Ansible-roles/kubernetes/templates/k3s/server/config.yaml.jinja2

## Base ##
{% if inventory_hostname == groups['kubernetes'][0] %}
# Initialize with internal etcd
cluster-init: true
{% else %}
server: https://{{ hostvars[groups['kubernetes'][0]]['nodeip_ipv4'] }}:6443
{% endif %}

token: '{{ kubernetes.token }}'
tls-san:
  - {{ kubernetes.control_plane.dns_name }}

# Networking
{% if nodeip_ipv6 != "" and kubernetes.ipPool.ipv6 is defined %}
node-ip: {{ nodeip_ipv4 }},{{ nodeip_ipv6 }}
cluster-cidr: {{ kubernetes.ipPool.ipv4.cluster_cidr }},{{ kubernetes.ipPool.ipv6.cluster_cidr }}
service-cidr: {{ kubernetes.ipPool.ipv4.service_cidr }},{{ kubernetes.ipPool.ipv6.service_cidr }}  

# FIXME: Workaround for bug in Kubernetes 1.24/1.25 ignoring node IPv6 addresses
kubelet-arg: "--node-ip=0.0.0.0"
{% else %}
node-ip: {{ nodeip_ipv4 }}
cluster-cidr: {{ kubernetes.ipPool.ipv4.cluster_cidr }}
service-cidr: {{ kubernetes.ipPool.ipv4.service_cidr }}
{% endif %}

egress-selector-mode: disabled

# Network-plugin
{% if kubernetes.network.plugin == "flannel" %}
flannel-backend: vxlan
{% else %}
disable-network-policy: true
flannel-backend: none
{% endif %}

# Ingress-plugin
{% if kubernetes.ingress_controller != "traefik-ingress" %}
disable: traefik
{% endif %}

## Label
# Region & DC
node-label:
{% if region is defined %}
  - topology.kubernetes.io/region={{ region }}
{% endif %}
{% if zone is defined %}
  - topology.kubernetes.io/zone={{ zone }}
{% endif %}

{{ kubernetes.config_extra | to_yaml }}
Initial role-data 2 years ago			`## Base ##`
			`{% if inventory_hostname == groups['kubernetes'][0] %}`
Add comments to variables 2 years ago			`# Initialize with internal etcd`
Initial role-data 2 years ago			`cluster-init: true`
			`{% else %}`
Fix undeterministic node-selection but uses group 2 years ago			`server: https://{{ hostvars[groups['kubernetes'][0]]['nodeip_ipv4'] }}:6443`
Initial role-data 2 years ago			`{% endif %}`

Add quotes to token-usage for special chars 2 years ago			`token: '{{ kubernetes.token }}'`
Initial role-data 2 years ago			`tls-san:`
			`- {{ kubernetes.control_plane.dns_name }}`

			`# Networking`
Only enable ipv6 when available and activated 2 years ago			`{% if nodeip_ipv6 != "" and kubernetes.ipPool.ipv6 is defined %}`
Initial role-data 2 years ago			`node-ip: {{ nodeip_ipv4 }},{{ nodeip_ipv6 }}`
			`cluster-cidr: {{ kubernetes.ipPool.ipv4.cluster_cidr }},{{ kubernetes.ipPool.ipv6.cluster_cidr }}`
Only enable ipv6 when available and activated 2 years ago			`service-cidr: {{ kubernetes.ipPool.ipv4.service_cidr }},{{ kubernetes.ipPool.ipv6.service_cidr }}`

			`# FIXME: Workaround for bug in Kubernetes 1.24/1.25 ignoring node IPv6 addresses`
			`kubelet-arg: "--node-ip=0.0.0.0"`
			`{% else %}`
			`node-ip: {{ nodeip_ipv4 }}`
			`cluster-cidr: {{ kubernetes.ipPool.ipv4.cluster_cidr }}`
			`service-cidr: {{ kubernetes.ipPool.ipv4.service_cidr }}`
			`{% endif %}`
Initial role-data 2 years ago
			`egress-selector-mode: disabled`

			`# Network-plugin`
Fix old usage of network_plugin var 2 years ago			`{% if kubernetes.network.plugin == "flannel" %}`
Initial role-data 2 years ago			`flannel-backend: vxlan`
Add network-plugin option 2 years ago			`{% else %}`
			`disable-network-policy: true`
			`flannel-backend: none`
			`{% endif %}`
Initial role-data 2 years ago
Add ingress-option 2 years ago			`# Ingress-plugin`
			`{% if kubernetes.ingress_controller != "traefik-ingress" %}`
			`disable: traefik`
			`{% endif %}`
Add labels 2 years ago
			`## Label`
			`# Region & DC`
			`node-label:`
			`{% if region is defined %}`
			`- topology.kubernetes.io/region={{ region }}`
			`{% endif %}`
			`{% if zone is defined %}`
			`- topology.kubernetes.io/zone={{ zone }}`
			`{% endif %}`

Add extra-config option 2 years ago			`{{ kubernetes.config_extra \| to_yaml }}`