diff --git a/deploy/kubernetes/base/controller.yaml b/deploy/kubernetes/base/controller.yaml
index 73c033fd1..5003f98a1 100644
--- a/deploy/kubernetes/base/controller.yaml
+++ b/deploy/kubernetes/base/controller.yaml
@@ -13,6 +13,11 @@ spec:
       labels:
         app: gcp-compute-persistent-disk-csi-driver
     spec:
+      # Host network must be used for interaction with Workload Identity in GKE
+      # since it replaces GCE Metadata Server with GKE Metadata Server. Remove
+      # this requirement when issue is resolved and before any exposure of
+      # metrics ports
+      hostNetwork: true
       serviceAccountName: csi-controller-sa
       priorityClassName: gce-pd-csi-driver-controller
       containers:
diff --git a/deploy/kubernetes/base/node.yaml b/deploy/kubernetes/base/node.yaml
index 41cd0a1a4..3cdfbb360 100644
--- a/deploy/kubernetes/base/node.yaml
+++ b/deploy/kubernetes/base/node.yaml
@@ -12,6 +12,11 @@ spec:
       labels:
         app: gcp-compute-persistent-disk-csi-driver
     spec:
+      # Host network must be used for interaction with Workload Identity in GKE
+      # since it replaces GCE Metadata Server with GKE Metadata Server. Remove
+      # this requirement when issue is resolved and before any exposure of
+      # metrics ports
+      hostNetwork: true
       priorityClassName: gce-pd-csi-driver-node
       serviceAccountName: csi-node-sa
       containers: