Update Cert Renewal Docs #8100
Update Cert Renewal Docs #8100
Conversation
eks-distro-bot
added
the
size/M
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #8100 +/- ##
==========================================
- Coverage 73.44% 73.40% -0.05%
==========================================
Files 577 577
Lines 35878 35900 +22
==========================================
+ Hits 26351 26352 +1
- Misses 7861 7882 +21
Partials 1666 1666 ☔ View full report in Codecov by Sentry. |
docs/content/en/docs/clustermgmt/security/manually-renew-certs.md
Outdated
Show resolved
Hide resolved
docs/content/en/docs/clustermgmt/security/manually-renew-certs.md
Outdated
Show resolved
Hide resolved
docs/content/en/docs/clustermgmt/security/manually-renew-certs.md
Outdated
Show resolved
Hide resolved
| @@ -248,6 +248,40 @@ kubectl logs <podname> -n <namespace> --kubeconfig=<kubeconfig> | |||
| .... | |||
| ``` | |||
|
|
|||
| ## Kubectl commands return dial tcp: i/o timeout | |||
|
|
|||
| If you are unable to run kubectl commands on a cluster due to timeout errors, then check if the server endpoint in the kubeconfig matches the control plane's endpoint in the infrastructure provider. If the endpoints do not match, you can ssh into the control plane node to gather logs instead. The kubelet logs can be obtained by running `journalctl -u kubelet.service --no-pager`. It may also be helpful to look at kube-vip logs, which can be found in the `/var/log/pods/kube-system_kube-vip-*` directory. | |||
There was a problem hiding this comment.
why would server endpoint not matching cp endpoint?
timeout can be caused by many issues -- mostly the client can't interact with API server
also does the journalctl cmd works for both BR and ubuntu?
|
|
||
| If you are unable to run kubectl commands on a cluster due to timeout errors, then check if the server endpoint in the kubeconfig matches the control plane's endpoint in the infrastructure provider. If the endpoints do not match, you can ssh into the control plane node to gather logs instead. The kubelet logs can be obtained by running `journalctl -u kubelet.service --no-pager`. It may also be helpful to look at kube-vip logs, which can be found in the `/var/log/pods/kube-system_kube-vip-*` directory. | ||
|
|
||
| # Verify Cluster Certificates are valid |
There was a problem hiding this comment.
is this part of the above section? if so u can use ### instead
|
/lgtm |
|
In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
/approve |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: tatlat The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
/cherry-pick release-0.18 |
|
/cherry-pick release-0.19 |
|
@tatlat: new pull request created: #8126 In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
@tatlat: new pull request created: #8127 In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Issue #, if available:
Description of changes:
Testing (if applicable):
Documentation added/planned (if applicable):
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.