How to renew a certificate in Kubernetes 1.12

kubernetes cloud-computing kubeadm kubectl

Hi I am currently working on renewing my certificate on Kubernetes version 1.12.

The certificate expires after a month. Before the certificate expires We need to renew the certificate and apply it to all systems to make the service work.

Does anyone have any manuals or anything like this? The opinions of experts are also good.

Even if I search with Google, there is only certificate renewal for the latest version, and there is no information on applying the service after certificate renewal related to older versions such as 1.12.

Please help.

Here's how I installed it.

sudo apt-get update   && sudo apt-get install -qy docker.io
sudo apt-get update   && sudo apt-get install -y apt-transport-https   && curl -s 
https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add -
echo "deb http://apt.kubernetes.io/ kubernetes-xenial main"   | sudo tee -a /etc/apt/sources.list.d/kubernetes.list   &&
sudo apt-get update
apt-get install kubelet=1.12.3-00 kubeadm=1.12.3-00 kubernetes-cni=0.6.0-00 keepalived haproxy

Here is some additional information. This is version information.

kubeadm version: &version.Info{Major:"1", Minor:"12", GitVersion:"v1.12.3", GitCommit:"435f92c719f279a3a67808c80521ea17d5715c66", GitTreeState:"clean", BuildDate:"2018-11-26T12:54:02Z", GoVersion:"go1.10.4", Compiler:"gc", Platform:"linux/amd64"}

Here is some additional information. This is a command error.

kubeadm certs check-expiration
Error: unknown command "certs" for "kubeadm" Run 'kubeadm --help' for usage. error: unknown command "certs" for "kubeadm"

Solution 1:

Try running

kubeadm alpha certs check-expiration

Commands that are standardised in later versions might have been released as experimental sub commands in older versions of k8s; hence the "alpha" prefix.

If the above works you can then renew all certs using:

kubeadm alpha certs renew all

In newer versions of k8s, there is a mechanism to set up jobs that run periodically in order to automatically renew certificates. You would have to make do with doing this manually or scriptifying it with your current k8s version

Related

How to setup a server in Azure that requires all network traffic to go through an outbound Proxy?
GPO's; Edge sync with automatic login using Domain\username instead of [email protected]
System.Web.Caching vs. Enterprise Library Caching Block
Rails 3 SSL routing redirects from https to http
Storing more information using FormsAuthentication.SetAuthCookie
Direct Memory Access in Linux
Spring MVC - Binding a Date Field
prevent touchstart when swiping
What are scanf("%*s") and scanf("%*d") format identifiers?
Rendering Highcharts using Angular js Directives
ANSI SQL Manual
Generic Property in C# [duplicate]