Bug 1889308
| Summary: | dnsPolicy of kube-scheduler apiserver and controller-manager not aligned with hostNetwork | |||
|---|---|---|---|---|
| Product: | OpenShift Container Platform | Reporter: | Pietro Bertera <pbertera> | |
| Component: | kube-scheduler | Assignee: | Maciej Szulik <maszulik> | |
| Status: | CLOSED WONTFIX | QA Contact: | RamaKasturi <knarra> | |
| Severity: | medium | Docs Contact: | ||
| Priority: | medium | |||
| Version: | 4.5 | CC: | aos-bugs, mfojtik, pbertera | |
| Target Milestone: | --- | |||
| Target Release: | 4.7.0 | |||
| Hardware: | Unspecified | |||
| OS: | Unspecified | |||
| Whiteboard: | ||||
| Fixed In Version: | Doc Type: | No Doc Update | ||
| Doc Text: | Story Points: | --- | ||
| Clone Of: | ||||
| : | 1891779 (view as bug list) | Environment: | ||
| Last Closed: | 2020-11-03 16:37:41 UTC | Type: | Bug | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
| Bug Depends On: | ||||
| Bug Blocks: | 1891779 | |||
|
Description
Pietro Bertera
2020-10-19 10:44:42 UTC
Verified with the payload below and i see that when hostNetwork is true, dnsPolicy is set to ClusterFirstWithHostNet for kube-scheduler, kube-controller-manager & kube-apiserver
[knarra@knarra openshift-client-linux-4.7.0-0.nightly-2020-10-23-065848]$ ./oc version
Client Version: 4.7.0-0.nightly-2020-10-23-065848
Server Version: 4.7.0-0.nightly-2020-10-23-065848
Kubernetes Version: v1.19.0+e67f5dc
kube-scheduler:
=====================
[knarra@knarra openshift-client-linux-4.7.0-0.nightly-2020-10-23-065848]$ ./oc get pod openshift-kube-scheduler-ip-10-0-140-164.us-east-2.compute.internal -n openshift-kube-scheduler -o yaml | grep 'hostNetwork'
f:hostNetwork: {}
hostNetwork: true
[knarra@knarra openshift-client-linux-4.7.0-0.nightly-2020-10-23-065848]$ ./oc get pod openshift-kube-scheduler-ip-10-0-140-164.us-east-2.compute.internal -n openshift-kube-scheduler -o yaml | grep 'dnsPolicy'
f:dnsPolicy: {}
dnsPolicy: ClusterFirstWithHostNet
kube-controller-manager:
============================
[knarra@knarra openshift-client-linux-4.7.0-0.nightly-2020-10-23-065848]$ ./oc get pods kube-controller-manager-ip-10-0-140-164.us-east-2.compute.internal -n openshift-kube-controller-manager -o yaml | grep 'hostNetwork'
f:hostNetwork: {}
hostNetwork: true
[knarra@knarra openshift-client-linux-4.7.0-0.nightly-2020-10-23-065848]$ ./oc get pods kube-controller-manager-ip-10-0-140-164.us-east-2.compute.internal -n openshift-kube-controller-manager -o yaml | grep 'dnsPolicy'
f:dnsPolicy: {}
dnsPolicy: ClusterFirstWithHostNet
kube-apiserver:
===================
[knarra@knarra openshift-client-linux-4.7.0-0.nightly-2020-10-23-065848]$ ./oc get pods kube-apiserver-ip-10-0-140-164.us-east-2.compute.internal -n openshift-kube-apiserver -o yaml | grep 'hostNetwork'
f:hostNetwork: {}
hostNetwork: true
[knarra@knarra openshift-client-linux-4.7.0-0.nightly-2020-10-23-065848]$ ./oc get pods kube-apiserver-ip-10-0-140-164.us-east-2.compute.internal -n openshift-kube-apiserver -o yaml | grep 'dnsPolicy'
f:dnsPolicy: {}
dnsPolicy: ClusterFirstWithHostNet
Based on the above moving bug to verified state.
This change is causing issues during startup b/c ClusterFirstWithHostNet dns policy forces in-cluster dns server which is not available during core elements startup. I'm reverting the changes in all the core operators and discussing how to solve this issue for kubelet first. I'm closing this as won't fix for now. |