diff --git a/install/0000_80_machine-config_00_service.yaml b/install/0000_80_machine-config_00_service.yaml
index 639a1c406f..68e5009562 100644
--- a/install/0000_80_machine-config_00_service.yaml
+++ b/install/0000_80_machine-config_00_service.yaml
@@ -63,4 +63,49 @@ spec:
   - name: health
     port: 8798
     protocol: TCP
-
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: machine-config-server
+  namespace: openshift-machine-config-operator
+  labels:
+    k8s-app: machine-config-server
+  annotations:
+    include.release.openshift.io/ibm-cloud-managed: "true"
+    include.release.openshift.io/self-managed-high-availability: "true"
+    include.release.openshift.io/single-node-developer: "true"
+spec:
+  type: ClusterIP
+  selector:
+    k8s-app: machine-config-server
+  ports:
+  - name: https
+    port: 22623
+    targetPort: 22623
+    protocol: TCP
+  - name: http
+    port: 22624
+    targetPort: 22624
+    protocol: TCP
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: kube-rbac-proxy-crio
+  namespace: openshift-machine-config-operator
+  labels:
+    k8s-app: kube-rbac-proxy-crio
+  annotations:
+    include.release.openshift.io/ibm-cloud-managed: "true"
+    include.release.openshift.io/self-managed-high-availability: "true"
+    include.release.openshift.io/single-node-developer: "true"
+spec:
+  type: ClusterIP
+  selector:
+    k8s-app: kube-rbac-proxy-crio
+  ports:
+  - name: metrics
+    port: 9637
+    targetPort: 9637
+    protocol: TCP
diff --git a/manifests/machineconfigdaemon/daemonset.yaml b/manifests/machineconfigdaemon/daemonset.yaml
index 1d32e44348..6900e81346 100644
--- a/manifests/machineconfigdaemon/daemonset.yaml
+++ b/manifests/machineconfigdaemon/daemonset.yaml
@@ -24,6 +24,7 @@ spec:
         image: {{.Images.MachineConfigOperator}}
         ports:
         - containerPort: 8798
+          hostIP: 127.0.0.1
           name: health
           protocol: TCP
         command: ["/usr/bin/machine-config-daemon"]
diff --git a/manifests/machineconfigserver/daemonset.yaml b/manifests/machineconfigserver/daemonset.yaml
index 602875e0d2..53df274631 100644
--- a/manifests/machineconfigserver/daemonset.yaml
+++ b/manifests/machineconfigserver/daemonset.yaml
@@ -26,6 +26,13 @@ spec:
           - "--payload-version={{.ReleaseVersion}}"
           - "--tls-cipher-suites={{join .TLSCipherSuites ","}}"
           - "--tls-min-version={{.TLSMinVersion}}"
+        ports:
+        - containerPort: 22623
+          name: https
+          protocol: TCP
+        - containerPort: 22624
+          name: http
+          protocol: TCP
         resources:
           requests:
             cpu: 20m
diff --git a/templates/arbiter/01-arbiter-kubelet/_base/files/criometricsproxy.yaml b/templates/arbiter/01-arbiter-kubelet/_base/files/criometricsproxy.yaml
index bcdf704c09..8f8cae587d 100644
--- a/templates/arbiter/01-arbiter-kubelet/_base/files/criometricsproxy.yaml
+++ b/templates/arbiter/01-arbiter-kubelet/_base/files/criometricsproxy.yaml
@@ -7,6 +7,8 @@ contents:
     metadata:
       name: kube-rbac-proxy-crio
       namespace: openshift-machine-config-operator
+      labels:
+        k8s-app: kube-rbac-proxy-crio
       annotations:
         target.workload.openshift.io/management: '{"effect": "PreferredDuringScheduling"}'
         openshift.io/required-scc: privileged
diff --git a/templates/master/01-master-kubelet/_base/files/criometricsproxy.yaml b/templates/master/01-master-kubelet/_base/files/criometricsproxy.yaml
index bcdf704c09..8f8cae587d 100644
--- a/templates/master/01-master-kubelet/_base/files/criometricsproxy.yaml
+++ b/templates/master/01-master-kubelet/_base/files/criometricsproxy.yaml
@@ -7,6 +7,8 @@ contents:
     metadata:
       name: kube-rbac-proxy-crio
       namespace: openshift-machine-config-operator
+      labels:
+        k8s-app: kube-rbac-proxy-crio
       annotations:
         target.workload.openshift.io/management: '{"effect": "PreferredDuringScheduling"}'
         openshift.io/required-scc: privileged
diff --git a/templates/worker/01-worker-kubelet/_base/files/criometricsproxy.yaml b/templates/worker/01-worker-kubelet/_base/files/criometricsproxy.yaml
index bcdf704c09..8f8cae587d 100644
--- a/templates/worker/01-worker-kubelet/_base/files/criometricsproxy.yaml
+++ b/templates/worker/01-worker-kubelet/_base/files/criometricsproxy.yaml
@@ -7,6 +7,8 @@ contents:
     metadata:
       name: kube-rbac-proxy-crio
       namespace: openshift-machine-config-operator
+      labels:
+        k8s-app: kube-rbac-proxy-crio
       annotations:
         target.workload.openshift.io/management: '{"effect": "PreferredDuringScheduling"}'
         openshift.io/required-scc: privileged