When I try to check my k8s certs expiration states, I run the following command:
kubeadm alpha certs check-expirationwhich ended up with:
name: Invalid value: "alpha_53_116": a DNS-1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character (e.g. 'example.com', regex used for validation is '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*')I was wondering why it needs to check the node's hostname? As the hostname of my master node couldn't be altered, is there any way to solve this problem?
complement:
OS: Centos 7.4
kubeadm version: 1.15.0
As you pointed in your question, problem is with your node name. According to documentation command kubeadm alpha certs
The command shows expiration/residual time for the client certificates in the /etc/kubernetes/pki folder and for the client certificate embedded in the KUBECONFIG files used by kubeadm (admin.conf, controller-manager.conf and scheduler.conf).
Mentioned files can be found in /etc/kubernetes. You can also check kubeadm init configuration using kubeadm config print init-defaults.
Those files will contain name of your hostname which is invalid in kubeadm/kubernetes. In short, as kubeadm alpha certs is based on KUBECONFIG files and pki folder, it will not go trought validation due to "_" sign. Unfortunately it is syntax issue so there is no workaround.
Please keep in mind that alpha is Kubeadm experimental sub-commands. So it might be changed in the future.