--- apiVersion: kubeadm.k8s.io/v1beta3 kind: JoinConfiguration discovery: {% if kubeadm_use_file_discovery %} file: kubeConfigPath: {{ kube_config_dir }}/cluster-info-discovery-kubeconfig.yaml {% else %} bootstrapToken: {% if kubeadm_config_api_fqdn is defined %} apiServerEndpoint: {{ kubeadm_config_api_fqdn }}:{{ loadbalancer_apiserver.port | default(kube_apiserver_port) }} {% else %} apiServerEndpoint: {{ kubeadm_discovery_address }} {% endif %} token: {{ kubeadm_token }} {% if kubeadm_ca_hash.stdout is defined %} caCertHashes: - sha256:{{ kubeadm_ca_hash.stdout }} {% else %} unsafeSkipCAVerification: true {% endif %} {% endif %} timeout: {{ discovery_timeout }} tlsBootstrapToken: {{ kubeadm_token }} caCertPath: {{ kube_cert_dir }}/ca.crt {% if kubeadm_cert_controlplane is defined and kubeadm_cert_controlplane %} controlPlane: localAPIEndpoint: advertiseAddress: {{ kube_apiserver_address }} bindPort: {{ kube_apiserver_port }} certificateKey: {{ kubeadm_certificate_key }} {% endif %} nodeRegistration: name: '{{ kube_override_hostname }}' criSocket: {{ cri_socket }} {% if 'calico_rr' in group_names and 'kube_node' not in group_names %} taints: - effect: NoSchedule key: node-role.kubernetes.io/calico-rr {% endif %} {% if kubeadm_patches is defined and kubeadm_patches.enabled %} patches: directory: {{ kubeadm_patches.dest_dir }} {% endif %}