Killer Shell CKA - Apiserver Misconfigured

controlplane:~$ k get pods -A
The connection to the server 172.30.1.2:6443 was refused - did you specify the right host or port?

controlplane:~$ crictl ps -a | grep api
controlplane:~$

controlplane:~$ cat /var/log/syslog | grep kube-apiserver
...
2025-09-18T18:31:09.374852+00:00 controlplane kubelet[1560]: I0918 18:31:09.374711    1560 kubelet.go:3309] "Creating a mirror pod for static pod" pod="kube-system/kube-apiserver-controlplane"
2025-09-18T18:31:09.420997+00:00 controlplane kubelet[1560]: E0918 18:31:09.420818    1560 kubelet.go:3311] "Failed creating a mirror pod" err="pods \"kube-apiserver-controlplane\" already exists" pod="kube-system/kube-apiserver-controlplane"
2025-09-18T19:16:58.792760+00:00 controlplane kubelet[1560]: E0918 19:16:58.792415    1560 file.go:108] "Unable to process watch event" err="can't process config file \"/etc/kubernetes/manifests/kube-apiserver.yaml\": /etc/kubernetes/manifests/kube-apiserver.yaml: couldn't parse as pod(yaml: line 4: could not find expected ':'), please check config file"
2025-09-18T19:17:15.763575+00:00 controlplane kubelet[1560]: E0918 19:17:15.762697    1560 file.go:187] "Could not process manifest file" err="/etc/kubernetes/manifests/kube-apiserver.yaml: couldn't parse as pod(yaml: line 4: could not find expected ':'), please check config file" path="/etc/kubernetes/manifests/kube-apiserver.yaml"
2025-09-18T19:17:25.933002+00:00 controlplane kubelet[1560]: E0918 19:17:25.932844    1560 mirror_client.go:138] "Failed deleting a mirror pod" err="Delete \"https://172.30.1.2:6443/api/v1/namespaces/kube-system/pods/kube-apiserver-controlplane\": dial tcp 172.30.1.2:6443: connect: connection refused" pod="kube-system/kube-apiserver-controlplane"

controlplane:~$ cp /etc/kubernetes/manifests/kube-apiserver.yaml ~/kube-apiserver.yaml.ori
controlplane:~$ vim /etc/kubernetes/manifests/kube-apiserver.yaml

controlplane:~$ crictl ps -a | grep api
c157523014713       ee794efa53d85       20 seconds ago       Exited              kube-apiserver            3                   b1f63d8786efa       kube-apiserver-controlplane               kube-system

controlplane:~$ crictl logs c157523014713
Error: unknown flag: --authorization-modus

controlplane:~$ vim /etc/kubernetes/manifests/kube-apiserver.yaml

controlplane:~$ crictl ps -a | grep api
b45956fb062a3       ee794efa53d85       3 seconds ago       Running             kube-apiserver            0                   9706cb8c7e023       kube-apiserver-controlplane               kube-system

controlplane:~$ crictl logs b45956fb062a3
...
I0919 10:17:39.802967       1 instance.go:233] Using reconciler: lease
W0919 10:17:39.805015       1 logging.go:55] [core] [Channel #2 SubChannel #4]grpc: addrConn.createTransport failed to connect to {Addr: "127.0.0.1:23000", ServerName: "127.0.0.1:23000", }. Err: connection error: desc = "transport: Error while dialing: dial tcp 127.0.0.1:23000: connect: connection refused"
W0919 10:17:39.805294       1 logging.go:55] [core] [Channel #1 SubChannel #3]grpc: addrConn.createTransport failed to connect to {Addr: "127.0.0.1:23000", ServerName: "127.0.0.1:23000", }. Err: connection error: desc = "transport: Error while dialing: dial tcp 127.0.0.1:23000: connect: connection refused"

controlplane:~$ grep -n 23000 /etc/kubernetes/manifests/kube-apiserver.yaml
25:    - --etcd-servers=https://127.0.0.1:23000

controlplane:~$ grep -n advertise /etc/kubernetes/manifests/etcd.yaml
5:    kubeadm.kubernetes.io/etcd.advertise-client-urls: https://172.30.1.2:2379
16:    - --advertise-client-urls=https://172.30.1.2:2379
22:    - --initial-advertise-peer-urls=https://172.30.1.2:2380

controlplane:~$ vim /etc/kubernetes/manifests/kube-apiserver.yaml

controlplane:~$ crictl ps | grep api
d64e6feb2879a       ee794efa53d85       5 seconds ago       Running             kube-apiserver            0                   b1ad8307333db       kube-apiserver-controlplane               kube-system

controlplane:~$ kubectl get pods -A
NAMESPACE            NAME                                      READY   STATUS    RESTARTS        AGE
kube-system          calico-kube-controllers-fdf5f5495-8jbqm   1/1     Running   7 (5m37s ago)   31d
kube-system          canal-rtfc5                               2/2     Running   2 (19m ago)     31d
kube-system          coredns-6ff97d97f9-2rxsf                  1/1     Running   1 (19m ago)     31d
kube-system          coredns-6ff97d97f9-85m5c                  1/1     Running   1 (19m ago)     31d
kube-system          etcd-controlplane                         1/1     Running   1 (19m ago)     31d
kube-system          kube-apiserver-controlplane               1/1     Running   0               31d
kube-system          kube-controller-manager-controlplane      1/1     Running   2 (15m ago)     31d
kube-system          kube-proxy-7kdz8                          1/1     Running   1 (19m ago)     31d
kube-system          kube-scheduler-controlplane               1/1     Running   2 (15m ago)     31d
local-path-storage   local-path-provisioner-5c94487ccb-gmwjg   1/1     Running   1 (19m ago)     31d