# CAAPF auto-import troubleshooting This repository is already configured to automatically register CAPI clusters with Fleet via the Cluster API Add-on Provider for Fleet (CAAPF). In RKE2 1.33, the CAAPF controller switches to the

sendInitialEvents

mode as soon as it detects a minor API server version ≥ 32. If the

WatchList

feature gate is not enabled on the manager nodes, kube-apiserver responds with HTTP 422 and CAAPF does not start reconcile flows. Results: -

rancher-turtles-system/caapf-controller-manager

logs repeatedly show errors like `sendInitialEvents is forbidden for watch unless the WatchList feature gate is enabled`; -

caapf_controller_reconciliations_total

metric remains equal to "0"; The CAPI cluster is missing the

<http://fleet.addons.cluster.x-k8s.io|fleet.addons.cluster.x-k8s.io>

finalizer, so the Fleet Workspace and Fleet Cluster are not created. ## How to fix 1. On each control-plane host of the local RKE2 cluster (

rancher-01

,

rancher-02

,

rancher-03

), add the following feature-gates block for the control-plane components to `/etc/rancher/rke2/config.yaml`:

bash
kube-apiserver-arg:
- "feature-gates=WatchList=true"
kube-controller-manager-arg:
- "feature-gates=WatchList=true"
kube-scheduler-arg:
- "feature-gates=WatchList=true"

> Make sure you maintain the YAML structure (two spaces) when editing the file. 2. Restart RKE2 on each control node one by one to reduce the impact on the control plane:

bash
kubectl debug node/<node-name> --image=busybox -- chroot /host systemctl restart rke2-server

Wait for the

Ready

status for the node and move on to the next one. 3. Verify that the kube-apiserver Pods have been recreated and the circuit has stabilized:

bash
kubectl get pods -n kube-system -l component=kube-apiserver
kubectl get nodes

4. Verify that CAAPF has started processing events:

bash
kubectl logs -n rancher-turtles-system deploy/caapf-controller-manager -c manager --tail=200
kubectl get cluster -n <cluster-namespace> <cluster-name> -o jsonpath='{.metadata.finalizers}'
kubectl get clusters.fleet.cattle.io -n <cluster-namespace>
kubectl get fleetworkspaces.management.cattle.io

Finalizer appearance

<http://fleet.addons.cluster.x-k8s.io|fleet.addons.cluster.x-k8s.io>

, Fleet Cluster, and the new Fleet Workspace (

clusters-<namespace>

) means auto-import is working. ## Things to consider - The

config.yaml

change must be committed to Ansible/Terraform or another IaC to prevent it from being lost when reinstalling nodes. - After fixing the issue, you can delete the temporary

kubectl debug

pods:

kubectl delete pod node-debugger-...

. - The

caapf_controller_reconciliations_total

metric may remain zero in v0.11.0—this is a known issue in upstream; use actual Fleet resource creation as a reference.