I’m not aware of anything that can’t be configured in the helm chart values, if there is something, open an issue on GH and we’ll see what we can do about it.

(for some reason it wouldn’t let me edit my previous message) Thank you for responding. To answer your question, we started deploying calico via helm chart in RKE due to the most recent calico version in RKE being far from current. Even before that, we found we had to add custom resources for items like

BGPConfig

(to add explicit service/externalIP CIDRs, control BGP communities, and support BGP passwords),

BGPPeers

(to add multiple endpoints and node selectors),

felixConfiguration

to control iptables/DSR behavior when testing eBPF, and custom

IPPools

to control the resource naming to simplify troubleshooting. Now that we’re testing RKE2 I am curious if we can migrate to the instance that is provided, but we would need a mechanism for applying those custom resources, preferably as part of the same install so we can stop worrying about race conditions where the Rancher v3 API doesn’t include the machine record until after the CNI and network are functioning and cluster-registration has completed.

in this case, the challenge is mainly around order of operations and trying to simplify application of the complete config as much as possible

since these higher level calico CRDs are not included in the operator, I was just curious if there is a mechanism to provide them to RKE2 and have it

kubectl apply -f

them so-to-speak during the install

totally understand if it isn’t possible, currently we just have to watch for kube-apiserver to come up on the first node, then run the commands directly for it to finish building the cluster and joining to Rancher UI

All you need to do to use the manifests directory is to drop the yaml files in that directory

You can put a HelmChartConfig manifest in there and it will customize the packaged HelmChart. But as the docs say, you can put absolutely any valid manifest in there.

thanks for your help