在kubesphere集群搭建时遇到的ETCD无法启动的问题

557次阅读
没有评论

在 kubesphere 集群搭建时遇到的 ETCD 无法启动的问题

最近在研究 kubesphere,发现这个东西开源的,挺好用的

废话不多说,先上一张报错

在 kubesphere 集群搭建时遇到的 ETCD 无法启动的问题

这是在使用 kubekey 去创建集群的时候报的错

error #0: x509: certificate has expired or is not yet valid: Process exited with status 1
11:54:22 EDT retry: [master]
11:54:27 EDT message: [master]
etcd health check failed: Failed to exec command: sudo -E /bin/bash -c "export ETCDCTL_API=2;export ETCDCTL_CERT_FILE='/etc/ssl/etcd/ssl/admin-master.pem';export ETCDCTL_KEY_FILE='/etc/ssl/etcd/ssl/admin-master-key.pem';export ETCDCTL_CA_FILE='/etc/ssl/etcd/ssl/ca.pem';/usr/local/bin/etcdctl --endpoints=https://192.168.113.129:2379 cluster-health | grep -q'cluster is healthy'" 
Error:  client: etcd cluster is unavailable or misconfigured; error #0: x509: certificate has expired or is not yet valid

我在网上查了很久也没查到结果

然后我去 etcd 所在节点上查看

发现 etcd 状态不对,报的也是证书错误

[root@hadoop1 ssl]# systemctl status etcd -l
● etcd.service - etcd
   Loaded: loaded (/etc/systemd/system/etcd.service; enabled; vendor preset: disabled)
   Active: active (running) since Sat 2023-07-22 11:51:00 EDT; 59s ago
 Main PID: 24173 (etcd)
   CGroup: /system.slice/etcd.service
           └─24173 /usr/local/bin/etcd

Jul 22 11:51:18 master etcd[24173]: rejected connection from "127.0.0.1:45764" (error "tls: failed to verify client's certificate: x509: certificate has expired or is not yet valid", ServerName"")
Jul 22 11:51:18 master etcd[24173]: WARNING: 2023/07/22 11:51:18 grpc: addrConn.createTransport failed to connect to {127.0.0.1:2379  <nil> 0 <nil>}. Err :connection error: desc = "transport: authentication handshake failed: remote error: tls: bad certificate". Reconnecting...
Jul 22 11:51:27 master etcd[24173]: rejected connection from "192.168.113.129:40978" (error "tls: failed to verify client's certificate: x509: certificate has expired or is not yet valid", ServerName"")
Jul 22 11:51:27 master etcd[24173]: WARNING: 2023/07/22 11:51:27 grpc: addrConn.createTransport failed to connect to {192.168.113.129:2379  <nil> 0 <nil>}. Err :connection error: desc = "transport: authentication handshake failed: remote error: tls: bad certificate". Reconnecting...
Jul 22 11:51:28 master etcd[24173]: rejected connection from "127.0.0.1:45768" (error "tls: failed to verify client's certificate: x509: certificate has expired or is not yet valid", ServerName"")
Jul 22 11:51:28 master etcd[24173]: WARNING: 2023/07/22 11:51:28 grpc: addrConn.createTransport failed to connect to {127.0.0.1:2379  <nil> 0 <nil>}. Err :connection error: desc = "transport: authentication handshake failed: remote error: tls: bad certificate". Reconnecting...
Jul 22 11:51:42 master etcd[24173]: rejected connection from "127.0.0.1:45770" (error "tls: failed to verify client's certificate: x509: certificate has expired or is not yet valid", ServerName"")
Jul 22 11:51:42 master etcd[24173]: WARNING: 2023/07/22 11:51:42 grpc: addrConn.createTransport failed to connect to {127.0.0.1:2379  <nil> 0 <nil>}. Err :connection error: desc = "transport: authentication handshake failed: remote error: tls: bad certificate". Reconnecting...
Jul 22 11:51:45 master etcd[24173]: rejected connection from "192.168.113.129:40984" (error "tls: failed to verify client's certificate: x509: certificate has expired or is not yet valid", ServerName"")
Jul 22 11:51:45 master etcd[24173]: WARNING: 2023/07/22 11:51:45 grpc: addrConn.createTransport failed to connect to {192.168.113.129:2379  <nil> 0 <nil>}. Err :connection error: desc = "transport: authentication handshake failed: remote error: tls: bad certificate". Reconnecting...

我突然想起有没有可能是时间的问题

看了一眼时间,果然是和当前时间差了几天

# 执行命令解决
yum -y install ntpdate
ntpdate ntp.aliyun.com
正文完
 
评论(没有评论)
验证码