| disable_flannel | false | Set to true if you want to install a different CNI. |
| debug | false | To see in real-time what scripts are being executed. Beware, it will print the tokens, so please don't run when in a hostile environment. |
| cluster_cidr | 10.244.0.0/16 | Optional: A custom IPv4/IPv6 network CIDR to use for pod IPs. |
| service_cidr | 10.43.0.0/16 | Optional: A custom IPv4/IPv6 network CIDR to use for service IPs. |
| cluster_dns | 10.43.0.10 | Optional: IPv4 Cluster IP for CoreDNS service. Needs to be an address from the service_cidr range. |
| enable_public_net_ipv4 | true | Set it to false if you don't want the nodes to have a public IPv4 address. To access the public network from the nodes, you have to set up a NAT gateway. |
| enable_public_net_ipv6 | true | Set it to false if you don't want the nodes to have a public IPv6 address. To access the public network from the nodes, you have to set up a NAT gateway. |
| private_api_load_balancer | false | Default is false; set it to true if you want to use a private API load balancer, ensuring that it's accessible from where you are executing this config. |
| api_server_hostname | | DNS for the k8s API LoadBalancer. Only enable after you have run the create command at least once and done the DNS mapping to the private IP or public IP of the load balancer. Else, the kubectl command will DNS timeout. |
| use_ssh_agent | false | Set to true if your key has a passphrase or if SSH connections don't work or seem to hang without an agent. |
| ssh_port | 22 | SSH port for connecting to nodes. |
| private_network_subnet | 10.0.0.0/16 | Subnet for the private network. Ensure this doesn't overlap with other networks in the same project. |
| schedule_workloads_on_masters | false | Determines whether workloads can be scheduled on master nodes. |
| worker_node_pools | | Configuration for worker node pools, including names, instance types, counts, locations, and autoscaling configurations. |
| image | "ubuntu-24.04" | The default OS image for nodes. |
| snapshot_os | "default" | OS type when using a custom snapshot for the node image. |
| enable_encryption | false | Enable encryption for data at rest. |
| additional_packages | | Array of additional packages to install on cluster nodes. |
| kube_api_server_args | | Custom arguments for the Kubernetes API server. |
| kube_scheduler_args | | Custom arguments for the Kubernetes scheduler. |
| kube_controller_manager_args | | Custom arguments for the Kubernetes |
| existing_network_name | | Name of an existing network to use for the cluster. |
| autoscaler_version | v2 | The version of the autoscaler to use. |
| autoscaling_image | Deprecated | Deprecated: previously used for specifying the autoscaling image. |
| autoscaling_image_arm64 | | Specifies the image to use for ARM64 instance autoscaling. |
| autoscaling_image_x86 | | Specifies the image to use for x86 instance autoscaling. |
| kube_cloud_controller_manager_args | | Custom arguments for the Kubernetes cloud controller manager. |
| kubelet_args | | Custom arguments for kubelet. |
| kube_proxy_args | | Custom arguments for kube proxy. |
| disable_kube_proxy | false | Set to true to disable kube proxy, useful when using a custom CNI. |
| cloud_controller_manager_manifest_url | "https://github.com/hetznercloud/hcloud-cloud-controller-manager/releases/download/v1.19.0/ccm-networks.yaml" | URL for the cloud controller manager manifest. Useful for cloud resource management integration. |
| csi_driver_manifest_url | "https://raw.githubusercontent.com/hetznercloud/csi-driver/v2.6.0/deploy/kubernetes/hcloud-csi.yml" | URL for the CSI driver manifest, enabling storage integration with specific cloud providers. |
| system_upgrade_controller_manifest_url | "https://raw.githubusercontent.com/rancher/system-upgrade-controller/master/manifests/system-upgrade-controller.yaml" | URL for system upgrade controller manifest, facilitating cluster updates. |
| post_create_commands | | Commands executed post-creation of cluster nodes for further customization or installation. |