Open teaouu opened 2 years ago
Replace ${KUBERNETES_PUBLIC_ADDRESS}
by $KUBERNETES_PUBLIC_ADDRESS
and it works
I ran into this issue as well. I was able to fix it by doing the following
from this step, in the cfssl gencert
step, change the hostnames
to drop the brackets {}
as @tperelle described, i.e.
hostname=10.32.0.1,10.240.0.10,10.240.0.11,10.240.0.12,$KUBERNETES_PUBLIC_ADDRESS,127.0.0.1,$KUBERNETES_HOSTNAMES
scp the kubernetes*.pem
to the controllers and within the controllers, move those pem
to /var/lib/kubernetes/
as described in the controller/API server configuration
What shell are you using that it isn't working? IIRC curly braces ({
and }
) as variable delimiters is a POSIX feature. It is often suggested that you should include the braces in scripts (for example) for compatibility and to reduce ambiguity. 🤔🤷♂️
` curl -v --cacert ca.pem https://${KUBERNETES_PUBLIC_ADDRESS}:6443/version
curl failed to verify the legitimacy of the server and therefore could not establish a secure connection to it. To learn more about this situation and how to fix it, please visit the web page mentioned above. `
Anything that stands out? I don't seem to find this specific SSL error and can't find another issue here that talks about it.
TIA!