Description of problem: kube-scheduler, kube-apiserver and kube-controller-manager pods are deployed by the respective operator with `hostNetwork: true` and without a `dnsPolicy`. The `dnsPolicy` should be `ClusterFirstWithHostNet` in order to make internal services discovery working for the component itself.
Verified with the payload below and i see that when hostNetwork is true, dnsPolicy is set to ClusterFirstWithHostNet for kube-scheduler, kube-controller-manager & kube-apiserver [knarra@knarra openshift-client-linux-4.7.0-0.nightly-2020-10-23-065848]$ ./oc version Client Version: 4.7.0-0.nightly-2020-10-23-065848 Server Version: 4.7.0-0.nightly-2020-10-23-065848 Kubernetes Version: v1.19.0+e67f5dc kube-scheduler: ===================== [knarra@knarra openshift-client-linux-4.7.0-0.nightly-2020-10-23-065848]$ ./oc get pod openshift-kube-scheduler-ip-10-0-140-164.us-east-2.compute.internal -n openshift-kube-scheduler -o yaml | grep 'hostNetwork' f:hostNetwork: {} hostNetwork: true [knarra@knarra openshift-client-linux-4.7.0-0.nightly-2020-10-23-065848]$ ./oc get pod openshift-kube-scheduler-ip-10-0-140-164.us-east-2.compute.internal -n openshift-kube-scheduler -o yaml | grep 'dnsPolicy' f:dnsPolicy: {} dnsPolicy: ClusterFirstWithHostNet kube-controller-manager: ============================ [knarra@knarra openshift-client-linux-4.7.0-0.nightly-2020-10-23-065848]$ ./oc get pods kube-controller-manager-ip-10-0-140-164.us-east-2.compute.internal -n openshift-kube-controller-manager -o yaml | grep 'hostNetwork' f:hostNetwork: {} hostNetwork: true [knarra@knarra openshift-client-linux-4.7.0-0.nightly-2020-10-23-065848]$ ./oc get pods kube-controller-manager-ip-10-0-140-164.us-east-2.compute.internal -n openshift-kube-controller-manager -o yaml | grep 'dnsPolicy' f:dnsPolicy: {} dnsPolicy: ClusterFirstWithHostNet kube-apiserver: =================== [knarra@knarra openshift-client-linux-4.7.0-0.nightly-2020-10-23-065848]$ ./oc get pods kube-apiserver-ip-10-0-140-164.us-east-2.compute.internal -n openshift-kube-apiserver -o yaml | grep 'hostNetwork' f:hostNetwork: {} hostNetwork: true [knarra@knarra openshift-client-linux-4.7.0-0.nightly-2020-10-23-065848]$ ./oc get pods kube-apiserver-ip-10-0-140-164.us-east-2.compute.internal -n openshift-kube-apiserver -o yaml | grep 'dnsPolicy' f:dnsPolicy: {} dnsPolicy: ClusterFirstWithHostNet Based on the above moving bug to verified state.
This change is causing issues during startup b/c ClusterFirstWithHostNet dns policy forces in-cluster dns server which is not available during core elements startup. I'm reverting the changes in all the core operators and discussing how to solve this issue for kubelet first. I'm closing this as won't fix for now.