Rancher Server 设置
- Rancher 版本:2.5.8
- 安装选项 (Docker install/Helm Chart): docker install
问题描述:正常访问rancher server 提示502,通过查看rancher server log 发现证书过期,后根据官方文档更新证书操作,恢复访问,但本地集群 rancher-webhook、fleet-controller、coredns组件异常
**重现步骤:
1、kubectl --insecure-skip-tls-verify -n kube-system delete secrets k3s-serving
2、kubectl --insecure-skip-tls-verify delete secret serving-cert -n cattle-system
3、rm -f /var/lib/rancher/k3s/server/tls/dynamic-cert.json
4、重启 rancher-server
5、curl --insecure -sfL https:///v3
6、docker restart <rancher_server_id>
日志
E1114 06:11:59.557001 30 authentication.go:53] Unable to authenticate the request due to an error: [invalid bearer token, square/go-jose: error in cryptographic primitive]
E1114 06:11:59.838456 30 authentication.go:53] Unable to authenticate the request due to an error: [invalid bearer token, square/go-jose: error in cryptographic primitive]
E1114 06:11:59.839255 30 authentication.go:53] Unable to authenticate the request due to an error: [invalid bearer token, square/go-jose: error in cryptographic primitive]
E1114 06:11:59.840320 30 authentication.go:53] Unable to authenticate the request due to an error: [invalid bearer token, square/go-jose: error in cryptographic primitive]
E1114 06:11:59.924911 30 authentication.go:53] Unable to authenticate the request due to an error: [invalid bearer token, square/go-jose: error in cryptographic primitive]