时间戳

首页 > 解决方案 > 设置 Helm cli 导致致命的“错误:远程错误:tls:错误证书”

ibm-cloud-private - 设置 Helm cli 导致致命的“错误:远程错误:tls:错误证书”

问题描述

我正在关注https://github.com/rpsene/icp-scripts/blob/master/icp-310-single-node.sh使用 docker 安装 CE 版本的 ICP。但导致以下错误

TASK [tiller : Deploying Tiller] ***********************************************
changed: [localhost]

TASK [tiller : Waiting for Tiller to start] ************************************
changed: [localhost]

TASK [helm-config : Setting up Helm cli] ***************************************
FAILED - RETRYING: Setting up Helm cli (10 retries left).
FAILED - RETRYING: Setting up Helm cli (9 retries left).
FAILED - RETRYING: Setting up Helm cli (8 retries left).
FAILED - RETRYING: Setting up Helm cli (7 retries left).
FAILED - RETRYING: Setting up Helm cli (6 retries left).
FAILED - RETRYING: Setting up Helm cli (5 retries left).
FAILED - RETRYING: Setting up Helm cli (4 retries left).
FAILED - RETRYING: Setting up Helm cli (3 retries left).
FAILED - RETRYING: Setting up Helm cli (2 retries left).
FAILED - RETRYING: Setting up Helm cli (1 retries left).
fatal: [localhost]: FAILED! => changed=true
  attempts: 10
  cmd: |-
    helm init --client-only --skip-refresh
     export HELM_HOME=~/.helm
     cp /installer/cluster/cfc-certs/helm/admin.crt $HELM_HOME/cert.pem
     cp /installer/cluster/cfc-certs/helm/admin.key $HELM_HOME/key.pem
     kubectl -n kube-system get pods -l app=helm,name=tiller
     helm list --tls
  delta: '0:00:02.447326'
  end: '2019-01-31 19:36:02.072940'
  msg: non-zero return code
  rc: 1
  start: '2019-01-31 19:35:59.625614'
  stderr: 'Error: remote error: tls: bad certificate'
  stderr_lines: <omitted>
  stdout: |-
    $HELM_HOME has been configured at /root/.helm.
    Not installing Tiller due to 'client-only' flag having been set
    Happy Helming!
    NAME                             READY     STATUS    RESTARTS   AGE
    tiller-deploy-546cd68bcb-b8wkw   1/1       Running   1          5h
  stdout_lines: <omitted>

PLAY RECAP *********************************************************************
192.168.17.131             : ok=159  changed=87   unreachable=0    failed=0
localhost                  : ok=75   changed=40   unreachable=0    failed=1

Playbook run took 0 days, 0 hours, 10 minutes, 10 seconds

标签: ibm-cloud-private

解决方案

许多人需要tiller-deploy通过重新启动它来升级它。

# use following command to check whether the tiller-deploy pod is running or not
$kubectl get pod -n kube-system

# delete tiller-deploy deployment
$kubectl delete deployment -n kube-system tiller-deploy

# use the same command to confirm that the tiller-deploy is deleted
$kubectl get pod -n kube-system

# use the command below to deploy tiller-deploy again
$helm init

推荐阅读