fix: Modify the namespace entry name and refine yaml

apolloconfig · Oct 13, 2024 · dadaef2 · dadaef2
1 parent 811b6e2
commit dadaef2
Show file tree

Hide file tree

Showing 2 changed files with 33 additions and 31 deletions.
diff --git a/docs/en/client/java-sdk-user-guide.md b/docs/en/client/java-sdk-user-guide.md
@@ -421,11 +421,9 @@ The configuration methods, in descending order of priority, are
 
 Starting from version 2.4.0, the availability of the client in the Kubernetes environment has been enhanced. After enabling the ConfigMap cache, the client will cache a copy of the configuration information fetched from the server in the ConfigMap. In the case of service unavailability, network issues, and loss of local cache files, the configuration can still be restored from the ConfigMap. Here are the relevant configurations:
 
-> Since read and write operations on the ConfigMap are required, the pod where the client is located must have the corresponding permissions. The specific configuration method can be referred to below.
-
 `apollo.cache.kubernetes.enable`：Whether to enable the ConfigMap cache mechanism, the default is false.
 
-`apollo.configmap-namespace`：The namespace of the ConfigMap to be used (the namespace in Kubernetes), the default value is "default".
+`apollo.cache.kubernetes.configmap-namespace`：The namespace of the ConfigMap to be used (the namespace in Kubernetes), the default value is "default".
 
 The configuration information will be placed in the specified ConfigMap according to the following correspondence:
 
@@ -443,42 +441,44 @@ value: The content is the JSON format string of the corresponding configuration
 > 
 > namespace is the configuration namespace used by the application, which is generally application
 
-How to authorize a Pod's Service Account to have read and write permissions for ConfigMap:
+> Since read and write operations on the ConfigMap are required, the pod where the client is located must have the corresponding permissions. The specific configuration method can be referred to below.
 
+How to authorize a Pod's Service Account to have read and write permissions for ConfigMap:
 
 1. Create a Service Account: If there is no Service Account, you need to create one.
- ```apiVersion: v1
+ ```
+ apiVersion: v1
  kind: ServiceAccount
  metadata:
  name: my-service-account
- namespace: my-namespace
+ namespace: default
  ```
 2. Create a Role or ClusterRole: Define a Role or ClusterRole to grant read and write permissions for a specific ConfigMap. If the ConfigMap is used across multiple Namespaces, a ClusterRole should be used.
  ```
  apiVersion: rbac.authorization.k8s.io/v1
  kind: Role
  metadata:
- namespace: my-namespace
- name: configmap-reader
+ namespace: default
+ name: configmap-role
  rules:
  - apiGroups: [""]
  resources: ["configmaps"]
- verbs: ["get", "watch", "list", "update", "patch"]
+ verbs: ["get", "list", "watch", "create", "update", "delete"]
  ```
 3. Bind the Service Account to the Role or ClusterRole: Use RoleBinding or ClusterRoleBinding to bind the Service Account to the Role or ClusterRole created above.
  ```
  apiVersion: rbac.authorization.k8s.io/v1
  kind: RoleBinding
  metadata:
- name: configmap-reader-binding
- namespace: my-namespace
+  name: configmap-reader-binding
+  namespace: dafault
  subjects:
  - kind: ServiceAccount
  name: my-service-account
- namespace: my-namespace
-  roleRef:
+ namespace: dafault
+ roleRef:
  kind: Role
- name: configmap-reader
+ name: configmap-role
  apiGroup: rbac.authorization.k8s.io
  ```
 4. Specify the Service Account in the Pod configuration: Ensure that the Pod's configuration uses the Service Account created above.
@@ -487,7 +487,7 @@ How to authorize a Pod's Service Account to have read and write permissions for
  kind: Pod
  metadata:
  name: my-pod
- namespace: my-namespace
+ namespace: default
  spec:
  serviceAccountName: my-service-account
  containers:

diff --git a/docs/zh/client/java-sdk-user-guide.md b/docs/zh/client/java-sdk-user-guide.md
@@ -163,7 +163,7 @@ request.timeout=2000
 batch=2000
 ```
 
-> 注：部署在Kubernetes环境使用configmap缓存模式时，也会同时开启本地文件缓存以进一步提高可用性
+> 注：如果部署在Kubernetes环境中，您还可以启用configMap缓存来进一步提高可用性
 
 #### 1.2.3.1 自定义缓存路径
 
@@ -406,11 +406,9 @@ apollo.label=YOUR-APOLLO-LABEL
 
 在2.4.0版本开始，客户端在Kubernetes环境下的可用性得到了加强，开启configMap缓存后，客户端会将从服务端拉取到的配置信息在configMap中缓存一份，在服务不可用，或网络不通，且本地缓存文件丢失的情况下，依然能从configMap恢复配置。以下是相关配置
 
-> 由于需要对configmap进行读写操作，所以客户端所在pod必须有相应读写权限，具体配置方法可参考下文
-
-`apollo.cache.kubernetes.enable`：是否启动configMap缓存机制，默认false
+`apollo.cache.kubernetes.enable`：是否开启configMap缓存机制，默认false
 
-`apollo.configmap-namespace`：将使用的configMap所在的namespace（Kubernetes中的namespace），默认值为"default"
+`apollo.cache.kubernetes.configmap-namespace`：将使用的configMap所在的namespace（Kubernetes中的namespace），默认值为"default"
 
 配置信息会以下面的对应关系放置于指定的configmap中：
 
@@ -427,41 +425,45 @@ value:内容为对应的配置信息的json格式字符串
 > cluster是应用使用的集群，一般在本地模式下没有做过配置的话，是default 
 > namespace就是应用使用的配置namespace，一般是application
 
+> 由于需要对configmap进行读写操作，所以客户端所在pod必须有相应读写权限，具体配置方法可参考下文
+
 如何授权一个Pod的Service Account具有对ConfigMap的读写权限：
 1. 创建Service Account: 如果还没有Service Account，你需要创建一个。
- ```apiVersion: v1
+ ```
+ apiVersion: v1
  kind: ServiceAccount
  metadata:
  name: my-service-account
- namespace: my-namespace
+ namespace: default
  ```
 2. 创建Role或ClusterRole: 定义一个Role或ClusterRole，授予对特定ConfigMap的读写权限。如果ConfigMap是跨多个Namespace使用的，应该使用ClusterRole。
 
  ```
  apiVersion: rbac.authorization.k8s.io/v1
  kind: Role
  metadata:
- namespace: my-namespace
- name: configmap-reader
+ namespace: default
+ name: configmap-role
  rules:
  - apiGroups: [""]
  resources: ["configmaps"]
- verbs: ["get", "watch", "list", "update", "patch"]
+ verbs: ["get", "list", "watch", "create", "update", "delete"]
  ```
+
 3. 绑定Service Account到Role或ClusterRole: 使用RoleBinding或ClusterRoleBinding将Service Account绑定到上面创建的Role或ClusterRole。
  ```
  apiVersion: rbac.authorization.k8s.io/v1
  kind: RoleBinding
  metadata:
- name: configmap-reader-binding
- namespace: my-namespace
+  name: configmap-reader-binding
+  namespace: dafault
  subjects:
  - kind: ServiceAccount
  name: my-service-account
- namespace: my-namespace
-  roleRef:
+ namespace: dafault
+ roleRef:
  kind: Role
- name: configmap-reader
+ name: configmap-role
  apiGroup: rbac.authorization.k8s.io
  ```
 4. 在Pod配置中指定Service Account: 确保Pod的配置中使用了上面创建的Service Account。
@@ -470,7 +472,7 @@ value:内容为对应的配置信息的json格式字符串
  kind: Pod
  metadata:
  name: my-pod
- namespace: my-namespace
+ namespace: default
  spec:
  serviceAccountName: my-service-account
  containers: