Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Error from server (Forbidden): error when creating "nginx-runc.yaml": pods "nginx-runc" is forbidden: pod rejected: RuntimeClass "runc" not found
See original GitHub issueScenario I have installed Microkubernetes which is installed via sudo snap install microk8s --classic but microk8s comes with default containerd
I will share all the steps followed in this
sudo apt-get update -y
sudo apt-get upgrade -y
sudo snap install microk8s --classic
sudo microk8s.status --wait-ready
sudo snap alias microk8s.kubectl kubectl (
sudo microk8s.enable dashboard dns
sudo kubectl get pods --all-namespaces
Containerd Version
santhosh_cameo@san-cd:~$ microk8s ctr -v
ctr github.com/containerd/containerd v1.3.7
Since Containerd comes with Microk8s by default, the following command will show the containerd status
sudo systemctl status snap.microk8s.daemon-containerd.service
from the above command , I could see that the configuration file location which containerd uses which will be something like
/var/snap/microk8s/2264/args/containerd.toml
Now I have created a runtime class for runc and I ensure that in /var/snap/microk8s/2264/args/containerd.toml runc is there under runtime classes
kind: RuntimeClass
apiVersion: node.k8s.io/v1beta1
metadata:
name: native
handler: runc
santhosh_cameo@san-june-test:~$ kubectl get runtimeclass
native runc 27h
Now restarting microk8s daemon to reflect everything
microk8s stop
microk8s start
santhosh_cameo@san-june-test:~$ microk8s.inspect
Inspecting Certificates
Inspecting services
Service snap.microk8s.daemon-cluster-agent is running
Service snap.microk8s.daemon-containerd is running
Service snap.microk8s.daemon-apiserver-kicker is running
Service snap.microk8s.daemon-kubelite is running
Copy service arguments to the final report tarball
Inspecting AppArmor configuration
Gathering system information
Copy processes list to the final report tarball
Copy snap list to the final report tarball
Copy VM name (or none) to the final report tarball
Copy disk usage information to the final report tarball
Copy memory usage information to the final report tarball
Copy server uptime to the final report tarball
Copy current linux distribution to the final report tarball
Copy openSSL information to the final report tarball
Copy network configuration to the final report tarball
Inspecting kubernetes cluster
Inspect kubernetes cluster
Inspecting juju
Inspect Juju
Inspecting kubeflow
Inspect Kubeflow
Building the report tarball
Report tarball is at /var/snap/microk8s/2262/inspection-report-20210624_155037.tar.gz
santhosh_cameo@san-june-test:~$ sudo microk8s.kubectl get pods --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system dashboard-metrics-scraper-78d7698477-tr5z5 1/1 Running 28 27h
kube-system kubernetes-dashboard-85fd7f45cb-ct9cn 1/1 Running 29 27h
kube-system coredns-7f9c69c78c-pz7gl 1/1 Running 28 27h
kube-system calico-kube-controllers-f7868dd95-5wzst 1/1 Running 28 28h
default nginx-deployment-66b6c48dd5-lkxcw 1/1 Running 19 27h
kube-system calico-node-kfvqf 1/1 Running 28 28h
default nginx-deployment-66b6c48dd5-dd59m 1/1 Running 19 27h
default nginx-deployment-66b6c48dd5-4q2dv 1/1 Running 2 38m
kube-system metrics-server-8bbfb4bdb-zs97s 1/1 Running 26 28h
🛑 The issue is when I create a simple nginx pod with the above created runc class I am getting Errors as give below. 🛑
apiVersion: v1
kind: Pod
metadata:
name: nginx-runc
spec:
runtimeClassName: runc
containers:
- name: nginx
image: nginx
santhosh_cameo@san-june-test:~$ kubectl apply -f nginx-runc.yaml
Error from server (Forbidden): error when creating "nginx-runc.yaml": pods "nginx-runc" is forbidden: pod rejected: RuntimeClass "runc" not found
What I am doing wrong ?? Please help. This is not once, its been 3 times I checked my steps and getting same error.
🟢 Highlight is I am able to run the below commands in the shell with the same runc and if I deploy a nginx without specifying runtime class then it works fine.🟢
santhosh_cameo@san-june-test:~$ microk8s ctr run --runtime io.containerd.runc.v2 -t --rm docker.io/library/busybox:latest hello sh
/ # uname -a
Linux san-june-test 5.4.0-1043-gcp #46~18.04.1-Ubuntu SMP Wed Apr 21 18:52:07 UTC 2021 x86_64 GNU/Linux
So please help,
Issue Analytics
- State:
- Created 2 years ago
- Comments:10
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
@balchua thank you, Genius Balchua 💌 I was behind this issue since 2 weeks and posted it in many places. No one could identify the exact cause. The main mistake I was doing is using handler instead of name in my pod declaration.
Thank you so much, issue is solved. and the main intention of this work is to try Kata, so I will test the edge version with Kata in a new instance and let you know soon.
Thanks @santhoshcameo for the update. I will be closing this issue. Thanks for using MicroK8s.