Description of problem: ```shell [root@master2 ~]# crictl pods --name router-default-fb744fb7f-hmmn5 -q 0a0c7cc6d1ad6815f7613fd758c5329c4265ddb6607f568b69e30fdafdfc0a52 [root@master2 ~]# crictl ps --pod=0a0c7cc6d1ad6815f7613fd758c5329c4265ddb6607f568b69e30fdafdfc0a52 CONTAINER IMAGE CREATED STATE NAME ATTEMPT POD ID b04c17fb1c58d dd7aaceb9081f88c9ba418708f32a66f5de4e527a00c7f6ede50d55c93eb04ed 3 days ago Running router 1 0a0c7cc6d1ad6 [root@master2 ~]# crictl exec b04 cat /etc/resolv.conf search openshift4.example.com nameserver 10.226.45.250 [root@master2 ~]# crictl exec b04 curl -s kubernetes.default.svc.cluster.local FATA[0000] execing command in container failed: command terminated with exit code 6 [root@master2 ~]# crictl exec b04 curl kubernetes.default.svc.cluster.local % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0curl: (6) Could not resolve host: kubernetes.default.svc.cluster.local; Unknown error FATA[0000] execing command in container failed: command terminated with exit code 6 ``` ``` [root@bastion ~]# oc -n openshift-dns get svc NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE dns-default ClusterIP 172.30.0.10 <none> 53/UDP,53/TCP,9154/TCP 3d17h ``` Version-Release number of selected component (if applicable): ocp version `4.5.9` ``` [root@master2 ~]# crictl exec b04 /usr/bin/openshift-router version openshift-router majorFromGit: minorFromGit: commitFromGit: e3b9390202c6f9a9d986d9465c5f25e2214936e3 versionFromGit: 4.0.0-143-ge3b9390 gitTreeState: clean buildDate: 2020-09-04T14:15:28Z ``` How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: ``` [root@master2 ~]# crictl exec b04 cat /etc/resolv.conf search openshift-ingress.cluster.local svc.cluster.local cluster.local options ndots:5 nameserver 172.30.0.10 ``` Additional info:
Which platform is this? What DNS policy do you see set? Looking at my AWS cluster I see: $ oc get pods -n openshift-ingress router-default-58db4cf8d4-cv9lc -o yaml |ag dns "dns": {} "dns": {} f:dnsPolicy: {} dnsPolicy: ClusterFirst
Target set to next release version while investigation is either ongoing or pending. Will be considered for earlier release versions when diagnosed and resolved.
I want to set it to `ClusterFirstWithHostNet`
Tagging with UpcomingSprint while investigation is either ongoing or pending. Will be considered for earlier release versions when diagnosed and resolved.
(In reply to zhangguanzhang from comment #3) > I want to set it to `ClusterFirstWithHostNet` If the endpoint publishing strategy type is set to host network then we should automatically set the dnsPolicy with ClusterFirstWithHostNet. Would that be your expectation?
yes, could add a field let user to set it
Verified with 4.7.0-0.nightly-2020-12-04-013308 in vSphere which using HostNetwork and passed. [root@preserve-hongli-ipv6 ~]# oc -n openshift-ingress get deployment router-default -oyaml <---snip---> dnsPolicy: ClusterFirstWithHostNet hostNetwork: true # oc -n openshift-ingress exec router-default-589b49584-fhptg -- cat /etc/resolv.conf search openshift-ingress.svc.cluster.local svc.cluster.local cluster.local hongli-vs47.xxx.com nameserver 172.30.0.10 options ndots:5 # oc -n openshift-ingress exec router-default-589b49584-fhptg -- nslookup kubernetes.default.svc.cluster.local Server: 172.30.0.10 Address: 172.30.0.10#53 Name: kubernetes.default.svc.cluster.local Address: 172.30.0.1
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2020:5633