Edit

Update-AksHciClusterCertificates

  • Article

Synopsis

Rotates the tokens and certificates of all clients in the workload cluster.

Syntax

Update-AksHciClusterCertificates  -name
                                 [-fixCloudCredentials]
                                 [-force]

Update-AksHciClusterCertificates  -name
                                 [-fixKubeletCredentials]
                                 [-force]

Description

Rotates the tokens and certificates of all clients in the workload cluster.

Examples

Update-AksHciClusterCertificates -name mycluster -fixCloudCredentials

To fix the cluster certs, if there are communication issues between target clusters

Update-AksHciClusterCertificates -name mycluster -fixKubeletCredentials

Parameters

-name

The name of the Kubernetes cluster on which you want to reprovision the certificates.

Type: System.String
Parameter Sets: (All)
Aliases:

Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-fixCloudCredentials

Reprovisions tokens for cluster pods that communicate with MOC. Use this flag if the workload cluster loses communication with the cloud agent.

Type: System.Management.Automation.SwitchParameter
Parameter Sets: (All)
Aliases:

Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-fixKubeletCredentials

Reprovision certificates for the cluster control plane nodes.

Type: System.Management.Automation.SwitchParameter
Parameter Sets: (All)
Aliases:

Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-force

Use this flag to force token and certificate rotation regardless of expiry dates.

Type: System.Management.Automation.SwitchParameter
Parameter Sets: (All)
Aliases:

Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

Next steps

AksHci PowerShell Reference