Home / BeaverDeck / Docs / Configuration Guide / Troubleshooting

Troubleshooting

Permission errors: distinguish application-role denials from Kubernetes API denials. Check the BeaverDeck permission matrix, namespace scope, and ServiceAccount RBAC before changing configuration.
Problem Likely cause Check
Pod exits during startup with auth config import failure. Existing Secret has invalid YAML, missing required fields, bad role references, raw password values, or unsupported schema. Read pod logs. Fix the Secret, or delete it to start initialization again.
Initialization screen never creates the Secret. ServiceAccount cannot create/update the configured Secret, or admin username/password validation fails. Check pod logs and Kubernetes RBAC for Secrets in CONFIG_SECRET_NAMESPACE.
Ingress path loads assets or API incorrectly. BASE_PATH and ingress forwarding path do not match. Use a matching ingress.path and ensure the controller forwards the prefix.
Only one namespace is visible. ALLOW_ALL_NAMESPACES is false, or the user's BeaverDeck role limits namespaces. Check Helm value allowAllNamespaces and role permissions.
Metrics are missing in UI or Insights. metrics-server is unavailable and direct kubelet resource metrics fallback cannot be used, or GPU/DCGM metrics are unavailable. Open Node Insights or GPU Insights and check the specific metrics finding.
Secret reveal is disabled. User has Secret view permission but not Secret edit/manage permission. Grant secrets: edit only if decoded Secret access is intended.