ubuntucontainerd - 技术栈

Ubuntu部署containerd

ls

作用：查看容器清单。

示例：

bash 复制代码

root@ubuntu2404:~# nerdctl container ls
CONTAINER ID    IMAGE    COMMAND    CREATED    STATUS    PORTS    NAMES
# 可简写为
root@ubuntu2404:~# nerdctl ps
CONTAINER ID    IMAGE    COMMAND    CREATED    STATUS    PORTS    NAMES

# 使用-a选项查看所有容器，包括未运行的
root@ubuntu2404:~# nerdctl container ls -a
CONTAINER ID    IMAGE    COMMAND    CREATED    STATUS    PORTS    NAMES

常用选项：

-a, --all Show all containers (default shows just running)
-f, --filter strings Filter matches containers based on given conditions
--format string Format the output using the given Go template, e.g, '{{json .}}', 'wide'

run

作用：创建并运行容器。

示例：

bash 复制代码

# 语法：
Usage: nerdctl container run [flags] IMAGE [COMMAND] [ARG...]

root@ubuntu2404:~# nerdctl container run -it ubuntu
root@249c162d8db6:/# exit
exit

# 可简写为
root@ubuntu2404:~# nerdctl container run -it ubuntu

# 容器状态为Exited
root@ubuntu2404:~# nerdctl container ls
CONTAINER ID    IMAGE    COMMAND    CREATED    STATUS    PORTS    NAMES
root@ubuntu2404:~# nerdctl container ls -a
CONTAINER ID    IMAGE                              COMMAND        CREATED           STATUS                       PORTS    NAMES
249c162d8db6    docker.io/library/ubuntu:latest    "/bin/bash"    24 seconds ago    Exited (0) 22 seconds ago             ubuntu-249c1

常用选项：

--cpu-shares uint CPU shares (relative weight)
--cpus float Number of CPUs
-d, --detach Run container in background and print container ID
--dns strings Set custom DNS servers
-e, --env stringArray Set environment variables
-h, --hostname string Container host name
-i, --interactive Keep STDIN open even if not attached
--ip string Pv4 address to assign to the container
--mac-address string MAC address to assign to the container
-m, --memory string Memory limit
--name string Assign a name to the container
--net strings Connect a container to a network ("bridge"|"host"|"none"|) (default $bridge$ )
--network strings Connect a container to a network ("bridge"|"host"|"none"|"container:"|) (default $bridge$ )
--privileged Give extended privileges to this container
--pull string Pull image before running ("always"|"missing"|"never") (default "missing")
--restart string Restart policy to apply when a container exits (implemented values: "no"|"always|on-failure:n|unless-stopped") (default "no")
--rm Automatically remove the container when it exits
--runtime string Runtime to use for this container, e.g.
--stop-signal string Signal to stop a container (default "SIGTERM")
--stop-timeout Timeout (in seconds) to stop a container
-t, --tty Allocate a pseudo-TTY
-v, --volume Bind mount a volume

rm

作用：删除容器。

示例：

bash 复制代码

root@ubuntu2404:~# nerdctl container rm 249c162d8db6
249c162d8db6
root@ubuntu2404:~# nerdctl container ls -a
CONTAINER ID    IMAGE    COMMAND    CREATED    STATUS    PORTS    NAMES

prune

作用：删除所有未运行的容器。

示例：

bash 复制代码

root@ubuntu2404:~# nerdctl container run ubuntu
root@ubuntu2404:~# nerdctl container run ubuntu
root@ubuntu2404:~# nerdctl container ls -a
CONTAINER ID    IMAGE                              COMMAND        CREATED          STATUS                      PORTS    NAMES
62a3258de309    docker.io/library/ubuntu:latest    "/bin/bash"    6 seconds ago    Exited (0) 6 seconds ago             ubuntu-62a32
d84bb674f77f    docker.io/library/ubuntu:latest    "/bin/bash"    8 seconds ago    Exited (0) 7 seconds ago             ubuntu-d84bb

root@ubuntu2404:~# nerdctl container prune --force 
Deleted Containers:
62a3258de309b3e01b1108cd0ac8fcb23918cfe05ba00719d47f9c907e83a938
d84bb674f77f3731a33958dbc74e7596dacc99688b33c64512f24bd067c9a67a

rename

作用：重命名容器。

示例：

bash 复制代码

root@ubuntu2404:~# nerdctl container run --name ubuntu-1 ubuntu 
root@ubuntu2404:~# nerdctl container rename ubuntu-1 ubuntu
root@ubuntu2404:~# nerdctl container ls -a
CONTAINER ID    IMAGE                              COMMAND        CREATED           STATUS                       PORTS    NAMES
2f2aa825864f    docker.io/library/ubuntu:latest    "/bin/bash"    25 seconds ago    Exited (0) 24 seconds ago             ubuntu

root@ubuntu2404:~# nerdctl container rm ubuntu

stop 和 start

作用：停止和启动容器。

示例：

bash 复制代码

root@ubuntu2404:~# nerdctl container run -d nginx
root@ubuntu2404:~# nerdctl container ls --format "{{.Names}} {{.Status}}"
nginx-de224 Up

root@ubuntu2404:~# nerdctl container stop nginx-de224 
nginx-de224
root@ubuntu2404:~# nerdctl container ls -a --format "{{.Names}} {{.Status}}" -a
nginx-de224 Exited (0) 7 seconds ago

root@ubuntu2404:~# nerdctl container start nginx-de224 
nginx-de224
root@ubuntu2404:~# nerdctl container ls --format "{{.Names}} {{.Status}}"
nginx-de224 Up

restart

作用：重启容器。

示例：

bash 复制代码

root@ubuntu2404:~# nerdctl container restart nginx-de224

pause 和 unpause

作用：挂起和取消挂起容器。

示例：

bash 复制代码

root@ubuntu2404:~# nerdctl container pause nginx-de224 
nginx-de224
root@ubuntu2404:~# nerdctl container ls -a --format "{{.Names}} {{.Status}}"
nginx-de224 Paused

root@ubuntu2404:~# nerdctl container unpause nginx-de224 
nginx-de224
root@ubuntu2404:~# nerdctl container ls --format "{{.Names}} {{.Status}}"
nginx-de224 Up

kill

作用：给容器发信号，默认发KILL信号。

示例：

bash 复制代码

root@ubuntu2404:~# nerdctl container kill nginx-de224
root@ubuntu2404:~# nerdctl container ls -a --format "{{.Names}} {{.Status}}"
nginx-de224 Exited (137) 24 seconds ago

nerdctl管理网络

nerdctl管理nginx

bash 复制代码

[root@unubtu2204 ~ 10:17:57]# nerdctl run -d --name web --network host nginx
5a61f8abe2bb435d576035914ff4b5b33c813b297f2cebd7c866e06be1a246d3
[root@unubtu2204 ~ 10:32:47]# nerdctl logs web
/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
/docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
/docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
10-listen-on-ipv6-by-default.sh: info: Getting the checksum of /etc/nginx/conf.d/default.conf
10-listen-on-ipv6-by-default.sh: info: Enabled listen on IPv6 in /etc/nginx/conf.d/default.conf
/docker-entrypoint.sh: Sourcing /docker-entrypoint.d/15-local-resolvers.envsh
/docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh
/docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh
/docker-entrypoint.sh: Configuration complete; ready for start up
2026/06/22 02:32:47 [notice] 1#1: using the "epoll" event method
2026/06/22 02:32:47 [notice] 1#1: nginx/1.31.2
2026/06/22 02:32:47 [notice] 1#1: built by gcc 14.2.0 (Debian 14.2.0-19)
2026/06/22 02:32:47 [notice] 1#1: OS: Linux 6.8.0-31-generic
2026/06/22 02:32:47 [notice] 1#1: getrlimit(RLIMIT_NOFILE): 1048576:1048576
2026/06/22 02:32:47 [notice] 1#1: start worker processes
2026/06/22 02:32:47 [notice] 1#1: start worker process 29
2026/06/22 02:32:47 [notice] 1#1: start worker process 30
2026/06/22 02:32:47 [notice] 1#1: start worker process 31
2026/06/22 02:32:47 [notice] 1#1: start worker process 32
[root@unubtu2204 ~ 10:32:55]# ss -lntp
State     Recv-Q    Send-Q       Local Address:Port        Peer Address:Port   Process
LISTEN    0         4096            127.0.0.54:53               0.0.0.0:*       users:(("systemd-resolve",pid=656,fd=17))
LISTEN    0         511                0.0.0.0:80               0.0.0.0:*       users:(("nginx",pid=3873,fd=6),("nginx",pid=3872,fd=6),("nginx",pid=3871,fd=6),("nginx",pid=3870,fd=6),("nginx",pid=3826,fd=6))
LISTEN    0         4096         127.0.0.53%lo:53               0.0.0.0:*       users:(("systemd-resolve",pid=656,fd=15))
LISTEN    0         128              127.0.0.1:6010             0.0.0.0:*       users:(("sshd",pid=1101,fd=7))
LISTEN    0         4096             127.0.0.1:42675            0.0.0.0:*       users:(("containerd",pid=779,fd=9))
LISTEN    0         128                  [::1]:6010                [::]:*       users:(("sshd",pid=1101,fd=6))
LISTEN    0         511                   [::]:80                  [::]:*       users:(("nginx",pid=3873,fd=7),("nginx",pid=3872,fd=7),("nginx",pid=3871,fd=7),("nginx",pid=3870,fd=7),("nginx",pid=3826,fd=7))
LISTEN    0         4096                     *:22                     *:*       users:(("sshd",pid=1017,fd=3),("systemd",pid=1,fd=86))
[root@unubtu2204 ~ 10:33:05]# systemctl status nginx
Unit nginx.service could not be found.
[root@unubtu2204 ~ 10:33:16]# ls /usr/lib/systemd/system/nginx.service
ls: cannot access '/usr/lib/systemd/system/nginx.service': No such file or directory
[root@unubtu2204 ~ 10:33:46]# curl localhost
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
html { color-scheme: light dark; }
body { width: 35em; margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif; }
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, nginx is successfully installed and working.
Further configuration is required for the web server, reverse proxy,
API gateway, load balancer, content cache, or other features.</p>

<p>For online documentation and support please refer to
<a href="https://nginx.org/">nginx.org</a>.<br/>
To engage with the community please visit
<a href="https://community.nginx.org/">community.nginx.org</a>.<br/>
For enterprise grade support, professional services, additional
security features and capabilities please refer to
<a href="https://f5.com/nginx">f5.com/nginx</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>
[root@unubtu2204 ~ 10:33:54]# echo hello world from container web > index.html
[root@unubtu2204 ~ 10:34:32]# nerdctl cp index.html web:/usr/share/nginx/html
[root@unubtu2204 ~ 10:35:00]# curl localhost
hello world from container web
[root@unubtu2204 ~ 11:10:23]# nerdctl run -d -v ./index.html:/usr/share/nginx/h                                                  tml/index.html nginx
WARN[0000] expected an absolute path, got a relative path "./index.html" (allow                                                  ed for nerdctl, but disallowed for Docker, so unrecommended)
898c3324b679007e8945d25371ff65bccb3ac47cc0c48b99559d7078ef83bf01
[root@unubtu2204 ~ 11:14:38]# nerdctl exec 898c3 cat /usr/share/nginx/html/inde                                                  x.html
hello world from container web
[root@unubtu2204 ~ 11:15:19]# nerdctl container inspect 898c3
[
    {
        "Id": "898c3324b679007e8945d25371ff65bccb3ac47cc0c48b99559d7078ef83bf01                                                  ",
        "Created": "2026-06-22T03:14:38.010491254Z",
        "Path": "/docker-entrypoint.sh",
        "Args": [
            "nginx",
            "-g",
            "daemon off;"
        ],
        "State": {
            "Status": "running",
            "Running": true,
            "Paused": false,
            "Restarting": false,
            "Pid": 4555,
            "ExitCode": 0,
            "Error": "",
            "FinishedAt": "0001-01-01T00:00:00Z"
        },
        "Image": "docker.io/library/nginx:latest",
        "ResolvConfPath": "/var/lib/nerdctl/1935db59/containers/default/898c332                                                  4b679007e8945d25371ff65bccb3ac47cc0c48b99559d7078ef83bf01/resolv.conf",
        "HostnamePath": "/var/lib/nerdctl/1935db59/containers/default/898c3324b                                                  679007e8945d25371ff65bccb3ac47cc0c48b99559d7078ef83bf01/hostname",
        "LogPath": "/var/lib/nerdctl/1935db59/containers/default/898c3324b67900                                                  7e8945d25371ff65bccb3ac47cc0c48b99559d7078ef83bf01/898c3324b679007e8945d25371ff                                                  65bccb3ac47cc0c48b99559d7078ef83bf01-json.log",
        "Name": "nginx-898c3",
        "RestartCount": 0,
        "Driver": "overlayfs",
        "Platform": "linux",
        "AppArmorProfile": "nerdctl-default",
        "Mounts": [
            {
                "Type": "bind",
                "Source": "/root/index.html",
                "Destination": "/usr/share/nginx/html/index.html",
                "Mode": "",
                "RW": true,
                "Propagation": ""
            }
        ],
        "Config": {
            "Hostname": "898c3324b679",
            "AttachStdin": false,
            "Labels": {
                "io.containerd.image.config.stop-signal": "SIGQUIT",
                "nerdctl/extraHosts": "null",
                "nerdctl/hostname": "898c3324b679",
                "nerdctl/log-uri": "binary:///usr/bin/nerdctl?_NERDCTL_INTERNAL                                                  _LOGGING=%2Fvar%2Flib%2Fnerdctl%2F1935db59",
                "nerdctl/mounts": "[{\"Type\":\"bind\",\"Source\":\"/root/index                                                  .html\",\"Destination\":\"/usr/share/nginx/html/index.html\",\"Mode\":\"\",\"RW                                                  \":false,\"Propagation\":\"\"}]",
                "nerdctl/name": "nginx-898c3",
                "nerdctl/namespace": "default",
                "nerdctl/networks": "[\"bridge\"]",
                "nerdctl/platform": "linux/amd64",
                "nerdctl/state-dir": "/var/lib/nerdctl/1935db59/containers/defa                                                  ult/898c3324b679007e8945d25371ff65bccb3ac47cc0c48b99559d7078ef83bf01"
            }
        },
        "NetworkSettings": {
            "Ports": {},
            "GlobalIPv6Address": "",
            "GlobalIPv6PrefixLen": 0,
            "IPAddress": "10.4.0.10",
            "IPPrefixLen": 24,
            "MacAddress": "da:10:43:1c:ab:de",
            "Networks": {
                "unknown-eth0": {
                    "IPAddress": "10.4.0.10",
                    "IPPrefixLen": 24,
                    "GlobalIPv6Address": "",
                    "GlobalIPv6PrefixLen": 0,
                    "MacAddress": "da:10:43:1c:ab:de"
                }
            }
        }
    }
]
[root@unubtu2204 ~ 11:18:17]# nerdctl run -d -v web:/usr/share/nginx/html nginx                                                  3f18fa678620792d5af937521c221cdfaf77cab39abb2fe25a3ea83a66657224
[root@unubtu2204 ~ 11:18:59]# nerdctl volume ls
VOLUME NAME    DIRECTORY
web            /var/lib/nerdctl/1935db59/volumes/default/web/_data
[root@unubtu2204 ~ 11:19:07]# echo hello volume >/var/lib/nerdctl/1935db59/volu                                                  mes/default/web/_data/index.html
[root@unubtu2204 ~ 11:20:18]# nerdctl exec 3f18 cat /usr/share/nginx/html/index                                                  .html
hello volume
[root@unubtu2204 ~ 11:21:08]# nerdctl container inspect 3f18
[
    {
        "Id": "3f18fa678620792d5af937521c221cdfaf77cab39abb2fe25a3ea83a66657224                                                  ",
        "Created": "2026-06-22T03:18:29.432010141Z",
        "Path": "/docker-entrypoint.sh",
        "Args": [
            "nginx",
            "-g",
            "daemon off;"
        ],
        "State": {
            "Status": "running",
            "Running": true,
            "Paused": false,
            "Restarting": false,
            "Pid": 4949,
            "ExitCode": 0,
            "Error": "",
            "FinishedAt": "0001-01-01T00:00:00Z"
        },
        "Image": "docker.io/library/nginx:latest",
        "ResolvConfPath": "/var/lib/nerdctl/1935db59/containers/default/3f18fa6                                                  78620792d5af937521c221cdfaf77cab39abb2fe25a3ea83a66657224/resolv.conf",
        "HostnamePath": "/var/lib/nerdctl/1935db59/containers/default/3f18fa678                                                  620792d5af937521c221cdfaf77cab39abb2fe25a3ea83a66657224/hostname",
        "LogPath": "/var/lib/nerdctl/1935db59/containers/default/3f18fa67862079                                                  2d5af937521c221cdfaf77cab39abb2fe25a3ea83a66657224/3f18fa678620792d5af937521c22                                                  1cdfaf77cab39abb2fe25a3ea83a66657224-json.log",
        "Name": "nginx-3f18f",
        "RestartCount": 0,
        "Driver": "overlayfs",
        "Platform": "linux",
        "AppArmorProfile": "nerdctl-default",
        "Mounts": [
            {
                "Type": "volume",
                "Name": "web",
                "Source": "/var/lib/nerdctl/1935db59/volumes/default/web/_data"                                                  ,
                "Destination": "/usr/share/nginx/html",
                "Driver": "local",
                "Mode": "",
                "RW": true,
                "Propagation": ""
            }
        ],
        "Config": {
            "Hostname": "3f18fa678620",
            "AttachStdin": false,
            "Labels": {
                "io.containerd.image.config.stop-signal": "SIGQUIT",
                "nerdctl/extraHosts": "null",
                "nerdctl/hostname": "3f18fa678620",
                "nerdctl/log-uri": "binary:///usr/bin/nerdctl?_NERDCTL_INTERNAL                                                  _LOGGING=%2Fvar%2Flib%2Fnerdctl%2F1935db59",
                "nerdctl/mounts": "[{\"Type\":\"volume\",\"Name\":\"web\",\"Sou                                                  rce\":\"/var/lib/nerdctl/1935db59/volumes/default/web/_data\",\"Destination\":\                                                  "/usr/share/nginx/html\",\"Driver\":\"local\",\"Mode\":\"\",\"RW\":false,\"Prop                                                  agation\":\"\"}]",
                "nerdctl/name": "nginx-3f18f",
                "nerdctl/namespace": "default",
                "nerdctl/networks": "[\"bridge\"]",
                "nerdctl/platform": "linux/amd64",
                "nerdctl/state-dir": "/var/lib/nerdctl/1935db59/containers/defa                                                  ult/3f18fa678620792d5af937521c221cdfaf77cab39abb2fe25a3ea83a66657224"
            }
        },
        "NetworkSettings": {
            "Ports": {},
            "GlobalIPv6Address": "",
            "GlobalIPv6PrefixLen": 0,
            "IPAddress": "10.4.0.11",
            "IPPrefixLen": 24,
            "MacAddress": "1a:03:f6:5b:d6:28",
            "Networks": {
                "unknown-eth0": {
                    "IPAddress": "10.4.0.11",
                    "IPPrefixLen": 24,
                    "GlobalIPv6Address": "",
                    "GlobalIPv6PrefixLen": 0,
                    "MacAddress": "1a:03:f6:5b:d6:28"
                }
            }
        }
    }
]

管理busybox

bash 复制代码

[root@unubtu2204 ~ 10:35:54]# nerdctl run -d busybox -- sleep infinity
ab64f4fa1a9e6d0c24c68b657c51df46ac8b880c0ccbb5fa4ea2a899f7071420
[root@unubtu2204 ~ 11:08:17]# nerdctl container ls
CONTAINER ID    IMAGE                               COMMAND                   CREATED           STATUS    PORTS    NAMES
5a61f8abe2bb    docker.io/library/nginx:latest      "/docker-entrypoint...."    35 minutes ago    Up                 web
ab64f4fa1a9e    docker.io/library/busybox:latest    "sleep infinity"          6 seconds ago     Up                 busybox-ab64f
[root@unubtu2204 ~ 11:08:23]# nerdctl exec busybox-ab64f -- ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0@if11: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue qlen 1000
    link/ether 42:92:73:66:71:43 brd ff:ff:ff:ff:ff:ff
    inet 10.4.0.9/24 brd 10.4.0.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::4092:73ff:fe66:7143/64 scope link
       valid_lft forever preferred_lft forever
[root@unubtu2204 ~ 11:08:49]# nerdctl network ls
NETWORK ID      NAME      FILE
17f29b073143    bridge    /etc/cni/net.d/nerdctl-bridge.conflist
                host
                none
[root@unubtu2204 ~ 11:09:21]# nerdctl network inspect bridge
[
    {
        "Name": "bridge",
        "Id": "17f29b073143d8cd97b5bbe492bdeffec1c5fee55cc1fe2112c8b9335f8b6121",
        "IPAM": {
            "Config": [
                {
                    "Subnet": "10.4.0.0/24",
                    "Gateway": "10.4.0.1"
                }
            ]
        },
        "Labels": {
            "nerdctl/default-network": "true"
        }
    }
]
[root@unubtu2204 ~ 11:09:35]# ip addr show nerdctl0
3: nerdctl0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether e6:be:be:22:6a:d7 brd ff:ff:ff:ff:ff:ff
    inet 10.4.0.1/24 brd 10.4.0.255 scope global nerdctl0
       valid_lft forever preferred_lft forever
    inet6 fe80::e4be:beff:fe22:6ad7/64 scope link
       valid_lft forever preferred_lft forever
[root@unubtu2204 ~ 11:09:49]# apt install -y bridge-utils
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Suggested packages:
  ifupdown
The following NEW packages will be installed:
  bridge-utils
0 upgraded, 1 newly installed, 0 to remove and 262 not upgraded.
Need to get 33.9 kB of archives.
After this operation, 118 kB of additional disk space will be used.
Get:1 http://mirrors.aliyun.com/ubuntu noble/main amd64 bridge-utils amd64 1.7.1-1ubuntu2 [33.9 kB]
Fetched 33.9 kB in 1s (27.8 kB/s)
debconf: delaying package configuration, since apt-utils is not installed
Selecting previously unselected package bridge-utils.
(Reading database ... 76396 files and directories currently installed.)
Preparing to unpack .../bridge-utils_1.7.1-1ubuntu2_amd64.deb ...
Unpacking bridge-utils (1.7.1-1ubuntu2) ...
Setting up bridge-utils (1.7.1-1ubuntu2) ...
debconf: unable to initialize frontend: Dialog
debconf: (No usable dialog-like program is installed, so the dialog based frontend cannot be used. at /usr/share/perl5/Debconf/FrontEnd/Dialog.pm line 79.)
debconf: falling back to frontend: Readline
Scanning processes...
Scanning linux images...

Running kernel seems to be up-to-date.

No services need to be restarted.

No containers need to be restarted.

No user sessions are running outdated binaries.

No VM guests are running outdated hypervisor (qemu) binaries on this host.
[root@unubtu2204 ~ 11:10:06]# brctl show
bridge name     bridge id               STP enabled     interfaces
nerdctl0                8000.e6bebe226ad7       no              veth1a1e66d9
[root@unubtu2204 ~ 11:10:11]# nerdctl network
Manage networks

Usage: nerdctl network [flags]

Commands:
  create   Create a network
  inspect  Display detailed information on one or more networks
  ls       List networks
  prune    Remove all unused networks
  rm       Remove one or more networks

Flags:
  -h, --help   help for network

See also 'nerdctl --help' for the global flags such as '--namespace', '--snapshotter', and '--cgroup-manager'.

Ubuntu部署k8s

配置仓库源

bash 复制代码

[root@unubtu2204 ~ 13:59:01]# cat > /etc/apt/sources.list.d/ubuntu.sources <<'EOF'
Types: deb
URIs: http://mirrors.huaweicloud.com/ubuntu/
Suites: noble noble-updates noble-backports
Components: main restricted universe multiverse
Signed-By: /usr/share/keyrings/ubuntu-archive-keyring.gpg
EOF
[root@unubtu2204 ~ 13:59:21]# curl -fsSL https://mirrors.huaweicloud.com/docker-ce/linux/ubuntu/gpg | gpg --dearmour -o /etc/apt/trusted.gpg.d/containerd.gpg
[root@unubtu2204 ~ 13:59:45]# cat << 'EOF' > /etc/apt/sources.list.d/docker-ce.list
deb [arch=amd64] https://mirrors.huaweicloud.com/docker-ce/linux/ubuntu noble stable
EOF
[root@unubtu2204 ~ 13:59:52]# curl -fsSL https://mirrors.aliyun.com/kubernetes-new/core/stable/v1.30/deb/Release.key | gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
[root@unubtu2204 ~ 14:00:04]# echo "deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://mirrors.aliyun.com/kubernetes-new/core/stable/v1.30/deb/ /" > /etc/apt/sources.list.d/kubernetes.list
[root@unubtu2204 ~ 14:00:11]# apt update && apt install -y vim lrzsz bash-completion open-vm-tools apt-transport-https sshpass
Get:1 http://mirrors.huaweicloud.com/ubuntu noble InRelease [256 kB]
Get:2 https://mirrors.huaweicloud.com/docker-ce/linux/ubuntu noble InRelease [48.5 kB]
Get:3 http://mirrors.huaweicloud.com/ubuntu noble-updates InRelease [126 kB]
Get:4 https://mirrors.aliyun.com/kubernetes-new/core/stable/v1.30/deb  InRelease [1192 B]
Get:5 http://mirrors.huaweicloud.com/ubuntu noble-backports InRelease [126 kB]
Get:6 http://mirrors.huaweicloud.com/ubuntu noble/main amd64 Packages [1401 kB]
Get:7 https://mirrors.huaweicloud.com/docker-ce/linux/ubuntu noble/stable amd64 Packages [57.2 kB]
Get:8 https://mirrors.aliyun.com/kubernetes-new/core/stable/v1.30/deb  Packages [20.3 kB]
Get:9 http://mirrors.huaweicloud.com/ubuntu noble/main Translation-en [513 kB]
Get:10 http://mirrors.huaweicloud.com/ubuntu noble/main amd64 Components [464 kB]
Get:11 http://mirrors.huaweicloud.com/ubuntu noble/restricted amd64 Packages [93.9 kB]
Get:12 http://mirrors.huaweicloud.com/ubuntu noble/restricted Translation-en [18.7 kB]
Get:13 http://mirrors.huaweicloud.com/ubuntu noble/universe amd64 Packages [15.0 MB]
Get:14 http://mirrors.huaweicloud.com/ubuntu noble/universe Translation-en [5982 kB]
Get:15 http://mirrors.huaweicloud.com/ubuntu noble/universe amd64 Components [3871 kB]
Get:16 http://mirrors.huaweicloud.com/ubuntu noble/multiverse amd64 Packages [269 kB]
Get:17 http://mirrors.huaweicloud.com/ubuntu noble/multiverse Translation-en [118 kB]
Get:18 http://mirrors.huaweicloud.com/ubuntu noble/multiverse amd64 Components [35.0 kB]
Get:19 http://mirrors.huaweicloud.com/ubuntu noble-updates/main amd64 Packages [1031 kB]
Get:20 http://mirrors.huaweicloud.com/ubuntu noble-updates/main Translation-en [259 kB]
Get:21 http://mirrors.huaweicloud.com/ubuntu noble-updates/main amd64 Components [180 kB]
Get:22 http://mirrors.huaweicloud.com/ubuntu noble-updates/restricted amd64 Packages [1110 kB]
Get:23 http://mirrors.huaweicloud.com/ubuntu noble-updates/restricted Translation-en [251 kB]
Get:24 http://mirrors.huaweicloud.com/ubuntu noble-updates/restricted amd64 Components [212 B]
Get:25 http://mirrors.huaweicloud.com/ubuntu noble-updates/universe amd64 Packages [1656 kB]
Get:26 http://mirrors.huaweicloud.com/ubuntu noble-updates/universe Translation-en [326 kB]
Get:27 http://mirrors.huaweicloud.com/ubuntu noble-updates/universe amd64 Components [388 kB]
Get:28 http://mirrors.huaweicloud.com/ubuntu noble-updates/multiverse amd64 Packages [40.4 kB]
Get:29 http://mirrors.huaweicloud.com/ubuntu noble-updates/multiverse Translation-en [9972 B]
Get:30 http://mirrors.huaweicloud.com/ubuntu noble-updates/multiverse amd64 Components [940 B]
Get:31 http://mirrors.huaweicloud.com/ubuntu noble-backports/main amd64 Packages [40.6 kB]
Get:32 http://mirrors.huaweicloud.com/ubuntu noble-backports/main Translation-en [9172 B]
Get:33 http://mirrors.huaweicloud.com/ubuntu noble-backports/main amd64 Components [5772 B]
Get:34 http://mirrors.huaweicloud.com/ubuntu noble-backports/restricted amd64 Components [212 B]
Get:35 http://mirrors.huaweicloud.com/ubuntu noble-backports/universe amd64 Packages [31.0 kB]
Get:36 http://mirrors.huaweicloud.com/ubuntu noble-backports/universe Translation-en [18.6 kB]
Get:37 http://mirrors.huaweicloud.com/ubuntu noble-backports/universe amd64 Components [10.6 kB]
Get:38 http://mirrors.huaweicloud.com/ubuntu noble-backports/multiverse amd64 Packages [748 B]
Get:39 http://mirrors.huaweicloud.com/ubuntu noble-backports/multiverse Translation-en [340 B]
Get:40 http://mirrors.huaweicloud.com/ubuntu noble-backports/multiverse amd64 Components [212 B]
Fetched 33.8 MB in 8s (4236 kB/s)
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
261 packages can be upgraded. Run 'apt list --upgradable' to see them.
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
bash-completion is already the newest version (1:2.11-8).
The following additional packages will be installed:
  apt ethtool libapt-pkg6.0t64 libmspack0t64 libxmlsec1t64
  libxmlsec1t64-openssl libxslt1.1 vim-common vim-runtime xxd zerofree
Suggested packages:
  apt-doc aptitude | synaptic | wajig dpkg-dev powermgmt-base minicom
  open-vm-tools-desktop open-vm-tools-containerinfo open-vm-tools-salt-minion
  ctags vim-doc vim-scripts
The following NEW packages will be installed:
  apt-transport-https ethtool libmspack0t64 libxmlsec1t64
  libxmlsec1t64-openssl libxslt1.1 lrzsz open-vm-tools sshpass zerofree
The following packages will be upgraded:
  apt libapt-pkg6.0t64 vim vim-common vim-runtime xxd
6 upgraded, 10 newly installed, 0 to remove and 255 not upgraded.
Need to get 13.5 MB of archives.
After this operation, 5541 kB of additional disk space will be used.
Get:1 http://mirrors.huaweicloud.com/ubuntu noble-updates/main amd64 libapt-pkg6.0t64 amd64 2.8.3 [985 kB]
Get:2 http://mirrors.huaweicloud.com/ubuntu noble-updates/main amd64 apt amd64 2.8.3 [1376 kB]
Get:3 http://mirrors.huaweicloud.com/ubuntu noble/main amd64 libmspack0t64 amd64 0.11-1.1build1 [40.0 kB]
Get:4 http://mirrors.huaweicloud.com/ubuntu noble-updates/main amd64 libxslt1.1 amd64 1.1.39-0exp1ubuntu0.24.04.3 [168 kB]
Get:5 http://mirrors.huaweicloud.com/ubuntu noble/main amd64 libxmlsec1t64 amd64 1.2.39-5build2 [153 kB]
Get:6 http://mirrors.huaweicloud.com/ubuntu noble/main amd64 libxmlsec1t64-openssl amd64 1.2.39-5build2 [84.1 kB]
Get:7 http://mirrors.huaweicloud.com/ubuntu noble-updates/main amd64 open-vm-tools amd64 2:13.0.0-2~ubuntu0.24.04.1 [723 kB]
Get:8 http://mirrors.huaweicloud.com/ubuntu noble-updates/main amd64 vim amd64 2:9.1.0016-1ubuntu7.16 [1880 kB]
Get:9 http://mirrors.huaweicloud.com/ubuntu noble-updates/main amd64 vim-common all 2:9.1.0016-1ubuntu7.16 [388 kB]
Get:10 http://mirrors.huaweicloud.com/ubuntu noble-updates/main amd64 vim-runtime all 2:9.1.0016-1ubuntu7.16 [7280 kB]
Get:11 http://mirrors.huaweicloud.com/ubuntu noble-updates/main amd64 xxd amd64 2:9.1.0016-1ubuntu7.16 [65.3 kB]
Get:12 http://mirrors.huaweicloud.com/ubuntu noble/main amd64 ethtool amd64 1:6.7-1build1 [229 kB]
Get:13 http://mirrors.huaweicloud.com/ubuntu noble-updates/universe amd64 apt-transport-https all 2.8.3 [3970 B]
Get:14 http://mirrors.huaweicloud.com/ubuntu noble/universe amd64 lrzsz amd64 0.12.21-11build1 [78.1 kB]
Get:15 http://mirrors.huaweicloud.com/ubuntu noble/universe amd64 sshpass amd64 1.09-1 [11.7 kB]
Get:16 http://mirrors.huaweicloud.com/ubuntu noble/main amd64 zerofree amd64 1.1.1-1build5 [7888 B]
Fetched 13.5 MB in 12s (1110 kB/s)
debconf: delaying package configuration, since apt-utils is not installed
(Reading database ... 76053 files and directories currently installed.)
Preparing to unpack .../libapt-pkg6.0t64_2.8.3_amd64.deb ...
Unpacking libapt-pkg6.0t64:amd64 (2.8.3) over (2.7.14build2) ...
Setting up libapt-pkg6.0t64:amd64 (2.8.3) ...
(Reading database ... 76053 files and directories currently installed.)
Preparing to unpack .../archives/apt_2.8.3_amd64.deb ...
Unpacking apt (2.8.3) over (2.7.14build2) ...
Setting up apt (2.8.3) ...
Selecting previously unselected package libmspack0t64:amd64.
(Reading database ... 76053 files and directories currently installed.)
Preparing to unpack .../00-libmspack0t64_0.11-1.1build1_amd64.deb ...
Unpacking libmspack0t64:amd64 (0.11-1.1build1) ...
Selecting previously unselected package libxslt1.1:amd64.
Preparing to unpack .../01-libxslt1.1_1.1.39-0exp1ubuntu0.24.04.3_amd64.deb ...
Unpacking libxslt1.1:amd64 (1.1.39-0exp1ubuntu0.24.04.3) ...
Selecting previously unselected package libxmlsec1t64:amd64.
Preparing to unpack .../02-libxmlsec1t64_1.2.39-5build2_amd64.deb ...
Unpacking libxmlsec1t64:amd64 (1.2.39-5build2) ...
Selecting previously unselected package libxmlsec1t64-openssl:amd64.
Preparing to unpack .../03-libxmlsec1t64-openssl_1.2.39-5build2_amd64.deb ...
Unpacking libxmlsec1t64-openssl:amd64 (1.2.39-5build2) ...
Selecting previously unselected package open-vm-tools.
Preparing to unpack .../04-open-vm-tools_2%3a13.0.0-2~ubuntu0.24.04.1_amd64.deb ...
Unpacking open-vm-tools (2:13.0.0-2~ubuntu0.24.04.1) ...
Preparing to unpack .../05-vim_2%3a9.1.0016-1ubuntu7.16_amd64.deb ...
Unpacking vim (2:9.1.0016-1ubuntu7.16) over (2:9.1.0016-1ubuntu7) ...
Preparing to unpack .../06-vim-common_2%3a9.1.0016-1ubuntu7.16_all.deb ...
Unpacking vim-common (2:9.1.0016-1ubuntu7.16) over (2:9.1.0016-1ubuntu7) ...
Preparing to unpack .../07-vim-runtime_2%3a9.1.0016-1ubuntu7.16_all.deb ...
Unpacking vim-runtime (2:9.1.0016-1ubuntu7.16) over (2:9.1.0016-1ubuntu7) ...
Preparing to unpack .../08-xxd_2%3a9.1.0016-1ubuntu7.16_amd64.deb ...
Unpacking xxd (2:9.1.0016-1ubuntu7.16) over (2:9.1.0016-1ubuntu7) ...
Selecting previously unselected package ethtool.
Preparing to unpack .../09-ethtool_1%3a6.7-1build1_amd64.deb ...
Unpacking ethtool (1:6.7-1build1) ...
Selecting previously unselected package apt-transport-https.
Preparing to unpack .../10-apt-transport-https_2.8.3_all.deb ...
Unpacking apt-transport-https (2.8.3) ...
Selecting previously unselected package lrzsz.
Preparing to unpack .../11-lrzsz_0.12.21-11build1_amd64.deb ...
Unpacking lrzsz (0.12.21-11build1) ...
Selecting previously unselected package sshpass.
Preparing to unpack .../12-sshpass_1.09-1_amd64.deb ...
Unpacking sshpass (1.09-1) ...
Selecting previously unselected package zerofree.
Preparing to unpack .../13-zerofree_1.1.1-1build5_amd64.deb ...
Unpacking zerofree (1.1.1-1build5) ...
Setting up zerofree (1.1.1-1build5) ...
Setting up apt-transport-https (2.8.3) ...
Setting up libmspack0t64:amd64 (0.11-1.1build1) ...
Setting up sshpass (1.09-1) ...
Setting up xxd (2:9.1.0016-1ubuntu7.16) ...
Setting up vim-common (2:9.1.0016-1ubuntu7.16) ...
Setting up libxslt1.1:amd64 (1.1.39-0exp1ubuntu0.24.04.3) ...
Setting up vim-runtime (2:9.1.0016-1ubuntu7.16) ...
Setting up lrzsz (0.12.21-11build1) ...
Setting up ethtool (1:6.7-1build1) ...
Setting up vim (2:9.1.0016-1ubuntu7.16) ...
Setting up libxmlsec1t64:amd64 (1.2.39-5build2) ...
Setting up libxmlsec1t64-openssl:amd64 (1.2.39-5build2) ...
Setting up open-vm-tools (2:13.0.0-2~ubuntu0.24.04.1) ...
Created symlink /etc/systemd/system/vmtoolsd.service → /usr/lib/systemd/system/open-vm-tools.service.
Created symlink /etc/systemd/system/multi-user.target.wants/open-vm-tools.service → /usr/lib/systemd/system/open-vm-tools.service.
Created symlink /etc/systemd/system/open-vm-tools.service.requires/vgauth.service → /usr/lib/systemd/system/vgauth.service.
Processing triggers for libc-bin (2.39-0ubuntu8) ...
Scanning processes...
Scanning candidates...
Scanning linux images...

Running kernel seems to be up-to-date.

Restarting services...
 systemctl restart packagekit.service

Service restarts being deferred:
 systemctl restart unattended-upgrades.service

No containers need to be restarted.

User sessions running outdated binaries:
 root @ session #3: apt[1478], bash[1209]

No VM guests are running outdated hypervisor (qemu) binaries on this host.

设置 IP

bash 复制代码

[root@ubuntu2404 ~]# mkdir /etc/netplan/origin
[root@ubuntu2404 ~]# mv /etc/netplan/*yaml /etc/netplan/origin
[root@ubuntu2404 ~]# cat > /etc/netplan/00-static.yaml <<EOF
network:
  ethernets:
    ens33:
      dhcp4: no
      addresses:
        - 10.1.8.30/24
      routes:
        - to: default
          via: 10.1.8.2
      nameservers:
        addresses:
          - 10.1.8.2
          - 223.5.5.5
  version: 2
EOF
[root@ubuntu2404 ~]# chmod 600 /etc/netplan/00-static.yaml
[root@ubuntu2404 ~]# netplan apply

bash 复制代码

[root@unubtu2204 ~ 14:14:57]# cat << 'EOF' >> /etc/hosts

###### kubernetes #####
10.1.8.30 master30.laoma.cloud master30
10.1.8.31 worker31.laoma.cloud worker31
10.1.8.32 worker32.laoma.cloud worker32
EOF
[root@unubtu2204 ~ 14:15:06]# swapoff -a && sed -i '/^.*swap/d' /etc/fstab
[root@unubtu2204 ~ 14:15:11]# rm -f /swap.img
[root@unubtu2204 ~ 14:15:15]# apt-get install -y chrony
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Suggested packages:
  dnsutils
The following packages will be upgraded:
  chrony
1 upgraded, 0 newly installed, 0 to remove and 254 not upgraded.
Need to get 316 kB of archives.
After this operation, 0 B of additional disk space will be used.
Get:1 http://mirrors.huaweicloud.com/ubuntu noble-updates/main amd64 chrony amd64 4.5-1ubuntu4.2 [316 kB]
Fetched 316 kB in 16s (19.3 kB/s)
debconf: delaying package configuration, since apt-utils is not installed
(Reading database ... 76277 files and directories currently installed.)
Preparing to unpack .../chrony_4.5-1ubuntu4.2_amd64.deb ...
Unpacking chrony (4.5-1ubuntu4.2) over (4.5-1ubuntu4) ...
Setting up chrony (4.5-1ubuntu4.2) ...
Installing new version of config file /etc/apparmor.d/usr.sbin.chronyd ...
debconf: unable to initialize frontend: Dialog
debconf: (No usable dialog-like program is installed, so the dialog based frontend cannot be used. at /usr/share/perl5/Debconf/FrontEnd/Dialog.pm line 79.)
debconf: falling back to frontend: Readline
debconf: unable to initialize frontend: Dialog
debconf: (No usable dialog-like program is installed, so the dialog based frontend cannot be used. at /usr/share/perl5/Debconf/FrontEnd/Dialog.pm line 79.)
debconf: falling back to frontend: Readline
Scanning processes...
Scanning candidates...
Scanning linux images...

Running kernel seems to be up-to-date.

Restarting services...

Service restarts being deferred:
 systemctl restart unattended-upgrades.service

No containers need to be restarted.

No user sessions are running outdated binaries.

No VM guests are running outdated hypervisor (qemu) binaries on this host.
[root@unubtu2204 ~ 14:15:43]# echo 'UseDNS no' >> /etc/ssh/sshd_config
[root@unubtu2204 ~ 14:15:49]# echo 'StrictHostKeyChecking no' >> /etc/ssh/ssh_config
[root@unubtu2204 ~ 14:15:54]# ssh-keygen -N '' -f ~/.ssh/id_rsa -t rsa
Generating public/private rsa key pair.
Your identification has been saved in /root/.ssh/id_rsa
Your public key has been saved in /root/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:EKS5jgVzU6sK9H3p68/5ccM8+gK6pZbnbdt0crQQ4aY root@unubtu2204
The key's randomart image is:
+---[RSA 3072]----+
|     .+      .   |
|     + o    . .  |
| .o = o      +   |
|. .+.+ ..   o .  |
|.  .+. oS  E . . |
| . =  o  .  o o .|
|  o .  .o... O + |
|       +=.oo* *  |
|      o===o=+o   |
+----[SHA256]-----+
[root@unubtu2204 ~ 14:15:59]# sshpass -p password ssh-copy-id root@localhost
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
Permission denied, please try again.
[root@unubtu2204 ~ 14:16:08]# apt install -y iptables ipvsadm ipset conntrack
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following additional packages will be installed:
  libip4tc2 libip6tc2 libipset13 libjansson4 libnetfilter-conntrack3
  libnfnetlink0 libnftables1 libnftnl11 libnl-3-200 libnl-genl-3-200 nftables
Suggested packages:
  firewalld heartbeat keepalived ldirectord
The following NEW packages will be installed:
  conntrack ipset iptables ipvsadm libip4tc2 libip6tc2 libipset13 libjansson4
  libnetfilter-conntrack3 libnfnetlink0 libnftables1 libnftnl11 libnl-3-200
  libnl-genl-3-200 nftables
0 upgraded, 15 newly installed, 0 to remove and 254 not upgraded.
Need to get 1256 kB of archives.
After this operation, 5220 kB of additional disk space will be used.
Get:1 http://mirrors.huaweicloud.com/ubuntu noble/main amd64 libip4tc2 amd64 1.8.10-3ubuntu2 [23.3 kB]
Get:2 http://mirrors.huaweicloud.com/ubuntu noble/main amd64 libip6tc2 amd64 1.8.10-3ubuntu2 [23.7 kB]
Get:3 http://mirrors.huaweicloud.com/ubuntu noble/main amd64 libnfnetlink0 amd64 1.0.2-2build1 [14.8 kB]
Get:4 http://mirrors.huaweicloud.com/ubuntu noble/main amd64 libnetfilter-conntrack3 amd64 1.0.9-6build1 [45.2 kB]
Get:5 http://mirrors.huaweicloud.com/ubuntu noble/main amd64 libnftnl11 amd64 1.2.6-2build1 [66.0 kB]
Get:6 http://mirrors.huaweicloud.com/ubuntu noble/main amd64 iptables amd64 1.8.10-3ubuntu2 [381 kB]
Get:7 http://mirrors.huaweicloud.com/ubuntu noble/main amd64 libjansson4 amd64 2.14-2build2 [32.8 kB]
Get:8 http://mirrors.huaweicloud.com/ubuntu noble-updates/main amd64 libnftables1 amd64 1.0.9-1ubuntu0.1 [359 kB]
Get:9 http://mirrors.huaweicloud.com/ubuntu noble-updates/main amd64 libnl-3-200 amd64 3.7.0-0.3build1.1 [55.7 kB]
Get:10 http://mirrors.huaweicloud.com/ubuntu noble-updates/main amd64 nftables amd64 1.0.9-1ubuntu0.1 [69.8 kB]
Get:11 http://mirrors.huaweicloud.com/ubuntu noble/main amd64 conntrack amd64 1:1.4.8-1ubuntu1 [37.9 kB]
Get:12 http://mirrors.huaweicloud.com/ubuntu noble/main amd64 libipset13 amd64 7.19-1ubuntu2 [61.5 kB]
Get:13 http://mirrors.huaweicloud.com/ubuntu noble-updates/main amd64 libnl-genl-3-200 amd64 3.7.0-0.3build1.1 [12.2 kB]
Get:14 http://mirrors.huaweicloud.com/ubuntu noble/main amd64 ipset amd64 7.19-1ubuntu2 [32.6 kB]
Get:15 http://mirrors.huaweicloud.com/ubuntu noble-updates/main amd64 ipvsadm amd64 1:1.31-1ubuntu0.1 [40.3 kB]
Fetched 1256 kB in 8s (166 kB/s)
debconf: delaying package configuration, since apt-utils is not installed
Selecting previously unselected package libip4tc2:amd64.
(Reading database ... 76277 files and directories currently installed.)
Preparing to unpack .../00-libip4tc2_1.8.10-3ubuntu2_amd64.deb ...
Unpacking libip4tc2:amd64 (1.8.10-3ubuntu2) ...
Selecting previously unselected package libip6tc2:amd64.
Preparing to unpack .../01-libip6tc2_1.8.10-3ubuntu2_amd64.deb ...
Unpacking libip6tc2:amd64 (1.8.10-3ubuntu2) ...
Selecting previously unselected package libnfnetlink0:amd64.
Preparing to unpack .../02-libnfnetlink0_1.0.2-2build1_amd64.deb ...
Unpacking libnfnetlink0:amd64 (1.0.2-2build1) ...
Selecting previously unselected package libnetfilter-conntrack3:amd64.
Preparing to unpack .../03-libnetfilter-conntrack3_1.0.9-6build1_amd64.deb ...
Unpacking libnetfilter-conntrack3:amd64 (1.0.9-6build1) ...
Selecting previously unselected package libnftnl11:amd64.
Preparing to unpack .../04-libnftnl11_1.2.6-2build1_amd64.deb ...
Unpacking libnftnl11:amd64 (1.2.6-2build1) ...
Selecting previously unselected package iptables.
Preparing to unpack .../05-iptables_1.8.10-3ubuntu2_amd64.deb ...
Unpacking iptables (1.8.10-3ubuntu2) ...
Selecting previously unselected package libjansson4:amd64.
Preparing to unpack .../06-libjansson4_2.14-2build2_amd64.deb ...
Unpacking libjansson4:amd64 (2.14-2build2) ...
Selecting previously unselected package libnftables1:amd64.
Preparing to unpack .../07-libnftables1_1.0.9-1ubuntu0.1_amd64.deb ...
Unpacking libnftables1:amd64 (1.0.9-1ubuntu0.1) ...
Selecting previously unselected package libnl-3-200:amd64.
Preparing to unpack .../08-libnl-3-200_3.7.0-0.3build1.1_amd64.deb ...
Unpacking libnl-3-200:amd64 (3.7.0-0.3build1.1) ...
Selecting previously unselected package nftables.
Preparing to unpack .../09-nftables_1.0.9-1ubuntu0.1_amd64.deb ...
Unpacking nftables (1.0.9-1ubuntu0.1) ...
Selecting previously unselected package conntrack.
Preparing to unpack .../10-conntrack_1%3a1.4.8-1ubuntu1_amd64.deb ...
Unpacking conntrack (1:1.4.8-1ubuntu1) ...
Selecting previously unselected package libipset13:amd64.
Preparing to unpack .../11-libipset13_7.19-1ubuntu2_amd64.deb ...
Unpacking libipset13:amd64 (7.19-1ubuntu2) ...
Selecting previously unselected package libnl-genl-3-200:amd64.
Preparing to unpack .../12-libnl-genl-3-200_3.7.0-0.3build1.1_amd64.deb ...
Unpacking libnl-genl-3-200:amd64 (3.7.0-0.3build1.1) ...
Selecting previously unselected package ipset.
Preparing to unpack .../13-ipset_7.19-1ubuntu2_amd64.deb ...
Unpacking ipset (7.19-1ubuntu2) ...
Selecting previously unselected package ipvsadm.
Preparing to unpack .../14-ipvsadm_1%3a1.31-1ubuntu0.1_amd64.deb ...
Unpacking ipvsadm (1:1.31-1ubuntu0.1) ...
Setting up libip4tc2:amd64 (1.8.10-3ubuntu2) ...
Setting up libip6tc2:amd64 (1.8.10-3ubuntu2) ...
Setting up libnftnl11:amd64 (1.2.6-2build1) ...
Setting up libjansson4:amd64 (2.14-2build2) ...
Setting up libipset13:amd64 (7.19-1ubuntu2) ...
Setting up libnfnetlink0:amd64 (1.0.2-2build1) ...
Setting up libnl-3-200:amd64 (3.7.0-0.3build1.1) ...
Setting up ipset (7.19-1ubuntu2) ...
Setting up libnftables1:amd64 (1.0.9-1ubuntu0.1) ...
Setting up nftables (1.0.9-1ubuntu0.1) ...
Setting up libnetfilter-conntrack3:amd64 (1.0.9-6build1) ...
Setting up libnl-genl-3-200:amd64 (3.7.0-0.3build1.1) ...
Setting up ipvsadm (1:1.31-1ubuntu0.1) ...
Setting up iptables (1.8.10-3ubuntu2) ...
update-alternatives: using /usr/sbin/iptables-legacy to provide /usr/sbin/iptables (iptables) in auto mode
update-alternatives: using /usr/sbin/ip6tables-legacy to provide /usr/sbin/ip6tables (ip6tables) in auto mode
update-alternatives: using /usr/sbin/iptables-nft to provide /usr/sbin/iptables (iptables) in auto mode
update-alternatives: using /usr/sbin/ip6tables-nft to provide /usr/sbin/ip6tables (ip6tables) in auto mode
update-alternatives: using /usr/sbin/arptables-nft to provide /usr/sbin/arptables (arptables) in auto mode
update-alternatives: using /usr/sbin/ebtables-nft to provide /usr/sbin/ebtables (ebtables) in auto mode
Setting up conntrack (1:1.4.8-1ubuntu1) ...
Processing triggers for libc-bin (2.39-0ubuntu8) ...
Scanning processes...
Scanning candidates...
Scanning linux images...

Running kernel seems to be up-to-date.

Restarting services...

Service restarts being deferred:
 systemctl restart unattended-upgrades.service

No containers need to be restarted.

No user sessions are running outdated binaries.

No VM guests are running outdated hypervisor (qemu) binaries on this host.
[root@unubtu2204 ~ 14:16:20]# modprobe overlay
[root@unubtu2204 ~ 14:16:27]# modprobe br_netfilter
[root@unubtu2204 ~ 14:16:32]# modprobe ip_vs
[root@unubtu2204 ~ 14:19:05]# modprobe ip_vs_rr
[root@unubtu2204 ~ 14:19:10]# modprobe ip_vs_wrr
[root@unubtu2204 ~ 14:19:15]# modprobe ip_vs_lc
[root@unubtu2204 ~ 14:19:19]# modprobe ip_vs_sh
[root@unubtu2204 ~ 14:19:24]# modprobe nf_conntrack
[root@unubtu2204 ~ 14:19:28]# cat > /etc/modules-load.d/k8s-net.conf << EOF
# K8s 基础网络
br_netfilter
overlay

# IPVS 必需
ip_vs
ip_vs_rr
ip_vs_wrr
ip_vs_lc
ip_vs_sh
nf_conntrack
EOF
[root@unubtu2204 ~ 14:19:39]# cat > /etc/sysctl.d/k8s.conf << 'EOF'
net.bridge.bridge-nf-call-iptables=1
net.bridge.bridge-nf-call-ip6tables=1
net.ipv4.ip_forward=1
vm.swappiness=0
EOF
[root@unubtu2204 ~ 14:19:47]# sysctl -p /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward = 1
vm.swappiness = 0
[root@unubtu2204 ~ 14:19:54]# history
    1  2026-06-22 14:15:06 cat << 'EOF' >> /etc/hosts

###### kubernetes #####
10.1.8.30 master30.laoma.cloud master30
10.1.8.31 worker31.laoma.cloud worker31
10.1.8.32 worker32.laoma.cloud worker32
EOF

    2  2026-06-22 14:15:11 swapoff -a && sed -i '/^.*swap/d' /etc/fstab
    3  2026-06-22 14:15:15 rm -f /swap.img
    4  2026-06-22 14:15:21 apt-get install -y chrony
    5  2026-06-22 14:15:49 echo 'UseDNS no' >> /etc/ssh/sshd_config
    6  2026-06-22 14:15:54 echo 'StrictHostKeyChecking no' >> /etc/ssh/ssh_config
    7  2026-06-22 14:15:58 ssh-keygen -N '' -f ~/.ssh/id_rsa -t rsa
    8  2026-06-22 14:16:03 sshpass -p password ssh-copy-id root@localhost
    9  2026-06-22 14:16:09 apt install -y iptables ipvsadm ipset conntrack
   10  2026-06-22 14:16:27 modprobe overlay
   11  2026-06-22 14:16:32 modprobe br_netfilter
   12  2026-06-22 14:19:05 modprobe ip_vs
   13  2026-06-22 14:19:10 modprobe ip_vs_rr
   14  2026-06-22 14:19:15 modprobe ip_vs_wrr
   15  2026-06-22 14:19:19 modprobe ip_vs_lc
   16  2026-06-22 14:19:24 modprobe ip_vs_sh
   17  2026-06-22 14:19:28 modprobe nf_conntrack
   18  2026-06-22 14:19:39 cat > /etc/modules-load.d/k8s-net.conf << EOF
# K8s 基础网络
br_netfilter
overlay

# IPVS 必需
ip_vs
ip_vs_rr
ip_vs_wrr
ip_vs_lc
ip_vs_sh
nf_conntrack
EOF

   19  2026-06-22 14:19:47 cat > /etc/sysctl.d/k8s.conf << 'EOF'
net.bridge.bridge-nf-call-iptables=1
net.bridge.bridge-nf-call-ip6tables=1
net.ipv4.ip_forward=1
vm.swappiness=0
EOF

   20  2026-06-22 14:19:54 sysctl -p /etc/sysctl.d/k8s.conf
   21  2026-06-22 14:19:57 history

k8s准备

bash 复制代码

[root@unubtu2204 ~ 14:19:57]# apt-get install -y containerd.io=1.7.20-1 cri-tools
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following NEW packages will be installed:
  containerd.io cri-tools
0 upgraded, 2 newly installed, 0 to remove and 254 not upgraded.
Need to get 51.8 MB of archives.
After this operation, 180 MB of additional disk space will be used.
Get:1 https://mirrors.aliyun.com/kubernetes-new/core/stable/v1.30/deb  cri-tools 1.30.1-1.1 [21.3 MB]
Get:2 https://mirrors.huaweicloud.com/docker-ce/linux/ubuntu noble/stable amd64 containerd.io amd64 1.7.20-1 [30.5 MB]
Fetched 51.8 MB in 20s (2538 kB/s)
debconf: delaying package configuration, since apt-utils is not installed
Selecting previously unselected package containerd.io.
(Reading database ... 76606 files and directories currently installed.)
Preparing to unpack .../containerd.io_1.7.20-1_amd64.deb ...
Unpacking containerd.io (1.7.20-1) ...
Selecting previously unselected package cri-tools.
Preparing to unpack .../cri-tools_1.30.1-1.1_amd64.deb ...
Unpacking cri-tools (1.30.1-1.1) ...
Setting up containerd.io (1.7.20-1) ...
Created symlink /etc/systemd/system/multi-user.target.wants/containerd.service → /usr/lib/systemd/system/containerd.service.
Setting up cri-tools (1.30.1-1.1) ...
Scanning processes...
Scanning candidates...
Scanning linux images...

Running kernel seems to be up-to-date.

Restarting services...

Service restarts being deferred:
 systemctl restart unattended-upgrades.service

No containers need to be restarted.

No user sessions are running outdated binaries.

No VM guests are running outdated hypervisor (qemu) binaries on this host.
[root@unubtu2204 ~ 14:53:29]# crictl config runtime-endpoint unix:///var/run/containerd/containerd.sock
[root@unubtu2204 ~ 14:53:31]# containerd config default > /etc/containerd/config.toml
[root@unubtu2204 ~ 14:53:37]# sed -i 's/SystemdCgroup = false/SystemdCgroup = true/' /etc/containerd/config.toml
[root@unubtu2204 ~ 14:53:43]# sed -i 's|sandbox_image = ".*"|sandbox_image = "registry.k8s.io/pause:3.9"|' /etc/containerd/config.toml
[root@unubtu2204 ~ 14:53:50]# vim /etc/containerd/config.toml
[root@unubtu2204 ~ 14:57:24]# systemctl restart containerd.service
[root@unubtu2204 ~ 14:57:31]# crictl pull busybox
Image is up to date for sha256:c6348fa86ba0fb2108c9334f5fe913ddc6d853313e655891f133a0127c30099f
[root@unubtu2204 ~ 14:58:08]# wget http://192.168.46.100/01.softwares/03.stage-3/nerdctl-1.7.7-linux-amd64.tar.gz
--2026-06-22 14:58:20--  http://192.168.46.100/01.softwares/03.stage-3/nerdctl-1.7.7-linux-amd64.tar.gz
Connecting to 192.168.46.100:80... connected.
HTTP request sent, awaiting response... 404 Not Found
2026-06-22 14:58:20 ERROR 404: Not Found.

[root@unubtu2204 ~ 14:58:20]# wget http://192.168.46.100/01.softwares/03.stage-3/nerdctl-1.7.7-linux-amd64.tar.gz
--2026-06-22 14:58:41--  http://192.168.46.100/01.softwares/03.stage-3/nerdctl-1.7.7-linux-amd64.tar.gz
Connecting to 192.168.46.100:80... connected.
HTTP request sent, awaiting response... 404 Not Found
2026-06-22 14:58:41 ERROR 404: Not Found.

[root@unubtu2204 ~ 14:58:41]# tar -xf nerdctl-1.7.7-linux-amd64.tar.gz -C /usr/bin/
tar: nerdctl-1.7.7-linux-amd64.tar.gz: Cannot open: No such file or directory
tar: Error is not recoverable: exiting now
[root@unubtu2204 ~ 15:00:07]# wget http://192.168.42.200/course-materials/softwares/stage03/nerdctl-1.7.7-linux-amd64.tar.gz
--2026-06-22 15:00:47--  http://192.168.42.200/course-materials/softwares/stage03/nerdctl-1.7.7-linux-amd64.tar.gz
Connecting to 192.168.42.200:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 9796085 (9.3M) [application/octet-stream]
Saving to: 'nerdctl-1.7.7-linux-amd64.tar.gz'

nerdctl-1.7.7-linux 100%[==================>]   9.34M  10.8MB/s    in 0.9s

2026-06-22 15:00:47 (10.8 MB/s) - 'nerdctl-1.7.7-linux-amd64.tar.gz' saved [9796085/9796085]

[root@unubtu2204 ~ 15:00:47]# tar -xf nerdctl-1.7.7-linux-amd64.tar.gz -C /usr/bin/
[root@unubtu2204 ~ 15:01:02]# wget http://192.168.42.200/course-materials/softwares/stage03/cni-plugins-linux-amd64-v1.6.0.tgz
--2026-06-22 15:01:13--  http://192.168.42.200/course-materials/softwares/stage03/cni-plugins-linux-amd64-v1.6.0.tgz
Connecting to 192.168.42.200:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 52713273 (50M) [application/octet-stream]
Saving to: 'cni-plugins-linux-amd64-v1.6.0.tgz'

cni-plugins-linux-a 100%[==================>]  50.27M  11.2MB/s    in 4.5s

2026-06-22 15:01:18 (11.1 MB/s) - 'cni-plugins-linux-amd64-v1.6.0.tgz' saved [52713273/52713273]

[root@unubtu2204 ~ 15:01:18]# mkdir -p /opt/cni/bin
[root@unubtu2204 ~ 15:01:27]# tar -xf cni-plugins-linux-amd64-v1.6.0.tgz -C /opt/cni/bin
[root@unubtu2204 ~ 15:01:38]# mkdir -p /etc/containerd/certs.d/docker.io
[root@unubtu2204 ~ 15:01:51]# cat > /etc/containerd/certs.d/docker.io/hosts.toml << EOF
server = "https://registry-1.docker.io"
[host."https://09def58152000fc00ff0c00057bad7e0.mirror.swr.myhuaweicloud.com"]
  capabilities = ["pull", "resolve"]
EOF
[root@unubtu2204 ~ 15:02:01]# mkdir -p /etc/containerd/certs.d/registry.k8s.io
[root@unubtu2204 ~ 15:03:00]# cat > /etc/containerd/certs.d/registry.k8s.io/hosts.toml << EOF
server = "https://registry.k8s.io"
[host."https://k8s.m.daocloud.io"]
  capabilities = ["pull", "resolve"]
[host."https://k8s.mirrorify.net"]
  capabilities = ["pull", "resolve"]
[host."https://registry.cn-hangzhou.aliyuncs.com/google_containers"]
  capabilities = ["pull", "resolve"]
  override_path = true
EOF                                              resolved       |++++++++++++++++++++++++++++++++++++++|
index-sha256:42f2d24ae18df9b5251d1cc45548085656d2335e9338fd150a24e415462d151f:    done           |++++++++++++++++++++++++++++++++++++++|
manifest-sha256:c85f13d520611b398cf6ffb0f75c894173d238401b58b1fb9b989cd1149fbe5registry.k8s.io/pause:3.9:                                                        resolved       |++++++++++++++++++++++++++++++++++++++|
index-sha256:7031c1b283388d2c2e09b57badb803c05ebed362dc88d84b480cc47f72a21097:    done           |++++++++++++++++++++++++++++++++++++++|
manifest-sha256:8d4106c88ec0bd28001e34c975d65175d994072d65341f62a8ab0754b0fafe10: done           |++++++++++++++++++++++++++++++++++++++|
config-sha256:e6f1816883972d4be47bd48879a08919b96afcd344132622e4d444987919323c:   done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:61fec91190a0bab34406027bbec43d562218df6e80d22d4735029756f23c7007:    done           |++++++++++++++++++++++++++++++++++++++|
elapsed: 7.7 s                                                                    total:  3.8 Ki (506.0 B/s)
[root@unubtu2204 ~ 15:05:49]# nerdctl pull docker.io/library/busy
docker.io/library/busy:latest: resolving      |--------------------------------------|
elapsed: 20.5s                 total:   0.0 B (0.0 B/s)                        
^C
[root@unubtu2204 ~ 15:06:17]# apt list kubeadm -a|head

WARNING: apt does not have a stable CLI interface. Use with caution in scripts.

Listing...
kubeadm/unknown 1.30.14-1.1 amd64
kubeadm/unknown 1.30.13-1.1 amd64
kubeadm/unknown 1.30.12-1.1 amd64
kubeadm/unknown 1.30.11-1.1 amd64
kubeadm/unknown 1.30.10-1.1 amd64
kubeadm/unknown 1.30.9-1.1 amd64
kubeadm/unknown 1.30.8-1.1 amd64
kubeadm/unknown 1.30.7-1.1 amd64
kubeadm/unknown 1.30.6-1.1 amd64
[root@unubtu2204 ~ 15:06:24]# apt install -y kubeadm=1.30.2-1.1 kubelet=1.30.2-1.1 kubectl=1.30.2-1.1
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following additional packages will be installed:
  ebtables kubernetes-cni socat
The following NEW packages will be installed:
  ebtables kubeadm kubectl kubelet kubernetes-cni socat
0 upgraded, 6 newly installed, 0 to remove and 255 not upgraded.
Need to get 72.6 MB of archives.
After this operation, 285 MB of additional disk space will be used.
Get:1 http://mirrors.huaweicloud.com/ubuntu noble/main amd64 ebtables amd64 2.0.11-6build1 [88.4 kB]
Get:2 http://mirrors.huaweicloud.com/ubuntu noble/main amd64 socat amd64 1.8.0.0-4build3 [374 kB]
Get:3 https://mirrors.aliyun.com/kubernetes-new/core/stable/v1.30/deb  kubeadm 1.30.2-1.1 [10.4 MB]
Get:4 https://mirrors.aliyun.com/kubernetes-new/core/stable/v1.30/deb  kubectl 1.30.2-1.1 [10.8 MB]
Get:5 https://mirrors.aliyun.com/kubernetes-new/core/stable/v1.30/deb  kubernetes-cni 1.4.0-1.1 [32.9 MB]
Get:6 https://mirrors.aliyun.com/kubernetes-new/core/stable/v1.30/deb  kubelet 1.30.2-1.1 [18.1 MB]
Fetched 72.6 MB in 1min 22s (881 kB/s)
debconf: delaying package configuration, since apt-utils is not installed
Selecting previously unselected package ebtables.
(Reading database ... 76626 files and directories currently installed.)
Preparing to unpack .../0-ebtables_2.0.11-6build1_amd64.deb ...
Unpacking ebtables (2.0.11-6build1) ...
Selecting previously unselected package kubeadm.
Preparing to unpack .../1-kubeadm_1.30.2-1.1_amd64.deb ...
Unpacking kubeadm (1.30.2-1.1) ...
Selecting previously unselected package kubectl.
Preparing to unpack .../2-kubectl_1.30.2-1.1_amd64.deb ...
Unpacking kubectl (1.30.2-1.1) ...
Selecting previously unselected package kubernetes-cni.
Preparing to unpack .../3-kubernetes-cni_1.4.0-1.1_amd64.deb ...
Unpacking kubernetes-cni (1.4.0-1.1) ...
Selecting previously unselected package socat.
Preparing to unpack .../4-socat_1.8.0.0-4build3_amd64.deb ...
Unpacking socat (1.8.0.0-4build3) ...
Selecting previously unselected package kubelet.
Preparing to unpack .../5-kubelet_1.30.2-1.1_amd64.deb ...
Unpacking kubelet (1.30.2-1.1) ...
Setting up kubeadm (1.30.2-1.1) ...
Setting up kubectl (1.30.2-1.1) ...
Setting up ebtables (2.0.11-6build1) ...
Setting up socat (1.8.0.0-4build3) ...
Setting up kubernetes-cni (1.4.0-1.1) ...
Setting up kubelet (1.30.2-1.1) ...
Scanning processes...
Scanning candidates...
Scanning linux images...

Running kernel seems to be up-to-date.

Restarting services...

Service restarts being deferred:
 systemctl restart unattended-upgrades.service

No containers need to be restarted.

No user sessions are running outdated binaries.

No VM guests are running outdated hypervisor (qemu) binaries on this host.
[root@unubtu2204 ~ 15:08:07]# systemctl enable kubelet --now

命令补全配置

bash 复制代码

[root@unubtu2204 ~ 15:08:22]# mkdir /etc/bash_completion.d
[root@unubtu2204 ~ 15:11:10]# crictl completion bash > /etc/bash_completion.d/crictl
[root@unubtu2204 ~ 15:11:15]# source /etc/bash_completion.d/crictl
[root@unubtu2204 ~ 15:11:19]# nerdctl completion bash > /etc/bash_completion.d/nerdctl
[root@unubtu2204 ~ 15:11:24]# echo 'export CONTAINERD_NAMESPACE=k8s.io' >> /etc/bash_completion.d/nerdctl
[root@unubtu2204 ~ 15:11:29]# source /etc/bash_completion.d/nerdctl
[root@unubtu2204 ~ 15:11:33]# kubectl completion bash > /etc/bash_completion.d/kubectl
[root@unubtu2204 ~ 15:11:39]# source /etc/bash_completion.d/kubectl
[root@unubtu2204 ~ 15:11:44]# kubeadm completion bash > /etc/bash_completion.d/kubeadm
[root@unubtu2204 ~ 15:11:53]# source /etc/bash_completion.d/kubeadm
init 0

关机拍快照

拉取镜像

bash 复制代码

[root@master30 ~ 16:17:49]# for image in $(kubeadm config images list --kubernetes-version=v1.30.2 --image-repository=192.168.42.201/kubernetes)
do
    nerdctl pull $image --insecure-registry
    image_new=$(echo $image |sed 's#192.168.42.201/kubernetes#registry.k8s.io#')
    echo $image_new
    nerdctl tag $image ${image_new}
    nerdctl rmi $image
done
WARN[0000] skipping verifying HTTPS certs for "192.168.42.201"
192.168.42.201/kubernetes/kube-apiserver:v1.30.2: resolving      |--------------------------------------|
elapsed: 2.0 s                                    total:   0.0 B (0.0 B/s)
INFO[0002] trying next host                              error="failed to do request: Head \"https://192.168.42.201/v2/kubernetes/kube-apiserver/manifests/v1.30.2\": dial tcp 192.168.42.201:443: connect: connection refused" host=192.168.42.201
WARN[0002] server "192.168.42.201" does not seem to support HTTPS, falling back to plain HTTP  error="failed to resolve reference192.168.42.201/kubernetes/kube-apiserver:v1.30.2: resolving      |--------------------------------------|
elapsed: 2.2 s                                    total:   0.0 B (0.0 B/s)
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
192.168.42.201/kubernetes/kube-apiserver:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
manifest-sha256:01a11eef6fabf191a2fff4cea0d89bd25e8fe30103805eefb15a6b4bd34cd7b9: done           |++++++++++++++++++++++++++++++++++++++|
config-sha256:56ce0fd9fb532bcb552ddbdbe3064189ce823a71693d97ff7a0a7a4ff6bffbbe:   done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:286c61c9a31ace5fa0b8832c8e8e30d66bf32138f2f787463235aa0071f714ea:    done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:452e9eed7ecfd0c2b44ac6fda20cee66ab98aec38ba30aa868e02445be7c8bb0:    done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:2bdf44d7aa71bf3a0da2de0563ad0e3882948d699b4991edf8c0ab44e7f26ae3:    done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:c8022d07192eddbb2a548ba83be5e412f7ba863bbba158d133c9653bb8a47768:    done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:0f8b424aa0b96c1c388a5fd4d90735604459256336853082afb61733438872b5:    done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:d557676654e572af3e3173c90e7874644207fda32cd87e9d3d66b5d7b98a7b21:    done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:1069fc2daed1aceff7232f4b8ab21200dd3d8b04f61be9da86977a34a105dfdc:    done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:d858cbc252ade14879807ff8dbc3043a26bbdb92087da98cda831ee040b172b3:    done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:9d04bc07c23f8a3ed5bc9c49427d00002e30ea6de65d1fdcedfc06413c47b5dd:    done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:3f4e2c5863480125882d92060440a5250766bce764fee10acdbac18c872e4dc7:    done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:b40161cd83fc5d470d6abe50e87aa288481b6b89137012881d74187cfbf9f502:    done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:80a8c047508ae5cd6a591060fc43422cb8e3aea1bd908d913e8f0146e2297fea:    done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:46d04dea4526b7cb9d7e4796203b46d6ecc9c1705747f2741c61602a112fb315:    done           |++++++++++++++++++++++++++++++++++++++|
elapsed: 6.9 s                                                                    total:  31.1 M (4.5 MiB/s)                     
registry.k8s.io/kube-apiserver:v1.30.2
Untagged: 192.168.42.201/kubernetes/kube-apiserver:v1.30.2@sha256:01a11eef6fabf191a2fff4cea0d89bd25e8fe30103805eefb15a6b4bd34cd7b9
Deleted: sha256:3d6fa0469044370439d20eaf7e0d25450e01335a93c13ba46e368d7785914c0c
Deleted: sha256:49626df344c912cfe9f8d8fcd635d301bd41127cd326914212cf2443a96cf421
Deleted: sha256:945d17be9a3e27af5ca1c671792bf1a8f2c3f4d13d3994665d95f084ed4f8a60
Deleted: sha256:4d049f83d9cf21d1f5cc0e11deaf36df02790d0e60c1a3829538fb4b61685368
Deleted: sha256:af5aa97ebe6ce1604747ec1e21af7136ded391bcabe4acef882e718a87c86bcc
Deleted: sha256:ac805962e47900b616b2f4b4584a34ac7b07d64ac1fd2c077478cf65311addcc
Deleted: sha256:bbb6cacb8c82e4da4e8143e03351e939eab5e21ce0ef333c42e637af86c5217b
Deleted: sha256:2a92d6ac9e4fcc274d5168b217ca4458a9fec6f094ead68d99c77073f08caac1
Deleted: sha256:1a73b54f556b477f0a8b939d13c504a3b4f4db71f7a09c63afbc10acb3de5849
Deleted: sha256:f4aee9e53c42a22ed82451218c3ea03d1eea8d6ca8fbe8eb4e950304ba8a8bb3
Deleted: sha256:b336e209998fa5cf0eec3dabf93a21194198a35f4f75612d8da03693f8c30217
Deleted: sha256:71fb0a240fbe5c02a632688673f4eef4239621f52bbcd3a90ab4ba054551fda4
Deleted: sha256:43dd0cd3408adae3678ac5451ddff679d670698bede6c20383f6a565ff4b086e
WARN[0000] skipping verifying HTTPS certs for "192.168.42.201"
192.168.42.201/kubernetes/kube-controller-manager:v1.30.2: resolving      |--------------------------------------|
elapsed: 2.3 s                                             total:   0.0 B (0.0 B/s)
INFO[0002] trying next host                              error="failed to do request: Head \"https://192.168.42.201/v2/kubernetes/kube-controller-manager/manifests/v1.30.2\": dial tcp 192.168.42.201:443: connect: connection refused" host=192.168.42.201
WARN[0002] server "192.168.42.201" does not seem to support HTTPS, falling back to plain HTTP  error="failed to resolve reference192.168.42.201/kubernetes/kube-controller-manager:v1.30.2: resolving      |--------------------------------------|
elapsed: 2.5 s                                             total:   0.0 B (0.0 B/s)
192.168.42.201/kubernetes/kube-controller-manager:v1.30.2:                        resolved       |++++++++++++++++++++++++++++++++++++++|
manifest-sha256:7a9ddc50120162791622db19037e920f234015687650de0f80111d819e24ead7: done           |++++++++++++++++++++++++++++++++++++++|
config-sha256:e874818b3caac34f68704eb96bf248d0c8116b1262ab549d45d39dd3dd775974:   done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:2ebf876374ccb1b9ec05b523757256b7077bba84436f2d9da995b67e029d1900:    done           |++++++++++++++++++++++++++++++++++++++|
elapsed: 10.0s                                                                    total:  28.2 M (2.8 MiB/s)                     
registry.k8s.io/kube-controller-manager:v1.30.2
Untagged: 192.168.42.201/kubernetes/kube-controller-manager:v1.30.2@sha256:7a9ddc50120162791622db19037e920f234015687650de0f80111d819e24ead7
Deleted: sha256:3d6fa0469044370439d20eaf7e0d25450e01335a93c13ba46e368d7785914c0c
Deleted: sha256:49626df344c912cfe9f8d8fcd635d301bd41127cd326914212cf2443a96cf421
Deleted: sha256:945d17be9a3e27af5ca1c671792bf1a8f2c3f4d13d3994665d95f084ed4f8a60
Deleted: sha256:4d049f83d9cf21d1f5cc0e11deaf36df02790d0e60c1a3829538fb4b61685368
Deleted: sha256:af5aa97ebe6ce1604747ec1e21af7136ded391bcabe4acef882e718a87c86bcc
Deleted: sha256:ac805962e47900b616b2f4b4584a34ac7b07d64ac1fd2c077478cf65311addcc
Deleted: sha256:bbb6cacb8c82e4da4e8143e03351e939eab5e21ce0ef333c42e637af86c5217b
Deleted: sha256:2a92d6ac9e4fcc274d5168b217ca4458a9fec6f094ead68d99c77073f08caac1
Deleted: sha256:1a73b54f556b477f0a8b939d13c504a3b4f4db71f7a09c63afbc10acb3de5849
Deleted: sha256:f4aee9e53c42a22ed82451218c3ea03d1eea8d6ca8fbe8eb4e950304ba8a8bb3
Deleted: sha256:b336e209998fa5cf0eec3dabf93a21194198a35f4f75612d8da03693f8c30217
Deleted: sha256:71fb0a240fbe5c02a632688673f4eef4239621f52bbcd3a90ab4ba054551fda4
Deleted: sha256:c987983414d6ceb004956e706702857d93f520f2166ae611a216bd5a4abf5c30
WARN[0000] skipping verifying HTTPS certs for "192.168.42.201"
192.168.42.201/kubernetes/kube-scheduler:v1.30.2: resolving      |--------------------------------------|
elapsed: 1.9 s                                    total:   0.0 B (0.0 B/s)
INFO[0002] trying next host                              error="failed to do request: Head \"https://192.168.42.201/v2/kubernetes/kube-scheduler/manifests/v1.30.2\": dial tcp 192.168.42.201:443: connect: connection refused" host=192.168.42.201
WARN[0002] server "192.168.42.201" does not seem to support HTTPS, falling back to plain HTTP  error="failed to resolve reference192.168.42.201/kubernetes/kube-scheduler:v1.30.2: resolving      |--------------------------------------|
elapsed: 2.1 s                                    total:   0.0 B (0.0 B/s)
192.168.42.201/kubernetes/kube-scheduler:v1.30.2:                                 resolved       |++++++++++++++++++++++++++++++++++++++|
manifest-sha256:3de1210320a021f6a30b495fb2f1481898beb24169bbd649ac24b68337e439bc: done           |++++++++++++++++++++++++++++++++++++++|
config-sha256:7820c83aa139453522e9028341d0d4f23ca2721ec80c7a47425446d11157b940:   done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:941639163ef19b88e59a0baea9fadb4e34ba68d688680d2ce756169d7895c184:    done           |++++++++++++++++++++++++++++++++++++++|
elapsed: 3.7 s                                                                    total:  17.0 M (4.6 MiB/s)                     
registry.k8s.io/kube-scheduler:v1.30.2
Untagged: 192.168.42.201/kubernetes/kube-scheduler:v1.30.2@sha256:3de1210320a021f6a30b495fb2f1481898beb24169bbd649ac24b68337e439bc
Deleted: sha256:3d6fa0469044370439d20eaf7e0d25450e01335a93c13ba46e368d7785914c0c
Deleted: sha256:49626df344c912cfe9f8d8fcd635d301bd41127cd326914212cf2443a96cf421
Deleted: sha256:945d17be9a3e27af5ca1c671792bf1a8f2c3f4d13d3994665d95f084ed4f8a60
Deleted: sha256:4d049f83d9cf21d1f5cc0e11deaf36df02790d0e60c1a3829538fb4b61685368
Deleted: sha256:af5aa97ebe6ce1604747ec1e21af7136ded391bcabe4acef882e718a87c86bcc
Deleted: sha256:ac805962e47900b616b2f4b4584a34ac7b07d64ac1fd2c077478cf65311addcc
Deleted: sha256:bbb6cacb8c82e4da4e8143e03351e939eab5e21ce0ef333c42e637af86c5217b
Deleted: sha256:2a92d6ac9e4fcc274d5168b217ca4458a9fec6f094ead68d99c77073f08caac1
Deleted: sha256:1a73b54f556b477f0a8b939d13c504a3b4f4db71f7a09c63afbc10acb3de5849
Deleted: sha256:f4aee9e53c42a22ed82451218c3ea03d1eea8d6ca8fbe8eb4e950304ba8a8bb3
Deleted: sha256:b336e209998fa5cf0eec3dabf93a21194198a35f4f75612d8da03693f8c30217
Deleted: sha256:71fb0a240fbe5c02a632688673f4eef4239621f52bbcd3a90ab4ba054551fda4
Deleted: sha256:7ab7f34c722a2f2b5a89327623f22590e065da026d46e269d7b1607cc0b13e69
WARN[0000] skipping verifying HTTPS certs for "192.168.42.201"
192.168.42.201/kubernetes/kube-proxy:v1.30.2: resolving      |--------------------------------------|
elapsed: 2.0 s                                total:   0.0 B (0.0 B/s)
INFO[0002] trying next host                              error="failed to do request: Head \"https://192.168.42.201/v2/kubernetes/kube-proxy/manifests/v1.30.2\": dial tcp 192.168.42.201:443: connect: connection refused" host=192.168.42.201
WARN[0002] server "192.168.42.201" does not seem to support HTTPS, falling back to plain HTTP  error="failed to resolve reference192.168.42.201/kubernetes/kube-proxy:v1.30.2: resolving      |--------------------------------------|
elapsed: 2.2 s                                total:   0.0 B (0.0 B/s)
192.168.42.201/kubernetes/kube-proxy:v1.30.2:                                     resolved       |++++++++++++++++++++++++++++++++++++++|
manifest-sha256:854b9a1bb27a6b3ee8e7345f459aaed19944febdaef0a3dfda783896ee8ed961: done           |++++++++++++++++++++++++++++++++++++++|
config-sha256:53c535741fb446f6b34d720fdc5748db368ef96771111f3892682e6eab8f3772:   done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:ca0bf8d30b46cb686b3b63f434b900f2aa17084d77d84d606a8fe8638a305c36:    done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:529cf6e0a17387061836a737b20c5c53be64036bd05ef123b1bad79ffa5898ff:    done           |++++++++++++++++++++++++++++++++++++++|
elapsed: 6.1 s                                                                    total:  27.7 M (4.5 MiB/s)                     
registry.k8s.io/kube-proxy:v1.30.2
Untagged: 192.168.42.201/kubernetes/kube-proxy:v1.30.2@sha256:854b9a1bb27a6b3ee8e7345f459aaed19944febdaef0a3dfda783896ee8ed961
Deleted: sha256:7d3dbd1fd0f39cd07cd1888184ef73e6bee0320504d45517df79eec28128ce0f
Deleted: sha256:85e7372fb450704ffdd109f3e32f01329c0e4d4823ce0d2df3f381bed4fe5836
WARN[0000] skipping verifying HTTPS certs for "192.168.42.201"
192.168.42.201/kubernetes/coredns:v1.11.1: resolving      |--------------------------------------|
elapsed: 1.9 s                             total:   0.0 B (0.0 B/s)
INFO[0002] trying next host                              error="failed to do request: Head \"https://192.168.42.201/v2/kubernetes/coredns/manifests/v1.11.1\": dial tcp 192.168.42.201:443: connect: connection refused" host=192.168.42.201
WARN[0002] server "192.168.42.201" does not seem to support HTTPS, falling back to plain HTTP  error="failed to resolve reference192.168.42.201/kubernetes/coredns:v1.11.1: resolving      |--------------------------------------|
elapsed: 2.1 s                             total:   0.0 B (0.0 B/s)
INFO[0002] trying next host - response was http.StatusNotFound  host=192.168.42.201
FATA[0002] failed to resolve reference "192.168.42.201/kubernetes/coredns:v1.11.1": 192.168.42.201/kubernetes/coredns:v1.11.1: not found
registry.k8s.io/coredns:v1.11.1
FATA[0000] 192.168.42.201/kubernetes/coredns:v1.11.1: not found
FATA[0000] 1 errors:
no such image: 192.168.42.201/kubernetes/coredns:v1.11.1
WARN[0000] skipping verifying HTTPS certs for "192.168.42.201"
192.168.42.201/kubernetes/pause:3.9: resolving      |--------------------------------------|
elapsed: 1.9 s                       total:   0.0 B (0.0 B/s)
INFO[0002] trying next host                              error="failed to do request: Head \"https://192.168.42.201/v2/kubernetes/pause/manifests/3.9\": dial tcp 192.168.42.201:443: connect: connection refused" host=192.168.42.201
WARN[0002] server "192.168.42.201" does not seem to support HTTPS, falling back to plain HTTP  error="failed to resolve reference192.168.42.201/kubernetes/pause:3.9: resolving      |--------------------------------------|
elapsed: 2.1 s                       total:   0.0 B (0.0 B/s)
192.168.42.201/kubernetes/pause:3.9:                                              resolved       |++++++++++++++++++++++++++++++++++++++|
manifest-sha256:0fc1f3b764be56f7c881a69cbd553ae25a2b5523c6901fbacb8270307c29d0c4: done           |++++++++++++++++++++++++++++++++++++++|
config-sha256:e6f1816883972d4be47bd48879a08919b96afcd344132622e4d444987919323c:   done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:61fec91190a0bab34406027bbec43d562218df6e80d22d4735029756f23c7007:    done           |++++++++++++++++++++++++++++++++++++++|
elapsed: 0.2 s                                                                    total:   0.0 B (0.0 B/s)                       
registry.k8s.io/pause:3.9
Untagged: 192.168.42.201/kubernetes/pause:3.9@sha256:0fc1f3b764be56f7c881a69cbd553ae25a2b5523c6901fbacb8270307c29d0c4
Deleted: sha256:e3e5579ddd43c08e4b5c74dc12941a4ef656fab070b1087a1fd5a8a836b71e7d
WARN[0000] skipping verifying HTTPS certs for "192.168.42.201"
192.168.42.201/kubernetes/etcd:3.5.12-0: resolving      |--------------------------------------|
elapsed: 1.9 s                           total:   0.0 B (0.0 B/s)
INFO[0002] trying next host                              error="failed to do request: Head \"https://192.168.42.201/v2/kubernetes/etcd/manifests/3.5.12-0\": dial tcp 192.168.42.201:443: connect: connection refused" host=192.168.42.201
WARN[0002] server "192.168.42.201" does not seem to support HTTPS, falling back to plain HTTP  error="failed to resolve reference192.168.42.201/kubernetes/etcd:3.5.12-0: resolving      |--------------------------------------|
elapsed: 2.1 s                           total:   0.0 B (0.0 B/s)
192.168.42.201/kubernetes/etcd:3.5.12-0:                                          resolved       |++++++++++++++++++++++++++++++++++++++|
manifest-sha256:976e7fc4f6836cab4d4290a523499bbf5e070f9c946fb1e7a880eafd9bb7dfe0: done           |++++++++++++++++++++++++++++++++++++++|
config-sha256:3861cfcd7c04ccac1f062788eca39487248527ef0c0cfd477a83d7691a75a899:   done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:66bfaf1004d03639f46663c0a012f0523f18d7ae7544c5245652e5bb2e27490e:    done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:4fa131a1b726b2d6468d461e7d8867a2157d5671f712461d8abd126155fdf9ce:    done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:64c131cf9c2f6d1c6e52d1d9b0dac94dfa0b51c7e627bb4f68265ba7acec05a1:    done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:a4b233ac0d972330101cb6dacc03dc90dc14bf0db3d5560f3528b0bb78478a17:    done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:d3c894b5b2b0fa857549aeb6cbc38b038b5b2828736be37b6d9fff0b886f12fd:    done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:b40161cd83fc5d470d6abe50e87aa288481b6b89137012881d74187cfbf9f502:    exists         |++++++++++++++++++++++++++++++++++++++|
layer-sha256:fe09e3ee53d23c69e397e65622c72a24d06d07a3906237caa7bbcdc4614a3437:    done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:46ba3f23f1d3fb1440deeb279716e4377e79e61736ec2227270349b9618a0fdd:    done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:63b450eae87c42ba59c0fa815ad0e5b8cb6fb76a039cc341dbff6e744fa77a77:    done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:960043b8858c3c30f1d79dcc49adb2804fd35c2510729e67685b298b2ca746b7:    done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:eebb06941f3e57b2e40a0e9cbd798dacef9b04d89ebaa8896be5f17c976f8666:    done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:02cd68c0cbf64abe9738767877756b33f50fff5d88583fdc74b66beffa77694b:    done           |++++++++++++++++++++++++++++++++++++++|
elapsed: 9.8 s                                                                    total:  54.4 M (5.6 MiB/s)                     
registry.k8s.io/etcd:3.5.12-0
Untagged: 192.168.42.201/kubernetes/etcd:3.5.12-0@sha256:976e7fc4f6836cab4d4290a523499bbf5e070f9c946fb1e7a880eafd9bb7dfe0
Deleted: sha256:54ad2ec71039b74f7e82f020a92a8c2ca45f16a51930d539b56973a18b8ffe8d
Deleted: sha256:6fbdf253bbc2490dcfede5bdb58ca0db63ee8aff565f6ea9f918f3bce9e2d5aa
Deleted: sha256:accc3e6808c014d5e77f405d1ae74dabde9c9fc0337c9b7693d3a4f52aecfc69
Deleted: sha256:ff5700ec54186528cbae40f54c24b1a34fb7c01527beaa1232868c16e2353f52
Deleted: sha256:d52f02c6501c9c4410568f0bf6ff30d30d8290f57794c308fe36ea78393afac2
Deleted: sha256:e624a5370eca2b8266e74d179326e2a8767d361db14d13edd9fb57e408731784
Deleted: sha256:1a73b54f556b477f0a8b939d13c504a3b4f4db71f7a09c63afbc10acb3de5849
Deleted: sha256:d2d7ec0f6756eb51cf1602c6f8ac4dd811d3d052661142e0110357bf0b581457
Deleted: sha256:4cb10dd2545bd173858450b80853b850e49608260f1a0789e0d0b39edf12f500
Deleted: sha256:a9f9fc6d48bad32292928ea1091ce4546292f5b49194a7f154981e41ac3f5a00
Deleted: sha256:b48a138a7d6b00e970242e5d74d1271da11a6060fc5ba95c353e0acac11b10ad
Deleted: sha256:b4b40553581ced1053c876030eb97c996dc674b3d707b9cd2eb197a846507620
[root@master30 ~ 16:19:16]# nerdctl pull 192.168.42.201/kubernetes/coredns/coredns:v1.11.1 --insecure-registry
WARN[0000] skipping verifying HTTPS certs for "192.168.42.201"
192.168.42.201/kubernetes/coredns/coredns:v1.11.1: resolving      |--------------------------------------|
elapsed: 2.0 s                                     total:   0.0 B (0.0 B/s)
INFO[0002] trying next host                              error="failed to do request: Head \"https://192.168.42.201/v2/kubernetes/coredns/coredns/manifests/v1.11.1\": dial tcp 192.168.42.201:443: connect: connection refused" host=192.168.42.201
WARN[0002] server "192.168.42.201" does not seem to support HTTPS, falling back to plain HTTP  error="failed to resolve reference192.168.42.201/kubernetes/coredns/coredns:v1.11.1: resolving      |--------------------------------------|
elapsed: 2.2 s                                     total:   0.0 B (0.0 B/s)
192.168.42.201/kubernetes/coredns/coredns:v1.11.1:                                resolved       |++++++++++++++++++++++++++++++++++++++|
manifest-sha256:2169b3b96af988cf69d7dd69efbcc59433eb027320eb185c6110e0850b997870: done           |++++++++++++++++++++++++++++++++++++++|
config-sha256:cbb01a7bd410dc08ba382018ab909a674fb0e48687f0c00797ed5bc34fcc6bb4:   done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:b4ca4c215f483111b64ec6919f1659ff475d7080a649d6acd78a6ade562a4a63:    done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:eebb06941f3e57b2e40a0e9cbd798dacef9b04d89ebaa8896be5f17c976f8666:    exists         |++++++++++++++++++++++++++++++++++++++|
layer-sha256:c54d895c1975f6949e8b6d1457478f749f801f4622afa1336081b95b0bda5641:    done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:dd5ad9c9c29f04b41a0155c720cf5ccab28ef6d353f1fe17a06c579c70054f0a:    done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:02cd68c0cbf64abe9738767877756b33f50fff5d88583fdc74b66beffa77694b:    exists         |++++++++++++++++++++++++++++++++++++++|
layer-sha256:960043b8858c3c30f1d79dcc49adb2804fd35c2510729e67685b298b2ca746b7:    exists         |++++++++++++++++++++++++++++++++++++++|
layer-sha256:d3c894b5b2b0fa857549aeb6cbc38b038b5b2828736be37b6d9fff0b886f12fd:    exists         |++++++++++++++++++++++++++++++++++++++|
layer-sha256:4fa131a1b726b2d6468d461e7d8867a2157d5671f712461d8abd126155fdf9ce:    exists         |++++++++++++++++++++++++++++++++++++++|
layer-sha256:b40161cd83fc5d470d6abe50e87aa288481b6b89137012881d74187cfbf9f502:    exists         |++++++++++++++++++++++++++++++++++++++|
layer-sha256:860aeecad37138b467a6c41d5278c647ed77350db18b56364c29a4770e271fca:    done           |++++++++++++++++++++++++++++++++++++++|
layer-sha256:46ba3f23f1d3fb1440deeb279716e4377e79e61736ec2227270349b9618a0fdd:    exists         |++++++++++++++++++++++++++++++++++++++|
elapsed: 5.1 s                                                                    total:  17.2 M (3.4 MiB/s)                     
[root@master30 ~ 16:19:36]# nerdctl tag 192.168.42.201/kubernetes/coredns/coredns:v1.11.1 registry.k8s.io/coredns/coredns:v1.11.1
[root@master30 ~ 16:19:44]# nerdctl rmi 192.168.42.201/kubernetes/coredns/coredns:v1.11.1
Untagged: 192.168.42.201/kubernetes/coredns/coredns:v1.11.1@sha256:2169b3b96af988cf69d7dd69efbcc59433eb027320eb185c6110e0850b997870
Deleted: sha256:e023e0e48e6e29e90e519f4dd356d058ff2bffbd16e28b802f3b8f93aa4ccb17
Deleted: sha256:6fbdf253bbc2490dcfede5bdb58ca0db63ee8aff565f6ea9f918f3bce9e2d5aa
Deleted: sha256:7bea6b893187b14fc0a759fe5f8972d1292a9c0554c87cbf485f0947c26b8a05
Deleted: sha256:ff5700ec54186528cbae40f54c24b1a34fb7c01527beaa1232868c16e2353f52
Deleted: sha256:d52f02c6501c9c4410568f0bf6ff30d30d8290f57794c308fe36ea78393afac2
Deleted: sha256:e624a5370eca2b8266e74d179326e2a8767d361db14d13edd9fb57e408731784
Deleted: sha256:1a73b54f556b477f0a8b939d13c504a3b4f4db71f7a09c63afbc10acb3de5849
Deleted: sha256:d2d7ec0f6756eb51cf1602c6f8ac4dd811d3d052661142e0110357bf0b581457
Deleted: sha256:4cb10dd2545bd173858450b80853b850e49608260f1a0789e0d0b39edf12f500
Deleted: sha256:aec96fc6d10ead124cd5ccc7fad43034ed788a160f7b0dacedbc3fa4104c1005
Deleted: sha256:545a68d51bc49f2582d53441c69bfae8065d88bee14864c90bdb384de0868813
[root@master30 ~ 16:19:50]# cri
crictl              criticalstat-bpfcc
[root@master30 ~ 16:19:50]# crictl images
IMAGE                                     TAG                 IMAGE ID            SIZE
docker.io/library/busybox                 latest              c6348fa86ba0f       2.24MB
registry.k8s.io/coredns/coredns           v1.11.1             cbb01a7bd410d       18.2MB
registry.k8s.io/etcd                      3.5.12-0            3861cfcd7c04c       57.1MB
registry.k8s.io/kube-apiserver            v1.30.2             56ce0fd9fb532       32.7MB
registry.k8s.io/kube-controller-manager   v1.30.2             e874818b3caac       31MB
registry.k8s.io/kube-proxy                v1.30.2             53c535741fb44       29MB
registry.k8s.io/kube-scheduler            v1.30.2             7820c83aa1394       19.2MB
registry.k8s.io/pause                     3.9                 e6f1816883972       319kB

初始化集群

bash 复制代码

[root@master30 ~ 16:20:19]# kubeadm init --kubernetes-version=v1.30.2 --pod-network-cidr=10.224.0.0/16
[init] Using Kubernetes version: v1.30.2
[preflight] Running pre-flight checks
[preflight] Pulling images required for setting up a Kubernetes cluster
[preflight] This might take a minute or two, depending on the speed of your internet connection
[preflight] You can also perform this action in beforehand using 'kubeadm config images pull'
[certs] Using certificateDir folder "/etc/kubernetes/pki"
[certs] Generating "ca" certificate and key
[certs] Generating "apiserver" certificate and key
[certs] apiserver serving cert is signed for DNS names [kubernetes kubernetes.default kubernetes.default.svc kubernetes.default.svc.cluster.local master30.my.cloud] and IPs [10.96.0.1 10.1.8.30]
[certs] Generating "apiserver-kubelet-client" certificate and key
[certs] Generating "front-proxy-ca" certificate and key
[certs] Generating "front-proxy-client" certificate and key
[certs] Generating "etcd/ca" certificate and key
[certs] Generating "etcd/server" certificate and key
[certs] etcd/server serving cert is signed for DNS names [localhost master30.my.cloud] and IPs [10.1.8.30 127.0.0.1 ::1]
[certs] Generating "etcd/peer" certificate and key
[certs] etcd/peer serving cert is signed for DNS names [localhost master30.my.cloud] and IPs [10.1.8.30 127.0.0.1 ::1]
[certs] Generating "etcd/healthcheck-client" certificate and key
[certs] Generating "apiserver-etcd-client" certificate and key
[certs] Generating "sa" key and public key
[kubeconfig] Using kubeconfig folder "/etc/kubernetes"
[kubeconfig] Writing "admin.conf" kubeconfig file
[kubeconfig] Writing "super-admin.conf" kubeconfig file
[kubeconfig] Writing "kubelet.conf" kubeconfig file
[kubeconfig] Writing "controller-manager.conf" kubeconfig file
[kubeconfig] Writing "scheduler.conf" kubeconfig file
[etcd] Creating static Pod manifest for local etcd in "/etc/kubernetes/manifests"
[control-plane] Using manifest folder "/etc/kubernetes/manifests"
[control-plane] Creating static Pod manifest for "kube-apiserver"
[control-plane] Creating static Pod manifest for "kube-controller-manager"
[control-plane] Creating static Pod manifest for "kube-scheduler"
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[kubelet-start] Starting the kubelet
[wait-control-plane] Waiting for the kubelet to boot up the control plane as static Pods from directory "/etc/kubernetes/manifests"
[kubelet-check] Waiting for a healthy kubelet. This can take up to 4m0s
[kubelet-check] The kubelet is healthy after 502.599218ms
[api-check] Waiting for a healthy API server. This can take up to 4m0s
[api-check] The API server is healthy after 7.002034467s
[upload-config] Storing the configuration used in ConfigMap "kubeadm-config" in the "kube-system" Namespace
[kubelet] Creating a ConfigMap "kubelet-config" in namespace kube-system with the configuration for the kubelets in the cluster
[upload-certs] Skipping phase. Please see --upload-certs
[mark-control-plane] Marking the node master30.my.cloud as control-plane by adding the labels: [node-role.kubernetes.io/control-plane node.kubernetes.io/exclude-from-external-load-balancers]
[mark-control-plane] Marking the node master30.my.cloud as control-plane by adding the taints [node-role.kubernetes.io/control-plane:NoSchedule]
[bootstrap-token] Using token: m9ulw0.j3grq5woypo49oxi
[bootstrap-token] Configuring bootstrap tokens, cluster-info ConfigMap, RBAC Roles
[bootstrap-token] Configured RBAC rules to allow Node Bootstrap tokens to get nodes
[bootstrap-token] Configured RBAC rules to allow Node Bootstrap tokens to post CSRs in order for nodes to get long term certificate credentials
[bootstrap-token] Configured RBAC rules to allow the csrapprover controller automatically approve CSRs from a Node Bootstrap Token
[bootstrap-token] Configured RBAC rules to allow certificate rotation for all node client certificates in the cluster
[bootstrap-token] Creating the "cluster-info" ConfigMap in the "kube-public" namespace
[kubelet-finalize] Updating "/etc/kubernetes/kubelet.conf" to point to a rotatable kubelet client certificate and key
[addons] Applied essential addon: CoreDNS
[addons] Applied essential addon: kube-proxy

Your Kubernetes control-plane has initialized successfully!

To start using your cluster, you need to run the following as a regular user:

  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config

Alternatively, if you are the root user, you can run:

  export KUBECONFIG=/etc/kubernetes/admin.conf

You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
  https://kubernetes.io/docs/concepts/cluster-administration/addons/

Then you can join any number of worker nodes by running the following on each as root:

kubeadm join 10.1.8.30:6443 --token m9ulw0.j3grq5woypo49oxi \
        --discovery-token-ca-cert-hash sha256:24481b5ff559931f52b786c767351ec1e1f9fe5cf78b7c981fa2f07b46472548