This message was deleted.
# rke2a
adamant-kite-43734
12/10/2024, 2:01 PMThis message was deleted.
e
early-salesmen-78006
12/10/2024, 2:04 PMLastly, if I copy /var/lib/rancher/rke2/agent/server-ca.crt on the agent itself, and add it to the OS trust store it will also allow the agent to start without issue, so it does appear to be TLS/cert related.
a
abundant-hair-58573
12/10/2024, 7:15 PMAs far as I know you should only be upgrading by one minor version at a time, https://kubernetes.io/releases/version-skew-policy/#supported-version-skew
e
early-salesmen-78006
12/10/2024, 7:45 PMI just used 1.26.9 as a test, but this occurs even if I start with all new nodes at the 1.31.2 version, and occurs with any version newer than 1.26.x.
early-salesmen-78006
12/11/2024, 10:00 PMAs a test I incrementally upgraded from 1.26.9 to 1.27.9.
Everything worked as expected.
Then I upgraded to 1.28.9 next and now I am back in the same situation with agent nodes unable to join due to certificate errors:
Copy code
Waiting to retrieve agent configuration; server is not ready: CA cert validation failed: Get \"<https://127.0.0.1:6444/cacerts>\"2 Views