## c4.k8s.ooo
HA Cluster: 3 Control-plane nodes + 4 Worker nodes

Note: files in commands are referenced from the repo root directory

## controlPlaneEndpoint loadbalancer
Configured via HAProxy on router1
c4-api.k8s.ooo:6443 -> server52, server53, server54

## Initialise 1st control-plane node
```
kubeadm init --config k8s/c4/kubeadm.yaml --upload-certs
```

## Add CNI
```
kubectl apply -f cni-calico/calico.yaml
```

## Join control-plane node 2 and 3
```
kubeadm join c4-api.k8s.ooo:6443 --token *.* \
--discovery-token-ca-cert-hash sha256:* --control-plane \
--certificate-key *** --cri-socket=/var/run/crio/crio.sock
```

## Join worker nodes
```
kubeadm join c4-api.k8s.ooo:6443 --token *.* \
--discovery-token-ca-cert-hash sha256:* \
--cri-socket=/var/run/crio/crio.sock
```

## Configure BGP
```
kubectl apply -f https://docs.projectcalico.org/manifests/calicoctl.yaml
alias calicoctl="kubectl exec -i -n kube-system calicoctl -- /calicoctl"
calicoctl create -f - < k8s/c4/bgp-c4.yaml
```

## Rook
```
for yaml in crds common operator cluster storageclass-cephfs storageclass-rbd toolbox; do
    kubectl apply -f rook/${yaml}.yaml
done
```

Set Rook as default storage class:
```
kubectl patch storageclass rook-ceph-block -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}'
```

Get Rook admin password:
```
kubectl -n rook-ceph get secret rook-ceph-dashboard-password -o jsonpath="{['data']['password']}" | base64 --decode && echo
```