Hey @creamy-pencil-82913 Following from this https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/ My aim is to create a k3s cluster where the control-plane nodes are not accessible with

kubectl get no

Research shows me that I should start the kubernetes process with

--register-node=false

Is this possible with k3s or do you have a better suggestion on how I could achieve this?

You can try starting the servers with --disable-agent to not run containerd or kubelet, but it's unsupported. The kubelet won't really be functional without a node object anyway. Also note that if you're using embedded etcd, we need the node object to manage the etcd cluster membership, so that probably won't work right.

Understood, so if I'm to use --disable agent I cannot have multiple control plane nodes

With embedded etcd, yes. You can still use multiple servers with external SQL when disabling the agent, as that does not require node resources to coordinate.

Got it, I'll try with disable agent

Interested @wonderful-spring-28306. Why are you doing this? What’s the goal? And also why the old version of K3s?

Hey @late-needle-80860

And your setup do not support that change?

The ultimate goal is to have controllers without node objects hence not accesible via kubectl and impossible to schedule pods. This can obviously be achieved by using taints but having no node objects in controllers provides better isolation.

Okay sure. However, it sounds like that’s possible based on Brandon’s response.

Yes. I verified that it's possible for a single controller however metrics-server was broken. I fixed that with

kgctl