k3s-agents fail to start due to being unable to grab the CA certs

Question

k3s-agents fail to start due to being unable to grab the CA certs

brandon-dacrib opened this issue 7 months ago · 1 comments

brandon-dacrib commented 7 months ago

I am running on arm64. My ks3-agent instances all fail to start with the following error: I get

level=error msg="failed to get CA certs: Get "https://127.0.0.1:6444/cacerts\": EOF"

When I hop onto one of those nodes and run

````curl -k -v https://127.0.0.1:6444/cacerts I get

curl: (35) error:0A000126:SSL routines::unexpected eof while reading.

I am running on some turing pi rk1s and my inventory.yml looks like
`
k3s_cluster:
children:
server:
hosts:
192.168.xxx.xxx: #tp0n1.local:
agent:
hosts:
192.168.xxx.yyy: #tp0n2.local:
192.168.xxx.zzz: #tp0n3.local:

vars:
ansible_port: 22
ansible_user: john
k3s_version: v1.29.1+k3s2
token: "xxx" # Use ansible vault if you want to keep it secret
api_endpoint: "{{ hostvars[groups['server'][0]]['ansible_host'] | default(groups['server'][0]) }}"
extra_server_args: ""
extra_agent_args: ""
`

Answer 1 · 2024-02-22T17:46:05.000Z

Check your firewall on the nodes. Are you blocking communication over port 6444. This is likely not an issue with k3s-ansible, its a problem with the communication between your nodes.