Kubelet could not create the container
Production Risk
Container never starts; service is unavailable.
CreateContainerError means the kubelet successfully pulled the image but could not create the container. This is a runtime-level error that occurs before the container process starts. Common causes include missing or unresolvable ConfigMaps/Secrets referenced in the pod spec, invalid volume mounts, or container runtime failures.
- 1ConfigMap or Secret referenced in env or envFrom does not exist
- 2Volume or volumeMount references a resource that cannot be resolved
- 3Container runtime (containerd) encountered an internal error
- 4Invalid security context settings rejected by the runtime
Pod is stuck in ContainerCreating or shows CreateContainerError in describe events.
kubectl describe pod mypod | grep -A 20 "Events:" # Warning Failed kubelet Error: secret "my-secret" not found
expected output
Warning Failed ... Error: secret "my-secret" not found
Fix
Verify all referenced ConfigMaps and Secrets exist
WHEN Events mention a missing secret or configmap
# List secrets and configmaps in the namespace kubectl get secrets,configmaps -n mynamespace # Check what the pod references kubectl get pod mypod -o yaml | grep -E "secretName|configMapName|secretKeyRef|configMapKeyRef"
Why this works
Ensures all resources referenced in the pod spec exist before the container can be created.
Kubernetes Documentation
Content generated with AI assistance and reviewed for accuracy. Found an error? hello@errcodes.dev