Unable to connect to the server: x509: certificate is valid for kubernetes, kubernetes.default, kubernetes.default.svc, kubernetes.default.svc.cluster, kubernetes.default.svc.cluster.local., not xxx

本文轉載自查看原文 2020-03-26 16:17 2738 Kubernetes/OpenShift/ k8s

k8s部署問題簡記

Unable to connect to the server: x509: certificate is valid for kubernetes, kubernetes.default, kubernetes.default.svc, kubernetes.default.svc.cluster, kubernetes.default.svc.cluster.local., not kube-master

看到這個錯誤，請注意最后not后的參數，我這里是 kube-master,請將這個值添加到 kubernetes-csr.json 中，舉例：

cat > kubernetes-csr.json <<EOF
{
  "CN": "kubernetes-master",
  "hosts": [
    "127.0.0.1",
    "kube-master", ##這里加上master節點的名稱映射
    "192.168.87.143",
    "192.168.87.144",
    "192.168.87.145",
    "kubernetes",
    "kubernetes.default",
    "kubernetes.default.svc",
    "kubernetes.default.svc.cluster",
    "kubernetes.default.svc.cluster.local."
  ],
  "key": {
    "algo": "rsa",
    "size": 2048
  },
  "names": [
    {
      "C": "CN",
      "ST": "BeiJing",
      "L": "BeiJing",
      "O": "k8s",
      "OU": "opsnull"
    }
  ]
}
EOF

重新生成 kubernets證書和密鑰，舉例

cfssl gencert -ca=/opt/k8s/work/ca.pem \
  -ca-key=/opt/k8s/work/ca-key.pem \
  -config=/opt/k8s/work/ca-config.json \
  -profile=kubernetes kubernetes-csr.json | cfssljson -bare kubernetes
ls kubernetes*pem
cp kubernetes*pem /etc/kubernetes/cert

重啟 kube-apiserver

systemctl restart kube-apiserver

測試

kubectl cluster-info

出現下圖說明正常了

引用書籍：https://s.itho.me/day/2017/k8s/1020-1100 All The Troubles You Get Into When Setting Up a Production-ready Kubernetes Cluster.pdf

免責聲明！

本站轉載的文章為個人學習借鑒使用，本站對版權不負任何法律責任。如果侵犯了您的隱私權益，請聯系本站郵箱yoyou2525@163.com刪除。

猜您在找 Jenkins集成k8s報錯：Error testing connection https://kubernetes.default.svc.cluster.local: Failure Kubernetes---Service(SVC)服務 039.Kubernetes集群網絡-Pod和SVC網絡實踐 025.Kubernetes掌握Service-SVC基礎使用 kubernetes之ingress error: endpoints "default-http-backend" not found 部署Kubernetes Cluster Kubernetes Kubernetes 什么是Kubernetes？ Kubernetes