使用kubeadm更新k8s证书
Unable to connect to the server: x509: certificate has expired or is not yet valid[root@k8s-master ~]# kubeadm alpha certs check-expiration
[check-expiration] Reading configuration from the cluster...
[check-expiration] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -oyaml'
[check-expiration] Error reading configuration from the Cluster. Falling back to default configuration
W0627 11:21:35.745166 8754 configset.go:202] WARNING: kubeadm cannot validate component configs for API groups [kubelet.config.k8s.io kubeproxy.config.k8s.io]
CERTIFICATE EXPIRES RESIDUAL TIME CERTIFICATE AUTHORITY EXTERNALLY MANAGED
admin.conf Jun 24, 2021 09:45 UTC <invalid> no
apiserver Jun 24, 2021 09:45 UTC <invalid> ca no
apiserver-etcd-client Jun 24, 2021 09:45 UTC <invalid> etcd-ca no
apiserver-kubelet-client Jun 24, 2021 09:45 UTC <invalid> ca no
controller-manager.conf Jun 24, 2021 09:45 UTC <invalid> no
etcd-healthcheck-client Jun 24, 2021 09:45 UTC <invalid> etcd-ca no
etcd-peer Jun 24, 2021 09:45 UTC <invalid> etcd-ca no
etcd-server Jun 24, 2021 09:45 UTC <invalid> etcd-ca no
front-proxy-client Jun 24, 2021 09:45 UTC <invalid> front-proxy-ca no
scheduler.conf Jun 24, 2021 09:45 UTC <invalid> no
CERTIFICATE AUTHORITY EXPIRES RESIDUAL TIME EXTERNALLY MANAGED
ca Jun 22, 2030 09:45 UTC 8y no
etcd-ca Jun 22, 2030 09:45 UTC 8y no
front-proxy-ca Jun 22, 2030 09:45 UTC 8y no最后更新于