I have just installer k3s (msg="Starting k3s v1.33.4+k3s1 (148243c4)") in Rocky Linux 9.6. Simple installation: curl -sfL https://get.k3s.io | sh -s - --node-ip 10.50.50.240 The problem: since the first run, I see this error: level=info msg="Waiting to retrieve agent configuration; server is not ready: Get \"https://127.0.0.1:6443/v1-k3s/client-ca.crt\": context deadline exceeded (Client.Timeout exceeded while awaiting headers)" No firewalld. Running sudo iptables -L |grep DROP DROP all -- !127.0.0.0/8 127.0.0.0/8 /* block incoming localnet connections */ ! ctstate RELATED,ESTABLISHED,DNAT DROP all -- anywhere anywhere ctstate INVALID DROP all -- anywhere anywhere /* rule to drop invalid state for pod */ ctstate INVALID DROP all -- anywhere anywhere /* rule to drop invalid state for pod */ ctstate INVALID DROP all -- anywhere anywhere /* rule to drop invalid state for pod */ ctstate INVALID DROP all -- anywhere anywhere /* rule to drop invalid state for pod */ ctstate INVALID DROP all -- anywhere anywhere /* rule to drop invalid state for pod */ ctstate INVALID IS THIS THE PROBLEM ? When sudo iptables -F for few seconds it works curl -vk https://127.0.0.1:6443/cacerts The iptables rules are immediatly refreshed. What happens? Does someone have had this problem?

turn off firewalld and reboot

firewalld is not active or enabled at now But I have found a solution creating an exception enabling localhost and 6443 port sudo iptables -I INPUT -i lo -j ACCEPT sudo iptables -I INPUT -p tcp --dport 6443 -j ACCEPT after k3s start and the cacerts return available I have create a service starting after k3s ti solve

What else did you do? Besides installing K3s?