Container Engine creates a firewall for the network. It also creates routes for the nodes, so that containers running on the nodes can communicate with each other.
While I am trying to launch a new cluster Nodes are created without a route. Hence, scheduler is not able to schedule anything in pods.
Is this due to bad IAM permissions?
I had the same issue but luckily received help from GCP support. In our case the SA that was creating the cluster did not have enough permission (someone removed lot of permission for the SA that we did not created manually). You should retry with after you give "EDITOR" permission to the SA for the whole project (this is more than it need but it is a good test).
You can also check the logs in the activity panel (I did not notice during my firsts tests but there were some error motioning the permission of the SA)
I hope it can help.