enabled KPR

[errordeveloper]

Deploying a cluster without kube-proxy (see cilium/openshift-terrafrom-upi#16) implies that usual API access is not possible, so the operator needs to do something else.

From looking at CVO, it appears that one option could be to use nodeSelector: { node-role.kubernetes.io/master: "" } and KUBERNETES_SERVICE_HOST=127.0.0.1, because masters always run an API server.

• https://github.com/openshift/cluster-version-operator/blob/d48ed58b220a56aa24eff664bf5dc28709728717/install/0000_00_cluster-version-operator_03_deployment.yaml#L52-L55
• https://github.com/openshift/cluster-version-operator/blob/ed0250c784ea0f47d8d60284828b36a11a45f4c3/lib/resourcebuilder/apps.go#L39-L42

From looking at CNO, it seems like another route could be to mount /etc/kubernetes from the host.

• https://github.com/openshift/cluster-network-operator/blob/217a005d8fea4fb9853f0eec6d41b4497fc071ca/manifests/0000_70_cluster-network-operator_03_deployment.yaml#L25-L36
• https://github.com/openshift/cluster-network-operator/blob/217a005d8fea4fb9853f0eec6d41b4497fc071ca/manifests/0000_70_cluster-network-operator_03_deployment.yaml#L98-L101

[errordeveloper]

I will try to implement the CVO option first, as CNO one would require SCC adjustments to get hostPath volumes.

[errordeveloper]

The CVO option didn't work as it doesn't work during bootstrap, will probably implement something in Terraform for testing. Doing something similar to what CNO does would be needed, but it's probably best to leave until there is a custom operator.

[errordeveloper]

xref https://github.com/cilium/openshift-terraform-upi/commit/9e22c4f77015618c7ba7560dd455a72f0b7e758f

[errordeveloper]

xref cilium/openshift-terraform-upi@9e22c4f

This worked, closing!