[root@mc ~]# systemctl status etcd
?.etcd.service - Etcd Service
Loaded: loaded (/usr/lib/systemd/system/etcd.service; disabled; vendor preset: disabled)
Active: activating (start) since Sun 2023-07-23 17:02:38 CST; 10s ago
Main PID: 27236 (etcd)
Tasks: 5
Memory: 34.9M
CGroup: /system.slice/etcd.service
?..27236 /usr/local/bin/etcd --config-file=/etc/etcd/etcd.config.yml
Jul 23 17:02:48 mc etcd[27236]: rejected connection from "172.16.1.11:57882" (error "remote error: tls: bad certificate", ServerName "")
Jul 23 17:02:49 mc etcd[27236]: rejected connection from "172.16.1.11:57870" (error "remote error: tls: bad certificate", ServerName "")
解决:etcd证书请求文件中增加hosts参数将etcd节点加入后重新生成证书文件
[root@ma pki]# cat etcd-csr.json
{
"CN": "etcd",
"hosts": [
"172.16.1.11",
"172.16.1.12",
"172.16.1.13",
"ma",
"mb",
"mc"
],
"key": {
"algo": "rsa",
"size": 2048
},
"names": [
{
"C": "CN",
"ST": "BeiJing",
"L": "BeiJing",
"O": "etcd",
"OU": "Etcd-Security"
}
]
}