diff --git a/pkg/controller/nodelifecycle/scheduler/timed_workers.go b/pkg/controller/nodelifecycle/scheduler/timed_workers.go
index d5567d21e52..58b22fd10d0 100644
--- a/pkg/controller/nodelifecycle/scheduler/timed_workers.go
+++ b/pkg/controller/nodelifecycle/scheduler/timed_workers.go
@@ -52,11 +52,17 @@ type TimedWorker struct {
 // createWorker creates a TimedWorker that will execute `f` not earlier than `fireAt`.
 func createWorker(ctx context.Context, args *WorkArgs, createdAt time.Time, fireAt time.Time, f func(ctx context.Context, args *WorkArgs) error, clock clock.WithDelayedExecution) *TimedWorker {
 	delay := fireAt.Sub(createdAt)
+	fWithErrorLogging := func() {
+		err := f(ctx, args)
+		if err != nil {
+			klog.Errorf("NodeLifecycle: timed worker failed with error: %q", err)
+		}
+	}
 	if delay <= 0 {
-		go f(ctx, args)
+		go fWithErrorLogging()
 		return nil
 	}
-	timer := clock.AfterFunc(delay, func() { f(ctx, args) })
+	timer := clock.AfterFunc(delay, fWithErrorLogging)
 	return &TimedWorker{
 		WorkItem:  args,
 		CreatedAt: createdAt,
diff --git a/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/controller_policy.go b/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/controller_policy.go
index 336244c7238..ea029236f96 100644
--- a/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/controller_policy.go
+++ b/plugin/pkg/auth/authorizer/rbac/bootstrappolicy/controller_policy.go
@@ -255,6 +255,7 @@ func buildControllerRoles() ([]rbacv1.ClusterRole, []rbacv1.ClusterRoleBinding)
 			},
 		}
 		if utilfeature.DefaultFeatureGate.Enabled(features.PodDisruptionConditions) {
+			role.Rules = append(role.Rules, rbacv1helpers.NewRule("get").Groups(legacyGroup).Resources("pods").RuleOrDie())
 			role.Rules = append(role.Rules, rbacv1helpers.NewRule("patch").Groups(legacyGroup).Resources("pods/status").RuleOrDie())
 		}
 		return role