Merge branch 'master' into tf-docker-serve

.github/PULL_REQUEST_TEMPLATE.md

@@ -1,8 +1,6 @@
 >^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-> For 1.11 Features: set Milestone to 1.11 and Base Branch to release-1.11
+> For 1.12 Features: set Milestone to 1.12 and Base Branch to release-1.12
 >^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-> NOTE: After opening the PR, please *un-check and re-check* the ["Allow edits from maintainers"](https://help.github.com/articles/allowing-changes-to-a-pull-request-branch-created-from-a-fork/) box so that maintainers can work on your patch and speed up the review process. This is a temporary workaround to address a known issue with GitHub.> 
 >
 > Please delete this note before submitting the pull request.
 
-![Allow edits from maintainers checkbox](https://help.github.com/assets/images/help/pull_requests/allow-maintainers-to-make-edits-sidebar-checkbox.png)

.gitignore

@@ -29,3 +29,6 @@ nohup.out
 
 # Hugo output
 public/
+
+# User-specific editorconfig files
+.editorconfig

.travis.yml

@@ -1,22 +1,22 @@
 language: go
 go:
-  - 1.9.3
+  - 1.10.2
 
 # Don't want default ./... here:
 install:
 - export PATH=$GOPATH/bin:$PATH
 - mkdir -p $HOME/gopath/src/k8s.io
 - mv $TRAVIS_BUILD_DIR $HOME/gopath/src/k8s.io/website && cd $HOME/gopath/src/k8s.io/website
-# Fetch dependencies for us to run the tests in test/examples_test.go
-- go get -t -v k8s.io/website/test
-# Make sure we are testing against the correct branch
-- pushd $GOPATH/src/k8s.io/kubernetes && git checkout release-1.10 && popd
 
-# Simplified deduplication of dependencies.
+# Make sure we are testing against the correct branch
+- pushd $GOPATH/src/k8s.io && git clone https://github.com/kubernetes/kubernetes && popd
+- pushd $GOPATH/src/k8s.io/kubernetes && git checkout release-1.11 && popd
 - cp -L -R $GOPATH/src/k8s.io/kubernetes/vendor/ $GOPATH/src/
 - rm -r $GOPATH/src/k8s.io/kubernetes/vendor/
 
+# Fetch additional dependencies to run the tests in examples/examples_test.go
+- go get -t -v k8s.io/website/content/en/examples
+
 script:
-# TODO(bep)
-- go test -v k8s.io/website/test #fixed by https://github.com/kubernetes/website/pull/8388
+- go test -v k8s.io/website/content/en/examples
 #- ./verify-docs-format.sh

OWNERS

@@ -1,19 +1,22 @@
 # Reviewers can /lgtm /approve but not sufficient for auto-merge without an
 # approver
 reviewers:
-- zhangxiaoyu-zidif
-- xiangpengzhao
+- Rajakavitha1
 - stewart-yu
-- Rajakavitha1 
+- xiangpengzhao
+- zhangxiaoyu-zidif
+
 # Approvers have all the ability of reviewers but their /approve makes
 # auto-merge happen if a /lgtm exists, or vice versa, or they can do both
 # No need for approvers to also be listed as reviewers
 approvers:
-- heckj
 - bradamant3
 - bradtopol
-- steveperry-53
-- zacharysarah
 - chenopis
+- kbarnard10
 - mistyhacks
+- ryanmcginnis
+- steveperry-53
 - tengqm
+- zacharysarah
+- zparnold

OWNERS_ALIASES

@@ -61,11 +61,25 @@ aliases:
     - smarterclayton
     - soltysh
     - sttts
-  sig-cluster-lifecycle: #GH: sig-cluster-lifecycle-pr-reviews
+  sig-cluster-lifecycle-kubeadm-approvers: # Approving changes to kubeadm documentation
     - timothysc
+    - lukemarsden
     - luxas
     - roberthbailey
-    - fabriziopandini 
+    - fabriziopandini
+  sig-cluster-lifecycle-kubeadm-reviewers: # Reviewing kubeadm documentation
+    - timothysc
+    - lukemarsden
+    - luxas
+    - roberthbailey
+    - fabriziopandini
+    - kad
+    - xiangpengzhao
+    - stealthybox
+    - liztio
+    - chuckha
+    - detiber
+    - dixudx
   sig-cluster-ops:
     - zehicle
     - jdumars
@@ -83,10 +97,19 @@ aliases:
     - spxtr
   sig-docs: #Team: documentation; GH: sig-docs-pr-reviews
     - bradamant3
+    - bradtopol
+    - chenopis
+    - kbarnard10
+    - mistyhacks
+    - rajakavitha1
+    - ryanmcginnis
     - steveperry-53
+    - stewart-yu
+    - tengqm
+    - xiangpengzhao
     - zacharysarah
-    - bradtopol
-    - heckj
+    - zhangxiaoyu-zidif
+    - zparnold
   sig-federation: #Team: Federation; e.g. Federated Clusters
     - csbell
   sig-gcp: #Google Cloud Platform; GH: sig-gcp-pr-reviews

README.md

@@ -21,10 +21,10 @@ For more information about contributing to the Kubernetes documentation, see:
 If you'd like, you can build the Kubernetes docs using Docker. To get started, build the image locally:
 
 ```bash
-$ make docker-image
+make docker-image
 
 # The underlying command:
-$ docker build . \
+docker build . \
   --tag kubernetes-hugo \
   --build-arg HUGO_VERSION=0.40.3
 ```
@@ -33,10 +33,10 @@ You can create an image for a different version of Hugo by changing the value of
 Once the `kubernetes-hugo` image has been built locally, you can build the site:
 
 ```bash
-$ make docker-serve
+make stage
 
 # The underlying command:
-$ docker run \
+docker run \
   --rm \
   --interactive \
   --tty \
@@ -53,4 +53,4 @@ As when building without using a Docker container, the results of the build will
 ## Thank you!
 
 Kubernetes thrives on community participation, and we really appreciate your
-contributions to our site and our documentation!
+contributions to our site and our documentation!

config.toml

@@ -7,7 +7,7 @@ enableRobotsTXT = true
 
 disableKinds = ["taxonomy", "taxonomyTerm"]
 
-ignoreFiles = [ "^OWNERS$", "README.md", "^node_modules$" ]
+ignoreFiles = [ "^OWNERS$", "README.md", "^node_modules$", "content/en/docs/doc-contributor-tools" ]
 
 contentDir = "content/en"
 
@@ -19,6 +19,9 @@ pygmentsUseClasses = false
 # See https://help.farbox.com/pygments.html
 pygmentsStyle = "emacs"
 
+# Enable Git variables like commit, lastmod
+enableGitInfo = true
+
 [blackfriday]
 hrefTargetBlank = true
 fractions = false
@@ -27,7 +30,7 @@ fractions = false
 date = ["date", ":filename", "publishDate", "lastmod"]
 
 [permalinks]
-  blog = "/:section/:year/:month/:day/:slug/"
+blog = "/:section/:year/:month/:day/:slug/"
 
 # Be explicit about the output formats. We (currently) only want an RSS feed for the home page.
 [outputs]
@@ -45,23 +48,31 @@ time_format_blog = "Monday, January 02, 2006"
 description = "Production-Grade Container Orchestration"
 showedit = true
 
-latest = "v1.10"
+latest = "v1.11"
 
-fullversion = "v1.10.3"
-version = "v1.10"
+fullversion = "v1.11.0"
+version = "v1.11"
 githubbranch = "master"
 docsbranch = "master"
 deprecated = false
 currentUrl = "https://kubernetes.io/docs/home/"
 nextUrl = "http://kubernetes-io-vnext-staging.netlify.com/"
 githubWebsiteRepo = "github.com/kubernetes/website"
+githubWebsiteRaw = "raw.githubusercontent.com/kubernetes/website"
+
+[[params.versions]]
+fullversion = "v1.11.0"
+version = "v1.11"
+githubbranch = "v1.11.0"
+docsbranch = "release-1.11"
+url = "https://kubernetes.io"
 
 [[params.versions]]
 fullversion = "v1.10.3"
 version = "v1.10"
 githubbranch = "v1.10.3"
 docsbranch = "release-1.10"
-url = "https://kubernetes.io"
+url = "https://v1-10.docs.kubernetes.io"
 
 [[params.versions]]
 fullversion = "v1.9.7"
@@ -84,13 +95,6 @@ githubbranch = "v1.7.6"
 docsbranch = "release-1.7"
 url = "https://v1-7.docs.kubernetes.io"
 
-[[params.versions]]
-fullversion = "v1.6.8"
-version = "v1.6"
-githubbranch = "v1.6.8"
-docsbranch = "release-1.6"
-url = "https://v1-6.docs.kubernetes.io"
-
 
 # Language definitions.
 

content/cn/docs/concepts/configuration/secret.md

@@ -104,7 +104,7 @@ $ kubectl create -f ./secret.yaml
 secret "mysecret" created
 ```
 
-**编码注意：** secret 数据的序列化 JSON 和 YAML 值使用 base64 编码成字符串。换行符在这些字符串中无效，必须省略。当在 Darwin/OS X 上使用 `base64` 实用程序时，用户应避免使用 `-b` 选项来拆分长行。另外，对于 Linux 用户如果 `-w` 选项不可用的话，应该添加选项 `-w 0` 到 `base64` 命令或管道 `base64 | tr -d '\n' ` 。
+**编码注意：** secret 数据的序列化 JSON 和 YAML 值使用 base64 编码成字符串。换行符在这些字符串中无效，必须省略。当在 Darwin/macOS 上使用 `base64` 实用程序时，用户应避免使用 `-b` 选项来拆分长行。另外，对于 Linux 用户如果 `-w` 选项不可用的话，应该添加选项 `-w 0` 到 `base64` 命令或管道 `base64 | tr -d '\n' ` 。
 
 #### 解码 Secret
 

content/cn/docs/tasks/administer-cluster/memory-defaults-pod-2.yaml

@@ -4,7 +4,7 @@ metadata:
   name: default-mem-demo-2
 spec:
   containers:
-  - name: defalt-mem-demo-2-ctr
+  - name: default-mem-demo-2-ctr
     image: nginx
     resources:
       limits:

content/en/_index.html

@@ -47,6 +47,7 @@ <h2>The Challenges of Migrating 150+ Microservices to Kubernetes</h2>
         <button id="desktopShowVideoButton" onclick="kub.showVideo()">Watch Video</button>
         <br>
         <br>
+        <br>
         <a href="https://www.lfasiallc.com/events/kubecon-cloudnativecon-china-2018/" button id= "desktopKCButton">Attend KubeCon in Shanghai on Nov. 14-15, 2018</a>
         <br>
         <br>
@@ -120,22 +121,23 @@ <h4><a href="/docs/concepts/workloads/controllers/jobs-run-to-completion/">Batch
     <main>
         <h3>Case Studies</h3>
         <div id="caseStudiesWrapper">
-            <div>
-                <p>Using Kubernetes to reinvent the world's largest educational company</p>
-                <a href="/case-studies/pearson/">Read more</a>
-            </div>
-            <div>
-                <p>Kubernetes at Box: Microservices at Maximum Velocity</p>
-                <a href="https://blog.box.com/blog/kubernetes-box-microservices-maximum-velocity/">Read more</a>
-            </div>
-            <div>
-                <p>Inside eBay's shift to Kubernetes and containers atop OpenStack</p>
-                <a href="https://www.nextplatform.com/2015/11/12/inside-ebays-shift-to-kubernetes-and-containers-atop-openstack/">Read more</a>
-            </div>
-            <div>
-                <p>Migrating from a homegrown 'cluster' to Kubernetes</p>
-                <a href="https://www.youtube.com/watch?v=6XGUTu3WhBw">Watch the video</a>
-            </div>
+          <div>
+              <p>Supporting Fast Decisioning Applications with Kubernetes</p>
+              <a href="/case-studies/capital-one">Read more</a>
+          </div>
+          <div>
+              <p>Driving Banking Innovation with Cloud Native</p>
+              <a href="/case-studies/ing">Read more</a>
+          </div>
+          <div>
+              <p>Cloud Native at Northwestern Mutual</p>
+              <a href="/case-studies/northwestern-mutual/">Read more</a>
+          </div>
+          <div>
+              <p>Launching and Scaling Up Experiments, Made Simple</p>
+              <a href="/case-studies/openai/">Read more</a>
+          </div>
+
         </div>
 
         <!--<div id="bigSocial">-->
@@ -161,8 +163,16 @@ <h3>Case Studies</h3>
             <!--</div>-->
         <!--</div>-->
         <h5 style="text-align: center"><a href="/case-studies/" style="color: #3371E3; font-weight: 400">View all case studies</a></h5>
-    </main>
-</section>
+      </main>
+  </section>
+        <section id="cncf">
+            <main>
+        <center>
+        <p>We are a <a href="https://cncf.io/">CNCF</a> graduated project</p>
+        </center>
+      </main>
+  </section>
+
 
 
 

content/en/blog/_posts/2015-11-00-Creating-A-Raspberry-Pi-Cluster-Running-Kubernetes-The-Shopping-List-Part-1.md

@@ -8,7 +8,7 @@ At Devoxx Belgium and Devoxx Morocco, Ray Tsang and I showed a Raspberry Pi clus
 
 ### Wait! Why the heck build a Raspberry Pi cluster running Kubernetes? 
 
-We had two big reasons to build the Pi cluster at Quintor. First of all we wanted to experiment with container technology at scale on real hardware. You can try out container technology using virtual machines, but Kubernetes runs great on on bare metal too. To explore what that’d be like, we built a Raspberry Pi cluster just like we would build a cluster of machines in a production datacenter. This allowed us to understand and simulate how Kubernetes would work when we move it to our data centers.  
+We had two big reasons to build the Pi cluster at Quintor. First of all we wanted to experiment with container technology at scale on real hardware. You can try out container technology using virtual machines, but Kubernetes runs great on bare metal too. To explore what that’d be like, we built a Raspberry Pi cluster just like we would build a cluster of machines in a production datacenter. This allowed us to understand and simulate how Kubernetes would work when we move it to our data centers.  
 
 Secondly, we did not want to blow the budget to do this exploration. And what is cheaper than a Raspberry Pi! If you want to build a cluster comprising many nodes, each node should have a good cost to performance ratio. Our Pi cluster has 20 CPU cores, which is more than many servers, yet cost us less than $400. Additionally, the total power consumption is low and the form factor is small, which is great for these kind of demo systems.  
 

content/en/blog/_posts/2016-03-00-1000-Nodes-And-Beyond-Updates-To-Kubernetes-Performance-And-Scalability-In-12.md

@@ -57,7 +57,7 @@ While we could have decreased the “pod startup time” substantially by exclud
 
 ### Metrics from Kubernetes 1.2 
 
-So what was the result?We run our tests on Google Compute Engine, setting the size of the master VM based on on the size of the Kubernetes cluster. In particular for 1000-node clusters we use a n1-standard-32 VM for the master (32 cores, 120GB RAM).  
+So what was the result?We run our tests on Google Compute Engine, setting the size of the master VM based on the size of the Kubernetes cluster. In particular for 1000-node clusters we use a n1-standard-32 VM for the master (32 cores, 120GB RAM).  
 
 
 #### API responsiveness 

content/en/blog/_posts/2016-07-00-Minikube-Easily-Run-Kubernetes-Locally.md

@@ -10,7 +10,7 @@ While Kubernetes is one of the best tools for managing containerized application
 
 For the past several months, several of us from the Kubernetes community have been working to fix this in the [Minikube](http://github.com/kubernetes/minikube) repository on GitHub. Our goal is to build an easy-to-use, high-fidelity Kubernetes distribution that can be run locally on Mac, Linux and Windows workstations and laptops with a single command.  
 
-Thanks to lots of help from members of the community, we're proud to announce the official release of Minikube. This release comes with support for [Kubernetes 1.3](https://kubernetes.io/blog/2016/07/kubernetes-1.3-bridging-cloud-native-and-enterprise-workloads), new commands to make interacting with your local cluster easier and experimental drivers for xhyve (on Mac OSX) and KVM (on Linux).  
+Thanks to lots of help from members of the community, we're proud to announce the official release of Minikube. This release comes with support for [Kubernetes 1.3](https://kubernetes.io/blog/2016/07/kubernetes-1.3-bridging-cloud-native-and-enterprise-workloads), new commands to make interacting with your local cluster easier and experimental drivers for xhyve (on macOS) and KVM (on Linux).  
 
 **Using Minikube**  
 
@@ -107,8 +107,8 @@ Here's a list of some of the things we're hoping to add to Minikube soon:
 
 
 
-- Native hypervisor support for OSX and Windows
-- We're planning to remove the dependency on Virtualbox, and integrate with the native hypervisors included in OSX and Windows (Hypervisor.framework and Hyper-v, respectively).
+- Native hypervisor support for macOS and Windows
+- We're planning to remove the dependency on Virtualbox, and integrate with the native hypervisors included in macOS and Windows (Hypervisor.framework and Hyper-v, respectively).
 - Improved support for Kubernetes features
 - We're planning to increase the range of supported Kubernetes features, to include things like Ingress.
 - Configurable versions of Kubernetes

content/en/blog/_posts/2016-08-00-Security-Best-Practices-Kubernetes-Deployment.md

@@ -30,7 +30,7 @@ There is work in progress being done in Kubernetes for image authorization plugi
 **Limit Direct Access to Kubernetes Nodes**  
 You should limit SSH access to Kubernetes nodes, reducing the risk for unauthorized access to host resource. Instead you should ask users to use "kubectl exec", which will provide direct access to the container environment without the ability to access the host.  
 
-You can use Kubernetes [Authorization Plugins](http://kubernetes.io/docs/admin/authorization/) to further control user access to resources. This allows defining fine-grained-access control rules for specific namespace, containers and operations.  
+You can use Kubernetes [Authorization Plugins](http://kubernetes.io/docs/reference/access-authn-authz/authorization/) to further control user access to resources. This allows defining fine-grained-access control rules for specific namespace, containers and operations.
 
 **Create Administrative Boundaries between Resources**  
 Limiting the scope of user permissions can reduce the impact of mistakes or malicious activities. A Kubernetes namespace allows you to partition created resources into logically named groups. Resources created in one namespace can be hidden from other namespaces. By default, each resource created by a user in Kubernetes cluster runs in a default namespace, called default. You can create additional namespaces and attach resources and users to them. You can use Kubernetes Authorization plugins to create policies that segregate access to namespace resources between different users.  
@@ -205,7 +205,7 @@ Reference [here](http://kubernetes.io/docs/api-reference/v1/definitions/#_v1_pod
 
 
 
-In case you are running containers with elevated privileges (--privileged) you should consider using the “DenyEscalatingExec” admission control. This control denies exec and attach commands to pods that run with escalated privileges that allow host access. This includes pods that run as privileged, have access to the host IPC namespace, and have access to the host PID namespace. For more details on admission controls, see the Kubernetes [documentation](http://kubernetes.io/docs/admin/admission-controllers/).
+In case you are running containers with elevated privileges (--privileged) you should consider using the “DenyEscalatingExec” admission control. This control denies exec and attach commands to pods that run with escalated privileges that allow host access. This includes pods that run as privileged, have access to the host IPC namespace, and have access to the host PID namespace. For more details on admission controls, see the Kubernetes [documentation](http://kubernetes.io/docs/reference/access-authn-authz/admission-controllers/).
 
 
 

content/en/blog/_posts/2017-02-00-Highly-Available-Kubernetes-Clusters.md

@@ -38,7 +38,7 @@ $ KUBE\_GCE\_ZONE=europe-west1-b ./cluster/kube-up.sh
 
 
 
-Now, we will add two additional pools of worker nodes, each of three nodes, in zones europe-west1-c and europe-west1-d (more details on adding pools of worker nodes can be find [here](http://kubernetes.io/docs/admin/multiple-zones/)):  
+Now, we will add two additional pools of worker nodes, each of three nodes, in zones europe-west1-c and europe-west1-d (more details on adding pools of worker nodes can be find [here](http://kubernetes.io/docs/setup/multiple-zones/)):  
 
 
  ```