Translated message

A translation of this page exists in English.

在 Openshift 3.10 和 3.11 中重新部署节点证书

Solution In Progress - Updated -

Issue

  • 新的 CA 在 OpenShift 中部署,节点不再处于 Ready 状态。
  • 如何仅为节点服务手动强制部署新证书?
  • 节点上缺少了重新部署证书的 playbook。
  • 节点无法续订证书,并显示以下错误:
atomic-openshift-node[3715]: I0313 11:40:48.864375    3715 bootstrap.go:56] Using bootstrap kubeconfig to generate TLS client cert, key and kubeconfig file
atomic-openshift-node[3715]: I0313 11:40:48.865525    3715 bootstrap.go:86] No valid private key and/or certificate found, reusing existing private key or creating a new one
atomic-openshift-node[3715]: F0313 11:40:48.893737    3715 server.go:262] failed to run Kubelet: cannot create certificate signing request: Unauthorized

Environment

  • Red Hat OpenShift Container Platform
    • 3.10
    • 3.11

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content