Hi, if both kubeapi server and etcd server has some problem in certificate , wil . . .

kanchana:
hi, if both kubeapi server and etcd server has some problem in certificate , will the kubectl not work .
i want clarity on practice questions 12 and 13 of view certificates practice test.

Tej_Singh_Rana:
Hello, @kanchana
What kind of difficulties are you having in that question?
kubectl is a command line third party tool and it’s communicate to the kube-apiserver through API calls. No one manages that tool.
To configure kubectl to work for kube-apiserver, have to configure config file in the default location $HOME/.kube (can be change).

Mohamed Ayman:
Q13: check logs for api-server docker ps -a | grep api ==> docker logs <container> you should see that can’t connect to etcd

then check /etc/kubernetes/manifests/kube-apiserver.yaml
and edit --etcd-cafile=/etc/kubernetes/pki/etcd/ca.crt

Mohamed Ayman:
View the answer at /var/answers path in the environment.

Mohamed Ayman:
Regarding question 12, the --cert-file location not correct and as you said you need to change it to /etc/kubernetes/pki/etcd/server.crt and wait 2 minutes then check.