Install private cluster on ASH using CAPI method, installation failed as ingress operator was degraded, because it was unable to resolve *.apps dns record.
================
  - lastTransitionTime: "2025-04-27T05:01:17Z"
    message: |-
      The "default" ingress controller reports Degraded=True: DegradedConditions: One or more other status conditions indicate a degraded state: CanaryChecksSucceeding=False (CanaryChecksRepetitiveFailures: Canary route checks for the default ingress controller are failing. Last 1 error messages:
      error sending canary HTTP request: DNS error: Get "https://canary-openshift-ingress-canary.apps.jima27ash.installer.redhat.wwtatc.com": dial tcp: lookup canary-openshift-ingress-canary.apps.jima27ash.installer.redhat.wwtatc.com on 172.30.0.10:53: no such host (x234 over 3h53m0s)).
    reason: IngressDegraded
    status: "True"
    type: Degraded


# oc get dns -oyaml
apiVersion: v1
items:
- apiVersion: config.openshift.io/v1
  kind: DNS
  metadata:
    creationTimestamp: "2025-04-27T04:36:34Z"
    generation: 1
    name: cluster
    resourceVersion: "467"
    uid: 6de787b6-dd11-4d17-b34c-c1ed7641d7d4
  spec:
    baseDomain: jima27ash.installer.redhat.wwtatc.com
    platform:
      type: ""
  status: {}
kind: List
metadata:
  resourceVersion: ""
  selfLink: ""

     

    4.19 nightly build

    Always

    1. Install private cluster on ASH
    2.
    3.
    

    Ingress operator is degraded

    Installation is successful.

Azure Stack only supports "DNS zones", there is not a private/public zone distinction, and installer creates api/api-int records in single zone whether it is private cluster or not.
https://github.com/openshift/installer/blob/main/pkg/infrastructure/azure/dns.go#L103-L121

While generating dns manifest file, no dns zone info is specified if it is private cluster on ASH, this results in no apps dns record being created.
https://github.com/openshift/installer/blob/main/pkg/asset/manifests/dns.go#L119-L136