对于提出同样问题的人,我尝试在我的测试集群上执行全新安装,这似乎工作得相当顺利。我通过运行找到了我的头盔版本的名称helm list
然后我执行了以下步骤:
1.Backup:
kubectl get -o yaml \
--all-namespaces \
issuer,clusterissuer,certificates,orders,challenges > cert-manager-backup.yaml
Source https://docs.cert-manager.io/en/latest/tasks/backup-restore-crds.html
2.Delete:
# Uninstall the Helm chart
helm delete --purge <your release name here>
# Ensure the cert-manager CustomResourceDefinition resources do not exist:
kubectl delete crd \
certificates.certmanager.k8s.io \
issuers.certmanager.k8s.io \
clusterissuers.certmanager.k8s.io
步骤 2 中描述的here https://docs.cert-manager.io/en/latest/tasks/upgrading/upgrading-0.5-0.6.html
3.安装新的jetstack版本:
# Install the CustomResourceDefinition resources separately
kubectl apply -f https://raw.githubusercontent.com/jetstack/cert-manager/release-0.9/deploy/manifests/00-crds.yaml
# Create the namespace for cert-manager
kubectl create namespace cert-manager
# Label the cert-manager namespace to disable resource validation
kubectl label namespace cert-manager certmanager.k8s.io/disable-validation=true
# Add the Jetstack Helm repository
helm repo add jetstack https://charts.jetstack.io
# Update your local Helm chart repository cache
helm repo update
# Install the cert-manager Helm chart
helm install --name <your release name here> --namespace cert-manager --version v0.9.1 jetstack/cert-manager
描述here https://docs.cert-manager.io/en/latest/getting-started/install/kubernetes.html#installing-with-helm
4.恢复:
我尝试过跑步
kubectl apply -f cert-manager-backup.yaml
如上所述here https://docs.cert-manager.io/en/latest/tasks/backup-restore-crds.html#restoring但这一步实际上对我来说并没有完全奏效。发行人已创建(自签名和 CA),但我无法重新创建Certificates
and ClusterIssuer
。这些是我收到的错误:
Error from server (InternalError): Internal error occurred: failed calling webhook "clusterissuers.admission.certmanager.k8s.io": the server is currently unable to handle the request
Error from server (InternalError): Internal error occurred: failed calling webhook "certificates.admission.certmanager.k8s.io": the server is currently unable to handle the request
我有我的原创yaml
文件并能够创建ClusterIssuer
and Certificate
通过应用它们