From e26ec75dd3c05d7d37b82768b6bc99b5812d4182 Mon Sep 17 00:00:00 2001
From: Simon Leiner <simon@leiner.me>
Date: Sat, 18 Feb 2023 20:38:34 +0100
Subject: [PATCH 1/3] Pick kube-vip interface automatically by default

---
 roles/k3s/master/defaults/main.yml     | 5 +++++
 roles/k3s/master/templates/vip.yaml.j2 | 4 +++-
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/roles/k3s/master/defaults/main.yml b/roles/k3s/master/defaults/main.yml
index 24e4a6a99..9776f8930 100644
--- a/roles/k3s/master/defaults/main.yml
+++ b/roles/k3s/master/defaults/main.yml
@@ -1,4 +1,9 @@
 ---
+# If you want to explicitly define an interface that ALL control nodes
+# should use to propagate the VIP, define it here. Otherwise, kube-vip
+# will determine the right interface automatically at runtime.
+kube_vip_iface: null
+
 server_init_args: >-
   {% if groups['master'] | length > 1 %}
     {% if ansible_hostname == hostvars[groups['master'][0]]['ansible_hostname'] %}
diff --git a/roles/k3s/master/templates/vip.yaml.j2 b/roles/k3s/master/templates/vip.yaml.j2
index 2629398dd..862aee642 100644
--- a/roles/k3s/master/templates/vip.yaml.j2
+++ b/roles/k3s/master/templates/vip.yaml.j2
@@ -30,8 +30,10 @@ spec:
           value: "true"
         - name: port
           value: "6443"
+{% if kube_vip_iface %}
         - name: vip_interface
-          value: {{ flannel_iface }}
+          value: {{ kube_vip_iface }}
+{% endif %}
         - name: vip_cidr
           value: "{{ apiserver_endpoint | ansible.utils.ipsubnet | ansible.utils.ipaddr('prefix') }}"
         - name: cp_enable

From 6a806d6df7c154c7dcaf1bc34cfb0b7112219907 Mon Sep 17 00:00:00 2001
From: Simon Leiner <simon@leiner.me>
Date: Sun, 19 Feb 2023 08:21:16 +0100
Subject: [PATCH 2/3] molecule: Fix ipv6 scenario

---
 molecule/ipv6/overrides.yml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/molecule/ipv6/overrides.yml b/molecule/ipv6/overrides.yml
index fea629ea5..d701d24c8 100644
--- a/molecule/ipv6/overrides.yml
+++ b/molecule/ipv6/overrides.yml
@@ -7,6 +7,11 @@
         # See: https://github.com/flannel-io/flannel/blob/67d603aaf45ef80f5dd39f43714fc5e6f8a637eb/Documentation/troubleshooting.md#Vagrant  # noqa yaml[line-length]
         flannel_iface: eth1
 
+        # In this scenario, we have multiple interfaces that the VIP could be
+        # broadcasted on. Since we have assigned a dedicated private network
+        # here, let's make sure that it is used.
+        kube_vip_iface: eth1
+
         # The test VMs might be a bit slow, so we give them more time to join the cluster:
         retry_count: 45
 

From 245766b45f71c0fe41f0c54f9c5525caad84086c Mon Sep 17 00:00:00 2001
From: Simon Leiner <simon@leiner.me>
Date: Sun, 19 Feb 2023 08:22:00 +0100
Subject: [PATCH 3/3] Choose a more restrictive molecule timeout in CI

---
 .github/workflows/test.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index c25f6cf48..5ca606fd7 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -71,6 +71,7 @@ jobs:
 
       - name: Test with molecule
         run: molecule test --scenario-name ${{ matrix.scenario }}
+        timeout-minutes: 90
         env:
           ANSIBLE_K3S_LOG_DIR: ${{ runner.temp }}/logs/k3s-ansible/${{ matrix.scenario }}
           ANSIBLE_SSH_RETRIES: 4