1:在master節點上執行:
kubeadm certs renew all
2:按照提示,查找kube-apiserver, kube-controller-manager, kube-scheduler and etcd服務的容器並重啟:
docker ps | grep -E 'kube-apiserver|kube-controller-manager|kube-scheduler|etcd'
3:根據上一步查到的容器id重啟docker容器:
4:至此,證書更新完畢,重新執行kubectl命令,可能提示“error: You must be logged in to the server (Unauthorized)”
處理方法:
echo "export KUBECONFIG=/etc/kubernetes/admin.conf" >> ~/.bash_profile
再使環境變量生效:
source ~/.bash_profile
即可解決問題。