This message was deleted.
# generala
adamant-kite-43734
09/12/2024, 5:16 PMThis message was deleted.
a
able-nest-15676
09/12/2024, 5:25 PMRotate certificates option is not availble as the Control plane nodes are not active :|
p
powerful-librarian-10572
09/12/2024, 5:28 PMa
able-nest-15676
09/12/2024, 5:38 PMThanks @powerful-librarian-10572 I tried to do rotation of certs on 2 complaining CP nodes - i keep getting same errors . I am afraid to do it on Active CP node - as the workloads are still functioning fine.
able-nest-15676
09/12/2024, 5:52 PMOkay i did cert rotaion on all 3 CP nodes - they seem to be running and Cluster is reachable with few errors.
However , i got NodePressure errors on all the worker nodes now except 1 . Should i manually rotate certs on all the workers too ?
able-nest-15676
09/12/2024, 6:20 PMOn worker nodes ; Same cert rotation is not working . rke2 service failed on restart
Logs show
Copy code
level=warning msg="Cluster CA certificate is not trusted by the host CA bundle, but the token does not include a CA hash. Use the full token from the server's node-token file to enable Cluster CA validation."
Sep 12 18:17:00 XXXXX[2637154]: time="2024-09-12T18:17:00Z" level=fatal msg="starting kubernetes: preparing server: <https://10.21.40.11:9345/v1-rke2/server-bootstrap>: 401 Unauthorized"
Sep 12 18:17:00 XXXXX[1]: rke2-server.service: Main process exited, code=exited, status=1/FAILURE
Sep 12 18:17:00 XXXXX[1]: rke2-server.service: Failed with result 'exit-code'.
Sep 12 18:17:00 tw-que-wk-25614b39-5pswq systemd[1]: Failed to start Rancher Kubernetes Engine v2 (server)Node condition MemoryPressure is Unknown. Node condition DiskPressure is Unknown. Node condition PIDPressure is Unknown. Node condition Ready is Unknown.107 Views