Update-AksHciClusterCertificates
Synopsis
Rotates the tokens and certificates of all clients in the workload cluster.
Syntax
Update-AksHciClusterCertificates -name
[-fixCloudCredentials]
[-force]
Update-AksHciClusterCertificates -name
[-fixKubeletCredentials]
[-force]
Description
Rotates the tokens and certificates of all clients in the workload cluster.
Examples
To fix cloud agent related certs, if the target cluster loses communication with the cloud agent
Update-AksHciClusterCertificates -name mycluster -fixCloudCredentials
To fix the cluster certs, if there are communication issues between target clusters
Update-AksHciClusterCertificates -name mycluster -fixKubeletCredentials
Parameters
-name
The name of the Kubernetes cluster on which you want to reprovision the certificates.
Type: System.String
Parameter Sets: (All)
Aliases:
Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-fixCloudCredentials
Reprovisions tokens for cluster pods that communicate with MOC. Use this flag if the workload cluster loses communication with the cloud agent.
Type: System.Management.Automation.SwitchParameter
Parameter Sets: (All)
Aliases:
Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-fixKubeletCredentials
Reprovision certificates for the cluster control plane nodes.
Type: System.Management.Automation.SwitchParameter
Parameter Sets: (All)
Aliases:
Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-force
Use this flag to force token and certificate rotation regardless of expiry dates.
Type: System.Management.Automation.SwitchParameter
Parameter Sets: (All)
Aliases:
Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False