[ERROR FileContent--proc-sys-net-bridge-bridge-nf-call-iptables]: 问题解决

1320503165

   [ERROR FileContent--proc-sys-net-bridge-bridge-nf-call-iptables]: /proc/sys/net/bridge/bridge-nf-call-iptables does not exist
! y5 b! c; g9 P# F7 D. b! B. T    [ERROR FileContent--proc-sys-net-ipv4-ip_forward]: /proc/sys/net/ipv4/ip_forward contents are not set to 1
% h( O2 J/ }- H0 j0 d, u4 b
2 _. m9 k# R4 D& V
; O! D1 r; I4 y( Q9 m' p8 Y
  y/ n+ }3 X3 Z* v
[root@kubernetes-master net]# vim /etc/sysctl.d/k8s.conf
- m) D% s# y; |1 ~" y[root@kubernetes-master net]# modprobe br_netfilter
. r5 r( R& W; K( W& L: L[root@kubernetes-master net]# sysctl --system /etc/sysctl.d/k8s.conf
* Applying /usr/lib/sysctl.d/00-system.conf ...
+ l: p$ G* L! c7 j% T( }0 U. Pnet.bridge.bridge-nf-call-ip6tables = 0
4 a2 i( C2 b4 wnet.bridge.bridge-nf-call-iptables = 0
* {0 H" {( U' ]( O- Q/ T, D7 nnet.bridge.bridge-nf-call-arptables = 0
* Applying /usr/lib/sysctl.d/10-default-yama-scope.conf ...
- y. |; A# d4 t3 @+ U$ m9 _kernel.yama.ptrace_scope = 0
* Applying /usr/lib/sysctl.d/50-default.conf ...
0 D% C- `2 i; ^7 Z! \* i0 qkernel.sysrq = 16
; V% M& ?  c1 u1 o6 A% tkernel.core_uses_pid = 1
* s  C: r- E. ekernel.kptr_restrict = 1
7 B6 t! V" }4 l8 X/ f$ bnet.ipv4.conf.default.rp_filter = 1
$ n- n2 ]/ I# J  |$ rnet.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.default.promote_secondaries = 1
& w2 c, h  {- v) Z! `& m* ~3 {$ j/ Nnet.ipv4.conf.all.promote_secondaries = 1
fs.protected_hardlinks = 1
" d; {; a* J) N% b9 P& P' `fs.protected_symlinks = 1
* Applying /etc/sysctl.d/99-sysctl.conf ...
5 J9 M- r, M) r! R: q8 F# w' gkernel.pid_max = 316448
* Applying /etc/sysctl.d/k8s.conf ...
  W* H) l- m* _7 d6 Xnet.bridge.bridge-nf-call-ip6tables = 1
* Q4 e7 ?- E) y! inet.bridge.bridge-nf-call-iptables = 1
; d  `( }/ V% o3 v) _* Applying /etc/sysctl.conf ...
kernel.pid_max = 316448
6 {9 X5 v$ Q& ~+ h  Z[root@kubernetes-master net]# kubeadm init --apiserver-advertise-address=192.168.8.190  --image-repository registry.aliyuncs.com/google_containers  --kubernetes-version v1.28.0 --service-cidr=10.177.100.0/12 --pod-network-cidr=10.233.0.0/16  --cri-socket=unix:///var/run/cri-dockerd.sock  
" @$ B, s7 t. [% w/ V[init] Using Kubernetes version: v1.28.0
# d) C9 |0 G6 ]2 V[preflight] Running pre-flight checks
error execution phase preflight: [preflight] Some fatal errors occurred:
* j& x: s6 z0 O# A7 R* W9 x$ k    [ERROR CRI]: container runtime is not running: output: E0915 10:46:46.870746    2864 remote_runtime.go:616] "Status from runtime service failed" err="rpc error: code = Unavailable desc = connection closed before server preface received"
time="2024-09-15T10:46:46+08:00" level=fatal msg="getting status of runtime: rpc error: code = Unavailable desc = connection closed before server preface received"
0 g, a5 o5 f5 j/ c, error: exit status 1
    [ERROR FileContent--proc-sys-net-ipv4-ip_forward]: /proc/sys/net/ipv4/ip_forward contents are not set to 1
& t% n8 c, X4 S1 m2 k# ]0 E[preflight] If you know what you are doing, you can make a check non-fatal with `--ignore-preflight-errors=...`
( J$ ~, H9 X8 ?# \4 w! D7 ?To see the stack trace of this error execute with --v=5 or higher
* j" `0 p) a. ]* _$ Y4 U[root@kubernetes-master net]# docker ps

Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
[root@kubernetes-master net]#
) F2 |, a' x" X[root@kubernetes-master net]# systemctl restart docker.service
[root@kubernetes-master net]# docker ps
& j6 b, u  L( _1 [$ t# _CONTAINER ID   IMAGE     COMMAND   CREATED   STATUS    PORTS     NAMES
[root@kubernetes-master net]# systemctl enable docker.service
+ B+ i8 ^( p" _) rCreated symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.
0 s5 o& Y% @' v% P& F  O5 z; B[root@kubernetes-master net]# systemctl status cri-docker.service
4 R$ q4 t4 ^7 Q● cri-docker.service - CRI Interface for Docker Application Container Engine
   Loaded: loaded (/usr/lib/systemd/system/cri-docker.service; enabled; vendor preset: disabled)
+ ^( o4 M  @& R8 |$ \# s   Active: failed (Result: start-limit) since Sun 2024-09-15 10:46:51 CST; 1min 37s ago
' p' g* E! p: Q) d     Docs: https://docs.mirantis.com
Main PID: 2909 (code=exited, status=1/FAILURE)
! K; _$ Q& I0 `' W, T; ~
Sep 15 10:46:49 kubernetes-master systemd[1]: Failed to start CRI Interface for Docker Application C...ne.
) e5 I7 N0 q' V% dSep 15 10:46:49 kubernetes-master systemd[1]: Unit cri-docker.service entered failed state.
Sep 15 10:46:49 kubernetes-master systemd[1]: cri-docker.service failed.
3 c2 M0 H) A- @1 f  J7 ESep 15 10:46:51 kubernetes-master systemd[1]: cri-docker.service holdoff time over, scheduling restart.
. F3 S! e" E$ m0 CSep 15 10:46:51 kubernetes-master systemd[1]: Stopped CRI Interface for Docker Application Container...ne.
Sep 15 10:46:51 kubernetes-master systemd[1]: start request repeated too quickly for cri-docker.service
, }2 V% [4 o+ L, _7 w- C2 ISep 15 10:46:51 kubernetes-master systemd[1]: Failed to start CRI Interface for Docker Application C...ne.
Sep 15 10:46:51 kubernetes-master systemd[1]: Unit cri-docker.service entered failed state.
. a; m- Q" M2 S# C: [0 c! ~Sep 15 10:46:51 kubernetes-master systemd[1]: cri-docker.service failed.
Hint: Some lines were ellipsized, use -l to show in full.
1 g3 o0 }+ q7 Y- h8 ^! g+ i[root@kubernetes-master net]# systemctl restart cri-docker.service
7 X$ T8 w$ {3 g: y* n5 G8 r[root@kubernetes-master net]# systemctl status cri-docker.service
● cri-docker.service - CRI Interface for Docker Application Container Engine
   Loaded: loaded (/usr/lib/systemd/system/cri-docker.service; enabled; vendor preset: disabled)
; C% d1 V7 ^. j) Z' S7 w+ L, `4 a   Active: active (running) since Sun 2024-09-15 10:48:38 CST; 1s ago
     Docs: https://docs.mirantis.com
2 p) |4 Q- I+ V+ s/ k: f5 u Main PID: 3339 (cri-dockerd)
* a2 Z# ^, E5 O: i8 B/ A$ _    Tasks: 8
   Memory: 16.2M
   CGroup: /system.slice/cri-docker.service
           └─3339 /usr/bin/cri-dockerd --container-runtime-endpoint fd:// --pod-infra-container-image=r...
& c- U0 h! w2 C: A6 v
Sep 15 10:48:38 kubernetes-master cri-dockerd[3339]: time="2024-09-15T10:48:38+08:00" level=info msg...0s"
Sep 15 10:48:38 kubernetes-master cri-dockerd[3339]: time="2024-09-15T10:48:38+08:00" level=info msg...ne"
Sep 15 10:48:38 kubernetes-master cri-dockerd[3339]: time="2024-09-15T10:48:38+08:00" level=info msg...ni"
' T6 M/ t' s8 h; ~- vSep 15 10:48:38 kubernetes-master cri-dockerd[3339]: time="2024-09-15T10:48:38+08:00" level=info msg...ni"
0 X) h4 ?) x/ J5 @Sep 15 10:48:38 kubernetes-master cri-dockerd[3339]: time="2024-09-15T10:48:38+08:00" level=info msg...ive
Sep 15 10:48:38 kubernetes-master cri-dockerd[3339]: time="2024-09-15T10:48:38+08:00" level=info msg...fs"
Sep 15 10:48:38 kubernetes-master systemd[1]: Started CRI Interface for Docker Application Container...ne.
Sep 15 10:48:38 kubernetes-master cri-dockerd[3339]: time="2024-09-15T10:48:38+08:00" level=info msg...,}"
Sep 15 10:48:38 kubernetes-master cri-dockerd[3339]: time="2024-09-15T10:48:38+08:00" level=info msg...e."
Sep 15 10:48:38 kubernetes-master cri-dockerd[3339]: time="2024-09-15T10:48:38+08:00" level=info msg...nd"
8 `  C7 e" L* M) G0 @Hint: Some lines were ellipsized, use -l to show in full.

1320503165

[root@kubernetes-master net]# kubeadm init --apiserver-advertise-address=192.168.8.190  --image-repository registry.aliyuncs.com/google_containers  --kubernetes-version v1.28.0 --service-cidr=10.177.100.0/12 --pod-network-cidr=10.233.0.0/16  --cri-socket=unix:///var/run/cri-dockerd.sock  
! m: z2 M) U+ o1 u[init] Using Kubernetes version: v1.28.0
. H1 I' X# W$ L% z  G% N! n/ l0 @[preflight] Running pre-flight checks
[preflight] Pulling images required for setting up a Kubernetes cluster
1 A2 i) q' k9 N1 }% r9 a4 d  q[preflight] This might take a minute or two, depending on the speed of your internet connection
' ~% g" r1 `  D/ w" w& Y[preflight] You can also perform this action in beforehand using 'kubeadm config images pull'
2 F( b1 S* X2 s8 [

6 v* a8 ^  z, T9 n: ?: i8 q6 c也就是说docker未启动就会报错