[root@k8smaster etcd]# ll
总用量 24
-rw-r--r--. 1 root root 386 3月 5 22:55 ca-config.json
-rw-r--r--. 1 root root 1005 3月 5 22:56 ca.csr
-rw-r--r--. 1 root root 267 3月 5 22:56 ca-csr.json
-rw-------. 1 root root 1679 3月 5 22:56 ca-key.pem
-rw-r--r--. 1 root root 1367 3月 5 22:56 ca.pem
-rw-r--r--. 1 root root 645 3月 5 22:51 server-csr.json
[root@k8smaster etcd]# cat ca-config.json
{
"signing": {
"default": {
"expiry": "87600h"
},
"profiles": {
"kubernetes": {
"usages": [
"signing",
"key encipherment",
"server auth",
"client auth"
],
"expiry": "87600h"
}
}
}
}
[root@k8smaster etcd]# cat ca.csr
-----BEGIN CERTIFICATE REQUEST-----
MIICrTCCAZUCAQAwaDELMAkGA1UEBhMCQ04xEDAOBgNVBAgTB0JlaUppbmcxEDAO
BgNVBAcTB0JlaUppbmcxDDAKBgNVBAoTA2s4czESMBAGA1UECxMJNFBhcmFkaWdt
MRMwEQYDVQQDEwprdWJlcm5ldGVzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA6ujDGvoFWMFbp1oaZKyl3Hpmgkb7X8KzdGaPYyXB7g9u22zxL3FZjNid
WuRXk1pt1uyC6pmNbLkaaRemdq3UgrW+ULtvsSn23RrFpQn0NTB3UcN3v0IH4lIA
StrIAw2kDVXcdk0J669h9mqefE1IsvTf2Rv8Q4Xs9sMuXqC3M7hxEhoRjX3kudLy
R7uLQz82KYe1Fo1NVbiOOTYIne4B7kui1fmV+YIPVhMNKkj9G900KHLqiv+HXBoA
gZRwixIPkhjDnE/55AtrG56atxkmD/Aroiz5mqRiYs5piw2qysx3gFmaIHPPPJ6y
+Aj1whsA0V45jP9TZbIKtsOeZ+Ho1wIDAQABoAAwDQYJKoZIhvcNAQELBQADggEB
AGuKlJQBL+AaYG2XwXKcZnV4fzdFq6LiwZ3WT4YSmcc4AzaTwDGTbBZn94Xo2hSw
OQ4ZsaJx6wTC3upqapR+KmNW+p0/hA1sKhZ9qO1g4ufsNLUVcFxXAEgKLA3QUMMx
rsFitJdaf0p0/TI03NtLXNUcXRb8TGC0IvOTbG1yzj24c6COy/KFRYtgSezblTYe
McXSmHTD1efrYzQoRAvIUREbY9HAVXsTIp+o0GLdTTC9gOwVwy4wlBsMIQXuzXcx
idqPHL6W9N5MegsxF1qMMPhFr0Ap+oNDEDKYQ1aw3o+xrgOWr/sILZy6RLwEUEUB
WlmgDDuj/BbO0sGs+hSqc44=
-----END CERTIFICATE REQUEST-----
[root@k8smaster etcd]#
[root@k8smaster etcd]# cat ca-csr.json
{
"CN": "kubernetes",
"key": {
"algo": "rsa",
"size": 2048
},
"names": [
{
"C": "CN",
"ST": "BeiJing",
"L": "BeiJing",
"O": "k8s",
"OU": "4Paradigm"
}
]
}
[root@k8smaster etcd]#
[root@k8smaster etcd]# cat ca-key.pem
-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEA6ujDGvoFWMFbp1oaZKyl3Hpmgkb7X8KzdGaPYyXB7g9u22zx
L3FZjNidWuRXk1pt1uyC6pmNbLkaaRemdq3UgrW+ULtvsSn23RrFpQn0NTB3UcN3
v0IH4lIAStrIAw2kDVXcdk0J669h9mqefE1IsvTf2Rv8Q4Xs9sMuXqC3M7hxEhoR
jX3kudLyR7uLQz82KYe1Fo1NVbiOOTYIne4B7kui1fmV+YIPVhMNKkj9G900KHLq
iv+HXBoAgZRwixIPkhjDnE/55AtrG56atxkmD/Aroiz5mqRiYs5piw2qysx3gFma
IHPPPJ6y+Aj1whsA0V45jP9TZbIKtsOeZ+Ho1wIDAQABAoIBAQCS0Ocf9SNiVXbz
IV1djoobQmTPB44US5vdJDx5ux95qiue+HfFLxLI9JlkNVKGxf3gVfF8rnu1d/sJ
s75Wbk5jYzOPQZaNI60mg5UDkTUQCTqJ36D36E0FJjsIjbR0NBJUQ1WGmp+YrgSL
/hcPmT3WmzVMfDEuAoYXs+VHPytBJtL7d5bxpoS8add71EUfH0RCky6M851od+EE
rzkUArEvKZ9e6JcWYeOFBA5EfR4304qCV+YqEYpnlen4TF7MKvbm3eb3fISDYn5X
DtBc/PwdqS0TtPaD4u8tLpn6JWbfLrUQ867F1canRutktQcIIecFyt+XXXyVkX96
CS9f3wABAoGBAPTnTURhI8TCX/l+M4UNiaVHqt5LMr3cJQ3xJqtuTWQaDPWzbbL6
znVPxukdSPx2mpTeVZ/OxwY2QN7EroU/b7LSxYrillmb35CMB2f/+4GJGmXVoAp4
Rrm9xSU1+eoewQ2XR3/BpW9DjPG9z2IjMNzlhpFDSVBzvjFkY++keEyBAoGBAPWN
iK+3Kvwl9T9aDtF9FPHe6ogxikuzCwqz9WDEDci3rWKufyYzi6PIDNH/VC+Dv87A
swnsRcbKcjjZW8ZXkr48ZSKXgNnh7XFmtVoKoeLCmhsEvN7HaCO+czjgrlikta/p
nbRpLX8w/AnBOOc9DwusVJ+sh3ygQ7emUdLoH2lXAoGBAIjtMfRDY55FFygFeYSw
tv7j/RLgdHRWu5j59abvuvF25zwQoArr07cfbZU0vHP7VB5b2P/KutgsSUTELtdt
SmRvF+e5HFrpnavRvupU4yffohTBxgNUkCaVhb5yWVKe801IAb/aY0a8O/eFKogy
KMW4xu488qa6r+IpwP5htKkBAoGBAOFq67b7fJ97LRfaUc4oeIjN7hnW+LEjjRhn
OfR6JnlDfQ0hSaJFIYTaCkLhlWQFG5jut619VFT41kCv8Rs0m4a+JM3LrULXr8Ux
13vwVMq5gQUapVQSVNyzYk0tnX/MvOnfmaHcCCNCUa2Wzukg2WYK7qiilsJm0aOP
MIBgDS4DAoGAQRg5XGABgjXnmB12jhQQJ83iEple+49E9XQwfg1QB4DVNMtdHlWk
WA1CvvKMgbGzp8aR7I4LL9oiWKY5VKRaG97I5jITdk/LVj6u3M7kn/OXS2HuphmB
P5kcSdIkMd8RTb+XQo8aJ8HUBvw5yQvSbF4tf06i7dhu5buo/68sEQY=
-----END RSA PRIVATE KEY-----
[root@k8smaster etcd]#
[root@k8smaster etcd]# cat ca.pem
-----BEGIN CERTIFICATE-----
MIIDxDCCAqygAwIBAgIUBAu4r13fAsDfMNXhvfpXnTAc0ekwDQYJKoZIhvcNAQEL
BQAwaDELMAkGA1UEBhMCQ04xEDAOBgNVBAgTB0JlaUppbmcxEDAOBgNVBAcTB0Jl
aUppbmcxDDAKBgNVBAoTA2s4czESMBAGA1UECxMJNFBhcmFkaWdtMRMwEQYDVQQD
EwprdWJlcm5ldGVzMB4XDTIyMDMwNTE0NTEwMFoXDTI3MDMwNDE0NTEwMFowaDEL
MAkGA1UEBhMCQ04xEDAOBgNVBAgTB0JlaUppbmcxEDAOBgNVBAcTB0JlaUppbmcx
DDAKBgNVBAoTA2s4czESMBAGA1UECxMJNFBhcmFkaWdtMRMwEQYDVQQDEwprdWJl
cm5ldGVzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ujDGvoFWMFb
p1oaZKyl3Hpmgkb7X8KzdGaPYyXB7g9u22zxL3FZjNidWuRXk1pt1uyC6pmNbLka
aRemdq3UgrW+ULtvsSn23RrFpQn0NTB3UcN3v0IH4lIAStrIAw2kDVXcdk0J669h
9mqefE1IsvTf2Rv8Q4Xs9sMuXqC3M7hxEhoRjX3kudLyR7uLQz82KYe1Fo1NVbiO
OTYIne4B7kui1fmV+YIPVhMNKkj9G900KHLqiv+HXBoAgZRwixIPkhjDnE/55Atr
G56atxkmD/Aroiz5mqRiYs5piw2qysx3gFmaIHPPPJ6y+Aj1whsA0V45jP9TZbIK
tsOeZ+Ho1wIDAQABo2YwZDAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB
/wIBAjAdBgNVHQ4EFgQUj4XQew28mTRPOA429SFBNuHMZgcwHwYDVR0jBBgwFoAU
j4XQew28mTRPOA429SFBNuHMZgcwDQYJKoZIhvcNAQELBQADggEBAN/Ae67lbXT8
sY33RcBVZy/Txy+rLwdNOF1igcRwkJ6MljGsutP1vy72VAiMgE8GK0SRWSXLPeBH
ISbiMVMrmiSXVsr4oAUbTRDWzxB7l86steB/ZFyoW+nR59UuHogFzkLGx+GtcGsA
YtINIXaoBQtzdwKVXwonSIfplAJsziPxNGG9pBOKW9RDi7X9onxcV72PnED+lEPi
6wy2T+xgVQ3mW1Tr9Smj53+jyvujd/ybjTgFi44rkerxutXoQ0ZoAuagPcZurKZZ
5S9ZlMX6dIpnxnTjbyouEWLVOUalWkCnKinhb+XoKTJug+tZpAtd3wyEL9QsADsT
TEKWr94HUjI=
-----END CERTIFICATE-----
[root@k8smaster etcd]#
[root@k8smaster etcd]# cat server-csr.json
{
"CN": "kubernetes",
"hosts": [
"10.0.0.1", # 这个是后边dns要用的虚拟网络的网关,不用改,就用这个切忌
"127.0.0.1",
"192.168.237.144",
"192.168.237.143",
"192.168.237.145",
"kubernetes",
"kubernetes.default",
"kubernetes.default.svc",
"kubernetes.default.svc.cluster",
"kubernetes.default.svc.cluster.local"
],
"key": {
"algo": "rsa",
"size": 2048
},
"names": [
{
"C": "CN",
"L": "BeiJing",
"ST": "BeiJing",
"O": "k8s",
"OU": "System"
}
]
}
[root@k8smaster etcd]#
生成证书的时候报了这个错,有谁知道是什么原因吗?
[root@k8smaster etcd]# cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json -profile=kubernetes server-csr.json | cfssljson -bare server
invalid character '#' looking for beginning of value
Failed to parse input: unexpected end of JSON input
[root@k8smaster etcd]#