[WIP]: Fix kindnet POD_SUBNET mismatch in CNCF conformance tests

.github/workflows/cncf-conformance.yaml

@@ -94,6 +94,61 @@ jobs:
             sudo podman exec "${node}" systemctl disable firewalld || true
           done
 
+          # Deploy a DNS monitoring pod on node 2 (where test pods land) to capture
+          # TCP DNS behavior throughout the conformance tests. Use kube-system
+          # namespace to survive sonobuoy cleanup.
+          echo ""
+          echo "Starting background TCP DNS monitor on microshift-okd-2..."
+          cat > /tmp/dns-monitor.yaml <<'EOF'
+          apiVersion: v1
+          kind: Pod
+          metadata:
+            name: dns-monitor
+            namespace: kube-system
+          spec:
+            nodeName: microshift-okd-2
+            restartPolicy: Never
+            containers:
+            - name: monitor
+              image: registry.k8s.io/e2e-test-images/jessie-dnsutils:1.7
+              command: ["sleep", "86400"]
+          EOF
+          sed -i 's/^          //' /tmp/dns-monitor.yaml
+          make env CMD="kubectl apply -f /tmp/dns-monitor.yaml" || true
+          make env CMD="kubectl -n kube-system wait --for=condition=Ready pod/dns-monitor --timeout=60s" || true
+
+          # Write a probe script and copy it into the monitor pod
+          cat > /tmp/dns-probe.sh <<'PROBE'
+          #!/bin/sh
+          echo "=== resolv.conf ==="
+          cat /etc/resolv.conf
+          echo ""
+          echo "=== UDP short ==="
+          dig +notcp +short kubernetes.default.svc.cluster.local A 2>&1 || true
+          echo "=== TCP short ==="
+          dig +tcp +short +time=3 +tries=1 kubernetes.default.svc.cluster.local A 2>&1 || true
+          echo "=== TCP full ==="
+          dig +tcp +time=3 +tries=1 kubernetes.default.svc.cluster.local A 2>&1 || true
+          echo "=== TCP +noall +answer +search (same flags as e2e test) ==="
+          dig +tcp +noall +answer +search kubernetes.default.svc.cluster.local A 2>&1
+          echo "exit_code=$?"
+          PROBE
+          make env CMD="kubectl -n kube-system cp /tmp/dns-probe.sh dns-monitor:/tmp/dns-probe.sh" || true
+
+          # Start background monitoring loop - one make env call per 60s probe
+          echo "Starting background DNS probe loop..."
+          (
+            sleep 30
+            i=0
+            while true; do
+              i=$((i+1))
+              echo "--- probe $i at $(date +%H:%M:%S) ---"
+              make env CMD="kubectl -n kube-system exec dns-monitor -- sh /tmp/dns-probe.sh" 2>&1 || true
+              sleep 60
+            done
+          ) > /tmp/dns-monitor.log 2>&1 &
+          echo "DNS monitor PID: $!"
+
       - name: Configure hostname resolution for cluster nodes
         shell: bash
         run: |
@@ -109,7 +164,7 @@ jobs:
             ip=$(sudo podman inspect "$node" | jq -r '.[].NetworkSettings.Networks | to_entries[0].value.IPAddress')
             if [ -n "$ip" ] && [ "$ip" != "null" ]; then
               echo "$ip $node" | sudo tee -a /etc/hosts
-              echo "  ✓ Added: $ip $node"
+              echo "  Added: $ip $node"
             else
               echo "ERROR: Could not get IP address for node: $node"
               exit 1
@@ -120,7 +175,7 @@ jobs:
           echo "Verifying hostname resolution:"
           for node in microshift-okd-1 microshift-okd-2; do
             if getent hosts "$node" > /dev/null 2>&1; then
-              echo "  ✓ $node resolves successfully"
+              echo "  $node resolves successfully"
             else
               echo "ERROR: Hostname resolution failed for node: $node"
               exit 1
@@ -148,6 +203,22 @@ jobs:
           path: /tmp/sonobuoy-output/
           retention-days: 30
 
+      - name: Collect DNS monitor logs
+        if: always()
+        shell: bash
+        run: |
+          echo "=== DNS Monitor Pod Status ==="
+          make env CMD="kubectl -n kube-system get pod dns-monitor -o wide" || true
+          echo ""
+          echo "=== DNS Monitor Background Logs ==="
+          cat /tmp/dns-monitor.log 2>/dev/null || echo "(no monitor log found)"
+          echo ""
+          echo "=== CoreDNS pod status ==="
+          make env CMD="kubectl -n openshift-dns get pods -o wide" || true
+          echo ""
+          echo "=== Cleanup monitor pod ==="
+          make env CMD="kubectl -n kube-system delete pod dns-monitor --force --grace-period=0" || true
+
       - name: Clean up Sonobuoy resources
         if: always()
         shell: bash