《k8s 部署》常见报错类型1
1.错误一:CentOS 7 上 kubeadm 版本不兼容问题
错误示例:
错误信息表明:当前安装的
kubeadm版本仅支持 Kubernetes 控制平面版本 ≥1.27.0,但您尝试部署的集群版本是 v1.25.4。这属于典型的 版本不匹配问题,需通过以下步骤解决。
解决方案:
1. 检查并卸载现有高版本 kubeadm
# 查看当前 kubeadm 版本
kubeadm version
# 卸载现有版本(假设通过 yum 安装)
sudo yum remove kubeadm kubelet kubectl2.安装匹配 v1.25.4 的 kubeadm 工具链
# 添加阿里云 Kubernetes 仓库
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64/
enabled=1
gpgcheck=0
EOF# 安装指定版本组件
sudo yum install -y kubeadm-1.25.4-0 kubelet-1.25.4-0 kubectl-1.25.4-03.锁定版本防止意外升级
sudo yum install yum-plugin-versionlock
sudo yum versionlock add kubeadm kubelet kubectl4. 验证版本兼容性
此时应正常显示 v1.25.4 相关镜像列表
5.初始化集群
sudo kubeadm init --config kubeadm.yml版本兼容性关键点
| 组件 | 兼容要求 | 错误示例 |
|---|---|---|
| kubeadm | 必须精确匹配控制平面版本 | 1.27.0 kubeadm vs 1.25.4 |
| kubelet | 允许低一个次版本(≤控制平面版本) | 1.26.x kubelet vs 1.25.4 |
| kubectl | 允许±1次版本差异 | 1.24-1.26 均兼容 1.25.4 |
注意:Kubernetes 1.24+ 需手动管理 token4:
kubeadm token create --print-join-command错误二: CentOS 7 上 kubeadm init 预检错误
[root@master ~]# kubeadm init --apiserver-advertise-address=192.168.52.111 --apiserver-bind-port=6443 --cri-socket="unix:///var/run/containerd/containerd.sock" --image-repository registry.aliyuncs.com/google_containers --kubernetes-version=1.25.4 --pod-network-cidr=10.244.0.0/16 --service-cidr=10.96.0.0/12 [init] Using Kubernetes version: v1.25.4 [preflight] Running pre-flight checks error execution phase preflight: [preflight] Some fatal errors occurred: [ERROR FileAvailable--etc-kubernetes-manifests-kube-apiserver.yaml]: /etc/kubernetes/manifests/kube-apiserver.yaml already exists [ERROR FileAvailable--etc-kubernetes-manifests-kube-controller-manager.yaml]: /etc/kubernetes/manifests/kube-controller-manager.yaml already exists [ERROR FileAvailable--etc-kubernetes-manifests-kube-scheduler.yaml]: /etc/kubernetes/manifests/kube-scheduler.yaml already exists [ERROR FileAvailable--etc-kubernetes-manifests-etcd.yaml]: /etc/kubernetes/manifests/etcd.yaml already exists [ERROR Port-10250]: Port 10250 is in use [preflight] If you know what you are doing, you can make a check non-fatal with `--ignore-preflight-errors=...` To see the stack trace of this error execute with --v=5 or higher[root@master ~]# kubeadm init --apiserver-advertise-address=192.168.52.111 --apiserver-bind-port=6443 --cri-socket="unix:///var/run/containerd/containerd.sock" --image-repository registry.aliyuncs.com/google_containers --kubernetes-version=1.24.2 --pod-network-cidr=10.244.0.0/16 --service-cidr=10.96.0.0/12
[init] Using Kubernetes version: v1.24.2
[preflight] Running pre-flight checks
error execution phase preflight: [preflight] Some fatal errors occurred:[ERROR FileAvailable--etc-kubernetes-manifests-kube-apiserver.yaml]: /etc/kubernetes/manifests/kube-apiserver.yaml already exists[ERROR FileAvailable--etc-kubernetes-manifests-kube-controller-manager.yaml]: /etc/kubernetes/manifests/kube-controller-manager.yaml already exists[ERROR FileAvailable--etc-kubernetes-manifests-kube-scheduler.yaml]: /etc/kubernetes/manifests/kube-scheduler.yaml already exists[ERROR FileAvailable--etc-kubernetes-manifests-etcd.yaml]: /etc/kubernetes/manifests/etcd.yaml already exists[ERROR KubeletVersion]: the kubelet version is higher than the control plane version. This is not a supported version skew and may lead to a malfunctional cluster. Kubelet version: "1.25.4" Control plane version: "1.24.2"[ERROR Port-10250]: Port 10250 is in use
[preflight] If you know what you are doing, you can make a check non-fatal with `--ignore-preflight-errors=...`
To see the stack trace of this error execute with --v=5 or higher
[root@master ~]#错误原因分析:
文件已存在错误
/etc/kubernetes/manifests/中的控制平面组件 YAML 文件是残留文件,通常由以下原因导致:
- 前次
kubeadm init失败未完全清理- 不完整的
kubeadm reset操作1310250 端口占用
该端口是 kubelet 的 HTTPS 服务端口,被占用说明:
- 旧 kubelet 进程未完全终止
- 其他服务(如残留容器)占用端口
解决方案:
1. 彻底清理 Kubernetes 环境
# 强制重置集群
sudo kubeadm reset -f# 删除所有残留配置文件
sudo rm -rf /etc/kubernetes/manifests/*
sudo rm -rf /etc/kubernetes/pki
sudo rm -f /etc/kubernetes/*.conf
sudo rm -f $HOME/.kube/config# 清理容器运行时
sudo crictl rm -fa
sudo ctr -n k8s.io containers rm $(sudo ctr -n k8s.io containers list -q)2. 释放 10250 端口
# 查找占用进程
sudo ss -tulnp | grep 10250# 终止相关进程 (示例)
sudo kill -9 $(pidof kubelet) # 终止 kubelet
sudo kill -9 $(sudo lsof -t -i:10250) # 强制终止端口占用进程# 重启容器运行时
sudo systemctl restart containerd3. 验证环境准备
# 检查端口释放
sudo netstat -tuln | grep 10250 # 应无输出# 检查文件系统
ls /etc/kubernetes/manifests/ # 应显示空目录# 确认 CRI 状态
sudo crictl version # 应返回正常版本信息4. 重新初始化集群(根据自己的实际配置)
sudo kubeadm init \--apiserver-advertise-address=192.168.52.111 \--apiserver-bind-port=6443 \--cri-socket="unix:///var/run/containerd/containerd.sock" \--image-repository registry.aliyuncs.com/google_containers \--kubernetes-version=1.25.4 \--pod-network-cidr=10.244.0.0/16 \--service-cidr=10.96.0.0/12 \--ignore-preflight-errors=FileAvailable # 临时忽略文件存在检查5. 初始化后配置
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config关键注意事项
-
版本一致性
确保所有组件版本匹配 1.25.4:sudo yum install -y kubelet-1.25.4 kubectl-1.25.4 kubeadm-1.25.4 sudo systemctl enable --now kubelet -
CRI 兼容性
Kubernetes 1.25+ 需使用 containerd 1.6+ 并启用 CRI 插件:sudo containerd config default | sudo tee /etc/containerd/config.toml sudo sed -i 's/SystemdCgroup = false/SystemdCgroup = true/' /etc/containerd/config.toml sudo systemctl restart containerd -
防火墙配置
开放必要端口:sudo firewall-cmd --permanent --add-port={6443,10250,2379-2380,30000-32767}/tcp sudo firewall-cmd --reload