No ResourceQuotas assigned for namespace
Error from server (storage class is not valid for control plane VM: no ResourceQuotas assigned for namespace 'ns1', storage class is not valid for worker VMs: no ResourceQuotas assigned for namespace 'ns1'): error when creating "tkg-cluster-1.yaml": admission webhook "default.validating.tanzukubernetescluster.run.tanzu.vmware.com" denied the request: storage class is not valid for control plane VM: no ResourceQuotas assigned for namespace 'ns1', storage class is not valid for worker VMs: no ResourceQuotas assigned for namespace 'ns1'
Troubleshooting commands:
# kubectl get storageclasses No resources found
# kubectl get storageclasses NAME PROVISIONER RECLAIMPOLICY VOLUMEBINDINGMODE ALLOWVOLUMEEXPANSION AGE storagegold csi.vsphere.vmware.com Delete Immediate true 6s
Solution: Add storage to the namespace using the vSphere Client.
storageclasses.storage.k8s.io is forbidden
Error from server (Forbidden): storageclasses.storage.k8s.io is forbidden: User "sso:k8swrite@vsphere.local" cannot list resource "storageclasses" in API group "storage.k8s.io" at the cluster scope.
Only users with Administrator privileges can display Storage Classes. A developer with the view or edit role can not display StorageClasses in his own namespace. To get information about available Storage resources, use kubectl describe namespace [name]:
# kubectl describe namespace dev Name: dev Labels: vSphereClusterID=domain-c46 Annotations: ls_id-0: e758296a-a1b8-4e24-9eb4-603132a12a01 ncp/extpoolid: domain-c46:def22104-2b40-4048-b049-271b1de46b94-ippool-10-99-200-1-10-99-200-254 ncp/router_id: t1_8596f441-83db-4c61-ae3c-e0136067d866_rtr ncp/snat_ip: 10.99.200.3 ncp/subnet-0: 10.244.0.32/28 vmware-system-resource-pool: resgroup-26271 vmware-system-vm-folder: group-v26272 Status: Active Resource Quotas Name: dev-storagequota Resource Used Hard -------- --- --- storagegold.storageclass.storage.k8s.io/requests.storage 0 9223372036854775807 No LimitRange resource.