ibm-cloud-private - 设置 Helm cli 导致致命的“错误:远程错误:tls:错误证书”
问题描述
我正在关注https://github.com/rpsene/icp-scripts/blob/master/icp-310-single-node.sh使用 docker 安装 CE 版本的 ICP。但导致以下错误
TASK [tiller : Deploying Tiller] ***********************************************
changed: [localhost]
TASK [tiller : Waiting for Tiller to start] ************************************
changed: [localhost]
TASK [helm-config : Setting up Helm cli] ***************************************
FAILED - RETRYING: Setting up Helm cli (10 retries left).
FAILED - RETRYING: Setting up Helm cli (9 retries left).
FAILED - RETRYING: Setting up Helm cli (8 retries left).
FAILED - RETRYING: Setting up Helm cli (7 retries left).
FAILED - RETRYING: Setting up Helm cli (6 retries left).
FAILED - RETRYING: Setting up Helm cli (5 retries left).
FAILED - RETRYING: Setting up Helm cli (4 retries left).
FAILED - RETRYING: Setting up Helm cli (3 retries left).
FAILED - RETRYING: Setting up Helm cli (2 retries left).
FAILED - RETRYING: Setting up Helm cli (1 retries left).
fatal: [localhost]: FAILED! => changed=true
attempts: 10
cmd: |-
helm init --client-only --skip-refresh
export HELM_HOME=~/.helm
cp /installer/cluster/cfc-certs/helm/admin.crt $HELM_HOME/cert.pem
cp /installer/cluster/cfc-certs/helm/admin.key $HELM_HOME/key.pem
kubectl -n kube-system get pods -l app=helm,name=tiller
helm list --tls
delta: '0:00:02.447326'
end: '2019-01-31 19:36:02.072940'
msg: non-zero return code
rc: 1
start: '2019-01-31 19:35:59.625614'
stderr: 'Error: remote error: tls: bad certificate'
stderr_lines: <omitted>
stdout: |-
$HELM_HOME has been configured at /root/.helm.
Not installing Tiller due to 'client-only' flag having been set
Happy Helming!
NAME READY STATUS RESTARTS AGE
tiller-deploy-546cd68bcb-b8wkw 1/1 Running 1 5h
stdout_lines: <omitted>
PLAY RECAP *********************************************************************
192.168.17.131 : ok=159 changed=87 unreachable=0 failed=0
localhost : ok=75 changed=40 unreachable=0 failed=1
Playbook run took 0 days, 0 hours, 10 minutes, 10 seconds
解决方案
许多人需要tiller-deploy
通过重新启动它来升级它。
# use following command to check whether the tiller-deploy pod is running or not
$kubectl get pod -n kube-system
# delete tiller-deploy deployment
$kubectl delete deployment -n kube-system tiller-deploy
# use the same command to confirm that the tiller-deploy is deleted
$kubectl get pod -n kube-system
# use the command below to deploy tiller-deploy again
$helm init
推荐阅读
- java - 在具有命名空间的 Java 中针对模式的 XML 验证失败
- tfs - 我应该将自定义构建步骤放在 MSBuild 还是 TFS/Azure DevOps 构建管道中?
- android - 为什么来自 PWA 的 web apk 没有 Internet 权限?
- python - 如何确定客户端是否在 tkinter 消息框中选择了“ok”?
- python-3.x - 如何在 Python 中使用“尝试写入小于 Content-Length 的 x 字节”来修复龙卷风错误
- arrays - Countifs 公式在使用数组排除时不起作用,但适用于包含
- python - Python any() 条件未返回正确的输出
- ldap - AWS EMR JupyterHub 设置 LDAP 但未启动笔记本
- android - 如何在 android 的 webview 中打开 PPT/Presentation 文件?
- ios - 如何使用 UIScrollView 做到这一点?