Kubeadm: Additional SAN for kubelet-client certificate

code-chris · August 5, 2020, 2:09pm

Hi all,

I use kubeadm to create my kubernetes-clusters and ran into this issue: https://github.com/kubernetes/kubernetes/issues/62939. According to this comment https://github.com/kubernetes/kubernetes/issues/62939#issuecomment-383324760 this occurs because no SAN set in the apiserver-kubelet-client.crt.

I generate this certs with the kubeadm init phase certs apiserver-kubelet-client command and there’s no cli argument for additional sans and I couldn’t figure out which yaml option for the config would be suitable.

Does anyone know how to solve this?
Thanks!

Cluster information:

Kubernetes version: 1.18.6
Cloud being used: (put bare-metal if not on a public cloud): bare-metal
Installation method: kubeadm
Host OS: Ubuntu 20.04
CNI and version: Weave 2.6.x
CRI and version: Docker 19.03

Topic		Replies	Views
Missing CNI during kubeadm init General Discussions	2	9514	May 1, 2022
Apiserver ssl certificate re-installation General Discussions	0	900	November 28, 2019
Kubeadm init error on ubuntu 20.04 General Discussions	2	4372	January 10, 2024
Problem after updating certificates with Kubeadm in kubernetes onpremise bare metal cluster General Discussions network	1	298	October 2, 2024
Kubeadm - Everything you wanted to know but were afraid to ask.?.? General Discussions	8	1625	July 18, 2018

Kubeadm: Additional SAN for kubelet-client certificate

Cluster information:

Related topics