单机docker部署rancher 2.11.3 报错[ ksd 大佬看过来]

Rancher 2.x
1

Rancher Server 设置

  • Rancher 版本:v2.11.3
  • 安装选项 : Docker install

用户信息

  • 登录用户的角色是什么? (管理员/集群所有者/集群成员/项目所有者/项目成员/自定义):管理员 root

**主机操作系统:rocky8.10

**问题描述:使用最基础的默认安装报错,K3S无法启动

**重现步骤:docker run -d --restart=unless-stopped -p 80:80 -p 443:443 --privileged rancher/rancher:v2.11.3

**关键错误信息:unable to create feature fleet in initialize features: Post “https://127.0.0.1:6443/apis/management.cattle.io/v3/features”: unexpected EOF
2025/09/18 05:28:03 [FATAL] k3s exited with: exit status 1

日志 
[root@pto-prod-redis-247-133 ~]# docker logs 469f8d01a6e4
2025/09/18 05:27:59 [INFO] Rancher version v2.11.3 (720f41283e103fb41b03b22f001401cdf1ab60c5) is starting
2025/09/18 05:27:59 [INFO] Rancher arguments {ACMEDomains:[] AddLocal:true Embedded:false BindHost: HTTPListenPort:80 HTTPSListenPort:443 K8sMode:auto Debug:false Trace:false NoCACerts:false AuditLogPath:/var/log/auditlog/rancher-api-audit.log AuditLogMaxage:10 AuditLogMaxsize:100 AuditLogMaxbackup:10 AuditLevel:0 Features: ClusterRegistry:}
2025/09/18 05:27:59 [INFO] Listening on /tmp/log.sock
2025/09/18 05:27:59 [INFO] Waiting for k3s to start
2025/09/18 05:28:00 [INFO] Waiting for server to become available: the server is currently unable to handle the request
2025/09/18 05:28:02 [INFO] Running in single server mode, will not peer connections
2025/09/18 05:28:02 [INFO] Applying CRD features.management.cattle.io
2025/09/18 05:28:02 [INFO] Waiting for CRD features.management.cattle.io to become available
2025/09/18 05:28:02 [INFO] Done waiting for CRD features.management.cattle.io to become available
2025/09/18 05:28:03 [ERROR] unable to create feature fleet in initialize features: Post "https://127.0.0.1:6443/apis/management.cattle.io/v3/features": unexpected EOF
2025/09/18 05:28:03 [FATAL] k3s exited with: exit status 1
INFO: Running k3s server --cluster-init --cluster-reset
2025/09/18 05:28:15 [INFO] Rancher version v2.11.3 (720f41283e103fb41b03b22f001401cdf1ab60c5) is starting
2025/09/18 05:28:15 [INFO] Rancher arguments {ACMEDomains:[] AddLocal:true Embedded:false BindHost: HTTPListenPort:80 HTTPSListenPort:443 K8sMode:auto Debug:false Trace:false NoCACerts:false AuditLogPath:/var/log/auditlog/rancher-api-audit.log AuditLogMaxage:10 AuditLogMaxsize:100 AuditLogMaxbackup:10 AuditLevel:0 Features: ClusterRegistry:}
2025/09/18 05:28:15 [INFO] Listening on /tmp/log.sock
2025/09/18 05:28:15 [INFO] Waiting for server to become available: Get "https://127.0.0.1:6444/version?timeout=15m0s": dial tcp 127.0.0.1:6444: connect: connection refused
2025/09/18 05:28:17 [INFO] Waiting for server to become available: Get "https://127.0.0.1:6444/version?timeout=15m0s": dial tcp 127.0.0.1:6444: connect: connection refused
2025/09/18 05:28:19 [INFO] Waiting for server to become available: Get "https://127.0.0.1:6444/version?timeout=15m0s": dial tcp 127.0.0.1:6444: connect: connection refused
2025/09/18 05:28:21 [INFO] Waiting for server to become available: Get "https://127.0.0.1:6444/version?timeout=15m0s": dial tcp 127.0.0.1:6444: connect: connection refused
2025/09/18 05:28:23 [INFO] Waiting for server to become available: Get "https://127.0.0.1:6444/version?timeout=15m0s": dial tcp 127.0.0.1:6444: connect: connection refused
2025/09/18 05:28:25 [INFO] Waiting for server to become available: Get "https://127.0.0.1:6444/version?timeout=15m0s": dial tcp 127.0.0.1:6444: connect: connection refused
2025/09/18 05:28:27 [INFO] Waiting for server to become available: Get "https://127.0.0.1:6444/version?timeout=15m0s": dial tcp 127.0.0.1:6444: connect: connection refused
2025/09/18 05:28:29 [FATAL] k3s exited with: exit status 1
INFO: Running k3s server --cluster-init --cluster-reset
ERROR:
time="2025-09-18T05:28:29Z" level=info msg="Starting k3s v1.32.1+k3s1 (6a322f12)"
time="2025-09-18T05:28:29Z" level=info msg="Managed etcd cluster bootstrap already complete and initialized"
time="2025-09-18T05:28:29Z" level=info msg="certificate CN=kube-apiserver signed by CN=k3s-server-ca@1758173279: notBefore=2025-09-18 05:27:59 +0000 UTC notAfter=2026-09-18 05:28:29 +0000 UTC"
time="2025-09-18T05:28:29Z" level=info msg="certificate CN=etcd-peer signed by CN=etcd-peer-ca@1758173279: notBefore=2025-09-18 05:27:59 +0000 UTC notAfter=2026-09-18 05:28:29 +0000 UTC"
time="2025-09-18T05:28:29Z" level=info msg="certificate CN=etcd-server signed by CN=etcd-server-ca@1758173279: notBefore=2025-09-18 05:27:59 +0000 UTC notAfter=2026-09-18 05:28:29 +0000 UTC"
time="2025-09-18T05:28:29Z" level=fatal msg="Error: starting kubernetes: preparing server: start managed database: Managed etcd cluster membership was previously reset, please remove the cluster-reset flag and start k3s normally. If you need to perform another cluster reset, you must first manually delete the file at /var/lib/rancher/k3s/server/db/reset-flag"
INFO: Running k3s server --cluster-init --cluster-reset
2025/09/18 05:28:45 [INFO] Rancher version v2.11.3 (720f41283e103fb41b03b22f001401cdf1ab60c5) is starting
2025/09/18 05:28:45 [INFO] Listening on /tmp/log.sock
2025/09/18 05:28:45 [INFO] Rancher arguments {ACMEDomains:[] AddLocal:true Embedded:false BindHost: HTTPListenPort:80 HTTPSListenPort:443 K8sMode:auto Debug:false Trace:false NoCACerts:false AuditLogPath:/var/log/auditlog/rancher-api-audit.log AuditLogMaxage:10 AuditLogMaxsize:100 AuditLogMaxbackup:10 AuditLevel:0 Features: ClusterRegistry:}
2025/09/18 05:28:45 [INFO] Waiting for server to become available: Get "https://127.0.0.1:6444/version?timeout=15m0s": dial tcp 127.0.0.1:6444: connect: connection refused
2025/09/18 05:28:47 [INFO] Waiting for server to become available: Get "https://127.0.0.1:6444/version?timeout=15m0s": dial tcp 127.0.0.1:6444: connect: connection refused
2025/09/18 05:28:49 [INFO] Waiting for server to become available: Get "https://127.0.0.1:6444/version?timeout=15m0s": dial tcp 127.0.0.1:6444: connect: connection refused
2025/09/18 05:28:51 [INFO] Waiting for server to become available: Get "https://127.0.0.1:6444/version?timeout=15m0s": dial tcp 127.0.0.1:6444: connect: connection refused
2025/09/18 05:28:53 [INFO] Waiting for server to become available: Get "https://127.0.0.1:6444/version?timeout=15m0s": dial tcp 127.0.0.1:6444: connect: connection refused
2025/09/18 05:28:55 [INFO] Waiting for server to become available: Get "https://127.0.0.1:6444/version?timeout=15m0s": dial tcp 127.0.0.1:6444: connect: connection refused
2025/09/18 05:28:57 [INFO] Waiting for server to become available: Get "https://127.0.0.1:6444/version?timeout=15m0s": dial tcp 127.0.0.1:6444: connect: connection refused
2025/09/18 05:28:59 [INFO] Waiting for server to become available: Get "https://127.0.0.1:6444/version?timeout=15m0s": dial tcp 127.0.0.1:6444: connect: connection refused
2025/09/18 05:29:01 [INFO] Waiting for server to become available: Get "https://127.0.0.1:6444/version?timeout=15m0s": dial tcp 127.0.0.1:6444: connect: connection refused
2025/09/18 05:29:03 [INFO] Running in single server mode, will not peer connections
2025/09/18 05:29:03 [INFO] Applying CRD features.management.cattle.io
2025/09/18 05:29:03 [INFO] Creating embedded CRD clusterrepos.catalog.cattle.io
2025/09/18 05:29:03 [INFO] Creating embedded CRD clusterroletemplatebindings.management.cattle.io
2025/09/18 05:29:03 [INFO] Creating embedded CRD globalroles.management.cattle.io
2025/09/18 05:29:03 [INFO] Creating embedded CRD globalrolebindings.management.cattle.io
2025/09/18 05:29:03 [INFO] Creating embedded CRD projects.management.cattle.io
2025/09/18 05:29:03 [INFO] Creating embedded CRD projectroletemplatebindings.management.cattle.io
2025/09/18 05:29:03 [INFO] Creating embedded CRD roletemplates.management.cattle.io
2025/09/18 05:29:03 [INFO] Creating embedded CRD clusterproxyconfigs.management.cattle.io
2025/09/18 05:29:03 [INFO] Creating embedded CRD uiplugins.catalog.cattle.io
2025/09/18 05:29:03 [INFO] Waiting for CRD projects.management.cattle.io to become available
2025/09/18 05:29:04 [INFO] Done waiting for CRD projects.management.cattle.io to become available
2025/09/18 05:29:04 [INFO] Waiting for CRD projectroletemplatebindings.management.cattle.io to become available
2025/09/18 05:29:04 [INFO] Done waiting for CRD projectroletemplatebindings.management.cattle.io to become available
2025/09/18 05:29:04 [INFO] Waiting for CRD roletemplates.management.cattle.io to become available
2025/09/18 05:29:04 [INFO] Done waiting for CRD roletemplates.management.cattle.io to become available
2025/09/18 05:29:04 [INFO] Waiting for CRD clusterproxyconfigs.management.cattle.io to become available
2025/09/18 05:29:04 [INFO] Done waiting for CRD clusterproxyconfigs.management.cattle.io to become available
2025/09/18 05:29:04 [INFO] Waiting for CRD uiplugins.catalog.cattle.io to become available
2025/09/18 05:29:04 [INFO] Done waiting for CRD uiplugins.catalog.cattle.io to become available
2025/09/18 05:29:04 [INFO] Applying CRD plans.upgrade.cattle.io
2025/09/18 05:29:04 [INFO] Applying CRD navlinks.ui.cattle.io
2025/09/18 05:29:04 [INFO] Applying CRD podsecurityadmissionconfigurationtemplates.management.cattle.io
2025/09/18 05:29:04 [INFO] Applying CRD clusters.management.cattle.io
2025/09/18 05:29:04 [INFO] Applying CRD apiservices.management.cattle.io
2025/09/18 05:29:04 [INFO] Applying CRD clusterregistrationtokens.management.cattle.io
2025/09/18 05:29:04 [INFO] Applying CRD settings.management.cattle.io
2025/09/18 05:29:04 [INFO] Applying CRD preferences.management.cattle.io
2025/09/18 05:29:04 [INFO] Applying CRD features.management.cattle.io
2025/09/18 05:29:04 [INFO] Applying CRD operations.catalog.cattle.io
2025/09/18 05:29:04 [INFO] Applying CRD apps.catalog.cattle.io
2025/09/18 05:29:04 [INFO] Applying CRD fleetworkspaces.management.cattle.io
2025/09/18 05:29:04 [INFO] Applying CRD bundles.fleet.cattle.io
2025/09/18 05:29:04 [INFO] Applying CRD clusters.fleet.cattle.io
2025/09/18 05:29:04 [INFO] Applying CRD clustergroups.fleet.cattle.io
2025/09/18 05:29:04 [INFO] Applying CRD managedcharts.management.cattle.io
2025/09/18 05:29:04 [INFO] Applying CRD clusters.provisioning.cattle.io
2025/09/18 05:29:04 [INFO] Applying CRD clusters.provisioning.cattle.io
2025/09/18 05:29:04 [INFO] Applying CRD rkeclusters.rke.cattle.io
2025/09/18 05:29:04 [INFO] Applying CRD rkecontrolplanes.rke.cattle.io
2025/09/18 05:29:04 [INFO] Applying CRD rkebootstraps.rke.cattle.io
2025/09/18 05:29:04 [INFO] Applying CRD rkebootstraptemplates.rke.cattle.io
2025/09/18 05:29:04 [INFO] Applying CRD rkecontrolplanes.rke.cattle.io
2025/09/18 05:29:04 [INFO] Applying CRD custommachines.rke.cattle.io
2025/09/18 05:29:04 [INFO] Applying CRD etcdsnapshots.rke.cattle.io
2025/09/18 05:29:04 [INFO] Applying CRD clusters.cluster.x-k8s.io
2025/09/18 05:29:04 [INFO] Applying CRD machinedeployments.cluster.x-k8s.io
2025/09/18 05:29:04 [INFO] Applying CRD machinedrainrules.cluster.x-k8s.io
2025/09/18 05:29:04 [INFO] Applying CRD machinehealthchecks.cluster.x-k8s.io
2025/09/18 05:29:04 [INFO] Applying CRD machines.cluster.x-k8s.io
2025/09/18 05:29:04 [INFO] Applying CRD machinesets.cluster.x-k8s.io
2025/09/18 05:29:04 [INFO] Waiting for CRD machinesets.cluster.x-k8s.io to become available
2025/09/18 05:29:04 [FATAL] k3s exited with: exit status 1
INFO: Running k3s server --cluster-init --cluster-reset
2

参考:使用docker-compose 部署 rancher单节点 部署成功后 页面无法访问

3

你好,我进入容器查看了k3s的日志,报错原因如下:
E0918 06:37:11.599642 98 server.go:234] “Kube-proxy configuration may be incomplete or incorrect” err=“nodePortAddresses is unset; NodePort connections will be accepted on all local IPs. Consider using --nodeport-addresses primary
E0918 06:37:11.601332 98 server.go:127] “Error running ProxyServer” err=“iptables is not available on this host”
当前操作系统是rocky8.10,请问大佬最合适的处理方案是什么?
Error: iptables is not available on this host

4

大佬,帮忙看看

5

百度随便查一下就有解决方案啊,比如 使用Rockey操作系统运行rancher镜像报错iptables is not available on this host解决方法 - minseo - 博客园

6

大佬,我按照下面的方案解决的,但是因为rocky8.10应该是基于nftables,而不是老的iptables,想了解有没有更好的处理方案

# 创建一个配置文件/etc/modules-load.d/iptable.conf,内容包含三个iptables相关的内核模块名
# -e 参数允许echo解释转义字符(如\n换行符)
echo -e 'iptable_nat\niptable_filter\niptable_mangle' > /etc/modules-load.d/iptable.conf

# 立即加载三个iptables内核模块 网络地址转换(NAT)功能、基本包过滤功能、特殊包修改功能
modprobe iptable_nat iptable_filter iptable_mangle