信息介绍

主体部分使用离线包，在Ubuntu 25.04 plucky (ARM架构)上，使用sealos快速部署k8s集群。
官方教程在这里：
K8s集群管理/快速开始/下载Sealos命令行工具
K8s集群管理/快速开始/安装K8s集群
3台ubuntu虚拟机使用mac上的orbstack 建立，信息如下：

NAME          STATE    DISTRO  VERSION   ARCH   SIZE  IP
----          -----    ------  -------   ----   ----  --
k8s-master-1  running  ubuntu  plucky    arm64        198.19.249.187
k8s-node-1    running  ubuntu  plucky    arm64        198.19.249.12
k8s-node-2    running  ubuntu  plucky    arm64        198.19.249.179

大致操作过程

将所需离线包拷贝至k8s-master-1内。

sealos_5.0.1_linux_arm64.tar.gz 
# 下载地址
# https://mirror.ghproxy.com/https://github.com/labring/sealos/releases/download/v5.0.1/sealos_5.0.1_linux_arm64.tar.gz

kubernetes-docker_v1.30.14.tar
helm_v3.18.4.tar
cilium_v1.15.8.tar
# 这三个镜像可以在线拉取，拉取后可以保存为tar包，后面细说

设置root密码 （其实不需要，反正用key登录）

passwd root

解压二进制文件并拉取镜像

tar zxvf sealos_5.0.1_linux_arm64.tar.gz -C /usr/bin sealos
sealos version
sealos pull registry.cn-shanghai.aliyuncs.com/labring/kubernetes-docker:v1.30.14
sealos pull registry.cn-shanghai.aliyuncs.com/labring/helm:v3.18.4
sealos pull registry.cn-shanghai.aliyuncs.com/labring/cilium:v1.15.8
sealos images

拉取后可以保存为离线tar包

sealos save registry.cn-shanghai.aliyuncs.com/labring/kubernetes-docker:v1.30.14 -o kubernetes-docker_v1.30.14.tar
sealos save registry.cn-shanghai.aliyuncs.com/labring/helm:v3.18.4 -o helm_v3.18.4.tar
sealos save registry.cn-shanghai.aliyuncs.com/labring/cilium:v1.15.8 -o cilium_v1.15.8.tar

离线环境就可以使用tar包导入

sealos load -i kubernetes-docker_v1.30.14.tar
sealos load -i helm_v3.18.4.tar
sealos load -i cilium_v1.15.8.tar

ubuntu不自带ssh server，需要手动安装

apt update
apt install openssh-server -y
vi /etc/ssh/sshd_config

去掉PermitRootLogin prohibit-password和PubkeyAuthentication yes 前的#号
重启ssh，并配置免密登录

systemctl restart ssh
ssh-keygen
cd ~/.ssh
cat id_ed25519.pub >> authorized_keys

想办法将.ssh文件夹复制到其他两台ubuntu中
指定rsa安装

sealos run registry.cn-shanghai.aliyuncs.com/labring/kubernetes-docker:v1.30.14 registry.cn-shanghai.aliyuncs.com/labring/helm:v3.18.4 registry.cn-shanghai.aliyuncs.com/labring/cilium:v1.15.8      --masters 198.19.249.187      --nodes 198.19.249.12,198.19.249.179 -u root -i /root/.ssh/id_ed25519

报错了

198.19.249.12:22        Job for docker.service failed because the control process exited with error code.
198.19.249.12:22        See "systemctl status docker.service" and "journalctl -xeu docker.service" for details.
198.19.249.179:22       Job for docker.service failed because the control process exited with error code.
198.19.249.179:22       See "systemctl status docker.service" and "journalctl -xeu docker.service" for details.
Job for docker.service failed because the control process exited with error code.
See "systemctl status docker.service" and "journalctl -xeu docker.service" for details.
Job for docker.service failed because the control process exited with error code.
See "systemctl status docker.service" and "journalctl -xeu docker.service" for details.
198.19.249.179:22       Job for docker.service failed because the control process exited with error code.
198.19.249.179:22       See "systemctl status docker.service" and "journalctl -xeu docker.service" for details.
198.19.249.179:22        INFO [2025-08-20 22:38:03] >> Health check docker!
 INFO [2025-08-20 22:38:03] >> Health check docker!
198.19.249.12:22        Job for docker.service failed because the control process exited with error code.
198.19.249.12:22        See "systemctl status docker.service" and "journalctl -xeu docker.service" for details.
198.19.249.12:22         INFO [2025-08-20 22:38:03] >> Health check docker!
 ERROR [2025-08-20 22:38:03] >> docker status is error
198.19.249.179:22        ERROR [2025-08-20 22:38:03] >> docker status is error
 ERROR [2025-08-20 22:38:03] >> ====init docker failed!====
198.19.249.179:22        ERROR [2025-08-20 22:38:03] >> ====init docker failed!====
198.19.249.12:22         ERROR [2025-08-20 22:38:03] >> docker status is error
198.19.249.12:22         ERROR [2025-08-20 22:38:03] >> ====init docker failed!====
2025-08-20T22:38:03 error Applied to cluster error: exit status 1
Error: exit status 1

看一下docker报的错误

journalctl -xeu docker.service

主要错误如下

could not change group /var/run/docker.sock to docker: group docker not found
failed to find iptables" error="exec: \"iptables\": executable file not found in $PATH

那么原因很简单，没有docker用户组，没有安装iptables，简单处理下，并回滚安装

groupadd docker
apt install iptables -y
sealos reset

重新安装

sealos run registry.cn-shanghai.aliyuncs.com/labring/kubernetes-docker:v1.30.14 registry.cn-shanghai.aliyuncs.com/labring/helm:v3.18.4 registry.cn-shanghai.aliyuncs.com/labring/cilium:v1.15.8      --masters 198.19.249.187      --nodes 198.19.249.12,198.19.249.179 -u root -i /root/.ssh/id_ed25519

这次安装成功了

kubectl get node -o wide
NAME           STATUS   ROLES           AGE   VERSION    INTERNAL-IP      EXTERNAL-IP   OS-IMAGE       KERNEL-VERSION                         CONTAINER-RUNTIME
k8s-master-1   Ready    control-plane   31m   v1.30.14   198.19.249.187   <none>        Ubuntu 25.04   6.14.10-orbstack-00291-g1b252bd3edea   docker://28.2.2
k8s-node-1     Ready    <none>          31m   v1.30.14   198.19.249.12    <none>        Ubuntu 25.04   6.14.10-orbstack-00291-g1b252bd3edea   docker://28.2.2
k8s-node-2     Ready    <none>          31m   v1.30.14   198.19.249.179   <none>        Ubuntu 25.04   6.14.10-orbstack-00291-g1b252bd3edea   docker://28.2.2

不得不说，sealos很强，将k8s集群的安装简化到如此程度，很佩服。