++c4
This commit is contained in:
parent
e373df63cd
commit
092eebe3cf
3 changed files with 98 additions and 0 deletions
56
k8s/c4/README.md
Normal file
56
k8s/c4/README.md
Normal file
|
@ -0,0 +1,56 @@
|
||||||
|
## c4.k8s.ooo
|
||||||
|
HA Cluster: 3 Control-plane nodes + 4 Worker nodes
|
||||||
|
|
||||||
|
Note: files in commands are referenced from the repo root directory
|
||||||
|
|
||||||
|
## controlPlaneEndpoint loadbalancer
|
||||||
|
Configured via HAProxy on router1
|
||||||
|
c4-api.k8s.ooo:6443 -> server52, server53, server54
|
||||||
|
|
||||||
|
## Initialise 1st control-plane node
|
||||||
|
```
|
||||||
|
kubeadm init --config k8s/c4/kubeadm.yaml --upload-certs
|
||||||
|
```
|
||||||
|
|
||||||
|
## Add CNI
|
||||||
|
```
|
||||||
|
kubectl apply -f cni-calico/calico.yaml
|
||||||
|
```
|
||||||
|
|
||||||
|
## Join control-plane node 2 and 3
|
||||||
|
```
|
||||||
|
kubeadm join c4-api.k8s.ooo:6443 --token *.* \
|
||||||
|
--discovery-token-ca-cert-hash sha256:* --control-plane \
|
||||||
|
--certificate-key *** --cri-socket=/var/run/crio/crio.sock
|
||||||
|
```
|
||||||
|
|
||||||
|
## Join worker nodes
|
||||||
|
```
|
||||||
|
kubeadm join c4-api.k8s.ooo:6443 --token *.* \
|
||||||
|
--discovery-token-ca-cert-hash sha256:* \
|
||||||
|
--cri-socket=/var/run/crio/crio.sock
|
||||||
|
```
|
||||||
|
|
||||||
|
## Configure BGP
|
||||||
|
```
|
||||||
|
kubectl apply -f https://docs.projectcalico.org/manifests/calicoctl.yaml
|
||||||
|
alias calicoctl="kubectl exec -i -n kube-system calicoctl -- /calicoctl"
|
||||||
|
calicoctl create -f - < k8s/c4/bgp-c4.yaml
|
||||||
|
```
|
||||||
|
|
||||||
|
## Rook
|
||||||
|
```
|
||||||
|
for yaml in crds common operator cluster storageclass-cephfs storageclass-rbd toolbox; do
|
||||||
|
kubectl apply -f rook/${yaml}.yaml
|
||||||
|
done
|
||||||
|
```
|
||||||
|
|
||||||
|
Set Rook as default storage class:
|
||||||
|
```
|
||||||
|
kubectl patch storageclass rook-ceph-block -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}'
|
||||||
|
```
|
||||||
|
|
||||||
|
Get Rook admin password:
|
||||||
|
```
|
||||||
|
kubectl -n rook-ceph get secret rook-ceph-dashboard-password -o jsonpath="{['data']['password']}" | base64 --decode && echo
|
||||||
|
```
|
21
k8s/c4/bgp-c4.yaml
Normal file
21
k8s/c4/bgp-c4.yaml
Normal file
|
@ -0,0 +1,21 @@
|
||||||
|
---
|
||||||
|
apiVersion: projectcalico.org/v3
|
||||||
|
kind: BGPConfiguration
|
||||||
|
metadata:
|
||||||
|
name: default
|
||||||
|
spec:
|
||||||
|
logSeverityScreen: Info
|
||||||
|
nodeToNodeMeshEnabled: true
|
||||||
|
asNumber: 65534
|
||||||
|
serviceClusterIPs:
|
||||||
|
- cidr: 2a0a:e5c0:13:f2::/108
|
||||||
|
serviceExternalIPs:
|
||||||
|
- cidr: 2a0a:e5c0:13:f2::/108
|
||||||
|
---
|
||||||
|
apiVersion: projectcalico.org/v3
|
||||||
|
kind: BGPPeer
|
||||||
|
metadata:
|
||||||
|
name: red-place7
|
||||||
|
spec:
|
||||||
|
peerIP: 2a0a:e5c0:13::42
|
||||||
|
asNumber: 213081
|
21
k8s/c4/kubeadm.yaml
Normal file
21
k8s/c4/kubeadm.yaml
Normal file
|
@ -0,0 +1,21 @@
|
||||||
|
kind: InitConfiguration
|
||||||
|
apiVersion: kubeadm.k8s.io/v1beta2
|
||||||
|
localAPIEndpoint:
|
||||||
|
bindPort: 6443
|
||||||
|
nodeRegistration:
|
||||||
|
criSocket: "unix:///var/run/crio/crio.sock"
|
||||||
|
kubeletExtraArgs:
|
||||||
|
cgroup-driver: "cgroupfs"
|
||||||
|
---
|
||||||
|
kind: ClusterConfiguration
|
||||||
|
apiVersion: kubeadm.k8s.io/v1beta2
|
||||||
|
kubernetesVersion: v1.21.1
|
||||||
|
networking:
|
||||||
|
dnsDomain: c4.k8s.ooo
|
||||||
|
podSubnet: 2a0a:e5c0:13:f1::/64
|
||||||
|
serviceSubnet: 2a0a:e5c0:13:f2::/108
|
||||||
|
controlPlaneEndpoint: "c4-api.k8s.ooo:6443"
|
||||||
|
---
|
||||||
|
kind: KubeletConfiguration
|
||||||
|
apiVersion: kubelet.config.k8s.io/v1beta1
|
||||||
|
cgroupDriver: cgroupfs
|
Loading…
Reference in a new issue