{{- range $i := until (.Values.control_plane.node_count | int) }} --- apiVersion: v1 kind: Secret metadata: name: {{ $.Values.cluster_name }}-cp-{{ $i }}-cloudinit namespace: {{ $.Values.cluster_namespace }} stringData: userdata: | #cloud-config {{- if $.Values.vm.qemu_agent_install }} package_update: true packages: - qemu-guest-agent {{- end }} write_files: {{- if $.Values.control_plane.files }} {{ $.Values.control_plane.files | toYaml | indent 4 }} {{- end }} - path: /etc/rancher/rke2/config.yaml owner: root content: | token: {{ $.Values.shared_token }} {{- if ne $i 0 }} server: https://{{ $.Values.control_plane.vip }}:9345 {{- end }} system-default-registry: {{ $.Values.system_default_registry }} tls-san: - {{ $.Values.cluster_name }}-cp-{{ $i }} - {{ $.Values.control_plane.vip }} secrets-encryption: true write-kubeconfig-mode: 0640 use-service-account-credentials: true {{- if hasKey $.Values "registry_config" }} - path: /etc/rancher/rke2/registries.yaml owner: root content: |- {{ $.Values.registry_config | toYaml | indent 8 }} {{- end }} - path: /etc/hosts owner: root content: | 127.0.0.1 localhost 127.0.0.1 {{$.Values.cluster_name }}-cp-{{ $i }} runcmd: {{- if $.Values.vm.qemu_agent_enable }} - - systemctl - enable - '--now' - qemu-guest-agent.service {{- end }} {{- if not $.Values.vm.airgapped_image }} - mkdir -p /var/lib/rancher/rke2-artifacts && wget https://raw.githubusercontent.com/rancher/rke2/refs/heads/master/install.sh -O /var/lib/rancher/install.sh && chmod +x /var/lib/rancher/install.sh {{- end}} - INSTALL_RKE2_VERSION={{ $.Values.rke2_version }} /var/lib/rancher/install.sh - systemctl enable rke2-server.service - useradd -r -c "etcd user" -s /sbin/nologin -M etcd -U - systemctl start rke2-server.service ssh_authorized_keys: - {{ $.Values.ssh_pub_key }} {{- if ne $.Values.control_plane.ipam "dhcp" }} {{- if hasKey $.Values.control_plane "network" }} networkdata: | {{ index $.Values.control_plane.network $i | indent 4 }} {{- end}} {{- else}} networkdata: "" {{- end}} {{- end}}