apiVersion: bootstrap.cluster.x-k8s.io/v1alpha3
kind: KubeadmConfigTemplate
metadata:
  name: worker-1
spec:
  template:
    spec:
      joinConfiguration:
        nodeRegistration:
          name: '{{ ds.meta_data.name }}'
          kubeletExtraArgs:
            node-labels: 'metal3.io/uuid={{ ds.meta_data.uuid }},node-type=worker'
            provider-id: 'metal3://{{ ds.meta_data.uuid }}'
            feature-gates: "IPv6DualStack=true"
            cgroup-driver: "systemd"
            container-runtime: remote
          criSocket: "unix:///run/containerd/containerd.sock"
      files:
        - path: "/etc/systemd/system/containerd.service.d/http-proxy.conf"
          content: |
            [Service]
            Environment="HTTP_PROXY=REPLACEMENT_HTTP_PROXY"
            Environment="HTTPS_PROXY=REPLACEMENT_HTTPS_PROXY"
            Environment="NO_PROXY=REPLACEMENT_NO_PROXY"
      # Since we are using containerd as a default CRI, we do not need
      # any adjustments and settings for docker anymore. However, if for
      # some reason docker has to be presented in the system, we need to
      # create http-proxy.conf.
      preKubeadmCommands:
        # Restart docker and containerd to apply any proxy settings
        - export HOME=/root
        - mkdir -p /etc/containerd
        - containerd config default | sed -r -e '/\[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc\]$/a\          SystemdCgroup = true' | tee /etc/containerd/config.toml
        - systemctl daemon-reload
        - systemctl restart containerd
      users:
        - name: deployer
          sshAuthorizedKeys:
          - REPLACE_HOST_SSH_KEY
          sudo: ALL=(ALL) NOPASSWD:ALL