0
点赞
收藏
分享

微信扫一扫

独立容器Rancher Server证书更新(v2.5.9)

// 进入Rancher Server容器
# docker exec -it 31 /bin/bash
# kubectl --insecure-skip-tls-verify -n kube-system delete secrets k3s-serving
secret "k3s-serving" deleted
#kubectl --insecure-skip-tls-verify delete secret serving-cert -n cattle-system
secret "serving-cert" deleted
# rm -f /var/lib/rancher/k3s/server/tls/dynamic-cert.json
// 退出Rancher Server容器
# exit
exit
// 刷新参数
curl --insecure -sfL https://172.16.216.11/v3
// 重启Rancher Server容器
docker restart 31

因为证书改变,相应的 token 也会变化,在集群证书更新完成后,需要对连接 API SERVER 的 Pod 进行重建,以获取新的 token

  • cattle-system/cattle-cluster-agent
  • cattle-system/cattle-node-agent
  • cattle-system/kube-api-auth
  • ingress-nginx/nginx-ingress-controller
  • kube-system/canal
  • kube-system/kube-dns
  • kube-system/kube-dns-autoscaler
  • 其他应用 Pod
举报

相关推荐

0 条评论