現象:microk8sが入ったVMを再起動するとkubectlコマンドが使えなくなる
taka@microk8s-vm:~$ microk8s kubectl get all
Unable to connect to the server: x509: certificate has expired or is not yet valid: current time 2020-05-03T23:53:06Z is after 2021-12-16T16:38:01Z
taka@microk8s-vm~$ sudo microk8s.refresh-certs -c
The CA certificate will expire in 365 days.
証明書は生きているのになぜ....
taka@microk8s-vm~$ sudo microk8s.refresh-certs -i
すると
Backing up certificates under /var/snap/microk8s/1385/var/log/ca-backup/
Creating new certificates
Signature ok
subject=/C=GB/ST=Canonical/L=Canonical/O=Canonical/OU=Canonical/CN=127.0.0.1
Getting CA Private Key
Signature ok
subject=/CN=front-proxy-client
Getting CA Private Key
1
Creating new kubeconfig file
Stopped.
Started.
The CA certificates have been replaced. Kubernetes will restart the pods of your workloads.
Any worker nodes you may have in your cluster need to be removed and re-joined to become aware of the new CA.
証明書が更新されます.
しかし.....
この挙動は再起動すると再現してしまいます...
taka@microk8s-vm:~$ microk8s kubectl get all
Unable to connect to the server: x509: certificate has expired or is not yet valid: current time 2020-05-03T23:53:06Z is after 2021-12-16T16:39:01Z
taka@microk8s-vm~$ sudo microk8s.refresh-certs -c
The CA certificate will expire in 730 days.
あれっ?更新期限伸びてね?????? && 状態治ってなくない???
テストようならこんな感じでよいかもしれない....
kubectl --insecure-skip-tls-verify cluster-info dump
追加の調査必要そう...