From a876f2210270626273b4254fdddfdaa0783d04ea Mon Sep 17 00:00:00 2001
From: Minhan Xia <mixia@google.com>
Date: Mon, 29 Aug 2016 13:57:42 -0700
Subject: [PATCH] keep docker0 with private cidr range

---
 cluster/gce/gci/configure-helper.sh | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/cluster/gce/gci/configure-helper.sh b/cluster/gce/gci/configure-helper.sh
index b6c17e3bada..6ad7ad2afce 100644
--- a/cluster/gce/gci/configure-helper.sh
+++ b/cluster/gce/gci/configure-helper.sh
@@ -378,7 +378,10 @@ function assemble-docker-flags {
     docker_opts+=" --log-level=warn"
   fi
   local use_net_plugin="true"
-  if [[ "${NETWORK_PROVIDER:-}" != "kubenet" && "${NETWORK_PROVIDER:-}" != "cni" ]]; then
+  if [[ "${NETWORK_PROVIDER:-}" == "kubenet" || "${NETWORK_PROVIDER:-}" == "cni" ]]; then
+    # set docker0 cidr to private ip address range to avoid conflict with cbr0 cidr range
+    docker_opts+=" --bip=169.254.123.1/24"
+  else
     use_net_plugin="false"
     docker_opts+=" --bridge=cbr0"
   fi
@@ -540,10 +543,8 @@ ExecStart=${kubelet_bin} \$KUBELET_OPTS
 WantedBy=multi-user.target
 EOF
 
-  # Delete docker0 to avoid interference
+  # Flush iptables nat table
   iptables -t nat -F || true
-  ip link set docker0 down || true
-  brctl delbr docker0 || true
 
   systemctl start kubelet.service
 }