You may notice on a new DKP install that your Control Plane nodes are not becoming healthy and it seems to be stuck at installing Calico to the environment.
If you investigate the output of the kubeadmcontrolplane object on your bootstrap cluster (`kubectl describe kubeadmcontrolplane`), you may notice an event message that resembles the following:
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Warning ControlPlaneUnhealthy 28s (x39 over 91m) kubeadm-control-plane-controller Waiting for control plane to pass preflight checks to continue reconciliation: [machine my-dkp-control-plane-xxxxx does not have APIServerPodHealthy condition, machine my-dkp-control-plane-xxxxx does not have ControllerManagerPodHealthy condition, machine my-dkp-control-plane-xxxxx does not have SchedulerPodHealthy condition, machine my-dkp-control-plane-xxxxx does not have EtcdPodHealthy condition, machine my-dkp-control-plane-xxxxx does not have EtcdMemberHealthy condition]
To investigate further, look into the logs of the pods in the capi-system namespace (along with the other capx-system namespaces depending on your provider).
One potential issue you may notice is related to permission issues being logged by the capi-controller-manager pod. If this is the case, you may need to ensure that all necessary ports are open for intra-cluster communication. They are documented here:
If you have configured all necessary ports to be open in your environment or via security groups and are still encountering this issue, please file a ticket with support: