diff --git a/control_planes.tf b/control_planes.tf
index d39047f..927becf 100644
--- a/control_planes.tf
+++ b/control_planes.tf
@@ -43,19 +43,26 @@ resource "null_resource" "control_planes" {
 
   # Generating k3s server config file
   provisioner "file" {
-    content = yamlencode({
+    content = yamlencode(merge({
       node-name                = module.control_planes[count.index].name
       server                   = "https://${element(module.control_planes.*.private_ipv4_address, count.index > 0 ? 0 : 1)}:6443"
       token                    = random_password.k3s_token.result
       disable-cloud-controller = true
       disable                  = local.disable_extras
-      flannel-iface            = "eth1"
       kubelet-arg              = "cloud-provider=external"
       node-ip                  = module.control_planes[count.index].private_ipv4_address
       advertise-address        = module.control_planes[count.index].private_ipv4_address
       node-taint               = var.allow_scheduling_on_control_plane ? [] : ["node-role.kubernetes.io/master:NoSchedule"]
       node-label               = var.automatically_upgrade_k3s ? ["k3s_upgrade=true"] : []
-    })
+      },
+      var.cni_plugin == "flannel" ? {
+        flannel-iface = "eth1"
+      } : {},
+      var.cni_plugin == "calico" ? {
+        flannel-backend             = "none",
+        disable-network-policy      = true,
+        kube-controller-manager-arg = "flex-volume-plugin-dir=/var/lib/kubelet/volumeplugins/nodeagent~uds",
+    } : {}))
     destination = "/tmp/config.yaml"
   }
 
diff --git a/init.tf b/init.tf
index 1e8eb7e..1f48f67 100644
--- a/init.tf
+++ b/init.tf
@@ -8,19 +8,26 @@ resource "null_resource" "first_control_plane" {
 
   # Generating k3s master config file
   provisioner "file" {
-    content = yamlencode({
+    content = yamlencode(merge({
       node-name                = module.control_planes[0].name
       token                    = random_password.k3s_token.result
       cluster-init             = true
       disable-cloud-controller = true
       disable                  = local.disable_extras
-      flannel-iface            = "eth1"
       kubelet-arg              = "cloud-provider=external"
       node-ip                  = module.control_planes[0].private_ipv4_address
       advertise-address        = module.control_planes[0].private_ipv4_address
       node-taint               = var.allow_scheduling_on_control_plane ? [] : ["node-role.kubernetes.io/master:NoSchedule"]
       node-label               = var.automatically_upgrade_k3s ? ["k3s_upgrade=true"] : []
-    })
+      },
+      var.cni_plugin == "flannel" ? {
+        flannel-iface = "eth1"
+      } : {},
+      var.cni_plugin == "calico" ? {
+        flannel-backend             = "none",
+        disable-network-policy      = true,
+        kube-controller-manager-arg = "flex-volume-plugin-dir=/var/lib/kubelet/volumeplugins/nodeagent~uds",
+    } : {}))
     destination = "/tmp/config.yaml"
   }
 
@@ -79,12 +86,13 @@ resource "null_resource" "kustomization" {
         "https://raw.githubusercontent.com/hetznercloud/csi-driver/${local.csi_version}/deploy/kubernetes/hcloud-csi.yml",
         "https://github.com/weaveworks/kured/releases/download/${local.kured_version}/kured-${local.kured_version}-dockerhub.yaml",
         "https://raw.githubusercontent.com/rancher/system-upgrade-controller/master/manifests/system-upgrade-controller.yaml",
-      ], local.is_single_node_cluster ? [] : var.traefik_enabled ? ["traefik.yaml"] : []),
-      patchesStrategicMerge = [
+        ], local.is_single_node_cluster ? [] : var.traefik_enabled ? ["traefik.yaml"] : []
+      , var.cni_plugin == "calico" ? ["https://projectcalico.docs.tigera.io/manifests/calico.yaml"] : []),
+      patchesStrategicMerge = concat([
         file("${path.module}/kustomize/kured.yaml"),
         file("${path.module}/kustomize/ccm.yaml"),
         file("${path.module}/kustomize/system-upgrade-controller.yaml")
-      ]
+      ], var.cni_plugin == "calico" ? [file("${path.module}/kustomize/calico-coreos.yaml")] : [])
     })
     destination = "/tmp/post_install/kustomization.yaml"
   }
diff --git a/kustomize/calico-coreos.yaml b/kustomize/calico-coreos.yaml
new file mode 100644
index 0000000..8d12edd
--- /dev/null
+++ b/kustomize/calico-coreos.yaml
@@ -0,0 +1,16 @@
+kind: DaemonSet
+apiVersion: apps/v1
+metadata:
+  name: calico-node
+  namespace: kube-system
+  labels:
+    k8s-app: calico-node
+spec:
+  template:
+    spec:
+      volumes:
+        # Used to install Flex Volume Driver
+        - name: flexvol-driver-host
+          hostPath:
+            type: DirectoryOrCreate
+            path: /var/lib/kubelet/volumeplugins/nodeagent~uds/uds
\ No newline at end of file
diff --git a/terraform.tfvars.example b/terraform.tfvars.example
index 4340743..6609759 100644
--- a/terraform.tfvars.example
+++ b/terraform.tfvars.example
@@ -97,3 +97,7 @@ load_balancer_type        = "lb11"
 # If you want to configure additional Arguments for traefik, enter them here as a list and in the form of traefik CLI arguments; see https://doc.traefik.io/traefik/reference/static-configuration/cli/
 # Example: traefik_additional_options = ["--log.level=DEBUG", "--tracing=true"]
 # traefik_additional_options = []
+
+# If you want to configure a different CNI for k3s, use this flag
+# possible values: flannel (Default), calico
+# cni_plugin = "flannel"
\ No newline at end of file
diff --git a/variables.tf b/variables.tf
index 2b5a694..b023b6d 100644
--- a/variables.tf
+++ b/variables.tf
@@ -144,3 +144,9 @@ variable "traefik_additional_options" {
   default = []
 
 }
+
+variable "cni_plugin" {
+  type        = string
+  default     = "flannel"
+  description = "CNI plugin for k3s"
+}