Replace godep with dep

2017-10-06 17:26:14 -03:00 · 2017-10-06 17:26:14 -03:00 · bf5616c65b
commit bf5616c65b
parent 1e7489927c
14883 changed files with 3937406 additions and 361781 deletions
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/network/cni/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/network/cni/BUILD
@ -0,0 +1,67 @@
+package(default_visibility = ["//visibility:public"])
+
+load(
+    "@io_bazel_rules_go//go:def.bzl",
+    "go_library",
+    "go_test",
+)
+
+go_library(
+    name = "go_default_library",
+    srcs = ["cni.go"],
+    deps = [
+        "//pkg/kubelet/apis/kubeletconfig:go_default_library",
+        "//pkg/kubelet/container:go_default_library",
+        "//pkg/kubelet/network:go_default_library",
+        "//vendor/github.com/containernetworking/cni/libcni:go_default_library",
+        "//vendor/github.com/containernetworking/cni/pkg/types:go_default_library",
+        "//vendor/github.com/golang/glog:go_default_library",
+        "//vendor/k8s.io/utils/exec:go_default_library",
+    ],
+)
+
+go_test(
+    name = "go_default_test",
+    srcs = select({
+        "@io_bazel_rules_go//go/platform:linux_amd64": [
+            "cni_test.go",
+        ],
+        "//conditions:default": [],
+    }),
+    library = ":go_default_library",
+    deps = select({
+        "@io_bazel_rules_go//go/platform:linux_amd64": [
+            "//pkg/kubelet/apis/kubeletconfig:go_default_library",
+            "//pkg/kubelet/container:go_default_library",
+            "//pkg/kubelet/container/testing:go_default_library",
+            "//pkg/kubelet/network:go_default_library",
+            "//pkg/kubelet/network/cni/testing:go_default_library",
+            "//pkg/kubelet/network/hostport:go_default_library",
+            "//pkg/kubelet/network/testing:go_default_library",
+            "//vendor/github.com/containernetworking/cni/pkg/types/020:go_default_library",
+            "//vendor/github.com/stretchr/testify/mock:go_default_library",
+            "//vendor/k8s.io/api/core/v1:go_default_library",
+            "//vendor/k8s.io/client-go/kubernetes:go_default_library",
+            "//vendor/k8s.io/client-go/util/testing:go_default_library",
+            "//vendor/k8s.io/utils/exec:go_default_library",
+            "//vendor/k8s.io/utils/exec/testing:go_default_library",
+        ],
+        "//conditions:default": [],
+    }),
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [
+        ":package-srcs",
+        "//pkg/kubelet/network/cni/testing:all-srcs",
+    ],
+    tags = ["automanaged"],
+)
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/network/cni/cni.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/network/cni/cni.go
@ -0,0 +1,364 @@
+/*
+Copyright 2014 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package cni
+
+import (
+	"errors"
+	"fmt"
+	"sort"
+	"strings"
+	"sync"
+
+	"github.com/containernetworking/cni/libcni"
+	cnitypes "github.com/containernetworking/cni/pkg/types"
+	"github.com/golang/glog"
+	"k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig"
+	kubecontainer "k8s.io/kubernetes/pkg/kubelet/container"
+	"k8s.io/kubernetes/pkg/kubelet/network"
+	utilexec "k8s.io/utils/exec"
+)
+
+const (
+	CNIPluginName        = "cni"
+	DefaultNetDir        = "/etc/cni/net.d"
+	DefaultCNIDir        = "/opt/cni/bin"
+	VendorCNIDirTemplate = "%s/opt/%s/bin"
+)
+
+type cniNetworkPlugin struct {
+	network.NoopNetworkPlugin
+
+	loNetwork *cniNetwork
+
+	sync.RWMutex
+	defaultNetwork *cniNetwork
+
+	host               network.Host
+	execer             utilexec.Interface
+	nsenterPath        string
+	pluginDir          string
+	binDir             string
+	vendorCNIDirPrefix string
+}
+
+type cniNetwork struct {
+	name          string
+	NetworkConfig *libcni.NetworkConfigList
+	CNIConfig     libcni.CNI
+}
+
+// cniPortMapping maps to the standard CNI portmapping Capability
+// see: https://github.com/containernetworking/cni/blob/master/CONVENTIONS.md
+type cniPortMapping struct {
+	HostPort      int32  `json:"hostPort"`
+	ContainerPort int32  `json:"containerPort"`
+	Protocol      string `json:"protocol"`
+	HostIP        string `json:"hostIP"`
+}
+
+func probeNetworkPluginsWithVendorCNIDirPrefix(pluginDir, binDir, vendorCNIDirPrefix string) []network.NetworkPlugin {
+	if binDir == "" {
+		binDir = DefaultCNIDir
+	}
+	plugin := &cniNetworkPlugin{
+		defaultNetwork:     nil,
+		loNetwork:          getLoNetwork(binDir, vendorCNIDirPrefix),
+		execer:             utilexec.New(),
+		pluginDir:          pluginDir,
+		binDir:             binDir,
+		vendorCNIDirPrefix: vendorCNIDirPrefix,
+	}
+
+	// sync NetworkConfig in best effort during probing.
+	plugin.syncNetworkConfig()
+	return []network.NetworkPlugin{plugin}
+}
+
+func ProbeNetworkPlugins(pluginDir, binDir string) []network.NetworkPlugin {
+	return probeNetworkPluginsWithVendorCNIDirPrefix(pluginDir, binDir, "")
+}
+
+func getDefaultCNINetwork(pluginDir, binDir, vendorCNIDirPrefix string) (*cniNetwork, error) {
+	if pluginDir == "" {
+		pluginDir = DefaultNetDir
+	}
+	files, err := libcni.ConfFiles(pluginDir, []string{".conf", ".conflist", ".json"})
+	switch {
+	case err != nil:
+		return nil, err
+	case len(files) == 0:
+		return nil, fmt.Errorf("No networks found in %s", pluginDir)
+	}
+
+	sort.Strings(files)
+	for _, confFile := range files {
+		var confList *libcni.NetworkConfigList
+		if strings.HasSuffix(confFile, ".conflist") {
+			confList, err = libcni.ConfListFromFile(confFile)
+			if err != nil {
+				glog.Warningf("Error loading CNI config list file %s: %v", confFile, err)
+				continue
+			}
+		} else {
+			conf, err := libcni.ConfFromFile(confFile)
+			if err != nil {
+				glog.Warningf("Error loading CNI config file %s: %v", confFile, err)
+				continue
+			}
+			// Ensure the config has a "type" so we know what plugin to run.
+			// Also catches the case where somebody put a conflist into a conf file.
+			if conf.Network.Type == "" {
+				glog.Warningf("Error loading CNI config file %s: no 'type'; perhaps this is a .conflist?", confFile)
+				continue
+			}
+
+			confList, err = libcni.ConfListFromConf(conf)
+			if err != nil {
+				glog.Warningf("Error converting CNI config file %s to list: %v", confFile, err)
+				continue
+			}
+		}
+		if len(confList.Plugins) == 0 {
+			glog.Warningf("CNI config list %s has no networks, skipping", confFile)
+			continue
+		}
+		confType := confList.Plugins[0].Network.Type
+
+		// Search for vendor-specific plugins as well as default plugins in the CNI codebase.
+		vendorDir := vendorCNIDir(vendorCNIDirPrefix, confType)
+		cninet := &libcni.CNIConfig{
+			Path: []string{vendorDir, binDir},
+		}
+		network := &cniNetwork{name: confList.Name, NetworkConfig: confList, CNIConfig: cninet}
+		return network, nil
+	}
+	return nil, fmt.Errorf("No valid networks found in %s", pluginDir)
+}
+
+func vendorCNIDir(prefix, pluginType string) string {
+	return fmt.Sprintf(VendorCNIDirTemplate, prefix, pluginType)
+}
+
+func getLoNetwork(binDir, vendorDirPrefix string) *cniNetwork {
+	loConfig, err := libcni.ConfListFromBytes([]byte(`{
+  "cniVersion": "0.2.0",
+  "name": "cni-loopback",
+  "plugins":[{
+    "type": "loopback"
+  }]
+}`))
+	if err != nil {
+		// The hardcoded config above should always be valid and unit tests will
+		// catch this
+		panic(err)
+	}
+	cninet := &libcni.CNIConfig{
+		Path: []string{vendorCNIDir(vendorDirPrefix, "loopback"), binDir},
+	}
+	loNetwork := &cniNetwork{
+		name:          "lo",
+		NetworkConfig: loConfig,
+		CNIConfig:     cninet,
+	}
+
+	return loNetwork
+}
+
+func (plugin *cniNetworkPlugin) Init(host network.Host, hairpinMode kubeletconfig.HairpinMode, nonMasqueradeCIDR string, mtu int) error {
+	var err error
+	plugin.nsenterPath, err = plugin.execer.LookPath("nsenter")
+	if err != nil {
+		return err
+	}
+	plugin.host = host
+
+	plugin.syncNetworkConfig()
+	return nil
+}
+
+func (plugin *cniNetworkPlugin) syncNetworkConfig() {
+	network, err := getDefaultCNINetwork(plugin.pluginDir, plugin.binDir, plugin.vendorCNIDirPrefix)
+	if err != nil {
+		glog.Warningf("Unable to update cni config: %s", err)
+		return
+	}
+	plugin.setDefaultNetwork(network)
+}
+
+func (plugin *cniNetworkPlugin) getDefaultNetwork() *cniNetwork {
+	plugin.RLock()
+	defer plugin.RUnlock()
+	return plugin.defaultNetwork
+}
+
+func (plugin *cniNetworkPlugin) setDefaultNetwork(n *cniNetwork) {
+	plugin.Lock()
+	defer plugin.Unlock()
+	plugin.defaultNetwork = n
+}
+
+func (plugin *cniNetworkPlugin) checkInitialized() error {
+	if plugin.getDefaultNetwork() == nil {
+		return errors.New("cni config uninitialized")
+	}
+	return nil
+}
+
+func (plugin *cniNetworkPlugin) Name() string {
+	return CNIPluginName
+}
+
+func (plugin *cniNetworkPlugin) Status() error {
+	// sync network config from pluginDir periodically to detect network config updates
+	plugin.syncNetworkConfig()
+
+	// Can't set up pods if we don't have any CNI network configs yet
+	return plugin.checkInitialized()
+}
+
+func (plugin *cniNetworkPlugin) SetUpPod(namespace string, name string, id kubecontainer.ContainerID, annotations map[string]string) error {
+	if err := plugin.checkInitialized(); err != nil {
+		return err
+	}
+	netnsPath, err := plugin.host.GetNetNS(id.ID)
+	if err != nil {
+		return fmt.Errorf("CNI failed to retrieve network namespace path: %v", err)
+	}
+
+	_, err = plugin.addToNetwork(plugin.loNetwork, name, namespace, id, netnsPath)
+	if err != nil {
+		glog.Errorf("Error while adding to cni lo network: %s", err)
+		return err
+	}
+
+	_, err = plugin.addToNetwork(plugin.getDefaultNetwork(), name, namespace, id, netnsPath)
+	if err != nil {
+		glog.Errorf("Error while adding to cni network: %s", err)
+		return err
+	}
+
+	return err
+}
+
+func (plugin *cniNetworkPlugin) TearDownPod(namespace string, name string, id kubecontainer.ContainerID) error {
+	if err := plugin.checkInitialized(); err != nil {
+		return err
+	}
+
+	// Lack of namespace should not be fatal on teardown
+	netnsPath, err := plugin.host.GetNetNS(id.ID)
+	if err != nil {
+		glog.Warningf("CNI failed to retrieve network namespace path: %v", err)
+	}
+
+	return plugin.deleteFromNetwork(plugin.getDefaultNetwork(), name, namespace, id, netnsPath)
+}
+
+// TODO: Use the addToNetwork function to obtain the IP of the Pod. That will assume idempotent ADD call to the plugin.
+// Also fix the runtime's call to Status function to be done only in the case that the IP is lost, no need to do periodic calls
+func (plugin *cniNetworkPlugin) GetPodNetworkStatus(namespace string, name string, id kubecontainer.ContainerID) (*network.PodNetworkStatus, error) {
+	netnsPath, err := plugin.host.GetNetNS(id.ID)
+	if err != nil {
+		return nil, fmt.Errorf("CNI failed to retrieve network namespace path: %v", err)
+	}
+	if netnsPath == "" {
+		return nil, fmt.Errorf("Cannot find the network namespace, skipping pod network status for container %q", id)
+	}
+
+	ip, err := network.GetPodIP(plugin.execer, plugin.nsenterPath, netnsPath, network.DefaultInterfaceName)
+	if err != nil {
+		return nil, err
+	}
+
+	return &network.PodNetworkStatus{IP: ip}, nil
+}
+
+func (plugin *cniNetworkPlugin) addToNetwork(network *cniNetwork, podName string, podNamespace string, podSandboxID kubecontainer.ContainerID, podNetnsPath string) (cnitypes.Result, error) {
+	rt, err := plugin.buildCNIRuntimeConf(podName, podNamespace, podSandboxID, podNetnsPath)
+	if err != nil {
+		glog.Errorf("Error adding network when building cni runtime conf: %v", err)
+		return nil, err
+	}
+
+	netConf, cniNet := network.NetworkConfig, network.CNIConfig
+	glog.V(4).Infof("About to add CNI network %v (type=%v)", netConf.Name, netConf.Plugins[0].Network.Type)
+	res, err := cniNet.AddNetworkList(netConf, rt)
+	if err != nil {
+		glog.Errorf("Error adding network: %v", err)
+		return nil, err
+	}
+
+	return res, nil
+}
+
+func (plugin *cniNetworkPlugin) deleteFromNetwork(network *cniNetwork, podName string, podNamespace string, podSandboxID kubecontainer.ContainerID, podNetnsPath string) error {
+	rt, err := plugin.buildCNIRuntimeConf(podName, podNamespace, podSandboxID, podNetnsPath)
+	if err != nil {
+		glog.Errorf("Error deleting network when building cni runtime conf: %v", err)
+		return err
+	}
+
+	netConf, cniNet := network.NetworkConfig, network.CNIConfig
+	glog.V(4).Infof("About to del CNI network %v (type=%v)", netConf.Name, netConf.Plugins[0].Network.Type)
+	err = cniNet.DelNetworkList(netConf, rt)
+	if err != nil {
+		glog.Errorf("Error deleting network: %v", err)
+		return err
+	}
+	return nil
+}
+
+func (plugin *cniNetworkPlugin) buildCNIRuntimeConf(podName string, podNs string, podSandboxID kubecontainer.ContainerID, podNetnsPath string) (*libcni.RuntimeConf, error) {
+	glog.V(4).Infof("Got netns path %v", podNetnsPath)
+	glog.V(4).Infof("Using netns path %v", podNs)
+
+	rt := &libcni.RuntimeConf{
+		ContainerID: podSandboxID.ID,
+		NetNS:       podNetnsPath,
+		IfName:      network.DefaultInterfaceName,
+		Args: [][2]string{
+			{"IgnoreUnknown", "1"},
+			{"K8S_POD_NAMESPACE", podNs},
+			{"K8S_POD_NAME", podName},
+			{"K8S_POD_INFRA_CONTAINER_ID", podSandboxID.ID},
+		},
+	}
+
+	// port mappings are a cni capability-based args, rather than parameters
+	// to a specific plugin
+	portMappings, err := plugin.host.GetPodPortMappings(podSandboxID.ID)
+	if err != nil {
+		return nil, fmt.Errorf("could not retrieve port mappings: %v", err)
+	}
+	portMappingsParam := make([]cniPortMapping, 0, len(portMappings))
+	for _, p := range portMappings {
+		if p.HostPort <= 0 {
+			continue
+		}
+		portMappingsParam = append(portMappingsParam, cniPortMapping{
+			HostPort:      p.HostPort,
+			ContainerPort: p.ContainerPort,
+			Protocol:      strings.ToLower(string(p.Protocol)),
+			HostIP:        p.HostIP,
+		})
+	}
+	rt.CapabilityArgs = map[string]interface{}{
+		"portMappings": portMappingsParam,
+	}
+
+	return rt, nil
+}
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/network/cni/cni_test.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/network/cni/cni_test.go
@ -0,0 +1,301 @@
+// +build linux
+
+/*
+Copyright 2014 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package cni
+
+import (
+	"bytes"
+	"encoding/json"
+	"fmt"
+	"io/ioutil"
+	"math/rand"
+	"net"
+	"os"
+	"path"
+	"reflect"
+	"testing"
+	"text/template"
+
+	types020 "github.com/containernetworking/cni/pkg/types/020"
+	"github.com/stretchr/testify/mock"
+	"k8s.io/api/core/v1"
+	clientset "k8s.io/client-go/kubernetes"
+	utiltesting "k8s.io/client-go/util/testing"
+	"k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig"
+	kubecontainer "k8s.io/kubernetes/pkg/kubelet/container"
+	containertest "k8s.io/kubernetes/pkg/kubelet/container/testing"
+	"k8s.io/kubernetes/pkg/kubelet/network"
+	"k8s.io/kubernetes/pkg/kubelet/network/cni/testing"
+	"k8s.io/kubernetes/pkg/kubelet/network/hostport"
+	networktest "k8s.io/kubernetes/pkg/kubelet/network/testing"
+	"k8s.io/utils/exec"
+	fakeexec "k8s.io/utils/exec/testing"
+)
+
+func installPluginUnderTest(t *testing.T, testVendorCNIDirPrefix, testNetworkConfigPath, vendorName string, plugName string) {
+	pluginDir := path.Join(testNetworkConfigPath, plugName)
+	err := os.MkdirAll(pluginDir, 0777)
+	if err != nil {
+		t.Fatalf("Failed to create plugin config dir: %v", err)
+	}
+	pluginConfig := path.Join(pluginDir, plugName+".conf")
+	f, err := os.Create(pluginConfig)
+	if err != nil {
+		t.Fatalf("Failed to install plugin")
+	}
+	networkConfig := fmt.Sprintf(`{ "name": "%s", "type": "%s", "capabilities": {"portMappings": true}  }`, plugName, vendorName)
+
+	_, err = f.WriteString(networkConfig)
+	if err != nil {
+		t.Fatalf("Failed to write network config file (%v)", err)
+	}
+	f.Close()
+
+	vendorCNIDir := fmt.Sprintf(VendorCNIDirTemplate, testVendorCNIDirPrefix, vendorName)
+	err = os.MkdirAll(vendorCNIDir, 0777)
+	if err != nil {
+		t.Fatalf("Failed to create plugin dir: %v", err)
+	}
+	pluginExec := path.Join(vendorCNIDir, vendorName)
+	f, err = os.Create(pluginExec)
+
+	const execScriptTempl = `#!/bin/bash
+cat > {{.InputFile}}
+env > {{.OutputEnv}}
+echo "%@" >> {{.OutputEnv}}
+export $(echo ${CNI_ARGS} | sed 's/;/ /g') &> /dev/null
+mkdir -p {{.OutputDir}} &> /dev/null
+echo -n "$CNI_COMMAND $CNI_NETNS $K8S_POD_NAMESPACE $K8S_POD_NAME $K8S_POD_INFRA_CONTAINER_ID" >& {{.OutputFile}}
+echo -n "{ \"ip4\": { \"ip\": \"10.1.0.23/24\" } }"
+`
+	execTemplateData := &map[string]interface{}{
+		"InputFile":  path.Join(pluginDir, plugName+".in"),
+		"OutputFile": path.Join(pluginDir, plugName+".out"),
+		"OutputEnv":  path.Join(pluginDir, plugName+".env"),
+		"OutputDir":  pluginDir,
+	}
+
+	tObj := template.Must(template.New("test").Parse(execScriptTempl))
+	buf := &bytes.Buffer{}
+	if err := tObj.Execute(buf, *execTemplateData); err != nil {
+		t.Fatalf("Error in executing script template - %v", err)
+	}
+	execScript := buf.String()
+	_, err = f.WriteString(execScript)
+	if err != nil {
+		t.Fatalf("Failed to write plugin exec - %v", err)
+	}
+
+	err = f.Chmod(0777)
+	if err != nil {
+		t.Fatalf("Failed to set exec perms on plugin")
+	}
+
+	f.Close()
+}
+
+func tearDownPlugin(tmpDir string) {
+	err := os.RemoveAll(tmpDir)
+	if err != nil {
+		fmt.Printf("Error in cleaning up test: %v", err)
+	}
+}
+
+type fakeNetworkHost struct {
+	networktest.FakePortMappingGetter
+	kubeClient clientset.Interface
+	runtime    kubecontainer.Runtime
+}
+
+func NewFakeHost(kubeClient clientset.Interface, pods []*containertest.FakePod, ports map[string][]*hostport.PortMapping) *fakeNetworkHost {
+	host := &fakeNetworkHost{
+		networktest.FakePortMappingGetter{PortMaps: ports},
+		kubeClient,
+		&containertest.FakeRuntime{
+			AllPodList: pods,
+		},
+	}
+	return host
+}
+
+func (fnh *fakeNetworkHost) GetPodByName(name, namespace string) (*v1.Pod, bool) {
+	return nil, false
+}
+
+func (fnh *fakeNetworkHost) GetKubeClient() clientset.Interface {
+	return fnh.kubeClient
+}
+
+func (fnh *fakeNetworkHost) GetRuntime() kubecontainer.Runtime {
+	return fnh.runtime
+}
+
+func (fnh *fakeNetworkHost) GetNetNS(containerID string) (string, error) {
+	return fnh.GetRuntime().GetNetNS(kubecontainer.ContainerID{Type: "test", ID: containerID})
+}
+
+func (fnh *fakeNetworkHost) SupportsLegacyFeatures() bool {
+	return true
+}
+
+func TestCNIPlugin(t *testing.T) {
+	// install some random plugin
+	pluginName := fmt.Sprintf("test%d", rand.Intn(1000))
+	vendorName := fmt.Sprintf("test_vendor%d", rand.Intn(1000))
+
+	podIP := "10.0.0.2"
+	podIPOutput := fmt.Sprintf("4: eth0    inet %s/24 scope global dynamic eth0\\       valid_lft forever preferred_lft forever", podIP)
+	fakeCmds := []fakeexec.FakeCommandAction{
+		func(cmd string, args ...string) exec.Cmd {
+			return fakeexec.InitFakeCmd(&fakeexec.FakeCmd{
+				CombinedOutputScript: []fakeexec.FakeCombinedOutputAction{
+					func() ([]byte, error) {
+						return []byte(podIPOutput), nil
+					},
+				},
+			}, cmd, args...)
+		},
+	}
+
+	fexec := &fakeexec.FakeExec{
+		CommandScript: fakeCmds,
+		LookPathFunc: func(file string) (string, error) {
+			return fmt.Sprintf("/fake-bin/%s", file), nil
+		},
+	}
+
+	mockLoCNI := &mock_cni.MockCNI{}
+	// TODO mock for the test plugin too
+
+	tmpDir := utiltesting.MkTmpdirOrDie("cni-test")
+	testNetworkConfigPath := path.Join(tmpDir, "plugins", "net", "cni")
+	testVendorCNIDirPrefix := tmpDir
+	defer tearDownPlugin(tmpDir)
+	installPluginUnderTest(t, testVendorCNIDirPrefix, testNetworkConfigPath, vendorName, pluginName)
+
+	containerID := kubecontainer.ContainerID{Type: "test", ID: "test_infra_container"}
+	pods := []*containertest.FakePod{{
+		Pod: &kubecontainer.Pod{
+			Containers: []*kubecontainer.Container{
+				{ID: containerID},
+			},
+		},
+		NetnsPath: "/proc/12345/ns/net",
+	}}
+
+	plugins := probeNetworkPluginsWithVendorCNIDirPrefix(path.Join(testNetworkConfigPath, pluginName), "", testVendorCNIDirPrefix)
+	if len(plugins) != 1 {
+		t.Fatalf("Expected only one network plugin, got %d", len(plugins))
+	}
+	if plugins[0].Name() != "cni" {
+		t.Fatalf("Expected CNI network plugin, got %q", plugins[0].Name())
+	}
+
+	cniPlugin, ok := plugins[0].(*cniNetworkPlugin)
+	if !ok {
+		t.Fatalf("Not a CNI network plugin!")
+	}
+	cniPlugin.execer = fexec
+	cniPlugin.loNetwork.CNIConfig = mockLoCNI
+
+	mockLoCNI.On("AddNetworkList", cniPlugin.loNetwork.NetworkConfig, mock.AnythingOfType("*libcni.RuntimeConf")).Return(&types020.Result{IP4: &types020.IPConfig{IP: net.IPNet{IP: []byte{127, 0, 0, 1}}}}, nil)
+
+	ports := map[string][]*hostport.PortMapping{
+		containerID.ID: {
+			{
+				Name:          "name",
+				HostPort:      8008,
+				ContainerPort: 80,
+				Protocol:      "UDP",
+				HostIP:        "0.0.0.0",
+			},
+		},
+	}
+	fakeHost := NewFakeHost(nil, pods, ports)
+
+	plug, err := network.InitNetworkPlugin(plugins, "cni", fakeHost, kubeletconfig.HairpinNone, "10.0.0.0/8", network.UseDefaultMTU)
+	if err != nil {
+		t.Fatalf("Failed to select the desired plugin: %v", err)
+	}
+
+	// Set up the pod
+	err = plug.SetUpPod("podNamespace", "podName", containerID, map[string]string{})
+	if err != nil {
+		t.Errorf("Expected nil: %v", err)
+	}
+	outputEnv := path.Join(testNetworkConfigPath, pluginName, pluginName+".env")
+	eo, eerr := ioutil.ReadFile(outputEnv)
+	outputFile := path.Join(testNetworkConfigPath, pluginName, pluginName+".out")
+	output, err := ioutil.ReadFile(outputFile)
+	if err != nil || eerr != nil {
+		t.Errorf("Failed to read output file %s: %v (env %s err %v)", outputFile, err, eo, eerr)
+	}
+
+	expectedOutput := "ADD /proc/12345/ns/net podNamespace podName test_infra_container"
+	if string(output) != expectedOutput {
+		t.Errorf("Mismatch in expected output for setup hook. Expected '%s', got '%s'", expectedOutput, string(output))
+	}
+
+	// Verify the correct network configuration was passed
+	inputConfig := struct {
+		RuntimeConfig struct {
+			PortMappings []map[string]interface{} `json:"portMappings"`
+		} `json:"runtimeConfig"`
+	}{}
+	inputFile := path.Join(testNetworkConfigPath, pluginName, pluginName+".in")
+	inputBytes, inerr := ioutil.ReadFile(inputFile)
+	parseerr := json.Unmarshal(inputBytes, &inputConfig)
+	if inerr != nil || parseerr != nil {
+		t.Errorf("failed to parse reported cni input config %s: (%v %v)", inputFile, inerr, parseerr)
+	}
+	expectedMappings := []map[string]interface{}{
+		// hah, golang always unmarshals unstructured json numbers as float64
+		{"hostPort": 8008.0, "containerPort": 80.0, "protocol": "udp", "hostIP": "0.0.0.0"},
+	}
+	if !reflect.DeepEqual(inputConfig.RuntimeConfig.PortMappings, expectedMappings) {
+		t.Errorf("mismatch in expected port mappings. expected %v got %v", expectedMappings, inputConfig.RuntimeConfig.PortMappings)
+	}
+
+	// Get its IP address
+	status, err := plug.GetPodNetworkStatus("podNamespace", "podName", containerID)
+	if err != nil {
+		t.Errorf("Failed to read pod network status: %v", err)
+	}
+	if status.IP.String() != podIP {
+		t.Errorf("Expected pod IP %q but got %q", podIP, status.IP.String())
+	}
+
+	// Tear it down
+	err = plug.TearDownPod("podNamespace", "podName", containerID)
+	if err != nil {
+		t.Errorf("Expected nil: %v", err)
+	}
+	output, err = ioutil.ReadFile(path.Join(testNetworkConfigPath, pluginName, pluginName+".out"))
+	expectedOutput = "DEL /proc/12345/ns/net podNamespace podName test_infra_container"
+	if string(output) != expectedOutput {
+		t.Errorf("Mismatch in expected output for setup hook. Expected '%s', got '%s'", expectedOutput, string(output))
+	}
+
+	mockLoCNI.AssertExpectations(t)
+}
+
+func TestLoNetNonNil(t *testing.T) {
+	if conf := getLoNetwork("", ""); conf == nil {
+		t.Error("Expected non-nil lo network")
+	}
+}
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/network/cni/testing/BUILD
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/network/cni/testing/BUILD
@ -0,0 +1,29 @@
+package(default_visibility = ["//visibility:public"])
+
+load(
+    "@io_bazel_rules_go//go:def.bzl",
+    "go_library",
+)
+
+go_library(
+    name = "go_default_library",
+    srcs = ["mock_cni.go"],
+    deps = [
+        "//vendor/github.com/containernetworking/cni/libcni:go_default_library",
+        "//vendor/github.com/containernetworking/cni/pkg/types:go_default_library",
+        "//vendor/github.com/stretchr/testify/mock:go_default_library",
+    ],
+)
+
+filegroup(
+    name = "package-srcs",
+    srcs = glob(["**"]),
+    tags = ["automanaged"],
+    visibility = ["//visibility:private"],
+)
+
+filegroup(
+    name = "all-srcs",
+    srcs = [":package-srcs"],
+    tags = ["automanaged"],
+)
--- a/vendor/k8s.io/kubernetes/pkg/kubelet/network/cni/testing/mock_cni.go
+++ b/vendor/k8s.io/kubernetes/pkg/kubelet/network/cni/testing/mock_cni.go
@ -0,0 +1,49 @@
+/*
+Copyright 2014 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// mock_cni is a mock of the `libcni.CNI` interface. It's a handwritten mock
+// because there are only two functions to deal with.
+package mock_cni
+
+import (
+	"github.com/containernetworking/cni/libcni"
+	"github.com/containernetworking/cni/pkg/types"
+	"github.com/stretchr/testify/mock"
+)
+
+type MockCNI struct {
+	mock.Mock
+}
+
+func (m *MockCNI) AddNetwork(net *libcni.NetworkConfig, rt *libcni.RuntimeConf) (types.Result, error) {
+	args := m.Called(net, rt)
+	return args.Get(0).(types.Result), args.Error(1)
+}
+
+func (m *MockCNI) DelNetwork(net *libcni.NetworkConfig, rt *libcni.RuntimeConf) error {
+	args := m.Called(net, rt)
+	return args.Error(0)
+}
+
+func (m *MockCNI) DelNetworkList(net *libcni.NetworkConfigList, rt *libcni.RuntimeConf) error {
+	args := m.Called(net, rt)
+	return args.Error(0)
+}
+
+func (m *MockCNI) AddNetworkList(net *libcni.NetworkConfigList, rt *libcni.RuntimeConf) (types.Result, error) {
+	args := m.Called(net, rt)
+	return args.Get(0).(types.Result), args.Error(1)
+}