查看日志报错以下内容:
time="2021-03-29T00:28:18.603256144Z" level=fatal msg="starting tls server: Get https://localhost:6444/apis/apiextensions.k8s.io/v1beta1/customresourcedefinitions: x509: certificate has expired or is not yet valid"
证书过期问题导致.
1、先禁用 ntp 时钟同步:timedatectl set-ntp false
2、调整时间到证书过期前:date -s "xxxxx"
3、进入rancher容器,手动删除证书:docker exec -it ${rancher_server_id} bash
mv /var/lib/rancher/k3s/server/tls/*.crt /opt/.
4、重启rancher容器
docker restart ${rancher_server_id}
5、如果rancher启动后报错:certificate signed by unknown authority,需要再重启一次rancher
6、浏览器地址栏查看证书时间已调整后,启动 ntp 服务,timedatectl set-ntp true,,,,ntpdate ntp.xxxx.com
1、此问题为rancher 2.3 版本及之前存在,v2.4 后已修复,对 rancher server 进行版本升级即可解决。
https://mp.weixin.qq.com/s/BFRmMVU4sUo3e-wnKHSP_A
![docker实战--部署一个spring boot微服务[图]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)