en-us.yaml

##############################
# Special stuff
##############################
generic:
  unified: Unified
  split: Split
  userMenu: user menu
  actionMenu: action menu
  namespaceFilter: namespace filter menu
  imageAlt: Generic Rancher image alt
  banners:
    altCloseBanner: Close banner icon
    bannerIcon: Banner icon
  filterNamespaces: filter namespaces
  clearSearch: clear search
  clearFilters: clear filters
  userAvatar: user avatar
  add: Add
  all: All
  ascending: ascending
  and: ' and '
  back: Back
  cancel: Cancel
  confirm: Confirm
  colorPicker: Color picker
  clear: Clear
  clearAll: Clear All
  close: Close
  comingSoon: Coming Soon
  comma: ', '
  copy: Copy
  copyToClipboard: Copy text to Clipboard
  copyValueToClipboard: 'Copy {value} to Clipboard'
  copiedToClipboard: Text copied to Clipboard
  create: Create
  created: Created
  customize: Customize
  dashboard: Dashboard
  default: Default
  descending: descending
  disabled: Disabled
  done: Done
  enabled: Enabled
  error: Error
  here: here
  id: ID
  ignored: Ignored
  invalidCron: Invalid cron schedule
  inProgress: In Progress
  imagePullPolicy:
    always: Always
    ifNotPresent: IfNotPresent
    never: Never
  labels: Labels
  labelsAndAnnotations: Labels & Annotations
  podSecurityAdmission: Pod Security Admission
  links: Links
  loading: Loading…
  members: Members
  na: n/a
  name: Name
  never: Never
  none: None
  notFound: Not Found
  number: '{prefix}{value, number}{suffix}'
  notification:
    title:
      succeed: Succeed
      info: Info
      warning: Warning
      error: Error
  ok: OK
  other: |-
    {count, plural,
    one  {other}
    other {others}
    }
  overview: Overview
  plusMore: "+ {n} more"
  readFromFile: Read from File
  readFromFileArea: Read from File - {area}
  readFromFolder: Read from Folder
  reload: Reload
  register: Register
  remove: Remove
  delete: Delete
  addCatalog: Add Catalog
  resource: |-
    {count, plural,
    one  {resource}
    other {resources}
    }
  resourceCount: |-
    {count, plural,
    one  {1 resource}
    other {# resources}
    }
  save: Save
  showAdvanced: Show Advanced
  hideAdvanced: Hide Advanced
  techPreview: Tech Preview
  type: Type
  unknown: Unknown
  upload: Upload
  provisioning: '—'
  key: Key
  value: Value
  yes: Yes
  no: No
  units:
    time:
        5s: 5s
        10s: 10s
        30s: 30s
        1m: 1m
        5m: 5m
        15m: 15m
        30m: 30m
        1h: 1h
        2h: 2h
        6h: 6h
        1d: 1d
        7d: 7d
        30d: 30d
  tooltip: Tooltip
  completed: Completed
  enable: Enable
  disable: Disable
  experimental: Experimental
  primeOnly: Prime Only

  deprecated: Deprecated
  upgradeable: Upgradeable
  installed: Installed
  installedMultiple: Installed (multiple)
  featured: Featured
  shortFeatured: Feat
  category: Category
  tags: Tags
  tag: Tag
  placeholder: "e.g. {text}"
  moreInfo: More Info
  selectors:
    label: Selector
    matchingResources:
      matchesSome: |-
        {matched, plural,
          =0 {Matches 0 of {total, number}}
          =1 {Matches 1 of {total, number}: "{sample}"}
          other {Matches {matched, number} of {total, number}, including "{sample}"}
        }
  basic: Basic
  ariaLabel:
    keyValue: Key-Value input
    key: Key for row {index}
    value: Value for row {index}
    remove: remove row {index}
    addKeyValue: Add a new Key-Value row
    readKeyValue: read  Key-Values from file
    genericAddRow: Add a new row
    arrayList: Array list input
    genericRow: row {index}
  showLess: Show less
  showMore: Show more
  externalIps: External IPs
  internalIps: Internal IPs
  opensInNewTab: Opens in a new tab
  autogeneratedCreated:
    title: "Created {resource}"
    message: "{resource} {id} has been created."

tabs:
  addItem: Add a new tab item
  removeItem: Remove selected tab item

graph:
  noPermissions: You do not have permission to Graph view
  loading: Loading chart data...
  rendering: Rendering chart...

locale:
  menu: Locale selector menu
  en-us: English
  zh-hans: 简体中文
  none: (None)

nav:
  skipToContent: Skip to main content
  ariaLabel:
    clusterIconKeyCombo: Cluster keyboard shortcut combination icon
    localClusterIcon: Local Cluster icon
    clusterProvIcon: Cluster {cluster} provider icon
    topLevelMenu: Main menu
    sideNav: Secondary menu
    homePage: Home page navigation menu
    cluster: Cluster menu item
    harvesterCluster: Harvester cluster menu item
    seeAll: See all clusters menu item
    multiClusterApps: Main menu multi cluster app menu item
    configurationApps: Main menu configuration app menu item
    support: Support page link
    about: About page link
    pinCluster: Pin/Unpin {cluster} cluster
    collapseExpand: Collapse/Expand menu group
    productAboutPage: Product about page link
  alt:
    mainMenuIcon: Main menu icon
    mainMenuRancherLogo: Main menu Rancher logo
    userAvatar: User avatar image
  expandCollapseAppBar: Expand/Collapse the Application Bar
  harvesterDashboard: Harvester Dashboard
  backToRancher: Cluster Manager
  tools: Tools
  clusterTools: Cluster Tools
  kubeconfig:
    download: Download KubeConfig
    copy: Copy KubeConfig to Clipboard
    options: KubeConfig Options
  import: Import YAML
  home: Home
  shell: Kubectl Shell
  shellShortcut: Kubectl Shell {key}
  support: |-
    {hasSupport, select,
      true {Support}
      other {Get Support}
    }
  restoreSnapshot: Restore Snapshot
  rotateCertificates: Rotate Certificates
  rotateEncryptionKeys: Rotate Encryption Keys
  takeSnapshot: Take Snapshot
  seeAllClusters: See all clusters
  seeAllClustersCollapsed: See all
  keyComboTooltip: Switch clusters and keep location
  group:
    cluster: Cluster
    inUse: More Resources
    Policy: Policy
    rbac: RBAC
    serviceDiscovery: Service Discovery
    starred: Starred
    storage: Storage
    workload: Workloads
    monitoring: Monitoring
    advanced: Advanced
    providers: Providers
    RKE1Configuration: RKE1 Configuration
    admission: Admission
    apps: Apps
    clusterProvisioning: Cluster Provisioning
    jwt.authentication: JWT Authentication
    core: Core
    legacy: Legacy
    API: API
    Coordination: Coordination
    Discovery: Discovery
    Fleet: Fleet
    K3s: K3s
    Networking: Networking
    Rancher: Rancher
    RBAC: RBAC
    Scheduling: Scheduling
    Storage: Storage
    Project: Project
    resources: Resources
  ns:
    all: All Namespaces
    clusterLevel: Only Cluster Resources
    namespace: "{name}"
    namespaced: Only Namespaced Resources
    orphan: Not in a Project
    project: "Project: {name}"
    system: Only System Namespaces
    user: Only User Namespaces
  apps: Apps
  categories:
    explore: Explore Cluster
    multiCluster: Global Apps
    legacy: Legacy Apps
    configuration: Configuration
    hci: HCI
  search:
    placeholder: Filter clusters by...
    noResults: No matching clusters
    clusters: clusters
    ariaLabel: Filter clusters on main menu
  resourceSearch:
    label: Resource Type Search
    prompt: Search for a Kubernetes Resource/Custom Resource type
    toolTip: Resource Type Search {key}
    placeholder: Type to search for a resource type...
    filteringDescription: Using this input will immediately filter the results in the list below
  header:
    setLoginPage: Set as login page
    showHideBanner: Show/Hide Banner
  userMenu:
    preferences: Preferences
    accountAndKeys: Account & API Keys
    logOut: Log Out
    label: User menu
    button:
      label: Open user menu
  actionMenu:
    label: Page actions menu
    button:
      label: Open page actions menu
  notifications:
    label: Notification Center
    button:
      label: Open notification center
  failWhale:
    authMiddleware: Auth Middleware
    clusterNotFound: Cluster { clusterId } not found
    productNotFound: Product { productNotFound } not found
    resourceNotFound: Resource type { resource } not found
    resourceListNotListable: Resource type { resource } cannot be listed
    resourceListNotFound: Resource type { resource } not found, unable to display list
    resourceIdNotFound: Resource { resource } with id { fqid } not found, unable to display resource details
    reload: Reload
    separator: or

product:
  apps: Apps
  auth: Users & Authentication
  backup: Rancher Backups
  compliance: Compliance
  ecm: Cluster Manager
  explorer: Cluster Explorer
  fleet: Continuous Delivery
  longhorn: Longhorn
  manager: Cluster Management
  gatekeeper: OPA Gatekeeper
  istio: Istio
  logging: Logging
  settings: Global Settings
  clusterManagement: Cluster Management
  monitoring: Monitoring
  neuvector: NeuVector
  harvesterManager: Virtualization Management
  rancher: Rancher
  legacy: Legacy
  uiplugins: Extensions
  elemental: OS Management
  plugins: Plugins

suffix:
  percent: "%"
  milliCpus: milli CPUs
  cores: Cores
  cpus: CPUs
  gpus: GPUs
  ib: iB
  mib: MiB
  gb: GB
  ago: ago
  revisions: |-
    {count, plural,
      =1 { Revision }
      other { Revisions }
    }
  seconds: |-
    {count, plural,
      =1 { Second }
      other { Seconds }
    }
  sec: Sec
  times: |-
    {count, plural,
      =1 { Time }
      other { Times }
    }

##############################
# Components & Pages
##############################
layouts:
  home: home layout
  plain: plain layout
  default: default layout
  blank: blank layout
  unauthenticated: unauthenticated layout
  logout: logout layout
  verify: verify layout
  
about:
  title: About
  versions:
    downloadImages: "Download {listName} images list"
    downloadCli: "Download CLI for {os}"
    githubRepo: "Open GitHub repository for the {name} component"
    title: Versions
    component: Component
    version: Version
    cli: CLI
    helm: Helm
    machine: Machine
    rancher: Rancher
    releaseNotes: 'View release notes'
  os:
    mac: macOS
    windows: Windows
    linux: Linux
  downloadImageList:
    title: Image Lists
  downloadCLI:
    title: CLI Downloads
  diagnostic:
    title: Diagnostics
    checkboxTooltip: Supplement diagnostics data with response times for the top 10 resources. These may take a while to complete
    checkboxLabel: Make additional requests
    systemInformation:
      subtitle: System Information
      browser: Browser
      browserInfo: "User Agent: {userAgent}, Language: {language}, Cookies Enabled: {cookieEnabled}"
      system: System
      jsMemory: Javascript Memory
      deviceMemory: "Device Memory: {deviceMemory}"
      hardwareConcurrency: "Hardware Concurrency: {hardwareConcurrency}"
      os: "OS: {platform}"
      memJsHeapLimit: "Heap Size limit: {jsHeapSizeLimit}"
      memTotalJsHeapSize: "Total Heap Size: {totalJSHeapSize}"
      memUsedJsHeapSize: "Used Heap Size: {usedJSHeapSize}"
    logs:
      subtitle: Latest Logs
    resourceCounts: |-
      {count, plural,
        one { Resource Counts by Cluster ({count} cluster)}
        other { Resource Counts by Cluster ({count} clusters)}
      }
    modal:
      title: Response times have not yet been generated.
      body: Generate response times to offer more specific information.

accountAndKeys:
  title: Account and API Keys
  account:
    title: Account
    change: Change Password
  apiKeys:
    title: API Keys
    notAllowed: You do not have permission to manage API Keys
    apiEndpoint: "API Endpoint:"
    copyApiEnpoint: Copy API Endpoint to clipboard
    add:
      description:
        label: Description
        placeholder: Optionally enter a description to help you identify this API Key
      label: Create API Key
      ariaLabel:
        expiration: Expiration duration - number input
        expirationUnits: Expiration unit - time unit
      expiry:
        label: Automatically expire
        options:
          never: Never
          day: A day from now
          month: A month from now
          year: A year from now
          custom: Custom
          maximum: "{value} - Maximum allowed"
      customExpiry:
        options:
          minute: Minutes
          hour: Hours
          day: Days
          month: Months
          year: Years
      scope: Scope
      noScope: No Scope
    info:
      accessKey: Access Key
      secretKey: Secret Key
      bearerToken: Bearer Token
      saveWarning: Save the info above! This is the only time you'll be able to see it. If you lose it, you'll need to create a new API key.
      keyCreated: A new API Key has been created
      bearerTokenTip: "Access Key and Secret Key can be sent as the username and password for HTTP Basic auth to authorize requests. You can also combine them to use as a Bearer token:"
      ttlLimitedWarning: The Expiry time for this API Key was reduced due to system configuration

addClusterMemberDialog:
  title: Add Cluster Member

addonConfigConfirmation:
  title: Add-On Reset
  body: Add-On Configuration has changed between Kubernetes versions <b>{previousKubeVersion}</b> and <b>{newKubeVersion}</b> and conflict with your previous values for Add-On {addons}. As a result please re-apply them before continuing.

addProjectMemberDialog:
  title: Add Project Member

authConfig:
  slo:
    sloTitle: Log Out behavior
    sloOptions:
      onlyRancher: Log out of Rancher and not {name}
      logoutAll: Log out of Rancher and {name} (includes all other applications registered with {name})
      choose: Allow the user to choose one of the above in an additional log out step
  accessMode:
    label: 'Configure who should be able to login and use {vendor}'
    required: Restrict access to only the authorized users & groups
    restricted: 'Allow members of clusters and projects, plus authorized users & groups'
    unrestricted: Allow any valid user
  allowedPrincipalIds:
    title: Authorized Users & Groups
  associatedWarning: 'The {provider} account that is used to enable the external provider will be granted admin permissions. If you use a test account or non-admin account, that account will still be granted admin-level permissions. See <a href="{docsBase}/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config#external-authentication-configuration-and-principal-users" target="_blank" rel="noopener noreferrer nofollow">External Authentication Configuration and Principal Users</a> to understand why.'
  githubapp:
    clientId:
      label: Client ID
    clientSecret:
      label: Client Secret
    githubAppId:
      label: Github App ID
    installationId:
      label: Installation ID
    privateKey:
      label: Private Key
    warning: The GitHub App authentication provider only works with <a href="https://docs.github.com/en/get-started/learning-about-github/types-of-github-accounts" target="_blank" rel="noopener noreferrer nofollow">GitHub Organization accounts</a>. It does not support User accounts.
    form:
      prefix:
        1: <li>Open your <a href="{baseUrl}/settings/organizations" target="_blank" rel="noopener noreferrer nofollow">GitHub organization settings</a> in a new window</li>
        2: <li>To the right of the organization, click "Settings"</li>
        3: <li>In the left sidebar, click "Developer settings" -> "GitHub Apps"</li>
        4: <li>Click "New Github App"</li>
      instruction: 'Fill in the form with these values:'
      app:
        label: GitHub App name 
        value: 'Anything you like, e.g. My {vendor}'
      callback:
        label: Callback URL
        value: '{serverUrl}/verify-auth'
      description:
        label: Application description
        value: 'Optional, can be left blank'
      homepage:
        label: Homepage URL
      create: Click "Create Github App"
      suffix:
        1: <li>Under Client Secrets, click "Generate a new client secret"</li>
        2: <li>Under Private Keys, click "Generate a private key"</li>
        3: <li>Copy and paste the "App ID", "Client ID", "Client Secret", and "Private Key" of your newly created OAuth app into the fields below</li>
    host:
      label: GitHub Enterprise Host
      placeholder: e.g. github.mycompany.example
    target:
      label: Which version of GitHub do you want to use?
      private: A private installation of GitHub Enterprise
      public: Public GitHub.com
    table:
      server: Server
      clientId: Client ID
  github:
    clientId:
      label: Client ID
    clientSecret:
      label: Client Secret
    form:
      app:
        label: Application name
        value: 'Anything you like, e.g. My {vendor}'
      callback:
        label: Authorization callback URL
      description:
        label: Application description
        value: 'Optional, can be left blank'
      homepage:
        label: Homepage URL
      instruction: 'Fill in the form with these values:'
      prefix:
        1: <li><a href="{baseUrl}/settings/developers" target="_blank" rel="noopener noreferrer nofollow">Click here</a> to go to GitHub application settings in a new window.</li>
        2: <li>Click on the "OAuth Apps" tab.</li>
        3: <li>Click the "New OAuth App" button.</li>
      suffix:
        1: <li>Click "Register application"</li>
        2: <li>Copy and paste the Client ID and Client Secret of your newly created OAuth app into the fields below</li>
    host:
      label: GitHub Enterprise Host
      placeholder: e.g. github.mycompany.example
    target:
      label: Which version of GitHub do you want to use?
      private: A private installation of GitHub Enterprise
      public: Public GitHub.com
    table:
      server: Server
      clientId: Client ID
  googleoauth:
    adminEmail: Admin Email
    domain: Domain
    oauthCredentials:
      label: OAuth Credentials
      tip: The OAuth Credentials JSON can be found in the Google API developers console.
    serviceAccountCredentials:
      label: Service Account Credentials
      tip: The Service Account Credentials JSON can be found in the service accounts section of the Google API developers console.
    steps:
      1:
        title: 'Click <a href="https://console.developers.google.com/apis/credentials" target="_blank" rel="noopener noreferrer nofollow">here</a> to open applications settings in a new window'
        body:
         1: Login to your account. Navigate to "APIs & Services" and then select "OAuth consent screen".
         2: 'Authorized domains:'
         3: 'Application homepage link: '
         4: 'Under Scopes for Google APIs, enable "email", "profile", and "openid".'
         5: 'Click on "Save".'
        topPrivateDomain: 'Top private domain of:'
        ariaLabel:
          hostname: Copy Hostname to clipboard
          serverUrl: Copy Server URL to clipboard
      2:
        title: 'Navigate to the "Credentials" tab to create your OAuth client ID'
        body:
          1: 'Select the "Create Credentials" dropdown, and select "OAuth clientID", then select "Web application".'
          2: 'Authorized Javascript origins:'
          3: 'Authorized redirect URIs:'
          4: 'Click "Create", and then click on the "Download JSON" button.'
          5: 'Upload the downloaded JSON file in the OAuth credentials box.'
        ariaLabel:
          serverUrlVerify: Copy Server Auth Verfication URL to clipboard
      3:
        title: 'Create Service Account credentials'
        introduction: 'Follow <a href="{docsBase}/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/authentication-config/configure-google-oauth#3-creating-service-account-credentials" target="_blank" rel="noopener noreferrer nofollow">this</a> guide to:'
        body:
          1: Create a service account.
          2: Generate a key for the service account.
          3: Add the service account as an OAuth client in your google domain.
  ldap:
    freeipa: Configure a FreeIPA server
    activedirectory: Configure an Active Directory account
    openldap: Configure an OpenLDAP server
    defaultLoginDomain:
      label: Default Login Domain
      placeholder: eg mycompany
      hint: This domain will be used if a user logs in without specifying one.
    cert: Certificate
    disabledStatusBitmask: Disabled Status Bitmask
    groupDNAttribute: Group DN Attribute
    groupMemberMappingAttribute: Group Member Mapping Attribute
    groupMemberUserAttribute: Group Member User Attribute
    groupSearchBase:
      label: Group Search Base
      placeholder: 'ou=groups,dc=mycompany,dc=com'
    hostname:
      label: Hostname/IP
      placeholder: eg server1,server2
      hint: Multiple servers can be specified as a comma separated list
    loginAttribute: Login Attribute
    nameAttribute: Name Attribute
    nestedGroupMembership:
      label: Nested Group Membership
      options:
        direct: Search only direct group memberships
        nested: Search direct and nested group memberships
    objectClass: Object Class
    password: Password
    port: Port
    protocol: Protocol
    protocols:
      starttls: Start TLS
      ldap: LDAP
      tls: LDAPS (TLS)
    customizeSchema: Customize Schema
    oktaSchema: 'The defaults below are for a generic OpenLDAP server. For more information on the values to use when using the Okta LDAP interface, see: <a target="_blank" rel="noopener noreferrer nofollow" href="https://help.okta.com/en-us/Content/Topics/Directory/LDAP-interface-connection-settings.htm">Okta LDAP Interface connection settings</a>'
    users: Users
    groups: Groups
    searchAttribute: Search Attribute
    searchFilter: Search Filter
    serverConnectionTimeout: Server Connection Timeout
    serviceAccountDN: Service Account Distinguished Name
    serviceAccountPassword: Service Account Password
    serviceAccountInfo: '{vendor} needs a service account that has read-only access to all of the domains that will be able to login, so that we can determine what groups a user is a member of when they make a request with an API key.'
    starttls:
      label: Start TLS
      tip: Upgrades non-encrypted connections by wrapping with TLS during the connection process. Can not be used in conjunction with TLS.
    searchUsingServiceAccount:
      label: Enable Service Account Search
      tip: When enabled, Rancher will use the service account instead of the user account to search for users and groups.
    tls: TLS
    userEnabledAttribute: User Enabled Attribute
    userMemberAttribute: User Member Attribute
    userLoginFilter: User Login Filter
    userSearchBase:
      label: User Search Base
      placeholder: 'e.g. ou=users,dc=mycompany,dc=com'
    username: Username
    usernameAttribute: Username Attribute
    table:
      server: Server
      clientId: Client ID
  saml:
    entityID: Entity ID Field
    UID: UID Field
    adfs: Configure an AD FS account
    api: '{vendor} API Host'
    cert:
      label: Certificate
      placeholder: Paste in the certificate, starting with -----BEGIN CERTIFICATE-----
    displayName: Display Name Field
    groups: Groups Field
    key:
      label: Private Key
      placeholder: Paste in the private key, typically starting with -----BEGIN RSA PRIVATE KEY-----
    keycloak: Configure a Keycloak account
    metadata:
      label: Metadata XML
      placeholder: Paste in the IDP Metadata XML
    okta: Configure an Okta account
    ping: Configure a Ping account
    shibboleth: Configure a Shibboleth account
    showLdap: Configure an OpenLDAP Server
    userName: User Name Field
    search:
      title: User and Group Search
      message: The SAML Protocol does not support search or lookup for users or groups. In order to enabled search, an OpenLDAP server must be configured.
      on: LDAP User and Group search has been configured
      off: LDAP User and Group search is not configured
      show: Show details
      hide: Hide details
  azuread:
    tenantId:
      label: Tenant ID
      tooltip: From the Microsoft Entra admin center
      placeholder: A long UUID string
    applicationId:
      label: Application ID
      placeholder: A long UUID string
    applicationSecret:
      label: Application Secret
    endpoint:
      label: Endpoint
    endpoints:
      label: Endpoints
      standard: Standard
      china: China
      custom: Custom
    graphEndpoint:
      label: Graph Endpoint
    tokenEndpoint:
      label: Token Endpoint
    authEndpoint:
      label: Auth Endpoint
    groupMembershipFilter:
      label: Group Membership Filter
      enable: Limit users by group membership
      tooltip: Limit users by applying a GroupMembershipFilter
      externalHelp: See the OData filter expression documentation for more information.
      externalHelpLink: https://learn.microsoft.com/en-us/dynamics365/business-central/dev-itpro/webservices/use-filter-expressions-in-odata-uris#filter-expressions
    reply:
      info: 'Microsoft Entra ID requires a whitelisted URL for your Rancher server before beginning this setup. Please ensure that the following URL is set in the Reply URL section of your Microsoft Entra admin center. Please note that it may take up to 5 minutes for the whitelisted URL to propagate.'
      label: Reply URL
      ariaLabel: Copy Reply URL to clipboard
    updateEndpoint:
      button: Update Endpoint
      banner:
        message: 'Microsoft Entra ID Authentication must be updated: it is using the Azure AD Graph API, which was deprecated at the end of 2022.'
        linkText: 'Update it here.'
      modal:
        title: Are you sure? This update is irreversible.
        body: '<p><b>You may need to make some additional changes</b>. Please ensure the Microsoft Entra ID app has the Directory.Read.All <b>Application</b> permission added to Microsoft Graph.<br> If any endpoints were customized while configuring Microsoft Entra ID authentication in Rancher, they will not be automatically updated. </p>'
  oidc:
    endSessionEndpoint: 
      title: End Session Endpoint
      tooltip: Provider specific URL used for logging a user out of their session
    genericoidc: Configure an OIDC account
    keycloakoidc: Configure a Keycloak OIDC account
    cognito: Configure an Amazon Cognito account
    rancherUrl: Rancher URL
    clientId: Client ID
    clientSecret: Client Secret
    customEndpoint:
      label: Endpoints
      custom: Specify
      standard: Generate
    url: URL
    realm: Realm
    keycloak:
      url: Keycloak URL
      realm: Keycloak Realm
    issuer: Issuer
    authEndpoint: Auth Endpoint
    jwksUrl: JWKS URL
    tokenEndpoint: Token Endpoint
    userInfoEndpoint: User Info Endpoint
    acrValue: Authorization Context Reference
    customClaims:
      label: Custom Claims
      enable:
        label: Add custom claims
        tooltip: Manually map OIDC claims when your provider doesn’t use standard claim names in tokens.
      nameClaim: 
        label: Custom Name Claim
      groupsClaim: 
        label: Custom Groups Claim
      emailClaim: 
        label: Custom Email Claim
    cognitoIssuer: Issuer URL
    cognitoHelp: "You will need to create an application client in Cognito of type <b>Traditional web application</b> with the Return URL set to the URL shown below."
    scope:
      label: Scopes
      placeholder: openid
      protip: The <code>openid</code>, <code>profile</code>, and <code>email</code> scopes are required and cannot be removed.
    pkce:
      label: Enable PKCE (S256)
      tooltip: Enable Proof Key for Code Exchange (PKCE) using the S256 code challenge method. When enabled, this client must use PKCE with S256 for authorization requests.
    pkceMethod:
      label: PKCE Method
    cert:
      label: Certificate
      placeholder: Paste in the certificate, starting with -----BEGIN CERTIFICATE-----
    key:
      label: Private Key
      placeholder: Paste in the private key, typically starting with -----BEGIN RSA PRIVATE KEY-----
    groupSearch:
      label: Enable group search
      tooltip: Allows users with appropriate permissions to search and view all groups within the OIDC provider's realm. This can be useful for administrators who need to assign global roles to groups that they are not currently a member of.
    clientAuthenticatedSearch:
      label: Enable client authenticated search
      tooltip: Use the OIDC Client Credentials to authenticate to Keycloak when searching for users or groups. This will bypass user-based RBAC within the realm
  stateBanner:
    disabled: 'The {provider} authentication provider is currently disabled.'
    enabled: 'The {provider} authentication provider is currently enabled.'
  testAndEnable: Test and Enable Authentication
  noneEnabled: Local Authentication is always enabled, but you may select another additional authentication provider from those shown below.
  localEnabled: '{vendor} is configured to allow access to accounts in its local database.'
  manageLocal: Manage Accounts

authGroups:
  actions:
    refresh: Refresh Group Memberships
    assignRoles: Assign Global Roles
  assignEdit:
    assignTitle: Assign Global Roles To Group

assignTo:
  title: |-
    {count, plural,
      =1 { Assign Cluster To&hellip; }
      other { Assign {count} Clusters To&hellip; }
    }
  labelsTitle: |-
    {count, plural,
      =1 { Assign Cluster To&hellip; }
      other { Assign {count} Clusters To&hellip; }
    }
  workspace: Workspace

asyncButton:
  alt:
    iconAlt: Async button icon
  registerApplication:
    action: Add Application
    success: Added
    waiting: Adding&hellip;
  saveApplication:
    action: Save Application
    success: Saved
    waiting: Saving&hellip;
  apply:
    action: Apply
    success: Applied
    waiting: Applying&hellip;
  add:
    action: Add
    success: Added
    waiting: Adding&hellip;
  continue:
    action: Continue
    success: Saved
    waiting: Saving&hellip;
  copy:
    action: Click to Copy
    success: Copied!
  create:
    action: Create
    success: Created
    waiting: Creating&hellip;
  default:
    action: Action
    error: Error
    success: Success
    waiting: Waiting
  delete:
    action: Delete
    success: Deleted
    waiting: Deleting&hellip;
  disable:
    action: Disable
    success: Disabled
    waiting: Disabling&hellip;
  activate:
    action:  Activate
    waiting: Activating&hellip;
    success: Activated
  deactivate:
    action:  Deactivate
    waiting: Deactivating&hellip;
    success: Deactivated
  diagnostic:
    action: Download Diagnostic Package
    success: Saving
    waiting: Downloading&hellip;
  done:
    action: Done
    success: Saved
    waiting: Saving&hellip;
  download:
    action: Download
    success: Saving
    waiting: Downloading&hellip;
  downgrade:
    action: Downgrade
    success: Downgraded
    waiting: Downgrading&hellip;
  drain:
    action: Drain
    success: Drained
    waiting: Draining&hellip;
  edit:
    action: Save
    success: Saved
    waiting: Saving&hellip;
  editVersion:
    action: Save changes
    success: Saved
    waiting: Saving changes&hellip;
  editAndContinue:
    action: Save and Continue
    success: Saved
    waiting: Saving&hellip;
  enable:
    action: Enable
    success: Enabled
    waiting: Enabling&hellip;
  finish:
    action: Finish
    success: Finished
    waiting: Finishing&hellip;
  import:
    action: Import
    success: Imported
    waiting: Importing&hellip;
  install:
    action: Install
    success: Installed
    waiting: Installing&hellip;
  installVersion:
    action: Install this version
    success: Installed
    waiting: Installing&hellip;
  load:
    action: Load
    success: Loaded
    waiting: Loading&hellip;
  pause:
    action: Pause Orchestration
    success: Paused Orchestration
    waiting: Pausing Orchestration
    description: New revisions will not be deployed because orchestration is temporarily paused. To deploy new revisions, resume orchestration.
  refresh:
    action: ''
    actionIcon: refresh
    error: ''
    errorIcon: error
    success: ''
    successIcon: checkmark
    waiting: ''
    waitingIcon: refresh
  manual-refresh:
    action: ''
    actionIcon: refresh
    error: ''
    errorIcon: error
    success: ''
    successIcon: checkmark
    waiting: ''
    waitingIcon: refresh
  remove:
    action: Remove
    success: Removed
    waiting: Removing&hellip;
  restore:
    action: Restore
    waiting: Restoring&hellip;
    success: Restored
  resume:
    action: Resume Orchestration
    success: Resumed Orchestration
    waiting: Resuming Orchestration
  redeploy:
    action: Redeploy
    success: Redeployed
    waiting: Redeploying Workload
  rollback:
    action: Rollback
    success: Rolled Back
    waiting: Rolling Back&hellip;
  rotate:
    action: Rotate
    waiting: Rotating&hellip;
    success: Rotated
  run:
    action: Run
    waiting: Running&hellip;
    success: Completed
  snapshot:
    action: Snapshot Now
    waiting: Snapshot Initiated&hellip;
    success: Snapshot Creating
  timing:
    action: Generate Response Times
    waiting: Generating&hellip;
    success: Response Times Generated
  uninstall:
    action: Uninstall
    success: Uninstalled
    waiting: Uninstalling&hellip;
  update:
    action: Update
    success: Updated
    waiting: Updating&hellip;
  upgrade:
    action: Upgrade
    success: Upgraded
    waiting: Upgrading&hellip;
  generate:
    action: Generate
    success: Generated
    waiting: Generating&hellip;

backupRestoreOperator:
  monitoring:
    label: Monitoring
    enableMetrics: Enable Metrics
    enableServiceMonitor: Enable ServiceMonitor
    serviceMonitorTooltip: Requires rancher-monitoring to be installed before this can be enabled.
  backup:
    label: Resource Set
    description: The Resource Set determines which resources the backup-restore-operator collects in a backup
    enableEncryptionWarning: 'Enabling encryption is highly recommended when using <b><i>Full Rancher backup resource set</i></b>, otherwise sensitive information will be backed up as plain-text. <a target="_blank" rel="noopener noreferrer nofollow" href="https://ranchermanager.docs.rancher.com/reference-guides/backup-restore-configuration/backup-configuration#resourcesets">Read more</a>.'
    missingResourceSetWarning: The <b><i>{resourceSet}</i></b> resource set doesn't exist, it's possible it has been deleted. Please select a different option.
    resourceSetOptions:
      'rancher-resource-set-basic': 'Basic Rancher backup resource set'
      'rancher-resource-set-full': 'Full Rancher backup resource set'
      custom: Custom
      customResourceSetLabel: Custom Resource Set
  backupFilename: Backup Filename
  deleteTimeout:
    label: Delete Timeout
    tip: Seconds to wait for a resource delete to succeed before removing finalizers to force deletion.
  deployment:
    rancherNamespace: Rancher ResourceSet Namespace
    size: Size
    storage:
      label: Default Storage Location
      options:
        defaultStorageClass: 'Use the default storage class ({name})'
        none: No default storage location
        pickPV: Use an existing persistent volume
        pickSC: Use an existing storage class
        s3: Use an S3-compatible object store
      persistentVolume:
        label: Persistent Volume
      storageClass:
        label: Storage Class
      tip: 'Configure a storage location where all backups are saved by default. You will have the option to override this with each backup, but will be limited to using an S3-compatible object store.'
      warning: 'This {type} does not have its reclaim policy set to "Retain".  Your backups may be lost if the volume is changed or becomes unbound.'
  encryption: Encryption
  encryptionConfigName:
    backuptip: 'Any secret in the <code>{ns}</code> namespace that has an <code>encryption-provider-config.yaml</code> key. <br/>The contents of this file are necessary to perform a restore from this backup, and are not stored by Rancher Backup.'
    label: Encryption Configuration Secret
    options:
      none: Store the contents of the backup unencrypted
      secret: 'Encrypt backups using an <a target="_blank" rel="noopener noreferrer nofollow" href="https://kubernetes.io/docs/tasks/administer-cluster/encrypt-data/#understanding-the-encryption-at-rest-configuration">Encryption Config Secret</a> (Recommended)'
    restoretip: 'If the backup was performed with encryption enabled, a secret containing the same encryption-provider-config should be used during restore.'
    warning: 'The contents of this file are necessary to perform a restore from this backup, and are not stored by Rancher Backup.'
  lastBackup: Last Backup
  nextBackup: Next Backup
  noResourceSet: You must define a ResourceSet in this namespace to create a backup CR.
  prune:
    label: Prune
    tip: Delete the resources managed by Rancher that are not present in the backup. (Recommended)
  resourceSetName: Resource Set
  restoreFrom:
    default: The default storage target
    existing: An existing backup config
    s3: An S3-compatible object store
  retentionCount:
    label: Retention Count
    units: |-
      {count, plural,
        =1 { File }
        other { Files }
      }
  s3:
    bucketName: Bucket Name
    credentialSecretName: Credential Secret
    endpoint: Endpoint
    endpointCA:
      label: Endpoint CA
      prompt: Endpoint CA must be Base64 encoded
    folder: Folder
    insecureTLSSkipVerify: Skip TLS Verifications
    region: Region
    storageLocation: Storage Location
    titles:
      backupLocation: Backup Source
      location: Storage Location
      s3: S3
  schedule:
    label: Schedule
    options:
      disabled: One-Time Backup
      enabled: Recurring Backups
    placeholder: e.g. @midnight or 0 0 * * *
  storageSource:
    configureS3: Use an S3-compatible object store
    useBackup: Use the s3 location specified on the Backup CR
    useDefault: Use the default storage location configured during installation
  targetBackup: Target Backup

catalog:
  app:
    managed: Managed
    section:
      lastOperation: Last Operation
      notes: Release Notes
      openLogs: View Logs
      readme: Chart README
      resources:
        label: Resources
        busy: The related resources will appear when {app} is fully installed.
      values: Values YAML
    upgrade:
      uncertainUpgradeWarningTooltip: Unable to determine if an upgrade is available (can not identify the repository and chart used to deploy this application)
  chart:
    registry:
      label: Container Registry
      tooltip: Container images are pulled from the Cluster Container Registry or, failing that, the System Container Registry Setting. To change this default behavior enter or update the registry here
      custom:
        checkBoxLabel: Container Registry for Rancher System Container Images
        inputLabel: Container Registry
        placeholder: Registry domain and ports, ex. registry.io:5000
    header:
      charts: Charts
    info:
      appVersion: Application Version
      chartVersions:
        label: Chart Versions
        showMore: Show More
        showLess: Show Less
      home: Homepage
      repository: Repository Page
      maintainers: Maintainers
      maintainerContactTooltip: Contact {maintainer}
      related: Related
      chartUrls: Chart
      keywords: Keywords
    errors:
      clusterToolExists: This chart has a fixed namespace and name. A matching <a href="{url}">application</a> has been found and any changes will be made to it.
    global: Global
    deprecatedWarning: '{chartName} has been marked as deprecated. Use caution when installing this helm chart as it might be removed in the future.'
    experimentalWarning: '{chartName} has been marked as experimental. Use caution when installing this helm chart as it might not function as expected.'
    deprecatedAndExperimentalWarning: '{chartName} has been marked as deprecated and experimental. Use caution when installing this helm chart as it might be removed in the future and might not function as expected.'
    viewReadmeSeparately:
      label: View separately
      tooltip: Open the readme in a new tab
    installedAppsSelector:
      ariaLabel: Select installed app instance
    chartButton:
      action:
        install: Install this version
        edit: Edit the current version
        upgrade: Upgrade to this version
        downgrade: Downgrade to this version
        installNew: Install as a new instance
  charts:
    browseAriaLabel: Show only charts grid
    iconAlt: Icon for {app} card/grid item
    refresh: refresh charts
    all: All
    categories:
      all: All Categories
    certified:
      other: Other
      partner: Partner
      rancher: '{vendor}'
    deploysOnWindows: Deploys on Windows
    windowsIncompatible: Linux only
    versionWindowsIncompatible: Linux only version
    header: Charts
    noCharts:
      title: No charts to show
      message: '<b>Tips:</b> undo the last filter you applied or <resetAllFilters>clear all filters</resetAllFilters>, and ensure you have the right <repositoriesUrl>repositories</repositoriesUrl> in place.'
      docsMessage: 'Want to learn more about Helm Charts and Apps? Read our <docsUrl>documentation</docsUrl>.'
    noWindows: Your repos do not contain any charts capable of being deployed on a cluster with Windows nodes.
    noWindowsAndLinux: Your repos do not contain any charts capable of being deployed on a cluster with both Windows and Linux worker nodes.
    operatingSystems:
      all: All Operating Systems
      linux: Linux
      windows: Windows
    search: Search the catalog...
    addNewRepo:
      label: Add new
      ariaLabel: Add a new repository
    appChartCard:
      footerItem:
        ariaLabel: 'Apply {filter} filter'
    statusFilterCautions:
      installation: Installation status cannot be determined with 100% accuracy
      upgradeable: Upgradeable status cannot be determined with 100% accuracy
    appCollectionRepoMissing: The SUSE Application Collection repository is not currently configured. You can add it on the <repoCreate>Repository Create</repoCreate> page.
    totalChartsMessage: |-
        {count , plural,
          =1 { {count} chart in total }
          other { {count} charts in total }
        }
    totalMatchedChartsMessage: |-
        {count , plural,
          =1 { {count} chart matching your criteria. }
          other { {count} charts matching your criteria. }
        }
    resetFilters:
      title: Clear all filters
    sort:
      prefix: Sort by
      recommended: Recommended
      lastUpdatedDesc: Last updated
      alphaAscending: Chart name, A → Z
      alphaDescending: Chart name, Z → A
    refreshButton:
      label: Refresh all repositories
    findSimilar:
      message: "Find similar charts based on this {type}"
      types:
        keyword: keyword
        repo: repository
        category: category
        tag: tag
    isFromSuseAppCoRepository: From SUSE App Collection.
  install:
    action:
      goToUpgrade: Edit / Change Version
    appReadmeMissing: This chart doesn't have any additional chart information.
    appReadmeTitle: Chart Information (Helm README)
    button:
      alreadyInstalled: '{chart} version {version} is already installed.'
      viewDetails: View chart details
      customizeInstall: Customize Install Options
      viewLogs: View Installation Logs
      waitForLogs: Installation initialized; waiting for logs...
      canNotCreateRepos: It looks like you don't have permission to add repositories and install helm charts.
      canNotInstallApps: The {repo} repository has been added, but you don't have permission to install charts from it.
      stages:
        addRepo:
          action: Add the {repo} repository
          waiting: Adding {repo} repository...
          success: Repository added
          error: Error adding {repo} repository
        loadCharts:
          action:  Fetch {repo} repository chart(s)
          waiting: Fetching {repo} repository chart(s)...
          success: '{chart} found'
          error: '{chart} chart not found - Try again?'
        installChart:
          action: Install {chart}
          waiting: Installing {chart}...
          success: '{chart} installation started'
          error: Error installing {chart}
        waitForLogs:
          action: View installation logs
          waiting: Waiting for installation logs...
          error: Unable to load installation logs
      errors:
        fetchChart: Error retrieving chart from repository
        alreadyInstalled: Chart already installed
        timeoutWaiting: Timed out waiting for logs
    chart: Chart
    warning:
      managed:
        Warning, {manager} manages deployment and upgrade of the {name} app. Upgrading this app is not supported.<br>
        {version, select,
          null { }
          other { Under most circumstances, no user intervention should be needed to ensure that the {version} version is compatible with the version of Rancher that you are running.}
        }
    error:
      requiresFound: '<a href="{url}">{name}</a> must be installed before you can install this chart.'
      requiresMissing: 'This chart requires another chart that provides {name}, but none was was found.'
      insufficientCpu: 'This chart requires {need, number} CPU cores, but the cluster only has {have, number} available.'
      insufficientMemory: 'This chart requires {need} of memory, but the cluster only has {have} available.'
      legacy:
        label: This is a {legacyType} App and it cannot be modified here
        enableLegacy:
          prompt: You will need to enable Legacy Features to edit this App
          goto: Go to Feature Flag settings
        navigate: Navigate to Legacy Apps
        mcmNotSupported: Legacy Multi-cluster Apps can not be managed through this UI
        category:
          legacy: Legacy
          mcm: Multi-cluster
    header:
      install: 'Install {name}'
      installGeneric: Install Chart
      upgrade: 'Upgrade {name}'
    helm:
      atomic: Atomic
      description:
        label: Description
        placeholder: e.g. Purpose of helm command
      cleanupOnFail: Cleanup on Failure
      crds: Apply custom resource definitions
      dryRun: Dry Run
      force: Force
      historyMax:
        label: Keep last
        unit: |-
          {value, plural,
            =1 { revision }
            other { revisions }
          }
      hooks: Execute chart hooks
      openapi: Validate OpenAPI schema
      resetValues: Reset Values
      timeout:
        label: Timeout
        unit: |-
          {value, plural,
            =1 { second }
            other { seconds }
          }
      wait: Wait
    namespaceIsInProject: "This chart's target namespace, <code>{namespace}</code>, already exists and cannot be added to a different project."
    project: Install into Project
    section:
      chartOptions: Edit Options
      valuesYaml: Edit YAML
      diff: Compare Changes
    slideIn:
      dock: Dock to shell
    steps:
      basics:
        label: Metadata
        subtext: Set App metadata
        description: This process will help {action, select,
            install { create }
            upgrade { upgrade }
            downgrade { upgrade }
            editVersion { update }
          } the {existing, select,
            true { app}
            false { chart}
          }. Start by setting some basic information used by {vendor} to manage the App.
        nsCreationDescription: "To install the app into a new namespace enter it's name in the Namespace field and select it."
        createNamespace: "Namespace <code>{namespace}</code> will be created."
        requiresImagePullSecret: "This Chart requires an Image Pull Secret in order for images to be succesfully pulled."
        dontUseDefaultImagePullSecret: "Manually select an Image Pull Secret or create a new one with Username/Password"
        generatedNewImagePullSecret: "A new Image Pull Secret <b>{ imagePullSecretName }</b> will be generated"
        generatedImagePullSecretBannerFromPreviousAuth: "A new Image Pull Secret <b>{ imagePullSecretName }</b> will be generated from the Repository secret <b>{ repoAuthenticationName }</b>."
        usePreviouslyGeneratedImagePullSecretBanner: "Image Pull Secret <b>{ imagePullSecretName }</b> was already created previously from the Repository secret <b>{ repoAuthenticationName }</b> and will be used."
      clusterTplVersion:
        label: Version
        subtext: Select a version of the template
        description: Select a version of the Cluster Template
      clusterTplValues:
        label: Values
        subtext: Change how the Cluster is defined
        description: Configure Values used by Helm that help define the Cluster.
      helmValues:
        label: Values
        subtext: Change how the App works
        description: Configure Values used by Helm that help define the App.
        chartInfo:
          button: View Chart Info
          label: Chart Info
      helmCli:
        checkbox: Customize Helm options before install
        label: Helm Options
        subtext: Change how the app is deployed
        description: Supply additional deployment options
    version: Version
    versions:
      current: '{ver} (Current)'
      linux: '{ver} (Linux-only)'
      windows: '{ver} (Windows-only)'
  delete:
    warning:
      managed: Warning, {manager} manages deployment and upgrade of the {name} app. Deleting this app is not supported.
  operation:
    tableHeaders:
      action: Action
      releaseName: Release Name
      releaseNamespace: Release Namespace
  repo:
    add: Add Repository
    action:
      refresh: Refresh
    all: All
    gitBranch:
      label: Git Branch
      placeholder: e.g. master
      defaultMessage: 'Will default to "master" if left blank'
    gitRepo:
      label: Git Repo URL
      placeholder: 'e.g. https://github.com/your-company/charts.git'
    name:
      rancher-charts: '{vendor}'
      rancher-partner-charts: Partners
      rancher-rke2-charts: RKE2
      rancher-ui-plugins: Rancher Extensions
      suse-application-collection: SUSE App Collection

    target:
      git: 
        title: Git Repository
        description: Git repository containing Helm charts or cluster templates
      http: 
        title: Helm Repository
        description: HTTP(S) URL pointing to a Helm chart repository index
      oci: 
        title: OCI Repository
        description: OCI-compliant registry hosting Helm charts as artifacts
      suseAppCollection: 
        title: SUSE App Collection
        description: Curated, enterprise-ready applications from SUSE Application Collection
      label: Target
    url:
      label: Index URL
      placeholder: 'e.g. https://charts.rancher.io'
    oci:
      urlLabel: OCI Repository Host URL
      placeholder: 'e.g. oci://<registry-host>/<namespace>/<chart-name>:<tag>'
      warning: OCI URLs must ONLY target helm chart/s.
      info: For large repositories containing many charts consider targeting a specific namespace or chart to improve performance, for example with oci://<registry-host>/<namespace> or oci://<registry-host>/<namespace>/<chart-name>.
      skipTlsVerifications: Skip TLS Verifications
      insecurePlainHttp: Insecure Plain Http
      exponentialBackOff:
        label: Exponential Back Off
        minWait:
          label: Min Wait Time
          placeholder: 'default: 1'
        maxWait:
          label: Max Wait Time
          placeholder: 'default: 5'
        maxRetries:
          label: Max Number of Retries
          placeholder: 'default: 5'
    refreshInterval:
      label: Refresh Interval
      placeholder: 'default: {hours}'
    error:
      refresh: Error refreshing repository
  tools:
    iconAlt: Icon for {app} Cluster Tool
    header: Cluster Tools
    noTools: "No Cluster Tools found"
    action:
      install: Install
      upgrade: Upgrade
      edit: Edit current version
      downgrade: Downgrade
      remove: Remove
      manage: Manage
  os:
    versionIncompatible: "This version is not compatible with Windows nodes."
    chartIncompatible: "This chart is not compatible with Windows nodes."

changePassword:
  title: Change Password
  cancel: Cancel
  deleteKeys:
    label: Delete all existing API keys
  changeOnLogin:
    label: Ask user to change their password on next login
  generatePassword:
    label: Generate a random password
  currentPassword:
    label: Current Password
  userGen:
    newPassword:
      label: New Password
    confirmPassword:
      label: Confirm Password
  randomGen:
    generated:
      label: Generated Password
  newGeneratedPassword: Suggest a password
  errors:
    mismatchedPassword: Passwords do not match
    failedToChange: Failed to change password
    failedDeleteKey: Failed to delete key
    failedDeleteKeys: Failed to delete keys
    cannotChange: This user does not have permissions to change their password
    cannotFetchSelf: This user does not have permissions to get their user information

chartHeading:
  overview: Overview
  poweredBy: "Powered by:"

compliance:
  addTest: Add Test ID
  alertNeeded: |-
    Alerting must be enabled within the compliance chart values.yaml.
    This requires that the <a tabindex="0" href="{link}">{vendor} Monitoring and Alerting app</a> is installed
    and the Receivers and Routes are <a target="_blank" rel='noopener noreferrer nofollow' href='{docsBase}/how-to-guides/advanced-user-guides/monitoring-v2-configuration-guides/advanced-configuration/alertmanager'> configured to send out alerts.</a>
  alertOnComplete: Alert on scan completion
  alertOnFailure: Alert on scan failure
  benchmarkVersion: Benchmark Version
  clusterProvider: Cluster Provider
  cronSchedule:
    label: Schedule
    placeholder: "e.g. 0 * * * *"
  customConfigMap: Custom Benchmark ConfigMap
  deleteBenchmarkWarning: |-
    {count, plural,
      =1 { Any profiles using this benchmark version will no longer work. }
      other { Any profiles using these benchmark versions will no longer work }
    }
  deleteProfileWarning: |-
    {count, plural,
      =1 { Any scheduled scans using this profile will no longer work. }
      other { Any scheduled scans using either of these profiles will no longer work. }
    }
  downloadAllReports: Download All Saved Reports
  downloadLatestReport: Download Latest Report
  downloadReport: Download Report
  maxKubernetesVersion: Maximum allowed Kubernetes version
  minKubernetesVersion: Minimum required Kubernetes version
  noProfiles: There are no valid ClusterScanProfiles for this cluster type to select.
  noReportFound: No scan report found
  profile: Profile
  reports: Reports
  retention: Retention Count
  scan:
    description: Description
    fail: Fail
    lastScanTime: Last Scan Time
    notApplicable: N/A
    number: Number
    pass: Pass
    remediation: Remediation
    scanDate: Scan Date
    scanReport: Scan Report
    skip: Skip
    total: Total
    warn: Warn
  scheduling:
    title: Scheduling
    disable: Run scan once
    enable: Run scan on a schedule
  scoreWarning:
    label: Scan state for "warn" results
    protip: Scans with no failures will be marked "Pass" by default even if some of the tests generate "warn" output. This behavior can be changed by selecting the "fail" option from this section.
  testID: Test ID
  testsSkipped: Tests Skipped
  testsToSkip: Tests to Skip
  alerting: Alerting
  detail:
    subRow:
      noNodes: No Additional Information

cluster:
  jwtAuthentication:
    banner: "Service Account access with JWT authentication can be configured after cluster creation from <br>
      <code>Cluster Management > Advanced > JWT Authentication</code>"
  addonChart:
    rancher-vsphere-cpi:
      label: "Add-on: vSphere CPI"
      configuration: vSphere CPI
    rancher-vsphere-csi:
      label: "Add-on: vSphere CSI"
      configuration: vSphere CSI
    rke2-calico:
      label: "Add-on: Calico"
      configuration: Calico
    rke2-calico-crd:
      label:  "Add-on: Calico"
      configuration: Calico
    rke2-canal:
      label: "Add-on: Canal"
      configuration: Canal
    rke2-cilium:
      label: "Add-on: Cilium"
      configuration: Cilium
    rke2-coredns:
      label: "Add-on: CoreDNS"
      configuration: CoreDNS
    rke2-ingress-nginx:
      label: "Add-on: NGINX"
      configuration: NGINX Ingress
    rke2-kube-proxy:
      label: "Add-on: Kube Proxy"
      configuration: Kube Proxy
    rke2-metrics-server:
      label: "Add-on: Metrics Server"
      configuration: Metrics Server
    rke2-multus:
      label: "Add-on: Multus"
      configuration: Multus
  agentEnvVars:
    label: Agent Environment
    detail: Add additional environment variables to the agent container.  This is most commonly useful for configuring a HTTP proxy.
    keyLabel: Variable Name
  cloudProvider:
    aws:
      label: Amazon
    azure:
      label: Azure
    external:
      label: External
    gcp:
      label: Google
    rancher-vsphere:
      label: vSphere
      note: '<b>Important:</b> Configure the vSphere Cloud Provider and Storage Provider options in the Add-on Configuration tab.'
    harvester:
      label: Harvester
  copyConfig: Copy KubeConfig to Clipboard
  copiedConfig: Copied KubeConfig to Clipboard
  custom:
    nodeRole:
      label: Node Role
      detail: Choose what roles the node will have in the cluster.  The cluster needs to have at least one node with each role.
      warning: The cluster needs to have at least one node with each role to be usable.
    advanced:
      label: Advanced
      detail: Additional control over how the node will be registered.  These values will often need to be different for each node registered.
      nodeName: Node Name
      publicIp: Node Public IP
      privateIp: Node Private IP
      nodeLabel:
        title: Node Labels
        label: Add Label
      ipv6: "It looks like this cluster uses IPv6 networking: <code>Node Private IP</code> should be set to the cluster's IPv6 address."
    registrationCommand:
      label: Registration Command
      linuxDetail: Run this command on each of the existing Linux machines you want to register.
      windowsDetail: Run this command in PowerShell on each of the existing Windows machines you want to register.
      windowsWorkersOnly: <b>Windows nodes can only be workers.</b>
      windowsNotReady: The cluster must be up and running with Linux etcd, control plane, and worker nodes before the registration command for adding Windows workers will display.<br /> <br /><b>Windows nodes can only be workers.</b>
      windowsWarning: Workload pods, including some deployed by Rancher charts, will be scheduled on both Linux and Windows nodes by default. Edit NodeSelector in the chart to direct them to be placed onto a compatible node.
      windowsDeprecatedForRKE1: Windows support is being deprecated for RKE1. We suggest migrating to RKE2.
      insecure: "Insecure: Select this to skip TLS verification if your server has a self-signed certificate."
  credential:
    banner:
      createCredential: |-
        {length, plural,
          =0 {First you'll need to create a credential to talk to the cloud provider}
          other {Ok, Let's create a new credential}
        }
    selectExisting:
      label: Select Existing
    select:
      option:
        new: Create new...
        none: Select a credential...
    aws:
      accessKey:
        label: Access Key
        placeholder: Your AWS Access Key
      defaultRegion:
        help: The default region to use when creating clusters.  Also contacted to verify that this credential works.
        label: Default Region
      secretKey:
        label: Secret Key
        placeholder: Your AWS Secret Key
    azure:
      clientId:
        label: Client ID
      clientSecret:
        label: Client Secret
      environment:
        label: Environment
      subscriptionId:
        label: Subscription ID
      tenantId:
        label: Tenant ID
    digitalocean:
      accessToken:
        help: Paste in a Personal Access Token from the DigitalOcean <a href="https://cloud.digitalocean.com/settings/api/tokens" target="_blank" rel="noopener noreferrer nofollow">Applications & API</a> screen.
        label: Access Token
        placeholder: Your DigitalOcean API Access Token
    label: Cloud Credential
    linode:
      accessToken:
        help: Paste in a Personal Access Token from the Linode <a href="https://cloud.linode.com/profile/tokens" target="_blank" rel="noopener noreferrer nofollow">API Tokens</a> screen.
        label: Access Token
        placeholder: Your Linode API Access Token
    pnap:
      clientIdentifier:
        label: Client ID
        placeholder: Your Client ID
      clientSecret:
        help: From <a href="https://bmc.phoenixnap.com/credentials/" target="_blank" rel="nofollow noreferrer noopener">phoenixNAP BMC Portal</a> API Credentials
        label: Client Secret
        placeholder: Your Client Secret
    name:
      label: Credential Name
      placeholder: Name for this credential
    s3:
      accessKey:
        label: Access Key
        placeholder: Your API Access Key
      defaultRegion:
        label: Default Region
        placeholder: "Optional: The default region to use"
      defaultBucket:
        label: Default Bucket
        placeholder: "Optional: The default bucket to use"
      defaultEndpoint:
        label: Default Endpoint
        placeholder: "Optional: The default endpoint to use"
      defaultFolder:
        label: Default Folder
        placeholder: "Optional: The default folder to use"
      defaultEndpointCA:
        label: Default Endpoint CA Cert
        placeholder: "Optional: The default CA certificate to use to verify the endpoint"
      defaultSkipSSLVerify:
        label: Accept any certificate (insecure)
      secretKey:
        label: SecretKey
        placeholder: Your API Secret Key
    vmwarevsphere:
        server:
          label: vCenter or ESXi Server
          placeholder: vcenter.domain.com
        port:
          label: Port
        username:
          label: Username
        password:
          label: Password
        note: 'Note: The free ESXi license does not support API access. Only servers with a valid or evaluation license are supported.'
    gcp:
      authEncodedJson:
        label: Service Account
        placeholder: Service Account private key JSON file
        gke: GKE
        gce: GCE
        help:
          shared: <p>Create a <a href="https://console.cloud.google.com/projectselector/iam-admin/serviceaccounts" target="_blank" rel="noopener noreferrer nofollow">Service Account</a> with a JSON private key and provide the JSON here.</p>
          gke: |-
            <p>These IAM roles are required for GKE:</p>
            <ul>
            <li><b>Compute Engine:</b> Compute Viewer (roles/compute.viewer)</li>
            <li><b>Project:</b> Viewer (roles/viewer)</li>
            <li><b>Kubernetes Engine:</b> Kubernetes Engine Admin (roles/container.admin)</li>
            <li><b>Service Accounts:</b> Service Account User (roles/iam.serviceAccountUser)</li>
            </ul>
            More info on roles can be found <a href="https://cloud.google.com/kubernetes-engine/docs/how-to/iam-integration" target="_blank" rel="noopener noreferrer nofollow">here</a>.
          gce: |-
            <p>These IAM roles are required for GCE:</p>
            <ul>
            <li><b>Compute Engine:</b> Compute Engine Admin (roles/compute.admin)</li>
            <li><b>Project:</b> Viewer (roles/viewer)</li>
            <li><b>Service Accounts:</b> Service Account User (roles/iam.serviceAccountUser)</li>
            </ul>
            More info on roles can be found <a href="https://cloud.google.com/compute/docs/access/iam" target="_blank" rel="noopener noreferrer nofollow">here</a>.
    harvester:
      namespace: Namespace
      cpu: CPUs
      memory: Memory
      disk: Disk
      image: Image
      network:
        title: Networks
        network: Network
        addNetwork: Add Network
        networkName: Network Name
        macAddress: Mac Address
        macFormat: 'Invalid MAC address format.'
      vGpus:
        warnings:
          minimumAllocatable: It's highly recommended to select a vGPU with a number of allocatable devices greater than the number of nodes (Machine Count) to avoid "un-schedulable" errors after cluster updates.
        errors:
          notAllocatable: '[{vGpu}] vGPU device is not allocatable; required: {allocated}, allocatable: {allocatable}'
      volume:
        title: Volumes
        volume: Volume
        imageVolume: Image Volume
        addVolume: Add Volume
        addVMImage: Add VM Image
        storageClass: Storage Class
      reservedMemory: Reserved Memory
      sshUser: SSH User
      userData:
        label: User Data Template
        title: "User Data:"
      networkData:
        label: Network Data Template
        title: "Network Data:"
      kubeconfigContent:
        label: KubeconfigContent
      placeholder: 'Namespace/Name'
      cluster: Imported Harvester Cluster
      enableTpm: Enable TPM
      enableCpuPinning: Enable CPU Pinning
      cpuPinningTooltip: Enable CPU Pinning brings better performance and reduce latency for the harvester virtual machine
      cpuManagerWarning: You must enable CPU Manager for at least one node in harvester host page to enable CPU Pinning for VM
      secureBoot: Secure Boot
      enableEfi: Booting in EFI mode
      installGuestAgent: Install guest agent
      tokenExpirationWarning: 'Warning: Harvester Cloud Credentials use an underlying authentication token that may have an expiry time - please see the following <a href="https://harvesterhci.io/kb/renew_harvester_cloud_credentials" target="_blank" rel="noopener nofollow">knowledge base article</a> for possible implications on management operations.'
  description:
    label: Cluster Description
    placeholder: Any text you want that better describes this cluster
  harvester:
    importNotice: Import Harvester Clusters via
    warning:
      label: This is a Harvester Cluster - enable the Harvester feature flag to manage it
      state: Warning
      cloudProvider:
        incompatible:
          You cannot select the Harvester cloud provider as the current Harvester version is not compatible with the selected RKE2 Kubernetes version, click <a target="_blank" rel="noopener noreferrer nofollow" href="https://www.suse.com/suse-harvester/support-matrix/all-supported-versions">here</a> to see which Kubernetes versions are supported.
    clusterWarning: |-
      There {count, plural,
      =1 {is 1 Harvester cluster that is not shown}
      other {are # Harvester clusters that are not shown}
      }
    registration:
      step1: "1. Go to the <code>Advanced / Settings</code> page of the target Harvester's UI."
      step2: '2. Find the <code>cluster-registration-url</code> setting and click the <code><i class="icon icon-actions" ></i></code> -> <code>Edit Setting</code> button.'
      step3: "3. Input the following registration URL and click the <code>Save</code> button."
      step4: "Registration URL"
    machinePool:
      cpu:
        placeholder: e.g. 2
      memory:
        placeholder: e.g. 4
      reservedMemory:
        placeholder: e.g. 256
      disk:
        placeholder: e.g. 4
      namespace:
        placeholder: e.g. default
      image:
        placeholder: Please select a image
      network:
        placeholder: Please select a network
      sshUser:
        placeholder: e.g. ubuntu
        toolTip: SSH user to login with the selected OS image.
    kubeconfigSecret:
        nameRequired: Cluster name is required.
        error: 'Error generating Harvester kubeconfig secret: {err}'
  haveOneOwner: There must be at least one member with the Owner role.
  import:
    warningBanner: 'You should not import a cluster which has already been connected to another instance of Rancher as it will lead to data corruption.'
    commandInstructions: 'Run the <code>kubectl</code> command below on an existing Kubernetes cluster running a supported Kubernetes version to import it into {vendor}:'
    commandInstructionsInsecure: 'If you get a &quot;certificate signed by unknown authority&quot; error, your {vendor} installation has a self-signed or untrusted SSL certificate.  Run the command below instead to bypass the certificate verification:'
    clusterRoleBindingInstructions: 'If you get permission errors creating some of the resources, your user may not have the <code>cluster-admin</code> role.  Use this command to apply it:'
    clusterRoleBindingCommand: 'kubectl create clusterrolebinding cluster-admin-binding --clusterrole cluster-admin --user <your username from your kubeconfig>'
  explore: Explore
  importAction: Import Existing
  manageAction: Manage
  kubernetesVersion:
    label: Kubernetes Version
    current: (current)
    experimental: (experimental)
    deprecated: (deprecated)
    manual: (manually upgraded)
    deprecatedPatches: Show deprecated Kubernetes patch versions
    deprecatedPatchWarning: We recommend using the latest patch version for each minor Kubernetes version. Deprecated patch versions can be useful for migration purposes.
  legacyWarning: The legacy feature flag is enabled and not all legacy features are supported in Kubernetes 1.21+.
  log:
    connecting: Connecting…
    noData: There are no provisioning log entries.
  name:
    label: Cluster Name
    placeholder: A unique name for the cluster
  directoryConfig:
    title: Data directory configuration
    banner: Data directory configuration can not be changed once the cluster has been created
    radioInput:
      defaultLabel: Use default data directory configuration
      commonLabel: Use a common base directory for data directory configuration (sub-directories will be used for the system-agent, provisioning and distro paths)
      customLabel: Use custom data directories
    common:
      label: Data directory base path
      tooltip: Data directory base path. We will append the sub-directories appropriate for each directory (/agent, /provisioning and either /rke2 or /k3s)
    systemAgent:
      label: System-agent directory path
      tooltip: Data directory for the system-agent connection info and plans
    provisioning:
      label: Provisioning directory path
      tooltip: Data directory for provisioning related files
    k8sDistro:
      label: K8s Distro directory path
      tooltip: Data directory for the k8s distro
  machineConfig:
    banner:
      updateInfo: Create a new pool to update machine configs
    aws:
      sizeLabel: |-
        {apiName}: {cpu, plural,
        =1 {1 vCPU}
          other {# vCPUs}
        } / {memory, number} GiB Memory / {storageSize, plural,
          =0 {EBS-Only}
          other {{storageSize, number} {storageUnit} {storageType}}
        } - {architecture}
    azure:
      acceleratedNetworking:
        label: Accelerated Networking
      availabilitySet:
        label: Availability Set
        description: Availability sets are used to protect applications from hardware failures within an Azure data center.
      availabilityZone:
        label: Availability Zone
        description: Availability zones protect applications from complete Azure data center failures.
        publicIpAndSKUWarning: Availability zones require Static Public IP and Use Standard SKU for Public IP to be enabled.
        publicIpWarning: Availability zones require Static Public IP to be enabled.
        standardSKUWarning: Availability zones require Use Standard SKU for Public IP to be enabled.
        managedDisksWarning: Availability zones require Managed Disks to be enabled.
      dns:
        help: A unique DNS label for the public IP address.
        label: DNS Label
      environment:
        label: Environment
        tooltip: The environment is configured when cloud credentials are created.
      faultDomainCount:
        help: If the availability set has already been created, the fault domain count will be ignored.
        label: Fault Domain Count
      image:
        help: Providing an ARM resource identifier requires using managed disk.
        label: Image
      location:
        label: Location
      managedDisks:
        label: Use Managed Disks
        deprecationWarning: 'Azure is retiring unmanaged disk support on March 31, 2026. After this date, VMs using unmanaged disks will be stopped and deallocated. Enable "Use Managed Disks" to avoid service disruption.'
      managedDisksSize:
        label: Managed Disk Size
      nsg:
        help: When using a Rancher managed or providing an existing NSG, all nodes using this template will use the supplied NSG. If no NSG is provided, a new NSG will be created for each node.
        label: Network Security Group
      openPort:
        add: Add Port
        help: When using an existing NSG, Open Ports are ignored.
        label: Open Port
      plan:
        label: Purchase Plan
        placeholder: publisher:product:plan
      privateIp:
        label: Private IP Address
      publicIpOptions:
        header: Public IP Options
        noPublic:
          label: No Public IP
        staticPublicIp:
          label: Static Public IP
        standardSKU:
          label: Use Standard SKU for Public IP
      resourceGroup:
        label: Resource Group
      sections:
        availabilitySetConfiguration: Availability Set Configuration
        purchasePlan: Purchase Plan
        network: Network
        disks: Disks
      size:
        label: VM Size
        tooltip: When accelerated networking is enabled, not all sizes are available.
        supportsAcceleratedNetworking: Sizes that Support Accelerated Networking
        doesNotSupportAcceleratedNetworking: Sizes Without Accelerated Networking
        availabilityWarning: The selected VM size is not available in the selected region.
        regionDoesNotSupportAzs: Availability zones are not supported in the selected region. Please select a different region or use an availability set instead.
        regionSupportsAzsButNotThisSize: The selected region does not support availability zones for the selected VM size. Please select a different region or VM size.
        selectedSizeAcceleratedNetworkingWarning: The selected VM size does not support accelerated networking. Please select another VM size or disable accelerated networking.
      sshUser:
        label: SSH Username
      storageType:
        label: Storage Type
        warning: StandardSSD_LRS requires managed disks. Please select Use Managed Disks or select another storage type.
      subnet:
        label: Subnet
      subnetPrefix:
        label: Subnet Prefix
      updateDomainCount:
        help: If the availability set has already been created, the update domain count will be ignored.
        label: Update Domain Count
      usePrivateIp:
        label: Use Private IP
      vnet:
        label: Virtual Network
        placeholder: '[resourcegroup:]name'
      tags:
        label: Tags
    digitalocean:
      sizeLabel: |-
        {plan, select,
          s {Basic: }
          g {General: }
          gd {General: }
          c {CPU: }
          m {Memory: }
          so {Storage: }
          standard {Standard: }
          other {}
        }{memoryGb} GB, {vcpus, plural,
          =1 {# vCPU}
          other {# vCPUs}
        }, {disk} GB Disk ({value})
      tags:
        label: Droplet Tags
        placeholder: e.g. my_server
    linode:
      typeLabel: |-
        {label}, {vcpus, plural,
          =1 {# vCPU}
          other {# vCPUs}
        }, {disk} GB Disk ({value})
    vsphere:
      hostOptions:
        any: Any
      vAppOptions:
        label: vApp Options
        description: Choose OVF environment properties
        disable: Do not use vApp
        auto: Use vApp to configure networks with network protocol profiles
        manual: Provide a custom vApp config
        restoreType: Restore Type
        transport:
          label: OVF environment transport
          tooltip: com.vmware.guestInfo or iso
          placeholder: e.g. com.vmware.guestInfo
        protocol:
          label: vApp IP protocol
          tooltip: IPv4 or IPv6
          placeholder: e.g. IPv4
        allocation:
          label: vApp IP allocation policy
          tooltip: dhcp, fixed, transient or fixedAllocated
          placeholder: e.g. fixedAllocated
        properties:
          label: vApp properties
          add: Add Property
          keyPlaceholder: e.g. guestinfo.interface.0.ip.0.address
          valuePlaceholder: e.g. ip:VM Network, expression or string
      networks:
        label: Networks
        add: Add Network
      guestinfo:
        label: Configuration Parameters used for guestinfo
        add: Add Parameter
        keyPlaceholder: e.g. guestinfo.hostname
        valuePlaceholder: e.g. myrancherhost
      creationMethods:
        template: 'Deploy from template: Data Center'
        library: 'Deploy from template: Content Library'
        vm: 'Clone an existing virtual machine'
        legacy: 'Install from boot2docker ISO (Legacy)'
      scheduling:
        label: Scheduling
        description: Choose what hypervisor the virtual machine will be scheduled to
        dataCenter: Data Center
        resourcePool: Resource Pool
        dataStore: Datastore
        dataStoreCluster: Datastore Cluster
        folder: Folder
        host:
          label: Host
          note: Specific host to create VM on (leave blank for standalone ESXi or for cluster with DRS)
        gracefulShutdownTimeout:
          label: Graceful Shutdown Timeout
          note: The time in seconds to wait before forcing deleting VMs in the infrastructure. Zero means disable graceful shutdown.
      instanceOptions:
        label: Instance Options
        description: Choose the size and OS of the virtual machine
        cpus: CPUs
        memory: Memory
        disk: Disk
        creationMethod: Creation method
        template:
          label: Template
          none: No Templates Found
        contentLibrary: Content library
        libraryTemplate: Library template
        virtualMachine: Virtual machine
        osIsoUrl:
          label: OS ISO URL
          placeholder: 'Default: Latest rancheros-vmware image'
        cloudInit:
          label: Cloud Init
          placeholder: e.g. http://my_host/cloud-config.yml
          note: Cloud-init file or url to set in the guestinfo
        cloudConfigYaml: Cloud Config YAML
        os: Operating System
      tags:
        label: Tags
        description: Tags allow you to attach metadata to objects in the vSphere inventory to make it easier to sort and search for these objects.
        addTag: Add Tag
      customAttributes:
        label: Custom attributes (legacy)
        description: Custom attributes allow you to attach metadata to objects in the vSphere inventory to make it easier to sort and search for these objects.
        add: Add custom attribute
    amazonEc2:
      region: Region
      zone: Zone
      instanceType: Instance Type
      rootSize:
        placeholder: 'Default: 16'
        label: Root Disk Size
        suffix: GB
      selectedNetwork:
        label: 'VPC/Subnet'
        placeholder: Select a VPC or Subnet
      iamInstanceProfile:
        label: IAM Instance Profile Name
        tooltip: Kubernetes AWS Cloud Provider support requires an appropriate instance profile
      ami:
        label: AMI ID
        placeholder: 'Default: A recent Ubuntu LTS'
      sshUser:
        label: SSH Username for AMI
        placeholder: 'Default: ubuntu'
        tooltip: 'The username that exists in the selected AMI; Provisioning will SSH to the node with this.'
      securityGroup:
        title: Security Group
        vpcId: '(select a VPC/Subnet first)'
        mode:
          default: 'Standard: Automatically create and use a "{defaultGroup}" security group'
          custom: 'Choose one or more existing security groups:'
      volumeType:
        label: EBS Root Volume Type
        placeholder: 'Default: gp2'
      encryptEbsVolume: Encrypt EBS Volume
      kmsKey:
        label: KMS Key ARN
        text: 'You do not have permission to list KMS keys, but may still be able to enter a Key ARN if you know one.'
      requestSpotInstance: Request Spot Instance
      spotPrice:
        label: Spot Price
        placeholder: 'Default: 0.50'
        suffix: Dollars per hour
      privateAddressOnly: Use only private address
      useEbsOptimizedInstance: EBS-Optimized Instance
      httpEndpoint: Allow access to EC2 metadata
      httpTokens: Use tokens for metadata
      tagTitle: EC2 Tags
      enableIpv6:
        label: Enable Dual-Stack
        description: "To use dual-stack networking, you will need to update the <a aria-label='scroll to the networking section in cluster configuration' href=\"#networking\">Network Stack Preference Order</a> to <b>DUAL</b> stack. For an IPv6-only cluster, check \"Enable IPv6\" and update the stack preference to <b>IPv6</b>."
      ipv6AddressCount:
        label: IPv6 Address Count
        tooltip: Specifies the number of IPv6 addresses to assign to the network interface
        error: IPv6 Address Count must be greater than 0 when using an IPv6 vpc or subnet.
      enablePrimaryIpv6:
        label: Enable Static Primary IPv6
        description: This designates the first assigned IPv6 address as the primary address, ensuring a consistent, non-changing IPv6 address for the instance. This option does not control whether IPv6 addresses are assigned.
      ipv6AddressOnly:
        label: Enable IPv6
      httpProtocolIpv6: 
        label: Enable IPv6 endpoint for instance metadata service
      ipv6ValidationWarning: When one pool uses an IPv6 or dual-stack subnet/vpc, all pools must use an IPv6 or dual-stack subnet/vpc.
    pnap:
      serverLocation:
        label: Location
      serverType:
        label: Type
      serverCpu:
        label: CPU
      serverCoresPerCpu:
        label: Cores per CPU
      serverCpuCount:
        label: CPU Count
      serverCpuFrequency:
        label: CPU Frequency [GHz]
      serverRam:
        label: RAM [GB]
      serverStorage:
        label: Storage
      serverNetwork:
        label: Network
      serverOs:
        label: OS
    gce:
      machineImage:
        label: Machine Image
        option: '{name} - {description}'
        deprecatedOption: '{name}(deprecated) - {description}'
        tooltip: Please select Image Family to get available images
      imageProjects:
        label: Image Projects
      firewall:
        header: Firewall Configuration
      showDeprecated:
        label: Show Deprecated
        tooltip: Includes deprecated images
      diskType:
        label: Disk Type
      diskSize:
        label: Disk Size
      network:
        label: Network
      subnetwork:
        label: Subnetwork
      machineType:
        label: Machine Type
      family:
        label: Image Family
      location:
        zone:
          label: Zone
      preemptible:
        label: Make VM instance preemptible
        tooltip: Preemptible machines offer significant cost savings, but may be abruptly stopped when Google Compute Engine needs to reclaim the compute resources for higher-priority VMs.
      scopes:
        add: Add scope
        label: Scopes
      tags:
        add: Add tags
        label: Tags
      openPort:
        add: Add port
        label: Open Ports
      address:
        label: External Address
        placeholder: '10.0.0.0/14'
        tooltip: External IP address for the GCE VM instance.
      username:
        label: Username
        placeholder: docker-user
        tooltip: This is the username used when SSH'ing into the node, and not a username associated with the GCP account.
      internalFirewall:
        label: Allow communication between cluster nodes
        tooltip: Allows Rancher to open ports required for internal communication between nodes.
        banner: Tags can be used to impose additional firewall rules.
      externalFirewall:
        label: Expose external ports
        tooltip: Allows Rancher to open ports required for external access.
        banner: By default, the Kubernetes API server listens on port 6443. Exposing this port on control plane machine pools is required for the Authorized Cluster Endpoint feature to work as expected.
      error:
        diskSizeWithoutMax: Disk size has to be greater than {diskSizeMin} based on this image and disk type.
        diskSizeWithMax: Disk size has to be between {diskSizeMin} and {diskSizeMax} based on this image and disk type.
        projects: Image projects should be a comma separated list of alphanumeric string which may contain '-' and '.'
  addOns:
    dependencyBanner: Add-On Configuration has changed between Kubernetes versions <b>{previousKubeVersion}</b> and <b>{newKubeVersion}</b> and conflict with your previous values. Please re-apply them.
    additionalManifest:
      title: Additional Manifest
      tooltip: 'Additional Kubernetes Manifest YAML to be applied to the cluster on startup.'
  agentConfig:
    tabs:
      agentsScheduling: Agents Scheduling
      cluster: Cluster Agent
      fleet: Fleet Agent
    groups:
      deploymentLabels: Deployment Labels
      selector: Selector
      podAffinity: Affinity
      podTolerations: Tolerations
      podRequestsAndLimits: Requests and Limits
      schedulingCustomization: Scheduling Customization
      agentsScheduling:
        text: Ensure that cluster- and/or fleet-agent pods are not evicted due to node pressure, resource constraints or scheduler policies When enabled, these settings may be configured in the 
        textLink: Global Settings
        label: 'Prevent agent pod eviction for:'
    subGroups:
      podAffinityAnti: Pod Affinity/Anti-Affinity
      nodeAffinity: Node Affinity
      agentsScheduling:
        cluster: Cluster Agent
        fleet: Fleet Agent
        label: Prevent Rancher {agent} pod eviction
        description: This ensures that the {agent} pod is not evicted due to node pressure, resource constraints or scheduler policies.
        banner: This feature is currently configured with settings which differ to the default Global Settings. Enable the checkbox below to overwrite the current settings with the default Global Settings.
        innerCheckbox: Apply global settings for Priority Class and Pod Disruption Budget
    banners:
      advanced: These are advanced configuration options. Generally, they should be left as-is.
      tolerations: Additional Pod Tolerations will be added to the default Tolerations applied by Rancher.
      limits: Pod Requests and Limits do not have a default configuration.
      windowsCompatibility: "We do not recommend removing the Node Affinity rule that prevents the <b>agent</b> from running on Windows nodes as this is not a supported configuration."
    affinity:
      default: Use default affinity rules defined by Rancher
      custom: Use custom affinity rules
  advanced:
    argInfo:
      title: Additional Kubelet Args
      tooltip:
        mixed-args: Kubelet args are defined both at Global and Machine Selector level.<br> Click on "Add Global Argument" to add them as Global config.
        global-args: Kubelet args are defined at Global level.<br> Click on "Add Global Argument" to add them as Global config.
      machineGlobal:
        listLabel: Add Global Argument
      machineSelector:
        label: Add Machine Selector
        listLabel: Add Argument
        bannerLabel: 'Note: The last selector that matches wins, and only args from it will be used.  Args from other matches above will not be combined together or merged.'
        title: 'For machines with labels matching:'
        subTitle: 'Use the Kubelet args:'
        titleAlt:  |-
          {count, plural,
            =1 { For all machines, use the Kubelet args: }
            other { For machines without matched labels below: }
          }
        kubeControllerManagerTitle: Additional Controller Manager Args
        kubeApiServerTitle: Additional API Server Args
        kubeSchedulerTitle: Additional Scheduler Args
    agentArgs:
      label: Raise error if kernel parameters are different than the expected kubelet defaults
  banner:
    warning: 'This cluster contains a machineSelectorConfig, which this form does not fully support; use the YAML editor to manage the full configuration.'
    os: 'You are attempting to add a {newOS} worker node to a cluster with one or more {existingOS} worker nodes: some installed apps may need to be upgraded or removed.'
    rke2-k3-reprovisioning: 'Making changes to cluster configuration may result in nodes reprovisioning. For more information see the <a href="{docsBase}/how-to-guides/new-user-guides/launch-kubernetes-with-rancher#launching-kubernetes-on-new-nodes-in-an-infrastructure-provider" target="_blank" rel="noopener nofollow">documentation</a>.'
    desiredNodeGroupWarning: There are 0 nodes available to run the cluster agent. The cluster will not become active until at least one node is available.
    haveArgInfo: Configuration information is not available for the selected Kubernetes version.  The options available on this screen will be limited; you may want to use the YAML editor.
    cloudProviderAddConfig: 'On Kubernetes 1.27 or greater, the <b>Amazon</b> Cloud Provider requires additional configuration. See <a href="https://ranchermanager.docs.rancher.com/how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup/set-up-cloud-providers/amazon" target="_blank" rel="noopener noreferrer nofollow">the documentation</a> for more information.'
    cloudProviderUnsupportedAzure: 'On Kubernetes 1.30 or greater, the <b>Azure</b> Cloud Provider has been removed. See <a href="https://ranchermanager.docs.rancher.com/how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup/set-up-cloud-providers/azure" target="_blank" rel="noopener noreferrer nofollow">the documentation</a> for more information.'
    cloudProviderMigrateAzure: 'On Kubernetes 1.30 or greater, the <b>Azure</b> Cloud Provider has been removed. To upgrade Kubernetes, the cluster should be migrated to External provider first.<br> See <a href="https://ranchermanager.docs.rancher.com/how-to-guides/new-user-guides/kubernetes-clusters-in-rancher-setup/set-up-cloud-providers/azure" target="_blank" rel="noopener noreferrer nofollow">the documentation</a> for more information.'
    machinePoolError: |-
      {count, plural,
        =1 { {pool_name}: The provided value for {fields} was not found in the list of expected values. This can happen with clusters provisioned outside of Rancher or when options for the provider have changed. }
        other { {pool_name}: The provided values for {fields} were not found in the list of expected values. This can happen with clusters provisioned outside of Rancher or when options for the provider have changed. }
      }
    rke1DeprecationMessage: 'Rancher Kubernetes Engine (RKE / RKE1) has reached end of life and these clusters are no longer supported. We recommend replatforming RKE1 clusters to RKE2 to ensure continued support and security updates. Learn more about the transition <a href="https://www.suse.com/support/kb/doc/?id=000021518" target="_blank" rel="noopener noreferrer nofollow">here</a>.'
    nginxDeprecated: The NGINX controller is deprecated and will be removed in upcoming versions
  rke1Unsupported: RKE1 Clusters are no longer supported

  architecture:
    label:
      unknown: unknown
      mixed: mixed

  availabilityWarnings:
    node: Node {name} is inactive
    machine: Machine {name} is inactive

  detail:
    provisioner: Provisioner
    kubernetesVersion: Kubernetes Version
    machineProvider: Machine Provider
    machinePools: Machine Pools
    machines: Machines
    rkeTemplate: RKE Template

  machinePool:
    automation:
      label: Automation
    autoscaler:
      heading: Autoscaler
      enable: Enable autoscaler and override "Machine Count" value
      machineCountValueOverride: Controlled by autoscaler
      baseUnit: Machines
      min: Min
      max: Max
      validation:
        isAutoscalerMaxGreaterThanMin: The max machines count must be equal or exceed the min machine count.
      etcdControlPlaneWarning: We don't recommend using Autoscaler with machine pools that have the etcd or Control Plane roles. You can modify the yaml if you want to override the current value.
    name:
      label: Pool Name
      notNamed: (Not Named)
      placeholder: A random one will be generated by default
      unique: Pool names should be unique
    nodeTotals:
      label:
        controlPlane: '{count} Control Plane'
        etcd: '{count} etcd'
        worker: '{count} Worker'
      tooltip:
        controlPlane: |-
          {count, plural,
            =0 { A cluster needs at least one control plane node to be usable. }
            =1 { A cluster with only one control plane node is not fault-tolerant. }
            other {}
          }
        etcd: |-
          {count, plural,
            =0 { A cluster needs at least one etcd node to be usable. }
            =1 { A cluster with only one etcd node is not fault-tolerant. }
            =2 { Clusters should have an odd number of nodes.  A cluster with 2 etcd nodes is not fault-tolerant. }
            =3 {}
            =4 { Clusters should have an odd number of nodes. }
            =5 {}
            =6 { Clusters should have an odd number of nodes. }
            =7 {}
            other { More than 7 etcd nodes is not recommended. }
          }
        worker: |-
          {count, plural,
            =0 { A cluster needs at least one worker node to be usable. }
            =1 { A cluster with only one worker node is not fault-tolerant. }
            other {}
          }
    quantity:
      label: Machine Count
    drain:
      header: Drain
      label: Drain Before Delete
    role:
      label: Roles
      etcd: etcd
      controlPlane: Control Plane
      worker: Worker
    labels:
      label: Kubernetes Node Labels
    noAccessBanner: "You do not have access to see this machine pool's configuration."
    configNotFound: "We could not find this machine pool's configuration. We recommend that you create a new cluster with the desired configuration."
    noPoolsDisclaimer: You do not have any machine pools defined, click the plus to add one.
    truncationPool: "Hostname truncation has been manually configured for this pool to {limit}"
    truncationCluster: "Hostname truncation has been manually configured for this cluster to {limit}"

    autoReplace:
      label: Auto Replace
      toolTip: If greater than 0, nodes that are unreachable for this duration will be automatically deleted and replaced.
      unit: "Seconds"
  managementTimeout: The cluster to become available. It's possible the cluster was created. We suggest checking the clusters page before trying to create another.
  memberRoles:
    removeMessage: 'Note: Removing a user will not remove their project permissions'
    addClusterMember:
      labelSelect: Select Member
      labelAdd: Add Member
      placeholder: Search for a member to provide cluster access
      searchPlaceholder: Start typing to search
      noResults: No results found
      minCharacters: Type at least {count} characters to search
  privateRegistry:
    header: Registry for Rancher System Container Images
    label: Enable cluster scoped container registry for Rancher system container images
    description: "If enabled, Rancher will pull container images from this registry during cluster provisioning. By default, Rancher will also use this registry when installing Rancher's official Helm chart apps. If the cluster scoped registry is disabled, system images are pulled from the System Default Registry in the global settings."
    importedDescription: "By default, Rancher will also use this registry when installing Rancher's official Helm chart apps. If the cluster scoped registry is disabled, system images are pulled from the System Default Registry in the global settings."
    docsLinkRke2: "For help configuring private registry mirrors, see the RKE2 <a href=\"https://docs.rke2.io/install/private_registry\" target=\"_blank\">documentation.</a>"
    docsLinkK3s: "For help configuring private registry mirrors, see the K3s <a href=\"https://docs.k3s.io/installation/private-registry\" target=\"_blank\">documentation.</a>"
    privateRegistryUrlError: A registry must be a valid url. Scheme is optional.
  provider:
    aliyunecs: Aliyun ECS
    aliyunkubernetescontainerservice: Alibaba ACK
    aliyun:  Alibaba ACK
    amazonec2: Amazon EC2
    amazoneks: Amazon EKS
    amazonelasticcontainerservice: Amazon EKS (Unsupported Kev1)
    aws: Amazon
    azure: Azure
    azureaks: Azure AKS
    aks: Azure AKS
    azurekubernetesservice: Azure AKS (Unsupported Kev1)
    baiducloudcontainerengine: Baidu CCE
    baidu: Baidu CCE
    cloudca: Cloud.ca
    cloudscale: Cloudscale
    custom: Custom
    digitalocean: DigitalOcean
    docker: Docker
    eks: Amazon EKS
    exoscale: Exoscale
    sks: Exoscale SKS
    gcp: Google
    google: Google GCE
    googlegke: Google GKE
    gke: Google GKE
    googlekubernetesengine: Google GKE (Unsupported Kev1)
    harvester: Harvester
    huaweicce: Huawei CCE
    import: Generic
    imported: Imported
    k3s: K3s
    kubeAdmin: KubeADM
    linode: Linode
    linodelke: Linode LKE
    local: Local
    minikube: Minikube
    oci: Oracle OCI
    openstack: OpenStack
    opentelekomcloudcontainerengine: Open Telekom Cloud CCE
    otccce: Open Telekom Cloud CCE
    oracle: Oracle
    oracleoke: Oracle OKE
    otc: Open Telekom Cloud
    other: Other
    ovhcloudmks: OVHcloud MKS
    packet: Equinix Metal
    pinganyunecs: Pinganyun ECS
    pnap: phoenixNAP
    rackspace: RackSpace
    rancherkubernetesengine: RKE1
    rke2: RKE2
    rke: RKE1
    rkeWindows: Windows (RKE1 only)
    s3: S3-Compatible
    softlayer: IBM Cloud
    tencenttke: Tencent TKE
    upcloud: UpCloud
    vmwarevsphere: VMware vSphere
    zstack: ZStack
    machineinventoryselectortemplate: Elemental Cluster
  providerTag:
    rke2:
      harvester: '{tag}'
  providerGroup:
    create-custom1: Use existing nodes and create a cluster using RKE
    create-custom2: Use existing nodes and create a cluster using RKE2/K3s
    create-hosted: Create a cluster in a hosted Kubernetes provider
    register-hosted: Register an existing cluster in a hosted Kubernetes provider
    create-rke1: Provision new nodes and create a cluster using RKE
    create-rke2: Provision new nodes and create a cluster using RKE2/K3s
    create-template: Use a Catalog Template to create a cluster
    register-custom: Import any Kubernetes cluster
  rke2:
    banner:
      psaChange: PSACT is now set to Rancher default automatically
      complianceOverride: Changing this setting may affect cluster security as it overrides default compliance settings
      complianceUnsupported: The selected Kubernetes Version no longer supports compliance profile "{profile}". Please select a supported profile. We recommend reviewing the <a href="https://docs.rke2.io/security/hardening_guide" target="_blank" rel="noopener noreferrer nofollow">documentation</a> to evaluate the impact of changing the compliance profile.
    modal:
      editYamlMachinePool:
        title: Save Machine Configurations
        body: Machine Configurations define how machines in Pools are deployed.<br><br> They will be saved upfront to ensure valid Cluster YAML can be saved.
      ipv6Warning:
        title: Verify IPv6 Settings
        body: The machine pools in this cluster are configured to use IPv6 networks, but the cluster's networking settings may not support it. 
        stackPrefInvalid: The <a href="{docsBase}/reference-guides/cluster-configuration/rancher-server-configuration/rke2-cluster-configuration#stack-preference" target="_blank" rel="noopener noreferrer nofollow" aria-label="rke2 documentation for the stack preference setting">Stack Preference</a> should be set to "Dual" or "IPv6" to use dual-stack or IPv6-only networking, respectively. 
        flannelMasqInvalid: K3s uses the Flannel cni plugin by default. Enabling Flannel Masq is generally advised when using IPv6 networking.
        cidrInvalidRke2: To enable dual-stack networking in RKE2 clusters, you must define valid dual-stack cluster and service CIDR ranges.
        cidrInvalidK3s: To enable dual-stack or IPv6-only networking in K3s clusters, you must define valid dual-stack or IPv6 cluster and service CIDR ranges.
        readMoreK3s: <a href="https://docs.k3s.io/networking/basic-network-options#dual-stack-ipv4--ipv6-networking" target="_blank" rel="noopener noreferrer nofollow" aria-label="k3s dual-stack networking documentation">Learn more about K3s networking</a>
        readMoreRke2: <a href="https://docs.rke2.io/networking/basic_network_options#ipv6-setup" target="_blank" rel="noopener noreferrer nofollow" aria-label="rke2 ipv6 networking documentation">Learn more about RKE2 networking</a>
        verifySettings: 'Before continuing, please verify the following settings:'
    snapshots:
      suffix: Snapshots per node
      s3Suffix: Snapshots
    systemService:
      rke2-coredns: 'CoreDNS'
      rke2-ingress-nginx: 'NGINX Ingress'
      rke2-kube-proxy: 'Kube Proxy'
      rke2-metrics-server: 'Metrics Server'
      header: System Services
    cni:
      label: Container Network
      cniNoneBanner: When CNI is set to 'none' an <a href="https://ranchermanager.docs.rancher.com/reference-guides/cluster-configuration/rancher-server-configuration/rke2-cluster-configuration#additionalmanifest" target="_blank" rel="noopener noreferrer nofollow">Additional Manifest</a> deploying an alternate CNI must be specified for successful cluster provisioning.
      cilium:
        BandwidthManager:
          enable: Enable Bandwidth Manager
    cloudProvider:
      label: Cloud Provider
      header: Cloud Provider Config
      defaultValue:
        label: Default - RKE2 Embedded
    security:
      header: Security
    compliance:
      server: Server compliance Profile
      agent: Compliance Profile
      override: Allow the default Pod Security Admission Configuration Template to be overridden when using a compliance profile
      warning: After saving changes, and if this cluster has already been provisioned, please restart the rke2-server service on all nodes to ensure etcd file permissions are correct
    defaultPodSecurityPolicyTemplateName:
      label: Default Pod Security Policy
      option: Default - RKE2 Embedded
    defaultPodSecurityAdmissionConfigurationTemplateName:
      label: Pod Security Admission Configuration Template
      option:
        none: (None)
        default: Default - RKE2 Embedded
    secretEncryption:
      label: Encrypt Secrets
    complianceProfile:
      option: (None)
    enableNetworkPolicy:
      label: Project Network Isolation
      warning: Per default, the ingress controller will not be able to route requests to pods on other nodes.
    workNode:
      label: Worker Nodes
    controlPlaneConcurrency:
      header: Control Plane
      label: Control Plane Concurrency
      toolTip: "This can be either a fixed number of nodes (e.g. 1) at a time or a percentage (e.g. 10%)"
    workerConcurrency:
      header: Worker Nodes
      label: Worker Concurrency
      toolTip: "This can be either a fixed number of nodes (e.g. 1) at a time or a percentage (e.g. 10%)"
    drain:
      label: Drain Nodes
      toolTip: Draining preemptively removes the pods on each node so there are no running workloads on the nodes being upgraded.  Upgrading without draining is faster and causes less shuffling around, but pods may still be restarted depending on the upgrade being performed.
      deleteEmptyDir:
        warning: "By default, pods using emptyDir volumes will be deleted on upgrade. Operations reliant on emptyDir volumes persisting through the pod's lifecycle may be impacted."
        label: Delete pods using emptyDir volumes
        tooltip: emptyDir volumes are often used for ephemeral data, but the data will be permanently deleted.  Draining will fail if this is not set and there are pods using emptyDir.
      force:
        label: Delete standalone pods
        tooltip: Delete standalone pods which are not managed by a Workload controller (Deployment, Job, etc).  Draining will fail if this is not set and there are standalone pods.
      gracePeriod:
        checkboxLabel: Override pod termination grace periods
        inputLabel: Grace Period
      timeout:
        checkboxLabel: Timeout after
        inputLabel: Drain Timeout
    truncateHostnames: Truncate hostnames to 15 characters for NetBIOS compatibility.
    address:
      tooltip: Cluster networking values cannot be changed after the cluster is created.
      header: Addressing
      clusterCidr:
        label: Cluster CIDR
      serviceCidr:
        label: Service CIDR
      dns:
        label: Cluster DNS
      domain:
        label: Cluster Domain
      nodePortRange:
        label: NodePort Service Port Range
      tlsSan:
        label: TLS Alternate Names
      fqdn:
        label: FQDN
        toolTip: A FQDN which will resolve to the healthy control plane nodes of the cluster.
      caCerts:
        label: CA Certificates
        toolTip: Certificates required for the client to successfully verify the validity of the certificate returned by the endpoint.
    etcd:
      disableSnapshots:
        label: Automatic Backups
      snapshotScheduleCron:
        label: Cron Schedule
      snapshotRetention:
        label: Local snapshot retention count
        tooltip: Each backup records 1 snapshot per etcd node. If you specify 3 snapshots and you have 3 etcd nodes you will only retain 1 full backup.
      exportMetric:
        label: Metrics
        false: Only available inside the cluster
        true: Exposed to the public interface
      s3backups:
        label: Save Backups to S3
      s3config:
        snapshotRetention:
          title: S3 Snapshot Retention
          label: S3 Snapshot Retention Count
          options:
            manual: Set manually
            localDefined: Same as local ({count} Snaphots)
            localUndefined: Same as local
        bucket:
          label: Bucket
        folder:
          label: Folder
        region:
          label: Region
        endpoint:
          label: Endpoint
        skipSSLVerify:
          label: Accept any certificate (insecure)
        endpointCA:
          label: Endpoint CA Cert
    stackPreference:
      label: Stack Preference
      description: Stack preference determines the networking stack used by the cluster. IPv4 uses <code>127.0.0.1</code>, Dual-Stack uses <code>localhost</code> and IPv6 uses <code>[::1]</code>. Read more about <a href="https://ranchermanager.docs.rancher.com/reference-guides/cluster-configuration/rancher-server-configuration/rke2-cluster-configuration#stack-preference"  target="_blank" rel="noopener noreferrer nofollow" >RKE2</a> and <a href="https://ranchermanager.docs.rancher.com/reference-guides/cluster-configuration/rancher-server-configuration/k3s-cluster-configuration#stack-preference"  target="_blank" rel="noopener noreferrer nofollow" >K3s</a> networking in the Rancher documentation.
      options:
        ipv4: IPv4
        ipv6: IPv6
        dual: Dual
  k3s:
    flannelMasq:
      title: IPv6 NAT
      label: Enable Flannel IPv6 Masquerade
      banner: It looks like you're using IPv6. If your IPv6 addresses are not publically routed, for example in the ULA range, you might want to check this option to enable IPv6 NAT; by default, pods use their IPv6 address for outgoing communication.
    systemService:
      coredns: 'CoreDNS'
      local-storage: 'Local Storage'
      metrics-server: 'Metrics Server'
      servicelb: 'Klipper Service LB'
      traefik: 'Traefik Ingress'
  selectCredential:
    genericDescription: "{vendor} has no built-in support for this driver.  We've taken a guess, but consult the driver's documentation for the fields required for authentication."
  snapshot:
    successTitle: Snapshot Started
    errorTitle: "Error Snapshotting {name}"
    successMessage: "A snapshot has been requested for {name}"
    bulkSuccessTitle: Snapshot Started
    bulkSuccessMessage: |-
      {count, plural,
        =1 { A snapshot has been requested for 1 cluster }
        other {A snapshot has been requested for {count} clusters}
      }
    groupLabel: Location
    failed: "Snapshot from {time} failed"
    rke1:
      local: local
      s3: s3
  ingress:
    title: Ingress
    enableIngress: Install Ingress controller to enable external routing
    nginx:
      header: Ingress-NGINX
      content: Choose this only if your workloads are not yet ready for Traefik.
    dual:
      header: Dual Mode
      content: Use this to safely test and migrate traffic from Ingress-NGINX to Traefik.
    traefik:
      header: Traefik
      content: The new default provider for high-performance routing and modern feature support.
    recommended: Recommended
    legacy: Legacy
    migration: Migration
    learnMore:
      label: Learn more
    showAdvanced: Show advanced configuration
    hideAdvanced: Hide advanced configuration
    configurationOptions:
      title: Configuration Options
      compatibilityMode: Enable Traefik Ingress NGINX compatibility mode for annotations
      traefik:
        http: Traefik HTTP
        https: Traefik HTTPS
      nginx:
        http: Ingress-NGINX HTTP
        https: Ingress-NGINX HTTPS
    banners:
      transitioning:
        label: Rancher is transitioning to Traefik as the default provider. While Ingress-NGINX remains available for migration purposes, we recommend moving workloads to Traefik to ensure long-term compatibility and support.
      disabled:
        label: Without an Ingress controller, services in this cluster will not be reachable via external URLs or hostnames. You will need to manually configure an alternative routing solution to expose your workloads.
      selected:
        ingress-nginx:
          label: Ingress-NGINX is now deprecated and will be removed in a future release. To avoid service interruptions, please begin migrating your Ingress resources to Traefik. Please review our <docsUrl>migration documentation</docsUrl>.
        traefik:
          label: Before switching to Traefik, please review our <docsUrl>migration documentation</docsUrl> to ensure your Ingress resources are updated to support Traefik’s configuration requirements.
        dual:
          label: Please review our <docsUrl>migration documentation</docsUrl> to ensure your current workloads and annotations are compatible. Taking this step now helps prevent unexpected routing issues during the transition.
    validation:
      portsMatch: Traefik and Ingress-NGINX ports cannot match
  tabs:
    ace: Authorized Endpoint
    addOnAdditionalManifest: Additional Manifest
    addons: Add-on Configuration
    advanced: Advanced
    agentEnv: Agent Environment Vars
    basic: Basics
    cluster: Cluster Configuration
    etcd: etcd
    log: Provisioning Log
    networking: Networking
    machinePools: Machine Pools
    machines: Machines
    memberRoles: Member Roles
    registry: Registries
    upgrade: Upgrade Strategy
    registration: Registration
  rotateCertificates:
    label: Rotate Certificates
    modalTitle: Rotate Cluster Certificates
    services: Services
    allServices: Rotate all service certificates
    selectService: Rotate an individual service
  toggle:
    v1: RKE1
    v2: RKE2/K3s
  validation:
    iamInstanceProfileName: If the Amazon cloud provider is selected the "IAM Instance Profile Name" must be defined for each Machine Pool

clusterIndexPage:
  hardwareResourceGauge:
    consumption: "{useful} of {total} {units} {suffix}"
    cores: CPU
    pods: Pods
    ram: Memory
    used: Used
    reserved: Reserved
    allocated: Allocated
    units:
      cores: |-
        {count, plural,
        =1 {core}
        other {cores}}
  header: Cluster Dashboard
  resourceGauge:
    totalResources: Total Resources
  sections:
    capacity:
      label: Capacity
    events:
      label: Events
      resource:
        label: Resource
      date:
        label: Date
    alerts:
      label: Alerts
    clusterMetrics:
      label: Cluster Metrics
    etcdMetrics:
      label: Etcd Metrics
    k8sMetrics:
      label: Kubernetes Components Metrics
    gatekeeper:
      buttonText: Configure Gatekeeper
      disabled: OPA Gatekeeper is not configured.
      label: OPA Gatekeeper Constraint Violations
      noRows: There are no constraints with violations to show.
    nodes:
      label: Unhealthy Nodes
      noRows: There are no unhealthy nodes to show.
    componentStatus:
      component:
        etcd:
          label: Etcd
        scheduler:
          label: Scheduler
        controller-manager:
          label: Controller Manager
        cattle:
          label: Cattle
        fleet:
          label: Fleet
      tooltip:
        disconnected: Agent disconnected
        unavailableReplicas: Replicas not available
    certs:
      label: Certificates

configmap:
  tabs:
    data:
      label: Data
      protip: Use this area for anything that's UTF-8 text data
    binaryData:
      label: Binary Data

containerResourceLimit:
  cpuPlaceholder: e.g. 1000
  gpuPlaceholder: e.g. 1
  helpText: Configure how much of the resources the container can consume by default.
  helpTextDetail: The amount of resources the container can consume by default.
  label: Container Default Resource Limit
  limitsCpu: CPU Limit
  limitsGpu: NVIDIA GPU Limit/Reservation
  limitsMemory: Memory Limit
  memPlaceholder: e.g. 128
  requestsCpu: CPU Reservation
  requestsMemory: Memory Reservation


resource:
  errors:
    update: "Error updating {name}"

codeMirror:
  escapeText: Press Shift+Escape to blur from editor
  keymap:
    tooltip: Key mapping preference.
    indicatorToolip: "Key mapping: {name}"

cruResource:
  backToForm: Back to Form
  backBody: You will lose any changes made to the YAML.
  cancelBody: You will lose any changes made to the YAML.
  confirmBack: "Okay"
  confirmCancel: "Okay"
  reviewForm: "Keep editing YAML"
  reviewYaml: "Keep editing YAML"
  previewYaml: Edit as YAML
  showYaml: View as YAML

providers:
  hosted: 
    title: Hosted Providers
    warning: Disabling providers will make any clusters that use them uneditable
drivers:
  kontainer:
    title: Cluster Drivers
    emberRemovalMessage: 'Support for UI Plugins (based on Ember) for cluster and node drivers was deprecated in Rancher 2.11.0 and has been removed in 2.15.0. If you still need one of these plugins, it will need to be migrated to the new <a href="https://extensions.rancher.io/extensions/next/provisioning/hosted-provider/overview" target="_blank" rel="noopener noreferrer nofollow">UI Extensions framework</a>.'
    emberRemovalTooltip: 'Support for UI Plugins (based on Ember) for cluster and node drivers was deprecated in Rancher 2.11.0 and has been removed in 2.15.0. If you still need this plugin, it will need to be migrated to the new UI Extensions framework.'
  node:
    title: Node Drivers
  add:
    title: Add Driver
    name:
      label: Driver name
    downloadUrl:
      label: Download URL
      placeholder: https://test.com/driver
      tooltip: The URL to download the machine driver binary for 64-bit Linux.
    customUiUrl:
      label: Custom UI URL
      placeholder: https://test.com/ui
      tooltip: The URL to load for customized Add Nodes screen for this driver. See https://github.com/rancher/ui-driver-skel for more info.
    checksum:
      label: Checksum
      tooltip: Checksum to verify that the downloaded driver matches the expected checksum.
    whitelist: Whitelist Domains
  actions:
    refresh: Refresh Kubernetes Metadata
  deactivate:
    title: Are you sure?
    andOthers: |-
      {count, plural,
      =0 {}
      =1 { and <b>one other </b>}
      other { and <b>{count} other </b>}
      }
    warningDrivers: |-
      {count, plural,
      =1 { You will no longer be able to edit the configuration of clusters using {names} driver.}
      other { You will no longer be able to edit the configuration of clusters using {names} drivers.}
      }
    warning: |-
      {count, plural,
      =1 { {warningDrivers} Resources in the corresponding provider will not be automatically removed.}
      other { {warningDrivers} Resources in the corresponding providers will not be automatically removed.}
      }
  error:
    activate: Failed to activate { name } driver

detailText:
  copyAriaLabel: Copy {item} value to clipboard
  collapse: Hide
  binary: '<Binary Data: {n, number} bytes>'
  empty: '<Empty>'
  unsupported: '<Value not supported by UI, see YAML>'
  sensitive:
      hide: Hide Sensitive Values
      show: Show Sensitive Values
  plusMore: |-
    {n, plural,
      =1 {+ 1 more char}
      other {+ {n, number} more chars}
    }

drainNode:
  action: 'Drain'
  actionStop: 'Stop Drain'
  titleOne: Drain {name}
  titleMultiple: 'Drain {count} Nodes'
  deleteLocalData: Delete Empty Dir Data
  force: Force
  safe:
    label: Safe
    helpText: If a node has standalone pods or ephemeral data it will be cordoned but not drained.
  gracePeriod:
    title: Grace period for pods to terminate themselves
    default: Honor the default from each pod
    placeholder: e.g. 30
    custom: "Ignore the defaults and give each pod:"
  timeout:
    title: "Drain timeout"
    default: Keep trying forever
    placeholder: e.g. 60
    custom: "Give up after:"

dynamicContent:
  action:
    close: Hide and Mark Announcement as read
    openPrimary: Open announcement's primary action
    openSecondary: Open announcement's secondary action
  newRelease:
    title: A new Rancher release is available!
    message: Rancher {version} has been released!
    moreInfo: Release Notes
  multipleNewReleases:
    title: New Rancher releases are available!
    message: A new {version1} patch version has been released and a newer {version2} version is also avaialble.
    moreInfo: "{version} Release Notes"
  upcomingEom:
    title: End of Maintainence in {days, plural, =1 {1 day} other {{days} days}}
    message: This version of Rancher ({version}) will reach End of Maintainence in {days} day(s). Consider upgrading to a supported version soon.
  eom:
    title: End of Maintainence reached
    message: This version of Rancher ({version}) has reached End of Maintainence. Consider upgrading to a supported version.
  upcomingEol:
    title: End of Life in {days, plural, =1 {1 day} other {{days} days}}
    message: This version of Rancher ({version}) will reach End of Life in {days} day(s). Consider upgrading to a supported version soon.
  eol:
    title: End of Life reached
    message: This version of Rancher ({version}) has reached End of Life. Consider upgrading to a supported version.

etcdInfoBanner:
  hasLeader: "Etcd has a leader:"
  leaderChanges: "Number of leader changes:"
  failedProposals: "Number of failed proposals:"

fleet:
  settings:
    label: Continuous Delivery
    title: Continuous Delivery Settings
    info: Rancher will reboot Fleet agent and controller on settings change.
    apply: Apply changes
    noPermissions: You have no permissions to modify Fleet Settings
    parseError: 'Cannot parse values from "{ path }" in "{ id }" ConfigMap'
    fields:
      ariaLabel: Fleet {name} setting
    agentTLSMode:
      label: TLS Mode
      description: "Determines whether the agent should trust CA bundles from the operating system's trust store when connecting to a management cluster."
      options:
        system-store:
          label: system-store
        strict:
          label: strict
    agentCheckinInterval:
      label: Checkin Interval
      description: A duration string for how often agents should report a heartbeat.
    garbageCollectionInterval:
      label: Garbage Collection Interval
      description: The amount of time that agents will wait before they clean up old Helm releases. A non-existent value or 0 will result in an interval of 15 minutes.
    clusterEnqueueDelay:
      label: Cluster Enqueue Delay
      description: "Interval to sync a repo with bundle deployments states."
    proxy:
      label: Proxy
      description: Fleet http[s] proxy server.
      placeholder: http://<username>@<password>:<url>:<port>
    noProxy:
      label: No Proxy
      description: Comma separated list of domains or ip addresses that will not use the proxy.
    gitClientTimeout:
      label: Git Client Timeout
      description: "The amount of time to wait for a response from the server before canceling the request. Used to retrieve the latest commit of configured git repositories. A non-existent value or 0 will result in a timeout of 30 seconds."
    nodeSelector:
      label: Node Selector
      description: "Node labels for pod assignment."
      add: Add Selector
    tolerations:
      label: Tolerations
      description: "List of node taints to tolerate."
      add: Add Toleration
    priorityClassName:
      label: Priority Class Name
      description: "PriorityClassName assigned to deployment."
    metrics:
      label: Metrics
      description: 'Enable metrics'
    debug:
      label: Debug
      description: 'Enable debug mode'
    controllerAnnotations:
      label: Controller
      description: ""
      add: Add Annotation
    gitjobAnnotations:
      label: Gitjob
      description: ""
      add: Add Annotation
    helmopsAnnotations:
      label: Helmops
      description: ""
      add: Add Annotation
    controllerReplicas:
      label: Controller
      description: ""
    gitjobReplicas:
      label: Gitjob
      description: ""
    helmopsReplicas:
      label: Helmops
      description: ""
    agentReplicas:
      label: Agent
      description: ""
    general:
      label: General
      description: 'General settings.'
    agent:
      label: Agent
      description: 'Agent deployment settings.'
    replicas:
      label: Replicas
      description: 'Number of replicas of Fleet pods.'
    annotations:
      label: Extra Annotations
      description: 'Extra annotations passed to the Fleet pods.'
    developer:
      label: Developer
      description: 'Enable debug info from Fleet.'

  tableHeaders:
    applicationType: Type
    applicationSource: Source
    applicationTarget: Target
    applicationClustersReady: Clusters Ready
    applicationResourcesSummary: Resources
  dashboard:
    pageTitle: Continuous Delivery Dashboard
    menuLabel: Dashboard
    welcome: Welcome to Fleet Continuous Delivery
    gitOpsScale: GitOps at scale.
    learnMore: Learn More.
    learnMoreLink: https://fleet.rancher.io
    noApplications: "You don't have any App Bundles in your Workspaces"
    getStarted: Get started
    workspace: Workspace
    expand: Expand
    collapse: Collapse
    expandAll: Expand All
    collapseAll: Collapse All
    state: State
    resourceDetails:
      clusters: Clusters
      resources: Resources
      source: Source
    viewMode:
      table: Show table
      cards: Show cards
    cards:
      filters:
        gitRepos: Show Git Repos
        helmOps: Show Helm Ops
      search: Filter
      resourceSummary:
        part1: in
        part2: |-
          {count, plural,
          =1 { cluster }
          other { clusters }
          }
      noClusters: Not targeting any clusters
    resources: Resources
    source: Source
  cluster:
    label: Cluster
    summary: Resource Summary
    nonReady: Non-Ready Bundles
    labels: Labels
    hideLabels: Show less
    showLabels: Show more
  clusters:
    harvester: |-
      There {count, plural,
      =1 {is 1 Harvester cluster that is hidden as this can not be used with Continuous Delivery}
      other {are # Harvester clusters that are hidden as they can not be used with Continuous Delivery}
      }
  tokens:
    harvester: |-
      {count, plural,
      =1 {1 token is hidden as it belongs to a Harvester cluster that can not be used with Continuous Delivery}
      other {# tokens are hidden as they belong to Harvester clusters that can not be used with Continuous Delivery}
      }
  bundles:
    resources: Resources
    harvester: |-
      {count, plural,
      =1 {1 bundle is hidden as it belongs to a Harvester cluster that can not be used with Continuous Delivery}
      other {# bundles are hidden as they belong to Harvester clusters that can not be used with Continuous Delivery}
      }
  fleetSummary:
    noClusters:
      gitRepo: This GitRepo is not targeting any clusters
      helmOp: This HelmOp is not targeting any clusters
    state:
      ready: 'Ready'
      info: 'Transitioning'
      warning: 'Warning'
      error: 'Error'
      unknown: 'Unknown'
      notReady: Not Ready
      waitApplied: Wait Applied
  clusterTargets:
    advancedConfigs: Advanced target configurations are defined, check the YAML file for further details.
    clusters:
      title: Clusters
      byName:
        placeholder: Select Multiple Clusters
        label: Select by cluster name
      byLabel:
        title: Select by labels
        addSelector: Add cluster selector
        labelKey: Label
    clusterGroups:
      title: Cluster Groups
      byName:
        label: Select by cluster group name
        placeholder: Select Multiple Cluster Groups
    rules:
      matching:
        title: |-
          {n, plural,
            =0 {No clusters selected}
            =1 {1 cluster selected}
            other {{n, number} clusters selected}
            }
        placeholder: Select clusters by name, labels or groups
        empty: No clusters in the workspace
        plusMore: |-
          {n, plural,
            =1 {+ 1 more cluster}
            other {+ {n, number} more clusters}
            }
  application:
    pageTitle: App Bundles
    menuLabel: App Bundles
    intro:
      add: Create App Bundle
      empty: No App Bundles have been created
    actions:
      create: Create App Bundle
    groupBy: Group By Type
    subTypes:
      fleet.cattle.io.gitrepo:
        description: GitRepo describes a git repository that is watched by Fleet. The resource contains the necessary information to deploy the repo, or parts of it, to target clusters.
      fleet.cattle.io.helmop:
        description: HelmOp is a simplified way of creating bundles by directly pointing to a Helm repository or to an OCI registry, without needing to set up a git repository.
    warningTooltip:
      clusterGroup: There are no clusters in this Cluster Group
      cluster: There are no clusters available
    noPermissions: You have no permissions to create {label}
  gitRepo:
    intro:
      add: Create Git Repo
      empty: No Git Repos have been added
    actions:
      add: Create Git Repo
      forceUpdate:
        label: Force Update
        promptTitle: Force Update
        promptNames: 'You are attempting to update: '
        promptWarning: |-
          {
            count, plural,
            =1 {Force update could be a long running process, the repository will be cloned again.}
            other {Force update could be a long running process, the repositories will be cloned again.}
          }
      enablePolling:
        label: Enable Polling
      disablePolling:
        label: Disable Polling
      unpause:
        label: Unpause
      pause:
        label: Pause
    tabs:
      resources: Resources
      unready: Non-Ready
    auth:
      title: Authentication
      label: Authentication
      git: Git Authentication
      helm: Helm Authentication
      githubdotcomPasswordBanner: 'GitHub no longer supports password authentication for repositories. Please enter a personal access token with the required permissions instead of your GitHub password.'
    caBundle:
      label: Certificates
      placeholder: "Paste in one or more certificates, starting with -----BEGIN CERTIFICATE----"
    paths:
      title: Custom paths
      description: Root directory
      index: Path {index}
      description1: The root folder is used by default. Fleet will scan recursively all folders and subfolders to find fleet.yaml files.
      description2: You can provide multiple different directories. You can also add subpaths to specify different YAML config file paths.
      ariaLabel: Enter paths for Git Repo
      placeholder: e.g. /directory/in/your/repo
      addLabel: Add Path
      enableBundles: Manually specify config files subpaths (Fleet won't scan subfolders recursively to find fleet.yaml files)
      subpaths:
        addLabel: Add Subpath
        protipValue: 'Only necessary if the filename differs from "fleet.yaml"'
        props:
          base: Subpath
          options: Fleet YAML file (optional)
        placeholders:
          key: e.g. dev
          value: e.g. kustomize.yaml
    repo:
      title: Source
      label: Repository URL
      placeholder: e.g. https://github.com/rancher/fleet-examples.git or git@github.com:rancher/fleet-examples.git
      addRepo: Add Repository
      noRepos: No repositories have been added
      noWorkspaces: There are no workspaces.
    resources:
      label: 'Resource Handling'
      keepResources: Always keep resources
      keepResourcesTooltip: When enabled, resources will be kept when deleting a GitRepo or Bundle - only Helm release secrets will be deleted.
      correctDrift: Enable self-healing
      correctDriftTooltip: When enabled, Fleet will ensure that the cluster resources are kept in sync with the git repository. All resource changes made on the cluster will be lost.
    polling:
      label: Polling
      enable: Enable Polling
      pollingInterval:
        label: Polling Interval
        tooltip: Polling Interval is the time between a push to the Repository and Fleet's reaction to it.
        webhookWarning: A webhook is configured in Rancher to reconcile Git updates and GitRepo resources. The Polling Interval will automatically be adjusted to 1 hour.
        minimumValueWarning: The recommended minimum Polling Interval is 15 seconds. To avoid performance issues with GitRepos that contain a large amount of resources please consider increasing this value.
    ociStorageSecret:
      title: OCI Registry
      label: OCI Storage Secret
      tooltip: If 'None' is selected, Fleet will use the 'ocistorage' fallback secret when existing in current workspace.<br>Every changes of the selected OCI storage secret will not be applied until next Git Repo update.
      options:
        chooseExisting: "Choose a secret:"
        chooseCustom: "Choose a custom secret:"
    add:
      steps:
        metadata:
          label: Metadata
          title: Specify the Git Repository name and labels/annotations
          subtext: 'Define metadata details'
          description: Git repository basic info
        repo:
          label: Repository details
          title: Specify the Git Repository to add to fleet
          subtext: 'Define repository details'
          description: Fleet will continuously monitor the Git Repository you configure below and synchronise the resources contained in it to the configured targets.
        advanced:
          label: Advanced
          title: Specify advanced settings like authenticaion credentials and polling
          subtext: 'Define advanced settings'
          description: Fleet will use the authentication settings and polling to synchronise the resources contained in it.
          info: These settings are for advanced usage and optional. You can skip them and finish the creation process.
        targetInfo:
          label: Target details
          title: Specify which target to synchronise this repository to
          subtext: 'Define target details'
          description: You can configure which clusters will be used as the target of synchronisation with the resources in the repository.
    ref:
      label: Watch
      branch: A Branch
      revision: A Revision
      branchLabel: Branch Name
      branchPlaceholder: e.g. master
      revisionLabel: Tag or Commit Hash
      revisionPlaceholder: e.g. v1.0.0
    serviceAccount:
      label: Service Account Name
      placeholder: "Optional: Use a service account in the target clusters"
    targetNamespace:
      label: Target Namespace
      placeholder: "Optional: Require all resources to be in this namespace"
    target:
      selectLabel: Target
      advanced: Advanced
      cluster: Cluster
      clusterGroup: Cluster Group
      label: Deploy To
      labelLocal: Deploy With
      additionalOptions: Additional settings
    targetDisplay:
      advanced: Advanced
      clusters: Clusters
      all: All
      none: None
      local: Local
    tls:
      label: TLS Certificate Verification
      verify: Require a valid certificate
      specify: Specify additional certificates to be accepted
      skip: Accept any certificate (insecure)
    workspace:
      label: Workspace
      addWorkspace: Create a workspace
    helmRepoURLRegex: Helm Repos (URL Regex)
  helmOp:
    intro:
      add: Create Helm Op
      empty: No Helm Ops have been added
    actions:
      add: Create Helm Op
      enablePolling:
        label: Enable Polling
      disablePolling:
        label: Disable Polling
      forceUpdate:
        label: Force Update
        promptTitle: Force Update
        promptNames: 'You are attempting to update: '
        promptWarning: |-
          {
            count, plural,
            =1 {Force update could be a long running process.}
            other {Force update could be a long running process.}
          }
      unpause:
        label: Unpause
      pause:
        label: Pause
    add:
      steps:
        metadata:
          label: Metadata
          title: Specify the Helm Op name and labels/annotations
          subtext: 'Define metadata details'
          description: Helm Op basic info
        chart:
          label: Chart
          title: chart
          subtext: 'Define Helm Chart source details'
          description: chart
        values:
          label: Values
          title: values
          subtext: 'Define Helm Values for the chart'
          description: values
        targetInfo:
          label: Target details
          title: Specify which target to synchronise this repository to
          subtext: 'Define target details'
          description: You can configure which clusters will be used as the target of synchronisation with the resources in the repository.
        advanced:
          label: Advanced
          title: Specify advanced settings like authenticaion credentials and polling
          subtext: 'Define advanced settings'
          description: Fleet will use the authentication settings and polling to synchronise the resources contained in it.
          info: These settings are for advanced usage and optional. You can skip them and finish the creation process.
    source:
      title: Source
      selectLabel: Type
      types:
        tarball: Tarball
        repo: Repository
        oci: OCI Registry
      tarball:
        label: Absolute URL
        placeholder: e.g. https://example.com/charts/my-chart-1.2.3.tgz
      repo:
        repo:
          label: Repository URL
          placeholder: e.g. https://foo.bar/baz
        chart:
          label: Chart
          placeholder: The path to the chart name in the repository
      oci:
        chart:
          label: OCI Registry URL
          placeholder: e.g. oci://foo.bar/baz
      version:
        label: Version
        placeholder: The Chart version
      release:
        title: Release
        label: Name
        placeholder: The Helm release name
    values:
      title: Values
      selectLabel: Values
      description: Configure Values used by Helm that help define the App.
      types:
        values: Values
        valuesFiles: Values Files
        valuesFrom: Values From
      yaml:
        options:
          edit: Edit YAML
          diff: Compare Changes
      values:
        selectLabel: YAML
        loading: Loading from chart
      valuesFiles:
        selectLabel: Files
        ariaLabel: Enter path for value File
        placeholder: ''
        addLabel: Add File path
        empty: empty
      valuesFrom:
        selectLabel: Values From
        options:
          configMapKeyRef: ConfigMap Key
          secretKeyRef: Secret Key
        loading: Loading ConfigMaps and Secrets
    serviceAccount:
      label: Service Account Name
      placeholder: "Optional: Use a service account in the target clusters"
    targetNamespace:
      label: Target Namespace
      placeholder: "Optional: Require all resources to be in this namespace"
    target:
      selectLabel: Target
      advanced: Advanced
      cluster: Cluster
      clusterGroup: Cluster Group
      label: Deploy To
      labelLocal: Deploy With
      additionalOptions: Additional Options
    targetDisplay:
      advanced: Advanced
      clusters: Clusters
      all: All
      none: None
      local: Local
    resources:
      label: 'Resources'
      keepResources: Always keep resources
      keepResourcesTooltip: When enabled, resources will be kept when deleting a HelmOp or Bundle - only Helm release secrets will be deleted.
      correctDrift: Enable self-healing
      correctDriftTooltip: When enabled, Fleet will ensure that the cluster resources are kept in sync with the HelmOp. All resource changes made on the cluster will be lost.
    polling:
      label: Polling
      enable: Enable Polling
      pollingInterval:
        label: Polling Interval
        tooltip: Polling Interval is the time between a push to the Repository and Fleet's reaction to it.
        minimumValueWarning: The recommended minimum Polling Interval is 15 seconds. To avoid performance issues with HelmOps that contain a large amount of resources please consider increasing this value.
        versionTooltip: Polling can be enabled only if version is a valid semantic versioning constraint (e.g. 2.x.x, < 1.0).
    tls:
      insecure: Accept any certificate (insecure)
    auth:
      title: Authentication
      label: Authentication
      helm: Helm Authentication
    caBundle:
      label: Certificates
      placeholder: "Paste in one or more certificates, starting with -----BEGIN CERTIFICATE----"
  clusterGroup:
    selector:
      label: Cluster Selectors
      matchesAll: Matches all {total, number} existing clusters
      matchesNone: Matches no existing clusters
      matchesSome: |-
        {matched, plural,
          =1 {Matches 1 of {total, number} existing clusters: "{sample}"}
          other {Matches {matched, number} of {total, number} existing clusters, including "{sample}"}
        }
  fdc:
    id: ID
    type: Type
    state: State
    cluster: Cluster
    error: Error
    ready: Ready
    errors: Errors
  workspaces:
    tabs:
      restrictions: Allowed Target Namespaces
      ociRegistry: Default OCI Registry
    timeout: Workspace creation timeout. It's possible the workspace was created. We suggest checking the workspace page before trying to create another.
    remove:
      warning: "Deleting a Workspace also deletes all resources in the Workspace. This includes GitRepos but also Clusters.<br><br>Deleted Clusters will be removed from {vendor}, and if {vendor} manages the life-cycle of the Cluster it's underlying infrastructure will also be deleted."
  restrictions:
    addTitle: 'allowedTargetNamespaces'
    addLabel: Add
    banner: "{count, plural,
          =0 { Adding namespaces here will create a GitRepoRestriction. }
          other { Only the Git Repo Restriction's <code>allowedTargetNamespaces</code> is managed here. You can make additional changes to the Git Repo Restriction}
        }"
  configMaps:
    label: Config Maps
  secrets:
    label: Secrets
footer:
  docs: Docs
  download: Download CLI
  forums: Forums
  issue: File an Issue
  slack: Slack

gatekeeperConstraint:
  templateRequired: You must have at least one Template before attempting to create a Constraint.
  downloadViolations: Download Violations
  match:
    title: Match
  tab:
    enforcementAction:
      title: Enforcement Action
    rules:
      title: Rules
      sub:
        labelSelector:
          addLabel: Add Label
          title: Label Selector
    namespaces:
      sub:
        excludedNamespaces: Excluded Namespaces
        namespaces: Namespaces
        namespaceSelector:
          addNamespace: Add Namespace
          title: Namespace Selector
        scope:
          title: Scope
      title: Namespaces
    parameters:
      addParameter: Add Parameter
      editAsForm: Edit as Form
      editAsYaml: Edit as YAML
      title: Parameters
  template: Template
  enforcement:
    action: Enforcement Action
  violations:
    title: "Violations: {total}"
    notAll: Not all are shown due to the configured OPA Gatekeeper constraint violation limit - the constraint only includes details for {shown}

gatekeeperIndex:
  poweredBy: OPA Gatekeeper
  unavailable: OPA + Gatekeeper is not available in the system-charts catalog.
  violations: Violations
  deprecated: The OPA Gatekeeper chart is deprecated as of Rancher 2.8 and will be removed in a future release. Please consider switching to <a target="_blank" rel="noopener noreferrer nofollow" href="https://www.kubewarden.io">Kubewarden</a>.

gatekeeperInstall:
  auditInterval: Auto Interval
  constraintViolationsLimit: Constraint Violations Limit
  runtimeDefaultSeccompProfile: Enable Runtime Default Seccomp Profile

glance:
  created: Created
  cpu: CPU Usage
  memory: Memory
  nodes:
    total:
      label: |-
        {count, plural,
          =1 { Node }
          other { Total Nodes }
        }
  pods: Pods
  provider: Provider
  version: Kubernetes Version
  architecture: Architecture
  monitoringDashboard: Monitoring Dashboard
  installMonitoring: Install Monitoring
  clusterInfo: Cluster Information
  eventsTable: Full events list
  secretsTable: Full secrets list
  changeEventsListRowCount: Update events table row count
  showXEvents: Show {count} events
  useUserPreference: "Use table preference ({count})"

clusterBadge:
  badgeAppearance: Cluster Badge Appearance
  clusterComment: "Cluster comment - {text}"
  customizeAppearance: Customize Appearance
  addLabel: Add Cluster Badge
  setClusterAppearance: Cluster Appearance
  customize: Customize
  editLabel: Edit Cluster Badge
  modal:
    title: Cluster Appearance
    checkbox: Show cluster comment
    comment: Custom comment
    iconText: Icon Text
    buttonAction: Apply
    badgeBgColor: Badge background color
    badgeBgColorInput: Badge background color selector input
    badgeTextColor: Badge text color
    badgeAsIcon: Use custom badge
    maxCharsTooltip: Overwrites the default cluster name abbreviation.
    previewTitle: "Preview:"
    previewSide: "SIDE NAVIGATION"
    previewHeader: "RANCHER HEADER"

grafanaDashboard:
  failedToLoad: Failed to load graph
  reload: Reload
  grafana: Grafana

graphOptions:
  detail: Detail
  summary: Summary
  refresh: Refresh
  range: Range

growl:
  clearAll: Clear All Notifications
  disconnectError:
    message: "The connection to {url} closed unexpectedly at {time}. Disconnected after {tries} reconnect attempts. Check your network connection and reload the page"
    title: Websocket Disconnected
  connectError:
    message: "The connection to {url} closed unexpectedly at {time}. Reconnect attempt #{tries}."
    title: Websocket Reconnecting
  reconnected:
    message: "The connection to {url} was restored on attempt #{tries}."
    title: Websocket Reconnected
  podSecurity:
    message: "The creation of this Pod would violate existing restricted policies for the adopted Namespace"
    title: PodSecurity violation
  kubeApiHeaderWarning:
    titleCreate: "{resourceType} Creation Warning"
    titleUpdate: "{resourceType} Update Warning"

hpa:
  detail:
    currentMetrics:
      header: Current Metrics
      noMetrics: No Current Metrics
    metricHeader: '{source} Metric'
  metricIdentifier:
    name:
      label: Metric Name
      placeholder: e.g. packets-per-second
    selector:
      header: Metric Selector
      label: Add Selector
  metricTarget:
    averageVal:
      label: Average Value
    quantity:
      label: Quantity
    type:
      label: Type
    utilization:
      label: Average Utilization
    value:
      label: Value
  metrics:
    headers:
      metricName: Name
      objectKind: Object Kind
      objectName: Object Name
      quantity: Quantity
      resource: Resource Name
      targetName: Target Name
      value: Value
    source: Source
  objectReference:
    api:
      label: Referent API Version
      placeholder: e.g. apps/v1beta1
    kind:
      label: Referent Kind
      placeholder: e.g. Deployment
    name:
      label: Referent Name
      placeholder: e.g. php-apache
  scaleDownRules:
    label: Scale down behavior
    enable: Configure scale down behavior
  scaleUpRules:
    label: Scale up behavior
    enable: Configure scale up behavior
  scalingRule:
    policyHeader: Policies
    addPolicy: Add policy
    selectPolicy: Select policy
    selectPolicyTooltip: Select the policy with the maximum value, minimum value or disable scaling.
    stabilizationWindowSeconds: Stabilization window seconds
    stabilizationWindowSecondsTooltip: Number of seconds for which past recommendations should be considered while scaling up or scaling down.
    policy:
      type: Type
      typeTooltip: Set policy based on the amount of Pods to scale or the percentage of current replicas to scale.
      value: Value
      valueTooltip: The amount of change which is permitted by the policy.
      periodSeconds: Period seconds
      periodSecondsTooltip: The window of time for which the policy should hold true.
  tabs:
    labels: Labels
    metrics: Metrics
    target: Target
    workload: Workload
    behavior: Behavior
  types:
    cpu: CPU
    memory: Memory
  warnings:
    custom: In order to use custom metrics with HPA, you need to deploy the custom metrics server such as prometheus adapter.
    external: In order to use external metrics with HPA, you need to deploy the external metrics server such as prometheus adapter.
    noMetric: In order to use resource metrics with HPA, you need to deploy the metrics server.
    resource: The selected target reference does not have the correct resource requests on the spec. Without this the HPA metric will have no effect.
  workloadTab:
    current: Current Replicas
    last: Last Scale Time
    max: Maximum Replicas
    min: Minimum Replicas
    targetReferenceType: Target Type
    targetReference: Target Reference

import:
  title: Import YAML
  editor:
    label: YAML Editor
  defaultNamespace:
    label: Default Namespace
  success: |-
    Applied {count, plural,
    =1 {1 Resource}
    other {# Resources}
    }

auditPolicy:
  active: Active
  inactive: Inactive
  reasons:
    PolicyNotYetActivated: Not yet activated
    PolicyIsActive: Active
    PolicyIsInvalid: Invalid
    PolicyWasDisabled: Disabled
  general:
    title: General
    enabled:
      label: Enabled
      title: Enabled
      checkbox: Enables this audit policy
    verbosity:
      label: Log Verbosity
      title: Log Verbosity
      banner: Audit Log Verbosity and install time Audit Log settings are additive.
      level:
        0: 0 - Log request and response metadata
        1: 1 - Log request and response headers
        2: 2 - Log request body
        3: 3 - Log response body
        title: Log Levels
        label: Level
        tooltip: Each log level is cumulative, higher log levels include the data from lower levels. Each log entry contains both request and response information.
      requestResponse:
        tooltip: Override the Log Level and explicitly include Headers / Body
      request:
        title: Request
        requestHeaders: Request Headers
        requestBody: Request Body
      response:
        title: Response
        responseHeaders: Response Headers
        responseBody: Response Body
  filters:
    add: Add Filter
    title: Filters
    action: 
      title: Action
      label: Action
      allow: Allow
      deny: Deny
      placeholder: Allow/Deny
    requestURI:
      title: Request URI
      label: Request URI
      placeholder: e.g. /foo/.*
  additionalRedactions:
    title: Additional Redactions
    headers:
      title: Headers
      label: Headers
      placeholder: e.g. Cache.*
      add: Add Header
    paths:
      title: Paths
      label: Paths
      tooltip: Paths redacts information from request and response bodies based on json path expressions
      placeholder: e.g. $.gitCommit
      add: Add Path
  error:
      enableOrDisable: "{flag, select, enable {Error when enabling - {id}} disable {Error when disabling - {id}} other {Error - {id}}}"
      
ingress:
  description: Ingresses route incoming traffic from the internet to Services within the cluster based on the hostname and path specified in the request. You can expose multiple Services on the same external IP address and port.
  certificates:
    addCertificate: Add Certificate
    addHost: Add Host
    certificate:
      label: Certificate - Secret Name
      doesntExist: The selected certificate does not exist
    defaultCertLabel: Default Ingress Controller Certificate
    headers:
      certificate: Certificate
      hosts: Hosts
    host:
      label: Host
      placeholder: e.g. example.com
    label: Certificates
    removeHost: Remove
  defaultBackend:
    label: Default Backend
    noServiceSelected: No default backend is configured.
    port:
      label: Port
      placeholder: e.g. 80 or http
      notInt: Port must be an integer
      required: Port is required
    targetService:
      label: Target Service
      doesntExist: The selected service does not exist
      required: Target Service is required
    warning: "Warning: Default backend is used globally for the entire cluster."
  ingressClass:
    label: Ingress Class
  rules:
    addPath: Add Path
    addRule: Add Rule
    headers:
      pathType: Path Type
      path: Path
      port: Port
      target: Target Service
      certificates: Certificates
    hostname: Hostname
    path:
      label: Path
      placeholder: e.g. /foo
    port:
      label: Port
      placeholder: e.g. 80 or http
    removePath: Remove
    requestHost:
      label: Request Host
      placeholder: e.g. example.com
    target:
      label: Target Service
      tooltip: If none of the Services in this dropdown select the Pods that you need to expose, you will need to create a Service that selects those Pods first.
      doesntExist: The selected service does not exist
    title: Rules
  rulesAndCertificates:
    title: Rules and Certificates
    defaultCertificate: default
  target:
    default: Default
  rulesOrBackendSpecified: Either Default Backend or Rules must be specified

internalExternalIP:
  none: None
  copyInternalIp: Copy internal IP address to clipboard
  copyExternalIp: Copy external IP address to clipboard
  clickToShowMoreIps: "Click to show {count} more {count, plural, one {IP} other {IPs}}"

istio:
  links:
    kiali:
      label: Kiali
      description: 'Visualization of services within a service mesh and how they are connected. For Kiali to display data, you need Prometheus installed. If you need a monitoring solution, install <a tabindex="0" href="{link}">{vendor} monitoring</a>.'
    jaeger:
      label: Jaeger
      description: Monitor and Troubleshoot microservices-based distributed systems.
    disabled: '{app} is not installed'
  cni: Enable CNI
  customOverlayFile:
    label: Custom Overlay File
    tip: 'The <a target="_blank" rel="noopener noreferrer nofollow" href="https://istio.io/latest/docs/setup/additional-setup/customize-installation/#patching-the-output-manifest">overlay file</a> allows for additional configuration on top of the base {vendor} Istio installation. You can utilize the <a href="https://istio.io/latest/docs/reference/config/istio.operator.v1alpha1/" target="_blank" rel="noopener noreferrer nofollow" >IstioOperator API</a> to make changes and additions for all components and apply those changes via this overlay YAML file.'
  description: '{vendor} Istio helm chart installs a minimal Istio configuration for you to get started integrating with your applications. If you would like to get additional information about Istio, visit <a target="_blank" href="https://istio.io/latest/docs/concepts/what-is-istio" rel="noopener noreferrer nofollow">https://istio.io/latest/docs/concepts/what-is-istio/</a>'
  destinationRule:
    title:
      new: Add Destination Rule
      edit: Edit Destination Rule
      view: "Destination Rule: {name}"
    port:
      label: Port
      placeholder: e.g. 8080 or myport
    host:
      label: Input a host
      error: Host is required.
    name:
      placeholder: e.g. myrule
    loadBalancer:
      title: Load Balancer
      label: Algorithm
      detail: Configure the load balancer algorithms
      simple:
        label: Use standard load balancing algorithms
        roundRobin:
          label: Round Robin Policy
        leastConn:
          label: Least Request Load Balancer
        random:
          label: Random Load Balancer
        passthrough:
          label: Passthrough
      consistentHash:
        label: Use consistent hash-based load balancing for soft session affinity
        httpHeaderName:
          label: HTTP Header Name
          placeholder: e.g. end-user
          error: HTTP Header Name is required.
        minimumRingSize:
          label: Minimum Ring Size
          placeholder: e.g. 1024
        httpCookie:
          name:
            label: Cookie Name
            placeholder: e.g. username
            error: Cookie Name is required.
          path:
            label: Cookie Path
            placeholder: e.g. /
          ttl:
            label: TTL
            placeholder: e.g. 0s
            error: TTL is required.
        mode:
          label: Hash Mode
          header:
            label: Hash based on a specific HTTP header
          cookie:
            label: Hash based on HTTP cookie
          sourceIp:
            label: Hash based on the source IP address
    connectionPool:
      label: Connection Pool
      detail: Configure the volume of connections to an upstream service
      http1MaxPendingRequests:
        label: HTTP1 Max Pending Requests
        placeholder: e.g. 1024
        help: Maximum number of pending HTTP requests to a destination.
      http2MaxRequests:
        label: HTTP2 Max Requests
        placeholder: e.g. 1024
        help: Maximum number of requests to a backend.
      maxRequestsPerConnection:
        label: HTTP Max Requests Per Connection
        placeholder: e.g. 10
        help: Maximum number of requests per connection to a backend. Setting this parameter to 1 disables keep alive.
      maxRetries:
        label: HTTP Max Retries
        placeholder: e.g. 1024
        help: Maximum number of retries that can be outstanding to all hosts in a cluster at a given time.
      connectTimeout:
        label: TCP Connection Timeout
        placeholder: e.g. 30ms
        help: TCP connection timeout.
      maxConnections:
        label: TCP Max Connections
        placeholder: e.g. 1024
        help: Maximum number of HTTP1 /TCP connections to a destination host.
    outlierDetection:
      label: Outlier Detection
      detail: Configure eviction of unhealthy hosts from the load balancing pool
      baseEjectionTime:
        label: Base Ejection Time
        placeholder: e.g. 30s
        help: Minimum ejection duration. A host will remain ejected for a period equal to the product of minimum ejection duration and the number of times the host has been ejected.
      consecutiveErrors:
        label: Consecutive Errors
        placeholder: e.g. 5
        help: Number of errors before a host is ejected from the connection pool.
      interval:
        label: Interval
        placeholder: e.g. 10s
        help: Time interval between ejection sweep analysis.
      maxEjectionPercent:
        label: Max Ejection Percent
        placeholder: e.g. 10
        help: Maximum % of hosts in the load balancing pool for the upstream service that can be ejected.
    subsets:
      label: Subsets
      noSubsets: No Subsets
      addSubsetLabel: Add Subset
      removeSubsetLabel: Remove Subset
      name:
        label: Name
        placeholder: e.g. v1
        error: Subset Name is required.
      labels:
        error: Please input at least one label for subset.
    tls:
      label: TLS
      detail: Configure TLS related settings for connections to the upstream service
      mode:
        label: TLS Mode
        none:
          label: NONE
        istio:
          label: Istio Mutual - Secure connections to the upstream using mutual TLS by Istio
        disable:
          label: Disable - Do not setup a TLS connection to the upstream endpoint
        simple:
          label: Simple - Originate a TLS connection to the upstream endpoint
        mutual:
          label: Mutual - Secure connections to the upstream using mutual TLS by presenting client certificates for authentication
      clientCertificate:
        label: Client Certificate
        placeholder: e.g. /etc/certs/myclientcert.pem
        error: Client Certificate is required.
      privateKey:
        label: Private Key
        placeholder: e.g. /etc/certs/client_private_key.pem
        error: Private Key is required.
      caCertificates:
        label: CA Certificates
        placeholder: e.g. /etc/certs/rootcacerts.pem
      sni:
        label: SNI
        placeholder: e.g. nginx.example.com
      subjectAltNames:
        label: Subject Alternative Names
        placeholder: e.g. example.com
        add: Add Subject Alternative Name
  egressGateway: Enable Egress Gateway
  ingressGateway: Enable Ingress Gateway
  istiodRemote: Enable istiodRemote
  kiali: Enable Kiali
  pilot: Enable Pilot
  policy: Enable Policy
  pilotRequired: Pilot must be enabled in order to enable Kiali
  poweredBy: Powered by <a target="_blank" rel="noopener noreferrer nofollow" href='https://istio.io/latest/'>Istio</a>
  telemetry: Enable Telemetry
  titles:
    components: Components
    customAnswers: Custom Answers
    advanced: Advanced Settings
    description: Description
  tracing: Enable Jaeger Tracing (limited)
  v1Warning: Please uninstall the current Istio version in the <code>istio-system</code> namespace before attempting to install this version.

itemCard:
  ariaLabel:
    clickable: Click on card for {cardTitle}
  actionMenu:
    label: '{cardTitle} actions'
jwt:
  title: JWT Authentication
  actions:
    activate: Enable
    deactivate: Disable
    refresh: Refresh
  state:
    enabled: Enabled
    disabled: Disabled
  headers:
    clusterName: Cluster Name
    updatedOn: JWT Enabled On
    clusterAge: Cluster Age


labels:
  addLabel: Add Label
  addSetLabel: Add/Set Label
  addTag: Add Tag
  addTaint: Add Taint
  addAnnotation: Add Annotation
  protectedWarning: This key is protected and will be discarded
  labels:
    title: Labels
    description: Key/value pairs that are attached to objects which specify identifying attributes.
    fleetClusterTooltip: Label changes are made to the Management Cluster and synchronized to the Fleet Cluster
    show: Show System Labels and Annotations
    hide: Hide System Labels and Annotations
  annotations:
    title: Annotations
    singular: Annotation

labelSelect:
  noOptions:
    empty: No options
    noMatch: No matching options
  pagination:
    counts: '{count} / {totalCount} items'
    more: Load More...
labeledSelect:
  startTyping: Start typing to define an item
  pressEnter: Press enter to add "{input}"

landing:
  bannerImage: Homepage banner image
  homepage: Homepage
  clusters:
    title: Clusters
    tooMany:
      showAll: Show all clusters (may increase load time)
      showSome: Show some clusters (may improve load time)
      showingAll: Showing {total} clusters.
      showingSome: Showing {rows} of {total} recently created clusters.
    provider: Provider
    distro: Distro
    kubernetesVersion: Kubernetes Version
    architecture: Architecture
    explorer: Explorer
    explore: Explore
    cores: |-
      {count, plural,
      =1 {core}
      other {cores}}
    cpuUsed: CPU Used
    memoryUsed: Memory Used
  whatsNew:
    title: Welcome to Rancher {version}
    message: Learn more about the improvements and new capabilities in this version
    link: Release Notes
  learnMore: Learn More
  support: Support
  community:
    title: Community Support
    docs: Docs
    forums: Forums
  commercial:
    title: Commercial Support
    body: Learn about commercial support
  landingPrefs:
    body: "You can change where you land when you login"
    ariaLabelTakeMeToCluster: Select which cluster to take me to after login
    options:
      homePage: Take me to the home page
      lastVisited: Take me to the area I last visited
      custom: "Take me to cluster:"
  welcomeToRancher: 'Welcome to {vendor}'

logging:
  clusterFlow:
    noOutputsBanner: There are no cluster outputs in the selected namespace.
  flow:
    clusterOutputs:
      doesntExistTooltip: This cluster output doesn't exist
      label: Cluster Outputs
    matches:
      banner: Configure which container logs will be pulled from
      unsupportedConfig: This resource contains a match configuration that the form editor does not support. Please use YAML edit.
      label: Matches
      addSelect: Add Include Rule
      addExclude: Add Exclude Rule
      pods:
        title:
          include: Include Pods
          exclude: Exclude Pods
        keyLabel: Pod Label Key
        valueLabel: Pod Label Value
        addLabel: Add Pod
      nodes:
        title:
          include: Limit to specific nodes
          exclude: Exclude specific nodes
        placeholder: "Default: Any node"
      containerNames:
        title:
          include: Limit to specific container names
          exclude: Exclude specific container names
        placeholder: "Default: Any container"
        enter: Enter container name to select
      namespaces:
        title:
          include: Limit to specific namespaces
          exclude: Exclude specific namespaces
        placeholder: "Default: Any namespace"

    filters:
      label: Filters
    outputs:
      doesntExistTooltip: This output doesn't exist
      sameNamespaceError: Output must reside in same namespace as the flow.
      label: Outputs
  install:
    k3sContainerEngine: K3S Container Engine
    enableAdditionalLoggingSources: Enable enhanced cloud provider logging
    dockerRootDirectory: Docker Root Directory
    systemdLogPath: systemd Log Path
    tooltip: 'Some kubernetes distributions log to <code>journald</code>. In order to collect these logs the <code>systemdLogPath</code> needs to be defined. While the <code>/run/log/journal</code> directory is used by default, some Linux distributions do not default to this path.'
    url: '<a href="{docsBase}/integrations-in-rancher/logging/logging-helm-chart-options" target="_blank" rel="noopener nofollow noreferrer">Learn more</a>'
    default: /run/log/journal
  elasticsearch:
    host: Host
    scheme: Scheme
    port: Port
    indexName: Index Name
    user: User
    password: Password from Secret
    caFile:
      label: CA File from Secret
    clientCert:
      label: Client Cert from Secret
      placeholder: Paste in the CA certificate
    clientKey:
      label: Client Key from Secret
      placeholder: Paste in the client key
    clientKeyPass: Client Key Pass from Secret
    verifySsl: Verify SSL
    sslVersion: SSL Version
    suppressTypeName:
      label: Suppress Type Names
      elasticSearchTips: Suppress type names by default to be compatible with log server. You should enable it for Elasticsearch >= 8.0.0
      openSearchTips: Suppress type names by default to be compatible with log server. You should enable it for OpenSearch >= 2.0.0
  redis:
    host: Host
    port: Port
    dbNumber: Redis database number
    ttl: TTL for each key
    password: Password from Secret
    format:
      title: Format
      type: Type
  gelf:
    host: Host
    port: Port
    protocol: Protocol
    tls: Enable TLS
    tlsOptions:
      clientCert: Client Cert
      clientKey: Client Cert Key
      allCiphers: Allow any ciphers to be used
      tlsVersion: TLS version
      noVerify: Skip TLS verification
  kafka:
    brokers: Brokers
    defaultTopic: Default Topic
    saslOverSsl: SASL Over SSL
    scramMechanism: Scram Mechanism
    username: Username from Secret
    password: Password from Secret
    sslCaCert:
      label: CA Cert from Secret
      placeholder: Paste in the CA certificate
    sslClientCert:
      label: Cert from Secret
      placeholder: Paste in the client cert
    sslClientCertChain:
      label: Cert Chain from Secret
      placeholder: Paste in the client cert chain
    sslClientCertKey: Cert Key from Secret
  loki:
    url: URL
    urlInvalid: Incorrect URL format. Please  check and correct your URL format before saving.
    tenant: Tenant
    username: User from Secret
    password: Password from Secret
    configureKubernetesLabels: Configure Kubernetes metadata in a Prometheus like format
    extractKubernetesLabels: Extract Kubernetes labels as Loki labels
    dropSingleKey: If a record only has 1 key, then just set the log line to the value and discard the key
    caCert: CA Cert from Secret
    cert: Cert from Secret
    key: Key from Secret
  awsElasticsearch:
    url: URL
    keyId: Key Id from Secret
    secretKey: Secret Key from Secret
  azurestorage:
    storageAccount: Account from Secret
    accessKey:  Access Key from Secret
    container: Container
    path: Path
    storeAs: Store As
  cloudwatch:
    keyId: Key Id from Secret
    secretKey: Secret Key from Secret
    endpoint: Endpoint
    region: Region
    logGroupName: Log Group Name
    logStreamName: Log Stream Name
  datadog:
    apiKey: API Key from Secret
    useSSL: Use SSL
    useCompression: Use Compression
    host: Host
  file:
    path: Path
  gcs:
    project: Project
    credentialsJson: Credentials from Secret
    bucket: Bucket
    path: Path
    overwriteExistingPath: Overwrite Existing Path
  kinesisStream:
    streamName: Stream Name
    keyId: Key Id from Secret
    secretKey: Secret Key from Secret
  logdna:
    apiKey: API Key
    hostname: Hostname
    app: App
  logz:
    url: URL
    port: Port
    token: Api Token from Secret
    enableCompression: Enable Compression
  newrelic:
    apiKey: API Key from Secret
    licenseKey: License Key from Secret
    baseURI: Base URI
  sumologic:
    endpoint: Endpoint from Secret
    sourceName: Source Name
  syslog:
    host: Host
    port: Port
    transport: Transport
    insecure: insecure
    trustedCaPath: CA Path from Secret
    format:
      title: Format
      type: Type
      addNewLine: Add New Line
      messageKey: Message Key
    buffer:
      title: Buffer
      tags: Tags
      chunkLimitSize: Chunk Limit Size
      chunkLimitRecords: Chunk Limit chunkLimitRecords
      totalLimitSize: Total Limit Size
      flushInterval: Flush Interval
      timekey: Timekey
      timekeyWait: Timekey Wait
      timekeyUseUTC: Timekey Use UTC
  s3:
    keyId: Key Id from Secret
    secretKey: Secret Key from Secret
    endpoint: Endpoint
    bucket: Bucket
    path: Path
    overwriteExistingPath: Overwrite Existing Path
  output:
    buffer:
      label: Output Buffer
    selectOutputs: Select Outputs
    selectBanner: Select to configure an output
    sections:
      target: Target
      access: Access
      certificate: Connection
      labels: Labels
      configuration: Configuration
    tips:
      singleProvider: This output is configured with multiple providers. We currently only support a single provider per output. You can view or edit the YAML.
      multipleProviders: This output is configured with providers we do not support yet. You can view or edit the YAML.
  outputProviders:
    elasticsearch: Elasticsearch
    opensearch: OpenSearch
    redis: Redis
    splunkHec: Splunk
    kafka: Kafka
    forward: Fluentd
    gelf: GELF
    loki: Loki
    awsElasticsearch: Amazon Elasticsearch
    azurestorage: Azure Storage
    cloudwatch: Cloudwatch
    datadog: Datadog
    file: File
    gcs: GCS
    kinesisStream: Kinesis Stream
    logdna: LogDNA
    logz: LogZ
    newrelic: New Relic
    sumologic: SumoLogic
    syslog: Syslog
    s3: S3
    unknown: Unknown
  overview:
    poweredBy: Banzai Cloud
    clusterLevel: Cluster-Level
    namespaceLevel: Namespace-Level
  provider: Provider
  splunk:
    host: Host
    port: Port
    protocol: Protocol
    index: Index
    token: Token from Secret
    insecureSsl: Insecure SSL
    indexName: Index Name
    source: Source
    caFile: CA File from Secret
    caPath: CA Path from Secret
    clientCert: Client Cert from Secret
    clientKey: Client Key from Secret
  forward:
    host: Host
    port: Port
    sharedKey: Shared Key from Secret
    username: Username from Secret
    password: Password from Secret
    clientCertPath: Client Cert Path from Secret
    clientPrivateKeyPath: Client Private Key Path from Secret
    clientPrivateKeyPassphrase: Client Private Key Passphrase from Secret

longhorn:
  overview:
    title: Overview
    subtitle: "Powered By: <a href='https://github.com/longhorn' target='_blank' rel='noopener nofollow noreferrer'>Longhorn</a>"
    linkedList:
      longhorn:
        label: 'Longhorn'
        description: 'Manage storage system via UI'
        na: Resource Unavailable
        uiServiceUnavailable: The Longhorn UI service is not available or you do not have permission to access it.

neuvector:
  overview:
    title: Overview
    subtitle: "Powered by: <a href='https://github.com/neuvector' target='_blank' rel='noopener nofollow noreferrer'>NeuVector</a>"
    linkedList:
      neuvector:
        label: 'NeuVector'
        description: 'Full Lifecycle Container Security'
        na: Resource Unavailable

login:
  login: Login
  howdy: Howdy!
  welcome: Welcome to {vendor}
  landscapeAlt: Landscape image
  loggedOut: You have been logged out.
  loggedOutSessionIdle: You've been logged out of Rancher because your session has expired. Log in again to continue.
  loggedOutFromSso: You've been logged out of Rancher, however you may still be logged in to your single sign-on identity provider.
  loggedOutFromSlo: You've been logged out of Rancher and from your single sign-on identity provider.
  loginAgain: Log in again to continue.
  serverError:
    authFailedCreds: "Logging in failed: Check credentials, or your account may not be authorized to log in."
    authFailed: "Logging in failed: Your account may not be authorized to log in."
    unknown: "An unknown error occurred while attempting to login. Please contact your system administrator."
    invalidSamlAttrs: "Invalid saml attributes"
    noResponse: "No response received"
  error: An error occurred logging in. Please try again.
  invalidResponseError: Invalid response received to login request. Please try again.
  clientError: Invalid username or password. Please try again.
  userUnauthorized: You are not authorized to use this system.
  specificError: 'An error occurred logging in: {msg}'
  useLocal: Use a local user
  loginWithProvider: Log in with {provider}
  username: Username
  password: Password
  loggingIn: Logging in...
  loggedIn: Logged in
  loginWithLocal: Log in with Local User
  useProvider: Use a {provider} user
  useNonLocal: Use a non-local user
  remember:
    label: Remember Username
  cli:
    welcome: Login to complete CLI authentication
    invalidParams: Invalid login parameters - can not login
    warning: 'If you did not initiate this request or the "Client Request Id" shown in your terminal does not match the code shown below, do not continue'
    warningLegacy: 'If you did not initiate this request or the code shown below does not match the "requestId" parameter shown as part of the login url in your terminal, do not continue'

logout:
  message: Logging Out...
  error: 'An error occurred logging out: {msg}'
  specificError:
    unknown: Unknown.\n\nPlease contact your system administrator.
    500: "Server-side error.\n\nPlease contact your system administrator."

managementNode:
  customName: Custom Name

members:
  clusterMembers: Cluster Members
  memberRoles: Member Roles
  clusterAndProject: Cluster and Project Members
  createActionLabel: Add
  clusterMembership: Cluster Membership
  projectMembership: Project Membership
  clusterPermissions:
    noDescription: User created - no description
    label: Cluster Permissions
    description: Controls what access users have to the Cluster
    createProjects: Create Projects
    manageClusterBackups: Manage Cluster Backups
    manageClusterCatalogs: Manage Cluster Catalogs
    manageClusterMembers: Manage Cluster Members
    manageNavlinks: Manage Navlinks
    manageNodes: Manage Nodes
    manageStorage: Manage Storage
    viewAllProjects: View All Projects
    viewClusterCatalogs: View Cluster Catalogs
    viewClusterMembers: View Cluster Members
    viewNodes: View Nodes
    owner:
      label: Owner
      description: Owners have full control over the Cluster and all resources inside it.
    member:
      label: Member
      description: Members can manage the resources inside the Cluster but not change the Cluster itself.
    custom:
      label: Custom
      description: Choose individual roles for this user.
      lockedRole: This role is locked.
  localClusterWarning: "Caution: This is the cluster that Rancher is using as a data store. Only administrators should be given write access to this cluster. Users with write access to this cluster can use it to grant themselves access to any part of this installation."
  noRolesAssigned: There are no users assigned to this project.

membershipEditor:
  label: Members
  user: User
  role: Role

monitoring:
  accessModes:
    many: ReadWriteMany
    once: ReadWriteOnce
    readOnlyMany: ReadOnlyMany
  aggregateDefaultRoles:
    label: Aggregate to Default Kubernetes Roles
    tip: 'Adds labels to the ClusterRoles deployed by the Monitoring chart to <a target="_blank" rel="noopener nofollow noreferrer" href="https://kubernetes.io/docs/reference/access-authn-authz/rbac/#aggregated-clusterroles"> aggregate to the corresponding default k8s admin, edit, and view ClusterRoles.</a>'
  alerting:
    config:
      label: Alert Manager Config
    enable:
      label: Deploy Alertmanager
    secrets:
      additional:
        info: Secrets should be mounted at <pre class='inline-block m-0'>/etc/alertmanager/secrets/</pre>
        label: Additional Secrets
      existing: Choose an existing config secret
      info: |
        <span class="text-bold">Create default config</span>:<br>A Secret containing your Alertmanager Config will be created in the <pre class='inline-block m-0'>cattle-monitoring-system</pre> namespace on deploying this chart under the name <pre class='inline-block m-0'>alertmanager-rancher-monitoring-alertmanager</pre>. By default, this Secret will never be modified on an uninstall or upgrade of this chart. <br /><br />
        Once you have deployed this chart, you should edit the Secret via the UI in order to add your custom notification configurations that will be used by Alertmanager to send alerts. <br /> <br />
        <span class="text-bold">Choose an existing config secret</span>:<br>You must specify a Secret that exists in the <pre class='inline-block m-0'>cattle-monitoring-system</pre> namespace. If the namespace does not exist, you will not be able to select an existing secret.
      label: Alertmanager Secret
      new: Create default config
      radio:
        label: Config Secret
    validation:
      duplicatedReceiverName: A receiver with the name {name} already exists.
    templates:
      keyLabel: File Name
      label: Template Files
      valueLabel: YAML Template
    title: Configure Alertmanager
  clusterType:
    label: Cluster Type
    placeholder: Select cluster type
  createDefaultRoles:
    label: Create Default Monitoring Cluster Roles
    tip: 'Creates <code>monitoring-admin</code>, <code>monitoring-edit</code>, and <code>monitoring-view</code> ClusterRoles that can be assigned to users to provide permissions to CRDs installed by the Monitoring chart.'
  etcdNodeDirectory:
    label: etcd Node Certificate Directory
    tooltip: 'For clusters that use RancherOS for the etcd nodes, this option should be set to <pre class=''inline-block m-0''>/opt/rke/etc/kubernetes/ssl</pre>. Hybrid environments that require specifying multiple certificate directories (e.g. an etcd plane composed of both RancherOS and Ubuntu hosts) are not supported.'
  grafana:
    storage:
      annotations: PVC Annotations
      className: Storage Class Name
      existingClaim: Use Existing Claim
      finalizers: PVC Finalizers
      label: Grafana Storage
      mode: Access Mode
      selector: Selector
      size: Size
      subpath: Use Subpath
      type: Persistent Storage Types
      types:
        existing: Enable With Existing PVC
        statefulset: Enable with StatefulSet Template
        template: Enable with PVC Template
      volumeName: Volume Name
    title: Configure Grafana
  hostNetwork:
    label: Use Host Network For Prometheus Operator
    tip: If you are using a managed Kubernetes cluster with custom CNI (e.g. Calico), you must enable this option to allow a managed control plane to contact the admission webhook exposed by Prometheus Operator to mutate or validate incoming PrometheusRules.
  overview:
    alertsList:
      ends:
        label: Ends At
      label: Active Alerts
      message:
        label: Message
      severity:
        label: Severity
      start:
        label: Starts At
    linkedList:
      alertManager:
        description: Active Alerts
        label: Alertmanager
      grafana:
        description: Metrics Dashboards
        label: Grafana
      na: Resource Unavailable
      prometheusPromQl:
        description: PromQL Graph
        label: Prometheus Graph
      prometheusRules:
        description: Configured Rules
        label: PrometheusRules
      prometheusTargets:
        description: Configured Targets
        label: Prometheus Targets
    subtitle: 'Powered By: <a href="https://github.com/coreos/prometheus-operator" target="_blank" rel="noopener noreferrer nofollow">Prometheus</a>'
    title: Dashboard
  prometheus:
    config:
      adminApi: Admin API
      evaluation: Evaluation Interval
      ignoreNamespaceSelectors:
        help: 'Ignoring Namespace Selectors allows Cluster Admins to limit teams from monitoring resources outside of namespaces they have permissions to but can break the functionality of Apps that rely on setting up Monitors that scrape targets across multiple namespaces, such as Istio.'
        label: Namespace Selectors
        radio:
          enforced: 'Use: Monitors can access resources based on namespaces that match the namespace selector field'
          ignored: 'Ignore: Monitors can only access resources in the namespace they are deployed in'
      limits:
        cpu: CPU Limit
        memory: Memory Limit
      requests:
        cpu: Requested CPU
        memory: Requested Memory
      resourceLimits: Resource Limits
      retention: Retention
      retentionSize: Retention Size
      scrape: Scrape Interval
    storage:
      className: Storage Class Name
      label: Persistent Storage for Prometheus
      mode: Access Mode
      selector: Selector
      selectorWarning: 'If you are using a dynamic provisioner (e.g. Longhorn), no Selectors should be specified since a PVC with a non-empty selector can''t have a PV dynamically provisioned for it.'
      size: Size
      volumeName: Volume Name
    title: Configure Prometheus
    warningInstalled: |
      Warning: Prometheus Operators are currently deployed. Deploying multiple Prometheus Operators onto one cluster is not currently supported. Please remove all other Prometheus Operator deployments from this cluster before trying to install this chart.
      If you are migrating from an older version of {vendor} with Monitoring enabled, please disable Monitoring on this cluster completely before attempting to install this chart.
  receiver:
    addReceiver: Add Receiver
    fields:
      name: Name
    tls:
      label: SSL
      caFilePath:
        label: CA File Path
        placeholder: e.g. ./ca-file.csr
      certFilePath:
        label: Cert File Path
        placeholder: e.g. ./cert-file.crt
      keyFilePath:
        label: Key File Path
        placeholder: e.g. ./key-file.pfx
      secretsBanner: The file paths below must be referenced in <pre class="inline-block m-0 p-0 vertical-middle">alertmanager.alertmanagerSpec.secrets</pre> when deploying the Monitoring chart. For more information see our <a href="{docsBase}/how-to-guides/advanced-user-guides/monitoring-alerting-guides" target="_blank" rel="noopener noreferrer nofollow">documentation</a>.
  projectMonitoring:
    detail:
      error: "Unable to fetch Dashboard values with status: "
    list:
      banner: Project Monitoring Configuration is stored in ProjectHelmChart resources
      empty:
        message: Project Monitoring has not been configured for any projects
        canCreate: Get started by clicking Create to add monitoring to a project
        cannotCreate: Contact the admin to add project monitoring
  route:
    label: Route
    fields:
      groupBy: Group By
      groupInterval: Group Interval
      groupWait: Group Wait
      receiver: Receiver
      repeatInterval: Repeat Interval
  routesAndReceivers: Routes and Receivers (Deprecated)
  monitors: Monitors
  projectMonitors: Project Monitoring
  alertmanagerConfig:
    description: Routes and receivers for project alerting and cluster alerting are configured within AlertmanagerConfig resources.
    empty: Alerts have not been configured for any accessible namespaces.
    getStarted: Get started by clicking Create to configure an alert.
    receiverTooltip: This route will direct alerts to the selected receiver, which must be defined in the same AlertmanagerConfig.
    deprecationWarning: The Route and Receiver resources are deprecated. Going forward, routes and receivers should not be managed as separate Kubernetes resources on this page. They should be configured as YAML fields in an AlertmanagerConfig resource.
    routeInfo: This form supports configuring one route that directs traffic to a receiver. Alerts can be directed to more receiver(s) by configuring child routes in YAML.
    receiverFormNames:
      create: Create Receiver in AlertmanagerConfig
      edit: Edit Receiver in AlertmanagerConfig
      editYaml: Edit AlertmanagerConfig
      detail: Receiver in AlertmanagerConfig
    disabledReceiverButton: The receiver form is available after the AlertmanagerConfig is created
    error: An error occurred saving the AlertmanagerConfig
    email:
      username: Auth Username
      password: Secret with Auth Password
    slack:
      apiUrl: Secret with Slack Webhook URL
    pagerDuty:
      routingKey: Secret with Routing Key
      serviceKey: Secret with Service Key
    opsgenie:
      apiKey: Secret with API Key
    webhook:
      url: URL
      urlSecret: URL Secret
      urlSecretTooltip: 'urlSecret takes precedence over url. One of urlSecret and url should be defined.'
    auth:
      bearerTokenSecret: Bearer Token Secret
      basicAuthUsername: Secret with Basic Auth Username
      basicAuthPassword: Secret with Basic Auth Password
  tabs:
    alerting: Alerting
    general: General
    grafana: Grafana
    prometheus: Prometheus
    projectMetrics: Project Metrics
  v1Warning: 'Monitoring is currently deployed from Cluster Manager. If you are migrating from an older version of {vendor} with monitoring enabled, please disable monitoring in Cluster Manager before attempting to install the new {vendor} Monitoring chart in Cluster Explorer.'

monitoringReceiver:
  addButton: Add {type}
  custom:
    label: Custom
    title: Custom Config
    info: The YAML provided here will be directly appended to your receiver within the Alertmanager Config Secret.
  email:
    label: Email
    title: Email Config
  opsgenie:
    label: Opsgenie
    title: Opsgenie Config
  pagerduty:
    label: PagerDuty
    title: PagerDuty Config
    info: "You can find additional info on creating an Integration Key for PagerDuty <a href='https://www.pagerduty.com/docs/guides/prometheus-integration-guide/' target='_blank' rel='noopener nofollow' class='flex-right'>here</a>."
  slack:
    label: Slack
    title: Slack Config
    info: "You can find additional info on creating Incoming Webhooks for Slack <a href='https://rancher.slack.com/apps/A0F7XDUAZ-incoming-webhooks' target='_blank' rel='noopener noreferrer nofollow'>here</a> ."
  webhook:
    label: Webhook
    title: Webhook Config
    urlTooltip: For some webhooks this a url that points to the service DNS
    modifyNamespace: If <pre class="inline-block m-0 p-0 vertical-middle">rancher-alerting-drivers</pre> default values were changed, please update the url below in the format http://&lt;new_service_name&gt;.&lt;new_namespace&gt.svc.&lt;port&gt/&lt;path&gt
    banner: To use MS Teams or SMS you will need to have at least one instance of <pre class="inline-block m-0 p-0 vertical-middle">rancher-alerting-drivers</pre> installed first.
    add:
      selectWebhookType: Select Webhook Type
      generic: Generic
      msTeams: MS Teams
      alibabaCloudSms: SMS
  auth:
    label: Auth
    authType: Auth Type
    username: Username
    password: Password
    none:
      label: None
    bearerToken:
      label: Bearer Token
      placeholder: e.g. secret-token
    basicAuth:
      label: Basic Auth
    bearerTokenFile:
      label: Bearer Token File
      placeholder: e.g. ./user_token
  tls:
    ca: Secret with CA
    cert: Secret with Client Cert
    key: Secret with Client Key
    serverName: Server Name
    serverNameTooltip: Used to verify the hostname for the targets.
  shared:
    proxyUrl:
      label: Proxy URL
      placeholder: e.g. http://my-proxy/
    sendResolved:
      label: Enable send resolved alerts

alertmanagerConfigReceiver:
  secretKeyId: Key Id from Secret
  name: Receiver Name
  addButton: Add Receiver
  receivers: Receivers
  namespaceWarning: Could not render the secret selector because no namespace was found to get secrets from.
  receiverTypes: "The following receiver types can be edited in forms: Email, Slack, PagerDuty, Opsgenie and Webhook. For other receiver types, edit the AlertmanagerConfig YAML."
  slack:
    webhookUrl: Webhook URL
    apiUrlTooltip: The secret's key that contains the Slack webhook URL. The secret needs to be in the same namespace as the AlertmanagerConfig object and accessible by the Prometheus Operator.
monitoringRoute:
  groups:
    label: Group By
    addGroupByLabel: Labels to Group Alerts By
    groupByTooltip: Add each label as a string in the format key:value. The special label ... will aggregate by all possible labels. If provided, the ... must be the only element in the list.
  info: This is the top-level Route used by Alertmanager as the default destination for any Alerts that do not match any other Routes. This Route must exist and cannot be deleted.
  interval:
    label: Group Interval
  matching:
    info: The root route has to match everything so matching cannot be configured.
    label: Match
    addMatcher: Add Matcher
    matchType: Match Type
    name: Name
    nameTooltip: Label to match
    value: Value
    valueTooltip: Label value to match
  receiver:
    type: Receiver Type
    add: Add Receiver
    label: Receiver
    oneOrMoreLabel: One or More Receivers
    addMatch: Add match
  regex:
    label: Match Regex
  repeatInterval:
    label: Repeat Interval
  wait:
    label: Group Wait

moveModal:
  title: Move to a new project?
  description: 'You are moving the following namespaces:'
  moveButtonLabel: Move
  targetProject: Target Project
  noProject: None (remove from any project)

nameNsDescription:
  name:
    label: Name
    placeholder: 'A unique name'
  namespace:
    label: Namespace
    placeholder: ''
  workspace:
    label: Workspace
    placeholder:
  description:
    label: Description
    placeholder: Any text you want that better describes this resource

namespace:
  cancelCreateAriaLabel: Cancel create namespace
  containerResourceLimit: Container Resource Limit
  resourceQuotas: Resource Quotas
  project:
    label: Project
    none: (None)
  resources: Resources
  enableAutoInjection: Enable Istio Auto Injection
  disableAutoInjection: Disable Istio Auto Injection
  move: Move
  total: Total
  workloads: Workloads
  label: Namespace
  selectNamespace: Select Namespace
  createNamespace: Create a new Namespace
  selectOrCreate: Select or Create a Namespace
  snapshots:
    label: Snapshots
    totalSnapshotSize: Total Snapshot Size
  resourceStates:
      success: 'Active'
      info: 'Transitioning'
      warning: 'Warning'
      error: 'Error'
      unknown: 'Unknown'
      paused:
        stateName: 'Inactive'
        shortDescription: Deployment is paused
        longDescription: Deployment is paused. Pausing stops the controller from deploying revisions.

namespaceFilter:
  noMatchingOptions: No matching options
  more: "+{more}"
  selected:
    label: |-
      {total, plural,
      one {1 item selected}
      other {{total} items selected}
      }
  input: Filter namespace options
  button:
    clear: Remove applied namespace filters
    clearFilter: Clear namespace options filter
  removeNamespace: 'Remove {name} from filter'

namespaceList:
  selectLabel: Namespace
  addLabel: Add Namespace

navLink:
  name:
    label: Name
    placeholder: 'e.g. foo-bar'
  label:
    label: Display name
    placeholder: 'Text displayed for the link'
  tabs:
    link:
      label: Link type
      type:
        label: Link type
        service: Link to service
        url: Link to URL
      toURL:
        label: Destination URL
        placeholder: 'e.g. https://rancher.com'
      toService:
        service:
          label: Service (namespace/name)
          placeholder: 'e.g. cattle-system/rancher-webhook'
        path:
          label: Path
          placeholder: 'e.g. proxy/?orgId=1'
        port:
          label: Port
          placeholder: 'e.g. 80'
        scheme:
          label: Scheme
          placeholder: 'e.g. http'
    target:
      label: Window target
      option:
        blank: New window
        self: Replace window
        named: Custom named window
      namedValue:
        label: Window name
    group:
      label: Group
      group:
        label: Group name
        tooltip: Assign link to a group
      sideLabel:
        label: Link label
      description:
        label: Link description
    groupImage:
      label: Group Image
      iconSrc:
        tip: 'Image height should be 21 pixels with a max width of 200 pixels. Max file size is 20KB. Accepted formats: JPEG, PNG, SVG.'
        label: Add image
networkpolicy:
  egress:
    label: Egress Rules
    enable: Configure egress rules to restrict outgoing traffic
    ruleLabel: Targets
    ruleHint: Outgoing traffic is only allowed to the configured targets
    portHint: Outgoing traffic is only allowed to connect to the configured ports
  ingress:
    label: Ingress Rules
    enable: Configure ingress rules to restrict incoming traffic
    ruleLabel: Sources
    ruleHint: Incoming traffic is only allowed from the configured sources
    portHint: Incoming traffic is only allowed to connect to the configured ports
  labelsAnnotations:
    label: Labels & Annotations
  rules:
    pod: Pod
    namespace: Namespace
    ruleLabel: Rule {index}
    addPort: Add allowed port
    type: Rule type
    ingress:
      add: Add allowed traffic source
    egress:
      add: Add allowed traffic target
    ports:
      label: Allowed ports
      port:
        label: Port
        placeholder: e.g. 8080
      protocol: Protocol
    ipBlock:
      label: IP block
      exceptions: Exceptions
      cidr:
        label: CIDR
        placeholder: e.g. 1.1.1.0/24
      addExcept: Add exception
      invalidCidr: "Invalid CIDR"
      invalidExceptionCidrs: "Invalid Exceptions: "
    podSelector:
      label: Pod Label Selector
    namespaceSelector:
      label: Namespace Label Selector
    namespaceAndPodSelector:
      label: Namespace/Pod Label Selector
  config:
    label: Configuration
  selectors:
    label: Selectors
    hint: The NetworkPolicy is applied to the selected Pods
    matchingPods:
      matchesSome: |-
        {matched, plural,
          =0 {Matches 0 of {total, number} pods}
          =1 {Matches 1 of {total, number} pods: "{sample}"}
          other {Matches {matched, number} of {total, number} existing pods, including "{sample}"}
        }
    matchingNamespaces:
      matchesSome: |-
        {matched, plural,
          =0 {Matches 0 of {total, number} namespaces}
          =1 {Matches 1 of {total, number} namespaces: "{sample}"}
          other {Matches {matched, number} of {total, number} existing namespaces, including "{sample}"}
        }
    matchingNamespacesAndPods:
      tooltip: A single entry rule that specifies both Namespace Selector and Pod Selector that selects particular Pods within particular namespaces
      matchesSome: |-
        {matchedPods, plural,
          =0 {Matches 0 of {totalPods, number} pods}
          =1 {Matches 1 of {totalPods, number} pods: "{samplePods}"}
          other {Matches {matchedPods, number} of {totalPods, number} existing pods, including "{samplePods}"}
        } in {matchedNamespaces, plural,
          =0 {0 of {totalNamespaces, number} namespaces}
          =1 {1 of {totalNamespaces, number} namespaces: "{sampleNamespaces}"}
          other {{matchedNamespaces, number} of {totalNamespaces, number} existing namespaces, including "{sampleNamespaces}"}
        }

node:
  list:
    pool: Pool
    noNodes: This pool is empty
    nodeTaint: Taints
    scaleDown: Scale Pool Down
    scaleUp: Scale Pool Up
    poolDescription:
      noSize: No Size
      noLocation: No Location
    nodeLabels: Labels
    hideLabels: Show less
    showLabels: Show more
  detail:
    detailTop:
      containerRuntime: Container Runtime
      internalIP: Internal IP
      externalIP: External IP
      os: OS
      version: Version
    glance:
      consumptionGauge:
        used: Used
        amount: "{used} of {total} {unit}"
        cpu: CPU
        memory: MEMORY
        pods: PODS
        running: Running
      diskPressure: Disk Pressure
      kubelet: kubelet
      memoryPressure: Memory Pressure
      pidPressure: PID Pressure
    tab:
      conditions: Conditions
      images: Images
      metrics: Metrics
      info:
        label: Info
        key:
          architecture: Architecture
          bootID: Boot ID
          containerRuntimeVersion: Container Runtime Version
          kernelVersion: Kernel Version
          kubeProxyVersion: Kube Proxy Version
          kubeletVersion: Kubelet Version
          machineID: Machine ID
          operatingSystem: Operating System
          osImage: Image
          systemUUID: System UUID
      pods: Pods
      taints: Taints
  actions:
    downloadSSHKey: Download SSH Key
    downloadNodeConfig: Download Keys
    scaleDown: Scale Down
    forceDelete: Force Delete

notificationCenter:
  caughtUp: "You're all caught up!"
  dates:
    today: Today
    yesterday: Yesterday
  markAllRead: Mark all as read
  markRead: Mark as read
  markUnread: Mark as unread
  title: Notifications
  ariaLabel: 'Notification {title}: Press enter to interact'

persistentVolume:
  pluginConfiguration:
    label: Plugin configuration
  plugin:
    label: Volume Plugin
    inTree: in-tree plugin
    unsupported: (Unsupported)
  capacity:
    label: Capacity
  customize:
    label: Customize
    affinity:
      label: Node Selectors
      addLabel: Add Node Selector
    assignToStorageClass:
      label: Assign to Storage Class
    mountOptions:
      label: Mount Options
      addLabel: Add Option
    accessModes:
      label: Access Modes
      readWriteOnce: Single Node Read-Write
      readOnlyMany: Many Nodes Read-Only
      readWriteMany: Many Nodes Read-Write
  shared:
    partition:
      label: Partition
      placeholder: e.g. 1; 0 for entire device
    readOnly:
      label: Read Only
    filesystemType:
      label: Filesystem Type
      placeholder: e.g. ext4
    secretName:
      label: Secret Name
      placeholder: e.g. secret
    secretNamespace:
      label: Secret Namespace
      placeholder: e.g. default
    monitors:
      add: Add Monitor
  vsphereVolume:
    label: VMWare vSphere Volume
    volumePath:
      label: Volume Path
      placeholder: e.g. /
    storagePolicyName:
      label: Storage Policy Name
      placeholder: e.g. sp
    storagePolicyId:
      label: Storage Policy ID
      placeholder: e.g. sp1
  csi:
    label: CSI
    suffix: (CSI)
    driver:
      label: Driver
      placeholder: e.g. driver.longhorn.io
    volumeHandle:
      label: Volume Handle
      placeholder: e.g. pvc-xxxx
    volumeAttributes:
      add: Add Volume Attribute
    nodePublishSecretName:
      label: Node Publish Secret Name
      placeholder: e.g. secret
    nodePublishSecretNamespace:
      label: Node Publish Secret Namespace
      placeholder: e.g. default
    nodeStageSecretName:
      label: Node Stage Secret Name
      placeholder: e.g. secret
    nodeStageSecretNamespace:
      label: Node Stage Secret Namespace
      placeholder: e.g. default
    controllerExpandSecretName:
      label: Controller Expand Secret Name
      placeholder: e.g. secret
    controllerExpandSecretNamespace:
      label: Controller Expand Secret Namespace
      placeholder: e.g. default
    controllerPublishSecretName:
      label: Controller Publish Secret Name
      placeholder: e.g. secret
    controllerPublishSecretNamespace:
      label: Controller Publish Secret Namespace
      placeholder: e.g. default
    drivers:
      disk-csi-azure-com: Azure Disk (CSI)
      file-csi-azure-com: Azure File (CSI)
      driver-longhorn-io: Longhorn (CSI)
      driver-harvesterhci-io: Harvester (CSI)
      lvm-driver-harvesterhci-io: LVM
      nfs-csi-k8s-io: NFS (CSI)
      ebs-csi-aws-com: AWS Elastic Block Store (CSI)
      rbd-csi-ceph-com: Ceph RBD (CSI)
      org-gluster-glusterfs: GlusterFS (CSI)
      pd-csi-storage-gke-io: GCE Persistent Disk (CSI)
      cinder-csi-openstack-org: Cinder (CSI)
      pxd-portworx-com: Portworx (CSI)
      quobyte-csi: Quobyte (CSI)
      storageos: StorageOS (CSI)
      csi-vsphere-vmware-com: vSphere (CSI)
  cephfs:
    label: Ceph Filesystem (Unsupported)
    path:
      label: Path
      placeholder: e.g. /var
    user:
      label: User
      placeholder: e.g. root
    secretFile:
      label: Secret File
      placeholder: e.g. secret
  rbd:
    label: Ceph RBD (Unsupported)
    user:
      label: User
      placeholder: e.g. root
    keyRing:
      label: Key Ring
      placeholder: e.g. /etc/ceph/keyring
    pool:
      label: Pool
      placeholder: e.g. rbd
    image:
      label: Image
      placeholder: e.g. image
  fc:
    label: Fibre Channel (Unsupported)
    targetWWNS:
      add: Add Target WWN
    wwids:
      add: Add WWID
    lun:
      label: Lun
      placeholder: e.g. 2
  flexVolume:
    label: Flex Volume (Unsupported)
    driver:
      label: Driver
      placeholder: e.g. driver
    options:
      add: Add Option
  flocker:
    label: Flocker (Unsupported)
    datasetName:
      label: Dataset Name
      placeholder: e.g. dataset
    datasetUUID:
      label: Dataset UUID
      placeholder: e.g. uuid
  glusterfs:
    label: Gluster Volume (Unsupported)
    endpoints:
      label: Endpoints
      placeholder: e.g. glusterfs-cluster
    path:
      label: Path
      placeholder: e.g. kube-vol
  iscsi:
    label: iSCSI Target (Unsupported)
    initiatorName:
      label: Initiator Name
      placeholder: iqn.1994-05.com.redhat:1df7a24fcb92
    iscsiInterface:
      label: iSCSI Interface
      placeholder: e.g. interface
    chapAuthDiscovery:
      label: Chap Auth Discovery
    chapAuthSession:
      label: Chap Auth Session
    iqn:
      label: IQN
      placeholder: iqn.2001-04.com.example:storage.kube.sys1.xyz
    lun:
      label: Lun
      placeholder: e.g. 2
    targetPortal:
      label: Target Portal
      placeholder: e.g. portal
    portals:
      add: Add Portal
  cinder:
    label: Openstack Cinder Volume (Unsupported)
    volumeId:
      label: Volume ID
      placeholder: e.g. vol
  quobyte:
    label: Quobyte Volume (Unsupported)
    volume:
      label: Volume
      placeholder: e.g. vol
    user:
      label: User
      placeholder: e.g. root
    group:
      label: Group
      placeholder: e.g. abc
    registry:
      label: Registry
      placeholder: e.g. abc
  photonPersistentDisk:
    label: Photon Volume (Unsupported)
    pdId:
      label: PD ID
      placeholder: e.g. abc
  portworxVolume:
    label: Portworx Volume (Unsupported)
    volumeId:
      label: Volume ID
      placeholder: e.g. abc
  scaleIO:
    label: ScaleIO Volume (Unsupported)
    volumeName:
      label: Volume Name
      placeholder: e.g. vol-0
    gateway:
      label: Gateway
      placeholder: e.g. https://localhost:443/api
    protectionDomain:
      label: Protection Domain
      placeholder: e.g. pd01
    storageMode:
      label: Storage Mode
      placeholder: e.g. ThinProvisioned
    storagePool:
      label: Storage Pool
      placeholder: e.g. sp01
    system:
      label: System
      placeholder: e.g. scaleio
    sslEnabled:
      label: SSL Enabled
  storageos:
    label: StorageOS (Unsupported)
    volumeName:
      label: Volume Name
      placeholder: e.g. vol
    volumeNamespace:
      label: Volume Namespace
      placeholder: e.g. default
  nfs:
    label: NFS Share
    path:
      label: Path
      placeholder: e.g. /var
    server:
      label: Server
      placeholder: e.g. 10.244.1.4
  longhorn:
    label: Longhorn
    volumeHandle:
      label: Volume Handle
      placeholder: e.g. pvc-xxxx
    options:
      label: Options
      addLabel: Add
  local:
    label: Local
    path:
      label: Path
      placeholder: e.g. /mnt/disks/ssd1
  hostPath:
    label: HostPath
    pathOnTheNode:
      label: Path on the Node
      placeholder: /mnt/disks/ssd1
    mustBe:
      label: The Path on the Node must be
      anything: 'Anything: do not check the target path'
      directory: A directory, or create if it does not exist
      file: A file, or create if it does not exist
      existingDirectory: An existing directory
      existingFile: An existing file
      existingSocket: An existing socket
      existingCharacter: An existing character device
      existingBlock: An existing block device
  gcePersistentDisk:
    label: Google Persistent Disk
    persistentDiskName:
      label: Persistent Disk Name
      placeholder: e.g. abc
  awsElasticBlockStore:
    label: Amazon EBS Disk
    volumeId:
      label: Volume ID
      placeholder: e.g. volume1
  azureFile:
    label: Azure Filesystem
    shareName:
      label: Share Name
      placeholder: e.g. abc
  azureDisk:
    label: Azure Disk
    diskName:
      label: Disk Name
      placeholder: e.g. kubernetes-pvc
    diskURI:
      label: Disk URI
      placeholder: e.g. https://example.com/disk
    kind:
      label: Kind
      dedicated: Dedicated
      managed: Managed
      shared: Shared
    cachingMode:
      label: Caching Mode
      none: None
      readOnly: Read Only
      readWrite: Read Write
    filesystemType:
      label: Filesystem Type
      placeholder: e.g. ext4
    readOnly:
      label: Read Only

persistentVolumeClaim:
  name: Persistent Volume Claim Name
  accessModes: Access Modes
  accessModesOptions:
    singleNodeRW: Single-Node Read/Write
    manyNodeR: Many-Node Read-Only
    manyNodeRW: Many-Node Read/Write
  capacity: Capacity
  storageClass: Storage Class
  useDefault: Use the default class
  volumes: Persistent Volumes
  volumeName: Persistent Volume Name
  source:
    label: Source
    options:
      new: Use a Storage Class to provision a new Persistent Volume
      existing: Use an existing Persistent Volume
  expand:
    label: Expand
    notSupported: Storage class does not support volume expansion
    notBound: Only bound PVCs can be expanded
  volumeClaim:
    label: Volume Claim
    storageClass: Storage Class
    requestStorage: Request Storage
    persistentVolume: Persistent Volume
    tooltips:
      noStorageClass: You don't have permission to list Storage Classes, enter a name manually
      noPersistentVolume: You don't have permission to list Persistent Volumes, enter a name manually
  customize:
    label: Customize
    accessModes:
      readWriteOnce: Single Node Read-Write
      readOnlyMany: Many Nodes Read-Only
      readWriteMany: Many Nodes Read-Write
  status:
    label: Status

podDisruptionBudget:
  budget:
    label: Budget
  minAvailable:
    label: Min. available Pods
  maxUnavailable:
    label: Max. unavailable Pods

inactivity:
  title: Session expiring
  banner: Your session is about to expire due to inactivity. Any unsaved changes will be lost.
  content: Click “Resume Session” to keep the session in this browser active.
  cta: Resume Session

# Rancher Extensions
plugins:
  altIcon: Icon for {extension} extension card
  deprecatedExtension: This extension is deprecated and may soon be removed from the catalog.
  incompatiblePrimeOnly: "The latest version of this extension ({ version }) needs Rancher Prime in order to be installed."
  incompatibleRancherVersion: "The latest version of this extension ({ version }) is not compatible with the current Rancher version ({ required })."
  incompatibleKubeVersion: "The latest version of this extension ({ version }) is not compatible with the current Kube version ({ required })."
  incompatibleUiExtensionsApiVersionMissing: 'The latest version of this extension ({ version }) is missing the mandatory annotation catalog.cattle.io/ui-extensions-version from Rancher 2.10 and onwards.'
  incompatibleUiExtensionsApiVersion: "The latest version of this extension ({ version }) is not compatible with the current Extensions API version ({ required })."
  incompatibleHost: 'The latest version of this extension ({ version }) has a host of "{ required }" which is not compatible with this application "{ mainHost }".'
  currentInstalledVersionBlockedByKubeVersion: "This version is not compatible with the current Kubernetes version ({ kubeVersion }  Vs  { kubeVersionToCheck })."
  closePluginPanel: Close plugin description panel
  viewVersionDetails: View extension {name} version {version} details/Readme
  labels:
    isDeveloper: Developer Load
    primeOnly: Prime only
    builtin: Built-In
    experimental: Experimental
    third-party: Third-Party
    image: Image
    installing: Installing ...
    uninstalling: Uninstalling ...
    upgrading: Upgrading ...
    downgrading: Downgrading ...
    menu: Extensions menu
    reloadRancher: Reload Rancher
    current: current
  descriptions:
    experimental: This Extension is marked as experimental
    third-party: This Extension is provided by a Third-Party
    built-in: This Extension is built-in
    image: This Extension Image has been loaded manually
  tooltips:
    installing: Installing...
  error:
    title: Error loading extension
    message: Could not load extension code
    generic: Extension error
    primeOnly: Unable to load Rancher Prime Extension in Rancher Community
    apiAnnotationMissing: 'Unable to load Extension. The version installed is not compatible with the current Extensions API Version (Extension is missing the annotation catalog.cattle.io/ui-extensions-version which implies incompatibility with Rancher 2.10 and onwards)'
    api: Unable to load Extension. The version installed is not compatible with the current Extensions API version
    host: Unable to load Extension. The version installed is not compatible with this application host
    version: Unable to load Extension. The version installed is not compatible with the current version of Rancher
    kubeVersion: Unable to load Extension. The version installed is not compatible with the current Rancher kubernetes version
    load: An error occurred loading the code for this Extension
    developerPkg: This Extension has been loaded internally, so we won't load the external version
  success:
    title: Loaded extension {name}
    message: Extension was loaded successfully
  developer:
    label: Developer Load
    title: Developer Load Extension
    prompt: Load an extension from a URL
    fields:
      url: Extension URL
      name: Extension module name
      persist: Persist extension by creating custom resource
  info:
    actions: Actions
    noActions: No actions available
    detail: Detail
    versions: Versions
    versionError: Could not load version information
    requiresRancherPrime: "Requires Rancher Prime"
    requiresRancherVersion: "Requires Rancher {required}"
    requiresKubeVersion: "Requires Kube version {required}"
    requiresExtensionApiVersionMissing: 'Missing the annotation catalog.cattle.io/ui-extensions-version which implies incompatibility with Rancher 2.10 and onwards'
    requiresExtensionApiVersion: "Requires Extensions API version {required}"
    requiresHost: 'Requires a host that matches "{mainHost}"'
  empty:
    all: Extensions are neither installed nor available
    available: No Extensions available
    installed: No Extensions installed
    updates: No updates available for installed Extensions
    images: No Extension Images installed
  loadError: An error occurred loading the code for this extension
  helmError: "An error occurred installing the extension via Helm"
  manageRepos: Manage Repositories
  addRancherRepos: Add Rancher Repositories
  manageCharts: Manage Extension Charts
  warnNoAuth: This version of the extension will be loaded before authentication and will have access to the login process.
  manageCatalog:
    label: Manage Extension Catalogs
    title: Extensions
    subtitle: Catalogs
    imageLoad:
      load: Import Extension Catalog
      prompt: An Extension Catalog contains extension assets bundled into an image, importing will take the image and host a Helm repository to act as a catalog for custom built Extensions.
      fields:
        image:
          label: Catalog Image Reference
          placeholder: "e.g. hub.docker.io/example-org/my-image:latest"
        imagePullSecrets:
          label: Image Pull Secrets
          tooltip: Must be of Type `kubernetes.io/dockercfg` or `kubernetes.io/dockerconfigjson`
        secrets:
          banner: "If the registry that hosts the Catalog Image requires Pull Secrets, they must be created in the following namespace:<pre>cattle-ui-plugin-system</pre>"
      banner: This will create an Deployment, Service, and Helm repository to serve the extension charts.
      imageVersion:
        title: Image Version Not Found
        message: Unable to determine image version from {image}, defaulting to latest
      error:
        exists:
          deployment:
            title: Deployment Conflict
            message: A container with the image {image} already exists
          service:
            title: Service Conflict
            message: A service with the name {svc} already exists
          repo:
            title: Helm Repository Conflict
            message: A repository with the name {repo} already exists
      success:
        title: "Imported Extension Catalog from: {name}"
        message: Extension Catalog image was imported successfully
    headers:
      image:
        name: images
        label: Deployment Image
      repository:
        label: Repository Name
  tabs:
    all: All
    available: Available
    builtin: Built-In
    images: Images
    installed: Installed
    updates: Updates
  title: Extensions
  version: "Version: {version}"
  install:
    label: Install
    title: Install extension {name}
    prompt: "Are you sure that you want to install this extension?"
    version: Version
    warnNotCertified: Please ensure that you are aware of the risks of installing Extensions from untrusted authors
    alreadyInstalledTitle: This extension is already installed from another source
    alreadyInstalledPrompt: To install it from this source, you need to uninstall the existing version first and reload the page (required). Would you like to continue?
    uninstallExisting: Uninstall existing version
  upgrade:
    label: Upgrade
    title: Upgrade extension {name}
    prompt: "Are you sure that you want to upgrade this extension?"
  downgrade:
    label: Downgrade
    title: Downgrade extension {name}
    prompt: "Are you sure that you want to downgrade this extension?"
  uninstall:
    label: Uninstall
    title: Uninstall extension {name}
    prompt: "Are you sure that you want to uninstall this extension?"
    catalog: "Are you sure that you want to uninstall this Extension Catalog Image? This will also remove any Extensions provided by this image."
  upgradeAvailable: A newer version of this Extension is available
  reload: Extensions changed - reload required
  safeMode:
    title: Extensions Safe Mode
    message: Extensions were not loaded
  addRepos:
    banner: There are new extensions repositories available. To enable these repositories, click the button on the right.
    bannerBtn: Add repositories
    title: Add Extensions repositories
    prompt: You can install multiple Rancher extension repositories to increase your extensions catalog
  setup:
    installed: Already installed
    uninstalled: Already uninstalled
    title: Extension support is not enabled
    prompt:
      cant: Automatic installation is not available - required Helm Charts could not be found
      can: 'You need to enable the <code>{ff}</code> Feature Flag in Global Settings. Once enabled, Rancher will require a restart.'
      official: The Official Rancher Extensions Repository provides extensions published by Rancher
      partners: The Partners Extensions Repository provides extensions published by Rancher Partners
      community: The Community Extensions Repository provides extensions published by Rancher Community
    install:
      title: Enable Extension Support?
      prompt: This will lead you to the page where you can enable the Feature Flag needed to enable Extension support.
      featuresButton: Go to Feature Flags
      airgap: Air-gapped installations should NOT enable this feature
      addRancherRepo: Add Official Rancher Extensions Repository
      addPartnersRancherRepo: Add Partners Extensions Repository
    remove:
      label: Disable Extension Support
      title: Disable Extension Support?
      prompt: This will un-install the Helm charts that enable Extension support
      registry:
        official:
          title: Remove the Official Rancher Extensions Repository
        partners:
          title: Remove the Partners Extensions Repository
        community:
          title: Remove the Community Extensions Repository
      crd:
        title: Remove the Rancher Extensions Custom Resource Definition
        prompt: There are one or more extensions installed - removing the CRD will require you to manually reinstall these extensions if you subsequently re-enable extensions support.
podSecurityAdmission:
  name: Pod Security Admission
  description: Define the admission control mode you want to use for the pod security
  banner:
    modifications: 'Changing any template that is currently in use will cause an update to those live clusters the next time the cluster is updated'
  labels:
    enforce: Enforce
    audit: Audit
    warn: Warn
    usernames: Usernames
    runtimeClasses: RuntimeClasses
    namespaces: Namespaces
    privileged: privileged
    baseline: baseline
    restricted: restricted
  version:
    placeholder: 'Version (default: latest)'
  exemptions:
    title: Exemptions
    description: Allow the creation of pods for specific Usernames, RuntimeClassNames, and Namespaces that would otherwise be prohibited due to the policies set above.
    placeholder: Enter a comma separated list of {psaExemptionsControl}
prefs:
  title: Preferences
  theme:
    label: Theme
    light: Light
    auto: Auto
    dark: Dark
    autoDetail: Auto uses OS preference if available, or dark from {pm} to {am}
  language: Language
  landing:
    label: Login Landing Page
    vue: Cluster Explorer
    ember: Cluster Manager
  displaySettings:
    title: Display Settings
    detail: Change the way information is displayed in the UI.
  clusterToShow:
    label: Number of clusters to show in side menu
    value: |-
      {count, number}
  dateFormat:
    label: Date Format
  timeFormat:
    label: Time Format
  perPage:
    label: Table Rows per Page
    value: |-
      {count, number}
  keymap:
    label: YAML Editor Key Mapping
    sublime: 'Normal human'
    emacs: 'Emacs'
    vim: 'Vim'
  advFeatures:
    title: Advanced Features
    viewInApi: Enable "View in API"
    allNamespaces: Show dynamic Namespaces managed by Rancher (not intended for editing or deletion)
    themeShortcut: Enable Dark/Light Theme keyboard shortcut toggle (shift+T)
    pluginDeveloper: Enable Extension developer features
    pluginDeveloperTooltip: Enables the ability to perform a developer load of UI extensions
  hideDesc:
    label: Hide Type Description banners above resource lists
  helm:
    'true': Include Prerelease Versions
    'false': Show Releases Only
    label: Helm Charts
  confirmationSetting:
    title: Confirmation Setting
    scalingDownPrompt: Do not ask for confirmation when scaling down node pools.

principal:
  loading: Loading&hellip;
  error: Unable to fetch principal info
  name: Name
  loginName: Username
  type: Type
  alt:
    avatar: User avatar image

probe:
  checkInterval:
    label: Check Interval
    placeholder: 'Default: 10'
  command:
    label: Command to run
    placeholder: e.g. cat /tmp/health
  failureThreshold:
    label: Failure Threshold
    placeholder: 'Default: 3'
  httpGet:
    headers:
      label: Request Headers
    path:
      label: Request Path
      placeholder: e.g. /healthz
    port:
      label: Check Port
      placeholder: e.g. 80
      placeholderDeux: e.g. 25
  initialDelay:
    label: Initial Delay
    placeholder: 'Default: 0'
  successThreshold:
    label: Success Threshold
    placeholder: 'Default: 1'
  timeout:
    label: Timeout
    placeholder: 'Default: 3'
  type:
    label: Type
    placeholder: Select a check type

project:
  membersEditOnly: Only permissions equal to or below those of the current user can be applied
  members:
    label: Members
  containerDefaultResourceLimit: Container Default Resource Limit
  vmDefaultResourceLimit: VM Default Resource Limit
  resourceQuotas: Resource Quotas
  haveOneOwner: There must be at least one member with the Owner role.


projectMembers:
  project:
    label: Project
  projectPermissions:
    label: Project Permissions
    description: Controls what access users have to the Project
    noDescription: User created - no description
    searchForMember: Search for a member to provide project access
    owner:
      label: Owner
      description: Owners have full control over the Project and all resources inside it.
    member:
      label: Member
      description: Members can manage the resources inside the Project but not change the Project itself.
    readOnly:
      label: Read Only
      description: Members can only view the resources inside the Project but not change the resources.
    custom:
      label: Custom
      description: Choose individual roles for this user.
    createNs: Create Namespaces
    configmapsManage: Manage Config Maps
    ingressManage: Manage Ingress
    projectroletemplatebindingsManage: Manage Project Members
    secretsManage: Manage Secrets
    serviceaccountsManage: Manage Service Accounts
    servicesManage: Manage Services
    persistentvolumeclaimsManage: Manage Volumes
    workloadsManage: Manage Workloads
    configmapsView: View Config Maps
    ingressView: View Ingress
    monitoringUiView: View Monitoring
    projectroletemplatebindingsView: View Project Members
    secretsView: View Secrets
    serviceaccountsView: View Service Accounts
    servicesView: View Services
    persistentvolumeclaimsView: View Volumes
    workloadsView: View Workloads

projectNamespaces:
  tableActionsLabel: More actions for project { resource }
  createNamespace: Create Namespace
  createProject: Create Project
  label: Projects/Namespaces
  noNamespaces: There are no namespaces defined.
  noProjectNoNamespaces: All namespaces are in a project
  isIstioInjectionEnabled: Istio automatic sidecar injection is enabled for this namespace

prometheusRule:
  alertingRules:
    addLabel: Add Alert
    annotations:
      description:
        input: Description Annotation Value
        label: Description
      label: Annotations
      message:
        input: Message Annotation Value
        label: Message
      runbook:
        input: Runbook URL Annotation Value
        label: Runbook URL
      summary:
        input: Summary Annotation Value
        label: Summary
    bannerText: 'When firing alerts, the annotations and labels will be passed to the configured AlertManagers to allow them to construct the notification that will be sent to any configured Receivers.'
    for:
      label: Wait to fire for
      placeholder: '60'
    label: Alerting Rules
    labels:
      label: Labels
      severity:
        choices:
          critical: critical
          label: Severity Label Value
          none: none
          warning: warning
        label: Severity
    name: Alert Name
    removeAlert: Remove Alert
  groups:
    add: Add Rule Group
    groupRowLabel: Rule Group {index}
    groupInterval:
      label: Override Group Interval
      placeholder: '60'
    label: Rule Groups
    name: Group Name
    none: Please add at least one rule group that contains at least one alerting or one recording rule.
    removeGroup: Remove Group
    responseStrategy:
      label: Partial Response Strategy
  promQL:
    label: PromQL Expression
  recordingRules:
    addLabel: Add Record
    label: Recording Rules
    labels: Labels
    name: Time Series Name
    removeRecord: Remove Record

promptForceRemove:
  modalTitle: Are you sure?
  removeWarning: "There was an issue with deleting underlying infrastructure. If you proceed with this action, the Machine <b>{nameToMatch}</b> will be deleted from Rancher only. It's highly recommended to manually delete any referenced infrastructure."
  forceDelete: Force Delete
  ariaLabel: Copy Machine name to clipboard
  confirmName: "Enter in the pool name below to confirm:"
  podRemoveWarning: "Force deleting pods does not wait for confirmation that the pod's processes have been terminated. This may result in <strong>data corruption or inconsistencies</strong>"

promptScaleMachineDown:
  attemptingToRemove: "You are attempting to delete {count} {type}"
  attemptingToScaleDown: "You are attempting to scale down {type}"
  retainedMachine1: At least one Machine must exist for roles Control Plane and Etcd.
  retainedMachine2: <b>{ name }</b> will remain
  scaling: |-
    {count, plural,
      =1 {This machine pool is still reconciling. A different node may be deleted instead of the one you selected. It’s best to wait until reconciliation finishes.<br> Do you still want to mark this node for deletion?}
      other {At least one of these machine pools is still reconciling. Different nodes may be deleted instead of the ones you selected. It’s best to wait until reconciliation finishes.<br> Do you still want to mark these nodes for deletion?}
    }
promptSlo:
  title: "Log out"
  text: "Log out of only Rancher, or all {name} applications."
  rancher:
    active: Only log out of Rancher
  all:
    active: Log out of {name}
    waiting: Logging Out

promptRemove:
  title: Are you sure?
  andOthers: |-
    {count, plural,
    =0 {.}
    =1 { and <b>one other</b>.}
    other { and <b>{count} others</b>.}
    }
  attemptingToRemove: "You are attempting to delete the {type}"
  attemptingToRemoveAuthConfig: "You are attempting to disable this Auth Provider. <br><br> Be aware that cluster role template bindings, project role template bindings, global role bindings, users, tokens will be all deleted. <br><br> Are you sure you want to proceed?"
  protip: "Tip: Hold the {alternateLabel} key while clicking delete to bypass this confirmation"
  confirmName: "Enter <b>{nameToMatch}</b> below to confirm:"
  deleteAssociatedNamespaces: "Also delete the namespaces in this project:"
  willDeleteAssociatedNamespaces: "This will also delete all namespaces in the project: "
  confirmRelatedResource: "Deleting the {type} will remove all the resources on this particular {type} and this is not revertable, are you sure you want to continue deleting {names}?"
  promptConfirmation: "Do not prompt again for confirmation when scaling down."

promptRemoveApp:
  removeCrd: "Delete the CRD associated with this app"

promptRestore:
  title: Restore Snapshot
  name: Name
  date: Date
  fromS3: Restore from S3
  label: Snapshot
  placeholder: Select a snapshot to restore
  notification:
    title: Restore Snapshot
    message: Restoring snapshot { selectedSnapshot } has started...

promptRollback:
  modalTitle: Roll Back {workloadName}
  dropdownTitle: Roll Back to Revision
  placeholder: Choose a Revision...
  attemptingToRollBack: Attempting to roll back workload...
  differences: Differences
  revisionOption: "Revision {revisionNumber}, created {revisionAge} {units} ago {currentLabel}"
  currentLabel: "(Current)"
  multipleWorkloadError: "Only one workload can be rolled back at a time."
  singleRevisionBanner: There are no revisions to roll back to.

promptRedeploy:
  title: Redeploy {type}?
  attemptingToRedeploy: "You are attempting to redeploy the {type} {names}<br><br>Redeploying will restart the selected workloads and may cause temporary downtime."

promptRotateEncryptionKey:
  title: Rotate Encryption Keys
  description: The last backup {name} was performed on {date}
  warning: Before proceeding, ensure a successful ETCD backup of the cluster has been completed.
  error: No backup found

rancherAlertingDrivers:
  msTeams: Enable Microsoft Teams
  sms: Enable SMS
  selectOne: You must select at least one of the options below.

rbac:
  roleBinding:
    noData: There are no members associated with this resource.
    user:
      label: User
    role:
      label: Role
    add: Add Member
  displayRole:
    fleetworkspace-admin: Admin
    fleetworkspace-member: Member
    fleetworkspace-readonly: Read-Only
  members:
    label: Members
  roletemplate:
    newUserDefault:
      no: No
      tooltip: This does not affect any bindings to the role that already exist.
    locked:
      label: Locked
      yes: 'Yes: New bindings are not allowed to use this role'
      no: No
    tabs:
      grantResources:
        label: Grant Resources
        noApiGroupClusterScope: Core K8s API, Cluster Scoped
        noApiGroupNamespaceScope: Core K8s API, Namespaced
        neuvector:
          labelClusterScoped: NeuVector, Cluster Scoped
          labelNamespaceScoped: NeuVector, Namespaced
        deprecatedLabel: (deprecated)
        resourceOptionInfo: The resource options are not a complete list of every resource available in every Rancher-managed Kubernetes cluster. Resources and API groups may need to be manually entered in advanced use cases.
        tableHeaders:
          verbs: Verbs
          resources: Resource
          nonResourceUrls: Non-Resource URLs
          apiGroups: API Groups
        psaWarning: Granting Project Roles the ability to amend PSA labels could lead to a weaker security posture and allow for privilege escalation. This is only recommended for advanced users who understand the risks involved.
    subtypes:
      GLOBAL:
        createButton: Create Global Role
        label: Global
        yes: "Yes: Default role for new users"
        defaultLabel: New User Default
      CLUSTER:
        createButton: Create Cluster Role
        label: Cluster
        yes: "Yes: Default role for new cluster creation"
        defaultLabel: Cluster Creator Default
      NAMESPACE:
        createButton: Create Project/Namespaces Role
        label: Project/Namespaces
        yes: "Yes: Default role for new project creation"
        defaultLabel: Project Creator Default
      RBAC_ROLE:
        label: Role
      RBAC_CLUSTER_ROLE:
        label: Cluster Role
      noContext:
        label: No Context
  globalRoles:
    notBound: 'No users bound <i class="icon icon-checkmark" style="margin-left: 5px"></i>'
    unableToCheck: Unable to check if any user is bound to the role(s). Please try again.
    waiting: |-
      {count, plural,
        =1 { Checking if there are any users bound to this role <i class="icon-spin icon icon-spinner" style="margin-left: 5px"></i> }
        other { Checking if there are any users bound to these roles <i class="icon-spin icon icon-spinner" style="margin-left: 5px"></i> }
      }
    usersBound: |-
      {count, plural,
        =1 { Caution: There is 1 user bound to the role(s) about to be deleted. Do you want to proceed? }
        other { Caution: There are {count} users bound to the role(s) about to be deleted. Do you want to proceed? }
      }
    types:
      global:
        label: Global Permissions
        description: |-
          Controls what access the {isUser, select,
          true {user}
          false {group}} has to administer the overall {appName} installation.
      custom:
        label: Custom
        description: 'Roles not created by {vendor}.'
      builtin:
        label: Built-in
        description: Additional roles to define more fine-grain permissions model.
    unknownRole:
        description: No description provided
    assignOnlyRole: This role is already assigned
    role:
      admin:
        label: Administrator
        description: Administrators have full control over the entire installation and all resources in all clusters.
      user:
        label: Standard User
        description: Standard Users can create new clusters and manage clusters and projects they have been granted access to.
      user-base:
        label: User-Base
        description: User-Base users have login-access only.
      clusters-create:
        label: Create new Clusters
        description: Allows the user to create new clusters and become the owner of them.  Standard Users have this permission by default.
      clustertemplates-create:
        label: Create new RKE Cluster Templates
        description: Allows the user to create new RKE cluster templates and become the owner of them.
      authn-manage:
        label: Configure Authentication
        description: Allows the user to enable, configure, and disable all Authentication provider settings.
      catalogs-manage:
        label: Legacy Configure Catalogs
        description: Allows the user to add, edit, and remove management.cattle.io based catalogs resources.
      clusters-manage:
        label: Manage all Clusters
        description: Allows the user to manage all clusters, including ones they are not a member of.
      clusterscans-manage:
        label: Manage Compliance Cluster Scans
        description: Allows the user to launch new and manage compliance cluster scans.
      kontainerdrivers-manage:
        label: Create new Cluster Drivers
        description: Allows the user to create new cluster drivers and become the owner of them.
      features-manage:
        label: Configure Feature Flags
        description: Allows the user to enable and disable custom features via feature flag settings.
      nodedrivers-manage:
        label: Configure Node Drivers
        description: Allows the user to enable, configure, and remove all Node Driver settings.
      nodetemplates-manage:
        label: Manage Node Templates
        description: Allows the user to define, edit, and remove Node Templates.
      roles-manage:
        label: Manage Roles
        description: Allows the user to define, edit, and remove Role definitions.
      settings-manage:
        label: Manage Settings
        description: 'Allows the user to manage {vendor} Settings.'
      users-manage:
        label: Manage Users
        description: Allows the user to create, remove, and set passwords for all Users.
      catalogs-use:
        label: Use Catalogs
        description: Allows the user to see and deploy Templates from the Catalog.  Standard Users have this permission by default.
      nodetemplates-use:
        label: Use Node Templates
        description: Allows the user to deploy new Nodes using any existing Node Templates.
      view-rancher-metrics:
        label: 'View {vendor} Metrics'
        description: Allows the user to view Metrics through the API.
      base:
        label: Login Access
      clustertemplaterevisions-create:
        label: Create RKE Template Revisions
      proxy-endpoints-manage:
        label: Manage Rancher Proxy
        description: Allows the user to manage settings for proxying HTTP requests via Rancher
  errors:
    escalation: You cannot assign Global Permissions that are higher than your own. Please verify the permissions you are attempting to assign.

resourceDetail:
  detailTop:
    annotations: Annotations
    created: Created
    deleted: Deleted
    description: Description
    endpoints: Endpoints
    labels: Labels
    namespaces: Namespaces
    ownerReferences: |-
      {count, plural,
      =1 {Owner}
      other {Owners}}
    hideLabels: Hide system labels
    showLabels: Show all labels
    hideAnnotations: |-
      {annotations, plural,
      =1 {Hide 1 annotation}
      other {Hide {annotations} annotations}}
    showAnnotations: |-
      {annotations, plural,
      =1 {Show 1 annotation}
      other {Show {annotations} annotations}}
    name: Name
  header:
    clone: "Clone from {subtype} {name}"
    create: Create {subtype}
    import: Import {subtype}
    edit: "{subtype} {name}"
    stage: "Stage from {subtype} {name}"
    view: "{subtype} {name}"
  masthead:
    ariaLabel:
      favoriteAction: Add {resource} to your starred/favorites list
      unfavoriteAction: Remove {resource} from your starred/favorites list
    age: Age
    restartCount: Pod Restarts
    defaultBannerMessage:
      error: This resource is currently in an error state, but there isn't a detailed message available.
      transitioning: This resource is currently in a transitioning state, but there isn't a detailed message available.
    sensitive:
      hide: Hide Sensitive Values
      show: Show Sensitive Values
    namespace: Namespace
    workspace: Workspace
    project: Project
    detail: Detail
    config: Config
    graph: Graph
    yaml: YAML
    managedWarning: |-
      This {type} is managed by {hasName, select,
        no {a {managedBy} app}
        yes {the {managedBy} app {appName}}}; changes made here will likely be overwritten the next time {managedBy} runs.
resourceList:
  head:
    create: Create
    createFromYaml: Create from YAML
    createResource: "Create {resourceName}"
  nsFiltering: "Please select one or more namespaces or projects using the filter above."
  nsFilteringGeneric: "Please select a valid namespace or project option using the filter above."
  nsFilterToolTip: "Filtering is restricted to projects and namespaces"
resourceLoadingIndicator:
  loading: Loading

resourceTable:
  groupBy:
    none: Flat List
    namespace: Group by Namespace
    project: Group by Project
    node: Group by Node
    role: Group by Role
    cluster: Group by Cluster
    device: Group by Device
    pool: Group by Pool
    workspace: Group by Workspace
  groupLabel:
    cluster: "<span>Cluster:</span> {name}"
    notInACluster: Not in a Cluster
    namespace: "<span>Namespace:</span> {name}"
    notInAMachinePool: "Not In A Deployment"
    machinePool: "<span>Pool:</span> {name}"
    notInANamespace: Not Namespaced
    notInAProject: Not in a Project
    project: "<span>Project:</span> <span>{name}</span>"
    notInAWorkspace: Not in a Workspace
    workspace: "<span>Workspace:</span> {name}"
    notInANodePool: "Not in a Pool"
    nodePool: "<span>Pool:</span> {name}"
    node: "<span>Node:</span> {name}"
  autoRefresh:
    label: Auto Refresh

resourceTabs:
  conditions:
    tab: Conditions
  events:
    tab: Recent Events
    namespaceTab: "Events in Namespace"
    namespaceCaption: "Shows all events from resources in <span class='namespace-name'><b>{namespace}</b></span> namespace"
  related:
    tab: Related Resources
    from: Referred To By
    to: Refers To


resourceYaml:
  errors:
    namespaceRequired: This resource is namespaced, so a namespace must be provided.
  buttons:
    continue: Continue Editing
    edit: Edit YAML
    diff: Show Diff
    hideDiff: Hide Diff
    unified: Unified
    split: Split

secret:
  authentication: Authentication
  certificate:
    certificate: Certificate
    certificates: Certificates
    certificatePlaceholder: "Paste in the CA certificate, starting with -----BEGIN CERTIFICATE----"
    cn: Domain Name
    expires: Expires
    expiresOn: Expires On
    expiresDuration: Expires In
    lifetime: Lifetime
    issuer: Issuer
    paging: |-
      {pages, plural,
      =0 {No {pluralLabel}}
      =1 {{count} {count, plural, =1 {{singularLabel}} other {{pluralLabel}}}}
      other {{from} - {to} of {count} {pluralLabel}}}
    plusMore: "+ {n} more"
    privateKey: Private Key
    privateKeyPlaceholder: "Paste in the private key, typically starting with -----BEGIN RSA PRIVATE KEY-----"
    warnings:
      expiring: "{count} {count, plural, =1 {Certificate expires soon} other {Certificates expire soon}}"
      expired: "{count} {count, plural, =1 {Certificate has expired} other {Certificates have expired}}"
  projectScoped:
    tooltip:
      source: "Project Scoped Secret (for Project \"{project}\" in cluster \"{cluster}\")"
      copy: "Managed via Project Scoped Secret (\"{secret}\" in Project \"{project}\")"
    origin:
      source: "Project Secret"
      copy: "Via Project Secret"
  data: Data
  registry:
    address: Registry
    domainName: Registry Domain Name
    password: Password
    username: Username
  basic:
    password: Password
    username: Username
  ssh:
    keys: Keys
    keysAndHosts: Keys and Known Hosts
    public: Public Key
    publicPlaceholder: "Paste in your public key"
    private: Private Key
    privatePlaceholder: "Paste in your private key"
    knownHosts: Known Hosts
    knownHostsPlaceholder: "Known hosts metadata, one per line"
    editKnownHosts:
      title: SSH Known Hosts Configuration
      entries:  |-
        {entries, plural,
          =0 {Empty}
          =1 {1 Entry}
          other {{entries} Entries}
        }

  serviceAcct:
    ca: CA Certificate
    token: Token
  customType: Custom Type
  type: Type
  types:
    'opaque': 'Opaque'
    'kubernetes.io/service-account-token': 'Svc Acct Token'
    'kubernetes.io/dockercfg': 'Registry'
    'kubernetes.io/dockerconfigjson': 'Registry'
    'kubernetes.io/basic-auth': 'HTTP Basic Auth'
    'kubernetes.io/ssh-auth': 'SSH Key'
    'kubernetes.io/tls': 'TLS Certificate'
    'bootstrap.kubernetes.io/token': 'Bootstrap Token'
    'istio.io/key-and-cert': 'Istio Certificate'
    'helm.sh/release.v1': 'Helm Release'
    'fleet.cattle.io/cluster-registration-values': 'Fleet Cluster'
    'provisioning.cattle.io/cloud-credential': 'Cloud Credential'
    'rke.cattle.io/auth-config': 'RKE Auth Config'
  initials:
    'opaque': 'O'
    'kubernetes.io/service-account-token': 'SAT'
    'kubernetes.io/dockercfg': 'R'
    'kubernetes.io/dockerconfigjson': 'R'
    'kubernetes.io/basic-auth': 'HTTP'
    'kubernetes.io/ssh-auth': 'SSH'
    'kubernetes.io/tls': 'TLS'
    'bootstrap.kubernetes.io/token': 'Boot'
    'istio.io/key-and-cert': 'Ist'
    'helm.sh/release.v1': 'Helm'
    'fleet.cattle.io/cluster-registration-values': 'F'
    'provisioning.cattle.io/cloud-credential': 'CC'
    's3': 'S3'
  relatedWorkloads: Related Workloads
  typeDescriptions:
    custom:
      description: Create a Secret with a custom type
    'kubernetes.io/basic-auth':
      description: 'Authentication with a username and password'
      docLink: https://kubernetes.io/docs/concepts/configuration/secret/#basic-authentication-secret
    'Opaque':
      description: Default type of Secret using key-value pairs
      docLink: https://kubernetes.io/docs/concepts/configuration/secret/#opaque-secrets
    'kubernetes.io/dockerconfigjson':
      description: Authenticated registry for pulling container images
      docLink: https://kubernetes.io/docs/concepts/configuration/secret/#docker-config-secrets
    'kubernetes.io/ssh-auth':
      description: Public key and private key for SSH authentication
      docLink: https://kubernetes.io/docs/concepts/configuration/secret/#ssh-authentication-secrets
    'kubernetes.io/tls':
      description: Store a certificate and key for TLS
      docLink: https://kubernetes.io/docs/concepts/configuration/secret/#tls-secrets
  tabs:
    namespaced:
      label: Namespaced
      create: Create Secret
    projectScoped:
      label: Project Scoped
      create: Create Project Secret

selectOrCreateAuthSecret:
  label: Authentication
  imagePullSecret: Image Pull Secret
  options:
    none: None
    basic: HTTP Basic Auth
    ssh: SSH Key
    aws: AWS/S3
    custom: Secret Name
  s3:
    accessKey: Access Key
    secretKey: Secret Key
  ssh:
    publicKey: Public Key
    privateKey: Private Key
  basic:
    username: Username
    password: Password
    passwordPersonalAccessToken: Password/Personal Access Token
  rke:
    info: "An RKE Auth Config secret contains the username and password concatenated and base64 encoded into the secret's 'auth' key"
  namespaceGroup: "Namespace: {name}"
  chooseExisting: "Choose an existing secret:"
  createSsh: Create an SSH Key Secret
  createBasic: Create an HTTP Basic Auth Secret
  createS3: Create an S3-Compatible Auth Secret
  createRKE: Create an RKE Auth Config Secret
  createImagePullSecretBasedOnAuth: Create an Image Pull Secret based on Authentication Secret
  createImagePullSecret: Create a new Image Pull Secret with new Username/Password

serviceAccount:
  automount: Automount Service Account Token
  imagePullSecrets: Image Pull Secrets
  tabs:
    serviceAccount:
      label: Service Account

servicePorts:
  header:
    label: Port Rules
  rules:
    listening:
      label: Listening Port
      placeholder: e.g. 8080
    name:
      label: Port Name
      placeholder: e.g. myport
    node:
      label: Node Port
      placeholder: e.g. 30000
    protocol:
      label: Protocol
    target:
      label: Target Port
      placeholder: e.g. 80 or http

serviceTypes:
  clusterip: Cluster IP
  externalname: External Name
  headless: Headless
  loadbalancer: Load Balancer
  nodeport: Node Port

servicesPage:
  serviceListDescription: Services allow you to define a logical set of Pods that can be accessed with a single IP address and port.
  targetPorts: The Service will send requests to this port, and the selected Pods are expected to listen on this port.
  listeningPorts: The Service is exposed on this port.
  anyNode: Any Node
  labelsAnnotations:
    label: Labels & Annotations
  affinity:
    actionLabels:
      clientIp: ClientIP
      none: There is no session affinity configured.
    helpText: Map connections to a consistent target based on their source IP.
    label: Session Affinity
    timeout:
      label: Session Sticky Time
      placeholder: e.g. 10800
  externalName:
    define: External Name
    helpText: "External Name is intended to specify a canonical DNS name. This is a required field. To hardcode an IP address, use a Headless service."
    label: External Name
    placeholder: e.g. my.database.example.com
    input:
      label: DNS Name
  harvester:
    title: Add-on Config
    ipam:
      label: IPAM
    useShareIP:
      label: Use Share IP
    useIpam:
      label: Use IPAM
    shareIP:
      label: Share IP LB

  ips:
    define: Service Ports
    clusterIpHelpText: The Cluster IP address must be within the CIDR range configured for the API server.
    external:
      label: External IPs
      placeholder: e.g. 1.1.1.1
      protip: List of IP addresses for which nodes in the cluster will also accept traffic for this service.
    input:
      label: Cluster IP
      placeholder: e.g. 10.43.xxx.xxx
    label: IP Addresses
    loadBalancer:
      label: Load Balancer
    loadBalancerIp:
      label: Load Balancer IP
      placeholder: e.g. 192.0.xxx.xxx
      helpText: If you specify a loadBalancerIP but your cloud provider does not support the feature, the loadBalancerIP field that you set is ignored.
  pods:
    label: Pods
  ports:
    label: Ports
  selectors:
    helpText: ""
    label: Selectors
    matchingPods:
      description: Selector keys and values are intended to match labels and values on existing Pods.
      matchesSome: |-
        {matched, plural,
          =0 {Matches 0 of {total, number} pods. If no selector is created, manual endpoints must be made.}
          =1 {Matches 1 of {total, number} pods: "{sample}"}
          other {Matches {matched, number} of {total, number} existing pods, including "{sample}"}
        }
  serviceTypes:
    clusterIp:
      abbrv: IP
      description: Expose a set of Pods to other Pods within the cluster. This type of Service is only reachable from within the cluster. This is the default type.
      label: Cluster IP
    externalName:
      abbrv: EN
      description: Create a Service that uses a DNS name instead of selectors. This is an advanced use case.
      label: External Name
    headless:
      abbrv: H
      description: Create a Service without a cluster IP or load balancer. This is an advanced use case.
      label: Headless
    loadBalancer:
      abbrv: LB
      description: Create a load balancer in the underlying infrastructure (e.g. a cloud provider's load balancer) and assign a public IP address to the service. Allows external clients to access the service using the public IP address and the port specified in the service definition.
      label: Load Balancer
    nodePort:
      abbrv: NP
      description: "Expose the service on each node's IP at a static port."
      label: Node Port
  typeOpts:
    label: Service Type

setup:
  currentPassword: Bootstrap Password
  confirmPassword: Confirm New Password
  defaultPassword:
    intro: It looks like this is your first time visiting {vendor}; if you pre-set your own bootstrap password, enter it here.  Otherwise a random one has been generated for you.  To find it:<br/><br/>
    dockerPrefix: 'For a "docker run" installation:'
    dockerPs: 'Find your container ID with <code>docker ps</code>, then run:'
    dockerSuffix: ""
    helmPrefix: 'For a Helm installation, run:'
    helmSuffix: ""
  eula: By checking the box, you accept the <a href="https://www.suse.com/licensing/eula/download/suse_end_user_license_agreement_june_2024.pdf" target="_blank" rel="noopener noreferrer nofollow">End User License Agreement & Terms & Conditions</a>
  newPassword: New Password
  newUserSetPassword: The first order of business is to set a strong password. We suggest using this random one generated just for you, but enter your own if you like.
  serverUrl:
    label: Server URL
    skip: Skip
    tip: What URL should be used for this {vendor} installation? All the nodes in your clusters will need to be able to reach this.
  setPassword: The first order of business is to set a strong password for the default <code>{username}</code> user. We suggest using this random one generated just for you, but enter your own if you like.
  useManual: Set a specific password to use
  useRandom: Use a randomly generated password
  copyRandom: Copy random password to clipboard
  welcome: Welcome to {vendor}!
  setup: Setup

sortableTable:
  ariaLabel:
    firstPageBtn: First page of results
    prevPageBtn: Previous page of results
    nextPageBtn: Next page of results
    lastPageBtn: Last page of results
  alt:
    firstPageBtn: First page of results icon
    prevPageBtn: Previous page of results icon
    nextPageBtn: Next page of results icon
    lastPageBtn: Last page of results icon
    sortingIconDesc: Table header descending sort icon
    sortingIconAsc: Table header ascending sort icon
  genericGroupCheckbox: Table group selection checkbox
  genericRowCheckbox: Table row selection checkbox for item {item}
  tableActionsLabel: More actions - { resource }
  tableActionsImgAlt: More actions icon
  bulkActions:
    collapsed:
      label: Actions
  actionAvailability:
    selected: "{actionable} selected"
    some: "Affects {actionable} of {total}"
  noData: There are no rows which match your search query.
  noRows: There are no rows to show.
  noActions: No actions available
  paging:
    generic: |-
      {pages, plural,
      =0 {No Items}
      =1 {{count} {count, plural, =1 {Item} other {Items}}}
      other {{from} - {to} of {count} Items}}
    resource: |-
      {pages, plural,
      =0 {No {pluralLabel}}
      =1 {{count} {count, plural, =1 {{singularLabel}} other {{pluralLabel}}}}
      other {{from} - {to} of {count} {pluralLabel}}}
  search: Filter
  searchLabel: Filter table results
  in: in
  addFilter: Add Filter
  filteringDescription: Using this input will immediately filter the results in the table below
  filterFor: Filter for...
  selectCol: Select a column
  resetFilters: Reset
  add: Add
  tableHeader:
    noFilter: This column cannot be filtered by
    groupBy: Group by
    show: Show

storageClass:
  actions:
    setAsDefault: Set as Default
    resetDefault: Reset Default
  parameters:
    label: Parameters
  customize:
    label: Customize
    reclaimPolicy:
      label: Reclaim Policy
      delete: Delete volumes and underlying device when volume claim is deleted
      retain: Retain the volume for manual cleanup
    allowVolumeExpansion:
      label: Allow Volume Expansion
      enabled: Enabled
      disabled: Disabled
    volumeBindingMode:
      label: Volume Binding Mode
      now: Bind and provision a persistent volume once the PersistentVolumeClaim is created
      later: Bind and provision a persistent volume once a Pod using the PersistentVolumeClaim is created
    mountOptions:
      label: Mount Options
      addLabel: Add Option
  aws-ebs:
    title: Amazon EBS Disk
    volumeType:
      label: Volume Type
      gp2: GP2 - General Purpose SSD
      gp3: GP3 - General Purpose SSD
      io1: IO1 - Provisioned IOPS SSD
      st1: ST1 - Throughput-Optimized HDD
      sc1: SC1 - Cold-Storage HDD
      provisionedIops:
        label: Provisioned IOPS
        suffix: per second, per GB
    filesystemType:
      label: Filesystem Type
      placeholder: e.g. ext4
    availabilityZone:
      label: Availability Zone
      automatic: 'Automatic: Zones the cluster has a node in'
      manual: 'Manual: Choose specific zones'
      placeholder: us-east-1d, us-east-1c
    encryption:
      label: Encryption
      enabled: Enabled
      disabled: Disabled
    keyId:
      label: KMS Key ID for Encryption
      automatic: 'Automatic: Generate a key'
      manual: 'Manual: Use a specific key (full ARN)'
  azure-disk:
    title: Azure Disk
    storageAccountType:
      label: Storage Account Type
      placeholder: e.g. Standard_LRS
    kind:
      label: Kind
      shared: Shared (unmanaged disk)
      dedicated: Dedicated (unmanaged disk)
      managed: Managed
  azure-file:
    title: Azure File
    skuName:
      label: Sku Name
      placeholder: e.g. Standard_LRS
    location:
      label: Location
      placeholder: e.g. eastus
    storageAccount:
      label: Storage Account
      placeholder: e.g. azure_storage_account_name
  gce-pd:
    title: Google Persistent Disk
    volumeType:
      label: Volume Type
      standard: Standard
      ssd: SSD
    filesystemType:
      label: Filesystem Type
      placeholder: e.g. ext4
    availabilityZone:
      label: Availability Zone
      automatic: 'Automatic: Zones the cluster has a node in'
      manual: 'Manual: Choose specific zones'
      placeholder: us-east-1d, us-east-1c
    replicationType:
      label: Replication Type
      zonal: Zonal
      regional: Regional
  longhorn:
    title: Longhorn (CSI)
    addLabel: Add Parameter
  vsphere-volume:
    title: VMWare vSphere Volume
    diskFormat:
      label: Disk Format
      thin: Thin
      zeroedthick: Zeroed Thick
      eagerzeroedthick: Eager Zeroed Thick
    storagePolicyName:
      label: Storage Policy Name
      placeholder: e.g. gold
    datastore:
      label: Datastore
      placeholder: e.g. VSANDatastore
    hostFailuresToTolerate:
      label: Host Failures To Tolerate
      placeholder: e.g. 2
    cacheReservation:
      label: Cache Reservation
      placeholder: e.g. 20
    filesystemType:
      label: Filesystem Type
      placeholder: e.g. ext3
  custom:
    addLabel: Add Parameter
  glusterfs:
    title: Gluster Volume
    restUrl:
      label: REST URL
      placeholder: e.g. http://127.0.0.1:8081
    restUser:
      label: REST User
      placeholder: e.g. admin
    restUserKey:
      label: REST User Key
      placeholder: e.g. password
    secretNamespace:
      label: Secret Namespace
      placeholder: e.g. default
    secretName:
      label: Secret Name
      placeholder: e.g. heketi-secret
    clusterId:
      label: Cluster ID
      placeholder: e.g. 630372ccdc720a92c681fb928f27b53f
    gidMin:
      label: GID MIN
      placeholder: e.g. 40000
    gidMax:
      label: GID MAX
      placeholder: e.g. 50000
    volumeType:
      label: Volume Type
      placeholder: "e.g. replicate:3"
  cinder:
    title: Openstack Cinder Volume
    volumeType:
      label: Volume Type
      placeholder: e.g. fast
    availabilityZone:
      label: Availability Zone
      automatic: "Automatic: Zones the cluster has a node in"
      manual:
        label: "Manual: Choose specific zones"
        placeholder: e.g. nova
  rbd:
    title: Ceph RBD
    monitors:
      label: Monitors
      placeholder: e.g. 10.16.153.105:6789
    adminId:
      label: Admin ID
      placeholder: e.g. kube
    adminSecretNamespace:
      label: Admin Secret Namespace
      placeholder: e.g. kube-system
    adminSecret:
      label: Admin Secret
      placeholder: e.g. Secret
    pool:
      label: Pool
      placeholder: e.g. kube
    userId:
      label: User ID
      placeholder: e.g. kube
    userSecretNamespace:
      label: User Secret Namespace
      placeholder: e.g. default
    userSecretName:
      label: User Secret Name
      placeholder: e.g. ceph-secret-user
    filesystemType:
      label: Filesystem Type
      placeholder: e.g. ext4
    imageFormat:
      label: Image Format
      placeholder: e.g. 2
    imageFeatures:
      label: Image Features
      placeholder: e.g. layering
  quobyte:
    title: Quobyte Volume
    quobyteApiServer:
      label: Quobyte API Server
      placeholder: "e.g. http://138.68.74.142:7860"
    registry:
      label: Registry
      placeholder: e.g. 138.68.74.142:7861
    adminSecretNamespace:
      label: Admin Secret Namespace
      placeholder: e.g. kube-system
    adminSecretName:
      label: Admin Secret Name
      placeholder: e.g. quobyte-admin-secret
    user:
      label: User
      placeholder: e.g. root
    group:
      label: Group
      placeholder: e.g. root
    quobyteConfig:
      label: Quobyte Config
      placeholder: e.g. BASE
    quobyteTenant:
      label: Quobyte Tenant
      placeholder: e.g. DEFAULT
  portworx-volume:
    title: Portworx Volume
    filesystem:
      label: Filesystem
      placeholder: e.g. ext4
    blockSize:
      label: Block Size
      placeholder: e.g. 32
    repl:
      label: Repl
      placeholder: e.g.1; 0 for entire device
    ioPriority:
      label: I/O Priority
      placeholder: e.g. low
    snapshotsInterval:
      label: Snapshots Interval
      placeholder: e.g. 70
    aggregationLevel:
      label: Aggregation Level
      placeholder: e.g. 0
    ephemeral:
      label: Ephemeral
      placeholder: e.g. true
  scaleio:
    title: ScaleIO Volume
    gateway:
      label: Gateway
      placeholder: e.g. https://192.168.99.200:443/api
    system:
      label: System
      placeholder: e.g. scaleio
    protectionDomain:
      label: Protection Domain
      placeholder: e.g. pd0
    storagePool:
      label: Storage Pool
      placeholder: e.g. sp1
    storageMode:
      label: StorageMode
      thin: Thin Provisioned
      thick: Thick Provisioned
    secretRef:
      label: Secret Ref
      placeholder: e.g. sio-secret
    readOnly:
      label: Read Only
    filesystemType:
      label: Filesystem Type
      placeholder: e.g. xfs
  storageos:
    title: StorageOS
    pool:
      label: Pool
      placeholder: e.g. default
    description:
      label: Description
      placeholder: e.g. Kubernetes volume
    filesystemType:
      label: Filesystem Type
      placeholder: e.g. ext4
    adminSecretNamespace:
      label: Admin Secret Namespace
      placeholder: e.g. default
    adminSecretName:
      label: Admin Secret Name
      placeholder: e.g. storageos-secret
  no-provisioner:
    title: Local Storage
  deprecated:
    title: (Deprecated)
    warning: 'The {provisioner} in-tree plugin is deprecated: Find a CSI driver <a target="_blank" rel="noopener noreferrer nofollow" href="https://kubernetes-csi.github.io/docs/drivers.html">here.</a>'
  harvesterhci:
    title: Harvester (CSI)
    warning:
      unSatisfiesVersion: Please upgrade your Harvester CSI driver version to use this feature. (csi-driver >= v0.1.15)
    hostStorageClass:
      label: Host Storage Class
      placeholder: Storage class name on the host Harvester cluster
      tooltip: By default the default storage class on the host Harvester cluster is used.

tableHeaders:
  assuredConcurrencyShares: Assured Concurrency Shares
  autoscaler: Autoscaler
  accessKey: Access Key
  addressType: Address Type
  accessModes: Access Modes
  address: Address
  age: Age
  apiGroup: API Groups
  apikey: API Key
  available: Available
  attachedVM: Attached VM
  authRoles:
    globalDefault: New User Default
    clusterDefault: Cluster Creator Default
    projectDefault: Project Creator Default
  branch: Branch
  backupTarget: Backup Target
  builtIn: Built In
  bundlesReady: Bundles Ready
  bundleDeploymentsReady: Deployments
  builtin: Built-In
  chart: Chart
  capacity: Capacity
  current: Current
  clusterCreatorDefault: Cluster Creator Default
  clusterFlow: Cluster Flow
  clusterOutput: Cluster Output
  cluster: Cluster
  clusters: Clusters
  cluster-Name: Cluster
  clustersReady: Clusters Ready
  clusterGroups: Cluster Groups
  commit: Commit
  condition: Condition
  constraint: Constraint
  completions: Completions
  count: Count
  createdAt: Created At
  customVerbs: Custom Verbs
  description: Description
  cpu: CPU
  currentReplicas: Current Replicas
  date: Date
  data: Data
  default: Default
  desired: Desired
  defaultVersion: Default version
  destination: Target
  deployed: Deployed
  download: Download
  duration: Duration
  diskState: Disk State
  drivers: Drivers
  distinguisherMethod: Distinguisher Method
  effect: Effect
  endpoints: Endpoints
  expires: Expires
  firstSeen: First Seen
  firstSeenTooltip: The time at which the event was first recorded
  flow: Flow
  fingerprint: Fingerprint
  gitRepos: Git Repos
  helmOps: Helm Ops
  groups: Groups
  groupName: Group Name
  groupRoleNames: Group Role Names
  global-Default: Global-Default
  helmOpsReady: Helm Ops Ready
  host: Host
  hostIp: Host IP
  holder: Holder
  hpaReference: Workload
  health: Health
  handSize: Hand Size
  ipAddress: IP Address
  id: ID
  iP: IP
  image: Image
  imageSize: Size
  ingressClass: Ingress Class
  ingressDefaultBackend: Default
  ingressTarget: Target
  internalExternalIp: External/Internal IP
  ipaddress: IP Address
  internalIpSameAsExternal: Same as External
  jobs: Jobs
  key: Key
  keys: Data
  labels: Labels
  lastUpdated: Last Updated
  lastSchedule: Last Schedule
  lastSeen: Last Seen
  lastSeenTooltip: The time at which the most recent occurrence of this event was recorded
  lastUsed: Last Used
  loggingOutputProviders: Provider
  machines: Machines
  machineNodeName: Node
  manual: Manual
  matches: Matches
  matchingPrecedence: Matching Precedence
  maxKubernetesVersion: Max Kubernetes Version
  message: Message
  minKubernetesVersion: Min Kubernetes Version
  minReplicas: Minimum Replicas
  maxReplicas: Maximum Replicas
  missingPL: MissingPL
  memory: Memory
  monitored: Monitored
  name: Name
  nameDisplay: Display Name
  nameUnlinked: Name
  namespace: Namespace
  namespaceName: Name
  namespaceNameUnlinked: Name
  networkType: Type
  networkVlan: Vlan ID
  node: Node
  nodeName: Node Name
  nodesReady: Nodes Ready
  nodePort: Node Port
  object: Object
  operatingSystem: OS
  output: Output
  p95: 95%tile
  persistentVolumeClaim: Persistent Volume Claim
  persistentVolumeSource: Source
  phase: Phase
  progress: Progress
  podImages: Image
  podRestarts: Restarts
  podLastRestart: Last Restart
  pods: Pods
  pod-Selector: Pod-Selector
  providers: Providers
  providerID: Provider ID
  port: Port
  ports: Ports
  project: Project
  protocol: Protocol
  provider: Provider
  priorityLevel: Priority Level
  publicPorts: Public Ports
  queues: Queues
  queueLengthLimit: Queue Length Limit
  ram: RAM
  rbac:
    create: Create
    delete: Delete
    get: Get
    list: List
    patch: Patch
    update: Update
    watch: Watch
  ready: Ready
  reason: Reason
  receivers: Receivers
  receiverTypes: Receiver Types
  reclaimPolicy: Reclaim Policy
  registrationNamespace: Registration Namespace
  repo: Repo
  repoType: Repo Type
  repositories: Repositories
  repoName: Repository Name
  reposReady: Git Repos Ready
  replicas: Replicas
  reqRate: Req Rate
  resource: Resource
  resources: Resources
  resourcesReady: Resources Ready
  restarts: Restarts
  restart: Restart Required
  restartSystem: Restart { vendor }
  restore: Restore
  role: Role
  roles: Roles
  routes: Routes
  routeConnectivity: Route Connectivity
  readyToUse: Ready To Use
  scale: Scale
  scope: Scope
  selector: Selector
  secrets: Secrets
  secret:
    origin: Origin
    originTooltip: "Shows if a secret has been created or managed via another Project Scoped Secret. Read the Project Scoped Secret documentation to learn more about this Rancher concept"
  schedule: Schedule
  service: Service
  serviceAccounts: Service Accounts
  secret-Name: Secret-Name
  simpleName: Name
  simpleScale: Scale
  simpleType: Type
  size: Size
  started: Started
  state: State
  status: Status
  targetVm: Target VM
  storage_class_provisioner: Provisioner
  storage: Storage Size
  storageClass: Storage Class
  source: Source
  subject: Subject
  subType: Kind
  success: Success
  summary: Summary
  subobject: Subobject
  taints: Taints
  target: Target
  targetKind: Target Type
  targetPort: Target
  template: Template
  totalSnapshotQuota: Total Snapshot Quota
  ttl: TTL
  type: Type
  updated: Updated
  up-to-date: Up To Date
  upgrade: Upgradable
  url: URL
  users: Users
  userDisplayName: Display Name
  userId: ID
  userDeletedIn: Delete After
  userDisabledIn: Disable After
  userLastLogin: Last Login
  userState: Enabled
  userStatus: Status
  username: Local Username
  value: Value
  version: Version
  volume: Volume
  volumeMode: Volume Mode
  weight: Weight
  clusterResources: Cluster Resources
  repoPerClusterState: Cluster State
  repoPerClusterStateTooltip: The state of the repo on the cluster
target:
  router:
    label: Router
    placeholder: Select a router
  service:
    label: Service
    placeholder: Select a service
  title: Target
  version:
    label: Version
    placeholder: Select a version

user:
  state:
    active: 'Enabled'
    inactive: 'Disabled'
    unknown: 'Unknown'
  detail:
    username: Username
    globalPermissions:
      label: Global Permissions
      description: Access to manage resources that affect the entire installation
      adminMessage: This user is an administrator and has all permissions
      tableHeaders:
        permission: Permission
    clusterRoles:
      label: Cluster Roles
      description: Roles granted to this user for individual clusters
      tableHeaders:
        cluster: Cluster
    projectRoles:
      label: Project Roles
      description: Roles granted to this user for individual projects
      tableHeaders:
        project: Project
    generic:
      tableHeaders:
        role: Role
        granted: Granted
  edit:
    credentials:
      label: Credentials
      username:
        label: Username
        placeholder: e.g. jsmith
        exists: 'Username is already in use. Please choose a new username'
      displayName:
        label: Display Name
        placeholder: e.g. John Smith
      userDescription:
        label: Description
        placeholder: e.g. This account is for John Smith
  list:
    errorRefreshingGroupMemberships: Error refreshing group memberships
  retention:
    button:
      label: User retention settings
    growl:
      title: Save user retention settings
      message: User retention settings have been updated successfully
    edit:
      title:
        header: "Users: Settings"
        pre: "Users:"
        post: Settings
        subTitle: User retention
      form:
        disableAfter:
          checkbox: Disable user accounts after an inactivity period (duration since last login)
          input:
            label: Inactivity period
            tooltip: Uses duration units (e.g. use 30h for 30 hours)
        deleteAfter:
          checkbox: Delete user accounts after an inactivity period (duration since last login)
          input:
            label: Inactivity period
            tooltip: Uses duration units (e.g. use 30h for 30 hours)
            subLabel: This value must be larger than the Disable period, if it's active
        cron:
          label: User retention process schedule
          subLabel: The user retention process runs as a cron job (required)
          errorMessage: User retention process schedule must be a valid cron expression
        dryRun:
          label: Run the user retention process in DRY mode (no changes will be applied)
          subLabel: You can check the logs to see which accounts would be affected
        defaultLastLogin:
          label: Default last login (ms)
          subLabel: Accounts without a registered last login timestamp will get this as a default
          placeholder: Unix timestamp
validation:
  noUpperCase: 'Alphanumeric characters in "{key}" must be lowercase'
  arrayLength:
    between: '"{key}" should contain between {min} and {max} {max, plural, =1 {item} other {items}}'
    exactly: '"{key}" should contain {count, plural, =1 {# item} other {# items}}'
    max: '"{key}" should contain at most {count} {count, plural, =1 {item} other {items}}'
    min: '"{key}" should contain at least {count} {count, plural, =1 {item} other {items}}'
  alphanumeric: '"{key}" must be alphanumeric'
  boolean: '"{key}" must be a boolean value.'
  chars: '"{key}" contains {count, plural, =1 {an invalid character} other {# invalid characters}}: {chars}'
  cluster:
    name: Cluster name cannot be 'local' or take the form 'c-xxxxx'
  conflict: |-
    This resource has been modified since you started editing it, and some of those modifications conflict with your changes.
    This screen has been updated to reflect the current values on the cluster. Review and reapply the changes you wanted to make, then Save again.
    Conflicting {fieldCount, plural, =1 {field} other {fields}}: {fields}
  custom:
    missing: 'No validator exists for { validatorName }! Does the validator exist in custom-validators? Is the name spelled correctly?'
  dns:
    doubleHyphen: '"{key}" Cannot contain two or more consecutive hyphens'
    hostname:
      empty: '"{key}" must be at least one character'
      emptyLabel: '"{key}" cannot contain two consecutive dots'
      endDot: '"{key}" cannot end with a dot'
      endHyphen: '"{key}" cannot end with a hyphen'
      startDot: '"{key}" cannot start with a dot'
      startHyphen: '"{key}" cannot start with a hyphen'
      startNumber: '"{key}" cannot start with a number'
      tooLong: '"{key}" cannot be longer than {max} characters'
      tooLongLabel: '"{key}" cannot contain a section longer than {max} characters'
    label:
      endDot: '"{key}" cannot end with a dot'
      startDot: '"{key}" cannot start with a dot'
      emptyLabel: '"{key}" cannot be empty'
      endHyphen: '"{key}" cannot end with a hyphen'
      startHyphen: '"{key}" cannot start with a hyphen'
      startNumber: '"{key}" cannot start with a number'
      tooLongLabel: '"{key}" cannot be more than {max} characters'
  flowOutput:
    both: Requires "Output" or "Cluster Output" to be selected.
    global: Requires "Cluster Output" to be selected.
  repository:
    url: It must be a valid HTTP(s) or SSH URL with no trailing spaces
  oci:
    url: It must be a valid OCI URL with no trailing spaces
  output:
    logdna:
      apiKey: Required an "Api Key" to be set.
  invalidCron: Invalid cron schedule
  invalidCidr: "Invalid CIDR"
  invalidIP: "Invalid IP"
  k8s:
    name: Must consist of lower case alphanumeric characters or '-', and must start and end with an alphanumeric character (e.g. 'my-name', or '123-abc').
    identifier:
      emptyLabel: '"{key}" cannot have an empty key'
      emptyPrefix: '"{key}" cannot have an empty prefix'
      endLetter: '"{key}" must end with a letter or number'
      startLetter: '"{key}" must start with a letter or number'
      tooLongKey: '"{key}" cannot have a key longer than {max} characters'
      tooLongPrefix: '"{key}" cannot have a prefix longer than {max} characters'
  minLength: '"{key}" must contain more than {min} characters'
  maxLength: '"{key}" must contain less than {max} characters'
  minValue: '"{key}" must be equal or higher than {min}'
  maxValue: '"{key}" must be equal or lower than {max}'
  betweenLengths: '"{key}" must contain between {min} and {max} characters'
  betweenValues: '"{key}" must be between {min} and {max}'
  noSchema: No schema found to validate
  noType: No type to validate
  number:
    requiredInt: '"{key}" must be integer'
    isPositive: '"{key}" must be positive'
    isOctal: '"{key}" must have no leading zeros'
    between: '"{key}" should be between {min} and {max}'
    exactly: '"{key}" should be exactly {val}'
    max: '"{key}" should be at most {val}'
    min: '"{key}" should be at least {val}'
  podAffinity:
    affinityTitle: Pod Affinity
    antiAffinityTitle: Pod Anti-Affinity
    requiredDuringSchedulingIgnoredDuringExecution: required rules
    preferredDuringSchedulingIgnoredDuringExecution: preferred rules
    topologyKey: Rule [{index}] of {group} {rules} - Topology key is required.
    matchExpressions:
      operator: Rule [{index}] of {group} {rules} - operator must be one of 'In', 'NotIn', 'Exists', 'DoesNotExist'
      valueMustBeEmpty: Rule [{index}] of {group} {rules} - value must be empty if operator is 'Exists' or 'DoesNotExist'
      valuesMustBeDefined: Rule [{index}] of {group} {rules} - value must be defined if operator is 'In' or 'NotIn'
  port: A port must be a number between 1 and 65535.
  path: '"{key}" must be an absolute path'
  prometheusRule:
    noEdit: This Prometheus Rule may not be edited due to invalid characters in name.
    groups:
      required: At least one rule group is required.
      singleAlert: A rule may contain alert rules or recording rules but not both.
      valid:
        name: 'Name is required for rule group {index}.'
        rule:
          alertName: 'Rule group {groupIndex} rule {ruleIndex} requires a Alert Name.'
          expr: 'Rule group {groupIndex} rule {ruleIndex} requires a PromQL Expression.'
          labels: 'Rule group {groupIndex} rule {ruleIndex} requires at least one label. Severity is recommended.'
          recordName: 'Rule group {groupIndex} rule {ruleIndex} requires a Time Series Name.'
        singleEntry: 'At least one alert rule or one recording rule is required in rule group {index}.'
  required: '"{key}" is required'
  invalid: '"{key}" is invalid'
  requiredOrOverride: '"{key}" is required or must allow override'
  roleTemplate:
    roleTemplateRules:
      missingVerb: You must specify at least one verb for each resource grant
      missingResource: You must specify a Resource for each resource grant
      missingApiGroup: You must specify an API Group for each resource grant
      missingOneResource: You must specify at least one Resource, Non-Resource URL or API Group for each resource grant
      noResourceAndNonResource: Each rule may contain Resources or Non-Resource URLs but not both
  semanticVersion: Version must be a valid version number or a semantic versioning constraint (e.g. 2.x.x, < 1.0)
  service:
    externalName:
      none: External Name is required on an ExternalName Service.
    ports:
      name:
        required: 'Port Rule [{position}] - Name is required.'
      nodePort:
        requiredInt: 'Port Rule [{position}] - Node Port must be integer values if included.'
        between: 'Port Rule [{position}] - Node Port must be between 1 and 65535'
      port:
        required: 'Port Rule [{position}] - Port is required.'
        requiredInt: 'Port Rule [{position}] - Port must be integer values if included.'
        between: 'Port Rule [{position}] - Port must be between 1 and 65535'
      targetPort:
        between: 'Port Rule [{position}] - Target Port must be between 1 and 65535'
        iana: 'Port Rule [{position}] - Target Port must be an IANA Service Name or Integer'
        ianaAt: 'Port Rule [{position}] - Target Port '
        required: 'Port Rule [{position}] - Target Port is required'
  setting:
    serverUrl:
      https: Server URL must be https.
      localhost: If the Server URL is internal to the Rancher server (e.g. localhost) the downstream clusters may not be able to communicate with Rancher.
      trailingForwardSlash: Server URL should not have a trailing forward slash.
      url: Server URL must be an URL.
      awsStyleEndpoint: Endpoint URL has to be a valid domain-based endpoint and cannot start with a protocol (e.g https:// or http://)
  genericUrl: Field must be a valid URL
  stringLength:
    between: '"{key}" should be between {min} and {max} {max, plural, =1 {character} other {characters}}'
    exactly: '"{key}" should be {count, plural, =1 {# character} other {# characters}}'
    max: '"{key}" should be at most {count} {count, plural, =1 {character} other {characters}}'
    min: '"{key}" should be at least {count} {count, plural, =1 {character} other {characters}}'
  targets:
    missingProjectId: A target must have a project selected.
  monitoring:
    route:
      match: At least one Match or Match Regex must be selected
      interval: '"{key}" must be of a format with digits followed by a unit i.e. 1h, 2m, 30s'
  tab: "One or more fields in this tab contain a form validation error"
  version: Invalid Version number

carousel:
  previous: Previous
  next: Next
  controlItem: Go to slide nº {number}

wizard:
  previous: Previous
  finish: Finish
  next: Next
  step: "Step {number}"
  edit: Edit
  create: Create
  view: View
  install: Install
  upgrade: Upgrade
  downgrade: Downgrade

sideWindow:
  secondary:
    resize: Resize secondary window

wm:
  resize: Resize Window - use arrow keys {arrow1} and {arrow2} to resize with keyboard
  tabIcon: Window tab icon
  closeTab: Close tab - {tabId}
  connection:
    connected: Connected
    connecting: Connecting&hellip;
    disconnected: Disconnected
    error: Error
  containerLogs:
    options: Additional container logs options
    expand: Expand additional container logs options
    searchLogs: Search/filter logs
    logActionMenu: Logs action menu
    clear: Clear
    containerName: "Container: {label}"
    download: Download
    follow: Follow
    noData: There are no log entries to show in the current range.
    noMatch: No lines match the current filter.
    previous: Use Previous Container
    range:
      all: Everything
      hours: |-
        {value, number}
        {value, plural,
        =1 {Hour}
        other {Hours}
        }
      label: Show the last
      lines: "{value, number} Lines"
      minutes: |-
        {value, number} {value, plural,
        =1 {Minute}
        other {Minutes}
        }
    search: Filter
    timestamps: Show Timestamps
    wrap: Wrap Lines
  containerShell:
    escapeText: Press Shift+Escape to blur from terminal
    clear: Clear
    containerName: "Container: {label}"
    failed: "Unable to open a shell to the container (none of the shell commands succeeded)\n\r"
    logLevel:
      info: INFO
      error: ERROR
      warning: WARN
      debug: DEBUG
    logMessage:
      containerError: "{ logLevel }: Container missing shell executable (/bin/sh)"

  kubectlShell:
    title: "Kubectl: {name}"

workloadDashboard:
  title: Workloads Overview
  subtitle:
    allNamespaces: For all namespaces
    filtered: "For namespace: {namespace}"
    filteredMultiple: "For {count} namespaces"
  sections:
    byState: By State
    byType: By Type
  empty:
    title: No workloads to show
    message: "Tips: undo the last namespace filter you applied or <resetLink>reset the namespaces filter</resetLink>."
    docsMessage: "Want to learn more about Workloads? Read our <docsLink>documentation</docsLink>."

workload:
  scaleWorkloads: Scale workloads
  healthWorkloads: Jobs/Pods health status
  healthScaleToggle: Toggle/Expand workloads scaling/health
  plus: Scale up workload
  minus: Scale down workload
  container:
    command:
      addEnvVar: Add Variable
      args: Arguments
      as: as
      command: Command
      env: Environment Variables
      fromResource:
        key:
          label: Key
          placeholder: "e.g. metadata.labels['<KEY>']"
        name:
          label: Variable Name
          placeholder: "e.g. FOO"
        prefix: Prefix
        source:
          label: Source
          placeholder: e.g. my-container
        secret: Secret
        configMap: ConfigMap
        containerName: Container Name
        type: Type
        value:
          label: Value
          placeholder: e.g. bar
      tty: TTY
      workingDir: WorkingDir
      stdin: Stdin
    containerName: Container Name
    healthCheck:
      checkInterval: Check Interval
      command:
        command: Command to run
      failureThreshold: Failure Threshold
      httpGet:
        headers: Request Headers
        path: Request Path
        port: Check Port
      initialDelay: Initial Delay
      livenessProbe: Liveness Check
      livenessTip: Containers will be restarted when this check is failing.  Not recommended for most uses.
      noHealthCheck: "There is not a Readiness Check, Liveness Check or Startup Check configured."
      readinessProbe: Readiness Checks
      readinessTip: Containers will be removed from service endpoints when this check is failing.  Recommended.
      startupProbe: Startup Check
      startupTip: Containers will wait until this check succeeds before attempting other health checks.
      successThreshold: Success Threshold
      timeout: Timeout
      kind:
        none:  None
        HTTP:  HTTP request returns a successful status (200-399)
        HTTPS: HTTPS request returns a successful status
        tcp:   TCP connection opens successfully
        exec:  Command run inside the container exits with status 0
    image: Container Image
    imagePullPolicy: Pull Policy
    imagePullSecrets:
      label: Pull Secrets
      tooltip: Must be of Type `kubernetes.io/dockercfg` or `kubernetes.io/dockerconfigjson`
    init: Init Container
    lifecycleHook:
      postStart:
        label: PostStart
        add: Add PostStart Hook
      preStop:
        label: PreStop
        add: Add PreStop Hook
      exec:
        title: Exec
        add: Add command to execute
        command:
          label: Command
          placeholder: "e.g. sh -c 'sleep 10'"
      httpGet:
        title: HttpGet
        add: Create HTTP request
        host:
          label: Host IP
          placeholder: e.g. 172.17.0.2
        path:
          label: Path
          placeholder: e.g. app/bin/endpoint?param=value
        port:
          label: Port
          placeholder: e.g. 3000
        scheme:
          label: Scheme
          placeholder: e.g. HTTP
      httpHeaders:
        title: HTTP Headers
        name:
          label: Name
          placeholder: e.g. accept-ranges
        value:
          label: Value
          placeholder: e.g. bytes
      tcpSocket:
        title: TCPSocket
        add: Open a TCP socket
        host:
          label: Host
          placeholder: e.g. 192.168.0.1
        port:
          label: Port
          placeholder: e.g. 80
    name: Container Name
    noResourceLimits: There are no resource requirements configured.
    noPorts: There are no ports configured.
    noServiceAccess: You do not have permission to create or manage services
    ports:
      expose: Networking
      description: 'Define a Service to expose the container, or define a non-functional, named port so that humans will know where the app within the container is expected to run.'
      detailedDescription: If ClusterIP, LoadBalancer, or NodePort is selected, a Service is automatically created that will select the Pods in this workload using labels.
      toolTip: 'For help exposing workloads on Kubernetes, see the official Kubernetes documentation on Services. You can also manually create a Service to expose Pods by selecting their labels, and you can use an Ingress to map HTTP routes to Services.'
      createService: Service Type
      noCreateService: Do not create a service
      containerPort: Private Container Port
      hostIP: Host IP
      hostPort: Public Host Port
      name: Name
      protocol: Protocol
      listeningPort: Listening Port
    removeContainer: Remove Container
    addContainer: Add Container
    security:
      addGroupIDs: Add Group IDs
      allowPrivilegeEscalation:
        title: Privilege Escalation
        'true': "Container can gain more privileges than its parent process"
      capabilities:
        title: Capabilities
        add: Add Capabilities
        drop: Drop Capabilities
      fsGroup: Filesystem Group
      hostIPC: Use Host IPC Namespace
      hostPID: Use Host PID Namespace
      podFsGroup: Pod Filesystem Group
      privileged:
        title: Privileged
        'true': "Container has full access to the host"
        help: Enabling privilege will hide Privilege Escalation and seccompProfile.
        afterTick: 
          'true': Privilege Escalation and seccompProfile have been hidden.
          'false': Privilege Escalation and seccompProfile appeared.
      readOnlyRootFilesystem:
        title: Read-Only Root Filesystem
        'true': "Container has a read-only root filesystem"
      runAsGroup: Run as Group ID
      runAsNonRoot:
        title: Run as Non-Root
        'true': "Container must run as a non-root user"
      runAsNonRootOptions:
        'true': "Containers must run as non-root-user"
      runAsUser: 
        title: Run as User ID
        label: User ID
      seccompProfile:
        pod: Pod Seccomp Profile
        container: Seccomp Profile
        type: Type
        localhostProfile:
          label: Localhost Profile Path
          tooltip: Points to a specific seccomp file that must already exist on the machine running the container.
          placeholder: e.g. path/to/json
        afterLocalhostProfile: 
          selected: Localhost Profile input appeared.
          unselected: Localhost Profile input has been hidden.
        types:
          none:
            label: None
          runtimeDefault:
            label: RuntimeDefault - inherit the default seccomp profile
          localhost:
            label: Localhost - define a custom seccomp profile
          unconfined:
            label: Unconfined - no seccomp profile
      shareProcessNamespace: Share single process namespace
      supplementalGroups: Additional Group IDs
      sysctls: Sysctls
      sysctlsKey: Name
    standard: Standard Container
    initContainer:
      label: Init Containers
    terminationState: "Last state: Terminated with {lsExitCode}: {lsDescription}, started: {lsStartedAt}, finished: {lsFinishedAt}"
    titles:
      pods: Pods
      container: Container
      command: Command
      containers: Containers
      env: Environment Variables
      events: Events
      general: General
      healthCheck: Health Check
      image: Image
      lifecycle: Lifecycle Hooks
      networking: Networking
      networkSettings: Network Settings
      podAnnotations: Pod Annotations
      podLabels: Pod Labels
      metrics: Metrics
      podScheduling: Pod Scheduling
      nodeScheduling: Node Scheduling
      ports: Ports
      resources: Resources
      securityContext: Security Context
      status: Status
      volumeClaimTemplates: Volume Claim Templates
      upgrading: Scaling and Upgrade Policy
  cronSchedule: Schedule
  detail:
    services: Services
    ingresses: Ingresses
    cannotViewServices: Could not list Services due to lack of permission.
    cannotFindServices: Could not find any Services that select Pods from this workload.
    serviceListCaption: "The following Services select Pods from this workload:"
    cannotViewIngresses: Could not list Ingresses due to lack of permission.
    cannotFindIngresses: Could not find any Ingresses that forward traffic to Services that select Pods in this workload.
    ingressListCaption: "The following Ingresses forward traffic to Services that select Pods from this workload:"
    cannotViewIngressesBecauseCannotViewServices: Could not find relevant relevant Ingresses due to lack of permission to view Services.
    pods:
      title: Pods
  detailTop:
    node: Node
    podIP: Pod IP
    podRestarts: Pod Restarts
    workload: Workload
    pods: Pods by State
    runs: Runs
    started: Started
    duration: Last Scheduled Time
    image: Image
  error: Pod { name } Security Policy Violation { policy }
  gaugeStates:
    succeeded: Successful
    running: Running
    failed: Failed
  hideTabs: 'Hide Advanced Options'
  job:
    activeDeadlineSeconds:
      label: Active Deadline
      tip: The duration that the job may be active before the system tries to terminate it.
    backoffLimit:
      label: Back Off Limit
      tip: The number of retries before marking this job failed.
    completions:
      label: Completions
      tip: The number of successfully finished pods the job should be run with.
    failedJobsHistoryLimit:
      label: Failed Job History Limit
      tip: The number of failed finished jobs to retain.
    parallelism:
      label: Parallelism
      tip: The maximum number of pods the job should run at any given time.
    startingDeadlineSeconds:
      label: Starting Deadline Seconds
      tip: The deadline in seconds for starting the job if it misses scheduled time
    successfulJobsHistoryLimit:
      label: Successful Job History Limit
      tip: The number of successful finished jobs to retain.
    suspend: Suspend
  list:
    errorCannotScale: Failed to scale {workloadName} {direction, select, up { up } down { down } }
  metrics:
    pod: Pod Metrics
    metricsView: Metrics View
  networking:
    dnsPolicy:
      label: DNS Policy
      options:
        clusterFirst: Cluster First
        clusterFirstWithHostNet: Cluster First With Host Network
        default: Default
        none: None
      placeholder: Select a Policy...
    hostAliases:
      add: Add Alias
      keyLabel: IP Address
      keyPlaceholder: e.g. 1.1.1.1
      label: Host Aliases
      tip: Additional /etc/hosts entries to be injected in the container.
      valueLabel: Hostname
      valuePlaceholder: "e.g. foo.com, bar.com"
    hostname:
      label: Hostname
      placeholder: e.g. web
    nameservers:
      add: Add Nameserver
      label: Nameservers
      placeholder: e.g. 1.1.1.1
    networkMode:
      label: Network Mode
      options:
        hostNetwork: Host Network
        normal: Normal
      placeholder: Select a Mode...
    dns: DNS
    resolver:
      label: Resolver Options
      add: Add Option
    searches:
      add: Add Search Domain
      label: Search Domains
      placeholder: e.g. mycompany.com
    subdomain:
      label: Subdomain
      placeholder: e.g. web
  normanWarning: It looks like this workload was created in the legacy Rancher UI. You may need to manually delete any services that were automatically created for it.
  validation:
    containers: Containers
    containerImage: Container {name} - "Container Image" is required.
    localhostProfile: Container {name} - "Container Localhost Profile" is required when SeccompProfile Type is Localhost.
  replicas: Replicas
  showTabs: 'Show Advanced Options'
  scheduling:
    activeDeadlineSeconds: Pod Active Deadline
    activeDeadlineSecondsTip: The duration that the pod may be active before the system tries to mark it failed and kill associated containers.
    affinity:
      addNodeSelector: Add Node Selector
      anyNode: Run pods on any available node
      affinityTitle: Run pods on nodes with pods matching these selectors
      antiAffinityTitle: Run pods on nodes without pods matching these selectors
      affinityOption: Affinity
      antiAffinityOption: Anti-Affinity
      matchFields:
        label: Fields
      matchExpressions:
        label: Expressions
        addRule: Add Rule
        doesNotExist: is not set
        exists: is set
        greaterThan: ">"
        in: in list
        inNamespaces: "Specific namespaces"
        key: Key
        lessThan: <
        matchType: Match Type
        namespaces: Namespaces
        notIn: not in list
        operator: Operator
        value: Value
        weight: Weight
      noPodRules: There are no pod scheduling rules configured.
      nodeName: Node Name
      priority: Priority
      preferAny: "Prefer any of:"
      preferred: Preferred
      required: Required
      requireAny: "Require any of:"
      schedulingRules: Run pods on node(s) matching scheduling rules
      specificNode: Run pods on specific node(s)
      thisPodNamespace: This pod's namespace
      allNamespaces: All namespaces
      topologyKey:
        label: Topology Key
        placeholder: e.g. failure-domain.beta.kubernetes.io/zone
      type: Type
      weight:
        label: Weight
        placeholder: Must be a weight between 1 and 100
    priority:
      className: Priority Class Name
      priority: Priority
    terminationGracePeriodSeconds: Termination Grace Period
    terminationGracePeriodSecondsTip: The duration that the pod needs to terminate gracefully.
    titles:
      advanced: Advanced
      nodeScheduling: Node Scheduling
      nodeSelector: Nodes with these labels
      podScheduling: Pod Scheduling
      priority: Priority
      tab: Scheduling
      tolerations: Tolerations
      limits: Limits and Reservations
    tolerations:
      addToleration: Add Toleration
      effect: Effect
      effectOptions:
        all: All
        noExecute: NoExecute
        noSchedule: "NoSchedule"
        preferNoSchedule: PreferNoSchedule
      labelKey: Key
      operator: Operator
      operatorOptions:
        equal: =
        exists: Exists
      tolerationSeconds: Toleration Seconds
      value: Value
  serviceAccountName:
    label: Service Account Name
    createMessage: The service name [ {name} ] does not exist in this namespace, you will need to create it manually.
  serviceName: Service Name
  storage:
    subtypes:
      secret: Secret
      configMap: ConfigMap
      hostPath: Bind-Mount
      persistentVolumeClaim: Persistent Volume Claim
      createPVC: Create Persistent Volume Claim
      csi: CSI
      nfs: NFS
      awsElasticBlockStore: Amazon EBS Disk
      azureDisk: Azure Disk
      azureFile: Azure File
      gcePersistentDisk: Google Persistent Disk
      driver.longhorn.io: Longhorn
      vsphereVolume: VMWare vSphere Volume
      emptyDir: Empty Dir
    addClaim: Add Claim
    addMount: Add Mount
    addVolume: Add Volume
    selectVolume: Select Volume
    noVolumes: Volumes will appear here after they are added in the Pod tab
    certificate: Certificate
    csi:
      diskName: Disk Name
      diskURI: Disk URI
      cachingMode:
        label: Caching Mode
        options:
          none: None
          readOnly: Read Only
          readWrite: Read Write
      kind:
        label: Kind
        options:
          dedicated: Dedicated
          managed: Managed
          shared: Shared
      drivers:
        driver-longhorn-io: Longhorn
      fsType: Filesystem Type
      shareName: Share Name
      secretName: Secret Name
      volumeID: Volume ID
      partition: Partition
      pdName: Persistent Disk Name
      storagePolicyID: Storage Policy ID
      storagePolicyName: Storage Policy Name
      volumePath: Volume Path
    defaultMode: Default Mode
    driver: driver
    hostPath:
      label: The Path on the Node must be
      options:
        default: 'Anything: do not check the target path'
        directoryOrCreate: A directory, or create if it doesn't exist
        directory: An existing directory
        fileOrCreate: A file, or create if it doesn't exist
        file: An existing file
        socket: An existing socket
        charDevice: An existing character device
        blockDevice: An existing block device
    mountPoint: Mount Point
    nodePath: Path on Node
    optional:
      label: Optional
      'no': 'No'
      'yes': 'Yes'
    path: Path
    readOnly: Read Only
    server: Server

    subPath: Sub Path in Volume
    title: 'Storage'
    volumeName: Volume Name
    volumePath: Volume Path
    emptyDir:
      medium:
        label: Medium
        default: Node's Default Medium
        memory: Memory
      sizeLimit:
        label: Size Limit
        placeholder: "e.g. 300"
  typeDescriptions:
    apps.daemonset: DaemonSets run exactly one pod on every eligible node. When new nodes are added to the cluster, DaemonSets automatically deploy to them. Recommended for system-wide or vertically-scalable workloads that never need more than one pod per node.
    apps.deployment: Deployments run a scalable number of replicas of a pod distributed among the eligible nodes. Changes are rolled out incrementally and can be rolled back to the previous revision when needed. Recommended for stateless & horizontally-scalable workloads.
    apps.statefulset: StatefulSets manage stateful applications and provide guarantees about the ordering and uniqueness of the pods created. Recommended for workloads with persistent storage or strict identity, quorum, or upgrade order requirements.
    batch.cronjob: CronJobs create Jobs, which then run Pods, on a repeating schedule. The schedule is expressed in standard Unix cron format, and uses the timezone of the Kubernetes control plane (typically UTC).
    batch.job: Jobs create one or more pods to reliably perform a one-time task by running a pod until it exits successfully. Failed pods are automatically replaced until the specified number of completed runs has been reached. Jobs can also run multiple pods in parallel or function as a batch work queue.
    pod: Pods are the smallest deployable units of computing that you can create and manage in Kubernetes. A Pod is a group of one or more containers, with shared storage and network resources, and a specification for how to run the containers.
  upgrading:
    activeDeadlineSeconds:
      label: Pod Active Deadline
      tip: The duration the pod may be active before the system will try to mark it failed and kill associated containers.
    concurrencyPolicy:
      label: Concurrency
      options:
        allow: Allow CronJobs to run concurrently
        forbid: Skip next run if current run hasn't finished
        replace: Replace run if current run hasn't finished
    maxSurge:
      label: Max Surge
      tip: The maximum number of pods allowed beyond the desired scale at any given time.
    maxUnavailable:
      label: Max Unavailable
      tip: The maximum number of pods which can be unavailable at any given time.
    minReadySeconds:
      label: Minimum Ready
      tip: The minimum duration a pod should be ready without containers crashing for it to be considered available.
    podManagementPolicy:
      label: Pod Management Policy
    progressDeadlineSeconds:
      label: Progress Deadline
      tip: The minimum duration to wait for a deployment to progress before marking it failed.
    revisionHistoryLimit:
      label: Revision History Limit
      tip: The number of old ReplicaSets to retain for rollback.
    strategies:
      labels:
        delete: "On Delete: New pods are only created when old pods are manually deleted."
        recreate: "Recreate: Kill ALL pods, then start new pods."
        rollingUpdate: "Rolling Update: Create new pods, until max surge is reached, before deleting old pods. Don't stop more pods than max unavailable."
    terminationGracePeriodSeconds:
      label: Termination Grace Period
      tip: The duration the pod needs to terminate successfully.
    title: Upgrading
  tabs:
    labels:
      deployment: Deployment
      pod: Pod
      containers: Containers

##############################
# Model Properties
##############################
model:
  account:
    kind:
      admin: Admin
      agent: Agent
      project: Environment
      registeredAgent: Registered Agent
      service: Service
      user: User
  "catalog.cattle.io.app":
    firstDeployed: First Deployed
    lastDeployed: Last Deployed
  authConfig:
    description:
      ldap: LDAP
      saml: SAML
      oauth: OAuth
      oidc: OIDC
      keycloakoidc: Keycloak
      genericoidc: OIDC provider
      cognito: Amazon Cognito
    name:
      keycloak: Keycloak (SAML)
      keycloakoidc: Keycloak (OIDC)
    provider:
      system: System
      local: Local
      multiple: Multiple
      activedirectory: ActiveDirectory
      azuread: Microsoft Entra ID
      github: GitHub
      githubapp: GitHub App
      keycloak: Keycloak
      ldap: LDAP
      openldap: OpenLDAP
      shibboleth: Shibboleth
      ping: Ping Identity
      adfs: ADFS
      okta: Okta
      freeipa: FreeIPA
      googleoauth: Google
      genericoidc: Generic OIDC
      keycloakoidc: Keycloak
      cognito: Amazon Cognito


  cluster:
    name: Cluster Name
  ingress:
    displayKind: L7 Ingress
  machine:
    role:
      controlPlane: Control Plane
      etcd: etcd
      worker: Worker
  openldapconfig:
    domain:
      help: Only users below this base will be used.
      label: User Search Base
      placeholder: "e.g. ou=Users,dc=mycompany,dc=com"
    server:
      label: Hostname or IP Address
    serviceAccountPassword:
      label: Service Account Password
    serviceAccountUsername:
      label: Service Account Username
  projectMember:
    role:
      member: Member
      owner: Owner
      readonly: Read-Only
      restricted: Restricted
  service:
    displayKind:
      generic: Service
      loadBalancer: L4 Balancer

typeDescription:
  # Map of
  # type: Description to be shown on the top of list view describing the type.
  #       Should fit on one line.
  #       If you link to anything external, it MUST have
  #       target="_blank" rel="noopener noreferrer nofollow"
  jwt.authentication: Enable this feature on a cluster to add support for JWT authenticating downstream service accounts.
  branding: "Branding allows administrators to globally re-brand the UI by customizing the Rancher product name, logos and color scheme."
  chart: "All charts have at least one version that is installable on clusters with Linux and Windows nodes unless otherwise indicated."
  compliance.cattle.io.clusterscanbenchmark: A benchmark version is the name of benchmark to run using kube-bench as well as the valid configuration parameters for that benchmark.
  compliance.cattle.io.clusterscanprofile: A profile is the configuration for the compliance scan, which is the benchmark versions to use and any specific tests to skip in that benchmark.
  compliance.cattle.io.clusterscan: A scan is created to trigger a compliance scan on the cluster based on the defined profile. A report is created after the scan is completed.
  compliance.cattle.io.clusterscanreport: A report is the result of a compliance scan of the cluster.
  management.cattle.io.feature: Feature Flags allow certain {vendor} features to be toggled on and off.  Features that are off by default should be considered experimental functionality.
  cluster.x-k8s.io.machine: A Machine encapsulates the configuration of a Kubernetes Node. Use this view to see what happens after updating a cluster.
  cluster.x-k8s.io.machinedeployment: A Machine Deployment orchestrates deployments via templates over a collection of Machine Sets (similar to a Deployment). Use this view to see what happens after updating a cluster.
  cluster.x-k8s.io.machineset: A Machine Set ensures the desired number of Machine resources are up and running at all times (similar to a ReplicaSet). Use this view to see what happens after updating a cluster.
  resources.cattle.io.backup: A backup is created to perform one-time backups or schedule recurring backups based on a ResourceSet.
  resources.cattle.io.restore: A restore is created to trigger a restore to the cluster based on a backup file.
  resources.cattle.io.resourceset: A resource set defines which CRDs and resources to store in the backup.
  monitoring.coreos.com.servicemonitor: A service monitor defines the group of services and the endpoints that Prometheus will scrape for metrics. This is the most common way to define metrics collection.
  monitoring.coreos.com.podmonitor: A pod monitor defines the group of pods that Prometheus will scrape for metrics. The common way is to use service monitors, but pod monitors allow you to handle any situation where a service monitor wouldn't work.
  monitoring.coreos.com.prometheusrule: A Prometheus Rule resource defines both recording and/or alert rules. A recording rule can pre-compute values and save the results. Alerting rules allow you to define conditions on when to send notifications to AlertManager.
  monitoring.coreos.com.prometheus: A Prometheus server is a Prometheus deployment whose scrape configuration and rules are determined by selected ServiceMonitors, PodMonitors, and PrometheusRules and whose alerts will be sent to all selected Alertmanagers with the custom resource's configuration.
  monitoring.coreos.com.alertmanager: An alert manager is deployment whose configuration will be specified by a secret in the same namespace, which determines which alerts should go to which receiver.
  node: The base Kubernetes Node resource represents a virtual or physical machine which hosts deployments. To manage the machine lifecycle, if available, go to Cluster Management.
  catalog.cattle.io.operation: An operation is the list of recent Helm operations that have been applied to the cluster.
  logging.banzaicloud.io.clusterflow: Logs from the cluster will be collected and logged to the selected Cluster Output.
  logging.banzaicloud.io.clusteroutput: A cluster output defines which logging providers that logs can be sent to and is only effective when deployed in the namespace that the logging operator is in.
  logging.banzaicloud.io.flow: A flow defines which logs to collect and filter as well as which output to send the logs. The flow is a namespaced resource, which means logs will only be collected from the namespace that the flow is deployed in.
  logging.banzaicloud.io.output: An output defines which logging providers that logs can be sent to. The output needs to be in the same namespace as the flow that is using it.
  group.principal: Assigning global roles to a group only works with external auth providers that support groups. Local authorization does not support groups.
  management.cattle.io.oidcclient: Here you can add applications to Rancher's single sign-on identity provider
  auditlog.cattle.io.auditpolicy: Define rules that determine which Rancher API events are logged and the level of detail they contain.

typeLabel:
  management.cattle.io.oidcclient: |-
    {count, plural,
      one { OIDC App }
      other { OIDC Apps }
    }
  management.cattle.io.token: |-
    {count, plural,
      one { API Key }
      other { API Keys }
    }
  compliance.cattle.io.clusterscan: |-
    {count, plural,
      one { Scan }
      other { Scans }
    }
  compliance.cattle.io.clusterscanprofile: |-
    {count, plural,
      one { Profile }
      other { Profiles }
    }
  compliance.cattle.io.clusterscanbenchmark: |-
    {count, plural,
      one { Benchmark Version }
      other { Benchmark Versions }
    }
  catalog.cattle.io.operation: |-
    {count, plural,
      one { Recent Operation }
      other { Recent Operations }
    }
  catalog.cattle.io.app: |-
    {count, plural,
      one { Installed App }
      other { Installed Apps }
    }
  catalog.cattle.io.clusterrepo: |-
    {count, plural,
      one { Repository }
      other { Repositories }
    }
  catalog.cattle.io.repo: |-
    {count, plural,
      one { Namespaced Repo }
      other { Namespaced Repos }
    }
  chartinstallaction: |-
    {count, plural,
      one { App }
      other { Apps }
    }
  chartupgradeaction: |-
    {count, plural,
      one { App }
      other { Apps }
    }
  cloudcredential: |-
    {count, plural,
      one { Cloud Credential }
      other { Cloud Credentials }
    }
  kontainerdriver: |-
    {count, plural,
      one { Cluster Driver }
      other { Cluster Drivers }
    }
  nodedriver: |-
    {count, plural,
      one { Node Driver }
      other { Node Drivers }
    }
  endpoints: |-
    {count, plural,
      one { Endpoint }
      other { Endpoints }
    }
  fleet.cattle.io.cluster: |-
    {count, plural,
      =1 { Cluster }
      other {Clusters }
    }
  fleet.cattle.io.clustergroup: |-
    {count, plural,
      one { Cluster Group }
      other {Cluster Groups }
    }
  fleet.cattle.io.application: |-
    {count, plural,
      one { App Bundle }
      other { App Bundles }
    }
  fleet.cattle.io.gitrepo: |-
    {count, plural,
      one { Git Repo }
      other {Git Repos }
    }
  fleet.cattle.io.helmop: |-
    {count, plural,
      one { Helm Op }
      other { Helm Ops }
    }
  management.cattle.io.authconfig: |-
    {count, plural,
      one { Authentication Provider }
      other { Authentication Providers }
    }
  management.cattle.io.clusterroletemplatebinding: |-
    {count, plural,
      one { Cluster Membership }
      other { Cluster Memberships }
    }
  projectroletemplatebinding: |-
    {count, plural,
      one { Project Membership }
      other { Project Memberships }
    }
  management.cattle.io.feature: |-
    {count, plural,
      one { Feature Flag }
      other { Feature Flags }
    }
  management.cattle.io.setting: |-
    {count, plural,
      one { Setting }
      other { Settings }
    }
  management.cattle.io.fleetworkspace: |-
    {count, plural,
      one { Workspace }
      other { Workspaces }
    }
  management.cattle.io.podsecurityadmissionconfigurationtemplate: |-
    {count, plural,
      one { Pod Security Admission }
      other { Pod Security Admissions }
    }
  policy.poddisruptionbudget: |-
    {count, plural,
      one { Pod Disruption Budget }
      other { Pod Disruption Budgets }
    }
  limitrange: |-
    {count, plural,
      one { Limit Range }
      other { Limit Ranges }
    }
  resourcequota: |-
    {count, plural,
      one { Resource Quota }
      other { Resource Quotas }
    }
  auditlog.cattle.io.auditpolicy: |-
    {count, plural,
      one { Audit Log Policy }
      other { Audit Log Policies }
    }
  # pruh-mee-thee-eyes https://www.prometheus.io/docs/introduction/faq/#what-is-the-plural-of-prometheus
  monitoring.coreos.com.prometheus: |-
    {count, plural,
      one { Prometheus }
      other { Prometheis }
    }
  helm.cattle.io.projecthelmchart: |-
    {count, plural,
      one { Project Monitor }
      other { Project Monitors }
    }
  monitoring.coreos.com.servicemonitor: |-
    {count, plural,
      one { Service Monitor }
      other { Service Monitors }
    }
  monitoring.coreos.com.alertmanager: |-
    {count, plural,
      one { Alertmanager }
      other { Alertmanagers }
    }
  monitoring.coreos.com.alertmanagerconfig: |-
    {count, plural,
      one { AlertmanagerConfig }
      other { AlertmanagerConfigs }
    }
  monitoring.coreos.com.podmonitor: |-
    {count, plural,
      one { Pod Monitor }
      other { Pod Monitors }
    }
  monitoring.coreos.com.prometheusrule: |-
    {count, plural,
      one { PrometheusRule }
      other { PrometheusRules }
    }
  monitoring.coreos.com.thanosruler: |-
    {count, plural,
      one { Thanos Rule }
      other { Thanos Rules }
    }
  monitoring.coreos.com.receiver: |-
    {count, plural,
      one { Receiver }
      other { Receivers }
    }
  monitoring.coreos.com.route: |-
    {count, plural,
      one { Route }
      other { Routes }
    }
  'management.cattle.io.cluster': |-
    {count, plural,
      one { Mgmt Cluster }
      other { Mgmt Clusters }
    }
  'cluster.x-k8s.io.cluster': |-
    {count, plural,
      one { CAPI Cluster }
      other { CAPI Clusters }
    }
  'provisioning.cattle.io.cluster': |-
    {count, plural,
      one { Cluster }
      other { Clusters }
    }
  management.cattle.io.user: |-
    {count, plural,
      one { User }
      other { Users}
    }
  namespace: |-
    {count, plural,
      one { Namespace }
      other { Namespaces }
    }
  node: |-
    {count, plural,
      one { Node }
      other { Nodes }
    }
  event: |-
    {count, plural,
      one { Event }
      other { Events }
    }
  apps.deployment: |-
    {count, plural,
      one { Deployment }
      other { Deployments }
    }
  batch.cronjob: |-
    {count, plural,
      one { CronJob }
      other { CronJobs }
    }
  apps.daemonset: |-
    {count, plural,
      one { DaemonSet }
      other { DaemonSets }
    }
  batch.job: |-
    {count, plural,
      one { Job }
      other { Jobs }
    }
  apps.statefulset: |-
    {count, plural,
      one { StatefulSet }
      other { StatefulSets }
    }
  pod: |-
    {count, plural,
      one { Pod }
      other { Pods }
    }
  autoscaling.horizontalpodautoscaler: |-
    {count, plural,
      one { HorizontalPodAutoscaler }
      other { HorizontalPodAutoscalers }
    }
  networking.k8s.io.ingress: |-
    {count, plural,
      one { Ingress }
      other { Ingresses }
    }
  networking.k8s.io.networkpolicy: |-
    {count, plural,
      one { Network Policy }
      other { Network Policies }
    }
  service: |-
    {count, plural,
      one { Service }
      other { Services }
    }
  persistentvolume: |-
    {count, plural,
      one { PersistentVolume }
      other { PersistentVolumes }
    }
  storage.k8s.io.storageclass: |-
    {count, plural,
      one { StorageClass }
      other { StorageClasses }
    }
  configmap: |-
    {count, plural,
      one { ConfigMap }
      other { ConfigMaps }
    }
  persistentvolumeclaim: |-
    {count, plural,
      one { PersistentVolumeClaim }
      other { PersistentVolumeClaims }
    }
  secret: |-
    {count, plural,
      one { Secret }
      other { Secrets }
    }
  projectsecret: |-
    {count, plural,
      one { Project Secret }
      other { Project Secrets }
    }
  apiregistration.k8s.io.apiservice: |-
    {count, plural,
      one { APIService }
      other { APIServices }
    }
  apiextensions.k8s.io.customresourcedefinition: |-
    {count, plural,
      one { CustomResourceDefinition }
      other { CustomResourceDefinitions }
    }
  flowcontrol.apiserver.k8s.io.flowschema: |-
    {count, plural,
      one { FlowSchema }
      other { FlowSchemas }
    }
  flowcontrol.apiserver.k8s.io.prioritylevelconfiguration: |-
    {count, plural,
      one { PriorityLevelConfiguration }
      other { PriorityLevelConfigurations }
    }
  apps.replicaset: |-
    {count, plural,
      one { ReplicaSet }
      other { ReplicaSets }
    }
  coordination.k8s.io.lease: |-
    {count, plural,
      one { Lease }
      other { Leases }
    }
  serviceaccount: |-
    {count, plural,
      one { ServiceAccount }
      other { ServiceAccounts }
    }
  discovery.k8s.io.endpointslice: |-
    {count, plural,
      one { EndpointSlice }
      other { EndpointSlices }
    }
  admissionregistration.k8s.io.mutatingwebhookconfiguration: |-
    {count, plural,
      one { MutatingWebhookConfiguration }
      other { MutatingWebhookConfigurations }
    }
  admissionregistration.k8s.io.validatingwebhookconfiguration: |-
    {count, plural,
      one { ValidatingWebhookConfiguration }
      other { ValidatingWebhookConfigurations }
    }
  group.principal: |-
    {count, plural,
      one { Group }
      other { Groups }
    }
  token: |-
    {count, plural,
      one { API Key }
      other { API Keys }
    }
  workload: |-
    {count, plural,
      one { Workload }
      other { Workloads }
    }
  harvesterhci.io.management.cluster: |-
    {count, plural,
      one { Harvester Cluster }
      other { Harvester Clusters }
    }
  harvesterhci.io.cloudtemplate: |-
    {count, plural,
      one { Cloud Config Template }
      other { Cloud Config Templates }
    }
  fleet.cattle.io.content: |-
    {count, plural,
      one { Content }
      other { Contents }
    }
  fleet.cattle.io.bundle: |-
    {count, plural,
      one { Bundle }
      other { Bundles }
    }
  fleet.cattle.io.bundledeployment: |-
    {count, plural,
      one { BundleDeployment }
      other { BundleDeployments }
    }
  k3s.cattle.io.addon: |-
    {count, plural,
      one { Addon }
      other { Addons }
    }
  management.cattle.io.apiservice: |-
    {count, plural,
      one { APIService }
      other { APIServices }
    }
  management.cattle.io.catalog: |-
    {count, plural,
      one { Catalog }
      other { Catalogs }
    }
  fleet.cattle.io.clusterregistration: |-
    {count, plural,
      one { ClusterRegistration }
      other { ClusterRegistrations }
    }
  management.cattle.io.dynamicschema: |-
    {count, plural,
      one { DynamicSchema }
      other { DynamicSchemas }
    }
  management.cattle.io.globalrolebinding: |-
    {count, plural,
      one { GlobalRoleBinding }
      other { GlobalRoleBindings }
    }
  management.cattle.io.kontainerdriver: |-
    {count, plural,
      one { KontainerDriver }
      other { KontainerDrivers }
    }
  management.cattle.io.nodedriver: |-
    {count, plural,
      one { NodeDriver }
      other { NodeDrivers }
    }
  management.cattle.io.podsecuritypolicytemplate: |-
    {count, plural,
      one { PodSecurityPolicyTemplate }
      other { PodSecurityPolicyTemplates }
    }
  management.cattle.io.userattribute: |-
    {count, plural,
      one { UserAttribute }
      other { UserAttributes }
    }
  management.cattle.io.catalogtemplate: |-
    {count, plural,
      one { CatalogTemplate }
      other { CatalogTemplates }
    }
  management.cattle.io.catalogtemplateversion: |-
    {count, plural,
      one { CatalogTemplateVersion }
      other { CatalogTemplateVersions }
    }
  management.cattle.io.cisbenchmarkversion: |-
    {count, plural,
      one { CisBenchmarkVersion }
      other { CisBenchmarkVersions }
    }
  management.cattle.io.cisconfig: |-
    {count, plural,
      one { CisConfig }
      other { CisConfigs }
    }
  management.cattle.io.clusteralertgroup: |-
    {count, plural,
      one { ClusterAlertGroup }
      other { ClusterAlertGroups }
    }
  management.cattle.io.clusteralertrule: |-
    {count, plural,
      one { ClusterAlertRule }
      other { ClusterAlertRules }
    }
  management.cattle.io.clusterregistrationtoken: |-
    {count, plural,
      one { ClusterRegistrationToken }
      other { ClusterRegistrationTokens }
    }
  management.cattle.io.node: |-
    {count, plural,
      one { Node }
      other { Nodes }
    }
  management.cattle.io.projectalertgroup: |-
    {count, plural,
      one { ProjectAlertGroup }
      other { ProjectAlertGroups }
    }
  management.cattle.io.projectalertrule: |-
    {count, plural,
      one { ProjectAlertRule }
      other { ProjectAlertRules }
    }
  management.cattle.io.rkeaddon: |-
    {count, plural,
      one { RkeAddon }
      other { RkeAddons }
    }
  management.cattle.io.rkek8sserviceoption: |-
    {count, plural,
      one { RkeK8sServiceOption }
      other { RkeK8sServiceOptions }
    }
  management.cattle.io.rkek8ssystemimage: |-
    {count, plural,
      one { RkeK8sSystemImage }
      other { RkeK8sSystemImages }
    }
  rbac.authorization.k8s.io.clusterrolebinding: |-
    {count, plural,
      one { ClusterRoleBinding }
      other { ClusterRoleBindings }
    }
  rbac.authorization.k8s.io.clusterrole: |-
    {count, plural,
      one { ClusterRole }
      other { ClusterRoles }
    }
  rbac.authorization.k8s.io.rolebinding: |-
    {count, plural,
      one { RoleBinding }
      other { RoleBindings }
    }
  rbac.authorization.k8s.io.role: |-
    {count, plural,
      one { Role }
      other { Roles }
    }
  replicationcontroller: |-
    {count, plural,
      one { Replication Controller }
      other { Replication Controllers }
    }
  scheduling.k8s.io.priorityclass: |-
    {count, plural,
      one { PriorityClass }
      other { PriorityClasses }
    }
  storage.k8s.io.csinode: |-
    {count, plural,
      one { CSINode }
      other { CSINodes }
    }
  cluster.x-k8s.io.machinedeployment: |-
    {count, plural,
      one { MachineDeployment }
      other { MachineDeployments }
    }
  cluster.x-k8s.io.machineset: |-
    {count, plural,
      one { MachineSet }
      other { MachineSets }
    }
  cluster.x-k8s.io.machine: |-
    {count, plural,
      one { Machine }
      other { Machines }
    }
  fleet.cattle.io.clusterregistrationtoken: |-
    {count, plural,
      one { Cluster Registration Token }
      other { Cluster Registration Tokens }
    }

oidcclient:
  a11y:
    copyText:
      issuerURL: Copy Issuer URL to clipboard
      discoveryDocument: Copy Discovery Document URL to clipboard
      jwksUri: Copy JWKS URI to clipboard
      clientId: Copy client Id to clipboard
      clientSecret: Copy client secret to clipboard
  usedNever: Never
  listViewCreate: Add Application
  oidcEndpoints: Provider Endpoints
  createClient: Create a new application
  clientData: Application
  clientId: Client ID
  clientSecrets: Client Secrets
  issuerURL: Issuer URL
  discoveryDocument: Discovery Document
  jwksUri: JWKS URI
  regenerate: Regenerate
  addNewSecret: Add new secret
  copySecretText: <b>Copy your secret now<b>. This is the only time it will be displayed. Be sure to save it in a safe place
  secretRegenerated: Secret regenerated!
  secretAdded: Secret Added!
  noClientId: No Client Id found for this application. If the problem persists please recreate the application
  errors:
    performSecretAction: The action on OIDC secrets tried to perform is invalid. Please check the the valid parameters for this function
  removeOidcClientModal:
    title: OIDC Application deletion
    content: Are you sure you want to delete the following OIDC applications?
    action: Delete Application
  regenModal:
    title: OIDC Application Secret regeneration
    content: Are you sure you want to regenerate this OIDC application secret? The old secret will stop working immediately
    action: Regenerate Secret
  deleteModal:
    title: OIDC Application Secret deletion
    content: Are you sure you want to delete this OIDC application secret? It will stop working immediately
    action: Delete Secret
  appName:
    placeholder: App name shown during the authorization flow
  appDescription:
    placeholder: A brief description of your application
  redirectURIs:
    label: Authorization Callback URLs
    addLabel: Add Callback URL
    valueLabel: Redirect URIs
    placeholder: The allowed redirect URL for your application after a user authenticates. HTTPS is required. You may add multiple URLs
  refreshTokenExpirationSeconds:
    detailLabel: Refresh Token Expiration (seconds)
    label: Refresh Token Expiration
    placeholder:  Duration (in seconds) a refresh token can be used to obtain new access/ID tokens without re-login
  tokenExpirationSeconds:
    detailLabel: Token Expiration (seconds)
    label: Token Expiration
    placeholder:  Duration (in seconds) the token containing user authentication information is valid

action:
  ariaLabel:
    hidePass: Hide {area}
    showPass: Reveal {area}
  clone: Clone
  disable: Disable
  download: Download YAML
  edit: Edit Config
  editYaml: Edit YAML
  enable: Enable
  openLogs: View Logs
  refresh: Refresh
  remove: Delete
  view: View Config
  viewInApi: View in API
  viewYaml: View YAML
  activate: Activate
  deactivate: Deactivate
  editQuota: Edit Quota
  show: Show
  hide: Hide
  copy: Copy
  unassign: 'Unassign'
  uninstall: Uninstall
  redeploy: Redeploy
  addSidecar: Add Sidecar
  rollback: Rollback
  openShell: Execute Shell
  runNow: Run Now
  suspend: Suspend
  resume: Resume
  showConfiguration: Show Configuration

unit:
  sec: secs
  min: mins
  hour: |-
    {count, plural,
      one { hour }
      other { hours }
    }
  day: |-
    {count, plural,
      one { day }
      other { days }
    }
workloadPorts:
  addPort: Add Port or Service
  remove: Remove
  addHost: Add Host

podAffinity:
  addLabel: Add Pod Selector

keyValue:
  keyPlaceholder: e.g. foo
  valuePlaceholder: e.g. bar
  protip: 'Paste lines of <em>key=value</em> or <em>key:value</em> into any key field for easy bulk entry'

registryMirror:
  header: Mirrors
  toolTip: 'Mirrors can be used to redirect requests for images from one registry to come from a list of endpoints you specify instead.  For example docker.io could redirect to your internal registry instead of ever going to DockerHub.'
  addLabel: Add Mirror
  description: Mirrors define the names and endpoints for private registries. The endpoints are tried one by one, and the first working one is used.
  hostnameLabel: Registry Hostname
  hostnamePlaceholder: e.g. docker.io or *
  endpointsLabel: Mirror Endpoints
  endpointsPlaceholder: e.g. a.registry.com:5000, b.registry.com:5000

registryMirrorRewrite:
  header: Rewrites
  toolTip: 'Each mirror can have a set of rewrites. Rewrites can change the tag of an image based on a regular expression.'
  addLabel: Add Rewrite Config
  keyLabel: Rewrite pattern
  keyPlaceholder: e.g. ^rancher/(.*)
  valueLabel: Rewrite replacement
  valuePlaceholder: e.g. mirrorproject/rancher-images/$1

registryConfig:
  header: Registry Authentication
  toolTip: 'When an image needs to be pulled from the given registry hostname, this information will be used to verify the identity of the registry and authenticate to it.'
  addLabel: Add Registry
  description: "Define the TLS and credential configuration for each registry hostname and mirror."
  caBundle:
    tooltip: Accepts a CA PEM certificate or a base64 encoded CA PEM.
    validationError: Invalid CA cert bundle. Must be a CA PEM certificate or a base64 encoded CA PEM.

##############################
### Advanced Settings
##############################

advancedSettings:
  setEnv: Set by Environment Variable
  hideShow: Hide/show setting
  label: Settings
  subtext: Typical users will not need to change these. Proceed with caution, incorrect values can break your {appName} installation. Settings which have been customized from default settings are tagged 'Modified'.
  show: Show
  hide: Hide
  none: None
  modified: Modified
  edit:
    moreActions: More actions for setting - { setting }
    label: Edit Setting
    changeSetting: "Change Setting:"
    agentConfigBanner: 
      text: Editing this value will not change the value set in running clusters! In order to update a running cluster to use the new values, edit the cluster and click on “Apply global settings for Priority Class and Pod Disruption Budget” in the {agent} Agent configuration tab.
      cluster: Cluster
      fleet: Fleet
    trueOption: "True"
    falseOption: "False"
    value: Value
    useDefault: Use the default value
    invalidJSON: Invalid JSON - please check and correct your input before saving
  descriptions:
    'cacerts': "CA Certificates needed to verify the server's certificate."
    'password-min-length': 'Define minimum characters required for an user password.'
    'cluster-defaults': 'Override RKE Defaults when creating new clusters.'
    'engine-install-url': 'Default Docker engine installation URL (for most node drivers).'
    'engine-iso-url': 'Default OS installation URL (for vSphere driver).'
    'engine-newest-version': 'The newest supported version of Docker at the time of this release.  A Docker version that does not satisfy supported docker range but is newer than this will be marked as untested.'
    'engine-supported-range': 'Semver range for supported Docker engine versions.  Versions which do not satisfy this range will be marked unsupported in the UI.'
    'ingress-ip-domain': 'Wildcard DNS domain to use for automatically generated Ingress hostnames. <ingress-name>.<namespace-name>.<ip address of ingress controller> will be added to the domain.'
    'server-url': 'Default {appName} install url. Must be HTTPS. All nodes in your cluster must be able to reach this.'
    'system-default-registry': 'Private registry to be used for all Rancher System Container Images. If no value is specified, the default registry for the container runtime is used. For Docker and containerd, the default is `docker.io`.'
    'ui-index': 'HTML index location for the Cluster Manager UI.'
    'ui-dashboard-index': 'HTML index location for the {appName} UI.'
    'ui-offline-preferred': 'Controls whether UI assets are served locally by the server container or from the remote URL defined in the ui-index and ui-dashboard-index settings. The `Dynamic` option will use local assets in production builds of {appName}.'
    'ui-pl': 'Private-Label company name.'
    'auth-user-info-max-age-seconds': 'The maximum age of a users auth tokens before an auth provider group membership sync will be performed.'
    'auth-user-info-resync-cron': 'Default cron schedule for resyncing auth provider group memberships.'
    'cluster-template-enforcement': 'Non-admins will be restricted to launching clusters via preapproved RKE Templates only.'
    'auth-user-session-idle-ttl-minutes': 'Custom idle TTL (in minutes) on a user auth session. This is the maximum duration a session can stay alive when there is no user activity in a browser. This should be smaller than "auth-user-session-ttl-minutes". If "auth-user-session-idle-ttl-minutes" is greater than or equal to "auth-user-session-ttl-minutes" then the session idle feature is considered disabled.'
    'auth-user-session-ttl-minutes': 'Custom TTL (in minutes) on a user auth session. This is the maximum duration a session can stay alive regardless of user activity in a browser. This should be larger than "auth-user-session-idle-ttl-minutes".'
    'auth-token-max-ttl-minutes': 'Max TTL (in minutes) for all tokens except those controlled by "auth-user-session-ttl-minutes" (user session tokens). When set to 0, the token never expires.'
    'kubeconfig-generate-token': 'Automatically generate tokens for users when a kubeconfig is requested.'
    'kubeconfig-default-token-ttl-minutes': 'TTL (in minutes) applied on all kubeconfig tokens. When set to 0, the token never expires.'
    'rke-metadata-config': 'Configure RKE metadata refresh parameters.'
    'ui-banners': 'Classification banner is used to display a custom fixed banner in the header, footer, or both.'
    'custom-notifications': Edit custom notifications
    'ui-consent-banner': 'Banner is used to display a custom consent banner presented to users during login.'
    'ui-default-landing': 'The default page users land on after login.'
    'brand': Folder name for an alternative theme defined in '/assets/brand'
    'hide-local-cluster': Hide the local cluster
    'agent-tls-mode': "Rancher Certificate Verification. In `strict` mode the agents (system, cluster, fleet, etc) will only trust Rancher installations which are using a certificate signed by the CABundle in the `cacerts` setting. When the mode is system-store, the agents will trust any certificate signed by a CABundle in the operating system’s trust store."
    'k3s-based-upgrader-uninstall-concurrency': Defines the maximum number of clusters in which Rancher can concurrently uninstall the legacy `rancher-k3s-upgrader` or `rancher-rke2-upgrader` app from imported or node-driver K3s or RKE2 clusters.
    'system-agent-upgrader-install-concurrency': Defines the maximum number of clusters in which Rancher can concurrently install the resources required for upgrading system-agent.
    'imported-cluster-version-management': Enables version management for imported RKE2/K3s clusters, and the local cluster if it is an RKE2/K3s cluster. The per-cluster version management setting overrides this global setting at the cluster level. For existing clusters where the cluster-level version management is set to 'system-default', changing this flag will trigger a redeployment of the cluster agent during the next reconciliation (by default every 5 minutes, or as soon as the cluster is edited, whichever comes first).
  warnings:
    'agent-tls-mode': 'Changing this setting will cause all agents to be redeployed.'
  editHelp:
    'ui-banners': This setting takes a JSON object containing 3 root parameters; <code>banner</code>, <code>showHeader</code>, <code>showFooter</code>. <code>banner</code> is an object containing; <code>textColor</code>, <code>background</code>, and <code>text</code>, where <code>textColor</code> and <code>background</code> are any valid CSS color value.
  enum:
    'ui-default-landing':
      ember: Cluster Manager
      vue: Cluster Explorer
    'ui-offline-preferred':
      dynamic: Dynamic
      true: Local
      false: Remote
    'harv-ui-source':
      auto: 'Auto'
      bundled: 'Bundled'
      external: 'External'
    'harv-log-level':
      info: Info
      debug: Debug
      trace: Trace
    'agent-tls-mode':
      strict: 'Strict'
      system-store: 'System Store'
  provisioning:
    header: Cluster Provisioning

featureFlags:
  label: Feature Flags
  title: "Are you sure?"
  warning: |-
    Feature flags allow {vendor} to gate certain features behind flags.
    Features that are off by default should be considered experimental functionality.
    Some features require a restart of the {vendor} server to change.
    This will result in a short outage of the API and UI, but not affect running clusters or workloads.
  promptActivate: Please confirm that you want to activate the feature flag "{flag}"
  promptDeactivate: Please confirm that you want to deactivate the feature flag "{flag}"
  restartRequired: "Note: Updating this feature flag will restart {vendor}"
  restart:
    title: Waiting for Restart
    wait: This may take a few moments

performance:
  label: UI Performance Settings
  settingName: Performance
  deprecatedInactivitySetting: The <i class="mr-5">"Inactivity"</i> setting is now deprecated in favor of the <i class="mr-5">auth-user-session-idle-ttl-minutes</i>&nbsp;<a href="{settingsPageUrl}">Setting</a>.
  deprecatedForSSP: The <i class="mr-5">"{setting}"</i> setting is now deprecated and will be removed in a future release.
  incrementalLoad:
    label: Incremental Loading
    setting: You can configure the threshold above which incremental loading will be used.
    description: |-
      When enabled, resources will appear more quickly, but it may take slightly longer to load the entire set of resources. This setting only applies to resources that come from the Kubernetes API
    checkboxLabel: Enable incremental loading
    inputLabel: Resource Threshold
    incompatibleDescription: "Incremental Loading is incompatible with Namespace/Project filtering and Server-side Pagination. Enabling this will disable them."
  manualRefresh:
    label: Manual Refresh
    setting: You can configure a threshold above which manual refresh will be enabled.
    buttonTooltip: Refresh list
    description: |-
      When enabled, list data will not auto-update but instead the user must manually trigger a list-view refresh. This setting only applies to resources that come from the Kubernetes API
    checkboxLabel: Enable manual refresh of data for lists
    inputLabel: Resource Threshold
    incompatibleDescription: "Manual Refresh is incompatible with Namespace/Project filtering and Server-side Pagination. Enabling this will disable them."
  websocketNotification:
    label: Websocket Notifications
    description: |-
      When checked, websocket notifications will not appear when the UI detects a disconnection.
    checkboxLabel: Disable websocket notifications
  gc:
    label: Resource Garbage Collection
    description: The UI will cache Kubernetes resources locally to avoid having to re-fetch them. In some cases this can lead to a large amount of data stored in the browser. Enable this setting to periodically remove them.
    checkboxLabel: Enable Garbage Collection
    whenRun:
      description: Update when garbage collection runs
      intervalCheckBox:
        label: Run garbage collection periodically
      interval:
        inputLabel: Run every
      route:
        description: Run garbage collection on page change
        inputLabel: Page Change
    howRun:
      description: Update how garbage collection runs
      age:
        description: "Resource types musn't have been accessed within this period to be considered for garbage collection."
        inputLabel: Resource Age
      count:
        description: Resource types must exceed this amount to be considered for garbage collection.
        inputLabel: Resource Count
  nsFiltering:
    label: Require Namespace / Project Filtering
    description: Require the user to select namespaces and/or projects. This restricts the number of resources fetched when viewing lists and should help the responsiveness of the UI in systems with a lot of resources.
    checkboxLabel: Enable Required Namespace / Project Filtering
    incompatibleDescription: "Required Namespace / Project Filtering is incompatible with Manual Refresh and Incremental Loading. Enabling this will disable them."
  advancedWorker:
    label: Websocket Web Worker
    description: Updates to resources pushed to the UI come via WebSocket and are handled in the UI thread. Enable this option to handle cluster WebSocket updates in a Web Worker in a separate thread. This should help the responsiveness of the UI in systems where resources change often.
    checkboxLabel: Enable Advanced Websocket Web Worker
  inactivity:
    title: Inactivity
    checkboxLabel: Enable inactivity session expiration
    inputLabel: Inactivity timeout (minutes)
    information: To change the automatic logout behaviour, edit the authorisation and/or session token timeout values (<code>auth-user-session-ttl-minutes</code> and <code>auth-token-max-ttl-minutes</code>) in the Settings page.
    description: When enabled and the user is inactive past the specified timeout, the UI will no longer fresh page content and the user must reload the page to continue.
    authUserTTL: This timeout cannot be higher than the user session timeout auth-user-session-ttl-minutes, which is currently {current} minutes.
  serverPagination:
    label: Server-side Pagination
    description: By default Lists will fetch all resources and paginate (create the page given sort and filter settings) locally in the browser. Server-Side Pagination moves this out from the browser to the server. This improves performance of the UI, especially in systems with lots of resources.
    applicable: "Server-side pagination applies to Resource Types"
    resources:
      generic: most resources in the cluster's 'More Resources' section
      all: All Resources
banner:
  label: Fixed Banners
  settingName: Banners
  bannerHeader: Header Banner
  bannerFooter: Footer Banner
  bannerConsent: Login Screen Banner
  text: Text
  buttonText: Accept Button Text
  textColor: Text Color
  background: Background Color
  showHeader: Show Banner in Header
  showFooter: Show Banner in Footer
  showConsent: Show Consent Banner on Login Screen
  showAsDialog:
    defaultButtonText: Accept
    label: Show Login Consent as a modal dialog
    tooltip: Show a modal dialog on the login screen that must be accepted by a user before they can login
  bannerAlignment:
    label: Text Alignment
    leftOption: Left
    centerOption: Center
    rightOption: Right
  bannerDecoration:
    label: Text Decoration
    bannerBold: Bold
    bannerItalic: Italic
    bannerUnderline: Underline
  bannerFontSize:
    label: 'Font Size'
  consent: Consent Banner
  consentFootnote: "Tip: Use \\n character for line break"
  individualSetting: 'This banner is managed by the setting "{name}" and can not be modified in the UI'
  type:
    html: HTML
    text: Text
  htmlWarning: 'Not all HTML elements or attriutes are permitted and the HTML entered here will be sanitized before display. For HTML anchor elements, it is recommended to use the target attribute to have links open in a blank tab.'
  htmlContent: HTML Content
  toggleTextHtml: Toggle between text and html

branding:
  label: Branding
  directoryName: Brand Asset Directory Name
  logos:
    home: Product main page
    label: Logo
    tip: 'Upload a logo to replace the Rancher logo in the top-level navigation header. Image height should be 21 pixels with a max width of 200 pixels. Max file size is 20KB. Accepted formats: JPEG, PNG, SVG.'
    lightPreview: Light Theme Preview
    darkPreview: Dark Theme Preview
    uploadLight: Upload Light Logo
    uploadDark: Upload Dark Logo
    useCustom: Use a Custom Logo
  banner:
    label: Banner
    tip: 'Upload an image to replace the default Rancher banner in the Dashboard page. We recommend using an SVG image with an aspect ratio of 6:1. The default image size is 4197x633. Max file size is 200KB. Accepted formats: JPEG, PNG, SVG.'
    lightPreview: Light Theme Preview
    darkPreview: Dark Theme Preview
    uploadLight: Upload Light Banner
    uploadDark: Upload Dark Banner
    useCustom: Use a Custom Banner
  loginBackground:
    label: Login Background
    tip: 'Upload an image to replace the default Rancher background in the Login page. We recommend using an SVG image with an aspect ratio of 7:8. The default image size is 683x768. Max file size is 200KB. Accepted formats: JPEG, PNG, SVG.'
    lightPreview: Light Theme Preview
    darkPreview: Dark Theme Preview
    uploadLight: Upload Light Background
    uploadDark: Upload Dark Background
    useCustom: Use a Custom Background
  favicon:
    label: Favicon
    tip: 'Upload an icon to replace the Rancher favicon in the browser tab. Max file size is 20KB.'
    preview: Favicon Preview
    upload: Upload Favicon
    useCustom: Use a Custom Favicon
  options:
    default: Default Rancher Theme
    suse: SUSE Theme
    custom: Define a Custom Theme
  uiPL:
    label: Private Label
  color:
    label: Primary Color
    tip: You can override the primary color used throughout the UI with a custom color of your choice.
    useCustom: Use a Custom Color
  linkColor:
    label: Link Color
    tip: You can override the link color used throughout the UI with a custom color of your choice.
    useCustom: Use a Custom Link Color
    example: Link Example
notifications:
  header: Custom notifications
  menuLabel: 'Custom Notifications'
  loginError:
    header: Login Failed Banner
    showCheckboxLabel: Show custom login error
    messageLabel: Text to display
resourceQuota:
  banner: Limit resource consumption in a project for both standard (e.g. CPU Limit) and custom resource types. For custom resource types you have to provide the resource identifier yourself. Want to learn more about resource quotas? Read our <a href="https://ranchermanager.docs.rancher.com/how-to-guides/advanced-user-guides/manage-projects/manage-project-resource-quotas" target="_blank" rel="noopener noreferrer nofollow">documentation <i class="icon icon-external-link"></i></a><span class="sr-only">Opens in a new tab</span>
  label: Resource Quotas
  headers:
    limit: Limit
    namespaceDefaultLimit: Namespace Default Limit
    projectLimit: Project Limit
    projectResourceAvailability: Project Resource Availability
    resourceType: Resource Type
    resourceIdentifier: Resource Identifier
  helpText: Configure how much of the resources the namespace as a whole can consume.
  helpTextDetail: The amount of resources the namespace as a whole can consume.
  helpTextHarvester: VMs need to reserve additional memory overhead.
  custom: Custom
  resourceIdentifier:
    placeholder: e.g. configmaps
    tooltip: Select 'Custom' from the 'Resource Type' list and enter the resource identifier (e.g. requests.nvidia.com/gpu) to add custom resources quotas.
  configMaps: Config Maps
  limitsCpu: CPU Limit
  limitsMemory: Memory Limit
  persistentVolumeClaims: Persistent Volume Claims
  pods: Pods
  replicationControllers: Replication Controllers
  requestsCpu: CPU Reservation
  requestsMemory: Memory Reservation
  requestsStorage: Storage Reservation
  secrets: Secrets
  services: Services
  servicesLoadBalancers: Services Load Balancers
  servicesNodePorts: Service Node Ports
  namespaceLimit:
    label: Namespace Limit
  projectLimit:
    label: Project Limit
    cpuPlaceholder: e.g. 2000
    memoryPlaceholder: e.g. 2048
    storagePlaceholder: e.g. 50
    unitlessPlaceholder: e.g. 50
  namespaceDefaultLimit:
    label: Namespace Default Limit
    cpuPlaceholder: e.g. 500
    memoryPlaceholder: e.g. 1024
    storagePlaceholder: e.g. 10
    unitlessPlaceholder: e.g. 10
  add:
    label: Add Resource
  errors:
    customTypeRequired: Resource identifier is required
  tooltip:
    reserved: 'Other Namespaces:'
    namespace: 'This Namespace:'
    available: 'Available:'
    max: 'Total:'
  ariaLabel:
    grid: Resource Quotas
    resourceType: 'Resource Type, row {row}'
    resourceIdentifier: 'Resource Identifier, row {row}'
    projectLimit: 'Project Limit, row {row}'
    namespaceDefaultLimit: 'Namespace Default Limit, row {row}'
    remove: 'Remove {identifier}'
customLinks:
  displayTitle: Links
  label: Home Links
  description: 'Configure the links to display on the home page. You can define your own custom links as well as show or hide default links.'
  restoreDefaults: 'Restore Defaults'
  addLink: Add Link
  restoreSuccess: Default URLs have been restored.
  settings:
    default: Default Links
    custom: Custom Links
    keyLabel: Display Text
    valueLabel: URL
    showLabel: Show
  defaults:
    docs:       Docs
    forums:     Forums
    slack:      Slack
    issues:     File an Issue
    getStarted: Get Started
    commercialSupport: Commercial Support
    appCo: SUSE Application Collection

##############################
### Support Page
##############################

support:
  bannerImage: Support page banner image
  community:
    title: SUSE Rancher provides world-class support
    linksTitle: Community Support
    learnMore: Find out more about SUSE Rancher Support
    pricing: Contact us for pricing
  subscription:
    haveSupport: Already have support?
    addSubscription: Add a Subscription ID
    removeSubscription: Remove your Subscription ID
    addTitle: Add your SUSE Subscription ID
    addLabel: "Please enter a valid Subscription ID:"
    removeTitle: Remove your ID?
    removeBody: "Note: This will not affect your subscription."

  suse:
    title: "Great News - You're covered"
    editBrand: Customize UI Theme
    access:
      title: Get Support
      text: Login to SUSE Customer Center to access support for your subscription
      action: SUSE Customer Center
      aws:
        generateConfig: Generate Support Config
        text: 'Login to SUSE Customer Center to access support for your subscription. Need to open a new support case? Download a support config file below.'
  promos:
    one:
      title: 24x7 Support
      text: We provide tightly defined SLAs, and offer round the clock support options.
    two:
      title: Issue Resolution
      text: Run SUSE Rancher products with confidence, knowing that the developers who built them are available to quickly resolve issues.
    three:
      title: Troubleshooting
      text: We focus on uncovering the root cause of any issue, whether it is related to SUSE products, Kubernetes, Docker or your underlying infrastructure.
    four:
      title: Innovate with Freedom
      text: Take advantage of our certified compatibility with a wide range of Kubernetes providers, operating systems, and open source software.

serverUpgrade:
  title: "{vendor} Server Changed"
  message: "The page reloaded because the version of {vendor} running on your server changed."

volumeClaimTemplate:
  add:
    label: Add Claim Template

manager:
  cloudCredentials:
    label: Cloud Credentials
    list:
      groupBy:
        provider: Group by Provider
      headers:
        provider: Provider
  drivers:
    label: Drivers
  rkeTemplates:
    label: RKE Templates
  nodeTemplates:
    label: Node Templates
  jwtAuthentication:
    label: JWT Authentication

auth:
  roleTemplate: Role Templates
  config:
    label: Auth Provider
vncConsole:
  error:
    message: Web VNC console is disconnected
  reconnecting:
    message: Web VNC console reconnection attempt

gitPicker:
  github:
    label: GitHub
    tableHeaders:
      choose:
        label: Select
      sha:
        label: SHA
      author:
        label: Author
        unknown: Unknown
      message:
        label: Message
      date:
        label: Date
    username:
      label: Username / Organization
      inputLabel: Username / Organization
      tooltip: Username / Organization of the Git Repository
    branch:
      label: Branch
      inputLabel: Branch
      tooltip: Branch to deploy
    repo:
      label: Repository
      inputLabel: Repository
      tooltip: Repository to deploy from
    commits:
      label: Commits
      tooltip: Commits to deploy from
    commit:
      label: Commit
      inputLabel: Commit
    commitMessage:
      label: Commit Message
    errors:
      noAccount: No GitHub account or Organization found. Please review your query and try again.
      noBranch: No branch found. Please review your query and try again.
  gitlab:
    label: GitLab
    tableHeaders:
      choose:
        label: Select
      sha:
        label: SHA
      author:
        label: Author
        unknown: Unknown
      message:
        label: Message
      date:
        label: Date
    username:
      label: Username / Organization
      inputLabel: Username / Organization
      tooltip: Username / Organization of the Git Repository
    branch:
      label: Branch
      inputLabel: Branch
      tooltip: Branch to deploy
    repo:
      label: Repository
      inputLabel: Repository
      tooltip: Repository to deploy from
    commits:
      label: Commits
      tooltip: Commits to deploy from
    commit:
      label: Commit
      inputLabel: Commit
    commitMessage:
      label: Commit Message
    errors:
      noAccount: No GitLab account or Organization found. Please review your query and try again.
      noBranch: No branch found. Please review your query and try again.

networkAttachmentDefinition:
  tabs:
    config: Config

errors:
  actionNotAvailable: This action is not currently available
  missingRequired: is required
  notUnique: is not unique
  notNullable: must be set
  invalidOption: is not a valid option
  invalidCharacters: contains invalid characters
  minLengthExceeded: is not long enough
  maxLengthExceeded: is too long
  minLimitExceeded: is too small
  maxLimitExceded: is too big
  messageAndDetail: '{message} ({detail})'
  messageOrDetail: '{val}'
  failedInApi:
    withName:
      withCodeExplanation:
        withMessageDetail: 'Validation failed in API: {name} {codeExplanation}: {messageDetail}'
        withoutMessageDetail: 'Validation failed in API: {name} {codeExplanation}'
      withMessageDetail: 'Validation failed in API: {name} {messageDetail}'
      withoutAnythingElse: 'Validation failed in API: {name} '
    withoutName:
      withMessageDetail:
        withCodeExplanation: 'Validation failed in API: {codeExplanation}: {messageDetail}'
        withoutCodeExplanation: 'Validation failed in API: {messageDetail}'
      withCode:
        withCodeExplanation: 'Validation failed in API: {code} {codeExplanation}'
        withoutCodeExplanation: 'Validation failed in API: {code}'
    withoutAnything: Validation failed in API.
  notFound:
    withUrl: '{msg}: {url}'
    withoutUrl: '{msg}'
component:
  drawer:
    chrome:
      ariaLabel:
        close: Close {target} drawer
      close: Close
    resourceDetailDrawer:
      title: "{resourceName} ({resourceType}) - Configuration"
      editConfig: Edit Config
      editYaml: Edit YAML
      ariaLabel:
        editConfig: Edit Config
        editYaml: Edit YAML
      yamlTab:
        title: YAML
      configTab:
        title: Config
  resource:
    detail:
      copyToClipboard:
        ariaLabel:
          copy: Copy to clipboard
      card:
        resourceUsage:
          used: Used
          amount: '{used} of {available}'
          cpu: CPU
          memory: Memory
          pods: Pods
        resourcesCard:
          title: Resources
          rows:
            services: Services
            ingresses: Ingresses
            referredToBy: Referred to by
            refersTo: Refers to
        podsCard:
          title: Pods
          ariaResourceName: pods
          noPods: There are no pods currently present.
        jobsCard:
          title: Jobs
          ariaResourceName: jobs
        insightsCard:
          title: Insights
          rows:
            conditions: Conditions
            events: Events
        extrasCard:
          title: Extras
          message: 'Consider installing additional <extensionsLink>extensions</extensionsLink> and / or <clusterToolsLink>cluster tools</clusterToolsLink> to enrich your Rancher experience.'
        scaler:
          ariaLabel:
            increase: Increase {resourceName}
            decrease: Decrease {resourceName}
      titleBar:
        showConfiguration: Show Configuration
        ariaLabel:
          actionMenu: More actions - { resource }
          showConfiguration: Show the entire configuration of { resource }
      metadata:
        labelsAndAnnotations: Labels and Annotations
        identifyingInformation:
          namespace: Namespace
          project: Project
          age: Age
          image: Image
          ready: Ready
          up-to-date: Up-to-date
          available: Available
          serviceAccount: Service Account
          type: Type
          certificate: Certificate
          issuer: Issuer
          expires: Expires
          workspace: Workspace
        annotations:
          title: Annotations
        labels:
          title: Labels
        keyValue:
          noRows: There are no {propertyName} configured on this resource.
          showConfiguration: Show Configuration
          ariaLabel:
            showPreview: Show Preview
      glance:
        state: State
        age: Age
        namespace: Namespace
        project: Project
        type: Type
        ariaLabel:
          showDetails: Show Resource Information about { resource } named { name }
          actionMenu: Resource Actions - { resource }
  cron:
    expressionEditor:
      label:
        minute: "Minute"
        hour: "Hour"
        dayOfMonth: "Day of Month"
        month: "Month"
        dayOfWeek: "Day of Week"
      invalidValue: "Invalid value"
      invalidCronExpression: "Invalid Cron Expression"
      minute:
        any: "any value (every minute)"
        at1and5: "at 1 and 5 min past the hour"
        range: "every minute from 1 to 5"
        every5: "every 5 minutes"
        start8: "every 5 minutes, starting at 8 minutes past the hour"
        allowed: "Allowed literal values: 0-59"
      hour:
        any: "any value (every hour)"
        at1and5: "at 1 AM and 5 AM"
        range: "every hour from 1 to 5 AM"
        every5: "every 5 hours"
        start8: "every 5 hours starting at 8 AM"
        allowed: "Allowed literal values: 0-23"
      dayOfMonth:
        any: "any value (every day of the month)"
        omit: "omit"
        1and5: "on the 1st and 5th days of the month"
        range: "every day from 1st to 5th"
        every5: "every 5 days"
        start8: "every 5 days starting at the 8th"
        allowed: "Allowed literal values: 1-31"
      month:
        any: "any value (every month)"
        1and5: "on months 1 and 5 (January and May)"
        range: "every month from January to May"
        every2: "every 2 months"
        start3: "every 2 months, starting on month 3 (March)"
        allowed: "Allowed literal values: 1-12"
        alias: "Allowed alias values: jan-dec"
      dayOfWeek:
        any: "any value (every day of the week)"
        omit: "omit"
        1and5: "on days 1 and 5 (Monday and Friday)"
        range: "every day from Monday to Friday"
        allowed: "Allowed literal values: 0-7"
        alias: "Allowed alias values: mon-sun"
      a11y:
        examples: "Edit {label}. Examples:"
    expressionEditorModal:
      title: "Define Cron expression"
      description: "Click on any field to get hints about valid values and wildcard symbols."
      wildcards:
        title: "Generic Wildcards"
        anyValue: "any value"
        xAndY: "X and Y"
        fromXtoY: "from X to Y"
        everyX: "every X"
        everyXStartingY: "every X starting at Y"
        everyXFromYtoZ: "every X, from Y to Z"
      examples:
        title: "Examples"
        dailyMidnight: "At 12:00 AM"
        every5Hours: "At 0 minutes past the hour, every 5 hours"
        day1At1745: "At 05:45 PM, on day 1 of the month"
        weekdaysAt0830: "At 30 minutes past the hour, every 1 hours, starting at 08:00 AM, Monday through Friday"
        marchToMayHourly: "Every hour, only in March, April, and May"
        every4Hours9to17: "At 0 minutes past the hour, every 4 hours, between 09:00 AM and 05:00 PM"

autoscaler:
  card:
    title: Autoscaler
    pause: Pause
    resume: Resume
    loadingError: There was a problem loading details
    loadingAlt: Details Loading
    details:
      status: Status
      health: Health
      scaleDown: Scale Down
      scaleUp: Scale Up
      nodes: Nodes
      ready: Ready
      notStarted: Not Started
      inTotal: In Total
      provisioning: Provisioning
      paused: Paused
      unavailable: Unavailable
  tab:
    title: Autoscaler

ext.cattle.io.kubeconfig:
  deleted: "{name} (deleted)"
  moreClusterCount: " + {remainingCount} more"