Update CHANGELOG.md to note node readiness after #43474

[dcbw]

No description provided.

[k8s-reviewable]

This change is 

[bgrant0607]

cc @mikedanese

[jbeda]

This sentence assumes users are using the go client. I would instead say something like "Previously pods requiring just host networking could be scheduled and run successfully. This is no longer possible. Note that currently DaemonSets will be scheduled regardless of node readiness."

[bgrant0607]

I agree that it's useful to call out that DaemonSets shouldn't be affected

[bgrant0607]

I would combine Joe's text and mine.

[dcbw]

@jbeda I don't think that statement is accurate. Previously, all pods would be scheduled, some (hostNetwork:true) would run successfully, and the rest would fail over and over and over in a loop forever because networking wasn't ready.

Kubelet still allows hostNetwork:true pods to be run on the node even if the node isn't ready (AFAIK) so "This is no longer possible" isn't correct.

It's simply that clients that assume node readiness means no pods can be scheduled can no longer assume that.

[dcbw]

I think @bgrant0607 has a better summary than I could write here, so I'll take his.

[jbeda]

I'm okay with the text as is, but right now no pods that go through the regular scheduling path (i.e. all except DaemonSet) will land on the machine. This is a break in behavior and is the reason we had to remove the "test deployment" check from kubeadm.

So -- if someone relied on pods being scheduled and working (with host networking) that is now broken and is no longer possible. The scheduler doesn't have a carve out for host networking pods on nodes with broken networking.

Previously non host-networking pods wouldn't launch but would be scheduled. Now they won't be scheduled at all. So they are now a different type of broken.

This is all pretty subtle and I doubt that many folks actually were relying on host networking pods working with broken CNI, but you never know.

[jbeda]

Use code highlighting (`) for /etc/cni/net.d?

[dcbw]

Will do

[bgrant0607]

I would write:

This change may require changes to clients that gate pod creation and/or scheduling on the node condition type Ready status being True for pods that need to run prior to the network being ready.

so that the description is in terms of the API rather than our own internal client code, and more clearly differentiates problematic scenarios from the intended behavior.

[dcbw]

Updated with your text, thanks!

[dcbw]

@bgrant0607 @jbeda PTAL, thanks!

[k8s-ci-robot]

@dcbw: The following test(s) failed:

Test name	Commit	Details	Rerun command
Jenkins non-CRI GCE e2e	75ad746	link	@k8s-bot non-cri e2e test this

Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

[bgrant0607]

/lgtm
/approve

We can add more text later if further clarification is needed.

[k8s-github-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: bgrant0607, dcbw

Needs approval from an approver in each of these OWNERS Files:

• OWNERS [bgrant0607]

You can indicate your approval by writing /approve in a comment
You can cancel your approval by writing /approve cancel in a comment

[k8s-github-robot]

Automatic merge from submit-queue