I set up a kubeadm cluster on Hetzner Cloud last week. It broke in 6 different ways before it worked. Here's every error, every fix, and the exact commands that solved each one. TL;DR: conntrack not installed, private NIC named enp7s0 not eth1 , Falcosidekick nil pointer crash on missing secret, fluent-bit chart deprecated (use Promtail), Loki distributed defaults breaking on a two-node cluster (use SingleBinary + emptyDir), cpx21/cx32 unavailable in nbg1 (used cpx32/cpx22). All fixed. Commands below. The Setup Two-node kubeadm cluster on Hetzner Cloud ( nbg1 region): Control plane: cpx32 — 4 vCPU, 8GB RAM, Ubuntu 22.04 Worker node: cpx22 — 3 vCPU, 4GB RAM, Ubuntu 22.04 Private network enabled (Hetzner Cloud Networks) CNI: Flannel Goal: foundation for a Kubernetes security detection stack — Falco, Loki, Grafana, Trivy Operator, kube-bench Break 1 — The Node Types I Wanted Didn't Exist What happened I planned around cpx21 (control plane) and cx32 (worker).…