Issue setting up kube-vip and Cilium

[romelBen]

Hey all. I am having issues when Cilium is being installed and was wondering what could be causing this.

My error:
(item=daemonset/cilium) => {"ansible_loop_var": "item", "attempts": 30, "changed": false, "cmd": ["k3s", "kubectl", "wait", "pods", "--namespace=kube-system", "--selector=k8s-app=cilium", "--for=condition=Ready", "--timeout=30s"], "delta": "0:00:00.403599", "end": "2024-07-10 22:13:56.621218", "item": {"name": "cilium", "selector": "k8s-app=cilium", "type": "daemonset"}, "msg": "non-zero return code", "rc": 1, "start": "2024-07-10 22:13:56.217619", "stderr": "The connection to the server 127.0.0.1:6443 was refused - did you specify the right host or port?", "stderr_lines": ["The connection to the server 127.0.0.1:6443 was refused - did you specify the right host or port?"], "stdout": "", "stdout_lines": []}

And my all.yaml file:

---
k3s_version: v1.29.2+k3s1
# this is the user that has ssh access to these machines
systemd_dir: /etc/systemd/system

# Set your timezone
system_timezone: "America/Chicago"

# interface which will be used for flannel
flannel_iface: "eth0"

# uncomment cilium_iface to use cilium cni instead of flannel or calico
# ensure v4.19.57, v5.1.16, v5.2.0 or more recent kernel
cilium_iface: "eth0"
cilium_mode: "native"      # native when nodes on same subnet or using bgp, else set routed
cilium_tag: "v1.15.2"        # cilium version tag
cilium_hubble: true         # enable hubble observability relay and ui

# if using calico or cilium, you may specify the cluster pod cidr pool
cluster_cidr: "10.52.0.0/16"

# enable cilium bgp control plane for lb services and pod cidrs. disables metallb.
cilium_bgp: false

# bgp parameters for cilium cni. only active when cilium_iface is defined and cilium_bgp is true.
cilium_bgp_my_asn: "64513"
cilium_bgp_peer_asn: "64512"
cilium_bgp_peer_address: "192.168.30.1"
cilium_bgp_lb_cidr: "192.168.31.0/24"   # cidr for cilium loadbalancer ipam

# apiserver_endpoint is virtual ip-address which will be configured on each master
apiserver_endpoint: "192.168.30.221"

# k3s_token is required  masters can talk together securely
# this token should be alpha numeric only
k3s_token: "super_duper_token"

# The IP on which the node is reachable in the cluster.
# Here, a sensible default is provided, you can still override
# it for each of your hosts, though.
k3s_node_ip: "{{ ansible_facts[(cilium_iface | default(calico_iface | default(flannel_iface)))]['ipv4']['address'] }}"

# Disable the taint manually by setting: k3s_master_taint = false
k3s_master_taint: "{{ true if groups['node'] | default([]) | length >= 1 else false }}"

# these arguments are recommended for servers as well as agents:
extra_args: >-
  {{ '--flannel-iface=' + flannel_iface if calico_iface is not defined and cilium_iface is not defined else '' }}
  --node-ip={{ k3s_node_ip }}

# change these to your liking, the only required are: --disable servicelb, --tls-san {{ apiserver_endpoint }}
# the contents of the if block is also required if using calico or cilium
extra_server_args: >-
  {{ extra_args }}
  {{ '--node-taint node-role.kubernetes.io/master=true:NoSchedule' if k3s_master_taint else '' }}
  {% if calico_iface is defined or cilium_iface is defined %}
  --flannel-backend=none
  --disable-network-policy
  --cluster-cidr={{ cluster_cidr | default('10.52.0.0/16') }}
  {% endif %}
  --tls-san {{ apiserver_endpoint }}
  --disable servicelb
  --disable traefik

extra_agent_args: >-
  {{ extra_args }}

# image tag for kube-vip
kube_vip_tag_version: "v0.7.2"

# tag for kube-vip-cloud-provider manifest
kube_vip_cloud_provider_tag_version: "main"

# kube-vip ip range for load balancer
# (uncomment to use kube-vip for services instead of MetalLB)
kube_vip_lb_ip_range: "192.168.30.200-192.168.30.220"

I'm certain this has to be with my Unifi firewall. Weirdly enough, it was working before but now it is not. Would like any help.