Convert original warnings -> danger admonition

Signed-off-by: Derek Nola <[email protected]>

docs/datastore/cluster-loadbalancer.md

@@ -130,7 +130,7 @@ server-3   Ready    control-plane,etcd,master   3m12s   v1.27.3+k3s1
 
 ## Nginx Load Balancer
 
-:::warning
+:::danger
 Nginx does not natively support a High Availability (HA) configuration. If setting up an HA cluster, having a single load balancer in front of K3s will reintroduce a single point of failure.
 :::
 

docs/installation/packaged-components.md

@@ -31,7 +31,7 @@ Here is en example of an error that would be reported if the file name contains
    a lowercase RFC 1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character
    (e.g. 'example.com', regex used for validation is '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*')`
 
-:::warning
+:::danger
 If you have multiple server nodes, and place additional AddOn manifests on more than one server, it is your responsibility to ensure that files stay in sync across those nodes. K3s does not sync AddOn content between nodes, and cannot guarantee correct behavior if different servers attempt to deploy conflicting manifests.
 :::
 

docs/installation/requirements.md

@@ -127,7 +127,7 @@ If you plan on achieving high availability with embedded etcd, server nodes must
 The VXLAN port on nodes should not be exposed to the world as it opens up your cluster network to be accessed by anyone. Run your nodes behind a firewall/security group that disables access to port 8472.
 :::
 
-:::warning
+:::danger
 Flannel relies on the [Bridge CNI plugin](https://www.cni.dev/plugins/current/main/bridge/) to create a L2 network that switches traffic. Rogue pods with `NET_RAW` capabilities can abuse that L2 network to launch attacks such as [ARP spoofing](https://static.sched.com/hosted_files/kccncna19/72/ARP%20DNS%20spoof.pdf). Therefore, as documented in the [Kubernetes docs](https://kubernetes.io/docs/concepts/security/pod-security-standards/), please set a restricted profile that disables `NET_RAW` on non-trustable pods.
 :::
 

docs/release-notes/v1.28.X.md

@@ -123,9 +123,13 @@ For more details on what's new, see the [Kubernetes release notes](https://githu
 <!-- v1.28.1+k3s1 -->
 This release is K3S's first in the v1.28 line. This release updates Kubernetes to v1.28.1.
 
-⚠️ IMPORTANT: This release includes remediation for CVE-2023-32187, a potential Denial of Service attack vector on K3s servers. See https://github.com/k3s-io/k3s/security/advisories/GHSA-m4hf-6vgr-75r2 for more information, including documentation on changes in behavior that harden clusters against this vulnerability.
+:::caution Important
+This release includes remediation for CVE-2023-32187, a potential Denial of Service attack vector on K3s servers. See https://github.com/k3s-io/k3s/security/advisories/GHSA-m4hf-6vgr-75r2 for more information, including documentation on changes in behavior that harden clusters against this vulnerability.
+:::
 
+:::danger Critical Regression
 Kubernetes v1.28 contains a critical regression ([kubernetes/kubernetes#120247](https://github.com/kubernetes/kubernetes/issues/120247)) that causes init containers to run at the same time as app containers following a restart of the node. This issue will be fixed in v1.28.2. We do not recommend using K3s v1.28 at this time if your application depends on init containers.
+:::
 
 For more details on what's new, see the [Kubernetes release notes](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.28.md#changelog-since-v1270).
 

i18n/kr/docusaurus-plugin-content-docs/current/installation/packaged-components.md

@@ -31,7 +31,7 @@ Here is en example of an error that would be reported if the file name contains
    a lowercase RFC 1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character
    (e.g. 'example.com', regex used for validation is '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*')`
 
-:::warning
+:::danger
 If you have multiple server nodes, and place additional AddOn manifests on more than one server, it is your responsibility to ensure that files stay in sync across those nodes. K3s does not sync AddOn content between nodes, and cannot guarantee correct behavior if different servers attempt to deploy conflicting manifests.
 :::
 

i18n/kr/docusaurus-plugin-content-docs/current/installation/requirements.md

@@ -64,7 +64,7 @@ If you plan on achieving high availability with embedded etcd, server nodes must
 The VXLAN port on nodes should not be exposed to the world as it opens up your cluster network to be accessed by anyone. Run your nodes behind a firewall/security group that disables access to port 8472.
 :::
 
-:::warning
+:::danger
 Flannel relies on the [Bridge CNI plugin](https://www.cni.dev/plugins/current/main/bridge/) to create a L2 network that switches traffic. Rogue pods with `NET_RAW` capabilities can abuse that L2 network to launch attacks such as [ARP spoofing](https://static.sched.com/hosted_files/kccncna19/72/ARP%20DNS%20spoof.pdf). Therefore, as documented in the [Kubernetes docs](https://kubernetes.io/docs/concepts/security/pod-security-standards/), please set a restricted profile that disables `NET_RAW` on non-trustable pods.
 :::
 

i18n/zh/docusaurus-plugin-content-docs/current/installation/requirements.md

@@ -71,7 +71,7 @@ K3s Server 需要 6443 端口才能被所有节点访问。
 节点上的 VXLAN 端口会开放集群网络，让任何人均能访问集群。因此，不要将 VXLAN 端口暴露给外界。请使用禁用 8472 端口的防火墙/安全组来运行节点。
 :::
 
-:::warning
+:::danger
 Flannel 依赖 [Bridge CNI 插件](https://www.cni.dev/plugins/current/main/bridge/)来创建交换流量的 L2 网络。具有 `NET_RAW` 功能的 Rogue pod 可以滥用该 L2 网络来发动攻击，如 [ARP 欺骗](https://static.sched.com/hosted_files/kccncna19/72/ARP%20DNS%20spoof.pdf)。因此，如 [Kubernetes 文档](https://kubernetes.io/docs/concepts/security/pod-security-standards/)所述，请设置一个受限配置文件，在不可信任的 Pod 上禁用 `NET_RAW`。
 :::