1

The command kubeadm join 192.168.178.38:6443 ... fails

The host/port is reachable. I tested it with telnet.

But I get this on the node:

[discovery] Failed to request cluster-info, will try again: 
    configmaps "cluster-info" is forbidden: 
    User "system:anonymous" cannot get resource "configmaps" in API group "" 
    in the namespace "kube-public"

Where can I find the logs on the control-plane (master-node)?

Maybe I can find more details there way the request failed.

guettli
  • 3,113
  • 14
  • 59
  • 110
  • It's almost certainly that your join-token has expired; they're time bounded unless you take steps to make them last longer – mdaniel Jan 22 '22 at 02:20
  • @mdaniel I don't think so. I created a new token just some minutes ago. Since I don't like guessing, I would like to have a look at the logs of the control-plane to see if I can find more details there. But how to get the logs of the control-plane? – guettli Jan 22 '22 at 14:52
  • 1
    No one can possibly give you an accurate general answer to that question, given the literally infinite ways one could possibly run the control plane. But, in sane containerized setups, it would be `kubectl -n kube-system logs $apiserver_pod_name`, or `docker logs $apiserver_cid`, or `ctr logs $apiserver_cid` as one would expect. In this specific case, however, you'll get a lot more mileage out of cranking up the `kubeadm` verbosity, since it is failing to provide the credentials (that's why `system:anonymous` is in the response). You'll benefit from seeing if _you_ can read `cluster-info`, too – mdaniel Jan 22 '22 at 17:51
  • This problem is related to the access permission of the token. How are you generating the token? Are you using this command? kubeadm token create --print-join-command – Rajesh Dutta Jan 23 '22 at 11:12
  • Hello @guettli. Any updates? – Wytrzymały Wiktor Jan 26 '22 at 13:56
  • @WytrzymałyWiktor yes I created an answer, but I guess it would help you. – guettli Jan 26 '22 at 18:50

1 Answers1

1

In my case there was something wrong with the hostname.

I installed the virtual-machine master with the name k8s.

But in the book I use for learning it is called k8scp.

So I renamed the virtual-machine.

This resulted into the above error message.

Then I re-installed the VM with the name k8scp and then it worked.

Unfortunately I don't know the real root-cause, since re-installing is not an option in most cases :-)

guettli
  • 3,113
  • 14
  • 59
  • 110