kube-apiserver使用etcd集群报错:tls: bad certificate
k8s集群通过kubeadm初始化的kubeadm init --kubernetes-version=v1.14.1 --apiserver-advertise-address 192.168.3.11 --pod-network-cidr=10.244.0.0/16,然后在/etc/kubernetes/manifests/kube-apiserver.yaml文件编辑配置:
修改前的:
- --etcd-cafile=/etc/kubernetes/pki/etcd/ca.crt- --etcd-certfile=/etc/kubernetes/pki/apiserver-etcd-client.crt- --etcd-keyfile=/etc/kubernetes/pki/apiserver-etcd-client.key- --etcd-servers=https://127.0.0.1:2379
修改后的:
- --etcd-servers=http://192.168.3.12:2379,http://192.168.3.13:2379,http://192.168.3.15:2379之前我配置了证书的,也是报证书错误。现在我把集群重新安装,把证书移除了。还是报证书错误,这就很蛋疼了。求大佬们指点。
集群正常:
`[root@k8s-master kubernetes]# etcdctl --endpoints=http://192.168.3.12:2379 cluster-health
member 1649137e0393b713 is healthy: got healthy result from http://192.168.3.15:2379
member 81fa39bff66dd708 is healthy: got healthy result from http://192.168.3.13:2379
member faff90866f26dd33 is healthy: got healthy result from http://192.168.3.12:2379
cluster is healthy`
集群情况:
`[root@k8s-master kubernetes]# etcdctl --endpoints=http://192.168.3.12:2379 member list
1649137e0393b713: name=k8s-node3 peerURLs=http://192.168.3.15:2380 clientURLs=http://192.168.3.15:2379 isLeader=false
81fa39bff66dd708: name=k8s-node2 peerURLs=http://192.168.3.13:2380 clientURLs=http://192.168.3.13:2379 isLeader=false
faff90866f26dd33: name=k8s-node1 peerURLs=http://192.168.3.12:2380 clientURLs=http://192.168.3.12:2379 isLeader=true`
报错:
I1127 06:08:30.107469 1 log.go:172] http: TLS handshake error from 192.168.3.12:35126: remote error: tls: bad certificate
I1127 06:08:30.188697 1 log.go:172] http: TLS handshake error from 192.168.3.12:35128: remote error: tls: bad certificate
I1127 06:08:30.388459 1 log.go:172] http: TLS handshake error from 192.168.3.12:35130: remote error: tls: bad certificate
I1127 06:08:30.588430 1 log.go:172] http: TLS handshake error from 192.168.3.12:35132: remote error: tls: bad certificate
I1127 06:08:30.788642 1 log.go:172] http: TLS handshake error from 192.168.3.12:35134: remote error: tls: bad certificate
I1127 06:08:30.992406 1 log.go:172] http: TLS handshake error from 192.168.3.12:35136: remote error: tls: bad certificate
I1127 06:08:31.192625 1 log.go:172] http: TLS handshake error from 192.168.3.12:35138: remote error: tls: bad certificate
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
最近学习遇到这个问题,难受,找了很多资料都不对