Merge pull request #62212 from yujuhong/mv-network-pkg

Automatic merge from submit-queue (batch tested with PRs 62425, 62212, 60824, 62383, 62384). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>. Clean up the network plugin code Moves the `pkg/kubelet/network` package down to `dockershim` since network setup is done by the runtime. Also remove various interfaces/code added only for backward compatibility with non-CRI runtimes, which are now removed from the codebase. **Release note**: ```release-note NONE ```
2025-08-03 09:22:44 +00:00 · 2018-04-11 16:36:15 -07:00 · 2018-04-11 16:36:15 -07:00 · 0dcc9abc0d
commit 0dcc9abc0d
parent fc3233f7f2 4f9d4e1af6
54 changed files with 219 additions and 605 deletions
--- a/cmd/kubelet/app/BUILD
+++ b/cmd/kubelet/app/BUILD
@ -91,14 +91,14 @@ go_library(
        "//pkg/kubelet/config:go_default_library",
        "//pkg/kubelet/container:go_default_library",
        "//pkg/kubelet/dockershim:go_default_library",
        "//pkg/kubelet/dockershim/network:go_default_library",
        "//pkg/kubelet/dockershim/network/cni:go_default_library",
        "//pkg/kubelet/dockershim/network/kubenet:go_default_library",
        "//pkg/kubelet/dockershim/remote:go_default_library",
        "//pkg/kubelet/eviction:go_default_library",
        "//pkg/kubelet/eviction/api:go_default_library",
        "//pkg/kubelet/kubeletconfig:go_default_library",
        "//pkg/kubelet/kubeletconfig/configfiles:go_default_library",
        "//pkg/kubelet/network:go_default_library",
        "//pkg/kubelet/network/cni:go_default_library",
        "//pkg/kubelet/network/kubenet:go_default_library",
        "//pkg/kubelet/server:go_default_library",
        "//pkg/kubelet/server/streaming:go_default_library",
        "//pkg/kubelet/types:go_default_library",
--- a/cmd/kubelet/app/plugins.go
+++ b/cmd/kubelet/app/plugins.go
@ -24,9 +24,9 @@ import (
 	_ "k8s.io/kubernetes/pkg/credentialprovider/gcp"
 	_ "k8s.io/kubernetes/pkg/credentialprovider/rancher"
 	// Network plugins
-	"k8s.io/kubernetes/pkg/kubelet/network"
+	"k8s.io/kubernetes/pkg/kubelet/dockershim/network"
-	"k8s.io/kubernetes/pkg/kubelet/network/cni"
+	"k8s.io/kubernetes/pkg/kubelet/dockershim/network/cni"
-	"k8s.io/kubernetes/pkg/kubelet/network/kubenet"
+	"k8s.io/kubernetes/pkg/kubelet/dockershim/network/kubenet"
 	// Volume plugins
 	"k8s.io/kubernetes/pkg/volume"
 	"k8s.io/kubernetes/pkg/volume/aws_ebs"
--- a/cmd/kubelet/app/server.go
+++ b/cmd/kubelet/app/server.go
@ -80,7 +80,6 @@ import (
 	evictionapi "k8s.io/kubernetes/pkg/kubelet/eviction/api"
 	dynamickubeletconfig "k8s.io/kubernetes/pkg/kubelet/kubeletconfig"
 	"k8s.io/kubernetes/pkg/kubelet/kubeletconfig/configfiles"
 	"k8s.io/kubernetes/pkg/kubelet/network/cni"
 	"k8s.io/kubernetes/pkg/kubelet/server"
 	"k8s.io/kubernetes/pkg/kubelet/server/streaming"
 	kubetypes "k8s.io/kubernetes/pkg/kubelet/types"
@ -359,7 +358,6 @@ func UnsecuredDependencies(s *options.KubeletServer) (*kubelet.Dependencies, err
 		ExternalKubeClient:  nil,
 		EventClient:         nil,
 		Mounter:             mounter,
 		NetworkPlugins:      ProbeNetworkPlugins(s.CNIConfDir, cni.SplitDirs(s.CNIBinDir)),
 		OOMAdjuster:         oom.NewOOMAdjuster(),
 		OSInterface:         kubecontainer.RealOS{},
 		Writer:              writer,
@ -1112,15 +1110,13 @@ func RunDockershim(f *options.KubeletFlags, c *kubeletconfiginternal.KubeletConf
 	}
 	// Initialize network plugin settings.
 	nh := &kubelet.NoOpLegacyHost{}
 	pluginSettings := dockershim.NetworkPluginSettings{
-		HairpinMode:       kubeletconfiginternal.HairpinMode(c.HairpinMode),
+		HairpinMode:        kubeletconfiginternal.HairpinMode(c.HairpinMode),
-		NonMasqueradeCIDR: f.NonMasqueradeCIDR,
+		NonMasqueradeCIDR:  f.NonMasqueradeCIDR,
-		PluginName:        r.NetworkPluginName,
+		PluginName:         r.NetworkPluginName,
-		PluginConfDir:     r.CNIConfDir,
+		PluginConfDir:      r.CNIConfDir,
-		PluginBinDirs:     cni.SplitDirs(r.CNIBinDir),
+		PluginBinDirString: r.CNIBinDir,
-		MTU:               int(r.NetworkPluginMTU),
+		MTU:                int(r.NetworkPluginMTU),
 		LegacyRuntimeHost: nh,
 	}
 	// Initialize streaming configuration. (Not using TLS now)
--- a/hack/.golint_failures
+++ b/hack/.golint_failures
@ -172,6 +172,14 @@ pkg/kubelet/custommetrics
 pkg/kubelet/dockershim
 pkg/kubelet/dockershim/cm
 pkg/kubelet/dockershim/libdocker
 pkg/kubelet/dockershim/network
 pkg/kubelet/dockershim/network/cni
 pkg/kubelet/dockershim/network/cni/testing
 pkg/kubelet/dockershim/network/hairpin
 pkg/kubelet/dockershim/network/hostport
 pkg/kubelet/dockershim/network/hostport/testing
 pkg/kubelet/dockershim/network/kubenet
 pkg/kubelet/dockershim/network/testing
 pkg/kubelet/dockershim/testing
 pkg/kubelet/events
 pkg/kubelet/images
@ -179,14 +187,6 @@ pkg/kubelet/kuberuntime
 pkg/kubelet/leaky
 pkg/kubelet/lifecycle
 pkg/kubelet/metrics
 pkg/kubelet/network
 pkg/kubelet/network/cni
 pkg/kubelet/network/cni/testing
 pkg/kubelet/network/hairpin
 pkg/kubelet/network/hostport
 pkg/kubelet/network/hostport/testing
 pkg/kubelet/network/kubenet
 pkg/kubelet/network/testing
 pkg/kubelet/pleg
 pkg/kubelet/pod
 pkg/kubelet/pod/testing
--- a/pkg/kubelet/BUILD
+++ b/pkg/kubelet/BUILD
@ -63,8 +63,6 @@ go_library(
        "//pkg/kubelet/metrics:go_default_library",
        "//pkg/kubelet/metrics/collectors:go_default_library",
        "//pkg/kubelet/mountpod:go_default_library",
        "//pkg/kubelet/network:go_default_library",
        "//pkg/kubelet/network/cni:go_default_library",
        "//pkg/kubelet/network/dns:go_default_library",
        "//pkg/kubelet/pleg:go_default_library",
        "//pkg/kubelet/pod:go_default_library",
@ -169,7 +167,6 @@ go_test(
        "//pkg/cloudprovider/providers/fake:go_default_library",
        "//pkg/kubelet/apis:go_default_library",
        "//pkg/kubelet/apis/cri/runtime/v1alpha2:go_default_library",
        "//pkg/kubelet/apis/kubeletconfig:go_default_library",
        "//pkg/kubelet/cadvisor/testing:go_default_library",
        "//pkg/kubelet/cm:go_default_library",
        "//pkg/kubelet/config:go_default_library",
@ -180,8 +177,6 @@ go_test(
        "//pkg/kubelet/images:go_default_library",
        "//pkg/kubelet/lifecycle:go_default_library",
        "//pkg/kubelet/logs:go_default_library",
        "//pkg/kubelet/network:go_default_library",
        "//pkg/kubelet/network/testing:go_default_library",
        "//pkg/kubelet/pleg:go_default_library",
        "//pkg/kubelet/pod:go_default_library",
        "//pkg/kubelet/pod/testing:go_default_library",
--- a/pkg/kubelet/dockershim/BUILD
+++ b/pkg/kubelet/dockershim/BUILD
@ -87,12 +87,12 @@ go_library(
        "//pkg/kubelet/dockershim/cm:go_default_library",
        "//pkg/kubelet/dockershim/libdocker:go_default_library",
        "//pkg/kubelet/dockershim/metrics:go_default_library",
        "//pkg/kubelet/dockershim/network:go_default_library",
        "//pkg/kubelet/dockershim/network/cni:go_default_library",
        "//pkg/kubelet/dockershim/network/hostport:go_default_library",
        "//pkg/kubelet/dockershim/network/kubenet:go_default_library",
        "//pkg/kubelet/kuberuntime:go_default_library",
        "//pkg/kubelet/leaky:go_default_library",
        "//pkg/kubelet/network:go_default_library",
        "//pkg/kubelet/network/cni:go_default_library",
        "//pkg/kubelet/network/hostport:go_default_library",
        "//pkg/kubelet/network/kubenet:go_default_library",
        "//pkg/kubelet/qos:go_default_library",
        "//pkg/kubelet/server/streaming:go_default_library",
        "//pkg/kubelet/types:go_default_library",
@ -152,9 +152,9 @@ go_test(
        "//pkg/kubelet/container:go_default_library",
        "//pkg/kubelet/container/testing:go_default_library",
        "//pkg/kubelet/dockershim/libdocker:go_default_library",
        "//pkg/kubelet/dockershim/network:go_default_library",
        "//pkg/kubelet/dockershim/network/testing:go_default_library",
        "//pkg/kubelet/dockershim/testing:go_default_library",
        "//pkg/kubelet/network:go_default_library",
        "//pkg/kubelet/network/testing:go_default_library",
        "//pkg/kubelet/types:go_default_library",
        "//pkg/kubelet/util/cache:go_default_library",
        "//pkg/security/apparmor:go_default_library",
@ -184,6 +184,7 @@ filegroup(
        "//pkg/kubelet/dockershim/cm:all-srcs",
        "//pkg/kubelet/dockershim/libdocker:all-srcs",
        "//pkg/kubelet/dockershim/metrics:all-srcs",
        "//pkg/kubelet/dockershim/network:all-srcs",
        "//pkg/kubelet/dockershim/remote:all-srcs",
        "//pkg/kubelet/dockershim/testing:all-srcs",
    ],
--- a/pkg/kubelet/dockershim/docker_sandbox_test.go
+++ b/pkg/kubelet/dockershim/docker_sandbox_test.go
@ -30,7 +30,7 @@ import (
 	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
 	kubecontainer "k8s.io/kubernetes/pkg/kubelet/container"
 	"k8s.io/kubernetes/pkg/kubelet/dockershim/libdocker"
-	"k8s.io/kubernetes/pkg/kubelet/network"
+	"k8s.io/kubernetes/pkg/kubelet/dockershim/network"
 	"k8s.io/kubernetes/pkg/kubelet/types"
 )
--- a/pkg/kubelet/dockershim/docker_service.go
+++ b/pkg/kubelet/dockershim/docker_service.go
@ -33,10 +33,10 @@ import (
 	kubecm "k8s.io/kubernetes/pkg/kubelet/cm"
 	kubecontainer "k8s.io/kubernetes/pkg/kubelet/container"
 	"k8s.io/kubernetes/pkg/kubelet/dockershim/cm"
-	"k8s.io/kubernetes/pkg/kubelet/network"
+	"k8s.io/kubernetes/pkg/kubelet/dockershim/network"
-	"k8s.io/kubernetes/pkg/kubelet/network/cni"
+	"k8s.io/kubernetes/pkg/kubelet/dockershim/network/cni"
-	"k8s.io/kubernetes/pkg/kubelet/network/hostport"
+	"k8s.io/kubernetes/pkg/kubelet/dockershim/network/hostport"
-	"k8s.io/kubernetes/pkg/kubelet/network/kubenet"
+	"k8s.io/kubernetes/pkg/kubelet/dockershim/network/kubenet"
 	"k8s.io/kubernetes/pkg/kubelet/server/streaming"
 	"k8s.io/kubernetes/pkg/kubelet/util/cache"
 	utilstore "k8s.io/kubernetes/pkg/kubelet/util/store"
@ -110,6 +110,9 @@ type NetworkPluginSettings struct {
 	NonMasqueradeCIDR string
 	// PluginName is the name of the plugin, runtime shim probes for
 	PluginName string
 	// PluginBinDirsString is a list of directiores delimited by commas, in
 	// which the binaries for the plugin with PluginName may be found.
 	PluginBinDirString string
 	// PluginBinDirs is an array of directories in which the binaries for
 	// the plugin with PluginName may be found. The admin is responsible for
 	// provisioning these binaries before-hand.
@ -120,13 +123,6 @@ type NetworkPluginSettings struct {
 	PluginConfDir string
 	// MTU is the desired MTU for network devices created by the plugin.
 	MTU int
 	// RuntimeHost is an interface that serves as a trap-door from plugin back
 	// into the kubelet.
 	// TODO: This shouldn't be required, remove once we move host ports into CNI
 	// and figure out bandwidth shaping. See corresponding comments above
 	// network.Host interface.
 	LegacyRuntimeHost network.LegacyHost
 }
 // namespaceGetter is a wrapper around the dockerService that implements
@ -153,7 +149,6 @@ func (p *portMappingGetter) GetPodPortMappings(containerID string) ([]*hostport.
 // and dockerServices which implements the rest of the network host interfaces.
 // The legacy host methods are slated for deletion.
 type dockerNetworkHost struct {
 	network.LegacyHost
 	*namespaceGetter
 	*portMappingGetter
 }
@ -228,11 +223,20 @@ func NewDockerService(config *ClientConfig, podSandboxImage string, streamingCon
 			return nil, err
 		}
 	}
 	// Determine the hairpin mode.
 	if err := effectiveHairpinMode(pluginSettings); err != nil {
 		// This is a non-recoverable error. Returning it up the callstack will just
 		// lead to retries of the same failure, so just fail hard.
 		return nil, err
 	}
 	glog.Infof("Hairpin mode set to %q", pluginSettings.HairpinMode)
 	// dockershim currently only supports CNI plugins.
 	pluginSettings.PluginBinDirs = cni.SplitDirs(pluginSettings.PluginBinDirString)
 	cniPlugins := cni.ProbeNetworkPlugins(pluginSettings.PluginConfDir, pluginSettings.PluginBinDirs)
 	cniPlugins = append(cniPlugins, kubenet.NewPlugin(pluginSettings.PluginBinDirs))
 	netHost := &dockerNetworkHost{
 		pluginSettings.LegacyRuntimeHost,
 		&namespaceGetter{ds},
 		&portMappingGetter{ds},
 	}
@ -506,3 +510,28 @@ func toAPIProtocol(protocol Protocol) v1.Protocol {
 	glog.Warningf("Unknown protocol %q: defaulting to TCP", protocol)
 	return v1.ProtocolTCP
 }
 // effectiveHairpinMode determines the effective hairpin mode given the
 // configured mode, and whether cbr0 should be configured.
 func effectiveHairpinMode(s *NetworkPluginSettings) error {
 	// The hairpin mode setting doesn't matter if:
 	// - We're not using a bridge network. This is hard to check because we might
 	//   be using a plugin.
 	// - It's set to hairpin-veth for a container runtime that doesn't know how
 	//   to set the hairpin flag on the veth's of containers. Currently the
 	//   docker runtime is the only one that understands this.
 	// - It's set to "none".
 	if s.HairpinMode == kubeletconfig.PromiscuousBridge || s.HairpinMode == kubeletconfig.HairpinVeth {
 		if s.HairpinMode == kubeletconfig.PromiscuousBridge && s.PluginName != "kubenet" {
 			// This is not a valid combination, since promiscuous-bridge only works on kubenet. Users might be using the
 			// default values (from before the hairpin-mode flag existed) and we
 			// should keep the old behavior.
 			glog.Warningf("Hairpin mode set to %q but kubenet is not enabled, falling back to %q", s.HairpinMode, kubeletconfig.HairpinVeth)
 			s.HairpinMode = kubeletconfig.HairpinVeth
 			return nil
 		}
 	} else if s.HairpinMode != kubeletconfig.HairpinNone {
 		return fmt.Errorf("unknown value: %q", s.HairpinMode)
 	}
 	return nil
 }
--- a/pkg/kubelet/dockershim/docker_service_test.go
+++ b/pkg/kubelet/dockershim/docker_service_test.go
@ -32,8 +32,8 @@ import (
 	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
 	containertest "k8s.io/kubernetes/pkg/kubelet/container/testing"
 	"k8s.io/kubernetes/pkg/kubelet/dockershim/libdocker"
-	"k8s.io/kubernetes/pkg/kubelet/network"
+	"k8s.io/kubernetes/pkg/kubelet/dockershim/network"
-	nettest "k8s.io/kubernetes/pkg/kubelet/network/testing"
+	nettest "k8s.io/kubernetes/pkg/kubelet/dockershim/network/testing"
 	"k8s.io/kubernetes/pkg/kubelet/util/cache"
 )
--- a/pkg/kubelet/dockershim/network/BUILD
+++ b/pkg/kubelet/dockershim/network/BUILD
@ -0,0 +1,46 @@
 load("@io_bazel_rules_go//go:def.bzl", "go_library")
 go_library(
    name = "go_default_library",
    srcs = [
        "network.go",
        "plugins.go",
    ],
    importpath = "k8s.io/kubernetes/pkg/kubelet/dockershim/network",
    visibility = ["//visibility:public"],
    deps = [
        "//pkg/kubelet/apis/kubeletconfig:go_default_library",
        "//pkg/kubelet/container:go_default_library",
        "//pkg/kubelet/dockershim/network/hostport:go_default_library",
        "//pkg/kubelet/dockershim/network/metrics:go_default_library",
        "//pkg/util/sysctl:go_default_library",
        "//vendor/github.com/golang/glog:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/util/errors:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/util/validation:go_default_library",
        "//vendor/k8s.io/utils/exec:go_default_library",
    ],
 )
 filegroup(
    name = "package-srcs",
    srcs = glob(["**"]),
    tags = ["automanaged"],
    visibility = ["//visibility:private"],
 )
 filegroup(
    name = "all-srcs",
    srcs = [
        ":package-srcs",
        "//pkg/kubelet/dockershim/network/cni:all-srcs",
        "//pkg/kubelet/dockershim/network/hairpin:all-srcs",
        "//pkg/kubelet/dockershim/network/hostport:all-srcs",
        "//pkg/kubelet/dockershim/network/kubenet:all-srcs",
        "//pkg/kubelet/dockershim/network/metrics:all-srcs",
        "//pkg/kubelet/dockershim/network/testing:all-srcs",
    ],
    tags = ["automanaged"],
    visibility = ["//visibility:public"],
 )
--- a/pkg/kubelet/dockershim/network/OWNERS
+++ b/pkg/kubelet/dockershim/network/OWNERS
@ -0,0 +1,8 @@
 approvers:
 - thockin
 - dchen1107
 - matchstick
 - freehan
 reviewers:
 - sig-network-reviewers
--- a/pkg/kubelet/dockershim/network/cni/BUILD
+++ b/pkg/kubelet/dockershim/network/cni/BUILD
@ -46,11 +46,11 @@ go_library(
        ],
        "//conditions:default": [],
    }),
-    importpath = "k8s.io/kubernetes/pkg/kubelet/network/cni",
+    importpath = "k8s.io/kubernetes/pkg/kubelet/dockershim/network/cni",
    deps = [
        "//pkg/kubelet/apis/kubeletconfig:go_default_library",
        "//pkg/kubelet/container:go_default_library",
-        "//pkg/kubelet/network:go_default_library",
+        "//pkg/kubelet/dockershim/network:go_default_library",
        "//vendor/github.com/containernetworking/cni/libcni:go_default_library",
        "//vendor/github.com/containernetworking/cni/pkg/types:go_default_library",
        "//vendor/github.com/golang/glog:go_default_library",
@ -77,10 +77,10 @@ go_test(
            "//pkg/kubelet/apis/kubeletconfig:go_default_library",
            "//pkg/kubelet/container:go_default_library",
            "//pkg/kubelet/container/testing:go_default_library",
-            "//pkg/kubelet/network:go_default_library",
+            "//pkg/kubelet/dockershim/network:go_default_library",
-            "//pkg/kubelet/network/cni/testing:go_default_library",
+            "//pkg/kubelet/dockershim/network/cni/testing:go_default_library",
-            "//pkg/kubelet/network/hostport:go_default_library",
+            "//pkg/kubelet/dockershim/network/hostport:go_default_library",
-            "//pkg/kubelet/network/testing:go_default_library",
+            "//pkg/kubelet/dockershim/network/testing:go_default_library",
            "//vendor/github.com/containernetworking/cni/pkg/types/020:go_default_library",
            "//vendor/github.com/stretchr/testify/mock:go_default_library",
            "//vendor/k8s.io/api/core/v1:go_default_library",
@ -104,7 +104,7 @@ filegroup(
    name = "all-srcs",
    srcs = [
        ":package-srcs",
-        "//pkg/kubelet/network/cni/testing:all-srcs",
+        "//pkg/kubelet/dockershim/network/cni/testing:all-srcs",
    ],
    tags = ["automanaged"],
 )
--- a/pkg/kubelet/dockershim/network/cni/cni.go
+++ b/pkg/kubelet/dockershim/network/cni/cni.go
@ -28,7 +28,7 @@ import (
 	"github.com/golang/glog"
 	"k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig"
 	kubecontainer "k8s.io/kubernetes/pkg/kubelet/container"
-	"k8s.io/kubernetes/pkg/kubelet/network"
+	"k8s.io/kubernetes/pkg/kubelet/dockershim/network"
 	utilexec "k8s.io/utils/exec"
 )
--- a/pkg/kubelet/dockershim/network/cni/cni_others.go
+++ b/pkg/kubelet/dockershim/network/cni/cni_others.go
@ -23,7 +23,7 @@ import (
 	"github.com/containernetworking/cni/libcni"
 	kubecontainer "k8s.io/kubernetes/pkg/kubelet/container"
-	"k8s.io/kubernetes/pkg/kubelet/network"
+	"k8s.io/kubernetes/pkg/kubelet/dockershim/network"
 )
 func getLoNetwork(binDirs []string) *cniNetwork {
--- a/pkg/kubelet/dockershim/network/cni/cni_test.go
+++ b/pkg/kubelet/dockershim/network/cni/cni_test.go
@ -39,10 +39,10 @@ import (
 	"k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig"
 	kubecontainer "k8s.io/kubernetes/pkg/kubelet/container"
 	containertest "k8s.io/kubernetes/pkg/kubelet/container/testing"
-	"k8s.io/kubernetes/pkg/kubelet/network"
+	"k8s.io/kubernetes/pkg/kubelet/dockershim/network"
-	"k8s.io/kubernetes/pkg/kubelet/network/cni/testing"
+	"k8s.io/kubernetes/pkg/kubelet/dockershim/network/cni/testing"
-	"k8s.io/kubernetes/pkg/kubelet/network/hostport"
+	"k8s.io/kubernetes/pkg/kubelet/dockershim/network/hostport"
-	networktest "k8s.io/kubernetes/pkg/kubelet/network/testing"
+	networktest "k8s.io/kubernetes/pkg/kubelet/dockershim/network/testing"
 	"k8s.io/utils/exec"
 	fakeexec "k8s.io/utils/exec/testing"
 )
--- a/pkg/kubelet/dockershim/network/cni/cni_windows.go
+++ b/pkg/kubelet/dockershim/network/cni/cni_windows.go
@ -24,7 +24,7 @@ import (
 	cniTypes020 "github.com/containernetworking/cni/pkg/types/020"
 	"github.com/golang/glog"
 	kubecontainer "k8s.io/kubernetes/pkg/kubelet/container"
-	"k8s.io/kubernetes/pkg/kubelet/network"
+	"k8s.io/kubernetes/pkg/kubelet/dockershim/network"
 )
 func getLoNetwork(binDirs []string) *cniNetwork {
--- a/pkg/kubelet/dockershim/network/cni/testing/BUILD
+++ b/pkg/kubelet/dockershim/network/cni/testing/BUILD
@ -8,7 +8,7 @@ load(
 go_library(
    name = "go_default_library",
    srcs = ["mock_cni.go"],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/network/cni/testing",
+    importpath = "k8s.io/kubernetes/pkg/kubelet/dockershim/network/cni/testing",
    deps = [
        "//vendor/github.com/containernetworking/cni/libcni:go_default_library",
        "//vendor/github.com/containernetworking/cni/pkg/types:go_default_library",
--- a/pkg/kubelet/dockershim/network/cni/testing/mock_cni.go
+++ b/pkg/kubelet/dockershim/network/cni/testing/mock_cni.go
--- a/pkg/kubelet/dockershim/network/hairpin/BUILD
+++ b/pkg/kubelet/dockershim/network/hairpin/BUILD
@ -9,7 +9,7 @@ load(
 go_library(
    name = "go_default_library",
    srcs = ["hairpin.go"],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/network/hairpin",
+    importpath = "k8s.io/kubernetes/pkg/kubelet/dockershim/network/hairpin",
    deps = [
        "//vendor/github.com/golang/glog:go_default_library",
        "//vendor/k8s.io/utils/exec:go_default_library",
--- a/pkg/kubelet/dockershim/network/hairpin/hairpin.go
+++ b/pkg/kubelet/dockershim/network/hairpin/hairpin.go
--- a/pkg/kubelet/dockershim/network/hairpin/hairpin_test.go
+++ b/pkg/kubelet/dockershim/network/hairpin/hairpin_test.go
--- a/pkg/kubelet/dockershim/network/hostport/BUILD
+++ b/pkg/kubelet/dockershim/network/hostport/BUILD
@ -14,7 +14,7 @@ go_library(
        "hostport_manager.go",
        "hostport_syncer.go",
    ],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/network/hostport",
+    importpath = "k8s.io/kubernetes/pkg/kubelet/dockershim/network/hostport",
    deps = [
        "//pkg/proxy/iptables:go_default_library",
        "//pkg/util/conntrack:go_default_library",
@ -56,7 +56,7 @@ filegroup(
    name = "all-srcs",
    srcs = [
        ":package-srcs",
-        "//pkg/kubelet/network/hostport/testing:all-srcs",
+        "//pkg/kubelet/dockershim/network/hostport/testing:all-srcs",
    ],
    tags = ["automanaged"],
 )
--- a/pkg/kubelet/dockershim/network/hostport/fake_iptables.go
+++ b/pkg/kubelet/dockershim/network/hostport/fake_iptables.go
--- a/pkg/kubelet/dockershim/network/hostport/fake_iptables_test.go
+++ b/pkg/kubelet/dockershim/network/hostport/fake_iptables_test.go
--- a/pkg/kubelet/dockershim/network/hostport/hostport.go
+++ b/pkg/kubelet/dockershim/network/hostport/hostport.go
--- a/pkg/kubelet/dockershim/network/hostport/hostport_manager.go
+++ b/pkg/kubelet/dockershim/network/hostport/hostport_manager.go
--- a/pkg/kubelet/dockershim/network/hostport/hostport_manager_test.go
+++ b/pkg/kubelet/dockershim/network/hostport/hostport_manager_test.go
--- a/pkg/kubelet/dockershim/network/hostport/hostport_syncer.go
+++ b/pkg/kubelet/dockershim/network/hostport/hostport_syncer.go
--- a/pkg/kubelet/dockershim/network/hostport/hostport_syncer_test.go
+++ b/pkg/kubelet/dockershim/network/hostport/hostport_syncer_test.go
--- a/pkg/kubelet/dockershim/network/hostport/hostport_test.go
+++ b/pkg/kubelet/dockershim/network/hostport/hostport_test.go
--- a/pkg/kubelet/dockershim/network/hostport/testing/BUILD
+++ b/pkg/kubelet/dockershim/network/hostport/testing/BUILD
@ -8,8 +8,8 @@ load(
 go_library(
    name = "go_default_library",
    srcs = ["fake.go"],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/network/hostport/testing",
+    importpath = "k8s.io/kubernetes/pkg/kubelet/dockershim/network/hostport/testing",
-    deps = ["//pkg/kubelet/network/hostport:go_default_library"],
+    deps = ["//pkg/kubelet/dockershim/network/hostport:go_default_library"],
 )
 filegroup(
--- a/pkg/kubelet/dockershim/network/hostport/testing/fake.go
+++ b/pkg/kubelet/dockershim/network/hostport/testing/fake.go
@ -19,7 +19,7 @@ package testing
 import (
 	"fmt"
-	"k8s.io/kubernetes/pkg/kubelet/network/hostport"
+	"k8s.io/kubernetes/pkg/kubelet/dockershim/network/hostport"
 )
 type fakeSyncer struct{}
--- a/pkg/kubelet/dockershim/network/kubenet/BUILD
+++ b/pkg/kubelet/dockershim/network/kubenet/BUILD
@ -46,33 +46,33 @@ go_library(
        ],
        "//conditions:default": [],
    }),
-    importpath = "k8s.io/kubernetes/pkg/kubelet/network/kubenet",
+    importpath = "k8s.io/kubernetes/pkg/kubelet/dockershim/network/kubenet",
    deps = select({
        "@io_bazel_rules_go//go/platform:android": [
            "//pkg/kubelet/apis/kubeletconfig:go_default_library",
            "//pkg/kubelet/container:go_default_library",
-            "//pkg/kubelet/network:go_default_library",
+            "//pkg/kubelet/dockershim/network:go_default_library",
        ],
        "@io_bazel_rules_go//go/platform:darwin": [
            "//pkg/kubelet/apis/kubeletconfig:go_default_library",
            "//pkg/kubelet/container:go_default_library",
-            "//pkg/kubelet/network:go_default_library",
+            "//pkg/kubelet/dockershim/network:go_default_library",
        ],
        "@io_bazel_rules_go//go/platform:dragonfly": [
            "//pkg/kubelet/apis/kubeletconfig:go_default_library",
            "//pkg/kubelet/container:go_default_library",
-            "//pkg/kubelet/network:go_default_library",
+            "//pkg/kubelet/dockershim/network:go_default_library",
        ],
        "@io_bazel_rules_go//go/platform:freebsd": [
            "//pkg/kubelet/apis/kubeletconfig:go_default_library",
            "//pkg/kubelet/container:go_default_library",
-            "//pkg/kubelet/network:go_default_library",
+            "//pkg/kubelet/dockershim/network:go_default_library",
        ],
        "@io_bazel_rules_go//go/platform:linux": [
            "//pkg/kubelet/apis/kubeletconfig:go_default_library",
            "//pkg/kubelet/container:go_default_library",
-            "//pkg/kubelet/network:go_default_library",
+            "//pkg/kubelet/dockershim/network:go_default_library",
-            "//pkg/kubelet/network/hostport:go_default_library",
+            "//pkg/kubelet/dockershim/network/hostport:go_default_library",
            "//pkg/util/bandwidth:go_default_library",
            "//pkg/util/dbus:go_default_library",
            "//pkg/util/ebtables:go_default_library",
@ -84,7 +84,6 @@ go_library(
            "//vendor/github.com/golang/glog:go_default_library",
            "//vendor/github.com/vishvananda/netlink:go_default_library",
            "//vendor/golang.org/x/sys/unix:go_default_library",
            "//vendor/k8s.io/api/core/v1:go_default_library",
            "//vendor/k8s.io/apimachinery/pkg/util/errors:go_default_library",
            "//vendor/k8s.io/apimachinery/pkg/util/net:go_default_library",
            "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
@ -93,32 +92,32 @@ go_library(
        "@io_bazel_rules_go//go/platform:nacl": [
            "//pkg/kubelet/apis/kubeletconfig:go_default_library",
            "//pkg/kubelet/container:go_default_library",
-            "//pkg/kubelet/network:go_default_library",
+            "//pkg/kubelet/dockershim/network:go_default_library",
        ],
        "@io_bazel_rules_go//go/platform:netbsd": [
            "//pkg/kubelet/apis/kubeletconfig:go_default_library",
            "//pkg/kubelet/container:go_default_library",
-            "//pkg/kubelet/network:go_default_library",
+            "//pkg/kubelet/dockershim/network:go_default_library",
        ],
        "@io_bazel_rules_go//go/platform:openbsd": [
            "//pkg/kubelet/apis/kubeletconfig:go_default_library",
            "//pkg/kubelet/container:go_default_library",
-            "//pkg/kubelet/network:go_default_library",
+            "//pkg/kubelet/dockershim/network:go_default_library",
        ],
        "@io_bazel_rules_go//go/platform:plan9": [
            "//pkg/kubelet/apis/kubeletconfig:go_default_library",
            "//pkg/kubelet/container:go_default_library",
-            "//pkg/kubelet/network:go_default_library",
+            "//pkg/kubelet/dockershim/network:go_default_library",
        ],
        "@io_bazel_rules_go//go/platform:solaris": [
            "//pkg/kubelet/apis/kubeletconfig:go_default_library",
            "//pkg/kubelet/container:go_default_library",
-            "//pkg/kubelet/network:go_default_library",
+            "//pkg/kubelet/dockershim/network:go_default_library",
        ],
        "@io_bazel_rules_go//go/platform:windows": [
            "//pkg/kubelet/apis/kubeletconfig:go_default_library",
            "//pkg/kubelet/container:go_default_library",
-            "//pkg/kubelet/network:go_default_library",
+            "//pkg/kubelet/dockershim/network:go_default_library",
        ],
        "//conditions:default": [],
    }),
@ -137,10 +136,10 @@ go_test(
        "@io_bazel_rules_go//go/platform:linux": [
            "//pkg/kubelet/apis/kubeletconfig:go_default_library",
            "//pkg/kubelet/container:go_default_library",
-            "//pkg/kubelet/network:go_default_library",
+            "//pkg/kubelet/dockershim/network:go_default_library",
-            "//pkg/kubelet/network/cni/testing:go_default_library",
+            "//pkg/kubelet/dockershim/network/cni/testing:go_default_library",
-            "//pkg/kubelet/network/hostport/testing:go_default_library",
+            "//pkg/kubelet/dockershim/network/hostport/testing:go_default_library",
-            "//pkg/kubelet/network/testing:go_default_library",
+            "//pkg/kubelet/dockershim/network/testing:go_default_library",
            "//pkg/util/bandwidth:go_default_library",
            "//pkg/util/iptables/testing:go_default_library",
            "//pkg/util/sysctl/testing:go_default_library",
--- a/pkg/kubelet/dockershim/network/kubenet/kubenet.go
+++ b/pkg/kubelet/dockershim/network/kubenet/kubenet.go
--- a/pkg/kubelet/dockershim/network/kubenet/kubenet_linux.go
+++ b/pkg/kubelet/dockershim/network/kubenet/kubenet_linux.go
@ -22,7 +22,6 @@ import (
 	"fmt"
 	"io/ioutil"
 	"net"
 	"path/filepath"
 	"strings"
 	"sync"
 	"time"
@ -33,14 +32,13 @@ import (
 	"github.com/golang/glog"
 	"github.com/vishvananda/netlink"
 	"golang.org/x/sys/unix"
 	"k8s.io/api/core/v1"
 	utilerrors "k8s.io/apimachinery/pkg/util/errors"
 	utilnet "k8s.io/apimachinery/pkg/util/net"
 	utilsets "k8s.io/apimachinery/pkg/util/sets"
 	"k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig"
 	kubecontainer "k8s.io/kubernetes/pkg/kubelet/container"
-	"k8s.io/kubernetes/pkg/kubelet/network"
+	"k8s.io/kubernetes/pkg/kubelet/dockershim/network"
-	"k8s.io/kubernetes/pkg/kubelet/network/hostport"
+	"k8s.io/kubernetes/pkg/kubelet/dockershim/network/hostport"
 	"k8s.io/kubernetes/pkg/util/bandwidth"
 	utildbus "k8s.io/kubernetes/pkg/util/dbus"
 	utilebtables "k8s.io/kubernetes/pkg/util/ebtables"
@ -299,9 +297,7 @@ func (plugin *kubenetNetworkPlugin) Capabilities() utilsets.Int {
 }
 // setup sets up networking through CNI using the given ns/name and sandbox ID.
-// TODO: Don't pass the pod to this method, it only needs it for bandwidth
+func (plugin *kubenetNetworkPlugin) setup(namespace string, name string, id kubecontainer.ContainerID, annotations map[string]string) error {
 // shaping and hostport management.
 func (plugin *kubenetNetworkPlugin) setup(namespace string, name string, id kubecontainer.ContainerID, pod *v1.Pod, annotations map[string]string) error {
 	// Disable DAD so we skip the kernel delay on bringing up new interfaces.
 	if err := plugin.disableContainerDAD(id); err != nil {
 		glog.V(3).Infof("Failed to disable DAD in container: %v", err)
@ -364,36 +360,21 @@ func (plugin *kubenetNetworkPlugin) setup(namespace string, name string, id kube
 		}
 	}
-	// The host can choose to not support "legacy" features. The remote
+	// TODO: replace with CNI port-forwarding plugin
-	// shim doesn't support it (#35457), but the kubelet does.
+	portMappings, err := plugin.host.GetPodPortMappings(id.ID)
-	if plugin.host.SupportsLegacyFeatures() {
+	if err != nil {
-		// Open any hostport the pod's containers want
+		return err
-		activePodPortMappings, err := plugin.getPodPortMappings()
+	}
-		if err != nil {
+	if portMappings != nil && len(portMappings) > 0 {
 		if err := plugin.hostportManager.Add(id.ID, &hostport.PodPortMapping{
 			Namespace:    namespace,
 			Name:         name,
 			PortMappings: portMappings,
 			IP:           ip4,
 			HostNetwork:  false,
 		}, BridgeName); err != nil {
 			return err
 		}
 		newPodPortMapping := hostport.ConstructPodPortMapping(pod, ip4)
 		if err := plugin.hostportSyncer.OpenPodHostportsAndSync(newPodPortMapping, BridgeName, activePodPortMappings); err != nil {
 			return err
 		}
 	} else {
 		// TODO: replace with CNI port-forwarding plugin
 		portMappings, err := plugin.host.GetPodPortMappings(id.ID)
 		if err != nil {
 			return err
 		}
 		if portMappings != nil && len(portMappings) > 0 {
 			if err := plugin.hostportManager.Add(id.ID, &hostport.PodPortMapping{
 				Namespace:    namespace,
 				Name:         name,
 				PortMappings: portMappings,
 				IP:           ip4,
 				HostNetwork:  false,
 			}, BridgeName); err != nil {
 				return err
 			}
 		}
 	}
 	return nil
 }
@ -407,38 +388,17 @@ func (plugin *kubenetNetworkPlugin) SetUpPod(namespace string, name string, id k
 		glog.V(4).Infof("SetUpPod took %v for %s/%s", time.Since(start), namespace, name)
 	}()
 	// TODO: Entire pod object only required for bw shaping and hostport.
 	pod, ok := plugin.host.GetPodByName(namespace, name)
 	if !ok {
 		return fmt.Errorf("pod %q cannot be found", name)
 	}
 	if err := plugin.Status(); err != nil {
 		return fmt.Errorf("Kubenet cannot SetUpPod: %v", err)
 	}
-	if err := plugin.setup(namespace, name, id, pod, annotations); err != nil {
+	if err := plugin.setup(namespace, name, id, annotations); err != nil {
 		// Make sure everything gets cleaned up on errors
 		podIP, _ := plugin.podIPs[id]
 		if err := plugin.teardown(namespace, name, id, podIP); err != nil {
 			// Not a hard error or warning
 			glog.V(4).Infof("Failed to clean up %s/%s after SetUpPod failure: %v", namespace, name, err)
 		}
 		// TODO(#34278): Figure out if we need IP GC through the cri.
 		// The cri should always send us teardown events for stale sandboxes,
 		// this obviates the need for GC in the common case, for kubenet.
 		if plugin.host.SupportsLegacyFeatures() {
 			// TODO: Remove this hack once we've figured out how to retrieve the netns
 			// of an exited container. Currently, restarting docker will leak a bunch of
 			// ips. This will exhaust available ip space unless we cleanup old ips. At the
 			// same time we don't want to try GC'ing them periodically as that could lead
 			// to a performance regression in starting pods. So on each setup failure, try
 			// GC on the assumption that the kubelet is going to retry pod creation, and
 			// when it does, there will be ips.
 			plugin.ipamGarbageCollection()
 		}
 		return err
 	}
@ -475,30 +435,18 @@ func (plugin *kubenetNetworkPlugin) teardown(namespace string, name string, id k
 		}
 	}
-	// The host can choose to not support "legacy" features. The remote
+	portMappings, err := plugin.host.GetPodPortMappings(id.ID)
-	// shim doesn't support it (#35457), but the kubelet does.
+	if err != nil {
-	if plugin.host.SupportsLegacyFeatures() {
+		errList = append(errList, err)
-		activePodPortMapping, err := plugin.getPodPortMappings()
+	} else if portMappings != nil && len(portMappings) > 0 {
-		if err == nil {
+		if err = plugin.hostportManager.Remove(id.ID, &hostport.PodPortMapping{
-			err = plugin.hostportSyncer.SyncHostports(BridgeName, activePodPortMapping)
+			Namespace:    namespace,
-		}
+			Name:         name,
-		if err != nil {
+			PortMappings: portMappings,
 			HostNetwork:  false,
 		}); err != nil {
 			errList = append(errList, err)
 		}
 	} else {
 		portMappings, err := plugin.host.GetPodPortMappings(id.ID)
 		if err != nil {
 			errList = append(errList, err)
 		} else if portMappings != nil && len(portMappings) > 0 {
 			if err = plugin.hostportManager.Remove(id.ID, &hostport.PodPortMapping{
 				Namespace:    namespace,
 				Name:         name,
 				PortMappings: portMappings,
 				HostNetwork:  false,
 			}); err != nil {
 				errList = append(errList, err)
 			}
 		}
 	}
 	return utilerrors.NewAggregate(errList)
 }
@ -599,119 +547,6 @@ func (plugin *kubenetNetworkPlugin) checkRequiredCNIPluginsInOneDir(dir string)
 	return true
 }
 // getNonExitedPods returns a list of pods that have at least one running container.
 func (plugin *kubenetNetworkPlugin) getNonExitedPods() ([]*kubecontainer.Pod, error) {
 	ret := []*kubecontainer.Pod{}
 	pods, err := plugin.host.GetRuntime().GetPods(true)
 	if err != nil {
 		return nil, fmt.Errorf("Failed to retrieve pods from runtime: %v", err)
 	}
 	for _, p := range pods {
 		if podIsExited(p) {
 			continue
 		}
 		ret = append(ret, p)
 	}
 	return ret, nil
 }
 func (plugin *kubenetNetworkPlugin) getPodPortMappings() ([]*hostport.PodPortMapping, error) {
 	pods, err := plugin.getNonExitedPods()
 	if err != nil {
 		return nil, err
 	}
 	activePodPortMappings := make([]*hostport.PodPortMapping, 0)
 	for _, p := range pods {
 		containerID, err := plugin.host.GetRuntime().GetPodContainerID(p)
 		if err != nil {
 			continue
 		}
 		ipString, ok := plugin.podIPs[containerID]
 		if !ok {
 			continue
 		}
 		podIP := net.ParseIP(ipString)
 		if podIP == nil {
 			continue
 		}
 		if pod, ok := plugin.host.GetPodByName(p.Namespace, p.Name); ok {
 			activePodPortMappings = append(activePodPortMappings, hostport.ConstructPodPortMapping(pod, podIP))
 		}
 	}
 	return activePodPortMappings, nil
 }
 // ipamGarbageCollection will release unused IP.
 // kubenet uses the CNI bridge plugin, which stores allocated ips on file. Each
 // file created under defaultIPAMDir has the format: ip/container-hash. So this
 // routine looks for hashes that are not reported by the currently running docker,
 // and invokes DelNetwork on each one. Note that this will only work for the
 // current CNI bridge plugin, because we have no way of finding the NetNs.
 func (plugin *kubenetNetworkPlugin) ipamGarbageCollection() {
 	glog.V(2).Infof("Starting IP garbage collection")
 	ipamDir := filepath.Join(defaultIPAMDir, KubenetPluginName)
 	files, err := ioutil.ReadDir(ipamDir)
 	if err != nil {
 		glog.Errorf("Failed to list files in %q: %v", ipamDir, err)
 		return
 	}
 	// gather containerIDs for allocated ips
 	ipContainerIdMap := make(map[string]string)
 	for _, file := range files {
 		// skip non checkpoint file
 		if ip := net.ParseIP(file.Name()); ip == nil {
 			continue
 		}
 		content, err := ioutil.ReadFile(filepath.Join(ipamDir, file.Name()))
 		if err != nil {
 			glog.Errorf("Failed to read file %v: %v", file, err)
 		}
 		ipContainerIdMap[file.Name()] = strings.TrimSpace(string(content))
 	}
 	// gather infra container IDs of current running Pods
 	runningContainerIDs := utilsets.String{}
 	pods, err := plugin.getNonExitedPods()
 	if err != nil {
 		glog.Errorf("Failed to get pods: %v", err)
 		return
 	}
 	for _, pod := range pods {
 		containerID, err := plugin.host.GetRuntime().GetPodContainerID(pod)
 		if err != nil {
 			glog.Warningf("Failed to get infra containerID of %q/%q: %v", pod.Namespace, pod.Name, err)
 			continue
 		}
 		runningContainerIDs.Insert(strings.TrimSpace(containerID.ID))
 	}
 	// release leaked ips
 	for ip, containerID := range ipContainerIdMap {
 		// if the container is not running, release IP
 		if runningContainerIDs.Has(containerID) {
 			continue
 		}
 		// CNI requires all config to be presented, although only containerID is needed in this case
 		rt := &libcni.RuntimeConf{
 			ContainerID: containerID,
 			IfName:      network.DefaultInterfaceName,
 			// TODO: How do we find the NetNs of an exited container? docker inspect
 			// doesn't show us the pid, so we probably need to checkpoint
 			NetNS: "",
 		}
 		glog.V(2).Infof("Releasing IP %q allocated to %q.", ip, containerID)
 		// CNI bridge plugin should try to release IP and then return
 		if err := plugin.cniConfig.DelNetwork(plugin.netConfig, rt); err != nil {
 			glog.Errorf("Error while releasing IP: %v", err)
 		}
 	}
 }
 // podIsExited returns true if the pod is exited (all containers inside are exited).
 func podIsExited(p *kubecontainer.Pod) bool {
 	for _, c := range p.Containers {
--- a/pkg/kubelet/dockershim/network/kubenet/kubenet_linux_test.go
+++ b/pkg/kubelet/dockershim/network/kubenet/kubenet_linux_test.go
@ -26,10 +26,10 @@ import (
 	"k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig"
 	kubecontainer "k8s.io/kubernetes/pkg/kubelet/container"
-	"k8s.io/kubernetes/pkg/kubelet/network"
+	"k8s.io/kubernetes/pkg/kubelet/dockershim/network"
-	"k8s.io/kubernetes/pkg/kubelet/network/cni/testing"
+	"k8s.io/kubernetes/pkg/kubelet/dockershim/network/cni/testing"
-	hostporttest "k8s.io/kubernetes/pkg/kubelet/network/hostport/testing"
+	hostporttest "k8s.io/kubernetes/pkg/kubelet/dockershim/network/hostport/testing"
-	nettest "k8s.io/kubernetes/pkg/kubelet/network/testing"
+	nettest "k8s.io/kubernetes/pkg/kubelet/dockershim/network/testing"
 	"k8s.io/kubernetes/pkg/util/bandwidth"
 	ipttest "k8s.io/kubernetes/pkg/util/iptables/testing"
 	sysctltest "k8s.io/kubernetes/pkg/util/sysctl/testing"
--- a/pkg/kubelet/dockershim/network/kubenet/kubenet_unsupported.go
+++ b/pkg/kubelet/dockershim/network/kubenet/kubenet_unsupported.go
@ -23,7 +23,7 @@ import (
 	"k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig"
 	kubecontainer "k8s.io/kubernetes/pkg/kubelet/container"
-	"k8s.io/kubernetes/pkg/kubelet/network"
+	"k8s.io/kubernetes/pkg/kubelet/dockershim/network"
 )
 type kubenetNetworkPlugin struct {
--- a/pkg/kubelet/dockershim/network/metrics/BUILD
+++ b/pkg/kubelet/dockershim/network/metrics/BUILD
@ -3,7 +3,7 @@ load("@io_bazel_rules_go//go:def.bzl", "go_library")
 go_library(
    name = "go_default_library",
    srcs = ["metrics.go"],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/network/metrics",
+    importpath = "k8s.io/kubernetes/pkg/kubelet/dockershim/network/metrics",
    visibility = ["//visibility:public"],
    deps = ["//vendor/github.com/prometheus/client_golang/prometheus:go_default_library"],
 )
--- a/pkg/kubelet/dockershim/network/metrics/metrics.go
+++ b/pkg/kubelet/dockershim/network/metrics/metrics.go
--- a/pkg/kubelet/dockershim/network/network.go
+++ b/pkg/kubelet/dockershim/network/network.go
--- a/pkg/kubelet/dockershim/network/plugins.go
+++ b/pkg/kubelet/dockershim/network/plugins.go
@ -24,16 +24,14 @@ import (
 	"time"
 	"github.com/golang/glog"
 	"k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	utilerrors "k8s.io/apimachinery/pkg/util/errors"
 	utilsets "k8s.io/apimachinery/pkg/util/sets"
 	"k8s.io/apimachinery/pkg/util/validation"
 	clientset "k8s.io/client-go/kubernetes"
 	"k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig"
 	kubecontainer "k8s.io/kubernetes/pkg/kubelet/container"
-	"k8s.io/kubernetes/pkg/kubelet/network/hostport"
+	"k8s.io/kubernetes/pkg/kubelet/dockershim/network/hostport"
-	"k8s.io/kubernetes/pkg/kubelet/network/metrics"
+	"k8s.io/kubernetes/pkg/kubelet/dockershim/network/metrics"
 	utilsysctl "k8s.io/kubernetes/pkg/util/sysctl"
 	utilexec "k8s.io/utils/exec"
 )
@ -91,29 +89,6 @@ type PodNetworkStatus struct {
 	IP net.IP `json:"ip" description:"Primary IP address of the pod"`
 }
 // LegacyHost implements the methods required by network plugins that
 // were directly invoked by the kubelet. Implementations of this interface
 // that do not wish to support these features can simply return false
 // to SupportsLegacyFeatures.
 type LegacyHost interface {
 	// Get the pod structure by its name, namespace
 	// Only used for hostport management and bw shaping
 	GetPodByName(namespace, name string) (*v1.Pod, bool)
 	// GetKubeClient returns a client interface
 	// Only used in testing
 	GetKubeClient() clientset.Interface
 	// GetContainerRuntime returns the container runtime that implements the containers (e.g. docker/rkt)
 	// Only used for hostport management
 	GetRuntime() kubecontainer.Runtime
 	// SupportsLegacyFeatures returns true if the network host support GetPodByName, KubeClient interface and kubelet
 	// runtime interface. These interfaces will no longer be implemented by CRI shims.
 	// This function helps network plugins to choose their behavior based on runtime.
 	SupportsLegacyFeatures() bool
 }
 // Host is an interface that plugins can use to access the kubelet.
 // TODO(#35457): get rid of this backchannel to the kubelet. The scope of
 // the back channel is restricted to host-ports/testing, and restricted
@ -126,12 +101,6 @@ type Host interface {
 	// PortMappingGetter is a getter for sandbox port mapping information.
 	PortMappingGetter
 	// LegacyHost contains methods that trap back into the Kubelet. Dependence
 	// *do not* add more dependencies in this interface. In a post-cri world,
 	// network plugins will be invoked by the runtime shim, and should only
 	// require GetNetNS and GetPodPortMappings.
 	LegacyHost
 }
 // NamespaceGetter is an interface to retrieve namespace information for a given
--- a/pkg/kubelet/dockershim/network/testing/BUILD
+++ b/pkg/kubelet/dockershim/network/testing/BUILD
@ -12,13 +12,13 @@ go_library(
        "fake_host.go",
        "mock_network_plugin.go",
    ],
-    importpath = "k8s.io/kubernetes/pkg/kubelet/network/testing",
+    importpath = "k8s.io/kubernetes/pkg/kubelet/dockershim/network/testing",
    deps = [
        "//pkg/kubelet/apis/kubeletconfig:go_default_library",
        "//pkg/kubelet/container:go_default_library",
        "//pkg/kubelet/container/testing:go_default_library",
-        "//pkg/kubelet/network:go_default_library",
+        "//pkg/kubelet/dockershim/network:go_default_library",
-        "//pkg/kubelet/network/hostport:go_default_library",
+        "//pkg/kubelet/dockershim/network/hostport:go_default_library",
        "//vendor/github.com/golang/mock/gomock:go_default_library",
        "//vendor/k8s.io/api/core/v1:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
@ -33,7 +33,7 @@ go_test(
    deps = [
        "//pkg/kubelet/apis/kubeletconfig:go_default_library",
        "//pkg/kubelet/container:go_default_library",
-        "//pkg/kubelet/network:go_default_library",
+        "//pkg/kubelet/dockershim/network:go_default_library",
        "//pkg/util/sysctl/testing:go_default_library",
        "//vendor/github.com/golang/mock/gomock:go_default_library",
        "//vendor/github.com/stretchr/testify/assert:go_default_library",
--- a/pkg/kubelet/dockershim/network/testing/fake_host.go
+++ b/pkg/kubelet/dockershim/network/testing/fake_host.go
@ -24,7 +24,7 @@ import (
 	clientset "k8s.io/client-go/kubernetes"
 	kubecontainer "k8s.io/kubernetes/pkg/kubelet/container"
 	containertest "k8s.io/kubernetes/pkg/kubelet/container/testing"
-	"k8s.io/kubernetes/pkg/kubelet/network/hostport"
+	"k8s.io/kubernetes/pkg/kubelet/dockershim/network/hostport"
 )
 type fakeNetworkHost struct {
--- a/pkg/kubelet/dockershim/network/testing/mock_network_plugin.go
+++ b/pkg/kubelet/dockershim/network/testing/mock_network_plugin.go
@ -25,7 +25,7 @@ import (
 	sets "k8s.io/apimachinery/pkg/util/sets"
 	"k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig"
 	container "k8s.io/kubernetes/pkg/kubelet/container"
-	network "k8s.io/kubernetes/pkg/kubelet/network"
+	"k8s.io/kubernetes/pkg/kubelet/dockershim/network"
 )
 // Mock of NetworkPlugin interface
--- a/pkg/kubelet/dockershim/network/testing/plugins_test.go
+++ b/pkg/kubelet/dockershim/network/testing/plugins_test.go
@ -25,7 +25,7 @@ import (
 	utilsets "k8s.io/apimachinery/pkg/util/sets"
 	"k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig"
 	kubecontainer "k8s.io/kubernetes/pkg/kubelet/container"
-	"k8s.io/kubernetes/pkg/kubelet/network"
+	"k8s.io/kubernetes/pkg/kubelet/dockershim/network"
 	sysctltest "k8s.io/kubernetes/pkg/util/sysctl/testing"
 	"github.com/golang/mock/gomock"
--- a/pkg/kubelet/dockershim/security_context.go
+++ b/pkg/kubelet/dockershim/security_context.go
@ -25,7 +25,7 @@ import (
 	dockercontainer "github.com/docker/docker/api/types/container"
 	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
-	knetwork "k8s.io/kubernetes/pkg/kubelet/network"
+	knetwork "k8s.io/kubernetes/pkg/kubelet/dockershim/network"
 )
 // applySandboxSecurityContext updates docker sandbox options according to security context.
--- a/pkg/kubelet/kubelet.go
+++ b/pkg/kubelet/kubelet.go
@ -76,8 +76,6 @@ import (
 	"k8s.io/kubernetes/pkg/kubelet/logs"
 	"k8s.io/kubernetes/pkg/kubelet/metrics"
 	"k8s.io/kubernetes/pkg/kubelet/metrics/collectors"
 	"k8s.io/kubernetes/pkg/kubelet/network"
 	"k8s.io/kubernetes/pkg/kubelet/network/cni"
 	"k8s.io/kubernetes/pkg/kubelet/network/dns"
 	"k8s.io/kubernetes/pkg/kubelet/pleg"
 	kubepod "k8s.io/kubernetes/pkg/kubelet/pod"
@ -238,7 +236,6 @@ type Dependencies struct {
 	KubeClient              clientset.Interface
 	ExternalKubeClient      clientset.Interface
 	Mounter                 mount.Interface
 	NetworkPlugins          []network.NetworkPlugin
 	OOMAdjuster             *oom.OOMAdjuster
 	OSInterface             kubecontainer.OSInterface
 	PodConfig               *config.PodConfig
@ -545,19 +542,6 @@ func NewMainKubelet(kubeCfg *kubeletconfiginternal.KubeletConfiguration,
 		glog.Infof("Experimental host user namespace defaulting is enabled.")
 	}
 	hairpinMode, err := effectiveHairpinMode(kubeletconfiginternal.HairpinMode(kubeCfg.HairpinMode), containerRuntime, crOptions.NetworkPluginName)
 	if err != nil {
 		// This is a non-recoverable error. Returning it up the callstack will just
 		// lead to retries of the same failure, so just fail hard.
 		glog.Fatalf("Invalid hairpin mode: %v", err)
 	}
 	glog.Infof("Hairpin mode set to %q", hairpinMode)
 	plug, err := network.InitNetworkPlugin(kubeDeps.NetworkPlugins, crOptions.NetworkPluginName, &criNetworkHost{&networkHost{klet}, &network.NoopPortMappingGetter{}}, hairpinMode, nonMasqueradeCIDR, int(crOptions.NetworkPluginMTU))
 	if err != nil {
 		return nil, err
 	}
 	klet.networkPlugin = plug
 	machineInfo, err := klet.cadvisor.MachineInfo()
 	if err != nil {
 		return nil, err
@ -581,31 +565,20 @@ func NewMainKubelet(kubeCfg *kubeletconfiginternal.KubeletConfiguration,
 	// TODO: These need to become arguments to a standalone docker shim.
 	pluginSettings := dockershim.NetworkPluginSettings{
-		HairpinMode:       hairpinMode,
+		HairpinMode:        kubeletconfiginternal.HairpinMode(kubeCfg.HairpinMode),
-		NonMasqueradeCIDR: nonMasqueradeCIDR,
+		NonMasqueradeCIDR:  nonMasqueradeCIDR,
-		PluginName:        crOptions.NetworkPluginName,
+		PluginName:         crOptions.NetworkPluginName,
-		PluginConfDir:     crOptions.CNIConfDir,
+		PluginConfDir:      crOptions.CNIConfDir,
-		PluginBinDirs:     cni.SplitDirs(crOptions.CNIBinDir),
+		PluginBinDirString: crOptions.CNIBinDir,
-		MTU:               int(crOptions.NetworkPluginMTU),
+		MTU:                int(crOptions.NetworkPluginMTU),
 	}
 	klet.resourceAnalyzer = serverstats.NewResourceAnalyzer(klet, kubeCfg.VolumeStatsAggPeriod.Duration)
 	// Remote runtime shim just cannot talk back to kubelet, so it doesn't
 	// support bandwidth shaping or hostports till #35457. To enable legacy
 	// features, replace with networkHost.
 	var nl *NoOpLegacyHost
 	pluginSettings.LegacyRuntimeHost = nl
 	if containerRuntime == "rkt" {
 		glog.Fatalln("rktnetes has been deprecated in favor of rktlet. Please see https://github.com/kubernetes-incubator/rktlet for more information.")
 	}
 	// kubelet defers to the runtime shim to setup networking. Setting
 	// this to nil will prevent it from trying to invoke the plugin.
 	// It's easier to always probe and initialize plugins till cri
 	// becomes the default.
 	klet.networkPlugin = nil
 	// if left at nil, that means it is unneeded
 	var legacyLogProvider kuberuntime.LegacyLogProvider
@ -940,9 +913,6 @@ type Kubelet struct {
 	// Volume plugins.
 	volumePluginMgr *volume.VolumePluginMgr
 	// Network plugin.
 	networkPlugin network.NetworkPlugin
 	// Handles container probing.
 	probeManager prober.Manager
 	// Manages container health check results.
@ -1330,7 +1300,6 @@ func (kl *Kubelet) Run(updates <-chan kubetypes.PodUpdate) {
 		// Start syncing node status immediately, this may set up things the runtime needs to run.
 		go wait.Until(kl.syncNodeStatus, kl.nodeStatusUpdateFrequency, wait.NeverStop)
 	}
 	go wait.Until(kl.syncNetworkStatus, 30*time.Second, wait.NeverStop)
 	go wait.Until(kl.updateRuntimeUp, 5*time.Second, wait.NeverStop)
 	// Start loop to sync iptables util rules
--- a/pkg/kubelet/kubelet_network.go
+++ b/pkg/kubelet/kubelet_network.go
@ -21,12 +21,7 @@ import (
 	"github.com/golang/glog"
 	"k8s.io/api/core/v1"
 	clientset "k8s.io/client-go/kubernetes"
 	runtimeapi "k8s.io/kubernetes/pkg/kubelet/apis/cri/runtime/v1alpha2"
 	"k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig"
 	kubecontainer "k8s.io/kubernetes/pkg/kubelet/container"
 	"k8s.io/kubernetes/pkg/kubelet/network"
 	kubetypes "k8s.io/kubernetes/pkg/kubelet/types"
 	utiliptables "k8s.io/kubernetes/pkg/util/iptables"
 )
@ -45,106 +40,6 @@ const (
 	KubeFirewallChain utiliptables.Chain = "KUBE-FIREWALL"
 )
 // This just exports required functions from kubelet proper, for use by network
 // plugins.
 // TODO(#35457): get rid of this backchannel to the kubelet. The scope of
 // the back channel is restricted to host-ports/testing, and restricted
 // to kubenet. No other network plugin wrapper needs it. Other plugins
 // only require a way to access namespace information, which they can do
 // directly through the methods implemented by criNetworkHost.
 type networkHost struct {
 	kubelet *Kubelet
 }
 func (nh *networkHost) GetPodByName(name, namespace string) (*v1.Pod, bool) {
 	return nh.kubelet.GetPodByName(name, namespace)
 }
 func (nh *networkHost) GetKubeClient() clientset.Interface {
 	return nh.kubelet.kubeClient
 }
 func (nh *networkHost) GetRuntime() kubecontainer.Runtime {
 	return nh.kubelet.getRuntime()
 }
 func (nh *networkHost) SupportsLegacyFeatures() bool {
 	return true
 }
 // criNetworkHost implements the part of network.Host required by the
 // cri (NamespaceGetter). It leechs off networkHost for all other
 // methods, because networkHost is slated for deletion.
 type criNetworkHost struct {
 	*networkHost
 	// criNetworkHost currently support legacy features. Hence no need to support PortMappingGetter
 	*network.NoopPortMappingGetter
 }
 // GetNetNS returns the network namespace of the given containerID.
 // This method satisfies the network.NamespaceGetter interface for
 // networkHost. It's only meant to be used from network plugins
 // that are directly invoked by the kubelet (aka: legacy, pre-cri).
 // Any network plugin invoked by a cri must implement NamespaceGetter
 // to talk directly to the runtime instead.
 func (c *criNetworkHost) GetNetNS(containerID string) (string, error) {
 	return c.kubelet.getRuntime().GetNetNS(kubecontainer.ContainerID{Type: "", ID: containerID})
 }
 // NoOpLegacyHost implements the network.LegacyHost interface for the remote
 // runtime shim by just returning empties. It doesn't support legacy features
 // like host port and bandwidth shaping.
 type NoOpLegacyHost struct{}
 // GetPodByName always returns "nil, true" for 'NoOpLegacyHost'
 func (n *NoOpLegacyHost) GetPodByName(namespace, name string) (*v1.Pod, bool) {
 	return nil, true
 }
 // GetKubeClient always returns "nil" for 'NoOpLegacyHost'
 func (n *NoOpLegacyHost) GetKubeClient() clientset.Interface {
 	return nil
 }
 // getRuntime always returns "nil" for 'NoOpLegacyHost'
 func (n *NoOpLegacyHost) GetRuntime() kubecontainer.Runtime {
 	return nil
 }
 // SupportsLegacyFeatures always returns "false" for 'NoOpLegacyHost'
 func (n *NoOpLegacyHost) SupportsLegacyFeatures() bool {
 	return false
 }
 // effectiveHairpinMode determines the effective hairpin mode given the
 // configured mode, container runtime, and whether cbr0 should be configured.
 func effectiveHairpinMode(hairpinMode kubeletconfig.HairpinMode, containerRuntime string, networkPlugin string) (kubeletconfig.HairpinMode, error) {
 	// The hairpin mode setting doesn't matter if:
 	// - We're not using a bridge network. This is hard to check because we might
 	//   be using a plugin.
 	// - It's set to hairpin-veth for a container runtime that doesn't know how
 	//   to set the hairpin flag on the veth's of containers. Currently the
 	//   docker runtime is the only one that understands this.
 	// - It's set to "none".
 	if hairpinMode == kubeletconfig.PromiscuousBridge || hairpinMode == kubeletconfig.HairpinVeth {
 		// Only on docker.
 		if containerRuntime != kubetypes.DockerContainerRuntime {
 			glog.Warningf("Hairpin mode set to %q but container runtime is %q, ignoring", hairpinMode, containerRuntime)
 			return kubeletconfig.HairpinNone, nil
 		}
 		if hairpinMode == kubeletconfig.PromiscuousBridge && networkPlugin != "kubenet" {
 			// This is not a valid combination, since promiscuous-bridge only works on kubenet. Users might be using the
 			// default values (from before the hairpin-mode flag existed) and we
 			// should keep the old behavior.
 			glog.Warningf("Hairpin mode set to %q but kubenet is not enabled, falling back to %q", hairpinMode, kubeletconfig.HairpinVeth)
 			return kubeletconfig.HairpinVeth, nil
 		}
 	} else if hairpinMode != kubeletconfig.HairpinNone {
 		return "", fmt.Errorf("unknown value: %q", hairpinMode)
 	}
 	return hairpinMode, nil
 }
 // providerRequiresNetworkingConfiguration returns whether the cloud provider
 // requires special networking configuration.
 func (kl *Kubelet) providerRequiresNetworkingConfiguration() bool {
@ -159,16 +54,6 @@ func (kl *Kubelet) providerRequiresNetworkingConfiguration() bool {
 	return supported
 }
 // syncNetworkStatus updates the network state
 func (kl *Kubelet) syncNetworkStatus() {
 	// For cri integration, network state will be updated in updateRuntimeUp,
 	// we'll get runtime network status through cri directly.
 	// TODO: Remove this once we completely switch to cri integration.
 	if kl.networkPlugin != nil {
 		kl.runtimeState.setNetworkState(kl.networkPlugin.Status())
 	}
 }
 // updatePodCIDR updates the pod CIDR in the runtime state if it is different
 // from the current CIDR.
 func (kl *Kubelet) updatePodCIDR(cidr string) {
@ -178,14 +63,6 @@ func (kl *Kubelet) updatePodCIDR(cidr string) {
 		return
 	}
 	// kubelet -> network plugin
 	// cri runtime shims are responsible for their own network plugins
 	if kl.networkPlugin != nil {
 		details := make(map[string]interface{})
 		details[network.NET_PLUGIN_EVENT_POD_CIDR_CHANGE_DETAIL_CIDR] = cidr
 		kl.networkPlugin.Event(network.NET_PLUGIN_EVENT_POD_CIDR_CHANGE, details)
 	}
 	// kubelet -> generic runtime -> runtime shim -> network plugin
 	// docker/non-cri implementations have a passthrough UpdatePodCIDR
 	if err := kl.getRuntime().UpdatePodCIDR(cidr); err != nil {
--- a/pkg/kubelet/kubelet_network_test.go
+++ b/pkg/kubelet/kubelet_network_test.go
@ -22,76 +22,6 @@ import (
 	"github.com/stretchr/testify/assert"
 )
 func TestNetworkHostGetsPodNotFound(t *testing.T) {
 	testKubelet := newTestKubelet(t, true)
 	defer testKubelet.Cleanup()
 	nh := networkHost{testKubelet.kubelet}
 	actualPod, _ := nh.GetPodByName("", "")
 	if actualPod != nil {
 		t.Fatalf("Was expected nil, received %v instead", actualPod)
 	}
 }
 func TestNetworkHostGetsKubeClient(t *testing.T) {
 	testKubelet := newTestKubelet(t, true)
 	defer testKubelet.Cleanup()
 	nh := networkHost{testKubelet.kubelet}
 	if nh.GetKubeClient() != testKubelet.fakeKubeClient {
 		t.Fatalf("NetworkHost client does not match testKubelet's client")
 	}
 }
 func TestNetworkHostGetsRuntime(t *testing.T) {
 	testKubelet := newTestKubelet(t, true)
 	defer testKubelet.Cleanup()
 	nh := networkHost{testKubelet.kubelet}
 	if nh.GetRuntime() != testKubelet.fakeRuntime {
 		t.Fatalf("NetworkHost runtime does not match testKubelet's runtime")
 	}
 }
 func TestNetworkHostSupportsLegacyFeatures(t *testing.T) {
 	testKubelet := newTestKubelet(t, true)
 	defer testKubelet.Cleanup()
 	nh := networkHost{testKubelet.kubelet}
 	if nh.SupportsLegacyFeatures() == false {
 		t.Fatalf("SupportsLegacyFeatures should not be false")
 	}
 }
 func TestNoOpHostGetsName(t *testing.T) {
 	nh := NoOpLegacyHost{}
 	pod, err := nh.GetPodByName("", "")
 	if pod != nil && err != true {
 		t.Fatalf("noOpLegacyHost getpodbyname expected to be nil and true")
 	}
 }
 func TestNoOpHostGetsKubeClient(t *testing.T) {
 	nh := NoOpLegacyHost{}
 	if nh.GetKubeClient() != nil {
 		t.Fatalf("noOpLegacyHost client expected to be nil")
 	}
 }
 func TestNoOpHostGetsRuntime(t *testing.T) {
 	nh := NoOpLegacyHost{}
 	if nh.GetRuntime() != nil {
 		t.Fatalf("noOpLegacyHost runtime expected to be nil")
 	}
 }
 func TestNoOpHostSupportsLegacyFeatures(t *testing.T) {
 	nh := NoOpLegacyHost{}
 	if nh.SupportsLegacyFeatures() != false {
 		t.Fatalf("noOpLegacyHost legacy features expected to be false")
 	}
 }
 func TestGetIPTablesMark(t *testing.T) {
 	tests := []struct {
 		bit    int
--- a/pkg/kubelet/kubelet_test.go
+++ b/pkg/kubelet/kubelet_test.go
@ -41,7 +41,6 @@ import (
 	"k8s.io/client-go/tools/record"
 	"k8s.io/client-go/util/flowcontrol"
 	"k8s.io/kubernetes/pkg/capabilities"
 	"k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig"
 	cadvisortest "k8s.io/kubernetes/pkg/kubelet/cadvisor/testing"
 	"k8s.io/kubernetes/pkg/kubelet/cm"
 	"k8s.io/kubernetes/pkg/kubelet/config"
@ -52,8 +51,6 @@ import (
 	"k8s.io/kubernetes/pkg/kubelet/images"
 	"k8s.io/kubernetes/pkg/kubelet/lifecycle"
 	"k8s.io/kubernetes/pkg/kubelet/logs"
 	"k8s.io/kubernetes/pkg/kubelet/network"
 	nettest "k8s.io/kubernetes/pkg/kubelet/network/testing"
 	"k8s.io/kubernetes/pkg/kubelet/pleg"
 	kubepod "k8s.io/kubernetes/pkg/kubelet/pod"
 	podtest "k8s.io/kubernetes/pkg/kubelet/pod/testing"
@ -168,7 +165,6 @@ func newTestKubeletWithImageList(
 	kubelet.nodeName = types.NodeName(testKubeletHostname)
 	kubelet.runtimeState = newRuntimeState(maxWaitForContainerRuntime)
 	kubelet.runtimeState.setNetworkState(nil)
 	kubelet.networkPlugin, _ = network.InitNetworkPlugin([]network.NetworkPlugin{}, "", nettest.NewFakeHost(nil), kubeletconfig.HairpinNone, "", 1440)
 	if tempDir, err := ioutil.TempDir("/tmp", "kubelet_test."); err != nil {
 		t.Fatalf("can't make a temp rootdir: %v", err)
 	} else {
--- a/pkg/kubelet/network/BUILD
+++ b/pkg/kubelet/network/BUILD
@ -1,34 +1,5 @@
 package(default_visibility = ["//visibility:public"])
 load(
    "@io_bazel_rules_go//go:def.bzl",
    "go_library",
 )
 go_library(
    name = "go_default_library",
    srcs = [
        "network.go",
        "plugins.go",
    ],
    importpath = "k8s.io/kubernetes/pkg/kubelet/network",
    deps = [
        "//pkg/kubelet/apis/kubeletconfig:go_default_library",
        "//pkg/kubelet/container:go_default_library",
        "//pkg/kubelet/network/hostport:go_default_library",
        "//pkg/kubelet/network/metrics:go_default_library",
        "//pkg/util/sysctl:go_default_library",
        "//vendor/github.com/golang/glog:go_default_library",
        "//vendor/k8s.io/api/core/v1:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/util/errors:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/util/sets:go_default_library",
        "//vendor/k8s.io/apimachinery/pkg/util/validation:go_default_library",
        "//vendor/k8s.io/client-go/kubernetes:go_default_library",
        "//vendor/k8s.io/utils/exec:go_default_library",
    ],
 )
 filegroup(
    name = "package-srcs",
    srcs = glob(["**"]),
@ -40,13 +11,7 @@ filegroup(
    name = "all-srcs",
    srcs = [
        ":package-srcs",
        "//pkg/kubelet/network/cni:all-srcs",
        "//pkg/kubelet/network/dns:all-srcs",
        "//pkg/kubelet/network/hairpin:all-srcs",
        "//pkg/kubelet/network/hostport:all-srcs",
        "//pkg/kubelet/network/kubenet:all-srcs",
        "//pkg/kubelet/network/metrics:all-srcs",
        "//pkg/kubelet/network/testing:all-srcs",
    ],
    tags = ["automanaged"],
 )
--- a/pkg/kubelet/runonce_test.go
+++ b/pkg/kubelet/runonce_test.go
@ -30,15 +30,12 @@ import (
 	"k8s.io/client-go/kubernetes/fake"
 	"k8s.io/client-go/tools/record"
 	utiltesting "k8s.io/client-go/util/testing"
 	"k8s.io/kubernetes/pkg/kubelet/apis/kubeletconfig"
 	cadvisortest "k8s.io/kubernetes/pkg/kubelet/cadvisor/testing"
 	"k8s.io/kubernetes/pkg/kubelet/cm"
 	"k8s.io/kubernetes/pkg/kubelet/configmap"
 	kubecontainer "k8s.io/kubernetes/pkg/kubelet/container"
 	containertest "k8s.io/kubernetes/pkg/kubelet/container/testing"
 	"k8s.io/kubernetes/pkg/kubelet/eviction"
 	"k8s.io/kubernetes/pkg/kubelet/network"
 	nettest "k8s.io/kubernetes/pkg/kubelet/network/testing"
 	kubepod "k8s.io/kubernetes/pkg/kubelet/pod"
 	podtest "k8s.io/kubernetes/pkg/kubelet/pod/testing"
 	"k8s.io/kubernetes/pkg/kubelet/secret"
@ -111,7 +108,6 @@ func TestRunOnce(t *testing.T) {
 		false, /* experimentalCheckNodeCapabilitiesBeforeMount */
 		false /* keepTerminatedPodVolumes */)
 	kb.networkPlugin, _ = network.InitNetworkPlugin([]network.NetworkPlugin{}, "", nettest.NewFakeHost(nil), kubeletconfig.HairpinNone, "", network.UseDefaultMTU)
 	// TODO: Factor out "StatsProvider" from Kubelet so we don't have a cyclic dependency
 	volumeStatsAggPeriod := time.Second * 10
 	kb.resourceAnalyzer = stats.NewResourceAnalyzer(kb, volumeStatsAggPeriod)
--- a/pkg/kubelet/stats/BUILD
+++ b/pkg/kubelet/stats/BUILD
@ -55,7 +55,6 @@ go_library(
        "//pkg/kubelet/container:go_default_library",
        "//pkg/kubelet/kuberuntime:go_default_library",
        "//pkg/kubelet/leaky:go_default_library",
        "//pkg/kubelet/network:go_default_library",
        "//pkg/kubelet/pod:go_default_library",
        "//pkg/kubelet/server/stats:go_default_library",
        "//pkg/kubelet/types:go_default_library",
--- a/pkg/kubelet/stats/helper.go
+++ b/pkg/kubelet/stats/helper.go
@ -27,9 +27,13 @@ import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	statsapi "k8s.io/kubernetes/pkg/kubelet/apis/stats/v1alpha1"
 	"k8s.io/kubernetes/pkg/kubelet/cadvisor"
 	"k8s.io/kubernetes/pkg/kubelet/network"
 )
 // defaultNetworkInterfaceName is used for collectng network stats.
 // This logic relies on knowledge of the container runtime implementation and
 // is not reliable.
 const defaultNetworkInterfaceName = "eth0"
 func cadvisorInfoToCPUandMemoryStats(info *cadvisorapiv2.ContainerInfo) (*statsapi.CPUStats, *statsapi.MemoryStats) {
 	cstat, found := latestContainerStats(info)
 	if !found {
@ -153,7 +157,7 @@ func cadvisorInfoToNetworkStats(name string, info *cadvisorapiv2.ContainerInfo)
 			TxErrors: &inter.TxErrors,
 		}
-		if inter.Name == network.DefaultInterfaceName {
+		if inter.Name == defaultNetworkInterfaceName {
 			iStats.InterfaceStats = iStat
 		}