Kubeadm: Additional SAN for kubelet-client certificate

code-chris · August 5, 2020, 2:09pm

Hi all,

I use kubeadm to create my kubernetes-clusters and ran into this issue: https://github.com/kubernetes/kubernetes/issues/62939. According to this comment https://github.com/kubernetes/kubernetes/issues/62939#issuecomment-383324760 this occurs because no SAN set in the apiserver-kubelet-client.crt.

I generate this certs with the kubeadm init phase certs apiserver-kubelet-client command and there’s no cli argument for additional sans and I couldn’t figure out which yaml option for the config would be suitable.

Does anyone know how to solve this?
Thanks!

Cluster information:

Kubernetes version: 1.18.6
Cloud being used: (put bare-metal if not on a public cloud): bare-metal
Installation method: kubeadm
Host OS: Ubuntu 20.04
CNI and version: Weave 2.6.x
CRI and version: Docker 19.03

Topic		Replies	Views
Missing CNI during kubeadm init General Discussions	2	7837	May 1, 2022
Apiserver ssl certificate re-installation General Discussions	0	785	November 28, 2019
Kubeadm init error on ubuntu 20.04 General Discussions	2	3281	January 10, 2024
[beginner] kubeadm init fails with timeout General Discussions	2	2576	January 29, 2021
Kubeadm failed to create container/pod General Discussions	1	100	April 7, 2024

Kubeadm: Additional SAN for kubelet-client certificate

Cluster information:

Related Topics