kubeadm安装的kubernetes集群证书的证书有限期是一年,过期后kubectl命令就无法正常执行了,集群里的pod运行也会有问题的。kubelet执行命令就会报错:Unable to connect to the server: x509: certificate has expired or is not yet valid: current time 2020-12-23T10:00:11+08:00 is after 2020-12-10T10:57:27Z
1、检查过期时间
kubeadm certs check-expiration
2、证书备份
cp -rp /etc/kubernetes /etc/kubernetes.bak
3、重新生成证书
kubeadm certs renew all
4、重启kubelet
systemctl restart kubelet
5、重新检查过期时间
kubeadm certs check-expiration
