This message was deleted.

If i do a helm get values on rke2-cilium i see the following:

k8sServiceHost: 127.0.0.1

k8sServicePort: 6443

kubeProxyReplacement: strict

Hi! did you get this to work? We have the following code, but the config is not present in the cilium-config, and the operator still wants to connect to the default service IP, though we disabled kube-proxy, instead of the api-server-ip and therefore the node does not get active as nothing can be started. resource "rancher2_cluster_v2" "managed_cluster" { count = 1 name = var.name kubernetes_version = var.kubernetes_version enable_network_policy = var.network_policy rke_config { machine_global_config = <<EOF write-kubeconfig-mode: "644" selinux: true cni: "cilium" disable-kube-proxy: true disable-cloud-controller: true etcd-expose-metrics: false EOF chart_values = <<EOF rke2-cilium: cilium: kubeProxyReplacement: "true" k8sServiceHost: "${var.lb_ip_addr}" k8sServicePort: "443" ipv6: enabled: true EOF machine_selector_config { config = { cloud-provider-name = "external" profile = "cis-1.23" protect-kernel-defaults = true } } } }