anolisos8.8部署rancher2.8.4，报错：k3s exited with: exit status 1

石头-豆豆

于 2024-09-14 18:24:56 发布

阅读量211

点赞数 3

分类专栏： k8s 文章标签：ｒａｎｃｈｅｒ

本文链接：https://blog.csdn.net/xjjj064/article/details/142262463

版权

k8s 专栏收录该内容

41 篇文章 9 订阅

订阅专栏

anolisos8.8部署rancher2.8.4

一、安装docker

1.1、添加yum源

#添加阿里docker-ce源
# step 1: 安装必要的一些系统工具
sudo yum install -y yum-utils device-mapper-persistent-data lvm2
# Step 2: 添加软件源信息
sudo yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
# Step 3
sudo sed -i 's+download.docker.com+mirrors.aliyun.com/docker-ce+' /etc/yum.repos.d/docker-ce.repo
# Step 4: 更新并安装Docker-CE
sudo yum makecache fast

1.2、关闭防火墙selinux

systemctl stop firewalld
systemctl disable firewalld
setenforce 0
sed -i 's/^SELINUX=.*/SELINUX=disabled/' /etc/selinux/config

1.3、修改内核参数

cat > /etc/sysctl.d/k8s.conf <<EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
net.ipv4.vs.conn_reuse_mode = 0
net.ipv4.vs.conntrack = 1
net.ipv4.vs.expire_nodest_conn = 1
EOF

 sysctl --system

cat >/etc/sysctl.conf <<EOF
kernel.sysrq = 0
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.default.accept_source_route = 0
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.default.accept_redirects = 0
net.ipv4.conf.all.secure_redirects = 0
net.ipv4.conf.default.secure_redirects = 0
net.ipv4.icmp_echo_ignore_broadcasts = 1
net.ipv4.icmp_ignore_bogus_error_responses = 1
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.default.rp_filter = 1
net.ipv4.tcp_syncookies = 1
kernel.dmesg_restrict = 1
net.ipv6.conf.all.accept_redirects = 0
net.ipv6.conf.default.accept_redirects = 0
EOF
#应用内核
sysctl -p

1.4、安装docker

yum install docker-ce -y

1.5、配置docker

#修改cgroup驱动为systemd[k8s官方推荐]、限制容器日志量、修改存储类型
mkdir /etc/docker -p
cat > /etc/docker/daemon.json <<EOF
{
    "registry-mirrors": [
        "https://tf72mndn.mirror.aliyuncs.com"
    ],
    "exec-opts": ["native.cgroupdriver=systemd"],
    "log-opts": {
        "max-file": "3",
        "max-size": "500m"
    }
}
EOF
systemctl daemon-reload
systemctl restart docker
systemctl enable docker

1.6、部署rancher

docker run -d --name rancher --restart=unless-stopped -p 80:80 -p 443:443 --privileged -v /opt/rancher:/var/lib/rancher rancher/rancher:v2.8.4

二、问题排查

2.1、k3s exited with: exit status 1
在这里插入图片描述
２.２、查看ｋ３ｓ日志

E0914 09:07:01.342149      73 kubelet_network_linux.go:69] "Failed to ensure that iptables hint chain exists" err=<
        error creating chain "KUBE-IPTABLES-HINT": exit status 3: Ignoring deprecated --wait-interval option.
        iptables v1.8.8 (legacy): can't initialize iptables table `mangle': Table does not exist (do you need to insmod?)
        Perhaps iptables or your kernel needs to be upgraded.
 >
I0914 09:07:01.342187      73 kubelet_network_linux.go:58] "Failed to initialize iptables rules; some functionality may be missing." protocol="IPv4"
E0914 09:07:01.343956      73 kubelet_network_linux.go:69] "Failed to ensure that iptables hint chain exists" err=<
        error creating chain "KUBE-IPTABLES-HINT": exit status 3: Ignoring deprecated --wait-interval option.
        ip6tables v1.8.8 (legacy): can't initialize ip6tables table `mangle': Table does not exist (do you need to insmod?)
        Perhaps ip6tables or your kernel needs to be upgraded.

以上都是因为内核未加载ｉｐｔａｂｌｅｓ模块导致！