Fix HA cluster join via Load Balancer private IP

Changes: - Use LB private IP (10.0.1.5) instead of public IP for cluster joins - Add LB private IP to k3s TLS SANs on primary control plane - This allows secondary CPs and workers to verify certificates when joining via LB Fixes x509 certificate validation error when joining via LB public IP.
2026-03-23 02:56:41 +00:00
parent 4965017b86
commit 952a80a742
3 changed files with 4 additions and 2 deletions
--- a/ansible/site.yml
+++ b/ansible/site.yml
@@ -24,6 +24,7 @@
    k3s_primary_public_ip: "{{ ansible_host }}"
    k3s_primary_ip: "{{ k3s_private_ip }}"
    k3s_node_ip: "{{ k3s_private_ip }}"
+    kube_api_endpoint: "{{ kube_api_endpoint }}"

  roles:
    - k3s-server