Kubectl logs <pod> throws forbidden error

Cluster information:

Kubernetes version: 1.14.2
Cloud being used: bare-metal
Installation method: manual
Host OS: Centos 7
CNI and version: calico
CRI and version: docker


I am trying to implement GlusterFS as persistent storage solution in kubernetes. The heketi pod does not come up, so I thought, lets check the pod’s logs.

I tried the following:

$ kubectl get pod
NAME                      READY   STATUS              RESTARTS   AGE
glusterfs-7ftp9           1/1     Running             1          82m
glusterfs-mk5l4           1/1     Running             1          82m
heketi-74cc7bb45c-448w8   0/1     ContainerCreating   0          7m53s

$ kubectl logs heketi-74cc7bb45c-448w8
Error from server: Get https://x.x.x.x:10250/containerLogs/default/heketi-74cc7bb45c-448w8/heketi: Forbidden

What do I need to to to get permission?

1 Like

A Google search provides a few links. Have you already read them?

Hi @schms,
thanks a lot, it was your first link. I’ve setup no_proxy for hostname, but not for IP.

Now after updating /etc/kubernetes/manifests/kube-apiserver.yaml I can see the logs on other nodes.

Regards, Andreas