k8s初始化常见问题

执行初始化：

kubeadm init --apiserver-advertise-address=192.168.88.110 --image-repository registry.aliyuncs.com/google_containers --pod-network-cidr=10.244.0.0/16 --control-plane-endpoint=web01

报错信息：

age-repository registry.aliyuncs.com/google_containers --pod-network-cidr=10.244                                                                                                .0.0/16 --control-plane-endpoint=master
W0903 17:19:18.012770    1840 version.go:104] could not fetch a Kubernetes versi                                                                                                on from the internet: unable to get URL "https://dl.k8s.io/release/stable-1.txt"                                                                                                : Get "https://cdn.dl.k8s.io/release/stable-1.txt": context deadline exceeded (C                                                                                                lient.Timeout exceeded while awaiting headers)
W0903 17:19:18.013071    1840 version.go:105] falling back to the local client v                                                                                                ersion: v1.30.14
[init] Using Kubernetes version: v1.30.14
[preflight] Running pre-flight checks
        [WARNING Swap]: swap is supported for cgroup v2 only; the NodeSwap featu                                                                                                re gate of the kubelet is beta but disabled by default
[preflight] Pulling images required for setting up a Kubernetes cluster
[preflight] This might take a minute or two, depending on the speed of your inte                                                                                                rnet connection
[preflight] You can also perform this action in beforehand using 'kubeadm config                                                                                                 images pull'

Running pre-flight checks
        [WARNING Swap]: swap is supported for cgroup v2 only; the NodeSwap feature gate of the kubelet is beta but disabled by default
error execution phase preflight: [preflight] Some fatal errors occurred:
        [ERROR FileAvailable--etc-kubernetes-kubelet.conf]: /etc/kubernetes/kubelet.conf already exists
        [ERROR FileAvailable--etc-kubernetes-pki-ca.crt]: /etc/kubernetes/pki/ca.crt already exists
[preflight] If you know what you are doing, you can make a check non-fatal with `--ignore-preflight-errors=...`
To see the stack trace of this error execute with --v=5 or highe

问题分析

1. 网络超时警告 (W0903 17:19:18.012770)

W0903 17:19:18.012770    1840 version.go:104] could not fetch a Kubernetes version from the internet: 
unable to get URL "https://dl.k8s.io/release/stable-1.txt": 
Get "https://cdn.dl.k8s.io/release/stable-1.txt": context deadline exceeded 
(Client.Timeout exceeded while awaiting headers)

• 含义：kubeadm 尝试从 https://dl.k8s.io 获取最新的稳定版 Kubernetes 版本信息，但由于网络问题（如防火墙、DNS、代理或 CDN 访问缓慢），请求超时。
• 影响：
  • kubeadm 无法确认是否有更新的版本可用。
  • 它会回退到本地 kubeadm 的版本（这里是 v1.30.14）来初始化集群。这通常是可接受的，因为您本意就是使用这个版本。
• 根本原因：dl.k8s.io 在中国大陆等地区访问不稳定或速度极慢。

解决：

      配置containerd，完成后重新启动containerd

# 生成配置文件
containerd config default > /etc/containerd/config.toml

# 修改 SystemdCgroup 参数为 true，表示 containerd 使用 systemd 作为 cgroup 驱动程序。
sed -ri 's#SystemdCgroup = false#SystemdCgroup = true#' /etc/containerd/config.toml

# 修改sandbox沙箱镜像，registry.k8s.io 在某些网络环境下可能访问不稳定或受到限制，
# 而阿里云的镜像仓库 registry.aliyuncs.com 在国内网络环境下通常具有更好的访问速度和稳定性。
sed -ri 's#registry.k8s.io\/pause:3.8#registry.aliyuncs.com\/google_containers\/pause:3.9#' /etc/containerd/config.toml


# 新增镜像源
sed -i 's/config_path = ""/config_path = "\/etc\/containerd\/certs.d\/"/g' /etc/containerd/config.toml

mkdir -p /etc/containerd/certs.d/docker.io
cat > /etc/containerd/certs.d/docker.io/hosts.toml << 'EOF'
server = "https://docker.io" # 源镜像地址

[host."https://docker.m.daocloud.io"] # 道客-镜像加速地址
  capabilities = ["pull","resolve"]

[host."https://dockerproxy.com"] # 镜像加速地址
  capabilities = ["pull", "resolve"]

[host."https://docker.mirrors.sjtug.sjtu.edu.cn"] # 上海交大-镜像加速地址
  capabilities = ["pull","resolve"]

[host."https://docker.mirrors.ustc.edu.cn"] # 中科大-镜像加速地址
  capabilities = ["pull","resolve"]

[host."https://docker.nju.edu.cn"] # 南京大学-镜像加速地址
  capabilities = ["pull","resolve"]

[host."https://registry.docker-cn.com"]
  capabilities = ["pull","resolve","push"]

[host."https://cf-workers-docker-io-38g.pages.dev"]
  capabilities = ["pull","resolve","push"]
EOF

# 重启生效
systemctl enable containerd
systemctl restart containerd

# 验证测试
systemctl status containerd

2. Swap 分区警告 (WARNING Swap)

[WARNING Swap]: swap is supported for cgroup v2 only; 
the NodeSwap feature gate of the kubelet is beta but disabled by default

• 含义：系统检测到启用了 Swap 分区。Kubernetes 默认不支持 Swap，因为它会影响 kubelet 对节点内存资源的准确判断和 Pod 的调度/驱逐策略。
• 影响：这是一个警告，默认情况下不会阻止 kubeadm init 成功。但强烈建议解决，否则可能导致节点状态异常或 Pod 调度问题。

解决：

        完成配置后启动kubetel

# 临时关闭 Swap
sudo swapoff -a

# 永久关闭：注释 /etc/fstab 中的 swap 行
sudo sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab

# 验证 Swap 已关闭
free -h
# 输出中 Swap 行应为 0

启动kubetel前先重置环境

 kubeadm reset 

执行初始化

kubeadm init --apiserver-advertise-address=192.168.88.110 --image-repository registry.aliyuncs.com/google_containers --pod-network-cidr=10.244.0.0/16 --control-plane-endpoint=web01