将centos 7节点加入群集1.9.0时,kubeadm join命令会显示此错误消息。
Failed to request cluster info, will try again: [Get https://10.10.10.10:6443/api/v1/namespaces/kube-public/configmaps/cluster-info: x509: certificate has expired or is not yet valid]
昨晚我收到此消息,今天早上运行此命令时它起作用了。我今天早上删除并尝试创建群集,同样给出相同的错误消息。
kubeadm join --token f115fe.f0eea05182abe63a 10.10.10.10:6443 --discovery-token-ca-cert-hash sha256:48d4dc90a08ff73a0cfc63e30a313aaf1903fd51da8f9ce4cc79f95ce529b8d1
[discovery] Created cluster-info discovery client, requesting info from "https://10.10.10.10:6443"
[discovery] Requesting info from "https://10.10.10.10:6443" again to validate TLS against the pinned public key
[discovery] Failed to request cluster info, will try again: [Get https://10.10.10.10:6443/api/v1/namespaces/kube-public/configmaps/cluster-info: x509: certificate has expired or is not yet valid]
[discovery] Failed to request cluster info, will try again: [Get https://10.10.10.10:6443/api/v1/namespaces/kube-public/configmaps/cluster-info: x509: certificate has expired or is not yet valid]
如何解决此错误消息?
感谢 SR
答案 0 :(得分:6)
问题的根本原因是我的节点没有正确的时间。配置NTP服务节点后,能够加入主节点。
答案 1 :(得分:1)
在安装带有新证书的docker存储库后,我遇到了同样的问题。当使用docker从命令行连接时,我能够推送和拉取映像,但是kubernetes生成了错误``x509:证书已过期或尚未生效''。当我连接到minikube虚拟机'ssh minikube'并输入'date'时,我注意到时钟已经关闭了几个小时。当我在minikube VM中手动设置日期时,问题已解决。
答案 2 :(得分:0)
另一个问题可能是证书过时。 如果是microk8s,重新安装对我有用。 更多信息,请访问https://github.com/ubuntu/microk8s/issues/1150。