Skip to content

Instantly share code, notes, and snippets.

@swagfin

swagfin/how-to-join-a-node-into-microk8s-cluster.md

Last active October 28, 2025 17:38
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save swagfin/09ed304b1a590eb42ea9b833f0fedb10 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save swagfin/09ed304b1a590eb42ea9b833f0fedb10 to your computer and use it in GitHub Desktop.
Download ZIP
How to Join a Node into MicroK8s Cluster
Raw
how-to-join-a-node-into-microk8s-cluster.md

How to Join a Node into a MicroK8s Cluster as a Worker

MicroK8s provides an easy way to create lightweight Kubernetes clusters. This guide explains how to join a new node as a worker in an existing MicroK8s cluster using the --worker flag.

1. On the Control Plane (Primary Node)

Run the following command to generate a join token:

microk8s add-node

This will output something like:

From the node you wish to join to this cluster, run the following:
microk8s join 192.168.1.100:25000/bc8c3e4fa837de1d5c4e2a7b8f...

Take note of the generated command.

2. On the New Node (Worker Node)

Enable Firewall Rules

These ports needs to be allowed for communication,

sudo ufw allow 25000 comment "Nodes-Connect"
sudo ufw allow 10250 comment "Kubelet"
sudo ufw allow 16443 comment "Kubernetes Dashboard"

Run the microk8s join command provided in Step 1, but append the --worker flag:

microk8s join 192.168.1.100:25000/bc8c3e4fa837de1d5c4e2a7b8f... --worker

Replace 192.168.1.100:25000/... with the actual address and token from Step 1.

Using the --worker flag ensures the node is joined as a worker, meaning it will not run control plane services.

3. Verify the Cluster

After joining, go back to the control plane and check the node status:

microk8s kubectl get nodes

You should see the new node listed as Ready with a worker role.

4. Removing a Node (Optional)

If you need to remove a node from the cluster, run this command on the control plane:

microk8s remove-node <node-name>

Additional Notes:

  • Ensure all nodes are running the same MicroK8s version.
  • If the worker node has firewall rules, allow communication on port 25000.
  • Nodes might take a few minutes to be fully integrated into the cluster.
  • The control plane nodes handle the cluster management, while worker nodes only run workloads.

⚠️ Warning: Ubuntu 24 Networking Compatibility

Ubuntu 24 now uses:

  • systemd-networkd
  • netfilter/nftables (nft) as the default firewall backend

However, MicroK8s with Calico (especially VXLAN or BGP backends) expects iptables-legacy or at least full iptables/nft compatibility.

This mismatch can cause pod networking issues, such as:

  • Pods failing to reach external services (e.g., SQL Server)
  • Errors like System.Net.Sockets.SocketException: Resource temporarily unavailable

Fix: Either turn off Ufw Firewall OR Switch to the legacy iptables backend:

sudo update-alternatives --set iptables /usr/sbin/iptables-legacy
sudo update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy
sudo update-alternatives --set arptables /usr/sbin/arptables-legacy
sudo update-alternatives --set ebtables /usr/sbin/ebtables-legacy
sudo microk8s stop && sudo microk8s start

This ensures full Calico compatibility and restores stable pod networking.

@swagfin
Copy link
Author

swagfin commented Mar 24, 2025

Feel free to also check this out https://gist.github.com/swagfin/d425b6ab36034a1aae8f22465ad6b228

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment