I'm trying to set up a k3s cluster with the following configuration: 3 server nodes within the same LAN + multiple agent nodes in other networks, with high availability for the control plane and using a load balancer.

Due to my network environment constraints, I want to establish the network through WireGuard. However, after reading the kube-vip documentation about WireGuard, I'm still unclear about the exact steps I should take.

This page mentions generating a peer configuration and running it on the server node. The kubectl command is meant to be executed after k3s is already running, but the VIP selection and kube-vip configuration happen during the k3s deployment. This part is confusing to me. Does storing the peer configuration in a Secret mean that kube-vip has integrated WireGuard functionality?

I need help from the community to understand how to set up a high-availability cluster based on WireGuard.

(I used translation software for this message. If anything is unclear, please let me know and I'll try to provide a clearer explanation.)