set k8s.io/kubelet v0.20.10

in stead of k8s.io/kubelet v0.0.0

.drone.yml

@@ -0,0 +1,26 @@
+kind: pipeline
+type: kubernetes
+name: multus-cni
+
+steps:
+  - name: build
+    image: plugins/docker
+    pull: if-not-exists
+
+    settings:
+      registry: harbor.tdology.com
+      mtu: 1400
+      tags:
+      - latest
+      repo: harbor.tdology.com/dronetest/multus-cni
+      username: admin
+      password:
+        from_secret: harbor_password
+      mirror: https://hub-mirror.c.163.com
+      environment:
+        GOPROXY: https://goproxy.cn
+      dockerfile: images/Dockerfile
+      context: ./
+      debug: true
+    when:
+      event: [pull_request, tag]

.github/workflows/image-push-release.yml

@@ -47,7 +47,7 @@ jobs:
           context: .
           push: true
           tags: |
-            ghcr.io/${{ github.repository }}:thick-amd64
+            ghcr.io/${{ github.repository }}:stable-thick-amd64
             ${{ steps.docker_meta.outputs.tags }}-thick-amd64
           file: images/Dockerfile.thick
 

.github/workflows/test.yml

@@ -16,11 +16,10 @@ jobs:
     - name: Checkout code
       uses: actions/checkout@v2
 
-    - name: Run Revive
-      run: |
-        GO111MODULE=off go get github.com/mgechev/revive
-        $(go env GOPATH)/bin/revive -exclude ./vendor/... ./... # this is ouput for user
-        $(go env GOPATH)/bin/revive -exclude ./vendor/... ./...| xargs -0 -r false # this is for github actions
+    - name: Run Revive Action by pulling pre-built image
+      uses: docker://morphy/revive-action:v2
+      with:
+        exclude: "./vendor/..."
 
     - name: Run go fmt
       run: go fmt ./...

deployments/helm/.helmignore

@@ -0,0 +1,22 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/

deployments/helm/Chart.yaml

@@ -0,0 +1,27 @@
+# Copyright 2020 K8s Network Plumbing Group
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+apiVersion: v2
+name: multus
+description: Multus Helm chart for Kubernetes
+annotations:
+ catalog.cattle.io/ui-component: multus
+type: application
+version: 0.1.2
+home: https://github.com/intel/multus-cni
+icon: https://raw.githubusercontent.com/intel/multus-cni/master/doc/images/Multus.png
+sources:
+  - https://github.com/intel/multus-cni
+maintainers:
+  - name: Network Plumbing Group
+appVersion: 0.1.0

deployments/helm/README.md

@@ -0,0 +1,92 @@
+# Multus-CNI
+
+## 说明
+Multus CNI 是 Kubernetes 的容器网络接口 (CNI) 插件，可以将多个网络接口附加到 pod。通常，在 Kubernetes 中，每个 pod 只有一个网络接口（环回除外）——使用 Multus，您可以创建一个具有多个接口的多宿主 pod。这是通过 Multus 充当“元插件”来完成的，这是一个可以调用多个其他 CNI 插件的 CNI 插件。
+
+## 可编辑项
+修改镜像名称及版本
+values.image.repository
+values.image.tag
+
+修改默认网络配置
+values.config.cni_conf
+
+
+### 创建附加接口
+
+我们要创建一个额外的接口供 pod 使用。我们将创建一个自定义资源来定义接口的 CNI 配置，**仅同命名空间下的pod才允许引用该接口**,以macvlan举例,yaml配置如下：
+
+```
+root@ubuntu:/tdology/cni/macvlantest/conf# cat macvlan-conf-5.yaml
+
+apiVersion: "k8s.cni.cncf.io/v1"
+kind: NetworkAttachmentDefinition
+metadata:
+  name: macvlan5-conf
+spec:
+  config: '{
+      "cniVersion": "0.3.0",
+      "type": "macvlan",
+      "master": "br-eth0",
+      "vlanId": 5,
+      "ipam": {
+        "type": "host-local",
+        "subnet": "192.168.1.0/24",
+        "rangeStart": "192.168.1.2",
+        "rangeEnd": "192.168.1.20",
+        "dns": {
+          "nameservers": [ "114.114.114.114" ]
+      }        
+   }
+}'
+
+```
+
+* `kind:NetworkAttachmentDefinition`:它是 Kubernetes 的自定义扩展,定义了我们如何将网络连接到我们的 pod。
+* `metadata.name`(必填):该字段定义了cni接口名称，后续pod内将配置该名称.
+* `spec.config.cniVersion`(必填): cni版本
+* `spec.config.type`(必填):接口类型
+* `spec.config.master`(必填):主机接口名称
+* `spec.config.mode`（可选）:接口模式，可填参数为“bridge”、“private”、“vepa”、“passthru”之一。默认为“bridge”。
+* `spec.config.vlanId`（可选）:网卡vlan号，默认为无vlanid
+* `spec.config.mtu`（可选）:设置mtu值,默认为内核选择的值，该值必须为\[0，master 的 mtu]。
+* `spec.config.ipam`(必填):用于分配网卡ip地址,ipam内具体配置详见[ipam](https://www.cni.dev/plugins/current/ipam/)。
+* `spec.config.dns`（可选）：为调用该接口的pod配置dns
+
+应用接口：
+
+```
+root@ubuntu:/tdology/cni/macvlantest/conf# kubectl apply -f macvlan-conf-5.yaml 
+
+networkattachmentdefinition.k8s.cni.cncf.io/macvlan5-conf created
+
+root@ubuntu:/tdology/cni/macvlantest/conf# kubectl get networkattachmentdefinition.k8s.cni.cncf.io
+
+NAME            AGE
+macvlan5-conf   43s
+
+```
+
+### 创建附加接口的 pod
+
+我们将创建一个以上引用接口的测试pod,配置如下：
+
+```
+root@ubuntu:/tdology/cni/macvlantest/pods# cat pod1.yaml
+
+apiVersion: v1
+kind: Pod
+metadata:
+  name: macvlan
+  annotations:
+    k8s.v1.cni.cncf.io/networks: default/macvlan5-conf
+spec:
+  containers:
+  - name: samplepod
+    command: ["/bin/bash", "-c", "sleep 2000000000000"]
+    image: dougbtv/centos-network
+
+```
+
+* `metadata.annotatuins.k8s.v1.cni.cncf.io/networks`为指定附加接口字段，若需要添加多个接口则可在该字段内使用逗号分隔符将接口名称分隔开即可
+

deployments/helm/images.txt

@@ -0,0 +1 @@
+ghcr.io/k8snetworkplumbingwg/multus-cni:stable

deployments/helm/templates/NOTES.txt

@@ -0,0 +1,34 @@
+======
+{{- if or ( gt .Capabilities.KubeVersion.Major "1" ) ( ge .Capabilities.KubeVersion.Minor "16" ) }}
+1. The following components have been deployed as part of this helm chart:
+{{- if .Values.manifests.clusterRole }}
+Cluster Role: {{ .Values.serviceAccount.name }}
+{{- end}}
+{{- if .Values.manifests.clusterRoleBinding }}
+Cluster Role Binding: {{ .Chart.Name }}
+{{- end }}
+{{- if .Values.manifests.configMap }}
+Config Map: {{ .Release.Name }}-{{ .Chart.Name }}-{{ .Chart.Version }}-config
+{{- end }}
+{{- if .Values.manifests.customResourceDefinition }}
+Custom Resource Definition: network-attachment-definitions.k8s.cni.cncf.io
+{{- end }}
+{{- if .Values.manifests.daemonSet }}
+Daemon Set: {{ .Release.Name }}-{{ .Chart.Name }}-ds
+{{- end }}
+{{- if .Values.manifests.serviceAccount }}
+Service Account: {{ .Values.serviceAccount.name }}
+{{- end }}
+
+You can now deploy any other CNI and create its Network Attachment Defintion.
+---------
+
+2. To uninstall helm chart use the command:
+helm delete {{ .Release.Name }}
+
+You may have to manually delete CRD -
+kubectl delete crd network-attachment-definitions.k8s.cni.cncf.io
+---------
+{{- else }}
+To run these charts, please use K8s ver >= v1.16
+{{- end }}

deployments/helm/templates/_helpers.tpl

@@ -0,0 +1,19 @@
+# Copyright 2020 K8s Network Plumbing Group
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{/* Generate basic labels */}}
+{{- define "multus.labels" }}
+tier: node
+app: {{ .Chart.Name }}
+{{- end }}

deployments/helm/templates/clusterRole.yaml

@@ -0,0 +1,44 @@
+# Copyright 2020 K8s Network Plumbing Group
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+{{- if or ( gt .Capabilities.KubeVersion.Major "1" ) ( ge .Capabilities.KubeVersion.Minor "16" ) }}
+{{- if .Values.manifests.clusterRole }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ .Values.serviceAccount.name }}
+rules:
+  - apiGroups: ["k8s.cni.cncf.io"]
+    resources:
+      - '*'
+    verbs:
+      - '*'
+  - apiGroups:
+      - ""
+    resources:
+      - pods
+      - pods/status
+    verbs:
+      - get
+      - update
+  - apiGroups:
+      - ""
+      - events.k8s.io  
+    resources:
+      - events
+    verbs:
+      - create
+      - patch
+      - update
+{{- end }}
+{{- end }}

deployments/helm/templates/clusterRoleBinding.yaml

@@ -0,0 +1,29 @@
+# Copyright 2020 K8s Network Plumbing Group
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+{{- if or ( gt .Capabilities.KubeVersion.Major "1" ) ( ge .Capabilities.KubeVersion.Minor "16" ) }}
+{{- if .Values.manifests.clusterRoleBinding }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ .Chart.Name }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ .Chart.Name }}
+subjects:
+- kind: ServiceAccount
+  name: {{ .Values.serviceAccount.name }}
+  namespace: kube-system
+{{- end }}
+{{- end }}

deployments/helm/templates/configMap.yaml

@@ -0,0 +1,27 @@
+# Copyright 2020 K8s Network Plumbing Group
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+{{- if or ( gt .Capabilities.KubeVersion.Major "1" ) ( ge .Capabilities.KubeVersion.Minor "16" ) }}
+{{- if .Values.manifests.configMap }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ .Release.Name }}-{{ .Chart.Name }}-{{ .Chart.Version }}-config
+  namespace: kube-system
+  labels:
+{{- include "multus.labels" . | indent 4 }}
+data:
+  cni-conf.json: |-
+{{ toJson .Values.config.cni_conf | indent 4 }}
+{{- end }}
+{{- end }}

deployments/helm/templates/customResourceDefinition.yaml

@@ -0,0 +1,51 @@
+# Copyright 2020 K8s Network Plumbing Group
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+{{- if or ( gt .Capabilities.KubeVersion.Major "1" ) ( ge .Capabilities.KubeVersion.Minor "16" ) }}
+{{- if .Values.manifests.customResourceDefinition }}
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: network-attachment-definitions.k8s.cni.cncf.io
+spec:
+  group: k8s.cni.cncf.io
+  scope: Namespaced
+  names:
+    plural: network-attachment-definitions
+    singular: network-attachment-definition
+    kind: NetworkAttachmentDefinition
+    shortNames:
+    - net-attach-def
+  versions:
+    - name: v1
+      served: true
+      storage: true
+      schema:
+        openAPIV3Schema:
+          type: object
+          properties:
+            apiVersion:
+              description: 'APIVersion defines the versioned schema  tation of an object. Servers should convert recogniz latest internal value, and may reject unrecognized vi https://git.k8s.io/community/contributors/devel/sig-'
+              type: string
+            kind:
+              description: 'Kind is a string value representing the  object represents. Servers may infer this from the esubmits requests to. Cannot be updated. In CamelCaseitecture/api-conventions.md#types-kinds'
+              type: string
+            metadata:
+              type: object
+            spec:
+              type: object
+              properties:
+                config:
+                  type: string
+{{- end }}
+{{- end }}

deployments/helm/templates/daemonSet.yaml

@@ -0,0 +1,98 @@
+# Copyright 2020 K8s Network Plumbing Group
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+{{- if or ( gt .Capabilities.KubeVersion.Major "1" ) ( ge .Capabilities.KubeVersion.Minor "16" ) }}
+{{- if .Values.manifests.daemonSet }}
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+  name: {{ .Release.Name }}-{{ .Chart.Name }}-ds
+  namespace: kube-system
+  labels:
+{{- include "multus.labels" . | indent 4 }}
+spec:
+  selector:
+    matchLabels:
+      app: multus
+  updateStrategy:
+    type: RollingUpdate
+    rollingUpdate:
+      maxUnavailable: 1
+  template:
+    metadata:
+      labels:
+{{- include "multus.labels" . | indent 8 }}
+    spec:
+      hostNetwork: true
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      nodeSelector: {{- toYaml .Values.labels.nodeSelector | nindent 8 }}
+      tolerations:
+      - operator: Exists
+        effect: NoSchedule
+      - operator: Exists
+        effect: NoExecute
+      serviceAccountName: {{ .Values.serviceAccount.name }}
+      containers:
+      - name: kube-{{ .Chart.Name }}
+        image: {{ .Values.image.repository }}:{{ .Values.image.tag }}
+        imagePullPolicy: {{ .Values.image.pullPolicy }}
+        args:
+        - "--multus-conf-file=auto"
+        - "--cni-version=1.0.0"
+        - "--multus-kubeconfig-file-host=/var/lib/rancher/k3s/agent/etc/cni/net.d/multus.d/multus.kubeconfig"
+        resources: {{- toYaml .Values.pod.resources.multus | nindent 10 }}
+        {{- end }}
+        securityContext:
+          privileged: true
+        volumeMounts:
+        - name: cnibin
+          mountPath: /host/opt/cni/bin
+        - name: cni
+          mountPath: /host/etc/cni/net.d
+        - name: multus-cfg
+          mountPath: /tmp/multus-conf
+      initContainers:
+        - name: install-multus-binary
+          image: {{ .Values.image.repository }}:{{ .Values.image.tag }}
+          command:
+            - "cp"
+            - "/usr/src/multus-cni/bin/multus"
+            - "/host/opt/cni/bin/multus"
+          resources:
+            requests:
+              cpu: "10m"
+              memory: "15Mi"
+          securityContext:
+            privileged: true
+          volumeMounts:
+            - name: cnibin
+              mountPath: /host/opt/cni/bin
+              mountPropagation: Bidirectional
+      terminationGracePeriodSeconds: 10
+      volumes:
+        - name: cni
+          hostPath:
+            path: /var/lib/rancher/k3s/agent/etc/cni/net.d
+        - name: cnibin
+          hostPath:
+            path: /var/lib/rancher/k3s/data/current/bin
+        - name: multus-cfg
+          configMap:
+            name: {{ .Release.Name }}-{{ .Chart.Name }}-{{ .Chart.Version }}-config
+            items:
+            - key: cni-conf.json
+              path: 70-multus.conf
+{{- end }}

deployments/helm/templates/serviceAccount.yaml

@@ -0,0 +1,22 @@
+# Copyright 2020 K8s Network Plumbing Group
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+{{- if or ( gt .Capabilities.KubeVersion.Major "1" ) ( ge .Capabilities.KubeVersion.Minor "16" ) }}
+{{- if .Values.manifests.serviceAccount }}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ .Values.serviceAccount.name }}
+  namespace: kube-system
+{{- end }}
+{{- end }}

deployments/helm/values.yaml

@@ -0,0 +1,119 @@
+# Copyright 2020 K8s Network Plumbing Group
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Default values for multus.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+#replicaCount: 1
+
+image:
+  repository: harbor.tdology.com/k8snetworkplumbingwg/multus-cni
+  tag: stable
+  pullPolicy: IfNotPresent
+
+#imagePullSecrets: []
+#nameOverride: ""
+#fullnameOverride: ""
+
+serviceAccount:
+  # Specifies whether a service account should be created
+  #create: true
+  # Annotations to add to the service account
+  #annotations: {}
+  # The name of the service account to use.
+  # If not set and create is true, a name is generated using the fullname template
+  name: multus
+
+pod:
+  resources:
+    enabled: false
+    multus:
+      requests:
+        memory: "128Mi"
+        cpu: "250m"
+      limits:
+        memory: "1024Mi"
+        cpu: "2000m"
+
+#podSecurityContext: {}
+  # fsGroup: 2000
+
+#securityContext: {}
+  # capabilities:
+  #   drop:
+  #   - ALL
+  # readOnlyRootFilesystem: true
+  # runAsNonRoot: true
+  # runAsUser: 1000
+
+#service:
+  #type: ClusterIP
+  #port: 80
+
+#ingress:
+  #enabled: false
+  #annotations: {}
+    # kubernetes.io/ingress.class: nginx
+    # kubernetes.io/tls-acme: "true"
+  #hosts:
+    #- host: chart-example.local
+    #  paths: []
+  #tls: []
+  #  - secretName: chart-example-tls
+  #    hosts:
+  #      - chart-example.local
+
+labels:
+  nodeSelector: 
+    kubernetes.io/arch: amd64
+
+config:
+  cni_conf:
+    name: mynet
+    type: macvlan
+    master: br-eth0
+    ipam: {
+      type: dhcp
+    }
+    kubeconfig: /etc/cni/net.d/multus.d/multus.kubeconfig
+#    name: multus-cni-network
+#    type: multus
+#    kubeconfig: /etc/cni/net.d/multus.d/multus.kubeconfig
+#    cniVersion: 0.3.1
+#    confDir: /host/etc/cni/net.d
+#    cniDir: /host/opt/cni/bin/multus
+#    binDir: /host/opt/cni/bin
+#    logFile: /var/log/multus.log
+#    logLevel: panic
+#    capabilities:
+#      portMappings: true
+#    readinessindicatorfile: ""
+#    namespaceIsolation: false
+#    clusterNetwork: k8s-pod-network
+#    defaultNetwork: []
+#    delegates: []
+#    systemNamespaces: ["kube-system"]
+
+manifests:
+  serviceAccount: true
+  clusterRole: true
+  clusterRoleBinding: true
+  configMap: true
+  daemonSet: true
+  customResourceDefinition: true
+
+#tolerations: []
+
+#affinity: {}

deployments/multus-daemonset-thick-plugin.yml

@@ -122,7 +122,7 @@ spec:
       serviceAccountName: multus
       containers:
         - name: kube-multus
-          image: ghcr.io/k8snetworkplumbingwg/multus-cni:thick
+          image: ghcr.io/k8snetworkplumbingwg/multus-cni:v3.9.2-thick-amd64
           command: [ "/usr/src/multus-cni/bin/multus-daemon" ]
           args:
             - "-cni-version=0.3.1"
@@ -146,7 +146,7 @@ spec:
               mountPath: /host/opt/cni/bin
       initContainers:
         - name: install-multus-binary
-          image: ghcr.io/k8snetworkplumbingwg/multus-cni:thick
+          image: ghcr.io/k8snetworkplumbingwg/multus-cni:v3.9.2-thick-amd64
           command:
             - "cp"
             - "/usr/src/multus-cni/bin/multus"
@@ -162,7 +162,7 @@ spec:
               mountPath: /host/opt/cni/bin
               mountPropagation: Bidirectional
         - name: generate-kubeconfig
-          image: ghcr.io/k8snetworkplumbingwg/multus-cni:thick
+          image: ghcr.io/k8snetworkplumbingwg/multus-cni:v3.9.2-thick-amd64
           command:
             - "/usr/src/multus-cni/bin/generate-kubeconfig"
           args:

go.mod

@@ -19,7 +19,7 @@ require (
 	k8s.io/apimachinery v0.20.10
 	k8s.io/client-go v0.20.10
 	k8s.io/klog v1.0.0
-	k8s.io/kubelet v0.0.0
+	k8s.io/kubelet v0.20.10
 	k8s.io/kubernetes v1.20.10
 )
 

images/Dockerfile

@@ -1,5 +1,5 @@
 # This Dockerfile is used to build the image available on DockerHub
-FROM golang:1.17.9 as build
+FROM golang:1.18 as build
 
 # Add everything
 ADD . /usr/src/multus-cni
@@ -7,7 +7,7 @@ ADD . /usr/src/multus-cni
 RUN  cd /usr/src/multus-cni && \
      ./hack/build-go.sh
 
-FROM centos:centos7
+FROM python:slim
 LABEL org.opencontainers.image.source https://github.com/k8snetworkplumbingwg/multus-cni
 COPY --from=build /usr/src/multus-cni/bin /usr/src/multus-cni/bin
 COPY --from=build /usr/src/multus-cni/LICENSE /usr/src/multus-cni/LICENSE

images/Dockerfile.arm32

@@ -1,5 +1,5 @@
 # This Dockerfile is used to build the image available on DockerHub
-FROM golang:1.17.9 as build
+FROM golang:1.18 as build
 
 # Add everything
 ADD . /usr/src/multus-cni
@@ -11,7 +11,7 @@ RUN  cd /usr/src/multus-cni && \
      ./hack/build-go.sh
 
 # build arm container
-FROM arm32v7/centos:7
+FROM arm32v7/python:slim
 LABEL org.opencontainers.image.source https://github.com/k8snetworkplumbingwg/multus-cni
 COPY --from=build /usr/src/multus-cni/bin /usr/src/multus-cni/bin
 COPY --from=build /usr/src/multus-cni/LICENSE /usr/src/multus-cni/LICENSE

images/Dockerfile.arm64

@@ -1,5 +1,5 @@
 # This Dockerfile is used to build the image available on DockerHub
-FROM golang:1.17.9 as build
+FROM golang:1.18 as build
 
 # Add everything
 ADD . /usr/src/multus-cni
@@ -11,7 +11,7 @@ RUN  cd /usr/src/multus-cni && \
      ./hack/build-go.sh
 
 # build arm64 container
-FROM arm64v8/centos:7
+FROM arm64v8/python:slim
 LABEL org.opencontainers.image.source https://github.com/k8snetworkplumbingwg/multus-cni
 COPY --from=build /usr/src/multus-cni/bin /usr/src/multus-cni/bin
 COPY --from=build /usr/src/multus-cni/LICENSE /usr/src/multus-cni/LICENSE

images/Dockerfile.ppc64le

@@ -1,5 +1,5 @@
 # This Dockerfile is used to build the image available on DockerHub
-FROM golang:1.17.9 as build
+FROM golang:1.18 as build
 
 # Add everything
 ADD . /usr/src/multus-cni
@@ -11,7 +11,7 @@ RUN  cd /usr/src/multus-cni && \
      ./hack/build-go.sh
 
 # build ppc container
-FROM ppc64le/centos:latest
+FROM ppc64le/python:slim
 LABEL org.opencontainers.image.source https://github.com/k8snetworkplumbingwg/multus-cni
 COPY --from=build /usr/src/multus-cni/bin /usr/src/multus-cni/bin
 COPY --from=build /usr/src/multus-cni/LICENSE /usr/src/multus-cni/LICENSE

images/Dockerfile.s390x

@@ -1,5 +1,5 @@
 # This Dockerfile is used to build the image available on DockerHub
-FROM golang:1.17.9 as build
+FROM golang:1.18 as build
 
 # Add everything
 ADD . /usr/src/multus-cni
@@ -11,7 +11,7 @@ RUN  cd /usr/src/multus-cni && \
      ./hack/build-go.sh
 
 # build s390x container
-FROM s390x/python:3-slim
+FROM s390x/python:slim
 LABEL org.opencontainers.image.source https://github.com/k8snetworkplumbingwg/multus-cni
 COPY --from=build /usr/src/multus-cni/bin /usr/src/multus-cni/bin
 COPY --from=build /usr/src/multus-cni/LICENSE /usr/src/multus-cni/LICENSE

images/Dockerfile.thick

@@ -1,5 +1,5 @@
 # This Dockerfile is used to build the image available on DockerHub
-FROM golang:1.17.9 as build
+FROM golang:1.18 as build
 
 # Add everything
 ADD . /usr/src/multus-cni
@@ -7,7 +7,7 @@ ADD . /usr/src/multus-cni
 RUN  cd /usr/src/multus-cni && \
      ./hack/build-go.sh
 
-FROM registry.access.redhat.com/ubi8/ubi-minimal
+FROM debian:stable-slim
 LABEL org.opencontainers.image.source https://github.com/k8snetworkplumbingwg/multus-cni
 COPY --from=build /usr/src/multus-cni/bin /usr/src/multus-cni/bin
 COPY --from=build /usr/src/multus-cni/LICENSE /usr/src/multus-cni/LICENSE

images/entrypoint.sh

@@ -83,10 +83,6 @@ function warn()
     log "WARN: {$1}"
 }
 
-if type python3 &> /dev/null; then
-	alias python=python3
-fi
-
 function checkCniVersion {
       cniversion_python_tmpfile=$(mktemp)
       cat << EOF > $cniversion_python_tmpfile
@@ -103,7 +99,7 @@ if version(v_top_level) >= v_040 and version(v_nested) < v_040:
     msg = "Multus cni version is %s while master plugin cni version is %s"
     print(msg % (v_top_level, v_nested))
 EOF
-      python $cniversion_python_tmpfile $1 $2
+      python3 $cniversion_python_tmpfile $1 $2
 }
 
 # Parse parameters given as arguments to this script.
@@ -364,7 +360,7 @@ if [ "$MULTUS_CONF_FILE" == "auto" ]; then
 
       if [ "$OVERRIDE_NETWORK_NAME" == "true" ]; then
         MASTER_PLUGIN_NET_NAME="$(cat $MULTUS_AUTOCONF_DIR/$MASTER_PLUGIN | \
-            python -c 'import json,sys;print(json.load(sys.stdin)["name"])')"
+            python3 -c 'import json,sys;print(json.load(sys.stdin)["name"])')"
       else
         MASTER_PLUGIN_NET_NAME="multus-cni-network"
       fi
@@ -386,7 +382,7 @@ else:
 EOF
 
       NESTED_CAPABILITIES_STRING="$(cat $MULTUS_AUTOCONF_DIR/$MASTER_PLUGIN | \
-            python $capabilities_python_filter_tmpfile)"
+            python3 $capabilities_python_filter_tmpfile)"
       rm $capabilities_python_filter_tmpfile
       log "Nested capabilities string: $NESTED_CAPABILITIES_STRING"
 

vendor/modules.txt

@@ -489,7 +489,7 @@ k8s.io/klog
 k8s.io/klog/v2
 # k8s.io/kube-openapi v0.0.0-20201113171705-d219536bb9fd
 k8s.io/kube-openapi/pkg/util/proto
-# k8s.io/kubelet v0.0.0 => k8s.io/kubelet v0.20.10
+# k8s.io/kubelet v0.20.10 => k8s.io/kubelet v0.20.10
 ## explicit
 k8s.io/kubelet/pkg/apis/podresources/v1
 k8s.io/kubelet/pkg/apis/podresources/v1alpha1