一、环境
主机名 | IP地址 | 操作系统 | rancher版本 |
---|---|---|---|
K8s-Master | 192.168.10.236 | Centos 7 | 2.5.9 |
二、更新证书
1、查看当前证书到期时间
2、进行证书轮换
[root@K8s-Master ~]# docker ps |grep rancher/rancher
d581da2b7c4e rancher/rancher:v2.5.9 "entrypoint.sh" 21 hours ago Up 21 hours 0.0.0.0:82->80/tcp, :::82->80/tcp, 0.0.0.0:445->443/tcp, :::445->443/tcp rancher
[root@K8s-Master ~]# docker exec -it d581da2b7c4e /bin/bash
root@d581da2b7c4e:/var/lib/rancher# kubectl --insecure-skip-tls-verify -n kube-system delete secrets k3s-serving
secret "k3s-serving" deleted
root@d581da2b7c4e:/var/lib/rancher# kubectl --insecure-skip-tls-verify delete secret serving-cert -n cattle-system
secret "serving-cert" deleted
root@d581da2b7c4e:/var/lib/rancher# rm -f /var/lib/rancher/k3s/server/tls/dynamic-cert.json
3、加载证书
[root@K8s-Master ~]# docker restart d581da2b7c4e
d581da2b7c4e
[root@K8s-Master ~]# curl --insecure -sfL https://192.168.10.236:445/v3
[root@K8s-Master ~]# docker restart d581da2b7c4e
4、验证
以上是关于Rancher证书更新的主要内容