https://bugzilla.suse.com/show_bug.cgi?id=1218694 Bug ID: 1218694 Summary: [k8s,kube-flannel] YAML File to set up Flannel Network Add-On is outdated Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: All OS: openSUSE Tumbleweed Status: NEW Severity: Normal Priority: P5 - None Component: Containers Assignee: containers-bugowner@suse.de Reporter: eich@suse.com QA Contact: qa-bugs@suse.de Target Milestone: --- Found By: Development Blocker: --- After successfully setting up k8s (using `kubeadm init`), the coredns pod remains in a 'Pending' state: NAMESPACE NAME READY STATUS RESTARTS AG kube-system coredns-86ccd44ff8-24h9w 0/1 Pending 0 12 kube-system coredns-86ccd44ff8-rz5vq 0/1 Pending 0 12 kube-system etcd-k8s-head 1/1 Running 1 12 kube-system kube-apiserver-k8s-head 1/1 Running 1 12 kube-system kube-controller-manager-k8s-head 1/1 Running 1 12 kube-system kube-proxy-qprnj 1/1 Running 0 12 kube-system kube-scheduler-k8s-head 1/1 Running 1 13 This is due to a not yet installed network plugin. When installing `kubeadm` thru 'patterns-kubernetes-kubeadm', the package 'flannel-k8s-yaml' is installed alongside which contains a yaml file to set up Flannel as network plugin. Running `kubectl apply -f /usr/share/k8s-yaml/flannel/kube-flannel.yaml` using the supplied file fails, however after: | clusterrole.rbac.authorization.k8s.io/flannel created | clusterrolebinding.rbac.authorization.k8s.io/flannel created | serviceaccount/flannel created | configmap/kube-flannel-cfg created | daemonset.apps/kube-flannel-ds created with the error: | error: resource mapping not found for name: "psp.flannel.unprivileged" namespace: "" from "/usr/share/k8s-yaml/flannel/kube-flannel.yaml": no matches for kind "PodSecurityPolicy" in version "policy/v1beta1" ensure CRDs are installed first When using the yaml file from https://github.com/flannel-io/flannel/blob/master/Documentation/kube-flannel... (wget https://raw.githubusercontent.com/flannel-io/flannel/master/Documentation/ku...) it works, however, the flannel pod is still cycling thru a CrashLoopBackOff - it fails with (from log): | E0110 11:46:48.988799 1 main.go:332] Error registering network: failed to acquire lease: node "k8s-head" pod cidr not assigned -- You are receiving this mail because: You are on the CC list for the bug.