While working with Install and Setup your own Kubernetes Cluster with K3s, I installed K3s as a non sudo root user. After complete installation when running any kubectl command I was receiving the below error.
ubuntu@AnsibleAWX:~$ ubuntu@AnsibleAWX:~$ kubectl get nodes WARN[0000] Unable to read /etc/rancher/k3s/k3s.yaml, please start server with --write-kubeconfig-mode to modify kube config permissions error: error loading config file "/etc/rancher/k3s/k3s.yaml": open /etc/rancher/k3s/k3s.yaml: permission denied ubuntu@AnsibleAWX:~$
This issue occurs because the logged in user doesn't have sufficient permissions to access /etc/rancher/k3s/k3s.yaml file. To check and see the permissions use ls command with parameters. Next to grant access to current user, grab the information with commands users and groups.
ubuntu@AnsibleAWX:~$ ls -lsa /etc/rancher/k3s/k3s.yaml 4 -rw------- 1 root root 2969 Dec 4 13:52 /etc/rancher/k3s/k3s.yaml ubuntu@AnsibleAWX:~$ ubuntu@AnsibleAWX:~$ groups ubuntu adm cdrom sudo dip plugdev lpadmin lxd sambashare ubuntu@AnsibleAWX:~$ ubuntu@AnsibleAWX:~$ users ubuntu ubuntu@AnsibleAWX:~$
Use chown command with users:groups to assign permissions to k3s.yaml file. You can check the permissions again with ls command.
ubuntu@AnsibleAWX:~$ sudo chown ubuntu:ubuntu /etc/rancher/k3s/k3s.yaml ubuntu@AnsibleAWX:~$ ubuntu@AnsibleAWX:~$ ls -lsa /etc/rancher/k3s/k3s.yaml 4 -rw------- 1 ubuntu ubuntu 2969 Dec 4 13:52 /etc/rancher/k3s/k3s.yaml ubuntu@AnsibleAWX:~$
Execute kubectl command again to get the nodes list, it is successful after providing correct permissions.
ubuntu@AnsibleAWX:~$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
ansibleawx Ready control-plane,master 19m v1.25.4+k3s1
ubuntu@AnsibleAWX:~$
This is a snapshot of complete error and solution of the issue.
Useful Articles
Configure Nginx Load Balancer for the Kubernetes API Server - Part 1
Install and configure Kubernetes cluster master nodes using kubeadm - Part 2
Install and configure Kubernetes cluster worker nodes using kubeadm - Part 3
Kubernetes kubeadm join couldn't validate the identity of the API server connection refused
Kubernetes kubeadm join could not find a jws signature in the cluster-info ConfigMap for token ID
Setup and deploy Ingress controller for Kubernetes on Bare Metal servers
Setup HAProxy for Ingress Controller Kubernetes Cluster