Kubelet 配置 (v1beta1)</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-config-api-apiserver-webhookadmission-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-config-api-apiserver-webhookadmission-v1-check"/> <label for="m-zh-cn-docs-reference-config-api-apiserver-webhookadmission-v1-check"><a href="/zh-cn/docs/reference/config-api/apiserver-webhookadmission.v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-config-api-apiserver-webhookadmission-v1"><span class="">WebhookAdmission 配置 (v1)</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-config-api-client-authentication-v1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-config-api-client-authentication-v1-check"/> <label for="m-zh-cn-docs-reference-config-api-client-authentication-v1-check"><a href="/zh-cn/docs/reference/config-api/client-authentication.v1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-config-api-client-authentication-v1"><span class="">客户端身份认证（Client Authentication） (v1)</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-config-api-client-authentication-v1beta1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-config-api-client-authentication-v1beta1-check"/> <label for="m-zh-cn-docs-reference-config-api-client-authentication-v1beta1-check"><a href="/zh-cn/docs/reference/config-api/client-authentication.v1beta1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-config-api-client-authentication-v1beta1"><span class="">客户端身份认证（Client Authentication）(v1beta1)</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-reference-external-api-li"> <input type="checkbox" id="m-zh-cn-docs-reference-external-api-check"/> <label for="m-zh-cn-docs-reference-external-api-check"><a href="/zh-cn/docs/reference/external-api/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-reference-external-api"><span class="">外部 API</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-external-api-external-metrics-v1beta1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-external-api-external-metrics-v1beta1-check"/> <label for="m-zh-cn-docs-reference-external-api-external-metrics-v1beta1-check"><a href="/zh-cn/docs/reference/external-api/external-metrics.v1beta1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-external-api-external-metrics-v1beta1"><span class="">Kubernetes 外部指标 (v1beta1)</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-external-api-metrics-v1beta1-li"> <input type="checkbox" id="m-zh-cn-docs-reference-external-api-metrics-v1beta1-check"/> <label for="m-zh-cn-docs-reference-external-api-metrics-v1beta1-check"><a href="/zh-cn/docs/reference/external-api/metrics.v1beta1/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-external-api-metrics-v1beta1"><span class="">Kubernetes 指标 (v1beta1)</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-external-api-custom-metrics-v1beta2-li"> <input type="checkbox" id="m-zh-cn-docs-reference-external-api-custom-metrics-v1beta2-check"/> <label for="m-zh-cn-docs-reference-external-api-custom-metrics-v1beta2-check"><a href="/zh-cn/docs/reference/external-api/custom-metrics.v1beta2/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-external-api-custom-metrics-v1beta2"><span class="">Kubernetes 自定义指标 (v1beta2)</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-reference-scheduling-li"> <input type="checkbox" id="m-zh-cn-docs-reference-scheduling-check"/> <label for="m-zh-cn-docs-reference-scheduling-check"><a href="/zh-cn/docs/reference/scheduling/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-reference-scheduling"><span class="">调度</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-scheduling-config-li"> <input type="checkbox" id="m-zh-cn-docs-reference-scheduling-config-check"/> <label for="m-zh-cn-docs-reference-scheduling-config-check"><a href="/zh-cn/docs/reference/scheduling/config/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-scheduling-config"><span class="">调度器配置</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-scheduling-policies-li"> <input type="checkbox" id="m-zh-cn-docs-reference-scheduling-policies-check"/> <label for="m-zh-cn-docs-reference-scheduling-policies-check"><a href="/zh-cn/docs/reference/scheduling/policies/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-reference-scheduling-policies"><span class="">调度策略</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-reference-tools-li"> <input type="checkbox" id="m-zh-cn-docs-reference-tools-check"/> <label for="m-zh-cn-docs-reference-tools-check"><a href="/zh-cn/docs/reference/tools/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-reference-tools"><span class="">其他工具</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-contribute-li"> <input type="checkbox" id="m-zh-cn-docs-contribute-check"/> <label for="m-zh-cn-docs-contribute-check"><a href="/zh-cn/docs/contribute/" title="为 K8s 文档出一份力" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-contribute"><span class="">贡献</span></a></label> <ul class="ul-2 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-contribute-suggesting-improvements-li"> <input type="checkbox" id="m-zh-cn-docs-contribute-suggesting-improvements-check"/> <label for="m-zh-cn-docs-contribute-suggesting-improvements-check"><a href="/zh-cn/docs/contribute/suggesting-improvements/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-contribute-suggesting-improvements"><span class="">提出内容改进建议</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-contribute-new-content-li"> <input type="checkbox" id="m-zh-cn-docs-contribute-new-content-check"/> <label for="m-zh-cn-docs-contribute-new-content-check"><a href="/zh-cn/docs/contribute/new-content/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-contribute-new-content"><span class="">贡献新内容</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-contribute-new-content-open-a-pr-li"> <input type="checkbox" id="m-zh-cn-docs-contribute-new-content-open-a-pr-check"/> <label for="m-zh-cn-docs-contribute-new-content-open-a-pr-check"><a href="/zh-cn/docs/contribute/new-content/open-a-pr/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-contribute-new-content-open-a-pr"><span class="">发起拉取请求（PR）</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-contribute-new-content-new-features-li"> <input type="checkbox" id="m-zh-cn-docs-contribute-new-content-new-features-check"/> <label for="m-zh-cn-docs-contribute-new-content-new-features-check"><a href="/zh-cn/docs/contribute/new-content/new-features/" title="为发行版本撰写功能特性文档" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-contribute-new-content-new-features"><span class="">为发行版本撰写文档</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-contribute-new-content-blogs-case-studies-li"> <input type="checkbox" id="m-zh-cn-docs-contribute-new-content-blogs-case-studies-check"/> <label for="m-zh-cn-docs-contribute-new-content-blogs-case-studies-check"><a href="/zh-cn/docs/contribute/new-content/blogs-case-studies/" title="提交博客和案例分析" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-contribute-new-content-blogs-case-studies"><span class="">博客和案例分析</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-contribute-review-li"> <input type="checkbox" id="m-zh-cn-docs-contribute-review-check"/> <label for="m-zh-cn-docs-contribute-review-check"><a href="/zh-cn/docs/contribute/review/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-contribute-review"><span class="">评阅变更</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-contribute-review-reviewing-prs-li"> <input type="checkbox" id="m-zh-cn-docs-contribute-review-reviewing-prs-check"/> <label for="m-zh-cn-docs-contribute-review-reviewing-prs-check"><a href="/zh-cn/docs/contribute/review/reviewing-prs/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-contribute-review-reviewing-prs"><span class="">评审 PR</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-contribute-review-for-approvers-li"> <input type="checkbox" id="m-zh-cn-docs-contribute-review-for-approvers-check"/> <label for="m-zh-cn-docs-contribute-review-for-approvers-check"><a href="/zh-cn/docs/contribute/review/for-approvers/" title="评阅人和批准人文档" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-contribute-review-for-approvers"><span class="">评阅人和批准人</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-contribute-localization-li"> <input type="checkbox" id="m-zh-cn-docs-contribute-localization-check"/> <label for="m-zh-cn-docs-contribute-localization-check"><a href="/zh-cn/docs/contribute/localization/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-contribute-localization"><span class="">本地化 Kubernetes 文档</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-contribute-participate-li"> <input type="checkbox" id="m-zh-cn-docs-contribute-participate-check"/> <label for="m-zh-cn-docs-contribute-participate-check"><a href="/zh-cn/docs/contribute/participate/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-contribute-participate"><span class="">参与 SIG Docs</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-contribute-participate-roles-and-responsibilities-li"> <input type="checkbox" id="m-zh-cn-docs-contribute-participate-roles-and-responsibilities-check"/> <label for="m-zh-cn-docs-contribute-participate-roles-and-responsibilities-check"><a href="/zh-cn/docs/contribute/participate/roles-and-responsibilities/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-contribute-participate-roles-and-responsibilities"><span class="">角色与责任</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-contribute-participate-issue-wrangler-li"> <input type="checkbox" id="m-zh-cn-docs-contribute-participate-issue-wrangler-check"/> <label for="m-zh-cn-docs-contribute-participate-issue-wrangler-check"><a href="/zh-cn/docs/contribute/participate/issue-wrangler/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-contribute-participate-issue-wrangler"><span class="">Issue 管理者</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-contribute-participate-pr-wranglers-li"> <input type="checkbox" id="m-zh-cn-docs-contribute-participate-pr-wranglers-check"/> <label for="m-zh-cn-docs-contribute-participate-pr-wranglers-check"><a href="/zh-cn/docs/contribute/participate/pr-wranglers/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-contribute-participate-pr-wranglers"><span class="">PR 管理者</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-contribute-generate-ref-docs-li"> <input type="checkbox" id="m-zh-cn-docs-contribute-generate-ref-docs-check"/> <label for="m-zh-cn-docs-contribute-generate-ref-docs-check"><a href="/zh-cn/docs/contribute/generate-ref-docs/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-contribute-generate-ref-docs"><span class="">更新参考文档</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-contribute-generate-ref-docs-quickstart-li"> <input type="checkbox" id="m-zh-cn-docs-contribute-generate-ref-docs-quickstart-check"/> <label for="m-zh-cn-docs-contribute-generate-ref-docs-quickstart-check"><a href="/zh-cn/docs/contribute/generate-ref-docs/quickstart/" title="参考文档快速入门" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-contribute-generate-ref-docs-quickstart"><span class="">Quickstart</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-contribute-generate-ref-docs-contribute-upstream-li"> <input type="checkbox" id="m-zh-cn-docs-contribute-generate-ref-docs-contribute-upstream-check"/> <label for="m-zh-cn-docs-contribute-generate-ref-docs-contribute-upstream-check"><a href="/zh-cn/docs/contribute/generate-ref-docs/contribute-upstream/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-contribute-generate-ref-docs-contribute-upstream"><span class="">为上游 Kubernetes 代码库做出贡献</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-contribute-generate-ref-docs-kubernetes-api-li"> <input type="checkbox" id="m-zh-cn-docs-contribute-generate-ref-docs-kubernetes-api-check"/> <label for="m-zh-cn-docs-contribute-generate-ref-docs-kubernetes-api-check"><a href="/zh-cn/docs/contribute/generate-ref-docs/kubernetes-api/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-contribute-generate-ref-docs-kubernetes-api"><span class="">为 Kubernetes API 生成参考文档</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-contribute-generate-ref-docs-kubectl-li"> <input type="checkbox" id="m-zh-cn-docs-contribute-generate-ref-docs-kubectl-check"/> <label for="m-zh-cn-docs-contribute-generate-ref-docs-kubectl-check"><a href="/zh-cn/docs/contribute/generate-ref-docs/kubectl/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-contribute-generate-ref-docs-kubectl"><span class="">为 kubectl 命令集生成参考文档</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-contribute-generate-ref-docs-kubernetes-components-li"> <input type="checkbox" id="m-zh-cn-docs-contribute-generate-ref-docs-kubernetes-components-check"/> <label for="m-zh-cn-docs-contribute-generate-ref-docs-kubernetes-components-check"><a href="/zh-cn/docs/contribute/generate-ref-docs/kubernetes-components/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-contribute-generate-ref-docs-kubernetes-components"><span class="">为 Kubernetes 组件和工具生成参考文档</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-contribute-generate-ref-docs-prerequisites-ref-docs-li"> <input type="checkbox" id="m-zh-cn-docs-contribute-generate-ref-docs-prerequisites-ref-docs-check"/> <label for="m-zh-cn-docs-contribute-generate-ref-docs-prerequisites-ref-docs-check"><a href="/zh-cn/docs/contribute/generate-ref-docs/prerequisites-ref-docs/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-contribute-generate-ref-docs-prerequisites-ref-docs"><span class=""></span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section with-child" id="m-zh-cn-docs-contribute-style-li"> <input type="checkbox" id="m-zh-cn-docs-contribute-style-check"/> <label for="m-zh-cn-docs-contribute-style-check"><a href="/zh-cn/docs/contribute/style/" class="align-left pl-0 td-sidebar-link td-sidebar-link__section" id="m-zh-cn-docs-contribute-style"><span class="">文档样式概述</span></a></label> <ul class="ul-3 foldable"> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-contribute-style-content-guide-li"> <input type="checkbox" id="m-zh-cn-docs-contribute-style-content-guide-check"/> <label for="m-zh-cn-docs-contribute-style-content-guide-check"><a href="/zh-cn/docs/contribute/style/content-guide/" title="文档内容指南" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-contribute-style-content-guide"><span class="">内容指南</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-contribute-style-style-guide-li"> <input type="checkbox" id="m-zh-cn-docs-contribute-style-style-guide-check"/> <label for="m-zh-cn-docs-contribute-style-style-guide-check"><a href="/zh-cn/docs/contribute/style/style-guide/" title="文档样式指南" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-contribute-style-style-guide"><span class="">样式指南</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-contribute-style-diagram-guide-li"> <input type="checkbox" id="m-zh-cn-docs-contribute-style-diagram-guide-check"/> <label for="m-zh-cn-docs-contribute-style-diagram-guide-check"><a href="/zh-cn/docs/contribute/style/diagram-guide/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-contribute-style-diagram-guide"><span class="">图表指南</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-contribute-style-write-new-topic-li"> <input type="checkbox" id="m-zh-cn-docs-contribute-style-write-new-topic-check"/> <label for="m-zh-cn-docs-contribute-style-write-new-topic-check"><a href="/zh-cn/docs/contribute/style/write-new-topic/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-contribute-style-write-new-topic"><span class="">撰写新主题</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-contribute-style-page-content-types-li"> <input type="checkbox" id="m-zh-cn-docs-contribute-style-page-content-types-check"/> <label for="m-zh-cn-docs-contribute-style-page-content-types-check"><a href="/zh-cn/docs/contribute/style/page-content-types/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-contribute-style-page-content-types"><span class="">页面内容类型</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-contribute-style-content-organization-li"> <input type="checkbox" id="m-zh-cn-docs-contribute-style-content-organization-check"/> <label for="m-zh-cn-docs-contribute-style-content-organization-check"><a href="/zh-cn/docs/contribute/style/content-organization/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-contribute-style-content-organization"><span class="">内容组织</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-contribute-style-hugo-shortcodes-li"> <input type="checkbox" id="m-zh-cn-docs-contribute-style-hugo-shortcodes-check"/> <label for="m-zh-cn-docs-contribute-style-hugo-shortcodes-check"><a href="/zh-cn/docs/contribute/style/hugo-shortcodes/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-contribute-style-hugo-shortcodes"><span class="">定制 Hugo 短代码</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-contribute-advanced-li"> <input type="checkbox" id="m-zh-cn-docs-contribute-advanced-check"/> <label for="m-zh-cn-docs-contribute-advanced-check"><a href="/zh-cn/docs/contribute/advanced/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-contribute-advanced"><span class="">进阶贡献</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-contribute-analytics-li"> <input type="checkbox" id="m-zh-cn-docs-contribute-analytics-check"/> <label for="m-zh-cn-docs-contribute-analytics-check"><a href="/zh-cn/docs/contribute/analytics/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-contribute-analytics"><span class="">查看站点分析</span></a></label> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-contribute-localization-zh-li"> <input type="checkbox" id="m-zh-cn-docs-contribute-localization-zh-check"/> <label for="m-zh-cn-docs-contribute-localization-zh-check"><a href="/zh-cn/docs/contribute/localization_zh/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-contribute-localization-zh"><span class="">中文本地化样式指南</span></a></label> </li> </ul> </li> <li class="td-sidebar-nav__section-title td-sidebar-nav__section without-child" id="m-zh-cn-docs-test-li"> <input type="checkbox" id="m-zh-cn-docs-test-check"/> <label for="m-zh-cn-docs-test-check"><a href="/zh-cn/docs/test/" class="align-left pl-0 td-sidebar-link td-sidebar-link__page" id="m-zh-cn-docs-test"><span class="">测试页面（中文版）</span></a></label> </li> </ul> </li> </ul> </nav> </div> </div> <div id="maindoc" class="split pl-md-5 row"> <main role="main" class="col-xl-8"> <nav aria-label="breadcrumb" class="td-breadcrumbs"> <ol class="breadcrumb"> <li class="breadcrumb-item"> <a href="https://kubernetes.io/zh-cn/docs/">Kubernetes 文档</a> </li> <li class="breadcrumb-item"> <a href="https://kubernetes.io/zh-cn/docs/reference/">参考</a> </li> <li class="breadcrumb-item"> <a href="https://kubernetes.io/zh-cn/docs/reference/access-authn-authz/">API 访问控制</a> </li> <li class="breadcrumb-item active" aria-current="page"> <a href="https://kubernetes.io/zh-cn/docs/reference/access-authn-authz/certificate-signing-requests/">证书和证书签名请求</a> </li> </ol> </nav> <section id="deprecation-warning"> <div class="content deprecation-warning pageinfo"> <h3> 你正在查看的文档所针对的是 Kubernetes 版本： v1.28 </h3> <p> Kubernetes v1.28 版本的文档已不再维护。你现在看到的版本来自于一份静态的快照。如需查阅最新文档，请点击 <a href="https://kubernetes.io/docs/home/">最新版本。</a> </p> </div> </section> <div class="td-content"> <h1>证书和证书签名请求</h1>   <div style="margin-top: 10px; margin-bottom: 10px;"> <b>特性状态：</b> <code>Kubernetes v1.19 [stable]</code> </div>  <p>Kubernetes 证书和信任包（trust bundle）API 可以通过为 Kubernetes API 的客户端提供编程接口，实现 <a href="https://www.itu.int/rec/T-REC-X.509">X.509</a> 凭据的自动化制备，从而请求并获取证书颁发机构 (CA) 发布的 X.509 <a class='glossary-tooltip' title='证书是个安全加密文件，用来确认对 Kubernetes 集群访问的合法性。' data-toggle='tooltip' data-placement='top' href='/zh-cn/docs/tasks/tls/managing-tls-in-a-cluster/' target='_blank' aria-label='证书'>证书</a>。</p> <p>此外，Kubernetes 还对分发<a href="#cluster-trust-bundles">信任包</a>提供了实验性（Alpha）支持。</p>   <h2 id="certificate-signing-requests">证书签名请求 </h2> <div style="margin-top: 10px; margin-bottom: 10px;"> <b>特性状态：</b> <code>Kubernetes v1.19 [stable]</code> </div>  <p>CertificateSigningRequest（CSR）资源用来向指定的签名者申请证书签名，在最终签名之前，申请可能被批准，也可能被拒绝。</p>  <h3 id="request-signing-process">请求签名流程</h3> <p>CertificateSigningRequest 资源类型允许客户端基于签名请求申请发放 X.509 证书。 CertificateSigningRequest 对象在 <code>spec.request</code> 字段中包含一个 PEM 编码的 PKCS#10 签名请求。 CertificateSigningRequest 使用 <code>spec.signerName</code> 字段标示签名者（请求的接收方）。注意，<code>spec.signerName</code> 在 <code>certificates.k8s.io/v1</code> 之后的 API 版本是必填项。在 Kubernetes v1.22 和以后的版本，客户可以可选地设置 <code>spec.expirationSeconds</code> 字段来为颁发的证书设定一个特定的有效期。该字段的最小有效值是 <code>600</code>，也就是 10 分钟。</p>  <p>创建完成的 CertificateSigningRequest，要先通过批准，然后才能签名。根据所选的签名者，CertificateSigningRequest 可能会被 <a class='glossary-tooltip' title='控制器通过 API 服务器监控集群的公共状态，并致力于将当前状态转变为期望的状态。' data-toggle='tooltip' data-placement='top' href='/zh-cn/docs/concepts/architecture/controller/' target='_blank' aria-label='控制器'>控制器</a>自动批准。否则，就必须人工批准，人工批准可以使用 REST API（或 go 客户端），也可以执行 <code>kubectl certificate approve</code> 命令。同样，CertificateSigningRequest 也可能被驳回，这就相当于通知了指定的签名者，这个证书不能签名。</p>  <p>对于已批准的证书，下一步是签名。对应的签名控制器首先验证签名条件是否满足，然后才创建证书。签名控制器然后更新 CertificateSigningRequest，将新证书保存到现有 CertificateSigningRequest 对象的 <code>status.certificate</code> 字段中。此时，字段 <code>status.certificate</code> 要么为空，要么包含一个用 PEM 编码的 X.509 证书。直到签名完成前，CertificateSigningRequest 的字段 <code>status.certificate</code> 都为空。</p>  <p>一旦 <code>status.certificate</code> 字段完成填充，请求既算完成，客户端现在可以从 CertificateSigningRequest 资源中获取已签名的证书的 PEM 数据。当然如果不满足签名条件，签名者可以拒签。</p>  <p>为了减少集群中遗留的过时的 CertificateSigningRequest 资源的数量，一个垃圾收集控制器将会周期性地运行。此垃圾收集器会清除在一段时间内没有改变过状态的 CertificateSigningRequests：</p> <ul> <li>已批准的请求：1 小时后自动删除</li> <li>已拒绝的请求：1 小时后自动删除</li> <li>已失败的请求：1 小时后自动删除</li> <li>挂起的请求：24 小时后自动删除</li> <li>所有请求：在颁发的证书过期后自动删除</li> </ul>  <h3 id="authorization">证书签名鉴权 </h3> <p>授权创建 CertificateSigningRequest 和检索 CertificateSigningRequest：</p> <ul> <li>verbs（动词）: <code>create</code>、<code>get</code>、<code>list</code>、<code>watch</code>, group（组）：<code>certificates.k8s.io</code>， resource（资源）：<code>certificatesigningrequests</code></li> </ul> <p>例如：</p> <div class="highlight"> <div class="copy-code-icon" style="text-align:right"> <a href="https://raw.githubusercontent.com/kubernetes/website/release-1.28/content/zh-cn/examples/access/certificate-signing-request/clusterrole-create.yaml" download="access/certificate-signing-request/clusterrole-create.yaml"><code>access/certificate-signing-request/clusterrole-create.yaml</code> </a> <img src="/images/copycode.svg" style="max-height:24px; cursor: pointer" onclick="copyCode('access-certificate-signing-request-clusterrole-create-yaml')" title="Copy access/certificate-signing-request/clusterrole-create.yaml to clipboard"> </img> </div> <div class="includecode" id="access-certificate-signing-request-clusterrole-create-yaml"><div class="highlight"><pre tabindex="0" style="background-color:#f8f8f8;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-yaml" data-lang="yaml"><span style="display:flex;"><span><span style="color:#008000;font-weight:bold">apiVersion</span>:<span style="color:#bbb"> </span>rbac.authorization.k8s.io/v1<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"></span><span style="color:#008000;font-weight:bold">kind</span>:<span style="color:#bbb"> </span>ClusterRole<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"></span><span style="color:#008000;font-weight:bold">metadata</span>:<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span><span style="color:#008000;font-weight:bold">name</span>:<span style="color:#bbb"> </span>csr-creator<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"></span><span style="color:#008000;font-weight:bold">rules</span>:<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"></span>- <span style="color:#008000;font-weight:bold">apiGroups</span>:<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span>- certificates.k8s.io<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span><span style="color:#008000;font-weight:bold">resources</span>:<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span>- certificatesigningrequests<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span><span style="color:#008000;font-weight:bold">verbs</span>:<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span>- create<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span>- get<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span>- list<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span>- watch<span style="color:#bbb"> </span></span></span></code></pre></div></div> </div>  <p>授权批准 CertificateSigningRequest：</p> <ul> <li>verbs（动词）: <code>get</code>、<code>list</code>、<code>watch</code>， group（组）：<code>certificates.k8s.io</code>， resource（资源）：<code>certificatesigningrequests</code></li> <li>verbs（动词）: <code>update</code>， group（组）：<code>certificates.k8s.io</code>， resource（资源）：<code>certificatesigningrequests/approval</code></li> <li>verbs（动词）：<code>approve</code>， group（组）：<code>certificates.k8s.io</code>， resource（资源）：<code>signers</code>， resourceName：<code><signerNameDomain>/<signerNamePath></code> 或 <code><signerNameDomain>/*</code></li> </ul> <p>例如：</p> <div class="highlight"> <div class="copy-code-icon" style="text-align:right"> <a href="https://raw.githubusercontent.com/kubernetes/website/release-1.28/content/zh-cn/examples/access/certificate-signing-request/clusterrole-approve.yaml" download="access/certificate-signing-request/clusterrole-approve.yaml"><code>access/certificate-signing-request/clusterrole-approve.yaml</code> </a> <img src="/images/copycode.svg" style="max-height:24px; cursor: pointer" onclick="copyCode('access-certificate-signing-request-clusterrole-approve-yaml')" title="Copy access/certificate-signing-request/clusterrole-approve.yaml to clipboard"> </img> </div> <div class="includecode" id="access-certificate-signing-request-clusterrole-approve-yaml"><div class="highlight"><pre tabindex="0" style="background-color:#f8f8f8;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-yaml" data-lang="yaml"><span style="display:flex;"><span><span style="color:#008000;font-weight:bold">apiVersion</span>:<span style="color:#bbb"> </span>rbac.authorization.k8s.io/v1<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"></span><span style="color:#008000;font-weight:bold">kind</span>:<span style="color:#bbb"> </span>ClusterRole<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"></span><span style="color:#008000;font-weight:bold">metadata</span>:<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span><span style="color:#008000;font-weight:bold">name</span>:<span style="color:#bbb"> </span>csr-approver<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"></span><span style="color:#008000;font-weight:bold">rules</span>:<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"></span>- <span style="color:#008000;font-weight:bold">apiGroups</span>:<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span>- certificates.k8s.io<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span><span style="color:#008000;font-weight:bold">resources</span>:<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span>- certificatesigningrequests<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span><span style="color:#008000;font-weight:bold">verbs</span>:<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span>- get<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span>- list<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span>- watch<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"></span>- <span style="color:#008000;font-weight:bold">apiGroups</span>:<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span>- certificates.k8s.io<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span><span style="color:#008000;font-weight:bold">resources</span>:<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span>- certificatesigningrequests/approval<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span><span style="color:#008000;font-weight:bold">verbs</span>:<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span>- update<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"></span>- <span style="color:#008000;font-weight:bold">apiGroups</span>:<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span>- certificates.k8s.io<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span><span style="color:#008000;font-weight:bold">resources</span>:<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span>- signers<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span><span style="color:#008000;font-weight:bold">resourceNames</span>:<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span>- example.com/my-signer-name<span style="color:#bbb"> </span><span style="color:#080;font-style:italic"># example.com/* 可用于为 “example.com” 域中的所有签名者授权</span><span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span><span style="color:#008000;font-weight:bold">verbs</span>:<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span>- approve<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span></span></span></code></pre></div></div> </div>  <p>授权签名 CertificateSigningRequest：</p> <ul> <li>verbs（动词）：<code>get</code>、<code>list</code>、<code>watch</code>， group（组）：<code>certificates.k8s.io</code>， resource（资源）：<code>certificatesigningrequests</code></li> <li>verbs（动词）：<code>update</code>， group（组）：<code>certificates.k8s.io</code>， resource（资源）：<code>certificatesigningrequests/status</code></li> <li>verbs（动词）：<code>sign</code>， group（组）：<code>certificates.k8s.io</code>， resource（资源）：<code>signers</code>， resourceName：<code><signerNameDomain>/<signerNamePath></code> 或 <code><signerNameDomain>/*</code></li> </ul> <div class="highlight"> <div class="copy-code-icon" style="text-align:right"> <a href="https://raw.githubusercontent.com/kubernetes/website/release-1.28/content/zh-cn/examples/access/certificate-signing-request/clusterrole-sign.yaml" download="access/certificate-signing-request/clusterrole-sign.yaml"><code>access/certificate-signing-request/clusterrole-sign.yaml</code> </a> <img src="/images/copycode.svg" style="max-height:24px; cursor: pointer" onclick="copyCode('access-certificate-signing-request-clusterrole-sign-yaml')" title="Copy access/certificate-signing-request/clusterrole-sign.yaml to clipboard"> </img> </div> <div class="includecode" id="access-certificate-signing-request-clusterrole-sign-yaml"><div class="highlight"><pre tabindex="0" style="background-color:#f8f8f8;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-yaml" data-lang="yaml"><span style="display:flex;"><span><span style="color:#008000;font-weight:bold">apiVersion</span>:<span style="color:#bbb"> </span>rbac.authorization.k8s.io/v1<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"></span><span style="color:#008000;font-weight:bold">kind</span>:<span style="color:#bbb"> </span>ClusterRole<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"></span><span style="color:#008000;font-weight:bold">metadata</span>:<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span><span style="color:#008000;font-weight:bold">name</span>:<span style="color:#bbb"> </span>csr-signer<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"></span><span style="color:#008000;font-weight:bold">rules</span>:<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"></span>- <span style="color:#008000;font-weight:bold">apiGroups</span>:<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span>- certificates.k8s.io<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span><span style="color:#008000;font-weight:bold">resources</span>:<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span>- certificatesigningrequests<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span><span style="color:#008000;font-weight:bold">verbs</span>:<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span>- get<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span>- list<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span>- watch<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"></span>- <span style="color:#008000;font-weight:bold">apiGroups</span>:<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span>- certificates.k8s.io<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span><span style="color:#008000;font-weight:bold">resources</span>:<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span>- certificatesigningrequests/status<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span><span style="color:#008000;font-weight:bold">verbs</span>:<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span>- update<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"></span>- <span style="color:#008000;font-weight:bold">apiGroups</span>:<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span>- certificates.k8s.io<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span><span style="color:#008000;font-weight:bold">resources</span>:<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span>- signers<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span><span style="color:#008000;font-weight:bold">resourceNames</span>:<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span>- example.com/my-signer-name<span style="color:#bbb"> </span><span style="color:#080;font-style:italic"># example.com/* 可用于为 “example.com” 域中的所有签名者授权</span><span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span><span style="color:#008000;font-weight:bold">verbs</span>:<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span>- sign<span style="color:#bbb"> </span></span></span></code></pre></div></div> </div>  <h2 id="signers">签名者</h2> <p>签名者抽象地代表可能签署或已签署安全证书的一个或多个实体。</p> <p>任何要在特定集群以外提供的签名者都应该提供关于签名者工作方式的信息，以便消费者可以理解这对于 CertifcateSigningRequests 和（如果启用的） <a href="#cluster-trust-bundles">ClusterTrustBundles</a> 的意义。此类信息包括：</p>  <ol> <li><strong>信任分发</strong>：信任锚点（CA 证书或证书包）是如何分发的。</li> <li><strong>许可的主体</strong>：当一个受限制的主体（subject）发送请求时，相应的限制和应对手段。</li> <li><strong>许可的 x509 扩展</strong>：包括 IP subjectAltNames、DNS subjectAltNames、 Email subjectAltNames、URI subjectAltNames 等，请求一个受限制的扩展项时的应对手段。</li> <li><strong>许可的密钥用途/扩展的密钥用途</strong>：当用途和签名者在 CSR 中指定的用途不同时，相应的限制和应对手段。</li> <li><strong>过期时间/证书有效期</strong>：过期时间由签名者确定、由管理员配置、还是由 CSR <code>spec.expirationSeconds</code> 字段指定等，以及签名者决定的过期时间与 CSR <code>spec.expirationSeconds</code> 字段不同时的应对手段。</li> <li><strong>允许/不允许 CA 位</strong>：当 CSR 包含一个签名者并不允许的 CA 证书的请求时，相应的应对手段。</li> </ol>  <p>一般来说，当 CSR 被批准通过，且证书被签名后，CertificateSigningRequest 的 <code>status.certificate</code> 字段将包含一个 PEM 编码的 X.509 证书。有些签名者在 <code>status.certificate</code> 字段中存储多个证书。在这种情况下，签名者的说明文档应当指明附加证书的含义。例如，这是要在 TLS 握手时提供的证书和中继证书。</p>  <p>如果要让<strong>信任锚点</strong>（根证书）可用，应该将其与 CertificateSigningRequest 及其 <code>status.certificate</code> 字段分开处理。例如，你可以使用 ClusterTrustBundle。</p>  <p>PKCS#10 签名请求格式并没有一种标准的方法去设置证书的过期时间或者生命期。因此，证书的过期时间或者生命期必须通过 CSR 对象的 <code>spec.expirationSeconds</code> 字段来设置。当 <code>spec.expirationSeconds</code> 没有被指定时，内置的签名者默认使用 <code>ClusterSigningDuration</code> 配置选项（kube-controller-manager 的命令行选项 <code>--cluster-signing-duration</code>），该选项的默认值设为 1 年。当 <code>spec.expirationSeconds</code> 被指定时，<code>spec.expirationSeconds</code> 和 <code>ClusterSigningDuration</code> 中的最小值会被使用。</p> <div class="alert alert-info note callout" role="alert"> <strong>说明：</strong>  <p><code>spec.expirationSeconds</code> 字段是在 Kubernetes v1.22 中加入的。早期的 Kubernetes 版本并不认识该字段。 v1.22 版本之前的 Kubernetes API 服务器会在创建对象的时候忽略该字段。 </div>  <h3 id="kubernetes-signers">Kubernetes 签名者</h3> <p>Kubernetes 提供了内置的签名者，每个签名者都有一个众所周知的 <code>signerName</code>:</p>  <ol> <li><code>kubernetes.io/kube-apiserver-client</code>：签名的证书将被 API 服务器视为客户证书。 <a class='glossary-tooltip' title='主节点上运行控制器的组件。' data-toggle='tooltip' data-placement='top' href='/zh-cn/docs/reference/command-line-tools-reference/kube-controller-manager/' target='_blank' aria-label='kube-controller-manager'>kube-controller-manager</a> 不会自动批准它。 <ol> <li>信任分发：签名的证书将被 API 服务器视为客户端证书。CA 证书包不通过任何其他方式分发。</li> <li>许可的主体：没有主体限制，但审核人和签名者可以选择不批准或不签署。某些主体，比如集群管理员级别的用户或组因部署和安装方式不同而不同，所以批准和签署之前需要进行额外仔细审查。用来限制 <code>system:masters</code> 的 CertificateSubjectRestriction 准入插件默认处于启用状态，但它通常不是集群中唯一的集群管理员主体。</li> <li>许可的 x509 扩展：允许 subjectAltName 和 key usage 扩展，弃用其他扩展。</li> <li>许可的密钥用途：必须包含 <code>["client auth"]</code>，但不能包含 <code>["digital signature", "key encipherment", "client auth"]</code> 之外的键。</li> <li>过期时间/证书有效期：对于 kube-controller-manager 实现的签名者，设置为 <code>--cluster-signing-duration</code> 选项和 CSR 对象的 <code>spec.expirationSeconds</code> 字段（如有设置该字段）中的最小值。</li> <li>允许/不允许 CA 位：不允许。</li> </ol> </li> </ol>  <ol start="2"> <li> <p><code>kubernetes.io/kube-apiserver-client-kubelet</code>: 签名的证书将被 kube-apiserver 视为客户证书。 <a class='glossary-tooltip' title='主节点上运行控制器的组件。' data-toggle='tooltip' data-placement='top' href='/zh-cn/docs/reference/command-line-tools-reference/kube-controller-manager/' target='_blank' aria-label='kube-controller-manager'>kube-controller-manager</a> 可以自动批准它。</p> <ol> <li>信任分发：签名的证书将被 API 服务器视为客户端证书。CA 证书包不通过任何其他方式分发。</li> <li>许可的主体：组织名必须是 <code>["system:nodes"]</code>，用户名以 "<code>system:node:</code>" 开头</li> <li>许可的 x509 扩展：允许 key usage 扩展，禁用 subjectAltName 扩展，并删除其他扩展。</li> <li>许可的密钥用途：<code>["key encipherment", "digital signature", "client auth"]</code> 或 <code>["digital signature", "client auth"]</code>。</li> <li>过期时间/证书有效期：对于 kube-controller-manager 实现的签名者，设置为 <code>--cluster-signing-duration</code> 选项和 CSR 对象的 <code>spec.expirationSeconds</code> 字段（如有设置该字段）中的最小值。</li> <li>允许/不允许 CA 位：不允许。</li> </ol> </li> </ol>  <ol start="3"> <li><code>kubernetes.io/kubelet-serving</code>: 签名服务证书，该服务证书被 API 服务器视为有效的 kubelet 服务证书，但没有其他保证。<a class='glossary-tooltip' title='主节点上运行控制器的组件。' data-toggle='tooltip' data-placement='top' href='/zh-cn/docs/reference/command-line-tools-reference/kube-controller-manager/' target='_blank' aria-label='kube-controller-manager'>kube-controller-manager</a> 不会自动批准它。 <ol> <li>信任分发：签名的证书必须被 kube-apiserver 认可，可有效的中止 kubelet 连接。CA 证书包不通过任何其他方式分发。</li> <li>许可的主体：组织名必须是 <code>["system:nodes"]</code>，用户名以 "<code>system:node:</code>" 开头</li> <li>许可的 x509 扩展：允许 key usage、DNSName/IPAddress subjectAltName 等扩展，禁止 EmailAddress、URI subjectAltName 等扩展，并丢弃其他扩展。至少有一个 DNS 或 IP 的 SubjectAltName 存在。</li> <li>许可的密钥用途：<code>["key encipherment", "digital signature", "server auth"]</code> 或 <code>["digital signature", "server auth"]</code>。</li> <li>过期时间/证书有效期：对于 kube-controller-manager 实现的签名者，设置为 <code>--cluster-signing-duration</code> 选项和 CSR 对象的 <code>spec.expirationSeconds</code> 字段（如有设置该字段）中的最小值。</li> <li>允许/不允许 CA 位：不允许。</li> </ol> </li> </ol>  <ol start="4"> <li><code>kubernetes.io/legacy-unknown</code>: 不保证信任。Kubernetes 的一些第三方发行版可能会使用它签署的客户端证书。稳定版的 CertificateSigningRequest API（<code>certificates.k8s.io/v1</code> 以及之后的版本）不允许将 <code>signerName</code> 设置为 <code>kubernetes.io/legacy-unknown</code>。 <a class='glossary-tooltip' title='主节点上运行控制器的组件。' data-toggle='tooltip' data-placement='top' href='/zh-cn/docs/reference/command-line-tools-reference/kube-controller-manager/' target='_blank' aria-label='kube-controller-manager'>kube-controller-manager</a> 不会自动批准这类请求。 <ol> <li>信任分发：没有。这个签名者在 Kubernetes 集群中没有标准的信任或分发。</li> <li>许可的主体：全部。</li> <li>许可的 x509 扩展：允许 subjectAltName 和 key usage 等扩展，并弃用其他扩展。</li> <li>许可的密钥用途：全部。</li> <li>过期时间/证书有效期：对于 kube-controller-manager 实现的签名者，设置为 <code>--cluster-signing-duration</code> 选项和 CSR 对象的 <code>spec.expirationSeconds</code> 字段（如有设置该字段）中的最小值。</li> <li>允许/不允许 CA 位 - 不允许。</li> </ol> </li> </ol>  <p>kube-controller-manager 为每个内置签名者实现了<a href="#signer-control-plane">控制平面签名</a>。注意：所有这些故障仅在 kube-controller-manager 日志中报告。</p> <div class="alert alert-info note callout" role="alert"> <strong>说明：</strong>  <p><code>spec.expirationSeconds</code> 字段是在 Kubernetes v1.22 中加入的。早期的 Kubernetes 版本并不认识该字段。 v1.22 版本之前的 Kubernetes API 服务器会在创建对象的时候忽略该字段。 </div>  <p>对于这些签名者，信任的分发发生在带外（out of band）。上述信任之外的任何信任都是完全巧合的。例如，一些发行版可能会将 <code>kubernetes.io/legacy-unknown</code> 作为 kube-apiserver 的客户端证书，但这个做法并不标准。这些用途都没有以任何方式涉及到 ServiceAccount 中的 Secrets <code>.data[ca.crt]</code>。此 CA 证书包只保证使用默认的服务（<code>kubernetes.default.svc</code>）来验证到 API 服务器的连接。</p>  <h2 id="signing">签名 </h2> <h3 id="signer-control-plane">控制平面签名者 </h3> <p>Kubernetes 控制平面实现了每一个 <a href="/zh-cn/docs/reference/access-authn-authz/certificate-signing-requests/#kubernetes-signers">Kubernetes 签名者</a>，每个签名者的实现都是 kube-controller-manager 的一部分。</p> <div class="alert alert-info note callout" role="alert"> <strong>说明：</strong>  <p>在 Kubernetes v1.18 之前， kube-controller-manager 签名所有标记为 approved 的 CSR。 </div> <div class="alert alert-info note callout" role="alert"> <strong>说明：</strong>  <p><code>spec.expirationSeconds</code> 字段是在 Kubernetes v1.22 中加入的。早期的 Kubernetes 版本并不认识该字段。 v1.22 版本之前的 Kubernetes API 服务器会在创建对象的时候忽略该字段。 </div>  <h3 id="signer-api">基于 API 的签名者 </h3> <p>REST API 的用户可以通过向待签名的 CSR 的 <code>status</code> 子资源提交更新请求来对 CSR 进行签名。</p> <p>作为这个请求的一部分，<code>status.certificate</code> 字段应设置为已签名的证书。此字段可包含一个或多个 PEM 编码的证书。</p> <p>所有的 PEM 块必须具备 "CERTIFICATE" 标签，且不包含文件头，且编码的数据必须是 <a href="https://tools.ietf.org/html/rfc5280#section-4.1">RFC5280 第 4 节</a> 中描述的 BER 编码的 ASN.1 证书结构。</p> <p>证书内容示例：</p> <pre tabindex="0"><code>-----BEGIN CERTIFICATE----- MIIDgjCCAmqgAwIBAgIUC1N1EJ4Qnsd322BhDPRwmg3b/oAwDQYJKoZIhvcNAQEL BQAwXDELMAkGA1UEBhMCeHgxCjAIBgNVBAgMAXgxCjAIBgNVBAcMAXgxCjAIBgNV BAoMAXgxCjAIBgNVBAsMAXgxCzAJBgNVBAMMAmNhMRAwDgYJKoZIhvcNAQkBFgF4 MB4XDTIwMDcwNjIyMDcwMFoXDTI1MDcwNTIyMDcwMFowNzEVMBMGA1UEChMMc3lz dGVtOm5vZGVzMR4wHAYDVQQDExVzeXN0ZW06bm9kZToxMjcuMC4wLjEwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDne5X2eQ1JcLZkKvhzCR4Hxl9+ZmU3 +e1zfOywLdoQxrPi+o4hVsUH3q0y52BMa7u1yehHDRSaq9u62cmi5ekgXhXHzGmm kmW5n0itRECv3SFsSm2DSghRKf0mm6iTYHWDHzUXKdm9lPPWoSOxoR5oqOsm3JEh Q7Et13wrvTJqBMJo1GTwQuF+HYOku0NF/DLqbZIcpI08yQKyrBgYz2uO51/oNp8a sTCsV4OUfyHhx2BBLUo4g4SptHFySTBwlpRWBnSjZPOhmN74JcpTLB4J5f4iEeA7 2QytZfADckG4wVkhH3C2EJUmRtFIBVirwDn39GXkSGlnvnMgF3uLZ6zNAgMBAAGj YTBfMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDAjAMBgNVHRMB Af8EAjAAMB0GA1UdDgQWBBTREl2hW54lkQBDeVCcd2f2VSlB1DALBgNVHREEBDAC ggAwDQYJKoZIhvcNAQELBQADggEBABpZjuIKTq8pCaX8dMEGPWtAykgLsTcD2jYr L0/TCrqmuaaliUa42jQTt2OVsVP/L8ofFunj/KjpQU0bvKJPLMRKtmxbhXuQCQi1 qCRkp8o93mHvEz3mTUN+D1cfQ2fpsBENLnpS0F4G/JyY2Vrh19/X8+mImMEK5eOy o0BMby7byUj98WmcUvNCiXbC6F45QTmkwEhMqWns0JZQY+/XeDhEcg+lJvz9Eyo2 aGgPsye1o3DpyXnyfJWAWMhOz7cikS5X2adesbgI86PhEHBXPIJ1v13ZdfCExmdd M1fLPhLyR54fGaY+7/X8P9AZzPefAkwizeXwe9ii6/a08vWoiE4= -----END CERTIFICATE----- </code></pre> <p>非 PEM 内容可能会出现在证书 PEM 块前后的位置，且未经验证，以允许使用 <a href="https://www.rfc-editor.org/rfc/rfc7468#section-5.2">RFC7468 第 5.2 节</a>中描述的解释性文本。</p> <p>当使用 JSON 或 YAML 格式时，此字段是 base-64 编码。包含上述示例证书的 CertificateSigningRequest 如下所示：</p> <div class="highlight"><pre tabindex="0" style="background-color:#f8f8f8;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-yaml" data-lang="yaml"><span style="display:flex;"><span><span style="color:#008000;font-weight:bold">apiVersion</span>:<span style="color:#bbb"> </span>certificates.k8s.io/v1<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"></span><span style="color:#008000;font-weight:bold">kind</span>:<span style="color:#bbb"> </span>CertificateSigningRequest<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"></span><span style="color:#00f;font-weight:bold">...</span><span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"></span><span style="color:#008000;font-weight:bold">status</span>:<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span><span style="color:#008000;font-weight:bold">certificate</span>:<span style="color:#bbb"> </span><span style="color:#b44">"LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JS..."</span><span style="color:#bbb"> </span></span></span></code></pre></div> <h2 id="approval-rejection">批准和驳回</h2> <p><a href="#signers">签名者</a>基于 CertificateSigningRequest 签发证书之前，通常会检查 CSR 的签发是否已被<strong>批准</strong>。</p> <h3 id="approval-rejection-control-plane">控制平面的自动化批准</h3> <p>kube-controller-manager 内建了一个证书批准者，其 signerName 为 <code>kubernetes.io/kube-apiserver-client-kubelet</code>，该批准者将 CSR 上用于节点凭据的各种权限委托给权威认证机构。 kube-controller-manager 将 SubjectAccessReview 资源发送（POST）到 API 服务器，以便检验批准证书的授权。</p>  <h3 id="approval-rejection-kubectl">使用 <code>kubectl</code> 批准或驳回 </h3> <p>Kubernetes 管理员（拥有足够的权限）可以手工批准（或驳回）CertificateSigningRequests，此操作使用 <code>kubectl certificate approve</code> 和 <code>kubectl certificate deny</code> 命令实现。</p> <p>使用 kubectl 批准一个 CSR：</p> <div class="highlight"><pre tabindex="0" style="background-color:#f8f8f8;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-shell" data-lang="shell"><span style="display:flex;"><span>kubectl certificate approve <certificate-signing-request-name> </span></span></code></pre></div> <p>同样地，驳回一个 CSR：</p> <div class="highlight"><pre tabindex="0" style="background-color:#f8f8f8;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-shell" data-lang="shell"><span style="display:flex;"><span>kubectl certificate deny <certificate-signing-request-name> </span></span></code></pre></div> <h3 id="approval-rejection-api-client">使用 Kubernetes API 批准或驳回 </h3> <p>REST API 的用户可以通过向待批准的 CSR 的 <code>approval</code> 子资源提交更新请求来批准 CSR。例如，你可以编写一个 <a class='glossary-tooltip' title='一种用于管理自定义资源的专用控制器' data-toggle='tooltip' data-placement='top' href='/zh-cn/docs/concepts/extend-kubernetes/operator/' target='_blank' aria-label='operator'>operator</a> 来监视特定类型的 CSR，然后发送一个更新来批准它。</p> <p>当你发出批准或驳回的指令时，根据你期望的状态来选择设置 <code>Approved</code> 或 <code>Denied</code>。</p> <p>批准（<code>Approved</code>）的 CSR：</p>  <div class="highlight"><pre tabindex="0" style="background-color:#f8f8f8;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-yaml" data-lang="yaml"><span style="display:flex;"><span><span style="color:#008000;font-weight:bold">apiVersion</span>:<span style="color:#bbb"> </span>certificates.k8s.io/v1<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"></span><span style="color:#008000;font-weight:bold">kind</span>:<span style="color:#bbb"> </span>CertificateSigningRequest<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"></span><span style="color:#00f;font-weight:bold">...</span><span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"></span><span style="color:#008000;font-weight:bold">status</span>:<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span><span style="color:#008000;font-weight:bold">conditions</span>:<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span>- <span style="color:#008000;font-weight:bold">lastUpdateTime</span>:<span style="color:#bbb"> </span><span style="color:#b44">"2020-02-08T11:37:35Z"</span><span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span><span style="color:#008000;font-weight:bold">lastTransitionTime</span>:<span style="color:#bbb"> </span><span style="color:#b44">"2020-02-08T11:37:35Z"</span><span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span><span style="color:#008000;font-weight:bold">message</span>:<span style="color:#bbb"> </span>Approved by my custom approver controller<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span><span style="color:#008000;font-weight:bold">reason</span>:<span style="color:#bbb"> </span>ApprovedByMyPolicy<span style="color:#bbb"> </span><span style="color:#080;font-style:italic"># 你可以将此字段设置为任意字符串</span><span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span><span style="color:#008000;font-weight:bold">type</span>:<span style="color:#bbb"> </span>Approved<span style="color:#bbb"> </span></span></span></code></pre></div> <p>驳回（<code>Denied</code>）的 CSR：</p>  <div class="highlight"><pre tabindex="0" style="background-color:#f8f8f8;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-yaml" data-lang="yaml"><span style="display:flex;"><span><span style="color:#008000;font-weight:bold">apiVersion</span>:<span style="color:#bbb"> </span>certificates.k8s.io/v1<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"></span><span style="color:#008000;font-weight:bold">kind</span>:<span style="color:#bbb"> </span>CertificateSigningRequest<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"></span><span style="color:#00f;font-weight:bold">...</span><span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"></span><span style="color:#008000;font-weight:bold">status</span>:<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span><span style="color:#008000;font-weight:bold">conditions</span>:<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span>- <span style="color:#008000;font-weight:bold">lastUpdateTime</span>:<span style="color:#bbb"> </span><span style="color:#b44">"2020-02-08T11:37:35Z"</span><span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span><span style="color:#008000;font-weight:bold">lastTransitionTime</span>:<span style="color:#bbb"> </span><span style="color:#b44">"2020-02-08T11:37:35Z"</span><span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span><span style="color:#008000;font-weight:bold">message</span>:<span style="color:#bbb"> </span>Denied by my custom approver controller<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span><span style="color:#008000;font-weight:bold">reason</span>:<span style="color:#bbb"> </span>DeniedByMyPolicy<span style="color:#bbb"> </span><span style="color:#080;font-style:italic"># 你可以将此字段设置为任意字符串</span><span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span><span style="color:#008000;font-weight:bold">type</span>:<span style="color:#bbb"> </span>Denied<span style="color:#bbb"> </span></span></span></code></pre></div> <p><code>status.conditions.reason</code> 字段通常设置为一个首字母大写的对机器友好的原因码; 这是一个命名约定，但你也可以随你的个人喜好设置。如果你想添加一个供人类使用的注释，那就用 <code>status.conditions.message</code> 字段。</p>  <h2 id="cluster-trust-bundles">集群信任包 </h2> <div style="margin-top: 10px; margin-bottom: 10px;"> <b>特性状态：</b> <code>Kubernetes v1.27 [alpha]</code> </div> <div class="alert alert-info note callout" role="alert"> <strong>说明：</strong>  <p>在 Kubernetes 1.28 中，如果想要使用此 API，必须同时启用 <code>ClusterTrustBundles</code> <a href="/zh-cn/docs/reference/command-line-tools-reference/feature-gates/">特性门控</a> <strong>以及</strong> <code>certificates.k8s.io/v1alpha1</code> <a class='glossary-tooltip' title='Kubernetes API 中的一组相关路径。' data-toggle='tooltip' data-placement='top' href='/zh-cn/docs/concepts/overview/kubernetes-api/#api-groups-and-versioning' target='_blank' aria-label='API 组'>API 组</a>。 </div>  <p>ClusterTrustBundles 是一个作用域为集群的对象，向集群内的对象分发 X.509 信任锚点（根证书）。此对象旨在与 CertificateSigningRequests 中的<a href="#signers">签名者</a>概念协同工作。</p> <p>ClusterTrustBundles 可以使用两种模式： <a href="#ctb-signer-linked">签名者关联</a>和<a href="#ctb-signer-unlinked">签名者未关联</a>。</p>  <h3 id="ctb-common">常见属性和验证</h3> <p>所有 ClusterTrustBundle 对象都对其 <code>trustBundle</code> 字段的内容进行强大的验证。该字段必须包含一个或多个经 DER 序列化的 X.509 证书，每个证书都封装在 PEM <code>CERTIFICATE</code> 块中。这些证书必须解析为有效的 X.509 证书。</p> <p>诸如块间数据和块内标头之类的 PEM 特性在对象验证期间要么被拒绝，要么可能被对象的消费者忽略。此外，消费者被允许使用自己的任意但稳定的排序方式重新排序 bundle 中的证书。</p>  <p>ClusterTrustBundle 对象应该在集群内被视为全局可读的。如果集群使用 <a href="/zh-cn/docs/reference/access-authn-authz/rbac/">RBAC</a> 鉴权，则所有 ServiceAccount 都具有默认授权，允许它们 <strong>get</strong>、<strong>list</strong> 和 <strong>watch</strong> 所有 ClusterTrustBundle 对象。如果你使用自己的鉴权机制，并且在集群中启用了 ClusterTrustBundles，则应设置等效规则以使这些对象在集群内公开，使这些对象按预期工作。</p> <p>如果你没有默认在集群中列出集群信任包的权限，则可以扮演具有访问权限的 ServiceAccount，以查看可用的 ClusterTrustBundle：</p> <div class="highlight"><pre tabindex="0" style="background-color:#f8f8f8;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>kubectl get clustertrustbundles --as<span style="color:#666">=</span><span style="color:#b44">'system:serviceaccount:mynamespace:default'</span> </span></span></code></pre></div> <h3 id="ctb-signer-linked">签名者关联的 ClusterTrustBundles</h3> <p>签名者关联的 ClusterTrustBundles 与<strong>签名者名称</strong>关联，例如：</p> <div class="highlight"><pre tabindex="0" style="background-color:#f8f8f8;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-yaml" data-lang="yaml"><span style="display:flex;"><span><span style="color:#008000;font-weight:bold">apiVersion</span>:<span style="color:#bbb"> </span>certificates.k8s.io/v1alpha1<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"></span><span style="color:#008000;font-weight:bold">kind</span>:<span style="color:#bbb"> </span>ClusterTrustBundle<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"></span><span style="color:#008000;font-weight:bold">metadata</span>:<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span><span style="color:#008000;font-weight:bold">name</span>:<span style="color:#bbb"> </span>example.com:mysigner:foo<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"></span><span style="color:#008000;font-weight:bold">spec</span>:<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span><span style="color:#008000;font-weight:bold">signerName</span>:<span style="color:#bbb"> </span>example.com/mysigner<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span><span style="color:#008000;font-weight:bold">trustBundle</span>:<span style="color:#bbb"> </span><span style="color:#b44">"<... PEM data ...>"</span><span style="color:#bbb"> </span></span></span></code></pre></div> <p>这些 ClusterTrustBundle 预期由集群中的特定签名者控制器维护，因此它们具有多个安全特性：</p>  <ul> <li>要创建或更新与一个签名者关联的 ClusterTrustBundle，你必须获准<strong>证明</strong>该签名者（自定义鉴权动词 <code>attest</code> API 组 <code>certificates.k8s.io</code>；资源路径 <code>signers</code>）。你可以为特定资源名称 <code><signerNameDomain>/<signerNamePath></code> 或匹配 <code><signerNameDomain>/*</code> 等模式来配置鉴权。</li> <li>与签名者关联的 ClusterTrustBundle <strong>必须</strong>使用从其 <code>spec.signerName</code> 字段派生的前缀命名。斜杠 (<code>/</code>) 被替换为英文冒号 (<code>:</code>)，最后追加一个英文冒号。后跟任意名称。例如，签名者 <code>example.com/mysigner</code> 可以关联到 ClusterTrustBundle <code>example.com:mysigner:<arbitrary-name></code>。</li> </ul>  <p>与签名者关联的 ClusterTrustBundle 通常通过组合签名者名称有关的 <a href="/zh-cn/docs/concepts/overview/working-with-objects/field-selectors/">字段选择算符</a> 或单独使用<a href="/zh-cn/docs/concepts/overview/working-with-objects/labels/#label-selectors">标签选择算符</a>在工作负载中被消耗。</p>  <h3 id="ctb-signer-unlinked">签名者未关联的 ClusterTrustBundles </h3> <p>签名者未关联的 ClusterTrustBundles 具有空白的 <code>spec.signerName</code> 字段，例如：</p>  <div class="highlight"><pre tabindex="0" style="background-color:#f8f8f8;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-yaml" data-lang="yaml"><span style="display:flex;"><span><span style="color:#008000;font-weight:bold">apiVersion</span>:<span style="color:#bbb"> </span>certificates.k8s.io/v1alpha1<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"></span><span style="color:#008000;font-weight:bold">kind</span>:<span style="color:#bbb"> </span>ClusterTrustBundle<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"></span><span style="color:#008000;font-weight:bold">metadata</span>:<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span><span style="color:#008000;font-weight:bold">name</span>:<span style="color:#bbb"> </span>foo<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"></span><span style="color:#008000;font-weight:bold">spec</span>:<span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span><span style="color:#080;font-style:italic"># 未指定 signerName 所以该字段留空</span><span style="color:#bbb"> </span></span></span><span style="display:flex;"><span><span style="color:#bbb"> </span><span style="color:#008000;font-weight:bold">trustBundle</span>:<span style="color:#bbb"> </span><span style="color:#b44">"<... PEM data ...>"</span><span style="color:#bbb"> </span></span></span></code></pre></div> <p>它们主要用于集群配置场景。每个与签名者未关联的 ClusterTrustBundle 都是一个独立的对象，与签名者关联的 ClusterTrustBundle 的惯常分组行为形成了对比。</p> <p>与签名者为关联的 ClusterTrustBundle 没有 <code>attest</code> 动词要求。相反，你可以使用通常的机制（如基于角色的访问控制）直接控制对它们的访问。</p> <p>为了将它们与与签名者关联的 ClusterTrustBundle 区分开来，与签名者未关联的 ClusterTrustBundle 的名称<strong>必须不</strong>包含英文冒号 (<code>:</code>)。</p>   <h2 id="normal-user">如何为用户签发证书 </h2> <p>为了让普通用户能够通过认证并调用 API，需要执行几个步骤。首先，该用户必须拥有 Kubernetes 集群签发的证书，然后将该证书提供给 Kubernetes API。</p>  <h3 id="create-private-key">创建私钥</h3> <p>下面的脚本展示了如何生成 PKI 私钥和 CSR。设置 CSR 的 CN 和 O 属性很重要。CN 是用户名，O 是该用户归属的组。你可以参考 <a href="/zh-cn/docs/reference/access-authn-authz/rbac/">RBAC</a> 了解标准组的信息。</p> <div class="highlight"><pre tabindex="0" style="background-color:#f8f8f8;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-shell" data-lang="shell"><span style="display:flex;"><span>openssl genrsa -out myuser.key <span style="color:#666">2048</span> </span></span><span style="display:flex;"><span>openssl req -new -key myuser.key -out myuser.csr -subj <span style="color:#b44">"/CN=myuser"</span> </span></span></code></pre></div> <h3 id="create-certificatesigningrequest">创建 CertificateSigningRequest</h3> <p>创建一个 CertificateSigningRequest，并通过 kubectl 将其提交到 Kubernetes 集群。下面是生成 CertificateSigningRequest 的脚本。</p> <div class="highlight"><pre tabindex="0" style="background-color:#f8f8f8;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-shell" data-lang="shell"><span style="display:flex;"><span>cat <span style="color:#b44"><<EOF | kubectl apply -f - </span></span></span><span style="display:flex;"><span><span style="color:#b44">apiVersion: certificates.k8s.io/v1 </span></span></span><span style="display:flex;"><span><span style="color:#b44">kind: CertificateSigningRequest </span></span></span><span style="display:flex;"><span><span style="color:#b44">metadata: </span></span></span><span style="display:flex;"><span><span style="color:#b44"> name: myuser </span></span></span><span style="display:flex;"><span><span style="color:#b44">spec: </span></span></span><span style="display:flex;"><span><span style="color:#b44"> request: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJQ1ZqQ0NBVDRDQVFBd0VURVBNQTBHQTFVRUF3d0dZVzVuWld4aE1JSUJJakFOQmdrcWhraUc5dzBCQVFFRgpBQU9DQVE4QU1JSUJDZ0tDQVFFQTByczhJTHRHdTYxakx2dHhWTTJSVlRWMDNHWlJTWWw0dWluVWo4RElaWjBOCnR2MUZtRVFSd3VoaUZsOFEzcWl0Qm0wMUFSMkNJVXBGd2ZzSjZ4MXF3ckJzVkhZbGlBNVhwRVpZM3ExcGswSDQKM3Z3aGJlK1o2MVNrVHF5SVBYUUwrTWM5T1Nsbm0xb0R2N0NtSkZNMUlMRVI3QTVGZnZKOEdFRjJ6dHBoaUlFMwpub1dtdHNZb3JuT2wzc2lHQ2ZGZzR4Zmd4eW8ybmlneFNVekl1bXNnVm9PM2ttT0x1RVF6cXpkakJ3TFJXbWlECklmMXBMWnoyalVnald4UkhCM1gyWnVVV1d1T09PZnpXM01LaE8ybHEvZi9DdS8wYk83c0x0MCt3U2ZMSU91TFcKcW90blZtRmxMMytqTy82WDNDKzBERHk5aUtwbXJjVDBnWGZLemE1dHJRSURBUUFCb0FBd0RRWUpLb1pJaHZjTgpBUUVMQlFBRGdnRUJBR05WdmVIOGR4ZzNvK21VeVRkbmFjVmQ1N24zSkExdnZEU1JWREkyQTZ1eXN3ZFp1L1BVCkkwZXpZWFV0RVNnSk1IRmQycVVNMjNuNVJsSXJ3R0xuUXFISUh5VStWWHhsdnZsRnpNOVpEWllSTmU3QlJvYXgKQVlEdUI5STZXT3FYbkFvczFqRmxNUG5NbFpqdU5kSGxpT1BjTU1oNndLaTZzZFhpVStHYTJ2RUVLY01jSVUyRgpvU2djUWdMYTk0aEpacGk3ZnNMdm1OQUxoT045UHdNMGM1dVJVejV4T0dGMUtCbWRSeEgvbUNOS2JKYjFRQm1HCkkwYitEUEdaTktXTU0xMzhIQXdoV0tkNjVoVHdYOWl4V3ZHMkh4TG1WQzg0L1BHT0tWQW9FNkpsYWFHdTlQVmkKdjlOSjVaZlZrcXdCd0hKbzZXdk9xVlA3SVFjZmg3d0drWm89Ci0tLS0tRU5EIENFUlRJRklDQVRFIFJFUVVFU1QtLS0tLQo= </span></span></span><span style="display:flex;"><span><span style="color:#b44"> signerName: kubernetes.io/kube-apiserver-client </span></span></span><span style="display:flex;"><span><span style="color:#b44"> expirationSeconds: 86400 # one day </span></span></span><span style="display:flex;"><span><span style="color:#b44"> usages: </span></span></span><span style="display:flex;"><span><span style="color:#b44"> - client auth </span></span></span><span style="display:flex;"><span><span style="color:#b44">EOF</span> </span></span></code></pre></div> <p>需要注意的几点:</p> <ul> <li> <p><code>usage</code> 字段必须是 '<code>client auth</code>'</p> </li> <li> <p><code>expirationSeconds</code> 可以设置为更长（例如 <code>864000</code> 是十天）或者更短（例如 <code>3600</code> 是一个小时）</p> </li> <li> <p><code>request</code> 字段是 CSR 文件内容的 base64 编码值。要得到该值，可以执行命令</p> <div class="highlight"><pre tabindex="0" style="background-color:#f8f8f8;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-shell" data-lang="shell"><span style="display:flex;"><span>cat myuser.csr | base64 | tr -d <span style="color:#b44">"\n"</span> </span></span></code></pre></div></li> </ul>  <h3 id="approve-certificate-signing-request">批准 CertificateSigningRequest </h3> <p>使用 kubectl 创建 CSR 并批准。</p> <p>获取 CSR 列表：</p> <div class="highlight"><pre tabindex="0" style="background-color:#f8f8f8;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-shell" data-lang="shell"><span style="display:flex;"><span>kubectl get csr </span></span></code></pre></div> <p>批准 CSR：</p> <div class="highlight"><pre tabindex="0" style="background-color:#f8f8f8;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-shell" data-lang="shell"><span style="display:flex;"><span>kubectl certificate approve myuser </span></span></code></pre></div> <h3 id="get-the-certificate">取得证书</h3> <p>从 CSR 取得证书：</p> <div class="highlight"><pre tabindex="0" style="background-color:#f8f8f8;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-shell" data-lang="shell"><span style="display:flex;"><span>kubectl get csr/myuser -o yaml </span></span></code></pre></div> <p>证书的内容使用 base64 编码，存放在字段 <code>status.certificate</code>。</p> <p>从 CertificateSigningRequest 导出颁发的证书。</p> <div class="highlight"><pre tabindex="0" style="background-color:#f8f8f8;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-shell" data-lang="shell"><span style="display:flex;"><span>kubectl get csr myuser -o <span style="color:#b8860b">jsonpath</span><span style="color:#666">=</span><span style="color:#b44">'{.status.certificate}'</span>| base64 -d > myuser.crt </span></span></code></pre></div> <h3 id="create-role-and-role-binding">创建角色和角色绑定</h3> <p>创建了证书之后，为了让这个用户能访问 Kubernetes 集群资源，现在就要创建 Role 和 RoleBinding 了。</p> <p>下面是为这个新用户创建 Role 的示例命令：</p> <div class="highlight"><pre tabindex="0" style="background-color:#f8f8f8;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-shell" data-lang="shell"><span style="display:flex;"><span>kubectl create role developer --verb<span style="color:#666">=</span>create --verb<span style="color:#666">=</span>get --verb<span style="color:#666">=</span>list --verb<span style="color:#666">=</span>update --verb<span style="color:#666">=</span>delete --resource<span style="color:#666">=</span>pods </span></span></code></pre></div> <p>下面是为这个新用户创建 RoleBinding 的示例命令：</p> <div class="highlight"><pre tabindex="0" style="background-color:#f8f8f8;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-shell" data-lang="shell"><span style="display:flex;"><span>kubectl create rolebinding developer-binding-myuser --role<span style="color:#666">=</span>developer --user<span style="color:#666">=</span>myuser </span></span></code></pre></div> <h3 id="add-to-kubeconfig">添加到 kubeconfig </h3> <p>最后一步是将这个用户添加到 kubeconfig 文件。</p> <p>首先，你需要添加新的凭据：</p> <div class="highlight"><pre tabindex="0" style="background-color:#f8f8f8;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-shell" data-lang="shell"><span style="display:flex;"><span>kubectl config set-credentials myuser --client-key<span style="color:#666">=</span>myuser.key --client-certificate<span style="color:#666">=</span>myuser.crt --embed-certs<span style="color:#666">=</span><span style="color:#a2f">true</span> </span></span></code></pre></div> <p>然后，你需要添加上下文：</p> <div class="highlight"><pre tabindex="0" style="background-color:#f8f8f8;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-shell" data-lang="shell"><span style="display:flex;"><span>kubectl config set-context myuser --cluster<span style="color:#666">=</span>kubernetes --user<span style="color:#666">=</span>myuser </span></span></code></pre></div> <p>来测试一下，把上下文切换为 <code>myuser</code>：</p> <div class="highlight"><pre tabindex="0" style="background-color:#f8f8f8;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-shell" data-lang="shell"><span style="display:flex;"><span>kubectl config use-context myuser </span></span></code></pre></div><h2 id="接下来">接下来</h2>  <ul> <li>参阅 <a href="/zh-cn/docs/tasks/tls/managing-tls-in-a-cluster/">管理集群中的 TLS 认证</a></li> <li>查看 kube-controller-manager 中<a href="https://github.com/kubernetes/kubernetes/blob/32ec6c212ec9415f604ffc1f4c1f29b782968ff1/pkg/controller/certificates/signer/cfssl_signer.go">签名者</a>部分的源代码</li> <li>查看 kube-controller-manager 中<a href="https://github.com/kubernetes/kubernetes/blob/32ec6c212ec9415f604ffc1f4c1f29b782968ff1/pkg/controller/certificates/approver/sarapprove.go">批准者</a>部分的源代码</li> <li>有关 X.509 本身的详细信息，请参阅 <a href="https://tools.ietf.org/html/rfc5280#section-3.1">RFC 5280</a> 第 3.1 节</li> <li>有关 PKCS#10 证书签名请求语法的信息，请参阅 <a href="https://tools.ietf.org/html/rfc2986">RFC 2986</a></li> </ul> </div> <div id="pre-footer"> <h2>反馈</h2> <p class="feedback--prompt">此页是否对你有帮助？ </p> <button class="btn btn-primary mb-4 feedback--yes">是</button> <button class="btn btn-primary mb-4 feedback--no">否</button> <p class="feedback--response feedback--response__hidden"> 感谢反馈。如果你有一个关于如何使用 Kubernetes 的具体问题需要答案，可以访问 <a target="_blank" rel="noopener" href="https://stackoverflow.com/questions/tagged/kubernetes"> Stack Overflow</a>. 在 GitHub 仓库上登记新的问题 <a class="feedback--link" target="_blank" rel="noopener" href="https://github.com/kubernetes/website/issues/new?title=Issue%20with%20k8s.io"> 报告问题</a> 或者 <a class="feedback--link" target="_blank" rel="noopener" href="https://github.com/kubernetes/website/issues/new?title=Improvement%20for%20k8s.io"> 提出改进建议</a>. </p> </div> <script> const yes = document.querySelector('.feedback--yes'); const no = document.querySelector('.feedback--no'); document.querySelectorAll('.feedback--link').forEach(link => { link.href = link.href + window.location.pathname; }); const sendFeedback = (value) => { if (!gtag) { console.log('!gtag'); } gtag('event', 'click', { 'event_category': 'Helpful', 'event_label': window.location.pathname, value }); }; const disableButtons = () => { yes.disabled = true; yes.classList.add('feedback--button__disabled'); no.disabled = true; no.classList.add('feedback--button__disabled'); }; yes.addEventListener('click', () => { sendFeedback(1); disableButtons(); document.querySelector('.feedback--response').classList.remove('feedback--response__hidden'); }); no.addEventListener('click', () => { sendFeedback(0); disableButtons(); document.querySelector('.feedback--response').classList.remove('feedback--response__hidden'); }); </script> <div class="text-muted mt-5 pt-3 border-top"> 最后修改 November 02, 2023 at 7:38 PM PST: <a href="https://github.com/kubernetes/website/commit/442e338edf795b225bb11b1012a7a827a1233611">sync certificate-signing-requests feature-gates cheatsheet (442e338edf)</a> </div> </main> <div class="d-none d-xl-block td-toc d-print-none col-xl-4"> <div class="td-page-meta ml-2 pb-1 pt-2 mb-0"> <a href="https://github.com/kubernetes/website/edit/main/content/zh-cn/docs/reference/access-authn-authz/certificate-signing-requests.md" target="_blank"><i class="fa fa-edit fa-fw"></i> 编辑此页</a> <a href="https://github.com/kubernetes/website/new/main/content/zh-cn/docs/reference/access-authn-authz/certificate-signing-requests.md?filename=change-me.md&value=---%0Atitle%3A+%22Long+Page+Title%22%0AlinkTitle%3A+%22Short+Nav+Title%22%0Aweight%3A+100%0Adescription%3A+%3E-%0A+++++Page+description+for+heading+and+indexes.%0A---%0A%0A%23%23+Heading%0A%0AEdit+this+template+to+create+your+new+page.%0A%0A%2A+Give+it+a+good+name%2C+ending+in+%60.md%60+-+e.g.+%60getting-started.md%60%0A%2A+Edit+the+%22front+matter%22+section+at+the+top+of+the+page+%28weight+controls+how+its+ordered+amongst+other+pages+in+the+same+directory%3B+lowest+number+first%29.%0A%2A+Add+a+good+commit+message+at+the+bottom+of+the+page+%28%3C80+characters%3B+use+the+extended+description+field+for+more+detail%29.%0A%2A+Create+a+new+branch+so+you+can+preview+your+new+file+and+request+a+review+via+Pull+Request.%0A" target="_blank"><i class="fa fa-edit fa-fw"></i> 添加子页面</a> <a href="https://github.com/kubernetes/website/issues/new?title=%e8%af%81%e4%b9%a6%e5%92%8c%e8%af%81%e4%b9%a6%e7%ad%be%e5%90%8d%e8%af%b7%e6%b1%82" target="_blank"><i class="fab fa-github fa-fw"></i> 登记一个问题</a> <a id="print" href="https://kubernetes.io/zh-cn/docs/reference/access-authn-authz/_print/"><i class="fa fa-print fa-fw"></i> 整节打印</a> </div> <nav id="TableOfContents"> <ul> <li><a href="#certificate-signing-requests">证书签名请求 </a> <ul> <li><a href="#request-signing-process">请求签名流程</a></li> <li><a href="#authorization">证书签名鉴权 </a></li> </ul> </li> <li><a href="#signers">签名者</a> <ul> <li><a href="#kubernetes-signers">Kubernetes 签名者</a></li> </ul> </li> <li><a href="#signing">签名 </a> <ul> <li><a href="#signer-control-plane">控制平面签名者 </a></li> <li><a href="#signer-api">基于 API 的签名者 </a></li> </ul> </li> <li><a href="#approval-rejection">批准和驳回</a> <ul> <li><a href="#approval-rejection-control-plane">控制平面的自动化批准</a></li> <li><a href="#approval-rejection-kubectl">使用 <code>kubectl</code> 批准或驳回 </a></li> <li><a href="#approval-rejection-api-client">使用 Kubernetes API 批准或驳回 </a></li> </ul> </li> <li><a href="#cluster-trust-bundles">集群信任包 </a> <ul> <li><a href="#ctb-common">常见属性和验证</a></li> <li><a href="#ctb-signer-linked">签名者关联的 ClusterTrustBundles</a></li> <li><a href="#ctb-signer-unlinked">签名者未关联的 ClusterTrustBundles </a></li> </ul> </li> <li><a href="#normal-user">如何为用户签发证书 </a> <ul> <li><a href="#create-private-key">创建私钥</a></li> <li><a href="#create-certificatesigningrequest">创建 CertificateSigningRequest</a></li> <li><a href="#approve-certificate-signing-request">批准 CertificateSigningRequest </a></li> <li><a href="#get-the-certificate">取得证书</a></li> <li><a href="#create-role-and-role-binding">创建角色和角色绑定</a></li> <li><a href="#add-to-kubeconfig">添加到 kubeconfig </a></li> </ul> </li> <li><a href="#接下来">接下来</a></li> </ul> </nav> </div> </div> </div> </div> </div> <footer class="d-print-none"> <div class="footer__links"> <nav> <a class="text-white" href="/zh-cn/docs/home/">文档</a> <a class="text-white" href="/zh-cn/blog/">博客</a> <a class="text-white" href="/zh-cn/training/">培训</a> <a class="text-white" href="/zh-cn/partners/">合作伙伴</a> <a class="text-white" href="/zh-cn/community/">社区</a> <a class="text-white" href="/zh-cn/case-studies/">案例分析</a> </nav> </div> <div class="container-fluid"> <div class="row"> <div class="col-6 col-sm-2 text-xs-center order-sm-2"> <ul class="list-inline mb-0"> <li class="list-inline-item mx-2 h3" data-toggle="tooltip" data-placement="top" title="User mailing list" aria-label="User mailing list"> <a class="text-white" target="_blank" href="https://discuss.kubernetes.io"> <i class="fa fa-envelope"></i> </a> </li> <li class="list-inline-item mx-2 h3" data-toggle="tooltip" data-placement="top" title="Twitter" aria-label="Twitter"> <a class="text-white" target="_blank" href="https://twitter.com/kubernetesio"> <i class="fab fa-twitter"></i> </a> </li> <li class="list-inline-item mx-2 h3" data-toggle="tooltip" data-placement="top" title="Calendar" aria-label="Calendar"> <a class="text-white" target="_blank" href="https://calendar.google.com/calendar/embed?src=calendar%40kubernetes.io"> <i class="fas fa-calendar-alt"></i> </a> </li> <li class="list-inline-item mx-2 h3" data-toggle="tooltip" data-placement="top" title="Youtube" aria-label="Youtube"> <a class="text-white" target="_blank" href="https://youtube.com/kubernetescommunity"> <i class="fab fa-youtube"></i> </a> </li> </ul> </div> <div class="col-6 col-sm-2 text-right text-xs-center order-sm-3"> <ul class="list-inline mb-0"> <li class="list-inline-item mx-2 h3" data-toggle="tooltip" data-placement="top" title="GitHub" aria-label="GitHub"> <a class="text-white" target="_blank" href="https://github.com/kubernetes/kubernetes"> <i class="fab fa-github"></i> </a> </li> <li class="list-inline-item mx-2 h3" data-toggle="tooltip" data-placement="top" title="Slack" aria-label="Slack"> <a class="text-white" target="_blank" href="https://slack.k8s.io"> <i class="fab fa-slack"></i> </a> </li> <li class="list-inline-item mx-2 h3" data-toggle="tooltip" data-placement="top" title="Contribute" aria-label="Contribute"> <a class="text-white" target="_blank" href="https://git.k8s.io/community/contributors/guide"> <i class="fas fa-edit"></i> </a> </li> <li class="list-inline-item mx-2 h3" data-toggle="tooltip" data-placement="top" title="Stack Overflow" aria-label="Stack Overflow"> <a class="text-white" target="_blank" href="https://stackoverflow.com/questions/tagged/kubernetes"> <i class="fab fa-stack-overflow"></i> </a> </li> </ul> </div> <div class="col-12 col-sm-8 text-center order-sm-2"> <small class="text-white">© 2024 The Kubernetes 作者 | 文档发布基于 <a href="https://git.k8s.io/website/LICENSE" class="light-text">CC BY 4.0</a> 授权许可</small> <br/> <small class="text-white">Copyright © 2024 Linux 基金会®。保留所有权利。Linux 基金会已注册并使用商标。如需了解 Linux 基金会的商标列表，请访问<a href="https://www.linuxfoundation.org/trademark-usage" class="light-text">商标使用页面</a></small> <br/> <small class="text-white">ICP license: 京ICP备17074266号-3</small> </div> </div> </div> </footer> <script src="/js/jquery-3.6.0.min.js" integrity="sha384-vtXRMe3mGCbOeY7l30aIg8H9p3GdeSe4IFlP6G8JMa7o7lXvnz3GFKzPxzJdPfGK" crossorigin="anonymous"></script> <script src="/js/popper-1.16.1.min.js" intregrity="sha384-9/reFTGAW83EW2RDu2S0VKaIzap3H66lZH81PoYlFhbGU+6BZp6G7niu735Sk7lN" crossorigin="anonymous"></script> <script src="/js/bootstrap-4.6.1.min.js" integrity="sha384-VHvPCCyXqtD5DqJeNxl2dtTyhF78xXNXdkwX1CZeRusQfRKp+tA7hAShOK/B/fQ2" crossorigin="anonymous"></script> <script src="/js/script.js"></script> <script async src="/js/mermaid-8.13.4.min.js" integrity="sha384-5hHNvPeMrNH14oM3IcQofDoBhiclNK3g2+hnEinKzQ07C4AliMeVpnvxuiwEGpaO" crossorigin="anonymous"></script> <script src="/js/main.min.5c0bf7f21dc4f66485f74efbbeeff28a7e4f8cddaac1bae47043159c922ff3a3.js" integrity="sha256-XAv38h3E9mSF9077vu/yin5PjN2qwbrkcEMVnJIv86M=" crossorigin="anonymous"></script> <script> let splitInstance = null; function enableSplitter(mediaQuery) { if (mediaQuery.matches) { if (!splitInstance) { splitInstance = Split(["#sidebarnav", "#maindoc"], { sizes: [20, 80], minSize: 100, }); } } else { if (splitInstance) { splitInstance.destroy(); splitInstance = null; } } } const screenWidthMediaQuery = window.matchMedia("(min-width: 768px)"); const eleNav = document.getElementById("sidebarnav"); if (eleNav !== null) { enableSplitter(screenWidthMediaQuery); screenWidthMediaQuery.addListener(enableSplitter); } </script> <script async src="/js/sweetalert-2.1.2.min.js"></script> <script type="text/javascript"> function copyCode(elem){ if (document.getElementById(elem)) { if (navigator.clipboard) { navigator.clipboard.writeText(document.getElementById(elem).textContent).then( function () { swal("Copied to clipboard: ",elem); }, function () { swal("Oh, no…","Failed to copy to clipboard: ",elem); }, ); } else { swal("Oh, no…","Sorry, your browser doesn't support copying this example to your clipboard."); } } } </script> </body> </html>