K3S agent failed to join server, CA cert validation failed

[NKU-Yang]

My k3s agent failed to join the server with "ERRO[0020] CA cert validation failed: Get "https://127.0.0.1:6444/cacerts": context deadline exceeded (Client. Timeout exceeded while awaiting headers)".

The server IP in my cluster is 192.168.137.2, and the k3s server has successfully run on it.

Then I execute "k3s agent -s https://192.168.137.2:6443 -t <token from server> --with-node-id 1", get the error.

I don't understand why the load-balancer was trying to curl 127.0.0.1:6444 ? Below is the screen print.

Before I give this issue, I searched for this error on Google and tried the following:

1. Double-check the server IP and I can confirm the server IP and port number are right
2. make sure the content of /etc/rancher/node/password is the same for both server and agent
3. The server and agent can ping each other
4. I also tried executing "curl -vk https://192.168.137.2:6443/cacerts" on the agent and it just works well.
5. I did not use any third-party proxy such as HAProxy.

However, all of these cannot solve my problem. I'm really confused.

My server's OS is Ubuntu 22.04 with Linux 5.10.110, and the agent's OS is OpenEuler 22.03 with Linux 5.10. Both of them are Arm platforms.

[brandond]

The logs show that the server is advertising its address as 192.168.1.121, which is not reachable by the agent. Did you need to set --node-ip on the server to have it select the correct address?