步驟
如果有多master,需要在每個master上進行以下操作。
需要進行以下步驟
- 重新生成證書
- 重新生成對應的配置文件
- 重啟docker 和 kubelet
- 拷貝kubectl 客戶端文件
[root@lab1 local]# kubeadm alpha certs renew all --config kubeadm.conf
...
[root@lab1 local]# mv /etc/kubernetes/*.conf ~/.
[root@lab1 local]# kubeadm init phase kubeconfig all --config kubeadm.conf
...
[kubeconfig] Using kubeconfig folder "/etc/kubernetes"
[kubeconfig] Writing "admin.conf" kubeconfig file
[kubeconfig] Writing "kubelet.conf" kubeconfig file
[kubeconfig] Writing "controller-manager.conf" kubeconfig file
[kubeconfig] Writing "scheduler.conf" kubeconfig file
[root@lab1 local]# cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
[root@lab1 local]# sudo systemctl restart docker; sudo systemctl restart kubelet
如果遇見static pod 啟動不了的情況可以采用以下方式處理
docker ps -a |grep -i exit |awk '{print $1}'|xargs docker rm
參考地址
https://stackoverflow.com/questions/56320930/renew-kubernetes-pki-after-expired
https://kubernetes.io/docs/reference/setup-tools/kubeadm/kubeadm-init-phase/
https://kubernetes.io/docs/tasks/administer-cluster/kubeadm/kubeadm-certs/