From 262e9eb4d7f97a148596a508160845140ef5ee12 Mon Sep 17 00:00:00 2001
From: MichaelFisher1997 <contact@michaelfisher.tech>
Date: Mon, 2 Mar 2026 23:28:44 +0000
Subject: [PATCH] fix: bootstrap kube-vip without leader election

Run first-control-plane kube-vip manifest without --leaderElection so VIP can bind before API/RBAC are fully available. Also print kube-vip container exit details on failure.
---
 nixos/kubeadm/modules/k8s-common.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/nixos/kubeadm/modules/k8s-common.nix b/nixos/kubeadm/modules/k8s-common.nix
index 207ec4c..99c9e17 100644
--- a/nixos/kubeadm/modules/k8s-common.nix
+++ b/nixos/kubeadm/modules/k8s-common.nix
@@ -188,7 +188,6 @@ in
         --address "$vip" \
         --controlplane \
         --arp \
-        --leaderElection \
         > /etc/kubernetes/manifests/kube-vip.yaml
 
       # kube-vip bootstrap workaround for Kubernetes >=1.29.
@@ -208,6 +207,7 @@ in
         for container_id in $(crictl ps -a --name kube-vip -q 2>/dev/null); do
           echo "--- kube-vip container $container_id ---"
           crictl logs "$container_id" 2>/dev/null || true
+          crictl inspect "$container_id" 2>/dev/null | jq -r '.status | "exitCode=\(.exitCode) reason=\(.reason // "") message=\(.message // "")"' || true
         done
         echo "==> Checking if VIP is bound:"
         ip -4 addr show | grep "$vip" || echo "VIP NOT BOUND"