TrueNAS SCALE 22.04.3 运行一直很稳定, 有一天开始突然报错CRITIAL:
1 | Error: (401) Reason: Unauthorized HTTP response headers: < CIMultiDictProxy('Audit-Id': '7b4e8f99-ae3e-415e-b80b-d5ab72dadd85', 'Cache-Control': 'no-cache, private', 'Content-Type': 'application/json', 'Date': 'Sun, 28 May 2023 07:27:45 GMT', 'Content-Length': '129') > HTTP response body: {"kind":"Status","apiVersion":"v1","metadata":{},"status":"Failure","message":"Unauthorized","reason":"Unauthorized","code":401} |
当时没太当回事, 以为是官方仓库挂了. 一个多月后再检查还是这样, 进shell看了一下journal发现是x509证书过期了:
1 | May 29 03:23:29 truenas k3s[11305]: E0529 03:23:29.178174 11305 authentication.go:63] "Unable to authenticate the request" err="[x509: certificate has expired or is not yet valid: current time 2023-05-29T03:23:29+08:00 is after 2023-04-16T16:35:58Z, verifying certificate SN=..., SKID=, AKID=... failed: x509: certificate has expired or is not yet valid: current time 2023-05-29T03:23:29+08:00 is after 2023-04-16T16:35:58Z]" |
shell直接运行k3s kubectl get node也会报错提示 Unauthorized.
解决方法很简单, 重启k3s和docker服务就行 (当然重启主机也可以, 只是会中断当前的读写):
1 | systemctl stop k3s docker |