dapr sidecar 容器无法启动
0
悬赏园豆:30
[已解决问题]
解决于 2026-05-03 20:24
今天在 kubernetes 集群上部署应用时出现 dapr sidecar 容器因为健康检查失败而无法启动的问题
Container daprd failed liveness probe, will be restarted
Liveness probe failed: Get "http://192.168.15.143:3501/v1.0/healthz": dial tcp 192.168.15.143:3501: connect: connection refused
Readiness probe failed: Get "http://192.168.15.143:3501/v1.0/healthz": dial tcp 192.168.15.143:3501: connect: connection refused
问题补充:
通过查看 dapr-sentry 的日志发现,原来是 dapr 的根证书过期了
kubectl logs deploy dapr-sentry -n dapr-system
日志内容
level=warning msg="Dapr root certificate expiration warning: certificate has expired."
最佳答案
0
可以通过 dapr cli 很轻松地完成证书更新,当时安装 dapr 时就已经在 control-plane 服务器上安装好了 dapr cli
dapr mtls renew-certificate -k --valid-until 365 --restart
更新证书的命令输出
⌛ Starting certificate rotation
ℹ️ generating fresh certificates
ℹ️ Updating certifcates in your Kubernetes cluster
ℹ️ Dapr control plane version 1.11.2 detected in namespace dapr-system
✅ Certificate rotation is successful! Your new certicate is valid through Wed, 02 May 2027 12:13:46 UTC
ℹ️ Restarting deploy/dapr-sentry..
ℹ️ Restarting deploy/dapr-operator..
ℹ️ Restarting statefulsets/dapr-placement-server..
✅ All control plane services have restarted successfully!
