Env:
ESXi 7.0 U3l
vcenter 7.0 U3l
tkgm 1.56
configured the storagepolicu with tag based
Manifests:
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
annotations:
volume.beta.kubernetes.io/storage-provisioner: csi.vsphere.vmware.com
finalizers:
- kubernetes.io/pvc-protection
name: claim1
namespace: default
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 2Gi
storageClassName: default
volumeMode: Filesystem
*************************************
allowVolumeExpansion: true
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
annotations:
storageclass.kubernetes.io/is-default-class: "true"
creationTimestamp: "2022-09-19T18:42:06Z"
name: default
resourceVersion: "85"
uid: c40fe130-e219-45fe-97ab-24065f0184f0
provisioner: csi.vsphere.vmware.com
reclaimPolicy: Delete
volumeBindingMode: Immediate
*****************************************
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Provisioning 13s (x5 over 28s) csi.vsphere.vmware.com_vsphere-csi-controller-7b9b7f6bfb-p478d_7a4ef963-b72c-429d-9c1c-e6821798705f External provisioner is provisioning volume for claim "default/claim1"
Warning ProvisioningFailed 13s (x5 over 28s) csi.vsphere.vmware.com_vsphere-csi-controller-7b9b7f6bfb-p478d_7a4ef963-b72c-429d-9c1c-e6821798705f failed to provision volume with StorageClass "default": rpc error: code = Internal desc = failed to create volume. Error: ServerFaultCode: NoPermission
Normal ExternalProvisioning 3s (x3 over 28s) persistentvolume-controller waiting for a volume to be created, either by external provisioner "csi.vsphere.vmware.com" or manually created by system administrator
Error: ServerFaultCode: NoPermission usually refers to problems with permissions assigned to the user leveraged by CSI.
Here are a few resources that will help you narrow this down and add the right permission
- Volume attach failures due to permissions - https://kb.vmware.com/s/article/90348
- List of permissions required for CSI - https://docs.vmware.com/en/VMware-vSphere-Container-Storage-Plug-in/2.0/vmware-vsphere-csp-getting-s...