Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
microk8s v1.24 - refresh-certs doesn't seem to refresh certs
See original GitHub issueSummary
i have microk8s 1.24 and i need to grant access to the cluster via FQDN … I edited csr.conf.template and i refreshed the certificates as follow
sudo microk8s refresh-certs --cert server.crt
sudo microk8s refresh-certs --cert front-proxy-client.crt
i didn’t refresh the ca.ctr because apparently i would have to rebuild the cluster " Warning: refreshing the root CA requires nodes to leave and re-join the cluster" unfortunately it’s not yet working… when i connect to the API server via the FQDN i get connection rejected
Unable to connect to the server: x509: certificate is valid for kubernetes, kubernetes.default, kubernetes.default.svc, kubernetes.default.svc.cluster, kubernetes.default.svc.cluster.local, not [xxxxx.com](http://xxxxx.com/)
i was only able to make it work, after @neoaggelos suggested as workaround, to run sudo snap set microk8s dummy="$(date)"
What Should Happen Instead?
refresh certs should work
Reproduction Steps
add a DNS entry to csr.conf.template and refresh certs
Introspection Report
inspection-report-20220612_111958.tar.gz
Can you suggest a fix?
Are you interested in contributing with a fix?
Issue Analytics
- State:
- Created a year ago
- Reactions:3
- Comments:9 (1 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
Same on v1.25
The workaround is
sudo snap set microk8s dummy="$(date)"as described in my initial report