From ee88b613e0a32fb837ea849d193051d1706e6f59 Mon Sep 17 00:00:00 2001
From: Manuel Buil <mbuil@suse.com>
Date: Wed, 8 Dec 2021 16:15:32 +0100
Subject: [PATCH] Add config flags that must be shared across server nodes

Signed-off-by: Manuel Buil <mbuil@suse.com>
---
 content/k3s/latest/en/installation/ha-embedded/_index.md | 6 ++++++
 content/k3s/latest/en/installation/ha/_index.md          | 6 ++++++
 2 files changed, 12 insertions(+)

diff --git a/content/k3s/latest/en/installation/ha-embedded/_index.md b/content/k3s/latest/en/installation/ha-embedded/_index.md
index f8fe7d2ebea..9526a67c61e 100644
--- a/content/k3s/latest/en/installation/ha-embedded/_index.md
+++ b/content/k3s/latest/en/installation/ha-embedded/_index.md
@@ -23,3 +23,9 @@ K3S_TOKEN=SECRET k3s server --server https://<ip or hostname of server1>:6443
 ```
 
 Now you have a highly available control plane. Joining additional worker nodes to the cluster follows the same procedure as a single server cluster.
+
+There are a few config flags that must be the same in all server nodes:         
+
+* Network related flags: `--cluster-dns`, `--cluster-domain`, `--cluster-cidr`, `--service-cidr`
+* Flags controlling the deployment of certain components: `--disable-helm-controller`, `--disable-kube-proxy`, `--disable-network-policy` and any component passed to `--disable`
+* Feature related flags: `--secrets-encryption`
diff --git a/content/k3s/latest/en/installation/ha/_index.md b/content/k3s/latest/en/installation/ha/_index.md
index 92886efbe56..a7bc5491eac 100644
--- a/content/k3s/latest/en/installation/ha/_index.md
+++ b/content/k3s/latest/en/installation/ha/_index.md
@@ -80,6 +80,12 @@ curl -sfL https://get.k3s.io | sh -s - server \
   --datastore-endpoint="mysql://username:password@tcp(hostname:3306)/database-name"
 ```
 
+There are a few config flags that must be the same in all server nodes:
+
+* Network related flags: `--cluster-dns`, `--cluster-domain`, `--cluster-cidr`, `--service-cidr`
+* Flags controlling the deployment of certain components: `--disable-helm-controller`, `--disable-kube-proxy`, `--disable-network-policy` and any component passed to `--disable`
+* Feature related flags: `--secrets-encryption`
+
 > **Note:** Ensure that you retain a copy of this token as it is required when restoring from backup and adding nodes. Previously, K3s did not enforce the use of a token when using external SQL datastores.
 
 ### 5. Optional: Join Agent Nodes