Deployment with hostNetwork cannot reach service net with 1.17.2.

What happened :

A Deployment with hostNetwork: true and dnsPolicy: ClusterFirstWithHostNet cannot reach the DNS server listed in /etc/resolv.conf , which has contents as follows:

nameserver 10.96.0.10
search <namespace>.svc.cluster.local svc.cluster.local cluster.local <local net search domain>
options ndots:5
What you expected to happen:
Pod should be able to reach the DNS server listed in /etc/resolv.conf and resolve names inside and outside of the service network.
How to reproduce it (as minimally and precisely as possible):
apiVersion: apps/v1
kind: Deployment
metadata:
  name: dns-test
spec:
  replicas: 1
  selector:
    matchLabels:
      app.kubernetes.io/name: dns-test
  template:
    metadata:
      labels:
        app.kubernetes.io/name: dns-test
    spec:
      hostNetwork: true
      dnsPolicy: ClusterFirstWithHostNet
      containers:
        - name: dns-test
          image: busybox
          imagePullPolicy: IfNotPresent
          args:
            - sleep
            - "1000000"
          resources:
% kubectl apply -f dns-test.yaml
% kubectl exec dns-test-75f45f8c88-jgfs7 -- nslookup google.com
;; connection timed out; no servers could be reached
command terminated with exit code 1
% kubectl exec dns-test-75f45f8c88-jgfs7 -- nslookup google.com 8.8.8.8
Server:		8.8.8.8
Address:	8.8.8.8:53
Non-authoritative answer:
Name:	google.com
Address: 216.58.210.46
*** Can't find google.com: No answer
Anything else we need to know?:
Environment:
Kubernetes version (use kubectl version):
Client Version: version.Info{Major:"1", Minor:"17", GitVersion:"v1.17.2", GitCommit:"59603c6e503c87169aea6106f57b9f242f64df89", GitTreeState:"clean", BuildDate:"2020-01-18T23:30:10Z", GoVersion:"go1.13.5", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"17", GitVersion:"v1.17.2", GitCommit:"59603c6e503c87169aea6106f57b9f242f64df89", GitTreeState:"clean", BuildDate:"2020-01-18T23:22:30Z", GoVersion:"go1.13.5", Compiler:"gc", Platform:"linux/amd64"}
Cloud provider or hardware configuration:
5 identical nodes.

Intel(R) Xeon(R) Gold 6252 CPU @ 2.10GHz

376GB RAM

10Gbps link, adapter Intel Corporation Ethernet Controller 10-Gigabit X540-AT2 (rev 01)
OS (e.g: cat /etc/os-release):
NAME="Ubuntu"
VERSION="18.04.3 LTS (Bionic Beaver)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 18.04.3 LTS"
VERSION_ID="18.04"
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
VERSION_CODENAME=bionic
UBUNTU_CODENAME=bionic
Kernel (e.g. uname -a):
Linux node01 4.15.0-74-generic #84-Ubuntu SMP Thu Dec 19 08:06:28 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
Install tools:
kubeadm init --pod-network-cidr=10.244.0.0/16 --apiserver-advertise-address=<IP address of the node>
Network plugin and version (if this is a network-related bug):
Flannel from https://raw.githubusercontent.com/coreos/flannel/2140ac876ef134e0ed5af15c65e414cf26827915/Documentation/kube-flannel.yml
Others:

Deployment with hostNetwork cannot reach service net with 1.17.2. #87719

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Deployment with hostNetwork cannot reach service net with 1.17.2. #87719

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions