diff --git a/tasks/main.yml b/tasks/main.yml
index 150d112e1dafba936c947c9e5a56fcee6ad1b07f..b9ceb859ee4edbda40fe32b9c10d656ac0133495 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -1,11 +1,13 @@
 ---
 
 
+- import_tasks: token.yml
+
 - name: import base k3s role
   import_role:
     name: k3s_base
   vars:
-    k3s_argv: 'agent --datastore-cafile /etc/ssl/k3s/root.ca.crt --datastore-certfile /etc/ssl/k3s/{{fqdn}}.crt --datastore-keyfile /etc/ssl/k3s/{{fqdn}}.key --datastore-endpoint "{% for server in etcd_servers %}https://{{server}}:2379{% if not loop.last %},{% endif %}{% endfor %}"'
+    k3s_argv: 'agent --token-file /etc/rancher/node/token --server https://{{k3s_master_controller}}:6443'
 
 - import_tasks: all.yml
 
diff --git a/tasks/token.yml b/tasks/token.yml
new file mode 100644
index 0000000000000000000000000000000000000000..677ce74f3cd4c87a149598372bfa76eb687fee6c
--- /dev/null
+++ b/tasks/token.yml
@@ -0,0 +1,23 @@
+---
+
+- name: not master control plane k3s server
+  block:
+    - name: get master token
+      slurp:
+        path: /var/lib/rancher/k3s/server/node-token
+      run_once: yes
+      register: k3s_master_token
+      delegate_to: "{{k3s_master_controller}}"
+    - name: required directory created
+      file:
+        path: /etc/rancher/node
+        state: directory
+    - name: create node-token
+      copy:
+        content: "{{ k3s_master_token['content'] | b64decode }}"
+        dest: /etc/rancher/node/token
+        mode: 0600
+        owner: root
+        group: root
+      notify: restart k3s
+  tags: token