1、备份
mkdir /opt/2023-12-09-k8s-backup cp -a /etc/kubernetes /opt/2023-12-09-k8s-backup cp -a /var/lib/etcd /opt/2023-12-09-k8s-backup
cp -a /root/.kube/config /opt/2023-12-09-k8s-backup
2、更新证书
[root@k8s-master01 2023-12-09-k8s-backup]# kubeadm certs renew all [renew] Reading configuration from the cluster... [renew] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -o yaml' [renew] Error reading configuration from the Cluster. Falling back to default configuration certificate embedded in the kubeconfig file for the admin to use and for kubeadm itself renewed certificate for serving the Kubernetes API renewed certificate the apiserver uses to access etcd renewed certificate for the API server to connect to kubelet renewed certificate embedded in the kubeconfig file for the controller manager to use renewed certificate for liveness probes to healthcheck etcd renewed certificate for etcd nodes to communicate with each other renewed certificate for serving etcd renewed certificate for the front proxy client renewed certificate embedded in the kubeconfig file for the scheduler manager to use renewed Done renewing certificates. You must restart the kube-apiserver, kube-controller-manager, kube-scheduler and etcd, so that they can use the new certificates.
3、重启服务使证书生效
标签:renewed,certificate,09,etcd,kubeadm,k8s,续期 From: https://www.cnblogs.com/linjiangCN/p/17890765.html