kubectl get pods -n kube-system<\/code><\/pre>\n\u663e\u793a5000\u7aef\u53e3\u6ca1\u6709\u88ab\u5360\u7528<\/p>\n
netstat -antulp | grep 5000<\/code><\/pre>\n\u627e\u5230\u5bf9\u5e94\u7684container-id<\/p>\n
docker ps |grep registry\ndocker logs [container-id]<\/code><\/pre>\n![\"file\"](\"https:\/\/nj.transwarp.cn:8180\/wp-content\/uploads\/2021\/08\/image-1630290362649.png\")
<\/p>\n
\u4ee5\u4e0b\u662fcontainer\u7684\u62a5\u9519\u65e5\u5fd7 http:TLS handshake error from ip: port: remote error:bad certificate<\/code><\/strong><\/p>\nI0619 11:15:54.941451 1 endpoint.go:66] ccResolverWrapper: sending new addresses to cc: [{https:\/\/gddc-bd1:4001 0 } {https:\/\/gddc-bd2:4001 0 } {https:\/\/gddc-bd3:4001 0 }]\nW0619 11:15:54.948032 1 clientconn.go:1120] grpc: addrConn.createTransport failed to connect to {https:\/\/gddc-bd3:4001 0 }. Err :connection error: desc = \"transport: authentication handshake failed: remote error: tls: bad certificate\". Reconnecting...\n<\/code><\/pre>\n2 root cause<\/h4>\n
\u67e5\u770b registry pod \u4fe1\u606f\uff0c\u786e\u8ba4\u4f7f\u7528\u7684 key \u548c certificate \u6587\u4ef6\uff1b<\/p>\n
describe pod tos-registry-tos-hostname1 -n kube-system<\/code><\/pre>\n![\"file\"](\"https:\/\/nj.transwarp.cn:8180\/wp-content\/uploads\/2021\/08\/image-1630294347280.png\")
<\/p>\n
\u7136\u540e\u68c0\u67e5 \/srv\/kubernetes \u76ee\u5f55\uff0c\u662f\u5426\u7f3a\u5c11\u54cd\u5e94\u7684 key \u6587\u4ef6\uff0c\/srv\/kubernetes \u76ee\u5f55\u4e0b\u7f3a\u5931\u76f8\u5173\u7684 key \u6587\u4ef6<\/p>\n
\u6b63\u5e38\u7684\u5e94\u8be5\u662f\u6709\u4ee5\u4e0b key \u6587\u4ef6\uff1a<\/p>\n
![\"file\"](\"https:\/\/nj.transwarp.cn:8180\/wp-content\/uploads\/2021\/08\/image-1687944790728.png\")
<\/p>\n
3 \u89e3\u51b3\u65b9\u6848<\/h4>\n
\u5907\u4efd\u539f\u59cb\/srv\/kubernetes \u6587\u4ef6\u5939<\/p>\n
cp -r \/srv\/kubernetes \/tmp\/kubernetes_bak<\/code><\/pre>\n\u624b\u52a8\u751f\u6210\u65b0\u7684\u5bc6\u94a5<\/p>\n
docker run --volume \/srv\/kubernetes\/:\/srv\/kubernetes\/ --net=host transwarp\/gencerts:transwarp-xxx \/usr\/bin\/entry.sh\uff08transwarp-xxx \u6362\u6210\u5b9e\u9645\u7684\u7248\u672c\uff0c\u5982 transwarp-5.2.0-final\uff09<\/code><\/pre>\n\u751f\u6210\u4e86\u65b0\u7684\u5bc6\u94a5\u6587\u4ef6\u4e4b\u540e\uff0c\u53bb \/srv\/kubernetes\/ \u76ee\u5f55\u4e0b\u67e5\u770b\u5bc6\u94a5\u6587\u4ef6\u7684\u521b\u5efa\u65f6\u95f4\uff1b<\/p>\n
systemctl restart haproxy && docker rm -vf $(docker ps -qa) && systemctl restart kubelet<\/code><\/pre>\n\u7136\u540e\u91cd\u542f registry<\/p>\n
mv \/opt\/kubernetes\/manifests-multi\/tos-registry.manifest \/tmp\/\nmv \/tmp\/tos-registry.manifest \/opt\/kubernetes\/manifests-multi\/<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"\u6982\u8981\u63cf\u8ff0 \u672c\u6587\u63cf\u8ff0\u4e86registry pod\u65e5\u5fd7\u62a5\u9519\u201chttp:TLS handshake error fro ..<\/p>\n