2

I have deployed a Kubernetes cluster with 1 control plane and 2 worker nodes using Kubespray. Now, I am trying to add another worker node. I have included the IP of the virtual machine to be added as worker node in inventory/mycluster/hosts.ini file and I ran ansible-playbook -i inventory/mycluster/hosts.ini scale.yml --flush-cache

I am getting following error:

failed: [kubespray-master-0] (item=ca.pem) => {"changed": false, "item": "ca.pem", "msg": "Permission denied"}
failed: [kubespray-master-0] (item=node-kubespray-master-0-key.pem) => {"changed": false, "item": "node-kubespray-master-0-key.pem", "msg": "Permission denied"}

kubespray-master-0 is my k8s cluster master node.

Thanks in advance.

chaosaffe
  • 848
  • 9
  • 22
Priyanka
  • 101
  • 1
  • 9

1 Answers1

2

As the error message suggests you are being denied permission to access the certificates Kubespray needs to scale the cluster, specifically it needs the Certificate Authority (CA) to generate a certificate for the new node.

Ensure that you have the correct file permissions to read the certificates for the CA and for the control plane node (ca.pem and node-kubespray-master-0-key.pem) and that you have correctly configured your SSLDIR variable to the path storing your cluster's certificates.

chaosaffe
  • 848
  • 9
  • 22