All current versions of Kubernetes restrict nodes from registering with most labels with kubernetes.io and k8s.io prefixes, specifically including the kubernetes.io/role label. If you attempt to start a node with a disallowed label, K3s will fail to start. As stated by the Kubernetes authors:
Nodes are not permitted to assert their own role labels. Node roles are typically used to identify privileged or control plane types of nodes, and allowing nodes to label themselves into that pool allows a compromised node to trivially attract workloads (like control plane daemonsets) that confer access to higher privilege credentials.
If you want to change node labels and taints after node registration, or add reserved labels, you should use kubectl. Refer to the official Kubernetes documentation for details on how to add taints and node labels.
See older background rationale for k3s not initially assigning roles by default in the past
This behavior of not-tainting was inherited from k3s, where not-tainting server nodes is the desired default, because small clusters made up entirely of all-in-one nodes is the assumed default use-case.
By default, k3s wont add this label on agents.
The k3s bosh release wrapper could set it
See https://docs.k3s.io/advanced?_highlight=role#node-labels-and-taints
See older background rationale for k3s not initially assigning roles by default in the past