K
Q

Add Worker Node to Kubespray Cluster

1/6/2020

I have deployed a Kubernetes cluster with 1 control plane and 2 worker nodes using Kubespray. Now, I am trying to add another worker node. I have included the IP of the virtual machine to be added as worker node in inventory/mycluster/hosts.ini file and I ran ansible-playbook -i inventory/mycluster/hosts.ini scale.yml --flush-cache

I am getting following error:

failed: [kubespray-master-0] (item=ca.pem) => {"changed": false, "item": "ca.pem", "msg": "Permission denied"}
failed: [kubespray-master-0] (item=node-kubespray-master-0-key.pem) => {"changed": false, "item": "node-kubespray-master-0-key.pem", "msg": "Permission denied"}

kubespray-master-0 is my k8s cluster master node.

Thanks in advance.

-- Priyanka
kubernetes
kubespray

Similar Questions

What is difference between load balancing using Service type ClusterIP and Service type of LoadBalancer?
Add new node pool to GKE cluster
why dash is used in condition Go templates
Ambassador helm chart upgrade fails with resource already exists in the cluster and wasn't defined in the previous release error
Integrating Azure AD with AWS EKS native OIDC
Tekton dashboard deployment error- Error from server (Forbidden): error when creating "config/service.yaml"

1 Answer

1/6/2020

As the error message suggests you are being denied permission to access the certificates Kubespray needs to scale the cluster, specifically it needs the Certificate Authority (CA) to generate a certificate for the new node.

Ensure that you have the correct file permissions to read the certificates for the CA and for the control plane node (ca.pem and node-kubespray-master-0-key.pem) and that you have correctly configured your SSLDIR variable to the path storing your cluster's certificates.

-- chaosaffe
Source: StackOverflow