加入 x509:证书已过期或尚未生效
join x509: certificate has expired or is not yet valid
将centos 7节点加入集群1.9.0时,kubeadm join命令给出此错误信息。
Failed to request cluster info, will try again: [Get https://10.10.10.10:6443/api/v1/namespaces/kube-public/configmaps/cluster-info: x509: certificate has expired or is not yet valid]
我昨晚收到这条消息,今天早上 运行 这个命令起作用了。今天早上我删除并尝试创建集群,它再次给出相同的错误消息。
kubeadm join --token f115fe.f0eea05182abe63a 10.10.10.10:6443 --discovery-token-ca-cert-hash sha256:48d4dc90a08ff73a0cfc63e30a313aaf1903fd51da8f9ce4cc79f95ce529b8d1
[discovery] Created cluster-info discovery client, requesting info from "https://10.10.10.10:6443"
[discovery] Requesting info from "https://10.10.10.10:6443" again to validate TLS against the pinned public key
[discovery] Failed to request cluster info, will try again: [Get https://10.10.10.10:6443/api/v1/namespaces/kube-public/configmaps/cluster-info: x509: certificate has expired or is not yet valid]
[discovery] Failed to request cluster info, will try again: [Get https://10.10.10.10:6443/api/v1/namespaces/kube-public/configmaps/cluster-info: x509: certificate has expired or is not yet valid]
如何解决此错误消息?
问题的根本原因是我的节点没有正确的时间。配置 NTP 服务后节点能够加入主节点。
使用新证书安装 docker 存储库后,我遇到了同样的问题。使用 docker 从命令行连接时,我能够推送和拉取图像,但 kubernetes 生成错误 'x509: certificate has expired or is not yet valid'。当我连接到 minikube VM 'ssh minikube' 并输入 'date' 时,我注意到时钟已经关闭了几个小时。当我在 minikube VM 中手动设置日期时,问题已解决。
另一个问题可能是过时的证书。
如果 microk8s 重新安装对我有用。
更多信息:https://github.com/ubuntu/microk8s/issues/1150.
使用 AKS(Azure Kubernetes 服务),遵循 link:https://docs.microsoft.com/en-us/azure/aks/certificate-rotation
只需要运行命令
az aks rotate-certs -g $RESOURCE_GROUP_NAME -n $CLUSTER_NAME
将centos 7节点加入集群1.9.0时,kubeadm join命令给出此错误信息。
Failed to request cluster info, will try again: [Get https://10.10.10.10:6443/api/v1/namespaces/kube-public/configmaps/cluster-info: x509: certificate has expired or is not yet valid]
我昨晚收到这条消息,今天早上 运行 这个命令起作用了。今天早上我删除并尝试创建集群,它再次给出相同的错误消息。
kubeadm join --token f115fe.f0eea05182abe63a 10.10.10.10:6443 --discovery-token-ca-cert-hash sha256:48d4dc90a08ff73a0cfc63e30a313aaf1903fd51da8f9ce4cc79f95ce529b8d1
[discovery] Created cluster-info discovery client, requesting info from "https://10.10.10.10:6443"
[discovery] Requesting info from "https://10.10.10.10:6443" again to validate TLS against the pinned public key
[discovery] Failed to request cluster info, will try again: [Get https://10.10.10.10:6443/api/v1/namespaces/kube-public/configmaps/cluster-info: x509: certificate has expired or is not yet valid]
[discovery] Failed to request cluster info, will try again: [Get https://10.10.10.10:6443/api/v1/namespaces/kube-public/configmaps/cluster-info: x509: certificate has expired or is not yet valid]
如何解决此错误消息?
问题的根本原因是我的节点没有正确的时间。配置 NTP 服务后节点能够加入主节点。
使用新证书安装 docker 存储库后,我遇到了同样的问题。使用 docker 从命令行连接时,我能够推送和拉取图像,但 kubernetes 生成错误 'x509: certificate has expired or is not yet valid'。当我连接到 minikube VM 'ssh minikube' 并输入 'date' 时,我注意到时钟已经关闭了几个小时。当我在 minikube VM 中手动设置日期时,问题已解决。
另一个问题可能是过时的证书。 如果 microk8s 重新安装对我有用。 更多信息:https://github.com/ubuntu/microk8s/issues/1150.
使用 AKS(Azure Kubernetes 服务),遵循 link:https://docs.microsoft.com/en-us/azure/aks/certificate-rotation
只需要运行命令
az aks rotate-certs -g $RESOURCE_GROUP_NAME -n $CLUSTER_NAME