Wire network interface into libpod

Make use of the new network interface in libpod. This commit contains several breaking changes: - podman network create only outputs the new network name and not file path. - podman network ls shows the network driver instead of the cni version and plugins. - podman network inspect outputs the new network struct and not the cni conflist. - The bindings and libpod api endpoints have been changed to use the new network structure. The container network status is stored in a new field in the state. The status should be received with the new `c.getNetworkStatus`. This will migrate the old status to the new format. Therefore old containers should contine to work correctly in all cases even when network connect/ disconnect is used. New features: - podman network reload keeps the ip and mac for more than one network. - podman container restore keeps the ip and mac for more than one network. - The network create compat endpoint can now use more than one ipam config. The man pages and the swagger doc are updated to reflect the latest changes. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
author: Paul Holzinger <pholzing@redhat.com> 2021-08-16 16:11:26 +0200
committer: Paul Holzinger <pholzing@redhat.com> 2021-09-15 20:00:20 +0200
commit: 85e8fbf7f33717ef6a0d6cf9e2143b52c874c2de (patch)
tree: 82b0c29102d2779c18ea8a6f10df5dc1139e3817 /vendor/github.com/containernetworking/plugins
parent: 218f132fdf4939d9e0374ef860d534f19e71df54 (diff)
download: podman-85e8fbf7f33717ef6a0d6cf9e2143b52c874c2de.tar.gz
podman-85e8fbf7f33717ef6a0d6cf9e2143b52c874c2de.tar.bz2
podman-85e8fbf7f33717ef6a0d6cf9e2143b52c874c2de.zip
14 files changed, 0 insertions, 1598 deletions
diff --git a/vendor/github.com/containernetworking/plugins/pkg/ip/addr_linux.go b/vendor/github.com/containernetworking/plugins/pkg/ip/addr_linux.go
deleted file mode 100644
index b4db50b9a..000000000
--- a/vendor/github.com/containernetworking/plugins/pkg/ip/addr_linux.go
+++ /dev/null
@@ -1,68 +0,0 @@
-// Copyright 2017 CNI authors
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package ip
-
-import (
-	"fmt"
-	"syscall"
-	"time"
-
-	"github.com/vishvananda/netlink"
-)
-
-const SETTLE_INTERVAL = 50 * time.Millisecond
-
-// SettleAddresses waits for all addresses on a link to leave tentative state.
-// This is particularly useful for ipv6, where all addresses need to do DAD.
-// There is no easy way to wait for this as an event, so just loop until the
-// addresses are no longer tentative.
-// If any addresses are still tentative after timeout seconds, then error.
-func SettleAddresses(ifName string, timeout int) error {
-	link, err := netlink.LinkByName(ifName)
-	if err != nil {
-		return fmt.Errorf("failed to retrieve link: %v", err)
-	}
-
-	deadline := time.Now().Add(time.Duration(timeout) * time.Second)
-	for {
-		addrs, err := netlink.AddrList(link, netlink.FAMILY_ALL)
-		if err != nil {
-			return fmt.Errorf("could not list addresses: %v", err)
-		}
-
-		if len(addrs) == 0 {
-			return nil
-		}
-
-		ok := true
-		for _, addr := range addrs {
-			if addr.Flags&(syscall.IFA_F_TENTATIVE|syscall.IFA_F_DADFAILED) > 0 {
-				ok = false
-				break // Break out of the `range addrs`, not the `for`
-			}
-		}
-
-		if ok {
-			return nil
-		}
-		if time.Now().After(deadline) {
-			return fmt.Errorf("link %s still has tentative addresses after %d seconds",
-				ifName,
-				timeout)
-		}
-
-		time.Sleep(SETTLE_INTERVAL)
-	}
-}
diff --git a/vendor/github.com/containernetworking/plugins/pkg/ip/cidr.go b/vendor/github.com/containernetworking/plugins/pkg/ip/cidr.go
deleted file mode 100644
index 7acc2d47c..000000000
--- a/vendor/github.com/containernetworking/plugins/pkg/ip/cidr.go
+++ /dev/null
@@ -1,61 +0,0 @@
-// Copyright 2015 CNI authors
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package ip
-
-import (
-	"math/big"
-	"net"
-)
-
-// NextIP returns IP incremented by 1
-func NextIP(ip net.IP) net.IP {
-	i := ipToInt(ip)
-	return intToIP(i.Add(i, big.NewInt(1)))
-}
-
-// PrevIP returns IP decremented by 1
-func PrevIP(ip net.IP) net.IP {
-	i := ipToInt(ip)
-	return intToIP(i.Sub(i, big.NewInt(1)))
-}
-
-// Cmp compares two IPs, returning the usual ordering:
-// a < b : -1
-// a == b : 0
-// a > b : 1
-func Cmp(a, b net.IP) int {
-	aa := ipToInt(a)
-	bb := ipToInt(b)
-	return aa.Cmp(bb)
-}
-
-func ipToInt(ip net.IP) *big.Int {
-	if v := ip.To4(); v != nil {
-		return big.NewInt(0).SetBytes(v)
-	}
-	return big.NewInt(0).SetBytes(ip.To16())
-}
-
-func intToIP(i *big.Int) net.IP {
-	return net.IP(i.Bytes())
-}
-
-// Network masks off the host portion of the IP
-func Network(ipn *net.IPNet) *net.IPNet {
-	return &net.IPNet{
-		IP:   ipn.IP.Mask(ipn.Mask),
-		Mask: ipn.Mask,
-	}
-}
diff --git a/vendor/github.com/containernetworking/plugins/pkg/ip/ipforward_linux.go b/vendor/github.com/containernetworking/plugins/pkg/ip/ipforward_linux.go
deleted file mode 100644
index 8216a2c38..000000000
--- a/vendor/github.com/containernetworking/plugins/pkg/ip/ipforward_linux.go
+++ /dev/null
@@ -1,61 +0,0 @@
-// Copyright 2015 CNI authors
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package ip
-
-import (
-	"bytes"
-	"io/ioutil"
-
-	"github.com/containernetworking/cni/pkg/types/current"
-)
-
-func EnableIP4Forward() error {
-	return echo1("/proc/sys/net/ipv4/ip_forward")
-}
-
-func EnableIP6Forward() error {
-	return echo1("/proc/sys/net/ipv6/conf/all/forwarding")
-}
-
-// EnableForward will enable forwarding for all configured
-// address families
-func EnableForward(ips []*current.IPConfig) error {
-	v4 := false
-	v6 := false
-
-	for _, ip := range ips {
-		if ip.Version == "4" && !v4 {
-			if err := EnableIP4Forward(); err != nil {
-				return err
-			}
-			v4 = true
-		} else if ip.Version == "6" && !v6 {
-			if err := EnableIP6Forward(); err != nil {
-				return err
-			}
-			v6 = true
-		}
-	}
-	return nil
-}
-
-func echo1(f string) error {
-	if content, err := ioutil.ReadFile(f); err == nil {
-		if bytes.Equal(bytes.TrimSpace(content), []byte("1")) {
-			return nil
-		}
-	}
-	return ioutil.WriteFile(f, []byte("1"), 0644)
-}
diff --git a/vendor/github.com/containernetworking/plugins/pkg/ip/ipmasq_linux.go b/vendor/github.com/containernetworking/plugins/pkg/ip/ipmasq_linux.go
deleted file mode 100644
index cc640a605..000000000
--- a/vendor/github.com/containernetworking/plugins/pkg/ip/ipmasq_linux.go
+++ /dev/null
@@ -1,126 +0,0 @@
-// Copyright 2015 CNI authors
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package ip
-
-import (
-	"fmt"
-	"net"
-
-	"github.com/coreos/go-iptables/iptables"
-)
-
-// SetupIPMasq installs iptables rules to masquerade traffic
-// coming from ip of ipn and going outside of ipn
-func SetupIPMasq(ipn *net.IPNet, chain string, comment string) error {
-	isV6 := ipn.IP.To4() == nil
-
-	var ipt *iptables.IPTables
-	var err error
-	var multicastNet string
-
-	if isV6 {
-		ipt, err = iptables.NewWithProtocol(iptables.ProtocolIPv6)
-		multicastNet = "ff00::/8"
-	} else {
-		ipt, err = iptables.NewWithProtocol(iptables.ProtocolIPv4)
-		multicastNet = "224.0.0.0/4"
-	}
-	if err != nil {
-		return fmt.Errorf("failed to locate iptables: %v", err)
-	}
-
-	// Create chain if doesn't exist
-	exists := false
-	chains, err := ipt.ListChains("nat")
-	if err != nil {
-		return fmt.Errorf("failed to list chains: %v", err)
-	}
-	for _, ch := range chains {
-		if ch == chain {
-			exists = true
-			break
-		}
-	}
-	if !exists {
-		if err = ipt.NewChain("nat", chain); err != nil {
-			return err
-		}
-	}
-
-	// Packets to this network should not be touched
-	if err := ipt.AppendUnique("nat", chain, "-d", ipn.String(), "-j", "ACCEPT", "-m", "comment", "--comment", comment); err != nil {
-		return err
-	}
-
-	// Don't masquerade multicast - pods should be able to talk to other pods
-	// on the local network via multicast.
-	if err := ipt.AppendUnique("nat", chain, "!", "-d", multicastNet, "-j", "MASQUERADE", "-m", "comment", "--comment", comment); err != nil {
-		return err
-	}
-
-	// Packets from the specific IP of this network will hit the chain
-	return ipt.AppendUnique("nat", "POSTROUTING", "-s", ipn.IP.String(), "-j", chain, "-m", "comment", "--comment", comment)
-}
-
-// TeardownIPMasq undoes the effects of SetupIPMasq
-func TeardownIPMasq(ipn *net.IPNet, chain string, comment string) error {
-	isV6 := ipn.IP.To4() == nil
-
-	var ipt *iptables.IPTables
-	var err error
-
-	if isV6 {
-		ipt, err = iptables.NewWithProtocol(iptables.ProtocolIPv6)
-	} else {
-		ipt, err = iptables.NewWithProtocol(iptables.ProtocolIPv4)
-	}
-	if err != nil {
-		return fmt.Errorf("failed to locate iptables: %v", err)
-	}
-
-	err = ipt.Delete("nat", "POSTROUTING", "-s", ipn.IP.String(), "-j", chain, "-m", "comment", "--comment", comment)
-	if err != nil && !isNotExist(err) {
-		return err
-	}
-
-	// for downward compatibility
-	err = ipt.Delete("nat", "POSTROUTING", "-s", ipn.String(), "-j", chain, "-m", "comment", "--comment", comment)
-	if err != nil && !isNotExist(err) {
-		return err
-	}
-
-	err = ipt.ClearChain("nat", chain)
-	if err != nil && !isNotExist(err) {
-		return err
-
-	}
-
-	err = ipt.DeleteChain("nat", chain)
-	if err != nil && !isNotExist(err) {
-		return err
-	}
-
-	return nil
-}
-
-// isNotExist returnst true if the error is from iptables indicating
-// that the target does not exist.
-func isNotExist(err error) bool {
-	e, ok := err.(*iptables.Error)
-	if !ok {
-		return false
-	}
-	return e.IsNotExist()
-}
diff --git a/vendor/github.com/containernetworking/plugins/pkg/ip/link_linux.go b/vendor/github.com/containernetworking/plugins/pkg/ip/link_linux.go
deleted file mode 100644
index f8781cf19..000000000
--- a/vendor/github.com/containernetworking/plugins/pkg/ip/link_linux.go
+++ /dev/null
@@ -1,293 +0,0 @@
-// Copyright 2015 CNI authors
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package ip
-
-import (
-	"crypto/rand"
-	"errors"
-	"fmt"
-	"net"
-	"os"
-
-	"github.com/safchain/ethtool"
-	"github.com/vishvananda/netlink"
-
-	"github.com/containernetworking/plugins/pkg/ns"
-	"github.com/containernetworking/plugins/pkg/utils/hwaddr"
-	"github.com/containernetworking/plugins/pkg/utils/sysctl"
-)
-
-var (
-	ErrLinkNotFound = errors.New("link not found")
-)
-
-func makeVethPair(name, peer string, mtu int) (netlink.Link, error) {
-	veth := &netlink.Veth{
-		LinkAttrs: netlink.LinkAttrs{
-			Name:  name,
-			Flags: net.FlagUp,
-			MTU:   mtu,
-		},
-		PeerName: peer,
-	}
-	if err := netlink.LinkAdd(veth); err != nil {
-		return nil, err
-	}
-	// Re-fetch the link to get its creation-time parameters, e.g. index and mac
-	veth2, err := netlink.LinkByName(name)
-	if err != nil {
-		netlink.LinkDel(veth) // try and clean up the link if possible.
-		return nil, err
-	}
-
-	return veth2, nil
-}
-
-func peerExists(name string) bool {
-	if _, err := netlink.LinkByName(name); err != nil {
-		return false
-	}
-	return true
-}
-
-func makeVeth(name, vethPeerName string, mtu int) (peerName string, veth netlink.Link, err error) {
-	for i := 0; i < 10; i++ {
-		if vethPeerName != "" {
-			peerName = vethPeerName
-		} else {
-			peerName, err = RandomVethName()
-			if err != nil {
-				return
-			}
-		}
-
-		veth, err = makeVethPair(name, peerName, mtu)
-		switch {
-		case err == nil:
-			return
-
-		case os.IsExist(err):
-			if peerExists(peerName) && vethPeerName == "" {
-				continue
-			}
-			err = fmt.Errorf("container veth name provided (%v) already exists", name)
-			return
-
-		default:
-			err = fmt.Errorf("failed to make veth pair: %v", err)
-			return
-		}
-	}
-
-	// should really never be hit
-	err = fmt.Errorf("failed to find a unique veth name")
-	return
-}
-
-// RandomVethName returns string "veth" with random prefix (hashed from entropy)
-func RandomVethName() (string, error) {
-	entropy := make([]byte, 4)
-	_, err := rand.Reader.Read(entropy)
-	if err != nil {
-		return "", fmt.Errorf("failed to generate random veth name: %v", err)
-	}
-
-	// NetworkManager (recent versions) will ignore veth devices that start with "veth"
-	return fmt.Sprintf("veth%x", entropy), nil
-}
-
-func RenameLink(curName, newName string) error {
-	link, err := netlink.LinkByName(curName)
-	if err == nil {
-		err = netlink.LinkSetName(link, newName)
-	}
-	return err
-}
-
-func ifaceFromNetlinkLink(l netlink.Link) net.Interface {
-	a := l.Attrs()
-	return net.Interface{
-		Index:        a.Index,
-		MTU:          a.MTU,
-		Name:         a.Name,
-		HardwareAddr: a.HardwareAddr,
-		Flags:        a.Flags,
-	}
-}
-
-// SetupVethWithName sets up a pair of virtual ethernet devices.
-// Call SetupVethWithName from inside the container netns.  It will create both veth
-// devices and move the host-side veth into the provided hostNS namespace.
-// hostVethName: If hostVethName is not specified, the host-side veth name will use a random string.
-// On success, SetupVethWithName returns (hostVeth, containerVeth, nil)
-func SetupVethWithName(contVethName, hostVethName string, mtu int, hostNS ns.NetNS) (net.Interface, net.Interface, error) {
-	hostVethName, contVeth, err := makeVeth(contVethName, hostVethName, mtu)
-	if err != nil {
-		return net.Interface{}, net.Interface{}, err
-	}
-
-	if err = netlink.LinkSetUp(contVeth); err != nil {
-		return net.Interface{}, net.Interface{}, fmt.Errorf("failed to set %q up: %v", contVethName, err)
-	}
-
-	hostVeth, err := netlink.LinkByName(hostVethName)
-	if err != nil {
-		return net.Interface{}, net.Interface{}, fmt.Errorf("failed to lookup %q: %v", hostVethName, err)
-	}
-
-	if err = netlink.LinkSetNsFd(hostVeth, int(hostNS.Fd())); err != nil {
-		return net.Interface{}, net.Interface{}, fmt.Errorf("failed to move veth to host netns: %v", err)
-	}
-
-	err = hostNS.Do(func(_ ns.NetNS) error {
-		hostVeth, err = netlink.LinkByName(hostVethName)
-		if err != nil {
-			return fmt.Errorf("failed to lookup %q in %q: %v", hostVethName, hostNS.Path(), err)
-		}
-
-		if err = netlink.LinkSetUp(hostVeth); err != nil {
-			return fmt.Errorf("failed to set %q up: %v", hostVethName, err)
-		}
-
-		// we want to own the routes for this interface
-		_, _ = sysctl.Sysctl(fmt.Sprintf("net/ipv6/conf/%s/accept_ra", hostVethName), "0")
-		return nil
-	})
-	if err != nil {
-		return net.Interface{}, net.Interface{}, err
-	}
-	return ifaceFromNetlinkLink(hostVeth), ifaceFromNetlinkLink(contVeth), nil
-}
-
-// SetupVeth sets up a pair of virtual ethernet devices.
-// Call SetupVeth from inside the container netns.  It will create both veth
-// devices and move the host-side veth into the provided hostNS namespace.
-// On success, SetupVeth returns (hostVeth, containerVeth, nil)
-func SetupVeth(contVethName string, mtu int, hostNS ns.NetNS) (net.Interface, net.Interface, error) {
-	return SetupVethWithName(contVethName, "", mtu, hostNS)
-}
-
-// DelLinkByName removes an interface link.
-func DelLinkByName(ifName string) error {
-	iface, err := netlink.LinkByName(ifName)
-	if err != nil {
-		if _, ok := err.(netlink.LinkNotFoundError); ok {
-			return ErrLinkNotFound
-		}
-		return fmt.Errorf("failed to lookup %q: %v", ifName, err)
-	}
-
-	if err = netlink.LinkDel(iface); err != nil {
-		return fmt.Errorf("failed to delete %q: %v", ifName, err)
-	}
-
-	return nil
-}
-
-// DelLinkByNameAddr remove an interface and returns its addresses
-func DelLinkByNameAddr(ifName string) ([]*net.IPNet, error) {
-	iface, err := netlink.LinkByName(ifName)
-	if err != nil {
-		if _, ok := err.(netlink.LinkNotFoundError); ok {
-			return nil, ErrLinkNotFound
-		}
-		return nil, fmt.Errorf("failed to lookup %q: %v", ifName, err)
-	}
-
-	addrs, err := netlink.AddrList(iface, netlink.FAMILY_ALL)
-	if err != nil {
-		return nil, fmt.Errorf("failed to get IP addresses for %q: %v", ifName, err)
-	}
-
-	if err = netlink.LinkDel(iface); err != nil {
-		return nil, fmt.Errorf("failed to delete %q: %v", ifName, err)
-	}
-
-	out := []*net.IPNet{}
-	for _, addr := range addrs {
-		if addr.IP.IsGlobalUnicast() {
-			out = append(out, addr.IPNet)
-		}
-	}
-
-	return out, nil
-}
-
-func SetHWAddrByIP(ifName string, ip4 net.IP, ip6 net.IP) error {
-	iface, err := netlink.LinkByName(ifName)
-	if err != nil {
-		return fmt.Errorf("failed to lookup %q: %v", ifName, err)
-	}
-
-	switch {
-	case ip4 == nil && ip6 == nil:
-		return fmt.Errorf("neither ip4 or ip6 specified")
-
-	case ip4 != nil:
-		{
-			hwAddr, err := hwaddr.GenerateHardwareAddr4(ip4, hwaddr.PrivateMACPrefix)
-			if err != nil {
-				return fmt.Errorf("failed to generate hardware addr: %v", err)
-			}
-			if err = netlink.LinkSetHardwareAddr(iface, hwAddr); err != nil {
-				return fmt.Errorf("failed to add hardware addr to %q: %v", ifName, err)
-			}
-		}
-	case ip6 != nil:
-		// TODO: IPv6
-	}
-
-	return nil
-}
-
-// GetVethPeerIfindex returns the veth link object, the peer ifindex of the
-// veth, or an error. This peer ifindex will only be valid in the peer's
-// network namespace.
-func GetVethPeerIfindex(ifName string) (netlink.Link, int, error) {
-	link, err := netlink.LinkByName(ifName)
-	if err != nil {
-		return nil, -1, fmt.Errorf("could not look up %q: %v", ifName, err)
-	}
-	if _, ok := link.(*netlink.Veth); !ok {
-		return nil, -1, fmt.Errorf("interface %q was not a veth interface", ifName)
-	}
-
-	// veth supports IFLA_LINK (what vishvananda/netlink calls ParentIndex)
-	// on 4.1 and higher kernels
-	peerIndex := link.Attrs().ParentIndex
-	if peerIndex <= 0 {
-		// Fall back to ethtool for 4.0 and earlier kernels
-		e, err := ethtool.NewEthtool()
-		if err != nil {
-			return nil, -1, fmt.Errorf("failed to initialize ethtool: %v", err)
-		}
-		defer e.Close()
-
-		stats, err := e.Stats(link.Attrs().Name)
-		if err != nil {
-			return nil, -1, fmt.Errorf("failed to request ethtool stats: %v", err)
-		}
-		n, ok := stats["peer_ifindex"]
-		if !ok {
-			return nil, -1, fmt.Errorf("failed to find 'peer_ifindex' in ethtool stats")
-		}
-		if n > 32767 || n == 0 {
-			return nil, -1, fmt.Errorf("invalid 'peer_ifindex' %d", n)
-		}
-		peerIndex = int(n)
-	}
-
-	return link, peerIndex, nil
-}
diff --git a/vendor/github.com/containernetworking/plugins/pkg/ip/route_linux.go b/vendor/github.com/containernetworking/plugins/pkg/ip/route_linux.go
deleted file mode 100644
index f5c0d0803..000000000
--- a/vendor/github.com/containernetworking/plugins/pkg/ip/route_linux.go
+++ /dev/null
@@ -1,47 +0,0 @@
-// Copyright 2015-2017 CNI authors
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package ip
-
-import (
-	"net"
-
-	"github.com/vishvananda/netlink"
-)
-
-// AddRoute adds a universally-scoped route to a device.
-func AddRoute(ipn *net.IPNet, gw net.IP, dev netlink.Link) error {
-	return netlink.RouteAdd(&netlink.Route{
-		LinkIndex: dev.Attrs().Index,
-		Scope:     netlink.SCOPE_UNIVERSE,
-		Dst:       ipn,
-		Gw:        gw,
-	})
-}
-
-// AddHostRoute adds a host-scoped route to a device.
-func AddHostRoute(ipn *net.IPNet, gw net.IP, dev netlink.Link) error {
-	return netlink.RouteAdd(&netlink.Route{
-		LinkIndex: dev.Attrs().Index,
-		Scope:     netlink.SCOPE_HOST,
-		Dst:       ipn,
-		Gw:        gw,
-	})
-}
-
-// AddDefaultRoute sets the default route on the given gateway.
-func AddDefaultRoute(gw net.IP, dev netlink.Link) error {
-	_, defNet, _ := net.ParseCIDR("0.0.0.0/0")
-	return AddRoute(defNet, gw, dev)
-}
diff --git a/vendor/github.com/containernetworking/plugins/pkg/ip/utils_linux.go b/vendor/github.com/containernetworking/plugins/pkg/ip/utils_linux.go
deleted file mode 100644
index 7623c5e13..000000000
--- a/vendor/github.com/containernetworking/plugins/pkg/ip/utils_linux.go
+++ /dev/null
@@ -1,120 +0,0 @@
-// +build linux
-
-// Copyright 2016 CNI authors
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package ip
-
-import (
-	"fmt"
-	"net"
-
-	"github.com/containernetworking/cni/pkg/types"
-	"github.com/containernetworking/cni/pkg/types/current"
-	"github.com/vishvananda/netlink"
-)
-
-func ValidateExpectedInterfaceIPs(ifName string, resultIPs []*current.IPConfig) error {
-
-	// Ensure ips
-	for _, ips := range resultIPs {
-		ourAddr := netlink.Addr{IPNet: &ips.Address}
-		match := false
-
-		link, err := netlink.LinkByName(ifName)
-		if err != nil {
-			return fmt.Errorf("Cannot find container link %v", ifName)
-		}
-
-		addrList, err := netlink.AddrList(link, netlink.FAMILY_ALL)
-		if err != nil {
-			return fmt.Errorf("Cannot obtain List of IP Addresses")
-		}
-
-		for _, addr := range addrList {
-			if addr.Equal(ourAddr) {
-				match = true
-				break
-			}
-		}
-		if match == false {
-			return fmt.Errorf("Failed to match addr %v on interface %v", ourAddr, ifName)
-		}
-
-		// Convert the host/prefixlen to just prefix for route lookup.
-		_, ourPrefix, err := net.ParseCIDR(ourAddr.String())
-
-		findGwy := &netlink.Route{Dst: ourPrefix}
-		routeFilter := netlink.RT_FILTER_DST
-		var family int
-
-		switch {
-		case ips.Version == "4":
-			family = netlink.FAMILY_V4
-		case ips.Version == "6":
-			family = netlink.FAMILY_V6
-		default:
-			return fmt.Errorf("Invalid IP Version %v for interface %v", ips.Version, ifName)
-		}
-
-		gwy, err := netlink.RouteListFiltered(family, findGwy, routeFilter)
-		if err != nil {
-			return fmt.Errorf("Error %v trying to find Gateway %v for interface %v", err, ips.Gateway, ifName)
-		}
-		if gwy == nil {
-			return fmt.Errorf("Failed to find Gateway %v for interface %v", ips.Gateway, ifName)
-		}
-	}
-
-	return nil
-}
-
-func ValidateExpectedRoute(resultRoutes []*types.Route) error {
-
-	// Ensure that each static route in prevResults is found in the routing table
-	for _, route := range resultRoutes {
-		find := &netlink.Route{Dst: &route.Dst, Gw: route.GW}
-		routeFilter := netlink.RT_FILTER_DST | netlink.RT_FILTER_GW
-		var family int
-
-		switch {
-		case route.Dst.IP.To4() != nil:
-			family = netlink.FAMILY_V4
-			// Default route needs Dst set to nil
-			if route.Dst.String() == "0.0.0.0/0" {
-				find = &netlink.Route{Dst: nil, Gw: route.GW}
-				routeFilter = netlink.RT_FILTER_DST
-			}
-		case len(route.Dst.IP) == net.IPv6len:
-			family = netlink.FAMILY_V6
-			// Default route needs Dst set to nil
-			if route.Dst.String() == "::/0" {
-				find = &netlink.Route{Dst: nil, Gw: route.GW}
-				routeFilter = netlink.RT_FILTER_DST
-			}
-		default:
-			return fmt.Errorf("Invalid static route found %v", route)
-		}
-
-		wasFound, err := netlink.RouteListFiltered(family, find, routeFilter)
-		if err != nil {
-			return fmt.Errorf("Expected Route %v not route table lookup error %v", route, err)
-		}
-		if wasFound == nil {
-			return fmt.Errorf("Expected Route %v not found in routing table", route)
-		}
-	}
-
-	return nil
-}
diff --git a/vendor/github.com/containernetworking/plugins/pkg/utils/hwaddr/hwaddr.go b/vendor/github.com/containernetworking/plugins/pkg/utils/hwaddr/hwaddr.go
deleted file mode 100644
index aaf3b8a02..000000000
--- a/vendor/github.com/containernetworking/plugins/pkg/utils/hwaddr/hwaddr.go
+++ /dev/null
@@ -1,63 +0,0 @@
-// Copyright 2016 CNI authors
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package hwaddr
-
-import (
-	"fmt"
-	"net"
-)
-
-const (
-	ipRelevantByteLen      = 4
-	PrivateMACPrefixString = "0a:58"
-)
-
-var (
-	// private mac prefix safe to use
-	PrivateMACPrefix = []byte{0x0a, 0x58}
-)
-
-type SupportIp4OnlyErr struct{ msg string }
-
-func (e SupportIp4OnlyErr) Error() string { return e.msg }
-
-type MacParseErr struct{ msg string }
-
-func (e MacParseErr) Error() string { return e.msg }
-
-type InvalidPrefixLengthErr struct{ msg string }
-
-func (e InvalidPrefixLengthErr) Error() string { return e.msg }
-
-// GenerateHardwareAddr4 generates 48 bit virtual mac addresses based on the IP4 input.
-func GenerateHardwareAddr4(ip net.IP, prefix []byte) (net.HardwareAddr, error) {
-	switch {
-
-	case ip.To4() == nil:
-		return nil, SupportIp4OnlyErr{msg: "GenerateHardwareAddr4 only supports valid IPv4 address as input"}
-
-	case len(prefix) != len(PrivateMACPrefix):
-		return nil, InvalidPrefixLengthErr{msg: fmt.Sprintf(
-			"Prefix has length %d instead  of %d", len(prefix), len(PrivateMACPrefix)),
-		}
-	}
-
-	ipByteLen := len(ip)
-	return (net.HardwareAddr)(
-		append(
-			prefix,
-			ip[ipByteLen-ipRelevantByteLen:ipByteLen]...),
-	), nil
-}
diff --git a/vendor/github.com/containernetworking/plugins/pkg/utils/sysctl/sysctl_linux.go b/vendor/github.com/containernetworking/plugins/pkg/utils/sysctl/sysctl_linux.go
deleted file mode 100644
index 7ee47e1ce..000000000
--- a/vendor/github.com/containernetworking/plugins/pkg/utils/sysctl/sysctl_linux.go
+++ /dev/null
@@ -1,80 +0,0 @@
-// Copyright 2016 CNI authors
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package sysctl
-
-import (
-	"fmt"
-	"io/ioutil"
-	"path/filepath"
-	"strings"
-)
-
-// Sysctl provides a method to set/get values from /proc/sys - in linux systems
-// new interface to set/get values of variables formerly handled by sysctl syscall
-// If optional `params` have only one string value - this function will
-// set this value into corresponding sysctl variable
-func Sysctl(name string, params ...string) (string, error) {
-	if len(params) > 1 {
-		return "", fmt.Errorf("unexcepted additional parameters")
-	} else if len(params) == 1 {
-		return setSysctl(name, params[0])
-	}
-	return getSysctl(name)
-}
-
-func getSysctl(name string) (string, error) {
-	fullName := filepath.Join("/proc/sys", toNormalName(name))
-	fullName = filepath.Clean(fullName)
-	data, err := ioutil.ReadFile(fullName)
-	if err != nil {
-		return "", err
-	}
-
-	return string(data[:len(data)-1]), nil
-}
-
-func setSysctl(name, value string) (string, error) {
-	fullName := filepath.Join("/proc/sys", toNormalName(name))
-	fullName = filepath.Clean(fullName)
-	if err := ioutil.WriteFile(fullName, []byte(value), 0644); err != nil {
-		return "", err
-	}
-
-	return getSysctl(name)
-}
-
-// Normalize names by using slash as separator
-// Sysctl names can use dots or slashes as separator:
-// - if dots are used, dots and slashes are interchanged.
-// - if slashes are used, slashes and dots are left intact.
-// Separator in use is determined by first occurrence.
-func toNormalName(name string) string {
-	interchange := false
-	for _, c := range name {
-		if c == '.' {
-			interchange = true
-			break
-		}
-		if c == '/' {
-			break
-		}
-	}
-
-	if interchange {
-		r := strings.NewReplacer(".", "/", "/", ".")
-		return r.Replace(name)
-	}
-	return name
-}
diff --git a/vendor/github.com/containernetworking/plugins/plugins/ipam/host-local/backend/allocator/allocator.go b/vendor/github.com/containernetworking/plugins/plugins/ipam/host-local/backend/allocator/allocator.go
deleted file mode 100644
index 4cec1a74e..000000000
--- a/vendor/github.com/containernetworking/plugins/plugins/ipam/host-local/backend/allocator/allocator.go
+++ /dev/null
@@ -1,228 +0,0 @@
-// Copyright 2015 CNI authors
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package allocator
-
-import (
-	"fmt"
-	"log"
-	"net"
-	"os"
-	"strconv"
-
-	"github.com/containernetworking/cni/pkg/types/current"
-	"github.com/containernetworking/plugins/pkg/ip"
-	"github.com/containernetworking/plugins/plugins/ipam/host-local/backend"
-)
-
-type IPAllocator struct {
-	rangeset *RangeSet
-	store    backend.Store
-	rangeID  string // Used for tracking last reserved ip
-}
-
-func NewIPAllocator(s *RangeSet, store backend.Store, id int) *IPAllocator {
-	return &IPAllocator{
-		rangeset: s,
-		store:    store,
-		rangeID:  strconv.Itoa(id),
-	}
-}
-
-// Get allocates an IP
-func (a *IPAllocator) Get(id string, ifname string, requestedIP net.IP) (*current.IPConfig, error) {
-	a.store.Lock()
-	defer a.store.Unlock()
-
-	var reservedIP *net.IPNet
-	var gw net.IP
-
-	if requestedIP != nil {
-		if err := canonicalizeIP(&requestedIP); err != nil {
-			return nil, err
-		}
-
-		r, err := a.rangeset.RangeFor(requestedIP)
-		if err != nil {
-			return nil, err
-		}
-
-		if requestedIP.Equal(r.Gateway) {
-			return nil, fmt.Errorf("requested ip %s is subnet's gateway", requestedIP.String())
-		}
-
-		reserved, err := a.store.Reserve(id, ifname, requestedIP, a.rangeID)
-		if err != nil {
-			return nil, err
-		}
-		if !reserved {
-			return nil, fmt.Errorf("requested IP address %s is not available in range set %s", requestedIP, a.rangeset.String())
-		}
-		reservedIP = &net.IPNet{IP: requestedIP, Mask: r.Subnet.Mask}
-		gw = r.Gateway
-
-	} else {
-		// try to get allocated IPs for this given id, if exists, just return error
-		// because duplicate allocation is not allowed in SPEC
-		// https://github.com/containernetworking/cni/blob/master/SPEC.md
-		allocatedIPs := a.store.GetByID(id, ifname)
-		for _, allocatedIP := range allocatedIPs {
-			// check whether the existing IP belong to this range set
-			if _, err := a.rangeset.RangeFor(allocatedIP); err == nil {
-				return nil, fmt.Errorf("%s has been allocated to %s, duplicate allocation is not allowed", allocatedIP.String(), id)
-			}
-		}
-
-		iter, err := a.GetIter()
-		if err != nil {
-			return nil, err
-		}
-		for {
-			reservedIP, gw = iter.Next()
-			if reservedIP == nil {
-				break
-			}
-
-			reserved, err := a.store.Reserve(id, ifname, reservedIP.IP, a.rangeID)
-			if err != nil {
-				return nil, err
-			}
-
-			if reserved {
-				break
-			}
-		}
-	}
-
-	if reservedIP == nil {
-		return nil, fmt.Errorf("no IP addresses available in range set: %s", a.rangeset.String())
-	}
-	version := "4"
-	if reservedIP.IP.To4() == nil {
-		version = "6"
-	}
-
-	return &current.IPConfig{
-		Version: version,
-		Address: *reservedIP,
-		Gateway: gw,
-	}, nil
-}
-
-// Release clears all IPs allocated for the container with given ID
-func (a *IPAllocator) Release(id string, ifname string) error {
-	a.store.Lock()
-	defer a.store.Unlock()
-
-	return a.store.ReleaseByID(id, ifname)
-}
-
-type RangeIter struct {
-	rangeset *RangeSet
-
-	// The current range id
-	rangeIdx int
-
-	// Our current position
-	cur net.IP
-
-	// The IP and range index where we started iterating; if we hit this again, we're done.
-	startIP    net.IP
-	startRange int
-}
-
-// GetIter encapsulates the strategy for this allocator.
-// We use a round-robin strategy, attempting to evenly use the whole set.
-// More specifically, a crash-looping container will not see the same IP until
-// the entire range has been run through.
-// We may wish to consider avoiding recently-released IPs in the future.
-func (a *IPAllocator) GetIter() (*RangeIter, error) {
-	iter := RangeIter{
-		rangeset: a.rangeset,
-	}
-
-	// Round-robin by trying to allocate from the last reserved IP + 1
-	startFromLastReservedIP := false
-
-	// We might get a last reserved IP that is wrong if the range indexes changed.
-	// This is not critical, we just lose round-robin this one time.
-	lastReservedIP, err := a.store.LastReservedIP(a.rangeID)
-	if err != nil && !os.IsNotExist(err) {
-		log.Printf("Error retrieving last reserved ip: %v", err)
-	} else if lastReservedIP != nil {
-		startFromLastReservedIP = a.rangeset.Contains(lastReservedIP)
-	}
-
-	// Find the range in the set with this IP
-	if startFromLastReservedIP {
-		for i, r := range *a.rangeset {
-			if r.Contains(lastReservedIP) {
-				iter.rangeIdx = i
-				iter.startRange = i
-
-				// We advance the cursor on every Next(), so the first call
-				// to next() will return lastReservedIP + 1
-				iter.cur = lastReservedIP
-				break
-			}
-		}
-	} else {
-		iter.rangeIdx = 0
-		iter.startRange = 0
-		iter.startIP = (*a.rangeset)[0].RangeStart
-	}
-	return &iter, nil
-}
-
-// Next returns the next IP, its mask, and its gateway. Returns nil
-// if the iterator has been exhausted
-func (i *RangeIter) Next() (*net.IPNet, net.IP) {
-	r := (*i.rangeset)[i.rangeIdx]
-
-	// If this is the first time iterating and we're not starting in the middle
-	// of the range, then start at rangeStart, which is inclusive
-	if i.cur == nil {
-		i.cur = r.RangeStart
-		i.startIP = i.cur
-		if i.cur.Equal(r.Gateway) {
-			return i.Next()
-		}
-		return &net.IPNet{IP: i.cur, Mask: r.Subnet.Mask}, r.Gateway
-	}
-
-	// If we've reached the end of this range, we need to advance the range
-	// RangeEnd is inclusive as well
-	if i.cur.Equal(r.RangeEnd) {
-		i.rangeIdx += 1
-		i.rangeIdx %= len(*i.rangeset)
-		r = (*i.rangeset)[i.rangeIdx]
-
-		i.cur = r.RangeStart
-	} else {
-		i.cur = ip.NextIP(i.cur)
-	}
-
-	if i.startIP == nil {
-		i.startIP = i.cur
-	} else if i.rangeIdx == i.startRange && i.cur.Equal(i.startIP) {
-		// IF we've looped back to where we started, give up
-		return nil, nil
-	}
-
-	if i.cur.Equal(r.Gateway) {
-		return i.Next()
-	}
-
-	return &net.IPNet{IP: i.cur, Mask: r.Subnet.Mask}, r.Gateway
-}
diff --git a/vendor/github.com/containernetworking/plugins/plugins/ipam/host-local/backend/allocator/config.go b/vendor/github.com/containernetworking/plugins/plugins/ipam/host-local/backend/allocator/config.go
deleted file mode 100644
index c8cb2a746..000000000
--- a/vendor/github.com/containernetworking/plugins/plugins/ipam/host-local/backend/allocator/config.go
+++ /dev/null
@@ -1,160 +0,0 @@
-// Copyright 2015 CNI authors
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package allocator
-
-import (
-	"encoding/json"
-	"fmt"
-	"net"
-
-	"github.com/containernetworking/cni/pkg/types"
-	"github.com/containernetworking/cni/pkg/types/020"
-)
-
-// The top-level network config - IPAM plugins are passed the full configuration
-// of the calling plugin, not just the IPAM section.
-type Net struct {
-	Name          string      `json:"name"`
-	CNIVersion    string      `json:"cniVersion"`
-	IPAM          *IPAMConfig `json:"ipam"`
-	RuntimeConfig struct {    // The capability arg
-		IPRanges []RangeSet `json:"ipRanges,omitempty"`
-	} `json:"runtimeConfig,omitempty"`
-	Args *struct {
-		A *IPAMArgs `json:"cni"`
-	} `json:"args"`
-}
-
-// IPAMConfig represents the IP related network configuration.
-// This nests Range because we initially only supported a single
-// range directly, and wish to preserve backwards compatability
-type IPAMConfig struct {
-	*Range
-	Name       string
-	Type       string         `json:"type"`
-	Routes     []*types.Route `json:"routes"`
-	DataDir    string         `json:"dataDir"`
-	ResolvConf string         `json:"resolvConf"`
-	Ranges     []RangeSet     `json:"ranges"`
-	IPArgs     []net.IP       `json:"-"` // Requested IPs from CNI_ARGS and args
-}
-
-type IPAMEnvArgs struct {
-	types.CommonArgs
-	IP net.IP `json:"ip,omitempty"`
-}
-
-type IPAMArgs struct {
-	IPs []net.IP `json:"ips"`
-}
-
-type RangeSet []Range
-
-type Range struct {
-	RangeStart net.IP      `json:"rangeStart,omitempty"` // The first ip, inclusive
-	RangeEnd   net.IP      `json:"rangeEnd,omitempty"`   // The last ip, inclusive
-	Subnet     types.IPNet `json:"subnet"`
-	Gateway    net.IP      `json:"gateway,omitempty"`
-}
-
-// NewIPAMConfig creates a NetworkConfig from the given network name.
-func LoadIPAMConfig(bytes []byte, envArgs string) (*IPAMConfig, string, error) {
-	n := Net{}
-	if err := json.Unmarshal(bytes, &n); err != nil {
-		return nil, "", err
-	}
-
-	if n.IPAM == nil {
-		return nil, "", fmt.Errorf("IPAM config missing 'ipam' key")
-	}
-
-	// Parse custom IP from both env args *and* the top-level args config
-	if envArgs != "" {
-		e := IPAMEnvArgs{}
-		err := types.LoadArgs(envArgs, &e)
-		if err != nil {
-			return nil, "", err
-		}
-
-		if e.IP != nil {
-			n.IPAM.IPArgs = []net.IP{e.IP}
-		}
-	}
-
-	if n.Args != nil && n.Args.A != nil && len(n.Args.A.IPs) != 0 {
-		n.IPAM.IPArgs = append(n.IPAM.IPArgs, n.Args.A.IPs...)
-	}
-
-	for idx := range n.IPAM.IPArgs {
-		if err := canonicalizeIP(&n.IPAM.IPArgs[idx]); err != nil {
-			return nil, "", fmt.Errorf("cannot understand ip: %v", err)
-		}
-	}
-
-	// If a single range (old-style config) is specified, prepend it to
-	// the Ranges array
-	if n.IPAM.Range != nil && n.IPAM.Range.Subnet.IP != nil {
-		n.IPAM.Ranges = append([]RangeSet{{*n.IPAM.Range}}, n.IPAM.Ranges...)
-	}
-	n.IPAM.Range = nil
-
-	// If a range is supplied as a runtime config, prepend it to the Ranges
-	if len(n.RuntimeConfig.IPRanges) > 0 {
-		n.IPAM.Ranges = append(n.RuntimeConfig.IPRanges, n.IPAM.Ranges...)
-	}
-
-	if len(n.IPAM.Ranges) == 0 {
-		return nil, "", fmt.Errorf("no IP ranges specified")
-	}
-
-	// Validate all ranges
-	numV4 := 0
-	numV6 := 0
-	for i := range n.IPAM.Ranges {
-		if err := n.IPAM.Ranges[i].Canonicalize(); err != nil {
-			return nil, "", fmt.Errorf("invalid range set %d: %s", i, err)
-		}
-
-		if n.IPAM.Ranges[i][0].RangeStart.To4() != nil {
-			numV4++
-		} else {
-			numV6++
-		}
-	}
-
-	// CNI spec 0.2.0 and below supported only one v4 and v6 address
-	if numV4 > 1 || numV6 > 1 {
-		for _, v := range types020.SupportedVersions {
-			if n.CNIVersion == v {
-				return nil, "", fmt.Errorf("CNI version %v does not support more than 1 address per family", n.CNIVersion)
-			}
-		}
-	}
-
-	// Check for overlaps
-	l := len(n.IPAM.Ranges)
-	for i, p1 := range n.IPAM.Ranges[:l-1] {
-		for j, p2 := range n.IPAM.Ranges[i+1:] {
-			if p1.Overlaps(&p2) {
-				return nil, "", fmt.Errorf("range set %d overlaps with %d", i, (i + j + 1))
-			}
-		}
-	}
-
-	// Copy net name into IPAM so not to drag Net struct around
-	n.IPAM.Name = n.Name
-
-	return n.IPAM, n.CNIVersion, nil
-}
diff --git a/vendor/github.com/containernetworking/plugins/plugins/ipam/host-local/backend/allocator/range.go b/vendor/github.com/containernetworking/plugins/plugins/ipam/host-local/backend/allocator/range.go
deleted file mode 100644
index 9bf389e80..000000000
--- a/vendor/github.com/containernetworking/plugins/plugins/ipam/host-local/backend/allocator/range.go
+++ /dev/null
@@ -1,166 +0,0 @@
-// Copyright 2017 CNI authors
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package allocator
-
-import (
-	"fmt"
-	"net"
-
-	"github.com/containernetworking/cni/pkg/types"
-	"github.com/containernetworking/plugins/pkg/ip"
-)
-
-// Canonicalize takes a given range and ensures that all information is consistent,
-// filling out Start, End, and Gateway with sane values if missing
-func (r *Range) Canonicalize() error {
-	if err := canonicalizeIP(&r.Subnet.IP); err != nil {
-		return err
-	}
-
-	// Can't create an allocator for a network with no addresses, eg
-	// a /32 or /31
-	ones, masklen := r.Subnet.Mask.Size()
-	if ones > masklen-2 {
-		return fmt.Errorf("Network %s too small to allocate from", (*net.IPNet)(&r.Subnet).String())
-	}
-
-	if len(r.Subnet.IP) != len(r.Subnet.Mask) {
-		return fmt.Errorf("IPNet IP and Mask version mismatch")
-	}
-
-	// Ensure Subnet IP is the network address, not some other address
-	networkIP := r.Subnet.IP.Mask(r.Subnet.Mask)
-	if !r.Subnet.IP.Equal(networkIP) {
-		return fmt.Errorf("Network has host bits set. For a subnet mask of length %d the network address is %s", ones, networkIP.String())
-	}
-
-	// If the gateway is nil, claim .1
-	if r.Gateway == nil {
-		r.Gateway = ip.NextIP(r.Subnet.IP)
-	} else {
-		if err := canonicalizeIP(&r.Gateway); err != nil {
-			return err
-		}
-	}
-
-	// RangeStart: If specified, make sure it's sane (inside the subnet),
-	// otherwise use the first free IP (i.e. .1) - this will conflict with the
-	// gateway but we skip it in the iterator
-	if r.RangeStart != nil {
-		if err := canonicalizeIP(&r.RangeStart); err != nil {
-			return err
-		}
-
-		if !r.Contains(r.RangeStart) {
-			return fmt.Errorf("RangeStart %s not in network %s", r.RangeStart.String(), (*net.IPNet)(&r.Subnet).String())
-		}
-	} else {
-		r.RangeStart = ip.NextIP(r.Subnet.IP)
-	}
-
-	// RangeEnd: If specified, verify sanity. Otherwise, add a sensible default
-	// (e.g. for a /24: .254 if IPv4, ::255 if IPv6)
-	if r.RangeEnd != nil {
-		if err := canonicalizeIP(&r.RangeEnd); err != nil {
-			return err
-		}
-
-		if !r.Contains(r.RangeEnd) {
-			return fmt.Errorf("RangeEnd %s not in network %s", r.RangeEnd.String(), (*net.IPNet)(&r.Subnet).String())
-		}
-	} else {
-		r.RangeEnd = lastIP(r.Subnet)
-	}
-
-	return nil
-}
-
-// IsValidIP checks if a given ip is a valid, allocatable address in a given Range
-func (r *Range) Contains(addr net.IP) bool {
-	if err := canonicalizeIP(&addr); err != nil {
-		return false
-	}
-
-	subnet := (net.IPNet)(r.Subnet)
-
-	// Not the same address family
-	if len(addr) != len(r.Subnet.IP) {
-		return false
-	}
-
-	// Not in network
-	if !subnet.Contains(addr) {
-		return false
-	}
-
-	// We ignore nils here so we can use this function as we initialize the range.
-	if r.RangeStart != nil {
-		// Before the range start
-		if ip.Cmp(addr, r.RangeStart) < 0 {
-			return false
-		}
-	}
-
-	if r.RangeEnd != nil {
-		if ip.Cmp(addr, r.RangeEnd) > 0 {
-			// After the  range end
-			return false
-		}
-	}
-
-	return true
-}
-
-// Overlaps returns true if there is any overlap between ranges
-func (r *Range) Overlaps(r1 *Range) bool {
-	// different familes
-	if len(r.RangeStart) != len(r1.RangeStart) {
-		return false
-	}
-
-	return r.Contains(r1.RangeStart) ||
-		r.Contains(r1.RangeEnd) ||
-		r1.Contains(r.RangeStart) ||
-		r1.Contains(r.RangeEnd)
-}
-
-func (r *Range) String() string {
-	return fmt.Sprintf("%s-%s", r.RangeStart.String(), r.RangeEnd.String())
-}
-
-// canonicalizeIP makes sure a provided ip is in standard form
-func canonicalizeIP(ip *net.IP) error {
-	if ip.To4() != nil {
-		*ip = ip.To4()
-		return nil
-	} else if ip.To16() != nil {
-		*ip = ip.To16()
-		return nil
-	}
-	return fmt.Errorf("IP %s not v4 nor v6", *ip)
-}
-
-// Determine the last IP of a subnet, excluding the broadcast if IPv4
-func lastIP(subnet types.IPNet) net.IP {
-	var end net.IP
-	for i := 0; i < len(subnet.IP); i++ {
-		end = append(end, subnet.IP[i]|^subnet.Mask[i])
-	}
-	if subnet.IP.To4() != nil {
-		end[3]--
-	}
-
-	return end
-}
diff --git a/vendor/github.com/containernetworking/plugins/plugins/ipam/host-local/backend/allocator/range_set.go b/vendor/github.com/containernetworking/plugins/plugins/ipam/host-local/backend/allocator/range_set.go
deleted file mode 100644
index da957f535..000000000
--- a/vendor/github.com/containernetworking/plugins/plugins/ipam/host-local/backend/allocator/range_set.go
+++ /dev/null
@@ -1,97 +0,0 @@
-// Copyright 2017 CNI authors
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package allocator
-
-import (
-	"fmt"
-	"net"
-	"strings"
-)
-
-// Contains returns true if any range in this set contains an IP
-func (s *RangeSet) Contains(addr net.IP) bool {
-	r, _ := s.RangeFor(addr)
-	return r != nil
-}
-
-// RangeFor finds the range that contains an IP, or nil if not found
-func (s *RangeSet) RangeFor(addr net.IP) (*Range, error) {
-	if err := canonicalizeIP(&addr); err != nil {
-		return nil, err
-	}
-
-	for _, r := range *s {
-		if r.Contains(addr) {
-			return &r, nil
-		}
-	}
-
-	return nil, fmt.Errorf("%s not in range set %s", addr.String(), s.String())
-}
-
-// Overlaps returns true if any ranges in any set overlap with this one
-func (s *RangeSet) Overlaps(p1 *RangeSet) bool {
-	for _, r := range *s {
-		for _, r1 := range *p1 {
-			if r.Overlaps(&r1) {
-				return true
-			}
-		}
-	}
-	return false
-}
-
-// Canonicalize ensures the RangeSet is in a standard form, and detects any
-// invalid input. Call Range.Canonicalize() on every Range in the set
-func (s *RangeSet) Canonicalize() error {
-	if len(*s) == 0 {
-		return fmt.Errorf("empty range set")
-	}
-
-	fam := 0
-	for i := range *s {
-		if err := (*s)[i].Canonicalize(); err != nil {
-			return err
-		}
-		if i == 0 {
-			fam = len((*s)[i].RangeStart)
-		} else {
-			if fam != len((*s)[i].RangeStart) {
-				return fmt.Errorf("mixed address families")
-			}
-		}
-	}
-
-	// Make sure none of the ranges in the set overlap
-	l := len(*s)
-	for i, r1 := range (*s)[:l-1] {
-		for _, r2 := range (*s)[i+1:] {
-			if r1.Overlaps(&r2) {
-				return fmt.Errorf("subnets %s and %s overlap", r1.String(), r2.String())
-			}
-		}
-	}
-
-	return nil
-}
-
-func (s *RangeSet) String() string {
-	out := []string{}
-	for _, r := range *s {
-		out = append(out, r.String())
-	}
-
-	return strings.Join(out, ",")
-}
diff --git a/vendor/github.com/containernetworking/plugins/plugins/ipam/host-local/backend/store.go b/vendor/github.com/containernetworking/plugins/plugins/ipam/host-local/backend/store.go
deleted file mode 100644
index 7211ddf6a..000000000
--- a/vendor/github.com/containernetworking/plugins/plugins/ipam/host-local/backend/store.go
+++ /dev/null
@@ -1,28 +0,0 @@
-// Copyright 2015 CNI authors
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package backend
-
-import "net"
-
-type Store interface {
-	Lock() error
-	Unlock() error
-	Close() error
-	Reserve(id string, ifname string, ip net.IP, rangeID string) (bool, error)
-	LastReservedIP(rangeID string) (net.IP, error)
-	Release(ip net.IP) error
-	ReleaseByID(id string, ifname string) error
-	GetByID(id string, ifname string) []net.IP
-}
author	Paul Holzinger <pholzing@redhat.com>	2021-08-16 16:11:26 +0200
committer	Paul Holzinger <pholzing@redhat.com>	2021-09-15 20:00:20 +0200
commit	85e8fbf7f33717ef6a0d6cf9e2143b52c874c2de (patch)
tree	82b0c29102d2779c18ea8a6f10df5dc1139e3817 /vendor/github.com/containernetworking/plugins
parent	218f132fdf4939d9e0374ef860d534f19e71df54 (diff)
download	podman-85e8fbf7f33717ef6a0d6cf9e2143b52c874c2de.tar.gz podman-85e8fbf7f33717ef6a0d6cf9e2143b52c874c2de.tar.bz2 podman-85e8fbf7f33717ef6a0d6cf9e2143b52c874c2de.zip