This seems like it should be an easy question but I'm having trouble finding the answer: I have a home lab cluster (1 srv, 2 additional agents) configured with alternative tls-san and CNAME record in my DNS means my registration address is always

<http://cluster.domain.net|cluster.domain.net>

, regardless of the server node. I like to "cycle" nodes on a regular cadence (say every 2 weeks) to keep nodes up to date. So, if I provision a new server and new agents using the fixed registration (

<http://cluster.domain.net|cluster.domain.net>

), can I just uninstall rke2 from the old nodes and then deprovision them? I would presume i should cordon and drain each node prior to rke2 uninstall, but if I'm provisioning a new server node pointing to the registration address, can I just change the CNAME to point to the new server and then cordon, drain, and uninstall the old server??

if you only have one server, I’m confused as to what will be left to point the new nodes at after you’ve deleted everything. Or are you asking about just the agents?

Some background: In previous RKE1 clusters, I tended to do rolling replacements. but I also have those clusters provisioned as follows: 1 node with the control plane/etcd/worker roles 2 nodes with etcd/worker roles Any additional nodes are just workers I'm wondering if, for RKE2, I should just provision 3 servers always (where they would have workloads as well) and then rolling replacements would be "add one, delete one" as desired. I understand the quorum aspect, but wasn't sure how rolling replacements would work. Sounds like i might be safer with "always 3 servers" and add agents for additional capacity as needed.

in rke2, everything is a also a “worker” unless you go out of your way to taint the server nodes

@creamy-pencil-82913 Thanks for the clarification. I'll re-work my automated provisioning to reflect the first three nodes being servers, and anything after that just plain agents, and allow for rolling replacements. I appreciate the insight!