一、查看证书过期的时间

kubeadm certs check-expiration

二、证书备份

cp -rp /etc/kubernetes/ /etc/kubernetes/kubernetes.20230320

三、重新生成证书

kubeadm certs renew all

四、重新生成配置文件

mkdir /etc/kubernetes/conf.20230320

mv /etc/kubernetes/*.conf /etc/kubernetes/conf.20230320

kubeadm init phase kubeconfig all

Done renewing certificates. You must restart the kube-apiserver, kube-controller-manager, kube-scheduler and etcd, so that they can use the new certificates.

五、重启kubelet和更新配置

systemctl restart kubelet

cp /etc/kubernetes/admin.conf ~/.kube/config

需要重启kube-apiserver, kube-controller-manager, kube-scheduler and etcd 四个组件

根据容器ID 进行重启
比如 docker restart (kube-apiserver容器ID）