Join a worker node#
Joining worker nodes to your control plane is similar to the process of joining worker nodes with k0s. You need to obtain a join token that establishes mutual trust between the worker node and control plane, allowing the node to join the cluster as worker.
To join a worker node to the cluster:
-
Obtain a join token:
-
Create a
JoinTokenRequestresource to generate a join token for the worker node. For example:apiVersion: k0smotron.io/v1beta1 kind: JoinTokenRequest metadata: name: my-token namespace: default spec: clusterRef: name: my-cluster namespace: default expiry: 1hTip
The
expiryfield defines the expiration time of the token. Refer to API reference: JoinTokenRequest.spec for the configuration details.k0smotron processes the
JoinTokenRequestresource and creates aSecretresource:apiVersion: v1 kind: Secret metadata: name: my-token namespace: default labels: k0smotron.io/cluster: my-cluster.default k0smotron.io/role: worker k0smotron.io/token-request: my-token type: Opaque data: token: <base64-encoded-token>The
tokenfield contains the base64-encoded token that you can use to join a worker node to the cluster. -
Retrieve the decoded join token from the generated
Secret:kubectl get secret my-token -o jsonpath='{.data.token}' | base64 -d
-
-
Install
k0son the worker node:-
Ensure that the
k0sbinary is installed on the worker node:curl -sSLf https://get.k0s.sh | sudo sh -
Verify that the k0s version in the worker node matches the k0s version installed on the control plane. If needed, you can adjust the k0s version using the
K0S_VERSIONenvironment variable.
-
-
Join the worker node specifying the join token created earlier:
sudo k0s install worker --token-file /path/to/token/file sudo k0s start -
Delete the
JoinTokenRequestresource to invalidate the issued token:kubectl delete jointokenrequest my-token