Flannel: Failed to create SubnetManager: error retrieving pod spec for 'kube-system/kube-flannel-ds-sb3k4': the server does not allow access to the requested resource^C

@hustljl What kubernetes version are you using? What flannel version are you using? Which manifest(s) did you use? Did you try the RBAC one?

Am having same issue.
Client Version: version.Info{Major:"1", Minor:"6", GitVersion:"v1.6.1", GitCommit:"b0b7a323cc5a4a2019b2e9520c21c7830b7f708e", GitTreeState:"clean", BuildDate:"2017-04-03T20:44:38Z", GoVersion:"go1.7.5", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"6", GitVersion:"v1.6.0", GitCommit:"fff5156092b56e6bd60fff75aad4dc9de6b6ef37", GitTreeState:"clean", BuildDate:"2017-03-28T16:24:30Z", GoVersion:"go1.7.5", Compiler:"gc", Platform:"linux/amd64"}

I am using flannel. My first issue was /run/flannel/subnet.env not found which is reported in other issue. This stopped dns pods from coming up. I manually created one like following from older 1.5 working environment -
FLANNEL_NETWORK=172.10.0.0/16
FLANNEL_SUBNET=172.10.0.1/24
FLANNEL_MTU=1450
FLANNEL_IPMASQ=true
That got past dns pod issue and dns pods are running. Now the flannel pod is in error with same message as this mentioned in this issue -

root@2kub-0:/tmp# kubectl logs kube-flannel-ds-gc73b -c kube-flannel --namespace kube-system --tail=20
E0421 21:14:14.129572 1 main.go:127] Failed to create SubnetManager: error retrieving pod spec for 'kube-system/kube-flannel-ds-gc73b': the server does not allow access to the requested resource (get pods kube-flannel-ds-gc73b)

And yes I did specify necessary inputs on my kubeadm init like this -
kubeadm init --pod-network-cidr 172.10.0.0/16 --service-cidr 172.16.0.0/12

I had the same problem~

Solution:
kubectl apply -f https://github.com/coreos/flannel/blob/master/Documentation/kube-flannel-rbac.yml
kubectl apply -f https://github.com/coreos/flannel/blob/master/Documentation/kube-flannel.yaml

please point out the correct namespace

same issue here.
ebtables 2.0.10.4-3
kubernetes-cni 0.5.1-00
socat 1.7.3.1-1
kubelet 1.6.2-00
kubectl 1.6.2-00
kubeadm 1.6.2-00
flannel 0.7.1-amd64

See @igortin 's solution

Are you using RBAC?
How to check:
[kube@kube-master ~]$ kubectl exec kube-apiserver-kube-master.example.com -c kube-apiserver -n kube-system ps
In the output find:
--authorization-mode=RBAC

If RBAC enabled:
1) check sa
[kube@kube-master ~]$ kubectl get sa flannel -n kube-system
NAME SECRETS AGE
flannel 1 5d
2) check cluster role
kubectl get clusterrole flannel -n kube-system

3) check
kubectl get ClusterRoleBinding flannel

If not exeist 1,2,3
create ServiceAccount flannel and exec yamls

@igortin , the link to yml files should change to https://raw.githubusercontent.com/...
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel-rbac.yml
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

Hi,
Running in to the same issues on Ubuntu 16.04, Kubernetes via hyperkube v1.6.8_coreos.0 and flannel v0.7.1 & v0.8.0-amd64. appreciate your help and time.

{"log":"E0822 14:22:39.379922 1 config.go:265] Expected to load root CA config from /var/run/secrets/kubernetes.io/serviceaccount/ca.crt, but got err: open /var/run/secrets/kubernetes.io/serviceaccount/ca.crt: no such file or directory\n","stream":"stderr","time":"2017-08-22T14:22:39.380327935Z"}
{"log":"E0822 14:22:39.405061 1 main.go:127] Failed to create SubnetManager: error retrieving pod spec for 'kube-system/kube-flannel-ds-14xmd': Get https://192.168.56.20:6443/api/v1/namespaces/kube-system/pods/kube-flannel-ds-14xmd: x509: failed to load system roots and no roots provided\n","stream":"stderr","time":"2017-08-22T14:22:39.405436407Z"}

thanks,
Venkat

This link is not available : https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel-rbac.yml

https://github.com/coreos/flannel/blob/master/Documentation/k8s-manifests/kube-flannel-rbac.yml

Отправлено с iPhone

27 окт. 2017 г., в 19:08, Sanda notifications@github.com написал(а):

This link is not available : https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel-rbac.yml

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub, or mute the thread.

I have a similaire problem:

get pods --all-namespaces

kube-system kube-flannel-ds-bdcxj 0/1 CrashLoopBackOff 6 10m
kube-system kube-flannel-ds-llstg 0/1 CrashLoopBackOff 6 10m

kubectl exec kube-apiserver-master.domain.local -c kube-apiserver -n kube-system ps
--authorization-mode=Node,RBAC

kubectl get sa flannel -n kube-system
NAME SECRETS AGE
flannel 1 19m

when i try : kubectl create -f https://github.com/coreos/flannel/blob/master/Documentation/k8s-manifests/kube-flannel-rbac.yml
error: error converting YAML to JSON: yaml: line 376: mapping values are not allowed in this context

and my kubectl logs:

Error adding network: open /run/flannel/subnet.env: no such file or directory
Error while adding to cni network: open /run/flannel/subnet.env: no such file or directory

@zakiournani please use thr "raw" link instead of github link in kubectl create command

Solved my issue, it was related to a mistake in interface name when configuring flannel.
BTW i think raw link ain't working (404).
Cheers

I have encountered this problem at present, the version of kubernetes cluster is unified to v1.19.0