🐛: skip APIServerELB DNS name resolution if internal

[r4f4]

What type of PR is this?

/kind bug

What this PR does / why we need it:

Skip APIServerELB DNS name resolution check when the LB is internal. The check will never work in air-gapped systems.

Which issue(s) this PR fixes (optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when PR gets merged):
Fixes #4975

Special notes for your reviewer:

Checklist:

• squashed commits
• includes documentation
• includes emojis
• adds unit tests
• adds or updates e2e tests

Release note:

Skip DNS name resolution check for internal APIServerELB.

[k8s-ci-robot]

Hi @r4f4. Thanks for your PR.

I'm waiting for a kubernetes-sigs member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign vincepri for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[r4f4]

/cc @mtulio @patrickdillon

[k8s-ci-robot]

@r4f4: GitHub didn't allow me to request PR reviews from the following users: mtulio, patrickdillon.

Note that only kubernetes-sigs members and repo collaborators can review this PR, and authors cannot review their own PRs.

In response to this:

/cc @mtulio @patrickdillon

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[damdo]

/lgtm

[damdo]

/test pull-cluster-api-provider-aws-test

[r4f4]

/hold
While we double check if the name is resolvable in a SC2S region.

[AndiDog]

There's a chat thread about why the DNS resolving wait code was likely there. It might be to check LB availability. Did you see problems or delays after this change, such as CAPA requiring an additional wait before reconciling further (e.g. because the LB/DNS wasn't available yet)? That's the only concern I have. Otherwise LGTM.

[r4f4]

There's a chat thread about why the DNS resolving wait code was likely there. It might be to check LB availability. Did you see problems or delays after this change, such as CAPA requiring an additional wait before reconciling further (e.g. because the LB/DNS wasn't available yet)? That's the only concern I have. Otherwise LGTM.

When we encountered the issue we were creating a cluster in C2S via an emulator (SHIFT). The issue did not happen in another emulator (Combine). We're trying to test on a real C2S/SC2S env to determine if the internal LB name is resolvable. If so, it's an emulator bug. If not, I'll test again and pay attention to the reconcile process.

[AndiDog]

Please also test on a real, public AWS region if you can. It would be interesting to see how removing this wait behaves, in order to find out whether it could be removed overall, or if then we need some retries for the control plane setup or so.

[nrb]

I'll wait to review until hearing back on whether or not this happens in the real AWS environment.