From 1d7be29ae6f82e2747d056325af39ac0f2179872 Mon Sep 17 00:00:00 2001
From: Colin Walters <walters@verbum.org>
Date: Fri, 30 Oct 2020 12:54:43 +0000
Subject: [PATCH] Use hostNetwork: true for operator and controller

We want to support switching cluster network types "day 2".
This may involve a MachineConfig rollout, so using the
host network will avoid potential deadlocks.

The only thing that the MCO should need is access to the apiserver;
we don't talk to any in-cluster services.
---
 install/0000_80_machine-config-operator_04_deployment.yaml | 4 ++++
 manifests/machineconfigcontroller/deployment.yaml          | 4 ++++
 pkg/operator/assets/bindata.go                             | 4 ++++
 3 files changed, 12 insertions(+)

diff --git a/install/0000_80_machine-config-operator_04_deployment.yaml b/install/0000_80_machine-config-operator_04_deployment.yaml
index 34c427a304..fde4d54694 100644
--- a/install/0000_80_machine-config-operator_04_deployment.yaml
+++ b/install/0000_80_machine-config-operator_04_deployment.yaml
@@ -44,6 +44,10 @@ spec:
       securityContext:
         runAsNonRoot: true
         runAsUser: 65534
+      # We want to support switching cluster network types "day 2".
+      # This may involve a MachineConfig rollout, so using the
+      # host network will avoid potential deadlocks.
+      hostNetwork: true
       tolerations:
       - key: "node-role.kubernetes.io/master"
         operator: "Exists"
diff --git a/manifests/machineconfigcontroller/deployment.yaml b/manifests/machineconfigcontroller/deployment.yaml
index fe4fbf3c84..93b6d8d912 100644
--- a/manifests/machineconfigcontroller/deployment.yaml
+++ b/manifests/machineconfigcontroller/deployment.yaml
@@ -26,6 +26,10 @@ spec:
             memory: 50Mi
         terminationMessagePolicy: FallbackToLogsOnError
       serviceAccountName: machine-config-controller
+      # We want to support switching cluster network types "day 2".
+      # This may involve a MachineConfig rollout, so using the
+      # host network will avoid potential deadlocks.
+      hostNetwork: true
       nodeSelector:
         node-role.kubernetes.io/master: ""
       priorityClassName: "system-cluster-critical"
diff --git a/pkg/operator/assets/bindata.go b/pkg/operator/assets/bindata.go
index 40df9bd44e..0373a541ea 100644
--- a/pkg/operator/assets/bindata.go
+++ b/pkg/operator/assets/bindata.go
@@ -793,6 +793,10 @@ spec:
             memory: 50Mi
         terminationMessagePolicy: FallbackToLogsOnError
       serviceAccountName: machine-config-controller
+      # We want to support switching cluster network types "day 2".
+      # This may involve a MachineConfig rollout, so using the
+      # host network will avoid potential deadlocks.
+      hostNetwork: true
       nodeSelector:
         node-role.kubernetes.io/master: ""
       priorityClassName: "system-cluster-critical"