Public ungleich kubernetes repository
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 

1.5 KiB

c4.k8s.ooo

HA Cluster: 3 Control-plane nodes + 4 Worker nodes

Note: files in commands are referenced from the repo root directory

controlPlaneEndpoint loadbalancer

Configured via HAProxy on router1 c4-api.k8s.ooo:6443 -> server52, server53, server54

Initialise 1st control-plane node

kubeadm init --config k8s/c4/kubeadm.yaml --upload-certs

Add CNI

kubectl apply -f cni-calico/calico.yaml

Join control-plane node 2 and 3

kubeadm join c4-api.k8s.ooo:6443 --token *.* \
--discovery-token-ca-cert-hash sha256:* --control-plane \
--certificate-key *** --cri-socket=/var/run/crio/crio.sock

Join worker nodes

kubeadm join c4-api.k8s.ooo:6443 --token *.* \
--discovery-token-ca-cert-hash sha256:* \
--cri-socket=/var/run/crio/crio.sock

Configure BGP

kubectl apply -f https://docs.projectcalico.org/manifests/calicoctl.yaml
alias calicoctl="kubectl exec -i -n kube-system calicoctl -- /calicoctl"
calicoctl create -f - < k8s/c4/bgp-c4.yaml

Rook

for yaml in crds common operator cluster storageclass-cephfs storageclass-rbd toolbox; do
    kubectl apply -f rook/${yaml}.yaml
done

Set Rook as default storage class:

kubectl patch storageclass rook-ceph-block -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}'

Get Rook admin password:

kubectl -n rook-ceph get secret rook-ceph-dashboard-password -o jsonpath="{['data']['password']}" | base64 --decode && echo