nodelocal dns 1.15.11 cannot add iptables rules. executable file not found in $PATH

[LuckySB]

What happened:
daemonset nodelocaldns with image gcr.io/google-containers/k8s-dns-node-cache:1.15.11
flood error log with message

[ERROR] Error adding iptables rule {raw OUTPUT [-p udp -s 169.254.25.10 --sport 53 -j NOTRACK]} - error checking rule: executable file not found in $PATH:
[ERROR] Error adding iptables rule {filter OUTPUT [-p tcp -s 169.254.25.10 --sport 53 -j ACCEPT]} - error checking rule: executable file not found in $PATH:
[ERROR] Error adding iptables rule {filter OUTPUT [-p udp -s 169.254.25.10 --sport 53 -j ACCEPT]} - error checking rule: executable file not found in $PATH:
[ERROR] Error adding iptables rule {raw OUTPUT [-p tcp -d 169.254.25.10 --dport 53 -j NOTRACK]} - error checking rule: executable file not found in $PATH:
[ERROR] Error adding iptables rule {raw OUTPUT [-p udp -d 169.254.25.10 --dport 53 -j NOTRACK]} - error checking rule: executable file not found in $PATH:
[ERROR] Error adding iptables rule {raw OUTPUT [-p tcp -d 169.254.25.10 --dport 8080 -j NOTRACK]} - error checking rule: executable file not found in $PATH:
[ERROR] Error adding iptables rule {raw OUTPUT [-p tcp -s 169.254.25.10 --sport 8080 -j NOTRACK]} - error checking rule: executable file not found in $PATH:
[ERROR] Error adding iptables rule {raw PREROUTING [-p tcp -d 169.254.25.10 --dport 53 -j NOTRACK]} - error checking rule: executable file not found in $PATH:
[ERROR] Error adding iptables rule {raw PREROUTING [-p udp -d 169.254.25.10 --dport 53 -j NOTRACK]} - error checking rule: executable file not found in $PATH:
[ERROR] Error adding iptables rule {filter INPUT [-p tcp -d 169.254.25.10 --dport 53 -j ACCEPT]} - error checking rule: executable file not found in $PATH:
[ERROR] Error adding iptables rule {filter INPUT [-p udp -d 169.254.25.10 --dport 53 -j ACCEPT]} - error checking rule: executable file not found in $PATH:

What you expected to happen:
compare files in image 1.15.10 with 1.15.11 i see:
no /usr/bin/iptables-xml file in 1.15.11

How to reproduce it (as minimally and precisely as possible):

kubectl apply -f https://github.com/kubernetes/kubernetes/blob/master/cluster/addons/dns/nodelocaldns/nodelocaldns.yaml

kubectl set image ds nodelocaldns node-cache=gcr.io/google-containers/k8s-dns-node-cache:1.15.11

[LuckySB]

/sig network
/sig apps

[athenabot]

/triage unresolved

Comment /remove-triage unresolved when the issue is assessed and confirmed.

🤖 I am a bot run by vllry. 👩‍🔬

[LuckySB]

kubernetes/dns#367

[rikatz]

/assign @bowei

[athenabot]

@bowei
If this issue has been triaged, please comment /remove-triage unresolved.

If you aren't able to handle this issue, consider unassigning yourself and/or adding the help-wanted label.

🤖 I am a bot run by vllry. 👩‍🔬

[bowei]

/assign @prameshj

[bowei]

/remove-triage unresolved

[bowei]

pavithra -- can you take a look?

[bowei]

Looks like is discussion on the linked PR in the DNS repo.

[prameshj]

This has been fixed in 1.15.12 image.
kubernetes/dns#365

[prameshj]

/close
Please reopen if needed.

[k8s-ci-robot]

@prameshj: Closing this issue.

In response to this:

/close
Please reopen if needed.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.