This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(19.2, 32%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESC%3C/text%3E%3C/svg%3E)
I created a test cluster with the following command
az group create --location east us 2 --name testRegistryGroup
az acr create --resource-group testRegistryGroup --name testStardogRegistry --sku Basic
az group create --location east us 2 --name testAksGroup
az provider register --namespace Microsoft.OperationsManagement
az provider register --namespace Microsoft.OperationalInsights
az aks create --resource-group testAksGroup --name testAksCluster --vm-set-type VirtualMachineScaleSets --load-balancer-sku standard --node-count 2 --node-vm-size Standard_D2_v2 --enable-addons monitoring --generate-ssh-keys --attach-acr testStardogRegistry
az aks nodepool add --resource-group testAksGroup --cluster-name testAksCluster --name sdpool --node-count 3 --node-vm-size Standard_E4_v3 --node-taints sdhost=true:NoSchedule
az aks nodepool add --resource-group testAksGroup --cluster-name testAksCluster --name zkpool --node-count --node-vm-size Standard_D2_v2
At this point I am able to deploy pod, but not if I request a persistent disk. If I check which servicePrincipleProfile I with
az aks show -g testAksGroup -n testAksCluster --query "servicePrincipalProfile"
I get
{
"clientId": "msi"
}
The full error I get is the following
Failed to provision volume with StorageClass "default": Retriable: false,
RetryAfter: 0s, HTTPStatusCode: 403, RawError: Retriable: false, RetryAfter:
0s, HTTPStatusCode: 403, RawError:
{"error":{"code":"AuthorizationFailed","message":"The client
'37e527b9-778e-4857-95ca-9d28cc364ae8' with object id
'37e527b9-778e-4857-95ca-9d28cc364ae8' does not have authorization to perform
action 'Microsoft.Compute/disks/write' over scope
'/subscriptions/f515f531-0477-4207-9cb5-55cd8a58340e/resourceGroups/mc_testaksgroup_testakscluster_eastus2/providers/Microsoft.Compute/disks/kubernetes-dynamic-pvc-09eb5131-10c8-46f0-89df-a70511da7f1a'
or the scope is invalid. If access was recently granted, please refresh your
credentials."}}
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(118.4, 98%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKM%3C/text%3E%3C/svg%3E)
Can you please confirm that you are using the latest version for your AKS cluster.
If not, we recommend that you upgrade it. You will need to upgrade in increments using the commands in CLI provided. Also note that in AKS, our product group will support 3 versions and 2 stable patches for each of the minor versions. For example, we have 1.15.10 and 1.15.7 available and therefore 1.15.5 and lower versions in the 1.15.x minor versions were retired/are not available nor supported. The following document also provides information in regard to supported Kubernetes versions: https://learn.microsoft.com/en-us/azure/aks/supported-kubernetes-versions.
I am using 1.20.9. I will upgrade to 1.21.2.
Please upgrade and let me know if you are still seeing issues. I will investigate further. Thanks.
Can you please confirm that you are using the latest version for your AKS cluster.
If not, we recommend that you upgrade it. You will need to upgrade in increments using the commands in CLI provided. Also note that in AKS, our product group will support 3 versions and 2 stable patches for each of the minor versions. For example, we have 1.15.10 and 1.15.7 available and therefore 1.15.5 and lower versions in the 1.15.x minor versions were retired/are not available nor supported. The following document also provides information in regard to supported Kubernetes versions: https://learn.microsoft.com/en-us/azure/aks/supported-kubernetes-versions.