Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
N
N
Nikolay Baranenko2021-03-03 10:09:40
linux
Nikolay Baranenko, 2021-03-03 10:09:40

How to validate k8s certificates for version 1.12.3?

Hello.

There is a kubernetes cluster of 3 master nodes, 5 work nodes, 3 etcd nodes.
the time has come to update the certificates.
Everything would be fine, but the version of k8s is v1.12.3

, in general, as in 1.15

kubeadm certs check-expiration
, it will not be possible to use it, I

found another option

echo | openssl s_client -showcerts -connect master_node1:6443 -servername api 2>/dev/null | openssl x509 -noout -enddate


will it be enough?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
M
mureevms, 2021-03-03
@mureevms

Just checking is enough. It will be more convenient to make a loop:

for DOMAIN in host1.com host2.com host3.com
do
  DOMAIN_EXPIRES=$(echo | openssl s_client -connect $DOMAIN:443 2>/dev/null | openssl x509 -noout -dates | grep notAfter | awk -F= '{print $2}')
  echo $DOMAIN: $DOMAIN_EXPIRES
done

Similar questions
A
alexnem2020-09-26 09:46:45
Big time using a new laptop? 5Reply
C
chuhnevdan2021-04-13 09:38:42
Hello, I have a Django project, the task is the following, there is a csv file, it is necessary to create a table on the page based on it, what is the mistake? 2Reply
S
Sergey2014-04-06 18:55:12
Is it possible to manually build the BitTorrent Sync package for mycotic hardware? 1Reply
V
VyusFire2014-04-06 23:47:49
Where can I find a good review? 2Reply
W
waltaki2020-09-07 08:52:57
How to forward a static IP to a dynamic non-white? 3Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question