Description of problem: If you say net.Listen("tcp", "0.0.0.0:10357"), golang will actually create a dual-stack IPv4/IPv6 listening socket. But for historical reasons (having to do with bad IPv6 compat in older kube I think), we default to passing "tcp4" (the default value of configv1.ServingInfo.BindNetwork) instead of "tcp", forcing IPv4-only. There is no reason these days for servers on the pod network to enforce IPv4-only, so this overrides the default for kube-controller-manager.
This was fixed in https://github.com/openshift/cluster-kube-controller-manager-operator/pull/320
Confirmed with latest payload: 4.4.0-0.nightly-2019-12-15-184910, the issue has fixed: Login the master node, check the Listen port: [root@dhcp-140-138 ~]# oc debug node/ip-xxxxx Starting pod/ip-10-0-130-121us-east-2computeinternal-debug ... To use host binaries, run `chroot /host` Pod IP: 10.0.130.121 If you don't see a command prompt, try pressing enter. sh-4.2# chroot /host sh-4.4# netstat -pan |grep 10357 tcp6 0 0 :::10357 :::* LISTEN 51788/cluster-polic
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2020:0581