kubeadm init 问题 - 无法执行 'docker info'
kubeadm init issue - cannot execute 'docker info'
我试图在 RHEL 7 机器上设置 Kubernetes 集群。尝试初始化 Kubernetes 控制平面节点时,我在 运行 以下 kubeadm init 命令时遇到问题:
[root@spsvm ~]# swapoff -a
[root@spsvm ~]# kubeadm init
[init] Using Kubernetes version: v1.15.3
[preflight] Running pre-flight checks
[WARNING HTTPProxy]: Connection to "https://15.153.133.183" uses proxy "http://16.167.28.199:8080". If that is not intended, adjust your proxy settings
[WARNING HTTPProxyCIDR]: connection to "10.96.0.0/12" uses proxy "http://16.167.28.199:8080". This may lead to malfunctional cluster setup. Make sure that Pod and Services IP ranges specified correctly as exceptions in proxy configuration
error execution phase preflight: [preflight] Some fatal errors occurred:
[ERROR IsDockerSystemdCheck]: cannot execute 'docker info': exit status 125
[preflight] If you know what you are doing, you can make a check non-fatal with `--ignore-preflight-errors=...`
[root@spsvm ~]#
尝试 运行 使用 'v' 开关
更详细的上述命令
[root@spsvm downloads]# kubeadm init --v=5
I0908 06:44:50.424152 175092 initconfiguration.go:105] detected and using CRI socket: /var/run/dockershim.sock
I0908 06:44:50.424335 175092 interface.go:384] Looking for default routes with IPv4 addresses
I0908 06:44:50.424342 175092 interface.go:389] Default route transits interface "ens192"
I0908 06:44:50.424449 175092 interface.go:196] Interface ens192 is up
I0908 06:44:50.424485 175092 interface.go:244] Interface "ens192" has 2 addresses :[15.153.133.183/23 fe80::20c:29ff:fe06:bddb/64].
I0908 06:44:50.424502 175092 interface.go:211] Checking addr 15.153.133.183/23.
I0908 06:44:50.424509 175092 interface.go:218] IP found 15.153.133.183
I0908 06:44:50.424516 175092 interface.go:250] Found valid IPv4 address 15.153.133.183 for interface "ens192".
I0908 06:44:50.424521 175092 interface.go:395] Found active IP 15.153.133.183
I0908 06:44:50.424570 175092 version.go:179] fetching Kubernetes version from URL: https://dl.k8s.io/release/stable-1.txt
I0908 06:44:51.470749 175092 feature_gate.go:216] feature gates: &{map[]}
[init] Using Kubernetes version: v1.15.3
[preflight] Running pre-flight checks
I0908 06:44:51.470982 175092 checks.go:581] validating Kubernetes and kubeadm version
I0908 06:44:51.471005 175092 checks.go:172] validating if the firewall is enabled and active
I0908 06:44:51.476824 175092 checks.go:209] validating availability of port 6443
I0908 06:44:51.476941 175092 checks.go:209] validating availability of port 10251
I0908 06:44:51.476959 175092 checks.go:209] validating availability of port 10252
I0908 06:44:51.476977 175092 checks.go:292] validating the existence of file /etc/kubernetes/manifests/kube-apiserver.yaml
I0908 06:44:51.476986 175092 checks.go:292] validating the existence of file /etc/kubernetes/manifests/kube-controller-manager.yaml
I0908 06:44:51.476992 175092 checks.go:292] validating the existence of file /etc/kubernetes/manifests/kube-scheduler.yaml
I0908 06:44:51.476998 175092 checks.go:292] validating the existence of file /etc/kubernetes/manifests/etcd.yaml
I0908 06:44:51.477006 175092 checks.go:439] validating if the connectivity type is via proxy or direct
[WARNING HTTPProxy]: Connection to "https://<HOST IP Address>" uses proxy "http://<PROXY-SERVER>:8080". If that is not intended, adjust your proxy settings
I0908 06:44:51.477058 175092 checks.go:475] validating http connectivity to first IP address in the CIDR
[WARNING HTTPProxyCIDR]: connection to "10.96.0.0/12" uses proxy "http://<PROXY-SERVER>:8080". This may lead to malfunctional cluster setup. Make sure that Pod and Services IP ranges specified correctly as exceptions in proxy configuration
I0908 06:44:51.477087 175092 checks.go:475] validating http connectivity to first IP address in the CIDR
I0908 06:44:51.477097 175092 checks.go:105] validating the container runtime
I0908 06:44:51.504454 175092 checks.go:131] validating if the service is enabled and active
I0908 06:44:51.524856 175092 checks.go:341] validating the contents of file /proc/sys/net/bridge/bridge-nf-call-iptables
I0908 06:44:51.524893 175092 checks.go:341] validating the contents of file /proc/sys/net/ipv4/ip_forward
I0908 06:44:51.524916 175092 checks.go:653] validating whether swap is enabled or not
I0908 06:44:51.524938 175092 checks.go:382] validating the presence of executable ip
I0908 06:44:51.524955 175092 checks.go:382] validating the presence of executable iptables
I0908 06:44:51.524968 175092 checks.go:382] validating the presence of executable mount
I0908 06:44:51.524982 175092 checks.go:382] validating the presence of executable nsenter
I0908 06:44:51.524993 175092 checks.go:382] validating the presence of executable ebtables
I0908 06:44:51.525001 175092 checks.go:382] validating the presence of executable ethtool
I0908 06:44:51.525010 175092 checks.go:382] validating the presence of executable socat
I0908 06:44:51.525019 175092 checks.go:382] validating the presence of executable tc
I0908 06:44:51.525028 175092 checks.go:382] validating the presence of executable touch
I0908 06:44:51.525038 175092 checks.go:524] running all checks
I0908 06:44:51.543276 175092 checks.go:412] checking whether the given node name is reachable using net.LookupHost
I0908 06:44:51.543437 175092 checks.go:622] validating kubelet version
I0908 06:44:51.592115 175092 checks.go:131] validating if the service is enabled and active
I0908 06:44:51.597838 175092 checks.go:209] validating availability of port 10250
I0908 06:44:51.597891 175092 checks.go:209] validating availability of port 2379
I0908 06:44:51.597908 175092 checks.go:209] validating availability of port 2380
I0908 06:44:51.597928 175092 checks.go:254] validating the existence and emptiness of directory /var/lib/etcd
error execution phase preflight: [preflight] Some fatal errors occurred:
[ERROR IsDockerSystemdCheck]: cannot execute 'docker info': exit status 125
[preflight] If you know what you are doing, you can make a check non-fatal with `--ignore-preflight-errors=...`
[root@spsvm downloads]#
还尝试重新启动 docker 守护进程。
[root@spsvm ~]# systemctl status docker.service
● docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)
Drop-In: /etc/systemd/system/docker.service.d
└─http-proxy.conf, https-proxy.conf
Active: active (running) since Sun 2019-09-08 06:42:41 Asia; 2h 6min ago
Docs: http://docs.docker.com
Main PID: 173154 (dockerd-current)
Tasks: 28
CGroup: /system.slice/docker.service
├─173154 /usr/bin/dockerd-current --add-runtime docker-runc=/usr/libexec/docker/docker-runc-current --default-runtime=docker-runc --authori...
└─173169 /usr/bin/docker-containerd-current -l unix:///var/run/docker/libcontainerd/docker-containerd.sock --shim docker-containerd-shim --...
Sep 08 06:42:41 spsvm dockerd-current[173154]: time="2019-09-08T12:12:41.321838429+05:30" level=warning msg="Docker could not enable SELinux o... system"
Sep 08 06:42:41 spsvm dockerd-current[173154]: time="2019-09-08T12:12:41.336305582+05:30" level=info msg="Graph migration to content-addressab...seconds"
Sep 08 06:42:41 spsvm dockerd-current[173154]: time="2019-09-08T12:12:41.336782562+05:30" level=info msg="Loading containers: start."
Sep 08 06:42:41 spsvm dockerd-current[173154]: ........time="2019-09-08T12:12:41.343866103+05:30" level=info msg="Firewalld running: false"
Sep 08 06:42:41 spsvm dockerd-current[173154]: time="2019-09-08T12:12:41.419818528+05:30" level=info msg="Default bridge (docker0) is assigned...address"
Sep 08 06:42:41 spsvm dockerd-current[173154]: time="2019-09-08T12:12:41.446802255+05:30" level=info msg="Loading containers: done."
Sep 08 06:42:41 spsvm dockerd-current[173154]: time="2019-09-08T12:12:41.446846947+05:30" level=info msg="Daemon has completed initialization"
Sep 08 06:42:41 spsvm dockerd-current[173154]: time="2019-09-08T12:12:41.446859216+05:30" level=info msg="Docker daemon" commit="ec8512b/1.12....n=1.12.6
Sep 08 06:42:41 spsvm dockerd-current[173154]: time="2019-09-08T12:12:41.452889758+05:30" level=info msg="API listen on /var/run/docker.sock"
Sep 08 06:42:41 spsvm systemd[1]: Started Docker Application Container Engine.
Hint: Some lines were ellipsized, use -l to show in full.
[root@spsvm ~]#
[root@spsvm ~]# docker info
Containers: 8
Running: 0
Paused: 0
Stopped: 8
Images: 49
Server Version: 1.12.6
Storage Driver: devicemapper
Pool Name: docker-253:5-393385-pool
Pool Blocksize: 65.54 kB
Base Device Size: 10.74 GB
Backing Filesystem: xfs
Data file: /dev/loop1
Metadata file: /dev/loop2
Data Space Used: 2.788 GB
Data Space Total: 107.4 GB
Data Space Available: 27.15 GB
Metadata Space Used: 3.555 MB
Metadata Space Total: 2.147 GB
Metadata Space Available: 2.144 GB
Thin Pool Minimum Free Space: 10.74 GB
Udev Sync Supported: true
Deferred Removal Enabled: true
Deferred Deletion Enabled: true
Deferred Deleted Device Count: 0
Data loop file: /var/lib/docker/devicemapper/devicemapper/data
WARNING: Usage of loopback devices is strongly discouraged for production use. Use `--storage-opt dm.thinpooldev` to specify a custom block storage device.
Metadata loop file: /var/lib/docker/devicemapper/devicemapper/metadata
Library Version: 1.02.146-RHEL7 (2018-01-22)
Logging Driver: journald
Cgroup Driver: systemd
Plugins:
Volume: local
Network: host null bridge overlay
Authorization: rhel-push-plugin
Swarm: inactive
Runtimes: docker-runc runc
Default Runtime: docker-runc
Security Options: seccomp
Kernel Version: 3.10.0-514.el7.x86_64
Operating System: Red Hat Enterprise Linux Server 7.5 (Maipo)
OSType: linux
Architecture: x86_64
Number of Docker Hooks: 3
CPUs: 8
Total Memory: 62.76 GiB
Name: spsvm
ID: X4AE:GQ3M:HUOW:HL2E:SI2N:OIF6:V6Y6:NITI:FD5Q:CFZ4:ZDUY:HFFV
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Http Proxy: http://<PROXY-SERVER>:8080
Https Proxy: https://<PROXY-SERVER>:8080
Registry: https://registry.access.redhat.com/v1/
Insecure Registries:
127.0.0.0/8
Registries: registry.access.redhat.com (secure), docker.io (secure)
[root@spsvm ~]#
从上述命令的输出中,注意:
[ERROR IsDockerSystemdCheck]: cannot execute 'docker info': exit status 125
我们安装了 docker,docker 守护程序是 运行。
我还能够执行各种 docker 命令,包括 docker 信息。这是权限问题吗?不知道从哪里可以解决 kubeadm 报告的这个错误?
你能试试吗
kubeadm init --ignore-preflight-errors=cri
您是否尝试过使用 kubeadm init 多次,如果是,请重置 kubeadm 并尝试
你的docker安装好像是1.12.6版本,从中可以看出:
Server Version: 1.12.6
并且您正在尝试创建版本为 1.15.3:
的集群
Using Kubernetes version: v1.15.3
在Kubernetes 1.15 release notes中,声明kubeadm的最低支持版本Docker被提升到1.13.1:
kubeadm: Bumped the minimum supported Docker version to 1.13.1
因此,我建议的第一件事是将 Docker 升级到最新且受支持的版本,即 18.09:
The list of validated docker versions remains unchanged.
The current list is 1.13.1, 17.03, 17.06, 17.09, 18.06, 18.09.
我试图在 RHEL 7 机器上设置 Kubernetes 集群。尝试初始化 Kubernetes 控制平面节点时,我在 运行 以下 kubeadm init 命令时遇到问题:
[root@spsvm ~]# swapoff -a
[root@spsvm ~]# kubeadm init
[init] Using Kubernetes version: v1.15.3
[preflight] Running pre-flight checks
[WARNING HTTPProxy]: Connection to "https://15.153.133.183" uses proxy "http://16.167.28.199:8080". If that is not intended, adjust your proxy settings
[WARNING HTTPProxyCIDR]: connection to "10.96.0.0/12" uses proxy "http://16.167.28.199:8080". This may lead to malfunctional cluster setup. Make sure that Pod and Services IP ranges specified correctly as exceptions in proxy configuration
error execution phase preflight: [preflight] Some fatal errors occurred:
[ERROR IsDockerSystemdCheck]: cannot execute 'docker info': exit status 125
[preflight] If you know what you are doing, you can make a check non-fatal with `--ignore-preflight-errors=...`
[root@spsvm ~]#
尝试 运行 使用 'v' 开关
更详细的上述命令[root@spsvm downloads]# kubeadm init --v=5
I0908 06:44:50.424152 175092 initconfiguration.go:105] detected and using CRI socket: /var/run/dockershim.sock
I0908 06:44:50.424335 175092 interface.go:384] Looking for default routes with IPv4 addresses
I0908 06:44:50.424342 175092 interface.go:389] Default route transits interface "ens192"
I0908 06:44:50.424449 175092 interface.go:196] Interface ens192 is up
I0908 06:44:50.424485 175092 interface.go:244] Interface "ens192" has 2 addresses :[15.153.133.183/23 fe80::20c:29ff:fe06:bddb/64].
I0908 06:44:50.424502 175092 interface.go:211] Checking addr 15.153.133.183/23.
I0908 06:44:50.424509 175092 interface.go:218] IP found 15.153.133.183
I0908 06:44:50.424516 175092 interface.go:250] Found valid IPv4 address 15.153.133.183 for interface "ens192".
I0908 06:44:50.424521 175092 interface.go:395] Found active IP 15.153.133.183
I0908 06:44:50.424570 175092 version.go:179] fetching Kubernetes version from URL: https://dl.k8s.io/release/stable-1.txt
I0908 06:44:51.470749 175092 feature_gate.go:216] feature gates: &{map[]}
[init] Using Kubernetes version: v1.15.3
[preflight] Running pre-flight checks
I0908 06:44:51.470982 175092 checks.go:581] validating Kubernetes and kubeadm version
I0908 06:44:51.471005 175092 checks.go:172] validating if the firewall is enabled and active
I0908 06:44:51.476824 175092 checks.go:209] validating availability of port 6443
I0908 06:44:51.476941 175092 checks.go:209] validating availability of port 10251
I0908 06:44:51.476959 175092 checks.go:209] validating availability of port 10252
I0908 06:44:51.476977 175092 checks.go:292] validating the existence of file /etc/kubernetes/manifests/kube-apiserver.yaml
I0908 06:44:51.476986 175092 checks.go:292] validating the existence of file /etc/kubernetes/manifests/kube-controller-manager.yaml
I0908 06:44:51.476992 175092 checks.go:292] validating the existence of file /etc/kubernetes/manifests/kube-scheduler.yaml
I0908 06:44:51.476998 175092 checks.go:292] validating the existence of file /etc/kubernetes/manifests/etcd.yaml
I0908 06:44:51.477006 175092 checks.go:439] validating if the connectivity type is via proxy or direct
[WARNING HTTPProxy]: Connection to "https://<HOST IP Address>" uses proxy "http://<PROXY-SERVER>:8080". If that is not intended, adjust your proxy settings
I0908 06:44:51.477058 175092 checks.go:475] validating http connectivity to first IP address in the CIDR
[WARNING HTTPProxyCIDR]: connection to "10.96.0.0/12" uses proxy "http://<PROXY-SERVER>:8080". This may lead to malfunctional cluster setup. Make sure that Pod and Services IP ranges specified correctly as exceptions in proxy configuration
I0908 06:44:51.477087 175092 checks.go:475] validating http connectivity to first IP address in the CIDR
I0908 06:44:51.477097 175092 checks.go:105] validating the container runtime
I0908 06:44:51.504454 175092 checks.go:131] validating if the service is enabled and active
I0908 06:44:51.524856 175092 checks.go:341] validating the contents of file /proc/sys/net/bridge/bridge-nf-call-iptables
I0908 06:44:51.524893 175092 checks.go:341] validating the contents of file /proc/sys/net/ipv4/ip_forward
I0908 06:44:51.524916 175092 checks.go:653] validating whether swap is enabled or not
I0908 06:44:51.524938 175092 checks.go:382] validating the presence of executable ip
I0908 06:44:51.524955 175092 checks.go:382] validating the presence of executable iptables
I0908 06:44:51.524968 175092 checks.go:382] validating the presence of executable mount
I0908 06:44:51.524982 175092 checks.go:382] validating the presence of executable nsenter
I0908 06:44:51.524993 175092 checks.go:382] validating the presence of executable ebtables
I0908 06:44:51.525001 175092 checks.go:382] validating the presence of executable ethtool
I0908 06:44:51.525010 175092 checks.go:382] validating the presence of executable socat
I0908 06:44:51.525019 175092 checks.go:382] validating the presence of executable tc
I0908 06:44:51.525028 175092 checks.go:382] validating the presence of executable touch
I0908 06:44:51.525038 175092 checks.go:524] running all checks
I0908 06:44:51.543276 175092 checks.go:412] checking whether the given node name is reachable using net.LookupHost
I0908 06:44:51.543437 175092 checks.go:622] validating kubelet version
I0908 06:44:51.592115 175092 checks.go:131] validating if the service is enabled and active
I0908 06:44:51.597838 175092 checks.go:209] validating availability of port 10250
I0908 06:44:51.597891 175092 checks.go:209] validating availability of port 2379
I0908 06:44:51.597908 175092 checks.go:209] validating availability of port 2380
I0908 06:44:51.597928 175092 checks.go:254] validating the existence and emptiness of directory /var/lib/etcd
error execution phase preflight: [preflight] Some fatal errors occurred:
[ERROR IsDockerSystemdCheck]: cannot execute 'docker info': exit status 125
[preflight] If you know what you are doing, you can make a check non-fatal with `--ignore-preflight-errors=...`
[root@spsvm downloads]#
还尝试重新启动 docker 守护进程。
[root@spsvm ~]# systemctl status docker.service
● docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)
Drop-In: /etc/systemd/system/docker.service.d
└─http-proxy.conf, https-proxy.conf
Active: active (running) since Sun 2019-09-08 06:42:41 Asia; 2h 6min ago
Docs: http://docs.docker.com
Main PID: 173154 (dockerd-current)
Tasks: 28
CGroup: /system.slice/docker.service
├─173154 /usr/bin/dockerd-current --add-runtime docker-runc=/usr/libexec/docker/docker-runc-current --default-runtime=docker-runc --authori...
└─173169 /usr/bin/docker-containerd-current -l unix:///var/run/docker/libcontainerd/docker-containerd.sock --shim docker-containerd-shim --...
Sep 08 06:42:41 spsvm dockerd-current[173154]: time="2019-09-08T12:12:41.321838429+05:30" level=warning msg="Docker could not enable SELinux o... system"
Sep 08 06:42:41 spsvm dockerd-current[173154]: time="2019-09-08T12:12:41.336305582+05:30" level=info msg="Graph migration to content-addressab...seconds"
Sep 08 06:42:41 spsvm dockerd-current[173154]: time="2019-09-08T12:12:41.336782562+05:30" level=info msg="Loading containers: start."
Sep 08 06:42:41 spsvm dockerd-current[173154]: ........time="2019-09-08T12:12:41.343866103+05:30" level=info msg="Firewalld running: false"
Sep 08 06:42:41 spsvm dockerd-current[173154]: time="2019-09-08T12:12:41.419818528+05:30" level=info msg="Default bridge (docker0) is assigned...address"
Sep 08 06:42:41 spsvm dockerd-current[173154]: time="2019-09-08T12:12:41.446802255+05:30" level=info msg="Loading containers: done."
Sep 08 06:42:41 spsvm dockerd-current[173154]: time="2019-09-08T12:12:41.446846947+05:30" level=info msg="Daemon has completed initialization"
Sep 08 06:42:41 spsvm dockerd-current[173154]: time="2019-09-08T12:12:41.446859216+05:30" level=info msg="Docker daemon" commit="ec8512b/1.12....n=1.12.6
Sep 08 06:42:41 spsvm dockerd-current[173154]: time="2019-09-08T12:12:41.452889758+05:30" level=info msg="API listen on /var/run/docker.sock"
Sep 08 06:42:41 spsvm systemd[1]: Started Docker Application Container Engine.
Hint: Some lines were ellipsized, use -l to show in full.
[root@spsvm ~]#
[root@spsvm ~]# docker info
Containers: 8
Running: 0
Paused: 0
Stopped: 8
Images: 49
Server Version: 1.12.6
Storage Driver: devicemapper
Pool Name: docker-253:5-393385-pool
Pool Blocksize: 65.54 kB
Base Device Size: 10.74 GB
Backing Filesystem: xfs
Data file: /dev/loop1
Metadata file: /dev/loop2
Data Space Used: 2.788 GB
Data Space Total: 107.4 GB
Data Space Available: 27.15 GB
Metadata Space Used: 3.555 MB
Metadata Space Total: 2.147 GB
Metadata Space Available: 2.144 GB
Thin Pool Minimum Free Space: 10.74 GB
Udev Sync Supported: true
Deferred Removal Enabled: true
Deferred Deletion Enabled: true
Deferred Deleted Device Count: 0
Data loop file: /var/lib/docker/devicemapper/devicemapper/data
WARNING: Usage of loopback devices is strongly discouraged for production use. Use `--storage-opt dm.thinpooldev` to specify a custom block storage device.
Metadata loop file: /var/lib/docker/devicemapper/devicemapper/metadata
Library Version: 1.02.146-RHEL7 (2018-01-22)
Logging Driver: journald
Cgroup Driver: systemd
Plugins:
Volume: local
Network: host null bridge overlay
Authorization: rhel-push-plugin
Swarm: inactive
Runtimes: docker-runc runc
Default Runtime: docker-runc
Security Options: seccomp
Kernel Version: 3.10.0-514.el7.x86_64
Operating System: Red Hat Enterprise Linux Server 7.5 (Maipo)
OSType: linux
Architecture: x86_64
Number of Docker Hooks: 3
CPUs: 8
Total Memory: 62.76 GiB
Name: spsvm
ID: X4AE:GQ3M:HUOW:HL2E:SI2N:OIF6:V6Y6:NITI:FD5Q:CFZ4:ZDUY:HFFV
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Http Proxy: http://<PROXY-SERVER>:8080
Https Proxy: https://<PROXY-SERVER>:8080
Registry: https://registry.access.redhat.com/v1/
Insecure Registries:
127.0.0.0/8
Registries: registry.access.redhat.com (secure), docker.io (secure)
[root@spsvm ~]#
从上述命令的输出中,注意:
[ERROR IsDockerSystemdCheck]: cannot execute 'docker info': exit status 125
我们安装了 docker,docker 守护程序是 运行。 我还能够执行各种 docker 命令,包括 docker 信息。这是权限问题吗?不知道从哪里可以解决 kubeadm 报告的这个错误?
你能试试吗
kubeadm init --ignore-preflight-errors=cri
您是否尝试过使用 kubeadm init 多次,如果是,请重置 kubeadm 并尝试
你的docker安装好像是1.12.6版本,从中可以看出:
Server Version: 1.12.6
并且您正在尝试创建版本为 1.15.3:
Using Kubernetes version: v1.15.3
在Kubernetes 1.15 release notes中,声明kubeadm的最低支持版本Docker被提升到1.13.1:
kubeadm: Bumped the minimum supported Docker version to 1.13.1
因此,我建议的第一件事是将 Docker 升级到最新且受支持的版本,即 18.09:
The list of validated docker versions remains unchanged.
The current list is 1.13.1, 17.03, 17.06, 17.09, 18.06, 18.09.