diff --git a/charts/cluster-addons/README.md b/charts/cluster-addons/README.md
index c1de61f..0c0db5f 100644
--- a/charts/cluster-addons/README.md
+++ b/charts/cluster-addons/README.md
@@ -86,14 +86,14 @@ kubeconfigSecret:
 This chart can install either [Calico](https://docs.projectcalico.org/about/about-calico) or
 [Cilium](https://cilium.io/) as a
 [CNI plugin](https://kubernetes.io/docs/concepts/extend-kubernetes/compute-storage-net/network-plugins/)
-to provide the pod networking in a Kubernetes cluster. By default, the Cilium CNI will be
+to provide the pod networking in a Kubernetes cluster. By default, the Calico CNI will be
 installed.
 
-To switch the CNI to Calico, use the following in your Helm values:
+To switch the CNI to Cilium, use the following in your Helm values:
 
 ```yaml
 cni:
-  type: calico
+  type: cilium
 ```
 
 And to disable the installation of a CNI completely:
@@ -133,19 +133,16 @@ sections of the cloud-config file, you can use Helm values, e.g.:
 
 ```yaml
 openstack:
-  cloudConfig: |
-    [Networking]
-    public-network-name=public-internet
-
-    [LoadBalancer]
-    lb-method=LEAST_CONNECTIONS
-    create-monitor=true
-    
-    [BlockStorage]
-    ignore-volume-az=true
-
-    [Metadata]
-    search-order=metadataService
+  cloudConfig:
+    Networking:
+      public-network-name: public-internet
+    LoadBalancer:
+      lb-method: LEAST_CONNECTIONS
+      create-monitor: true
+    BlockStorage:
+      ignore-volume-az: true
+    Metadata:
+      search-order: metadataService
 ```
 
 The `[Globals]` section is populated using the given `clouds.yaml` (see "OpenStack credentials" below).
diff --git a/charts/cluster-addons/templates/cloud-config.yaml b/charts/cluster-addons/templates/cloud-config.yaml
index a4fbef0..d60deee 100644
--- a/charts/cluster-addons/templates/cloud-config.yaml
+++ b/charts/cluster-addons/templates/cloud-config.yaml
@@ -16,6 +16,12 @@ custom:
         --namespace {{ .Release.Namespace }} \
         -o jsonpath='{.status.externalNetwork.id}'
     )"
+    export INTERNAL_NETWORK_NAME="$(
+      KUBECONFIG= kubectl get openstackcluster \
+        {{ tpl .Values.clusterName . }} \
+        --namespace {{ .Release.Namespace }} \
+        -o jsonpath='{.status.network.name}'
+    )"
     {{- end }}
     gomplate --file secret.yaml.tpl | kubectl apply -f -
   delete: |
@@ -52,11 +58,15 @@ extraFiles:
         tls-insecure=true
         {{ "{{-" }} end {{ "}}" }}
         {{ "{{-" }} end {{ "}}" }}
-        {{- range $section, $items := omit .Values.openstack.cloudConfig "Global" "LoadBalancer" }}
-        [{{ $section }}]
-        {{- range $name, $value := $items }}
-        {{ $name }}={{ $value }}
+        [Networking]
+        {{- $networkingItems := default dict .Values.openstack.cloudConfig.Networking }}
+        {{- if hasKey $networkingItems "internal-network-name" }}
+        internal-network-name={{ index $networkingItems "internal-network-name" }}
+        {{- else if .Values.clusterApi }}
+        internal-network-name={{ "{{" }} .Env.INTERNAL_NETWORK_NAME {{ "}}" }}
         {{- end }}
+        {{- range $netName, $netValue := omit $networkingItems "internal-network-name" }}
+        {{ $netName }}={{ $netValue }}
         {{- end }}
         [LoadBalancer]
         {{- $lbItems := default dict .Values.openstack.cloudConfig.LoadBalancer }}
@@ -68,6 +78,18 @@ extraFiles:
         {{- range $lbName, $lbValue := omit $lbItems "floating-network-id" }}
         {{ $lbName }}={{ $lbValue }}
         {{- end }}
+        {{-
+          range $section, $items := omit
+            .Values.openstack.cloudConfig
+            "Global"
+            "LoadBalancer"
+            "Networking"
+        }}
+        [{{ $section }}]
+        {{- range $name, $value := $items }}
+        {{ $name }}={{ $value }}
+        {{- end }}
+        {{ end }}
 {{- end }}
 
 {{-