步骤
如果有多master,需要在每个master上进行以下操作。
需要进行以下步骤
- 重新生成证书
- 重新生成对应的配置文件
- 重启docker 和 kubelet
- 拷贝kubectl 客户端文件
[root@lab1 local]# kubeadm alpha certs renew all --config kubeadm.conf
...
[root@lab1 local]# mv /etc/kubernetes/*.conf ~/.
[root@lab1 local]# kubeadm init phase kubeconfig all --config kubeadm.conf
...
[kubeconfig] Using kubeconfig folder "/etc/kubernetes"
[kubeconfig] Writing "admin.conf" kubeconfig file
[kubeconfig] Writing "kubelet.conf" kubeconfig file
[kubeconfig] Writing "controller-manager.conf" kubeconfig file
[kubeconfig] Writing "scheduler.conf" kubeconfig file
[root@lab1 local]# cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
[root@lab1 local]# sudo systemctl restart docker; sudo systemctl restart kubelet
如果遇见static pod 启动不了的情况可以采用以下方式处理
docker ps -a |grep -i exit |awk '{print $1}'|xargs docker rm
参考地址
https://stackoverflow.com/questions/56320930/renew-kubernetes-pki-after-expired
https://kubernetes.io/docs/reference/setup-tools/kubeadm/kubeadm-init-phase/
https://kubernetes.io/docs/tasks/administer-cluster/kubeadm/kubeadm-certs/