Rancher2.7.9 Docker离线安装报错

Rancher 2.x
,
1

Rancher Server 设置

  • Rancher 版本:v2.7.9
  • 安装选项 (Docker install/Helm Chart):
    • 如果是 Helm Chart 安装,需要提供 Local 集群的类型(RKE1, RKE2, k3s, EKS, 等)和版本:Docker
  • 在线或离线部署:离线

下游集群信息

  • Kubernetes 版本: v1.26.8+rke2r1
  • Cluster Type (Local/Downstream): Local
    • 如果 Downstream,是什么类型的集群?(自定义/导入或为托管 等):

用户信息

  • 登录用户的角色是什么? (管理员/集群所有者/集群成员/项目所有者/项目成员/自定义):root
    • 如果自定义,自定义权限集:

**主机操作系统:CentOS Linux release 7.9.2009 (Core)

问题描述:
1.有一个https的harbor仓库,10.38.149.142:1443
2.根据rancher官方文档将rancher:v2.7.9中v1.26.8+rke2r1的镜像都下载推送到了harbor
3.在主机下载了rancher:v2.7.9,用docker启动,参考了问题链接 Docker run 启动 rancher,由于映射数据目录导致 rancher/mirrored-pause 无法拉取 - #2,来自 ksd
没有解决问题,还是报错如下
local集群下载不了harbor的镜像

image
image1628×600 39.5 KB

自己创建的集群报错如下
image
image1635×683 42 KB

docker容器的报错部分如下
image
image1718×858 87.1 KB

docker启动rancher的命令如下:

docker run -d --restart=unless-stopped --privileged \
    -p 8080:80 -p 8443:443  \
    -e CATTLE_SYSTEM_DEFAULT_REGISTRY=10.38.149.142:1443 \
    -e CATTLE_BOOTSTRAP_PASSWORD=rancher \
    -v /etc/rancher/rke2/registries.yaml:/etc/rancher/k3s/registries.yaml \
    -v /opt/harbor:/opt/harbor \
    -v /data/rancher:/var/lib/rancher \
    10.38.149.142:1443/rancher/rancher:v2.7.9

registries.yaml文件

mirrors:
  docker.io:
    endpoint:
      - "https://10.38.149.142:1443"
configs:
  "10.38.149.142:1443":
    auth:
      username: admin
      password: Harbor12345
    tls:
      cert_file:            /opt/harbor/10.38.149.142.cert
      key_file:             /opt/harbor/10.38.149.142.key
      ca_file:              /opt/harbor/ca.crt
日志 

2024/09/05 07:16:11 [ERROR] error syncing 'fleet-local/local': handler cluster-create: server url is missing, can't generate kubeconfig for fleet import cluster, requeuing
2024/09/05 07:16:11 [ERROR] error syncing 'fleet-local/local': handler cluster-create: server url is missing, can't generate kubeconfig for fleet import cluster, requeuing
2024/09/05 07:16:11 [ERROR] error syncing 'server-url': handler apiservice-settings: secrets "tls-rancher-internal-ca" not found, requeuing
2024/09/05 07:16:11 [INFO] Starting catalog controller
2024/09/05 07:16:11 [INFO] Starting project-level catalog controller
2024/09/05 07:16:11 [INFO] Starting cluster-level catalog controller
2024/09/05 07:16:11 [ERROR] error syncing 'fleet-local/local': handler cluster-create: server url is missing, can't generate kubeconfig for fleet import cluster, requeuing



2024/09/05 07:16:15 [ERROR] error syncing 'git-webhook': handler apiservice: failed to create cattle-fleet-system/stv-aggregation /v1, Kind=Secret for apiservice git-webhook: namespaces "cattle-fleet-system" not found, requeuing
2024/09/05 07:16:15 [INFO] [mgmt-auth-crtb-controller] Creating clusterRoleBinding for membership in cluster local for subject u-mo773yttt4
2024/09/05 07:16:15 [INFO] [mgmt-auth-crtb-controller] Creating roleBinding for subject u-mo773yttt4 with role cluster-owner in namespace local
2024/09/05 07:16:15 [INFO] [mgmt-auth-crtb-controller] Creating roleBinding for subject u-mo773yttt4 with role cluster-owner in namespace p-nqr5l
2024/09/05 07:16:16 [ERROR] error syncing 'fleet-local/local': handler workspace-backport-cluster: fleetworkspaces.management.cattle.io "fleet-local" not found, requeuing
2024/09/05 07:16:16 [INFO] [mgmt-auth-crtb-controller] Creating roleBinding for subject u-mo773yttt4 with role cluster-owner in namespace p-bskfp
2024/09/05 07:16:16 [INFO] Starting rke-machine-config.cattle.io/v1, Kind=Amazonec2Config controller
2024/09/05 07:16:16 [INFO] Starting rke-machine-config.cattle.io/v1, Kind=LinodeConfig controller
2024/09/05 07:16:16 [INFO] Starting rke-machine.cattle.io/v1, Kind=DigitaloceanMachineTemplate controller
2024/09/05 07:16:16 [INFO] Starting rke-machine.cattle.io/v1, Kind=DigitaloceanMachine controller
2024/09/05 07:16:16 [INFO] Starting rke-machine.cattle.io/v1, Kind=LinodeMachine controller
2024/09/05 07:16:16 [INFO] EnsureSecretForServiceAccount: waiting for secret [cattle-impersonation-u-b4qkhsnliz-token-hshc7] to be populated with token
2024/09/05 07:16:16 [INFO] Watching metadata for rke-machine.cattle.io/v1, Kind=Amazonec2Machine
2024/09/05 07:16:16 [INFO] Watching metadata for rke-machine.cattle.io/v1, Kind=Amazonec2MachineTemplate
2024/09/05 07:16:16 [INFO] Watching metadata for rke-machine.cattle.io/v1, Kind=LinodeMachineTemplate
2024/09/05 07:16:16 [ERROR] defaultSvcAccountHandler: Sync: error handling default ServiceAccount of namespace key=cattle-impersonation-system, err=Operation cannot be fulfilled on namespaces "cattle-impersonation-system": the object has been modified; please apply your changes to the latest version and try again
2024/09/05 07:16:16 [INFO] namespaceHandler: addProjectIDLabelToNamespace: adding label field.cattle.io/projectId=p-bskfp to namespace=cattle-impersonation-system
2024/09/05 07:16:16 [ERROR] namespaceHandler: Sync: error adding project id label to namespace err=Operation cannot be fulfilled on namespaces "cattle-impersonation-system": the object has been modified; please apply your changes to the latest version and try again
2

改为:10.38.149.142:1443

3

是这样的,我还没按照你这个把docker.io改成10.38.149.142:1443,目前local集群的镜像都能拉取了,但是我创建的seadoop集群还是报那个错,不知道哪里有问题

image
image1642×763 52 KB

image
image1662×242 15.6 KB

5

local 集群有个 webhook 的 pod 没启动

6

image
image1629×624 39 KB

local集群的这些pod一直在error重启,我查看pod的log,Waiting for Kubernetes API to be available

image
image1886×570 47.8 KB

webhook 的 pod确实没有,一直没有,为什么呢,要怎么做呢,我的harbor里面有这个webhook镜像

image
image1882×910 64.9 KB

image
image850×342 13.9 KB

7

我重新创建了一下,查看docker的log,最初的报错如下

image
image1682×192 19.8 KB

8

@ksd 老哥再帮我看看,没有思路,查询了很多资料,还是不行。还是网络问题吗?