BUG: clusterimages build error

ricardolrl commented 1 week ago

Sealos Version

sealos ：4.1.3

How to reproduce the bug?

1、sealos pull labring/kubernetes:v1.27.7,打包成tar包：kubernetes-v1.27.7.tar 2、mount至本地后修改images/shim/下DefaultImageList 将其修改为私有仓库镜像如： 192.182.xxx.xx/registry.k8s.io/coredns:v1.9.3 192.182.xxx.xx/registry.k8s.io/etcd:3.5.10-0 192.182.xxx.xx/registry.k8s.io/kube-controller-manager:v1.26.15 192.182.xxx.xx/registry.k8s.io/kube-scheduler:v1.26.15 192.182.xxx.xx/registry.k8s.io/kube-proxy:v1.26.15 192.182.xxx.xx/registry.k8s.io/pause:3.9 192.182.xxx.xx/registry.k8s.io/kube-apiserver:v1.26.15 3、删除registry目录下文件 4、修改Kubefile文件，添加label FROM scratch MAINTAINER sealos LABEL init="init-cri.sh \$registryDomain \$registryPort && bash init.sh" \ clean="clean.sh && bash clean-cri.sh \$criData" \ check="check.sh \$registryData" \ init-registry="init-registry.sh \$registryData \$registryConfig" \ clean-registry="clean-registry.sh \$registryData \$registryConfig" \ sealos.io.type="rootfs" sealos.io.version="v1beta1" version="v1.26.15" ENV criData=/var/lib/containerd \ registryData=/var/lib/registry \ registryConfig=/etc/registry \ registryDomain=192.168.xxx.xx \ registryPort=5000 \ registryUsername=admin \ registryPassword=passw0rd \ disableApparmor=false \ SEALOS_SYS_CRI_ENDPOINT=/var/run/containerd/containerd.sock \ SEALOS_SYS_IMAGE_ENDPOINT=/var/run/image-cri-shim.sock \ COPY . . 5、sealos build 6、sealos run 出现部分报错： 6.1: "PullImage from image service failed" err="rpc error: code = Unavailable desc = error reading from server: EOF" image="192.168.xxx.xx:5000/" FATA[0000] pulling image: rpc error: code = Unavailable desc = error reading from server: EOF 6.2 [preflight] Pulling images required for setting up a Kubernetes cluster [preflight] This might take a minute or two, depending on the speed of your internet connection [preflight] You can also perform this action in beforehand using 'kubeadm config images pull' I0624 15:59:50.512988 2316864 checks.go:832] using image pull policy: IfNotPresent I0624 15:59:50.531237 2316864 checks.go:849] pulling: registry.k8s.io/kube-apiserver:v1.26.15 I0624 15:59:50.625223 2316864 checks.go:849] pulling: registry.k8s.io/kube-controller-manager:v1.26.15 I0624 15:59:50.713096 2316864 checks.go:849] pulling: registry.k8s.io/kube-scheduler:v1.26.15 I0624 15:59:50.800815 2316864 checks.go:849] pulling: registry.k8s.io/kube-proxy:v1.26.15 I0624 15:59:50.883503 2316864 checks.go:849] pulling: registry.k8s.io/pause:3.9 I0624 15:59:50.970530 2316864 checks.go:849] pulling: registry.k8s.io/etcd:3.5.10-0 I0624 15:59:51.059066 2316864 checks.go:849] pulling: registry.k8s.io/coredns/coredns:v1.9.3 [preflight] Some fatal errors occurred: [ERROR ImagePull]: failed to pull image registry.k8s.io/kube-apiserver:v1.26.15: output: time="2024-06-24T15:59:50+08:00" level=fatal msg="validate service connection: validate CRI v1 image API for endpoint \"unix:///var/run/image-cri-shim.sock\": rpc error: code = Unavailable desc = connection error: desc = \"transport: Error while dialing dial unix /var/run/image-cri-shim.sock: connect: connection refused\"" , error: exit status 1 [ERROR ImagePull]: failed to pull image registry.k8s.io/kube-controller-manager:v1.26.15: output: time="2024-06-24T15:59:50+08:00" level=fatal msg="validate service connection: validate CRI v1 image API for endpoint \"unix:///var/run/image-cri-shim.sock\": rpc error: code = Unavailable desc = connection error: desc = \"transport: Error while dialing dial unix /var/run/image-cri-shim.sock: connect: connection refused\"" , error: exit status 1 [ERROR ImagePull]: failed to pull image registry.k8s.io/kube-scheduler:v1.26.15: output: time="2024-06-24T15:59:50+08:00" level=fatal msg="validate service connection: validate CRI v1 image API for endpoint \"unix:///var/run/image-cri-shim.sock\": rpc error: code = Unavailable desc = connection error: desc = \"transport: Error while dialing dial unix /var/run/image-cri-shim.sock: connect: connection refused\"" , error: exit status 1 [ERROR ImagePull]: failed to pull image registry.k8s.io/kube-proxy:v1.26.15: output: time="2024-06-24T15:59:50+08:00" level=fatal msg="validate service connection: validate CRI v1 image API for endpoint \"unix:///var/run/image-cri-shim.sock\": rpc error: code = Unavailable desc = connection error: desc = \"transport: Error while dialing dial unix /var/run/image-cri-shim.sock: connect: connection refused\"" , error: exit status 1 [ERROR ImagePull]: failed to pull image registry.k8s.io/pause:3.9: output: time="2024-06-24T15:59:50+08:00" level=fatal msg="validate service connection: validate CRI v1 image API for endpoint \"unix:///var/run/image-cri-shim.sock\": rpc error: code = Unavailable desc = connection error: desc = \"transport: Error while dialing dial unix /var/run/image-cri-shim.sock: connect: connection refused\"" , error: exit status 1 [ERROR ImagePull]: failed to pull image registry.k8s.io/etcd:3.5.10-0: output: time="2024-06-24T15:59:51+08:00" level=fatal msg="validate service connection: validate CRI v1 image API for endpoint \"unix:///var/run/image-cri-shim.sock\": rpc error: code = Unavailable desc = connection error: desc = \"transport: Error while dialing dial unix /var/run/image-cri-shim.sock: connect: connection refused\""

疑问点：为何从远端拉取镜像而不是本地内置registry，查看containerd服务发现未设置point

What is the expected behavior?

No response

What do you see instead?

No response

Operating environment

No response

Additional information

No response

bxy4543 commented 1 day ago

sealos run会启动registry的，是通过image-cri-shim socket服务来转到对应内置的registry拉取镜像，可以通过systemctl status image-cri-shim查看镜像shim 服务

sealos-ci-robot commented 1 day ago

Bot detected the issue body's language is not English, translate it automatically. 👯👭🏻🧑‍🤝‍🧑👫🧑🏿‍🤝‍🧑🏻👩🏾‍🤝‍👨🏿👬🏿

sealos run will start the registry, which uses the image-cri-shim socket service to go to the corresponding built-in registry to pull the image. You can view the image shim service through systemctl status image-cri-shim.

labring / sealos