Hello, dear Rancher Experts!
I use a Single-Node Rancher-Server (v2.1.10) which controls a couple of k8s clusters.
Today the Rancher-Server didn’t start because of:
Waiting on etcd startup: Get https://localhost:2379/health: x509: certificate has expired or is not yet valid
I know, how to rotate certificates on k8s-clusters. But: how can I rotate them on Racher server itself?
Thank You very much!
JeMo
I could solv the problem on my own:
For v.2.1.10:
- Make a backup of a docker container inside of wich the rancher server runs.
- Connect to the ranchr server container and start bash: docker exec -it bash
- Inside of this bash: remove the expired certificate AND the backup of them:
- rm /etc/kubernetes/ssl/*
- rm /var/lib/rancher/management-state/certs/bundle.json
- Restart rancher server container: docker restart
After that the certs in /etc/kubernetes/ssl/ are re-generated.