BUG: install crio error

[ancienter]

Sealos Version

v5.0.1,v5.1.0,v5.1.1

How to reproduce the bug?

1. openeuler22.03-lts-sp4
   2.none
   3.sealos run labring/kubernetes-crio:v1.31.14-5.1.1

[root@master-node-01 sealos]# sealos run labring/kubernetes-crio:v1.31.14-5.1.1
2025-12-25T23:18:40 info Start to create a new cluster: master [192.168.1.21], worker [], registry 192.168.1.21
2025-12-25T23:18:40 info Executing pipeline Check in CreateProcessor.
2025-12-25T23:18:40 info checker:hostname [192.168.1.21:22]
2025-12-25T23:18:40 info checker:timeSync [192.168.1.21:22]
2025-12-25T23:18:40 info checker:containerd [192.168.1.21:22]
2025-12-25T23:18:40 info Executing pipeline PreProcess in CreateProcessor.
2025-12-25T23:18:40 info Executing pipeline RunConfig in CreateProcessor.
2025-12-25T23:18:40 info Executing pipeline MountRootfs in CreateProcessor.
2025-12-25T23:18:41 info render /var/lib/sealos/data/default/rootfs/etc/99-crio.conf from /var/lib/sealos/data/default/rootfs/etc/99-crio.conf.tmpl completed
2025-12-25T23:18:41 info render /var/lib/sealos/data/default/rootfs/etc/image-cri-shim.service from /var/lib/sealos/data/default/rootfs/etc/image-cri-shim.service.tmpl completed
2025-12-25T23:18:41 info render /var/lib/sealos/data/default/rootfs/etc/image-cri-shim.yaml from /var/lib/sealos/data/default/rootfs/etc/image-cri-shim.yaml.tmpl completed
2025-12-25T23:18:41 info render /var/lib/sealos/data/default/rootfs/etc/kubelet.service from /var/lib/sealos/data/default/rootfs/etc/kubelet.service.tmpl completed
2025-12-25T23:18:41 info render /var/lib/sealos/data/default/rootfs/etc/registry.service from /var/lib/sealos/data/default/rootfs/etc/registry.service.tmpl completed
2025-12-25T23:18:41 info render /var/lib/sealos/data/default/rootfs/etc/registry.yml from /var/lib/sealos/data/default/rootfs/etc/registry.yml.tmpl completed
2025-12-25T23:18:41 info render /var/lib/sealos/data/default/rootfs/etc/registry_config.yml from /var/lib/sealos/data/default/rootfs/etc/registry_config.yml.tmpl completed
2025-12-25T23:18:41 info render /var/lib/sealos/data/default/rootfs/etc/systemd/system/kubelet.service.d/10-kubeadm.conf from /var/lib/sealos/data/default/rootfs/etc/systemd/system/kubelet.service.d/10-kubeadm.conf.tmpl completed
2025-12-25T23:18:41 info Executing pipeline MirrorRegistry in CreateProcessor.
2025-12-25T23:18:41 info trying default http mode to sync images to hosts [192.168.1.21:22]
2025-12-25T23:18:46 info Executing pipeline Bootstrap in CreateProcessor
INFO [2025-12-25 23:18:46] >> Check port kubelet port 10249..10259, reserved port 5050..5054 inuse. Please wait...
which: no crio in (/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin)
INFO [2025-12-25 23:18:46] >> check root,port,cri success
2025-12-25T23:18:46 info domain sealos.hub:192.168.1.21 append success
Created symlink /etc/systemd/system/multi-user.target.wants/registry.service → /etc/systemd/system/registry.service.
INFO [2025-12-25 23:18:46] >> Health check registry!
INFO [2025-12-25 23:18:46] >> registry is running
INFO [2025-12-25 23:18:46] >> init registry success
2025-12-25T23:18:46 info domain apiserver.cluster.local:192.168.1.21 append success
Installing CRI-O
Thu Dec 25 11:18:48 PM CST 2025
INFO [2025-12-25 23:18:48] >> username: admin, password: passw0rd, base64pwd: YWRtaW46cGFzc3cwcmQ=
Created symlink /etc/systemd/system/cri-o.service → /usr/local/lib/systemd/system/crio.service.
Created symlink /etc/systemd/system/multi-user.target.wants/crio.service → /usr/local/lib/systemd/system/crio.service.
INFO [2025-12-25 23:18:49] >> Health check crio!
INFO [2025-12-25 23:18:49] >> crio is running
INFO [2025-12-25 23:18:49] >> init crio success
INFO [2025-12-25 23:18:49] >> init crio success
Created symlink /etc/systemd/system/multi-user.target.wants/image-cri-shim.service → /etc/systemd/system/image-cri-shim.service.
INFO [2025-12-25 23:18:49] >> Health check image-cri-shim!
INFO [2025-12-25 23:18:49] >> image-cri-shim is running
INFO [2025-12-25 23:18:49] >> init shim success
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
unknown system, use default to stop firewalld

• Applying /usr/lib/sysctl.d/10-default-yama-scope.conf ...
• Applying /usr/lib/sysctl.d/50-coredump.conf ...
• Applying /usr/lib/sysctl.d/50-default.conf ...
• Applying /usr/lib/sysctl.d/50-libkcapi-optmem_max.conf ...
• Applying /etc/sysctl.d/50-libreswan.conf ...
• Applying /usr/lib/sysctl.d/50-pid-max.conf ...
• Applying /etc/sysctl.d/99-sysctl.conf ...
• Applying /etc/sysctl.conf ...
  kernel.yama.ptrace_scope = 0
  kernel.core_pattern = |/usr/lib/systemd/systemd-coredump %P %u %g %s %t %c %h
  kernel.core_pipe_limit = 16
  fs.suid_dumpable = 2
  kernel.sysrq = 16
  kernel.core_uses_pid = 1
  net.ipv4.conf.default.rp_filter = 1
  net.ipv4.conf.ens18.rp_filter = 1
  net.ipv4.conf.ens19.rp_filter = 1
  net.ipv4.conf.lo.rp_filter = 1
  net.ipv4.conf.default.accept_source_route = 0
  net.ipv4.conf.ens18.accept_source_route = 0
  net.ipv4.conf.ens19.accept_source_route = 0
  net.ipv4.conf.lo.accept_source_route = 0
  net.ipv4.conf.default.promote_secondaries = 1
  net.ipv4.conf.ens18.promote_secondaries = 1
  net.ipv4.conf.ens19.promote_secondaries = 1
  net.ipv4.conf.lo.promote_secondaries = 1
  net.ipv4.ping_group_range = 1 0
  net.core.default_qdisc = fq_codel
  fs.protected_hardlinks = 1
  fs.protected_symlinks = 1
  fs.protected_regular = 1
  fs.protected_fifos = 1
  net.core.optmem_max = 81920
  net.ipv6.conf.default.accept_redirects = 0
  net.ipv6.conf.all.accept_redirects = 0
  net.ipv4.conf.default.send_redirects = 0
  net.ipv4.conf.default.accept_redirects = 0
  net.ipv4.conf.all.send_redirects = 0
  net.ipv4.conf.all.accept_redirects = 0
  kernel.pid_max = 4194304
  kernel.sysrq = 0
  net.ipv4.ip_forward = 0
  net.ipv4.conf.all.send_redirects = 0
  net.ipv4.conf.default.send_redirects = 0
  net.ipv4.conf.all.accept_source_route = 0
  net.ipv4.conf.default.accept_source_route = 0
  net.ipv4.conf.all.accept_redirects = 0
  net.ipv4.conf.default.accept_redirects = 0
  net.ipv4.conf.all.secure_redirects = 0
  net.ipv4.conf.default.secure_redirects = 0
  net.ipv4.icmp_echo_ignore_broadcasts = 1
  net.ipv4.icmp_ignore_bogus_error_responses = 1
  net.ipv4.conf.all.rp_filter = 1
  net.ipv4.conf.default.rp_filter = 1
  net.ipv4.tcp_syncookies = 1
  kernel.dmesg_restrict = 1
  net.ipv6.conf.all.accept_redirects = 0
  net.ipv6.conf.default.accept_redirects = 0
  vm.nr_hugepages = 1024
  fs.file-max = 1048576 # sealos
  net.bridge.bridge-nf-call-ip6tables = 1 # sealos
  net.bridge.bridge-nf-call-iptables = 1 # sealos
  net.core.somaxconn = 65535 # sealos
  net.ipv4.conf.all.rp_filter = 0 # sealos
  net.ipv4.ip_forward = 1 # sealos
  net.ipv4.ip_local_port_range = 1024 65535 # sealos
  net.ipv4.tcp_keepalive_intvl = 30 # sealos
  net.ipv4.tcp_keepalive_time = 600 # sealos
  net.ipv4.vs.conn_reuse_mode = 0 # sealos
  net.ipv4.vs.conntrack = 1 # sealos
  net.ipv6.conf.all.forwarding = 1 # sealos
  vm.max_map_count = 2147483642 # sealos
  kernel.sysrq = 0
  net.ipv4.ip_forward = 0
  net.ipv4.conf.all.send_redirects = 0
  net.ipv4.conf.default.send_redirects = 0
  net.ipv4.conf.all.accept_source_route = 0
  net.ipv4.conf.default.accept_source_route = 0
  net.ipv4.conf.all.accept_redirects = 0
  net.ipv4.conf.default.accept_redirects = 0
  net.ipv4.conf.all.secure_redirects = 0
  net.ipv4.conf.default.secure_redirects = 0
  net.ipv4.icmp_echo_ignore_broadcasts = 1
  net.ipv4.icmp_ignore_bogus_error_responses = 1
  net.ipv4.conf.all.rp_filter = 1
  net.ipv4.conf.default.rp_filter = 1
  net.ipv4.tcp_syncookies = 1
  kernel.dmesg_restrict = 1
  net.ipv6.conf.all.accept_redirects = 0
  net.ipv6.conf.default.accept_redirects = 0
  vm.nr_hugepages = 1024
  fs.file-max = 1048576 # sealos
  net.bridge.bridge-nf-call-ip6tables = 1 # sealos
  net.bridge.bridge-nf-call-iptables = 1 # sealos
  net.core.somaxconn = 65535 # sealos
  net.ipv4.conf.all.rp_filter = 0 # sealos
  net.ipv4.ip_forward = 1 # sealos
  net.ipv4.ip_local_port_range = 1024 65535 # sealos
  net.ipv4.tcp_keepalive_intvl = 30 # sealos
  net.ipv4.tcp_keepalive_time = 600 # sealos
  net.ipv4.vs.conn_reuse_mode = 0 # sealos
  net.ipv4.vs.conntrack = 1 # sealos
  net.ipv6.conf.all.forwarding = 1 # sealos
  vm.max_map_count = 2147483642 # sealos
  INFO [2025-12-25 23:18:49] >> pull pause image sealos.hub:5000/pause:3.10
  Image is up to date for sealos.hub:5000/pause@sha256:7c38f24774e3cbd906d2d33c38354ccf787635581c122965132c9bd309754d4a
  Created symlink /etc/systemd/system/multi-user.target.wants/kubelet.service → /etc/systemd/system/kubelet.service.
  INFO [2025-12-25 23:18:50] >> init kubelet success
  INFO [2025-12-25 23:18:50] >> init rootfs success
  2025-12-25T23:18:50 info Executing pipeline Init in CreateProcessor.
  2025-12-25T23:18:50 error Applied to cluster error: failed to init masters: generate init config error: exit status 1
  Error: failed to init masters: generate init config error: exit status 1

What is the expected behavior?

No response

What do you see instead?

No response

Operating environment

- Sealos version:
- Docker version:
- Kubernetes version:
- Operating system:
- Runtime environment:
- Cluster size:
- Additional information:

Additional information

No response

[ancienter]

[root@master-node-01 sealos]# sealos run labring/kubernetes-crio:v1.31.14-5.1.1 --debug
2025-12-25T23:23:48 debug using file /etc/containers/storage.conf as container storage config
2025-12-25T23:23:48 debug creating new cluster
2025-12-25T23:23:48 debug defaultPort: 22
2025-12-25T23:23:48 info Start to create a new cluster: master [192.168.1.21], worker [], registry 192.168.1.21
2025-12-25T23:23:48 info Executing pipeline Check in CreateProcessor.
2025-12-25T23:23:48 info checker:hostname [192.168.1.21:22]
2025-12-25T23:23:48 info checker:timeSync [192.168.1.21:22]
2025-12-25T23:23:48 info checker:containerd [192.168.1.21:22]
2025-12-25T23:23:48 info Executing pipeline PreProcess in CreateProcessor.
2025-12-25T23:23:48 debug parse reference a69c6810ff78ff7b592867c3cedb626a72e0f8a388766d76520df6433264419e with transport containers-storage
2025-12-25T23:23:48 debug images a69c6810ff78ff7b592867c3cedb626a72e0f8a388766d76520df6433264419e are pulled
2025-12-25T23:23:48 debug Pull Policy for pull [missing]
2025-12-25T23:23:48 debug parse reference a69c6810ff78ff7b592867c3cedb626a72e0f8a388766d76520df6433264419e with transport containers-storage
2025-12-25T23:23:48 info Executing pipeline RunConfig in CreateProcessor.
2025-12-25T23:23:48 debug clusterfile config is empty!
2025-12-25T23:23:48 info Executing pipeline MountRootfs in CreateProcessor.
2025-12-25T23:23:48 debug render env dir: /var/lib/containers/storage/overlay/9f1ea8c2a0de4de050dd3504df44a13f52c4e085565fdcbfce7fef6fe24ff6fe/merged/etc
2025-12-25T23:23:48 debug render env dir: /var/lib/containers/storage/overlay/9f1ea8c2a0de4de050dd3504df44a13f52c4e085565fdcbfce7fef6fe24ff6fe/merged/scripts
2025-12-25T23:23:48 debug render env dir: /var/lib/containers/storage/overlay/9f1ea8c2a0de4de050dd3504df44a13f52c4e085565fdcbfce7fef6fe24ff6fe/merged/manifests
2025-12-25T23:23:48 debug Directory /var/lib/containers/storage/overlay/9f1ea8c2a0de4de050dd3504df44a13f52c4e085565fdcbfce7fef6fe24ff6fe/merged/manifests does not exist, skipping
2025-12-25T23:23:49 debug send mount image, target: 192.168.1.21:22, image: labring/kubernetes-crio:v1.31.14-5.1.1, type: rootfs
2025-12-25T23:23:49 debug copy files src /var/lib/containers/storage/overlay/9f1ea8c2a0de4de050dd3504df44a13f52c4e085565fdcbfce7fef6fe24ff6fe/merged/Kubefile to dst /var/lib/sealos/data/default/rootfs/Kubefile on 192.168.1.21:22 locally
2025-12-25T23:23:49 debug copy files src /var/lib/containers/storage/overlay/9f1ea8c2a0de4de050dd3504df44a13f52c4e085565fdcbfce7fef6fe24ff6fe/merged/README.md to dst /var/lib/sealos/data/default/rootfs/README.md on 192.168.1.21:22 locally
2025-12-25T23:23:49 debug copy files src /var/lib/containers/storage/overlay/9f1ea8c2a0de4de050dd3504df44a13f52c4e085565fdcbfce7fef6fe24ff6fe/merged/bin to dst /var/lib/sealos/data/default/rootfs/bin on 192.168.1.21:22 locally
2025-12-25T23:23:49 debug copy files src /var/lib/containers/storage/overlay/9f1ea8c2a0de4de050dd3504df44a13f52c4e085565fdcbfce7fef6fe24ff6fe/merged/cri to dst /var/lib/sealos/data/default/rootfs/cri on 192.168.1.21:22 locally
2025-12-25T23:23:49 debug copy files src /var/lib/containers/storage/overlay/9f1ea8c2a0de4de050dd3504df44a13f52c4e085565fdcbfce7fef6fe24ff6fe/merged/etc to dst /var/lib/sealos/data/default/rootfs/etc on 192.168.1.21:22 locally
2025-12-25T23:23:49 debug copy files src /var/lib/containers/storage/overlay/9f1ea8c2a0de4de050dd3504df44a13f52c4e085565fdcbfce7fef6fe24ff6fe/merged/images to dst /var/lib/sealos/data/default/rootfs/images on 192.168.1.21:22 locally
2025-12-25T23:23:49 debug copy files src /var/lib/containers/storage/overlay/9f1ea8c2a0de4de050dd3504df44a13f52c4e085565fdcbfce7fef6fe24ff6fe/merged/opt to dst /var/lib/sealos/data/default/rootfs/opt on 192.168.1.21:22 locally
2025-12-25T23:23:49 debug copy files src /var/lib/containers/storage/overlay/9f1ea8c2a0de4de050dd3504df44a13f52c4e085565fdcbfce7fef6fe24ff6fe/merged/scripts to dst /var/lib/sealos/data/default/rootfs/scripts on 192.168.1.21:22 locally
2025-12-25T23:23:49 debug copy files src /var/lib/containers/storage/overlay/9f1ea8c2a0de4de050dd3504df44a13f52c4e085565fdcbfce7fef6fe24ff6fe/merged/statics to dst /var/lib/sealos/data/default/rootfs/statics on 192.168.1.21:22 locally
2025-12-25T23:23:49 debug found template file /var/lib/sealos/data/default/rootfs/etc/99-crio.conf.tmpl, trying to rendering
2025-12-25T23:23:49 debug found existing file /var/lib/sealos/data/default/rootfs/etc/99-crio.conf, override it
2025-12-25T23:23:49 info render /var/lib/sealos/data/default/rootfs/etc/99-crio.conf from /var/lib/sealos/data/default/rootfs/etc/99-crio.conf.tmpl completed
2025-12-25T23:23:49 debug found template file /var/lib/sealos/data/default/rootfs/etc/image-cri-shim.service.tmpl, trying to rendering
2025-12-25T23:23:49 debug found existing file /var/lib/sealos/data/default/rootfs/etc/image-cri-shim.service, override it
2025-12-25T23:23:49 info render /var/lib/sealos/data/default/rootfs/etc/image-cri-shim.service from /var/lib/sealos/data/default/rootfs/etc/image-cri-shim.service.tmpl completed
2025-12-25T23:23:49 debug found template file /var/lib/sealos/data/default/rootfs/etc/image-cri-shim.yaml.tmpl, trying to rendering
2025-12-25T23:23:49 debug found existing file /var/lib/sealos/data/default/rootfs/etc/image-cri-shim.yaml, override it
2025-12-25T23:23:49 info render /var/lib/sealos/data/default/rootfs/etc/image-cri-shim.yaml from /var/lib/sealos/data/default/rootfs/etc/image-cri-shim.yaml.tmpl completed
2025-12-25T23:23:49 debug found template file /var/lib/sealos/data/default/rootfs/etc/kubelet.service.tmpl, trying to rendering
2025-12-25T23:23:49 debug found existing file /var/lib/sealos/data/default/rootfs/etc/kubelet.service, override it
2025-12-25T23:23:49 info render /var/lib/sealos/data/default/rootfs/etc/kubelet.service from /var/lib/sealos/data/default/rootfs/etc/kubelet.service.tmpl completed
2025-12-25T23:23:49 debug found template file /var/lib/sealos/data/default/rootfs/etc/registry.service.tmpl, trying to rendering
2025-12-25T23:23:49 debug found existing file /var/lib/sealos/data/default/rootfs/etc/registry.service, override it
2025-12-25T23:23:49 info render /var/lib/sealos/data/default/rootfs/etc/registry.service from /var/lib/sealos/data/default/rootfs/etc/registry.service.tmpl completed
2025-12-25T23:23:49 debug found template file /var/lib/sealos/data/default/rootfs/etc/registry.yml.tmpl, trying to rendering
2025-12-25T23:23:49 debug found existing file /var/lib/sealos/data/default/rootfs/etc/registry.yml, override it
2025-12-25T23:23:49 info render /var/lib/sealos/data/default/rootfs/etc/registry.yml from /var/lib/sealos/data/default/rootfs/etc/registry.yml.tmpl completed
2025-12-25T23:23:49 debug found template file /var/lib/sealos/data/default/rootfs/etc/registry_config.yml.tmpl, trying to rendering
2025-12-25T23:23:49 debug found existing file /var/lib/sealos/data/default/rootfs/etc/registry_config.yml, override it
2025-12-25T23:23:49 info render /var/lib/sealos/data/default/rootfs/etc/registry_config.yml from /var/lib/sealos/data/default/rootfs/etc/registry_config.yml.tmpl completed
2025-12-25T23:23:49 debug found template file /var/lib/sealos/data/default/rootfs/etc/systemd/system/kubelet.service.d/10-kubeadm.conf.tmpl, trying to rendering
2025-12-25T23:23:49 debug found existing file /var/lib/sealos/data/default/rootfs/etc/systemd/system/kubelet.service.d/10-kubeadm.conf, override it
2025-12-25T23:23:49 info render /var/lib/sealos/data/default/rootfs/etc/systemd/system/kubelet.service.d/10-kubeadm.conf from /var/lib/sealos/data/default/rootfs/etc/systemd/system/kubelet.service.d/10-kubeadm.conf.tmpl completed
2025-12-25T23:23:49 info Executing pipeline MirrorRegistry in CreateProcessor.
2025-12-25T23:23:49 debug registry nodes is: [192.168.1.21:22]
2025-12-25T23:23:49 info trying default http mode to sync images to hosts [192.168.1.21:22]
2025-12-25T23:23:49 debug running temporary registry on host 192.168.1.21:22
2025-12-25T23:23:49 debug checking if endpoint http://192.168.1.21:5050 is alive
2025-12-25T23:23:49 debug http endpoint http://192.168.1.21:5050 is alive
2025-12-25T23:23:49 debug registry config: &{Version:0.1 Log:{AccessLog:{Disabled:true} Level:info Formatter: Fields:map[] Hooks:[]} Loglevel: Storage:map[filesystem:map[rootdirectory:/var/lib/containers/storage/overlay/9f1ea8c2a0de4de050dd3504df44a13f52c4e085565fdcbfce7fef6fe24ff6fe/merged/registry] maintenance:map[uploadpurging:map[enabled:false]]] Auth:map[] Middleware:map[] Reporting:{Bugsnag:{APIKey: ReleaseStage: Endpoint:} NewRelic:{LicenseKey: Name: Verbose:false}} HTTP:{Addr::26727 Net: Host: Prefix: Secret:asecretforlocaldevelopment RelativeURLs:false DrainTimeout:0s TLS:{Certificate: Key: ClientCAs:[] MinimumTLS: CipherSuites:[] LetsEncrypt:{CacheFile: Email: Hosts:[]}} Headers:map[] Debug:{Addr: Prometheus:{Enabled:false Path:}} HTTP2:{Disabled:false}} Notifications:{EventConfig:{IncludeReferences:false} Endpoints:[]} Redis:{Addr: Password: DB:0 TLS:{Enabled:false} DialTimeout:0s ReadTimeout:0s WriteTimeout:0s Pool:{MaxIdle:0 MaxActive:0 IdleTimeout:0s}} Health:{FileCheckers:[] HTTPCheckers:[] TCPCheckers:[] StorageDriver:{Enabled:false Interval:0s Threshold:0}} Proxy:{RemoteURL: Username: Password:} Compatibility:{Schema1:{TrustKey: Enabled:false}} Validation:{Enabled:false Disabled:false Manifests:{URLs:{Allow:[] Deny:[]}}} Policy:{Repository:{Classes:[]}}}
2025-12-25T23:23:49 debug checking if endpoint http://127.0.0.1:26727 is alive
2025-12-25T23:23:49 debug http endpoint http://127.0.0.1:26727 is alive
2025-12-25T23:23:49 debug syncing repos [{coredns/coredns 0 false false false} {etcd 0 false false false} {kube-apiserver 0 false false false} {kube-controller-manager 0 false false false} {kube-proxy 0 false false false} {kube-scheduler 0 false false false} {labring/lvscare 0 false false false} {pause 0 false false false}] from 127.0.0.1:26727 to 192.168.1.21:5050
2025-12-25T23:23:49 debug syncing 192.168.1.21:5050/coredns/coredns:v1.11.3 with selection 1
2025-12-25T23:23:50 debug syncing 192.168.1.21:5050/coredns/coredns:v1.11.3 with selection 0
2025-12-25T23:23:50 debug syncing 192.168.1.21:5050/etcd:3.5.24-0 with selection 1
2025-12-25T23:23:51 debug syncing 192.168.1.21:5050/etcd:3.5.24-0 with selection 0
2025-12-25T23:23:51 debug syncing 192.168.1.21:5050/kube-apiserver:v1.31.14 with selection 1
2025-12-25T23:23:52 debug syncing 192.168.1.21:5050/kube-apiserver:v1.31.14 with selection 0
2025-12-25T23:23:52 debug syncing 192.168.1.21:5050/kube-controller-manager:v1.31.14 with selection 1
2025-12-25T23:23:52 debug syncing 192.168.1.21:5050/kube-controller-manager:v1.31.14 with selection 0
2025-12-25T23:23:52 debug syncing 192.168.1.21:5050/kube-proxy:v1.31.14 with selection 1
2025-12-25T23:23:53 debug syncing 192.168.1.21:5050/kube-proxy:v1.31.14 with selection 0
2025-12-25T23:23:53 debug syncing 192.168.1.21:5050/kube-scheduler:v1.31.14 with selection 1
2025-12-25T23:23:53 debug syncing 192.168.1.21:5050/kube-scheduler:v1.31.14 with selection 0
2025-12-25T23:23:53 debug syncing 192.168.1.21:5050/labring/lvscare:v5.1.1 with selection 1
2025-12-25T23:23:54 debug syncing 192.168.1.21:5050/labring/lvscare:v5.1.1 with selection 0
2025-12-25T23:23:54 debug syncing 192.168.1.21:5050/pause:3.10 with selection 1
2025-12-25T23:23:54 debug syncing 192.168.1.21:5050/pause:3.10 with selection 0
2025-12-25T23:23:54 info Executing pipeline Bootstrap in CreateProcessor
2025-12-25T23:23:54 debug apply [default_checker registry_host_applier registry_applier cri_initializer apiserver_host_applier lvscare_host_applier initializer] on hosts [192.168.1.21:22]
2025-12-25T23:23:54 debug apply default_checker on host 192.168.1.21:22
INFO [2025-12-25 23:23:54] >> Check port kubelet port 10249..10259, reserved port 5050..5054 inuse. Please wait...
which: no crio in (/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin)
INFO [2025-12-25 23:23:55] >> check root,port,cri success
2025-12-25T23:23:55 debug apply registry_host_applier on host 192.168.1.21:22
2025-12-25T23:23:55 debug registry config data info: # Copyright © 2022 sealos.

Licensed under the Apache License, Version 2.0 (the "License");

you may not use this file except in compliance with the License.

You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software

distributed under the License is distributed on an "AS IS" BASIS,

WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

See the License for the specific language governing permissions and

limitations under the License.

domain: sealos.hub
port: "5000"
username: "admin"
password: "passw0rd"
data: "/var/lib/registry"

2025-12-25T23:23:55 debug show registry info, IP: 192.168.1.21:22, Domain: sealos.hub, Data: /var/lib/registry
2025-12-25T23:23:55 info domain sealos.hub:192.168.1.21 append success
2025-12-25T23:23:55 debug apply registry_applier on host 192.168.1.21:22
2025-12-25T23:23:55 debug registry config data info: # Copyright © 2022 sealos.

Licensed under the Apache License, Version 2.0 (the "License");

you may not use this file except in compliance with the License.

You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software

distributed under the License is distributed on an "AS IS" BASIS,

WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

See the License for the specific language governing permissions and

limitations under the License.

domain: sealos.hub
port: "5000"
username: "admin"
password: "passw0rd"
data: "/var/lib/registry"

2025-12-25T23:23:55 debug show registry info, IP: 192.168.1.21:22, Domain: sealos.hub, Data: /var/lib/registry
2025-12-25T23:23:55 debug make soft link: rm -rf /var/lib/registry && ln -s /var/lib/sealos/data/default/rootfs/registry /var/lib/registry
2025-12-25T23:23:55 debug copy files src /root/.sealos/default/etc/registry_htpasswd to dst /var/lib/sealos/data/default/rootfs/etc/registry_htpasswd on 192.168.1.21:22 locally
Created symlink /etc/systemd/system/multi-user.target.wants/registry.service → /etc/systemd/system/registry.service.
INFO [2025-12-25 23:23:55] >> Health check registry!
INFO [2025-12-25 23:23:55] >> registry is running
INFO [2025-12-25 23:23:55] >> init registry success
2025-12-25T23:23:55 debug apply cri_initializer on host 192.168.1.21:22
2025-12-25T23:23:55 debug skip init cri shell by label
2025-12-25T23:23:55 debug apply apiserver_host_applier on host 192.168.1.21:22
2025-12-25T23:23:55 info domain apiserver.cluster.local:192.168.1.21 append success
2025-12-25T23:23:55 debug apply initializer on host 192.168.1.21:22
Installing CRI-O
Thu Dec 25 11:23:57 PM CST 2025
INFO [2025-12-25 23:23:57] >> username: admin, password: passw0rd, base64pwd: YWRtaW46cGFzc3cwcmQ=
Created symlink /etc/systemd/system/cri-o.service → /usr/local/lib/systemd/system/crio.service.
Created symlink /etc/systemd/system/multi-user.target.wants/crio.service → /usr/local/lib/systemd/system/crio.service.
INFO [2025-12-25 23:23:57] >> Health check crio!
INFO [2025-12-25 23:23:57] >> crio is running
INFO [2025-12-25 23:23:57] >> init crio success
INFO [2025-12-25 23:23:57] >> init crio success
Created symlink /etc/systemd/system/multi-user.target.wants/image-cri-shim.service → /etc/systemd/system/image-cri-shim.service.
INFO [2025-12-25 23:23:58] >> Health check image-cri-shim!
INFO [2025-12-25 23:23:58] >> image-cri-shim is running
INFO [2025-12-25 23:23:58] >> init shim success
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
unknown system, use default to stop firewalld

• Applying /usr/lib/sysctl.d/10-default-yama-scope.conf ...
• Applying /usr/lib/sysctl.d/50-coredump.conf ...
• Applying /usr/lib/sysctl.d/50-default.conf ...
• Applying /usr/lib/sysctl.d/50-libkcapi-optmem_max.conf ...
• Applying /etc/sysctl.d/50-libreswan.conf ...
• Applying /usr/lib/sysctl.d/50-pid-max.conf ...
• Applying /etc/sysctl.d/99-sysctl.conf ...
• Applying /etc/sysctl.conf ...
  kernel.yama.ptrace_scope = 0
  kernel.core_pattern = |/usr/lib/systemd/systemd-coredump %P %u %g %s %t %c %h
  kernel.core_pipe_limit = 16
  fs.suid_dumpable = 2
  kernel.sysrq = 16
  kernel.core_uses_pid = 1
  net.ipv4.conf.default.rp_filter = 1
  net.ipv4.conf.ens18.rp_filter = 1
  net.ipv4.conf.ens19.rp_filter = 1
  net.ipv4.conf.lo.rp_filter = 1
  net.ipv4.conf.default.accept_source_route = 0
  net.ipv4.conf.ens18.accept_source_route = 0
  net.ipv4.conf.ens19.accept_source_route = 0
  net.ipv4.conf.lo.accept_source_route = 0
  net.ipv4.conf.default.promote_secondaries = 1
  net.ipv4.conf.ens18.promote_secondaries = 1
  net.ipv4.conf.ens19.promote_secondaries = 1
  net.ipv4.conf.lo.promote_secondaries = 1
  net.ipv4.ping_group_range = 1 0
  net.core.default_qdisc = fq_codel
  fs.protected_hardlinks = 1
  fs.protected_symlinks = 1
  fs.protected_regular = 1
  fs.protected_fifos = 1
  net.core.optmem_max = 81920
  net.ipv6.conf.default.accept_redirects = 0
  net.ipv6.conf.all.accept_redirects = 0
  net.ipv4.conf.default.send_redirects = 0
  net.ipv4.conf.default.accept_redirects = 0
  net.ipv4.conf.all.send_redirects = 0
  net.ipv4.conf.all.accept_redirects = 0
  kernel.pid_max = 4194304
  kernel.sysrq = 0
  net.ipv4.ip_forward = 0
  net.ipv4.conf.all.send_redirects = 0
  net.ipv4.conf.default.send_redirects = 0
  net.ipv4.conf.all.accept_source_route = 0
  net.ipv4.conf.default.accept_source_route = 0
  net.ipv4.conf.all.accept_redirects = 0
  net.ipv4.conf.default.accept_redirects = 0
  net.ipv4.conf.all.secure_redirects = 0
  net.ipv4.conf.default.secure_redirects = 0
  net.ipv4.icmp_echo_ignore_broadcasts = 1
  net.ipv4.icmp_ignore_bogus_error_responses = 1
  net.ipv4.conf.all.rp_filter = 1
  net.ipv4.conf.default.rp_filter = 1
  net.ipv4.tcp_syncookies = 1
  kernel.dmesg_restrict = 1
  net.ipv6.conf.all.accept_redirects = 0
  net.ipv6.conf.default.accept_redirects = 0
  vm.nr_hugepages = 1024
  fs.file-max = 1048576 # sealos
  net.bridge.bridge-nf-call-ip6tables = 1 # sealos
  net.bridge.bridge-nf-call-iptables = 1 # sealos
  net.core.somaxconn = 65535 # sealos
  net.ipv4.conf.all.rp_filter = 0 # sealos
  net.ipv4.ip_forward = 1 # sealos
  net.ipv4.ip_local_port_range = 1024 65535 # sealos
  net.ipv4.tcp_keepalive_intvl = 30 # sealos
  net.ipv4.tcp_keepalive_time = 600 # sealos
  net.ipv4.vs.conn_reuse_mode = 0 # sealos
  net.ipv4.vs.conntrack = 1 # sealos
  net.ipv6.conf.all.forwarding = 1 # sealos
  vm.max_map_count = 2147483642 # sealos
  kernel.sysrq = 0
  net.ipv4.ip_forward = 0
  net.ipv4.conf.all.send_redirects = 0
  net.ipv4.conf.default.send_redirects = 0
  net.ipv4.conf.all.accept_source_route = 0
  net.ipv4.conf.default.accept_source_route = 0
  net.ipv4.conf.all.accept_redirects = 0
  net.ipv4.conf.default.accept_redirects = 0
  net.ipv4.conf.all.secure_redirects = 0
  net.ipv4.conf.default.secure_redirects = 0
  net.ipv4.icmp_echo_ignore_broadcasts = 1
  net.ipv4.icmp_ignore_bogus_error_responses = 1
  net.ipv4.conf.all.rp_filter = 1
  net.ipv4.conf.default.rp_filter = 1
  net.ipv4.tcp_syncookies = 1
  kernel.dmesg_restrict = 1
  net.ipv6.conf.all.accept_redirects = 0
  net.ipv6.conf.default.accept_redirects = 0
  vm.nr_hugepages = 1024
  fs.file-max = 1048576 # sealos
  net.bridge.bridge-nf-call-ip6tables = 1 # sealos
  net.bridge.bridge-nf-call-iptables = 1 # sealos
  net.core.somaxconn = 65535 # sealos
  net.ipv4.conf.all.rp_filter = 0 # sealos
  net.ipv4.ip_forward = 1 # sealos
  net.ipv4.ip_local_port_range = 1024 65535 # sealos
  net.ipv4.tcp_keepalive_intvl = 30 # sealos
  net.ipv4.tcp_keepalive_time = 600 # sealos
  net.ipv4.vs.conn_reuse_mode = 0 # sealos
  net.ipv4.vs.conntrack = 1 # sealos
  net.ipv6.conf.all.forwarding = 1 # sealos
  vm.max_map_count = 2147483642 # sealos
  INFO [2025-12-25 23:23:58] >> pull pause image sealos.hub:5000/pause:3.10
  Image is up to date for sealos.hub:5000/pause@sha256:7c38f24774e3cbd906d2d33c38354ccf787635581c122965132c9bd309754d4a
  Created symlink /etc/systemd/system/multi-user.target.wants/kubelet.service → /etc/systemd/system/kubelet.service.
  INFO [2025-12-25 23:23:59] >> init kubelet success
  INFO [2025-12-25 23:23:59] >> init rootfs success
  2025-12-25T23:23:59 info Executing pipeline Init in CreateProcessor.
  2025-12-25T23:23:59 debug using default kubeadm config
  2025-12-25T23:23:59 debug skip merging kubeadm configs from cause file /var/lib/sealos/data/default/rootfs/etc/kubeadm.yml not exists
  2025-12-25T23:23:59 debug renderTextFromEnv: replaces: map[$(SEALOS_SYS_CRI_ENDPOINT):/var/run/crio/crio.sock $(SEALOS_SYS_IMAGE_ENDPOINT):/var/run/image-cri-shim.sock $(criData):/var/lib/crio $(defaultVIP):10.103.97.2 $(registryConfig):/etc/registry $(registryData):/var/lib/registry $(registryDomain):sealos.hub $(registryPassword):passw0rd $(registryPort):5000 $(registryUsername):admin $(sandboxImage):pause:3.10 $SEALOS_SYS_CRI_ENDPOINT:/var/run/crio/crio.sock $SEALOS_SYS_IMAGE_ENDPOINT:/var/run/image-cri-shim.sock $criData:/var/lib/crio $defaultVIP:10.103.97.2 $registryConfig:/etc/registry $registryData:/var/lib/registry $registryDomain:sealos.hub $registryPassword:passw0rd $registryPort:5000 $registryUsername:admin $sandboxImage:pause:3.10 ${SEALOS_SYS_CRI_ENDPOINT}:/var/run/crio/crio.sock ${SEALOS_SYS_IMAGE_ENDPOINT}:/var/run/image-cri-shim.sock ${criData}:/var/lib/crio ${defaultVIP}:10.103.97.2 ${registryConfig}:/etc/registry ${registryData}:/var/lib/registry ${registryDomain}:sealos.hub ${registryPassword}:passw0rd ${registryPort}:5000 ${registryUsername}:admin ${sandboxImage}:pause:3.10] ; text: $defaultVIP
  2025-12-25T23:23:59 debug get nodes [192.168.1.21:22] cri socket is [/var/run/crio/crio.sock]
  2025-12-25T23:23:59 debug node: 192.168.1.21:22 , criSocket: /var/run/crio/crio.sock
  2025-12-25T23:23:59 error Applied to cluster error: failed to init masters: generate init config error: exit status 1
  2025-12-25T23:23:59 debug save objects into local: /root/.sealos/default/Clusterfile, objects: apiVersion: apps.sealos.io/v1beta1
  kind: Cluster
  metadata:
  creationTimestamp: "2025-12-25T15:23:59Z"
  name: default
  spec:
  hosts:
  • ips:
    • 192.168.1.21:22
      roles:
    • master
    • amd64
      image:
  • labring/kubernetes-crio:v1.31.14-5.1.1
    ssh: {}
    status:
    conditions:
  • lastHeartbeatTime: "2025-12-25T15:23:59Z"
    message: 'failed to init masters: generate init config error: exit status 1'
    reason: Apply Cluster
    status: "False"
    type: ApplyClusterError
    mounts:
  • env:
    SEALOS_SYS_CRI_ENDPOINT: /var/run/crio/crio.sock
    SEALOS_SYS_IMAGE_ENDPOINT: /var/run/image-cri-shim.sock
    criData: /var/lib/crio
    defaultVIP: 10.103.97.2
    registryConfig: /etc/registry
    registryData: /var/lib/registry
    registryDomain: sealos.hub
    registryPassword: passw0rd
    registryPort: "5000"
    registryUsername: admin
    sandboxImage: pause:3.10
    imageName: labring/kubernetes-crio:v1.31.14-5.1.1
    labels:
    check: check.sh $registryData
    clean: clean.sh && bash clean-cri.sh $criData
    clean-registry: clean-registry.sh $registryData $registryConfig
    image: ghcr.io/labring/lvscare:v5.1.1
    init: init-cri.sh $registryDomain $registryPort $registryUsername $registryPassword
    && bash init.sh
    init-registry: init-registry.sh $registryData $registryConfig
    io.buildah.version: 1.30.0
    org.opencontainers.image.description: kubernetes-v1.31.14 container image
    org.opencontainers.image.licenses: MIT
    org.opencontainers.image.source: https://github.com/labring-actions/cache
    sealos.io.type: rootfs
    sealos.io.version: v1beta1
    version: v1.31.14
    vip: $defaultVIP
    mountPoint: /var/lib/containers/storage/overlay/9f1ea8c2a0de4de050dd3504df44a13f52c4e085565fdcbfce7fef6fe24ff6fe/merged
    name: default-h6aem02f
    type: rootfs
    phase: ClusterFailed

2025-12-25T23:23:59 debug sync workdir: /root/.sealos/default
2025-12-25T23:23:59 debug copy files src /root/.sealos/default to dst /root/.sealos/default on 192.168.1.21:22 locally
Error: failed to init masters: generate init config error: exit status 1
[root@master-node-01 sealos]#