现象:
[upgrade/config] Making sure the configuration is correct:
[upgrade/config] Reading configuration from the cluster...
[upgrade/config] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -o yaml'
[upgrade/config] In order to upgrade, a ConfigMap called "kubeadm-config" in the kube-system namespace must exist.
[upgrade/config] Without this information, 'kubeadm upgrade' won't know how to configure your upgraded cluster.
[upgrade/config] Next steps:
- OPTION 1: Run 'kubeadm config upload from-flags' and specify the same CLI arguments you passed to 'kubeadm init' when you created your control-plane.
- OPTION 2: Run 'kubeadm config upload from-file' and specify the same config file you passed to 'kubeadm init' when you created your control-plane.
- OPTION 3: Pass a config file to 'kubeadm upgrade' using the --config flag.
[upgrade/config] FATAL: the ConfigMap "kubeadm-config" in the kube-system namespace used for getting configuration information was not found
1、原因:
是由于kubelet.conf配置不正常造成的(证书的CN/O内容错误),我复查了该文件,虽然users 是 name: system:node:k8s-m,但将client-certificate-data证书内容打印出来,CN/O的内容是(Subject: O = system:masters, CN = kubernetes-admin)
执行,把client-certificate-data证书内容打印出来
echo -n "YOUR—client-certificate-data" | base64 --decode | openssl x509 -text
admin.conf CN/O的内容是:Subject: O=system:masters, CN=kubernetes-admin
kubelet.conf CN/O的内容是:Subject: CN=kubernetes
2、解决方案:
这表示证书和kubelet.conf配置用户不一致。我回想了一下,应该是上次kubelet不能启动,更新证书时无意间将admin.conf的证书内容复制了过来,因为admin.conf的配置显示用户正是(name: kubernetes-admin),既然知道问题所在解决起来就比较简单了,删除/etc/kubernetes/kubelet.conf,再通过以下命令重新生成新文件,注意指令参数中的kubeadm-config.yaml可参照文章开头的方法导出(只要ClusterConfiguration部分)
kubeadm init phase kubeconfig kubelet --config=kubeadm-config.yaml
标签:ConfigMap,upgrade,CN,was,system,conf,kubeadm,config From: https://www.cnblogs.com/zbhlinux/p/17633073.html