Unable to delete pods

pgruenbaum · June 9, 2023, 12:25am

If I click on the three dots for a pod in the pods list, and select delete, I get this error:

pods “ercot-rabbitmq-0” is forbidden: User “system:serviceaccount:esol-ap31011-dev-namespace:esol-ap31011-dev-user-reader” cannot create resource “pods/eviction” in API group “” in the namespace “esol-ap31011-dev-namespace”

This is true of all pods in all clusters, as far as I can tell. I can delete pods using the command line (kubectl delete pod). Someone else with the identical config file is able to do it without problems in Lens. Any ideas how to fix this?

allenw1 · June 9, 2023, 7:15am

I’m getting same issue, did you find a way to fix this?

phorsmalahti · June 9, 2023, 7:57am

Probably due to the recent usage of the Eviction API for delete: Support using Eviction API when deleting Pods and Deployments · Issue #5602 · lensapp/lens · GitHub

pgruenbaum · June 9, 2023, 9:29pm

Sounds like a good theory. I wonder if the problem is that the API group is an empty string. How does this get set?

hitjethva1981 · September 16, 2024, 10:52am

The error you’re seeing occurs because the service account (esol-ap31011-dev-user-reader) lacks permissions to create pod evictions in the specified namespace, which is required when attempting to delete pods through the UI. To fix this, you’ll need to update the service account’s role or role binding to allow pod eviction operations. You can do this by granting the necessary permissions via a ClusterRole or Role with access to pods/eviction. For more details on handling pod eviction issues, check out this guide.