The new deployment went out, the pod is Running, but it never becomes Ready. The startup probe keeps failing with a mysterious "Forbidden" error.
A new application was deployed that needs to query the Kubernetes API during startup. The pod status shows Running, but the Ready condition stays False. kubectl describe pod shows the startup probe is failing repeatedly. Looking at the logs, you see: "Error querying API: forbidden - User cannot list pods". The application uses a ServiceAccount, but something about the permissions is wrong.
Start this challenge in your local Kubernetes cluster:
