1、查看证书有效期
cd /etc/kubernetes/pki
[root@k8s-master01 pki]
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6865440464600075825 (0x5f46f1ba57148e31)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=kubernetes
Validity
Not Before: Mar 28 00:30:43 2021 GMT
Not After : Mar 28 00:30:44 2022 GMT
Subject: CN=kube-apiserver
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:f3:92:06:6e:2c:be:6e:90:96:4e:8b:57:8e:f3:
......
58:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication
X509v3 Subject Alternative Name:
DNS:k8s-master01, DNS:kubernetes, DNS:kubernetes.default, DNS:kubernetes.default.svc, DNS:kubernetes.default.svc.cluster.local, IP Address:10.96.0.1, IP Address:192.168.1.80
Signature Algorithm: sha256WithRSAEncryption
44:ff:5c:32:bb:7d:68:ac:b5:35:95:75:8f:c9:a2:fe:22:35:
......
4d:7b:f1:54
[root@k8s-master01 pki]# kubectl get pod -o wide -n kube-system
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
coredns-5c98db65d4-7q556 1/1 Running 4 262d 10.244.0.98 k8s-master01 <none> <none>
coredns-5c98db65d4-97fhb 1/1 Running 4 262d 10.244.0.97 k8s-master01 <none> <none>
etcd-k8s-master01 1/1 Running 4 262d 192.168.1.80 k8s-master01 <none> <none>
kube-apiserver-k8s-master01 1/1 Running 65 262d 192.168.1.80 k8s-master01 <none> <none>
kube-controller-manager-k8s-master01 1/1 Running 4 262d 192.168.1.80 k8s-master01 <none> <none>
kube-flannel-ds-amd64-5mjqm 1/1 Running 4 13d 192.168.1.90 k8s-node01 <none> <none>
kube-flannel-ds-amd64-lbhg4 1/1 Running 6 262d 192.168.1.80 k8s-master01 <none> <none>
kube-flannel-ds-amd64-vklzq 1/1 Running 4 13d 192.168.1.91 k8s-node02 <none> <none>
kube-proxy-4npsv 1/1 Running 4 262d 192.168.1.91 k8s-node02 <none> <none>
kube-proxy-826j6 1/1 Running 4 262d 192.168.1.80 k8s-master01 <none> <none>
kube-proxy-m6jbh 1/1 Running 4 262d 192.168.1.90 k8s-node01 <none> <none>
kube-scheduler-k8s-master01 1/1 Running 4 262d 192.168.1.80 k8s-master01 <none> <none>
kubernetes-dashboard-79599d7b8d-2655j 1/1 Running 3 3d5h 10.244.2.45 k8s-node02 <none> <none>
tiller-deploy-58565b5464-rq7wh 1/1 Running 3 3d5h 10.244.2.50 k8s-node02 <none> <none>
2、重新生成密钥
kubeadm alpha certs renew all --config=/root/install-k8s/core/kubeadm-config.yaml