step
If you have multiple master, you need to do the following on each master.
The following steps need to be
- Regenerate the certificates
- Re-generate the corresponding profile
- Restart docker and kubelet
- Kubectl copy client files
[root@lab1 local]# kubeadm alpha certs renew all --config kubeadm.conf
...
[root@lab1 local]# mv /etc/kubernetes/*.conf ~/.
[root@lab1 local]# kubeadm init phase kubeconfig all --config kubeadm.conf
...
[kubeconfig] Using kubeconfig folder "/etc/kubernetes"
[kubeconfig] Writing "admin.conf" kubeconfig file
[kubeconfig] Writing "kubelet.conf" kubeconfig file
[kubeconfig] Writing "controller-manager.conf" kubeconfig file
[kubeconfig] Writing "scheduler.conf" kubeconfig file
[root@lab1 local]# cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
[root@lab1 local]# sudo systemctl restart docker; sudo systemctl restart kubelet
If you meet the case of static pod may not start in the following manner
docker ps -a |grep -i exit |awk '{print $1}'|xargs docker rm
Reference address
https://stackoverflow.com/questions/56320930/renew-kubernetes-pki-after-expired
https://kubernetes.io/docs/reference/setup-tools/kubeadm/kubeadm-init-phase/
https://kubernetes.io/docs/tasks/administer-cluster/kubeadm/kubeadm-certs/