diff --git a/README.md b/README.md
index dfdaa9b..cfe58fb 100644
--- a/README.md
+++ b/README.md
@@ -55,7 +55,16 @@ Whether to remove the taint that denies pods from being deployed to the Kubernet
 
 Whether to enable the Kubernetes web dashboard UI (only accessible on the master itself, or proxied), and the file containing the web dashboard UI manifest.
 
-    kubernetes_pod_network_cidr: '10.244.0.0/16'
+kubernetes_pod_network:
+  # Flannel CNI.
+  cni: 'flannel'
+  cidr: '10.244.0.0/16'
+  # Calico CNI.
+  # cni: 'calico'
+  # cidr: '192.168.0.0/16'
+
+This role currently supports `flannel` (default) or `calico` for cluster pod networking. Choose one or the other for your cluster; converting between the two is not done automatically and could result in broken networking, and should be done outside of this role.
+
     kubernetes_apiserver_advertise_address: ''
     kubernetes_version_kubeadm: 'stable-{{ kubernetes_version }}'
     kubernetes_ignore_preflight_errors: 'all'
diff --git a/defaults/main.yml b/defaults/main.yml
index 701bb08..cf48888 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -22,12 +22,14 @@ kubernetes_allow_pods_on_master: true
 kubernetes_enable_web_ui: true
 kubernetes_web_ui_manifest_file: https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.1/src/deploy/recommended/kubernetes-dashboard.yaml
 
-kubernetes_cni: 'calico'
 kubernetes_pod_network:
-  - name: 'flannel'
-    cidr: '10.244.0.0/16'
-  - name: 'calico'
-    cidr: '192.168.0.0/16'
+  # Flannel CNI.
+  cni: 'flannel'
+  cidr: '10.244.0.0/16'
+  # Calico CNI.
+  # cni: 'calico'
+  # cidr: '192.168.0.0/16'
+
 kubernetes_apiserver_advertise_address: ''
 kubernetes_version_kubeadm: 'stable-{{ kubernetes_version }}'
 kubernetes_ignore_preflight_errors: 'all'
diff --git a/tasks/master-setup.yml b/tasks/master-setup.yml
index a91ff24..99c1af1 100644
--- a/tasks/master-setup.yml
+++ b/tasks/master-setup.yml
@@ -2,7 +2,7 @@
 - name: Initialize Kubernetes master with kubeadm init.
   command: >
     kubeadm init
-    --pod-network-cidr={{ item.cidr }}
+    --pod-network-cidr={{ kubernetes_pod_network.cidr }}
     --apiserver-advertise-address={{ kubernetes_apiserver_advertise_address | default(ansible_default_ipv4.address, true) }}
     --kubernetes-version {{ kubernetes_version_kubeadm }}
     --ignore-preflight-errors={{ kubernetes_ignore_preflight_errors }}
@@ -36,7 +36,7 @@
     - kubectl apply -f {{ kubernetes_flannel_manifest_file }}
   register: flannel_result
   changed_when: "'created' in flannel_result.stdout"
-  when: kubernetes_cni == 'flannel'
+  when: kubernetes_pod_network.cni == 'flannel'
 
 - name: Configure Calico networking.
   command: "{{ item }}"
@@ -44,7 +44,7 @@
     - kubectl apply -f {{ kubernetes_calico_manifest_file }}
   register: calico_result
   changed_when: "'created' in calico_result.stdout"
-  when: kubernetes_cni == 'calico'
+  when: kubernetes_pod_network.cni == 'calico'
 
 # TODO: Check if taint exists with something like `kubectl describe nodes`
 # instead of using kubernetes_init_stat.stat.exists check.