Failed to read cluster ca certificate when joining worker node

kubernetes ca debian-buster k0s

I am attempting to setup a multi-node k8s cluster as per this kOS Setup Link, but I face the error below when I try to join one of the nodes to the master node:

    k0s token create --role=worker
    WARN[2022-01-12 13:55:31] no config file given, using defaults
    Error: failed to read cluster ca certificate from /var/lib/k0s/pki/ca.crt: open 
    /var/lib/k0s/pki/ca.crt: no such file or directory. check if the control plane is 
    initialized on this node

I verified from the control node that this file does, exist however:

cd /var/lib/k0s/pki
ls

I am new to k8s setup from scratch, and a bit unsure which configuration item I need to fix (and where between master and worker nodes?). My research shows that A token is required when joining a new worker node to the Kubernetes cluster -- This token is generated from the control node. It also says that When you bootstrap a cluster with kubeadm, a token is generated which expires after 24 hours

When I try to check for the existence of a token on master node I get:

 kubeadm tokens list
-bash: kubeadm: command not found

I am unsure however if this is correct ( Is k0s even bootstrapped with kubeadm??).

However using k0s CLI syntax I can see that they are no tokens on the master:

k0s token list
No k0s join tokens found

My question:

  1. What do I need to do for the file that is reporting as missing.
  2. Is this error (possibly) related to the issue of token above and if so do I first need to regenerate the token at the master node end.
  3. I have encountered multiple fixes at this Github Issue but I am not sure if any of them applies to my issue. Last thing I need is to break the current setup before I have even finished the cluster setup.

Environment Master node : Debian 10 Buster Worker node : Debian 10 Buster


Solution 1:

I've got the same error as you when I tried to run k0s token create --role=worker on the worker node.

You need to run this command on the master node:

Next, you need to create a join token that the worker node will use to join the cluster. This token is generated from the control node.

First you need to run k0s token create --role=worker on the master node to get a token and later use this token on the worker node:

On the worker node, issue the command below.

k0s worker <login-token>

So:

  • generate a token on the master using k0s token create --role=worker
  • use this token on the worker using k0s worker <login-token>

In my case I also needed to add sudo before both commands, so they looked like sudo k0s token create --role=worker and sudo k0s worker <login-token>

You wrote:

I am unsure however if this is correct ( Is k0s even bootstrapped with kubeadm ?? ).

No, they are two different and independent solutions.

Related

Filling NaN values from a list with different shape
django get queryset which is latest of other column value
.flat() is not a function, what's wrong?
log4j performance on huge treatment batch (10-12h)
How do I open an Explorer window in a given directory from cmd.exe?
Where i put decryption code for responce in retrofit andriod
Is it possible to change the iOS Build Under review Over App Store
Django and react login with google authentication
SQL Server Management Studio SSMS tries to "save to file" instead of execute on F5
Can you avoid Gson converting "<" and ">" into unicode escape sequences?
JSON serialization/deserialization in ASP.Net Core
Returning first x items from array