最近在研究 kubesphere,发现这个东西开源的,挺好用的
废话不多说,先上一张报错
这是在使用 kubekey 去创建集群的时候报的错
error #0: x509: certificate has expired or is not yet valid: Process exited with status 1
11:54:22 EDT retry: [master]
11:54:27 EDT message: [master]
etcd health check failed: Failed to exec command: sudo -E /bin/bash -c "export ETCDCTL_API=2;export ETCDCTL_CERT_FILE='/etc/ssl/etcd/ssl/admin-master.pem';export ETCDCTL_KEY_FILE='/etc/ssl/etcd/ssl/admin-master-key.pem';export ETCDCTL_CA_FILE='/etc/ssl/etcd/ssl/ca.pem';/usr/local/bin/etcdctl --endpoints=https://192.168.113.129:2379 cluster-health | grep -q'cluster is healthy'"
Error: client: etcd cluster is unavailable or misconfigured; error #0: x509: certificate has expired or is not yet valid
我在网上查了很久也没查到结果
然后我去 etcd 所在节点上查看
发现 etcd 状态不对,报的也是证书错误
[root@hadoop1 ssl]# systemctl status etcd -l
● etcd.service - etcd
Loaded: loaded (/etc/systemd/system/etcd.service; enabled; vendor preset: disabled)
Active: active (running) since Sat 2023-07-22 11:51:00 EDT; 59s ago
Main PID: 24173 (etcd)
CGroup: /system.slice/etcd.service
└─24173 /usr/local/bin/etcd
Jul 22 11:51:18 master etcd[24173]: rejected connection from "127.0.0.1:45764" (error "tls: failed to verify client's certificate: x509: certificate has expired or is not yet valid", ServerName"")
Jul 22 11:51:18 master etcd[24173]: WARNING: 2023/07/22 11:51:18 grpc: addrConn.createTransport failed to connect to {127.0.0.1:2379 <nil> 0 <nil>}. Err :connection error: desc = "transport: authentication handshake failed: remote error: tls: bad certificate". Reconnecting...
Jul 22 11:51:27 master etcd[24173]: rejected connection from "192.168.113.129:40978" (error "tls: failed to verify client's certificate: x509: certificate has expired or is not yet valid", ServerName"")
Jul 22 11:51:27 master etcd[24173]: WARNING: 2023/07/22 11:51:27 grpc: addrConn.createTransport failed to connect to {192.168.113.129:2379 <nil> 0 <nil>}. Err :connection error: desc = "transport: authentication handshake failed: remote error: tls: bad certificate". Reconnecting...
Jul 22 11:51:28 master etcd[24173]: rejected connection from "127.0.0.1:45768" (error "tls: failed to verify client's certificate: x509: certificate has expired or is not yet valid", ServerName"")
Jul 22 11:51:28 master etcd[24173]: WARNING: 2023/07/22 11:51:28 grpc: addrConn.createTransport failed to connect to {127.0.0.1:2379 <nil> 0 <nil>}. Err :connection error: desc = "transport: authentication handshake failed: remote error: tls: bad certificate". Reconnecting...
Jul 22 11:51:42 master etcd[24173]: rejected connection from "127.0.0.1:45770" (error "tls: failed to verify client's certificate: x509: certificate has expired or is not yet valid", ServerName"")
Jul 22 11:51:42 master etcd[24173]: WARNING: 2023/07/22 11:51:42 grpc: addrConn.createTransport failed to connect to {127.0.0.1:2379 <nil> 0 <nil>}. Err :connection error: desc = "transport: authentication handshake failed: remote error: tls: bad certificate". Reconnecting...
Jul 22 11:51:45 master etcd[24173]: rejected connection from "192.168.113.129:40984" (error "tls: failed to verify client's certificate: x509: certificate has expired or is not yet valid", ServerName"")
Jul 22 11:51:45 master etcd[24173]: WARNING: 2023/07/22 11:51:45 grpc: addrConn.createTransport failed to connect to {192.168.113.129:2379 <nil> 0 <nil>}. Err :connection error: desc = "transport: authentication handshake failed: remote error: tls: bad certificate". Reconnecting...
我突然想起有没有可能是时间的问题
看了一眼时间,果然是和当前时间差了几天
# 执行命令解决
yum -y install ntpdate
ntpdate ntp.aliyun.com正文完