I followed this guide to set up a k8s cluster running Jenkins. Before configuring any projects, I first updated all of the plugins. I then set up my first project, but builds for this project were stuck in the pending status. I checked the logs and found the following error:

WARNING: Failed to count the # of live instances on Kubernetes
io.fabric8.kubernetes.client.KubernetesClientException: Failure executing: GET at: https://kubernetes.default/api/v1/namespaces/jenkins/pods. Message: Forbidden!Configured service account doesn't have access. Service account may have been revoked. pods is forbidden: User "system:serviceaccount:jenkins:default" cannot list pods in the namespace "jenkins": Unknown user "system:serviceaccount:jenkins:default".

I thought maybe something with the new Kubernetes plugin was causing the error. I downgraded the Kubernetes plugin back to the default 0.1.0 that shipped with the image, but was still getting a similar error:

WARNING: Failed to count the # of live instances on Kubernetes
io.fabric8.kubernetes.client.KubernetesClientException: Failure executing: GET at: https://kubernetes.default/api/v1/namespaces/jenkins/pods?labelSelector=jenkins%3Dslave. Message: Forbidden!Configured service account doesn't have access. Service account may have been revoked.

I ended up solving it with the following command to give the default service account cluster-admin privileges:

kubectl create clusterrolebinding jenkins --clusterrole cluster-admin --serviceaccount=jenkins:default

I found that solution here, and it looks like they were able to modify their k8s deployment to automatically provision a service account with the necessary permissions. I'm pretty new to k8s, and I don't know enough currently to modify the deployment in this project. Otherwise, I would have made a fix and submitted a PR.