Merge branch 'master' into release-1.8

Author: steveperry-53

_includes/partner-script.js

@@ -261,7 +261,7 @@
   		},
 		{
  			type: 2,
- 			name: 'inwinSTACK',
+ 			name: 'InwinSTACK',
  			logo: 'inwinstack',
  			link: 'http://www.inwinstack.com/index.php/en/solutions-en/',
  			blurb: 'Our container service leverages OpenStack-based infrastructure and its container orchestration engine Magnum to manage Kubernetes clusters.'
@@ -498,7 +498,7 @@
 			blurb: 'Generate a real-time, auto-discovered application topology map! Monitor Kubernetes pods and namespaces without any code instrumentation.'
 			},
 		{
-			type: 0,
+			type: 2,
 			name: 'Treasure Data',
 			logo: 'treasure-data',
 			link: 'https://fluentd.treasuredata.com/kubernetes-logging/',

docs/admin/authentication.md

@@ -168,7 +168,7 @@ with a value of `Basic BASE64ENCODED(USER:PASSWORD)`.
 
 ### Service Account Tokens
 
-Service accounts are an automatically enabled authenticator that uses signed
+A service account is an automatically enabled authenticator that uses signed
 bearer tokens to verify requests. The plugin takes two optional flags:
 
 * `--service-account-key-file` A file containing a PEM encoded key for signing bearer tokens.
@@ -281,8 +281,8 @@ Since all of the data needed to validate who you are is in the `id_token`, Kuber
 solution for authentication.  It does offer a few challenges:
 
 1.  Kubernetes has no "web interface" to trigger the authentication process.  There is no browser or interface to collect credentials which is why you need to authenticate to your identity provider first.
-2.  The `id_token` can't be revoked, it's like a certificate so it should be short-lived (only a few minutes) so it can be very annoying to have to get a new token every few minutes
-3.  There's no easy way to authenticate to the Kubernetes dashboard without using the `kubectl proxy` command or a reverse proxy that injects the `id_token`
+2.  The `id_token` can't be revoked, it's like a certificate so it should be short-lived (only a few minutes) so it can be very annoying to have to get a new token every few minutes.
+3.  There's no easy way to authenticate to the Kubernetes dashboard without using the `kubectl proxy` command or a reverse proxy that injects the `id_token`.
 
 
 #### Configuring the API Server
@@ -728,7 +728,7 @@ Finally, add the following parameters into API server start parameters:
 
         ./easyrsa --batch "--req-cn=${MASTER_IP}@`date +%s`" build-ca nopass
 1.  Generate server certificate and key.
-    (build-server-full [filename]: Generate a keypair and sign locally for a client or server)
+    (build-server-full [filename]: Generate a keypair and sign locally for a client or server.)
 
         ./easyrsa --subject-alt-name="IP:${MASTER_IP}" build-server-full server nopass
 1.  Copy `pki/ca.crt`, `pki/issued/server.crt`, and `pki/private/server.key` to your directory.
@@ -748,7 +748,7 @@ Finally, add the following parameters into API server start parameters:
 1.  According to the ca.key generate a ca.crt (use -days to set the certificate effective time):
 
         openssl req -x509 -new -nodes -key ca.key -subj "/CN=${MASTER_IP}" -days 10000 -out ca.crt
-1.  Generate a server.key with 2048bit
+1.  Generate a server.key with 2048bit:
 
         openssl genrsa -out server.key 2048
 1.  According to the server.key generate a server.csr:

partners/index.html

@@ -17,7 +17,7 @@ <h5>Kubernetes works with partners to create a strong, vibrant codebase that sup
         <div class="section group">
           <div class="col span_1_of_3"><center><h5><b>Kubernetes Certified Service Providers</b></h5>Vetted service providers with deep experience helping enterprises successfully adopt Kubernetes.<br><br><div><a href="#kcsp" class="button">See KCSP Partners</a></div></center></div>
           <div class="col span_2_of_3"><center><h5><b>Technology Partners</b></h5>Integrations and plugins that add features to Kubernetes applications.<br><br><br><div><a href="#technology" class="button">See Technology Partners</a></div></center></div>
-          <div class="col span_3_of_3"><center><h5><b>Service Providers</b></h5>Consulting or management services to help companies implement Kubernetes in commercial applications.<br><br><div><a href="#service" class="button">See Service Partners</a></div></center></div>
+          <div class="col span_3_of_3"><center><h5><b>Service Partners</b></h5>Consulting or management services to help companies implement Kubernetes in commercial applications.<br><br><div><a href="#service" class="button">See Service Partners</a></div></center></div>
         </div>
         <h3><a id="kcsp"></a>Kubernetes Certified Service Providers (KCSP)</h3>
         <p>The KCSP program is a vetted tier of service providers who have deep experience helping enterprises successfully adopt Kubernetes. KCSP partners offer Kubernetes support, consulting, professional services and training for organizations embarking on their Kubernetes journey.</p>
@@ -27,8 +27,8 @@ <h3><a id="technology"></a>Technology Partners</h3>
         <p>Technology partners offer integrations and plugins that add features to Kubernetes applications.</p>
         <p>Interested in becoming a Technology Partner? Please <a href="https://docs.google.com/forms/d/e/1FAIpQLSdN1KtSKX2VAOPGABFlShkSd6CajQynoL4QCVtY0dj76MNDKg/viewform">fill out this form.</a></p>
         <div id="isvContainer"></div>
-        <h3><a id="service"></a>Services Partners</h3>
-        <p>Service Providers offer consulting or management services to help companies implement and use Kubernetes in commercial applications.</p>
+        <h3><a id="service"></a>Service Partners</h3>
+        <p>Service Partners offer consulting or management services to help companies implement and use Kubernetes in commercial applications.</p>
         <p>Interested in becoming a Service Provider? Please <a href="https://docs.google.com/forms/d/e/1FAIpQLSdN1KtSKX2VAOPGABFlShkSd6CajQynoL4QCVtY0dj76MNDKg/viewform">fill out this form</a></p>
         <div id="servContainer"></div>
     </main>