Created
June 10, 2024 12:33
-
-
Save Elektordi/feb5f36c3c50e8afbfb67a392de7140a to your computer and use it in GitHub Desktop.
Renew kube certificates if expiring
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| kubeadm certs check-expiration | grep -B999 "CERTIFICATE AUTHORITY" | grep -E "no +$" | grep -E "( [0-9]d |invalid)" | |
| if [[ $? == 0 ]]; then | |
| echo "Certificates to renew!" | |
| kubeadm certs renew all | |
| crictl ps --label io.kubernetes.pod.namespace=kube-system -q | xargs crictl stop | |
| echo "OK" | |
| else | |
| echo "Nothing to do." | |
| fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
And replace
kubeadm certswithkubeadm alpha certsfor old clusters...