From 399d53b543f6ca99f13d28313ae77b3472b0f728 Mon Sep 17 00:00:00 2001 From: Andrey Smirnov Date: Fri, 17 Jan 2025 20:35:16 +0400 Subject: [PATCH] fix: ignore forbidden error when waiting for pod eviction K8s 1.32+ won't lest us get deleted pods as it doesn't belong to our node, so just assume the pod is gone (at least it's not on our node anymore). Fixes #10154 Signed-off-by: Andrey Smirnov --- pkg/kubernetes/kubernetes.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/pkg/kubernetes/kubernetes.go b/pkg/kubernetes/kubernetes.go index a2efe3bec7..306719e001 100644 --- a/pkg/kubernetes/kubernetes.go +++ b/pkg/kubernetes/kubernetes.go @@ -275,6 +275,9 @@ func (h *Client) waitForPodDeleted(ctx context.Context, p *corev1.Pod) error { switch { case apierrors.IsNotFound(err): return nil + case apierrors.IsForbidden(err): + // in Kubernetes 1.32+, NodeRestriction plugin won't let us list a pod which is not on our node, including deleted ones + return nil case err != nil: if IsRetryableError(err) { return retry.ExpectedError(err)