{"C":"CN","ST":"beijing","L":"beijing","O":"od","OU":"ops"} ] } hosts字段包含etcd服务运行主机的ip地址 填写ip段无效 生成etcd-peer.pem 及etcd-peer-key.pem证书 cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json -profile=peer etcd-peer-csr.json |cfssl-json...
你好,前面说了很多证书,设置证书的事情,思路是正确的,但你有没有发现endpoint访问的地址都是http的,而etcd对外提供的是https的服务。所以第一步就要想办法把endpoint的http变成https。 0 回复 相似问题出现502错误 1123 0 3 Recv failure: Connection reset by peer 2806 0 2 journalctl -f -u etcd 日志t...
用CA证书为k8s-etcd用户签发一个证书及私钥 vi /opt/certs/etcd-peer-csr.json { "CN": "k8s-etcd", "hosts": [ "192.168.1.201", "192.168.1.202", "192.168.1.203", "192.168.1.204", "192.168.1.205" ], "key": { "algo": "rsa", "size": 2048 }, "names": [ { "C": "CN", "ST...