Rancher证书过期后,如何替换。导入的集群是否需要重新导入

Rancher使用默认配置启动,证书有效期一年,过期后证书如何替换,导入的集群是否需要重新导入

已邀请:

参考:http://docs.rancher.cn/docs/rancher2.5/cluster-admin/certificate-rotation/_index/#%E7%8B%AC%E7%AB%8B%E5%AE%B9%E5%99%A8-rancher-server-%E8%AF%81%E4%B9%A6%E6%9B%B4%E6%96%B0


根据你自己的rancher版本去更新证书,或者升级到rancher 2.5.8,v2.5.8以后会自动更新


证书更新后,导入的集群不需要再次导入,没有任何影响

kubectl —insecure-skip-tls-verify -n kube-system delete secrets k3s-serving
kubectl —insecure-skip-tls-verify delete secret serving-cert -n cattle-system
rm -f /var/lib/rancher/k3s/server/tls/dynamic-cert.json
执行了这个.但是在rancherserver里面报错

rancherserver版本是2.4.16


root@9b54e37edadf:/var/lib/rancher# kubectl —insecure-skip-tls-verify -n kube-system delete secrets k3s-serving
The connection to the server localhost:8080 was refused - did you specify the right host or port?
root@9b54e37edadf:/var/lib/rancher# kubectl —insecure-skip-tls-verify delete secret serving-cert -n cattle-system
The connection to the server localhost:8080 was refused - did you specify the right host or port?

要回复问题请先登录注册