K
Q

kubeadm init issue - cannot execute 'docker info'

9/8/2019

I was trying to setup a Kubernetes cluster on a RHEL 7 machine. When trying to initialize a Kubernetes control-plane node, I'm facing issue while running the below kubeadm init command:

[root@spsvm ~]# swapoff -a
[root@spsvm ~]# kubeadm init
[init] Using Kubernetes version: v1.15.3
[preflight] Running pre-flight checks
        [WARNING HTTPProxy]: Connection to "https://15.153.133.183" uses proxy "http://16.167.28.199:8080". If that is not intended, adjust your proxy settings
        [WARNING HTTPProxyCIDR]: connection to "10.96.0.0/12" uses proxy "http://16.167.28.199:8080". This may lead to malfunctional cluster setup. Make sure that Pod and Services IP ranges specified correctly as exceptions in proxy configuration
error execution phase preflight: [preflight] Some fatal errors occurred:
        [ERROR IsDockerSystemdCheck]: cannot execute 'docker info': exit status 125
[preflight] If you know what you are doing, you can make a check non-fatal with `--ignore-preflight-errors=...`
[root@spsvm ~]#

Tried running the above command with more verbosity using the 'v' switch

[root@spsvm downloads]# kubeadm init --v=5
I0908 06:44:50.424152  175092 initconfiguration.go:105] detected and using CRI socket: /var/run/dockershim.sock
I0908 06:44:50.424335  175092 interface.go:384] Looking for default routes with IPv4 addresses
I0908 06:44:50.424342  175092 interface.go:389] Default route transits interface "ens192"
I0908 06:44:50.424449  175092 interface.go:196] Interface ens192 is up
I0908 06:44:50.424485  175092 interface.go:244] Interface "ens192" has 2 addresses :[15.153.133.183/23 fe80::20c:29ff:fe06:bddb/64].
I0908 06:44:50.424502  175092 interface.go:211] Checking addr  15.153.133.183/23.
I0908 06:44:50.424509  175092 interface.go:218] IP found 15.153.133.183
I0908 06:44:50.424516  175092 interface.go:250] Found valid IPv4 address 15.153.133.183 for interface "ens192".
I0908 06:44:50.424521  175092 interface.go:395] Found active IP 15.153.133.183
I0908 06:44:50.424570  175092 version.go:179] fetching Kubernetes version from URL: https://dl.k8s.io/release/stable-1.txt
I0908 06:44:51.470749  175092 feature_gate.go:216] feature gates: &{map[]}
[init] Using Kubernetes version: v1.15.3
[preflight] Running pre-flight checks
I0908 06:44:51.470982  175092 checks.go:581] validating Kubernetes and kubeadm version
I0908 06:44:51.471005  175092 checks.go:172] validating if the firewall is enabled and active
I0908 06:44:51.476824  175092 checks.go:209] validating availability of port 6443
I0908 06:44:51.476941  175092 checks.go:209] validating availability of port 10251
I0908 06:44:51.476959  175092 checks.go:209] validating availability of port 10252
I0908 06:44:51.476977  175092 checks.go:292] validating the existence of file /etc/kubernetes/manifests/kube-apiserver.yaml
I0908 06:44:51.476986  175092 checks.go:292] validating the existence of file /etc/kubernetes/manifests/kube-controller-manager.yaml
I0908 06:44:51.476992  175092 checks.go:292] validating the existence of file /etc/kubernetes/manifests/kube-scheduler.yaml
I0908 06:44:51.476998  175092 checks.go:292] validating the existence of file /etc/kubernetes/manifests/etcd.yaml
I0908 06:44:51.477006  175092 checks.go:439] validating if the connectivity type is via proxy or direct
        [WARNING HTTPProxy]: Connection to "https://<HOST IP Address>" uses proxy "http://<PROXY-SERVER>:8080". If that is not intended, adjust your proxy settings
I0908 06:44:51.477058  175092 checks.go:475] validating http connectivity to first IP address in the CIDR
        [WARNING HTTPProxyCIDR]: connection to "10.96.0.0/12" uses proxy "http://<PROXY-SERVER>:8080". This may lead to malfunctional cluster setup. Make sure that Pod and Services IP ranges specified correctly as exceptions in proxy configuration
I0908 06:44:51.477087  175092 checks.go:475] validating http connectivity to first IP address in the CIDR
I0908 06:44:51.477097  175092 checks.go:105] validating the container runtime
I0908 06:44:51.504454  175092 checks.go:131] validating if the service is enabled and active
I0908 06:44:51.524856  175092 checks.go:341] validating the contents of file /proc/sys/net/bridge/bridge-nf-call-iptables
I0908 06:44:51.524893  175092 checks.go:341] validating the contents of file /proc/sys/net/ipv4/ip_forward
I0908 06:44:51.524916  175092 checks.go:653] validating whether swap is enabled or not
I0908 06:44:51.524938  175092 checks.go:382] validating the presence of executable ip
I0908 06:44:51.524955  175092 checks.go:382] validating the presence of executable iptables
I0908 06:44:51.524968  175092 checks.go:382] validating the presence of executable mount
I0908 06:44:51.524982  175092 checks.go:382] validating the presence of executable nsenter
I0908 06:44:51.524993  175092 checks.go:382] validating the presence of executable ebtables
I0908 06:44:51.525001  175092 checks.go:382] validating the presence of executable ethtool
I0908 06:44:51.525010  175092 checks.go:382] validating the presence of executable socat
I0908 06:44:51.525019  175092 checks.go:382] validating the presence of executable tc
I0908 06:44:51.525028  175092 checks.go:382] validating the presence of executable touch
I0908 06:44:51.525038  175092 checks.go:524] running all checks
I0908 06:44:51.543276  175092 checks.go:412] checking whether the given node name is reachable using net.LookupHost
I0908 06:44:51.543437  175092 checks.go:622] validating kubelet version
I0908 06:44:51.592115  175092 checks.go:131] validating if the service is enabled and active
I0908 06:44:51.597838  175092 checks.go:209] validating availability of port 10250
I0908 06:44:51.597891  175092 checks.go:209] validating availability of port 2379
I0908 06:44:51.597908  175092 checks.go:209] validating availability of port 2380
I0908 06:44:51.597928  175092 checks.go:254] validating the existence and emptiness of directory /var/lib/etcd
error execution phase preflight: [preflight] Some fatal errors occurred:
        [ERROR IsDockerSystemdCheck]: cannot execute 'docker info': exit status 125
[preflight] If you know what you are doing, you can make a check non-fatal with `--ignore-preflight-errors=...`
[root@spsvm downloads]#

Also tried restarting the docker daemon.

[root@spsvm ~]# systemctl status docker.service
● docker.service - Docker Application Container Engine
   Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)
  Drop-In: /etc/systemd/system/docker.service.d
           └─http-proxy.conf, https-proxy.conf
   Active: active (running) since Sun 2019-09-08 06:42:41 Asia; 2h 6min ago
     Docs: http://docs.docker.com
 Main PID: 173154 (dockerd-current)
    Tasks: 28
   CGroup: /system.slice/docker.service
           ├─173154 /usr/bin/dockerd-current --add-runtime docker-runc=/usr/libexec/docker/docker-runc-current --default-runtime=docker-runc --authori...
           └─173169 /usr/bin/docker-containerd-current -l unix:///var/run/docker/libcontainerd/docker-containerd.sock --shim docker-containerd-shim --...

Sep 08 06:42:41 spsvm dockerd-current[173154]: time="2019-09-08T12:12:41.321838429+05:30" level=warning msg="Docker could not enable SELinux o... system"
Sep 08 06:42:41 spsvm dockerd-current[173154]: time="2019-09-08T12:12:41.336305582+05:30" level=info msg="Graph migration to content-addressab...seconds"
Sep 08 06:42:41 spsvm dockerd-current[173154]: time="2019-09-08T12:12:41.336782562+05:30" level=info msg="Loading containers: start."
Sep 08 06:42:41 spsvm dockerd-current[173154]: ........time="2019-09-08T12:12:41.343866103+05:30" level=info msg="Firewalld running: false"
Sep 08 06:42:41 spsvm dockerd-current[173154]: time="2019-09-08T12:12:41.419818528+05:30" level=info msg="Default bridge (docker0) is assigned...address"
Sep 08 06:42:41 spsvm dockerd-current[173154]: time="2019-09-08T12:12:41.446802255+05:30" level=info msg="Loading containers: done."
Sep 08 06:42:41 spsvm dockerd-current[173154]: time="2019-09-08T12:12:41.446846947+05:30" level=info msg="Daemon has completed initialization"
Sep 08 06:42:41 spsvm dockerd-current[173154]: time="2019-09-08T12:12:41.446859216+05:30" level=info msg="Docker daemon" commit="ec8512b/1.12....n=1.12.6
Sep 08 06:42:41 spsvm dockerd-current[173154]: time="2019-09-08T12:12:41.452889758+05:30" level=info msg="API listen on /var/run/docker.sock"
Sep 08 06:42:41 spsvm systemd[1]: Started Docker Application Container Engine.
Hint: Some lines were ellipsized, use -l to show in full.
[root@spsvm ~]#
[root@spsvm ~]# docker info
Containers: 8
 Running: 0
 Paused: 0
 Stopped: 8
Images: 49
Server Version: 1.12.6
Storage Driver: devicemapper
 Pool Name: docker-253:5-393385-pool
 Pool Blocksize: 65.54 kB
 Base Device Size: 10.74 GB
 Backing Filesystem: xfs
 Data file: /dev/loop1
 Metadata file: /dev/loop2
 Data Space Used: 2.788 GB
 Data Space Total: 107.4 GB
 Data Space Available: 27.15 GB
 Metadata Space Used: 3.555 MB
 Metadata Space Total: 2.147 GB
 Metadata Space Available: 2.144 GB
 Thin Pool Minimum Free Space: 10.74 GB
 Udev Sync Supported: true
 Deferred Removal Enabled: true
 Deferred Deletion Enabled: true
 Deferred Deleted Device Count: 0
 Data loop file: /var/lib/docker/devicemapper/devicemapper/data
 WARNING: Usage of loopback devices is strongly discouraged for production use. Use `--storage-opt dm.thinpooldev` to specify a custom block storage device.
 Metadata loop file: /var/lib/docker/devicemapper/devicemapper/metadata
 Library Version: 1.02.146-RHEL7 (2018-01-22)
Logging Driver: journald
Cgroup Driver: systemd
Plugins:
 Volume: local
 Network: host null bridge overlay
 Authorization: rhel-push-plugin
Swarm: inactive
Runtimes: docker-runc runc
Default Runtime: docker-runc
Security Options: seccomp
Kernel Version: 3.10.0-514.el7.x86_64
Operating System: Red Hat Enterprise Linux Server 7.5 (Maipo)
OSType: linux
Architecture: x86_64
Number of Docker Hooks: 3
CPUs: 8
Total Memory: 62.76 GiB
Name: spsvm
ID: X4AE:GQ3M:HUOW:HL2E:SI2N:OIF6:V6Y6:NITI:FD5Q:CFZ4:ZDUY:HFFV
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Http Proxy: http://<PROXY-SERVER>:8080
Https Proxy: https://<PROXY-SERVER>:8080
Registry: https://registry.access.redhat.com/v1/
Insecure Registries:
 127.0.0.0/8
Registries: registry.access.redhat.com (secure), docker.io (secure)
[root@spsvm ~]#

From the output of the above command, notice:

[ERROR IsDockerSystemdCheck]: cannot execute 'docker info': exit status 125

We have docker installed and the docker daemon is running. I am also able to execute various docker commands including docker info. Is this a permission issue? Not sure where else to look to solve this error reported by kubeadm?

-- Vikram K
docker
kubeadm
kubernetes

Similar Questions

Best practice for starting a service using docker images in Kubernetes cluster
Istio envoy 504 gateway timeouts after 15 seconds for outbound connections
kubernetes PVCs sharing a single PV?
Kubernetes Keycloak Gatekeeper Bad Gateway

2 Answers

9/8/2019

Your docker installation seems to be version 1.12.6, as can be seen from:

Server Version: 1.12.6

And you are trying to create a cluster with version 1.15.3:

Using Kubernetes version: v1.15.3

In Kubernetes 1.15 release notes, it is stated that the minimum supported version of Docker is bumped to 1.13.1 for kubeadm:

kubeadm: Bumped the minimum supported Docker version to 1.13.1

So, first thing I would recommend is to upgrade Docker to the most up-to-date and supported version, which is 18.09:

The list of validated docker versions remains unchanged.

The current list is 1.13.1, 17.03, 17.06, 17.09, 18.06, 18.09.

-- Utku Özdemir
Source: StackOverflow
9/8/2019

Can you try with

kubeadm init --ignore-preflight-errors=cri

Did you tried multiple times with kubeadm init if so please do kubeadm reset and try

-- JithZ
Source: StackOverflow