DNS None clusters fails OIDC e2e test
rifelpet opened this issue · comments
/kind bug
Since the migration to dns=none by default, the prow e2e grid is failing the OIDC tests:
I0204 15:43:18.456158 1 log.go:198] Full, not-validated claims:
openidmetadata.claims{Claims:jwt.Claims{Issuer:"https://api.internal.e2e-e2e-kops-grid-calico-amzn2-k26.test-cncf-aws.k8s.io/", Subject:"system:serviceaccount:svcaccounts-9692:default", Audience:jwt.Audience{"oidc-discovery-test"}, Expiry:1707061997, NotBefore:1707061397, IssuedAt:1707061397, ID:""}, Kubernetes:openidmetadata.kubeClaims{Namespace:"svcaccounts-9692", ServiceAccount:openidmetadata.kubeName{Name:"default", UID:"15bf3196-cfd3-40cb-9ee0-8f05454c7e85"}}}
I0204 15:43:18.460415 1 log.go:198] Get "https://api.internal.e2e-e2e-kops-grid-calico-amzn2-k26.test-cncf-aws.k8s.io/.well-known/openid-configuration": dial tcp: lookup api.internal.e2e-e2e-kops-grid-calico-amzn2-k26.test-cncf-aws.k8s.io on 100.64.0.10:53: no such host
the test pod created in the cluster is not able to resolve the api.internal domain name.
In #12792 we populate coredns pods' /etc/hosts for gossip clusters. We probably need to expand that to cover dns=none clusters too.
The Kubernetes project currently lacks enough contributors to adequately respond to all issues.
This bot triages un-triaged issues according to the following rules:
- After 90d of inactivity,
lifecycle/stale
is applied - After 30d of inactivity since
lifecycle/stale
was applied,lifecycle/rotten
is applied - After 30d of inactivity since
lifecycle/rotten
was applied, the issue is closed
You can:
- Mark this issue as fresh with
/remove-lifecycle stale
- Close this issue with
/close
- Offer to help out with Issue Triage
Please send feedback to sig-contributor-experience at kubernetes/community.
/lifecycle stale
The Kubernetes project currently lacks enough active contributors to adequately respond to all issues.
This bot triages un-triaged issues according to the following rules:
- After 90d of inactivity,
lifecycle/stale
is applied - After 30d of inactivity since
lifecycle/stale
was applied,lifecycle/rotten
is applied - After 30d of inactivity since
lifecycle/rotten
was applied, the issue is closed
You can:
- Mark this issue as fresh with
/remove-lifecycle rotten
- Close this issue with
/close
- Offer to help out with Issue Triage
Please send feedback to sig-contributor-experience at kubernetes/community.
/lifecycle rotten