Add cni config template support.

Random-Liu · estesp · commit bae03ff7cc0e · 2020-10-01T16:51:36.000-04:00
Signed-off-by: Lantao Liu &lt;lantaol@google.com&gt;
diff --git a/contrib/gce/cloud-init/master.yaml b/contrib/gce/cloud-init/master.yaml
@@ -38,7 +38,8 @@ write_files:
         enable_tls_streaming = true
       [plugins.cri.cni]
         bin_dir = "/home/containerd/opt/cni/bin"
-        conf_dir = "/home/containerd/etc/cni/net.d"
+        conf_dir = "/etc/cni/net.d"
+        conf_template = "/home/containerd/opt/containerd/cluster/gce/cni.template"
       [plugins.cri.registry.mirrors."docker.io"]
         endpoint = ["https://mirror.gcr.io","https://registry-1.docker.io"]
 
diff --git a/contrib/gce/cloud-init/node.yaml b/contrib/gce/cloud-init/node.yaml
@@ -35,8 +35,9 @@ write_files:
       [plugins.cri]
         enable_tls_streaming = true
       [plugins.cri.cni]
-        bin_dir = "/home/kubernetes/bin"
+        bin_dir = "/home/containerd/opt/cni/bin"
         conf_dir = "/etc/cni/net.d"
+        conf_template = "/home/containerd/opt/containerd/cluster/gce/cni.template"
       [plugins.cri.registry.mirrors."docker.io"]
         endpoint = ["https://mirror.gcr.io","https://registry-1.docker.io"]
 
diff --git a/contrib/gce/cni.template b/contrib/gce/cni.template
@@ -0,0 +1,24 @@
+{
+  "name": "k8s-pod-network",
+    "cniVersion": "0.3.1",
+    "plugins": [
+    {
+      "type": "ptp",
+      "mtu": 1460,
+      "ipam": {
+	"type": "host-local",
+	"subnet": "{{.PodCIDR}}",
+	"routes": [
+	{"dst": "0.0.0.0/0"}
+	]
+      }
+    },
+    {
+      "type": "portmap",
+      "capabilities": {
+	"portMappings": true
+      },
+      "noSnat": true
+    }
+    ]
+}
diff --git a/contrib/gce/env b/contrib/gce/env
@@ -13,7 +13,7 @@ export KUBE_NODE_EXTRA_METADATA="user-data=${GCE_DIR}/cloud-init/node.yaml,conta
 export KUBE_CONTAINER_RUNTIME="remote"
 export KUBE_CONTAINER_RUNTIME_ENDPOINT="/run/containerd/containerd.sock"
 export KUBE_LOAD_IMAGE_COMMAND="/home/containerd/usr/local/bin/ctr cri load"
-export NETWORK_POLICY_PROVIDER="calico"
+export NETWORK_PROVIDER=""
 export NON_MASQUERADE_CIDR="0.0.0.0/0"
 export KUBE_KUBELET_EXTRA_ARGS="--runtime-cgroups=/system.slice/containerd.service"
 export KUBE_FEATURE_GATES="ExperimentalCriticalPodAnnotation=true,CRIContainerLogRotation=true"
