From 220a641d9b37ec7a7982960e7fa85cdb29b3b5c9 Mon Sep 17 00:00:00 2001
From: Jordan Liggitt <liggitt@google.com>
Date: Thu, 4 Jun 2020 12:16:22 -0400
Subject: [PATCH 01/42] Tighten GA_ONLY configuration to drop CSR exception for
 1.19

---
 hack/ci/e2e-k8s.sh | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/hack/ci/e2e-k8s.sh b/hack/ci/e2e-k8s.sh
index 113d35acaa..4431a2b073 100755
--- a/hack/ci/e2e-k8s.sh
+++ b/hack/ci/e2e-k8s.sh
@@ -110,8 +110,7 @@ create_cluster() {
       echo "GA_ONLY=true is only supported on versions >= v1.18, got ${KUBE_VERSION}"
       exit 1
       ;;
-    v1.1[8-9].*)
-      # TODO(liggitt): drop this exception for 1.19 once the CSR API and feature are promoted to GA in 1.19
+    v1.18.*)
       echo "Limiting to GA APIs and features (plus certificates.k8s.io/v1beta1 and RotateKubeletClientCertificate) for ${KUBE_VERSION}"
       feature_gates='{"AllAlpha":false,"AllBeta":false,"RotateKubeletClientCertificate":true}'
       runtime_config='api/alpha=false,api/beta=false,certificates.k8s.io/v1beta1=true'

From d212ac19b27940543996af89c378920d7d50e4ef Mon Sep 17 00:00:00 2001
From: Amit Watve <amwat@google.com>
Date: Tue, 9 Jun 2020 17:14:39 -0700
Subject: [PATCH 02/42] Add .svc to no_proxy.

---
 pkg/cluster/internal/providers/docker/provision.go | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/pkg/cluster/internal/providers/docker/provision.go b/pkg/cluster/internal/providers/docker/provision.go
index 4d98face51..e54ff2812c 100644
--- a/pkg/cluster/internal/providers/docker/provision.go
+++ b/pkg/cluster/internal/providers/docker/provision.go
@@ -294,6 +294,9 @@ func getProxyEnv(cfg *config.Cluster, networkName string, nodeNames []string) (m
 
 		noProxyList := append(subnets, envs[common.NOProxy])
 		noProxyList = append(noProxyList, nodeNames...)
+		// Add .svc explicitly to no_proxy to allow in cluster
+		// pod and service dns resolution
+		noProxyList = append(noProxyList, ".svc")
 		noProxyJoined := strings.Join(noProxyList, ",")
 		envs[common.NOProxy] = noProxyJoined
 		envs[strings.ToLower(common.NOProxy)] = noProxyJoined

From 2395dc2c3000cf77e89e1e5bcc4a4946ed03e0cb Mon Sep 17 00:00:00 2001
From: Amit Watve <amwat@google.com>
Date: Tue, 9 Jun 2020 17:16:47 -0700
Subject: [PATCH 03/42] Use tagged image instead of latest for ingress guide.

---
 site/static/examples/ingress/usage.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/site/static/examples/ingress/usage.yaml b/site/static/examples/ingress/usage.yaml
index 5f3e45dbd2..797df01e35 100644
--- a/site/static/examples/ingress/usage.yaml
+++ b/site/static/examples/ingress/usage.yaml
@@ -7,7 +7,7 @@ metadata:
 spec:
   containers:
   - name: foo-app
-    image: hashicorp/http-echo
+    image: hashicorp/http-echo:0.2.3
     args:
     - "-text=foo"
 ---
@@ -31,7 +31,7 @@ metadata:
 spec:
   containers:
   - name: bar-app
-    image: hashicorp/http-echo
+    image: hashicorp/http-echo:0.2.3
     args:
     - "-text=bar"
 ---

From 276ff7f3375f7950422bab1d2a8069813f214256 Mon Sep 17 00:00:00 2001
From: Benjamin Elder <bentheelder@google.com>
Date: Wed, 10 Jun 2020 10:11:29 -0700
Subject: [PATCH 04/42] upgrade to latest containerd

---
 images/base/Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/images/base/Dockerfile b/images/base/Dockerfile
index 067b8147fa..733f8d96a6 100644
--- a/images/base/Dockerfile
+++ b/images/base/Dockerfile
@@ -23,7 +23,7 @@ FROM ubuntu:20.04
 
 # Configure containerd and runc binaries from kind-ci/containerd-nightlies repository
 # The repository contains latest stable releases and nightlies built for multiple architectures
-ARG CONTAINERD_VERSION="v1.3.3-14-g449e9269"
+ARG CONTAINERD_VERSION="v1.4.0-beta.1-26-g834665d9"
 # Configure CNI binaries from upstream
 ARG CNI_VERSION="v0.8.6"
 # Configure crictl binary from upstream

From ee1089c01cc63cdf76d95a12f3e1b3b8e1b06c96 Mon Sep 17 00:00:00 2001
From: Benjamin Elder <bentheelder@google.com>
Date: Wed, 10 Jun 2020 11:05:50 -0700
Subject: [PATCH 05/42] print runc version during build

---
 images/base/Dockerfile | 1 +
 1 file changed, 1 insertion(+)

diff --git a/images/base/Dockerfile b/images/base/Dockerfile
index 733f8d96a6..be9ee77231 100644
--- a/images/base/Dockerfile
+++ b/images/base/Dockerfile
@@ -89,6 +89,7 @@ RUN echo "Ensuring scripts are executable ..." \
     && curl -sSL --retry 5 --output /usr/local/sbin/runc "${CONTAINERD_BASE_URL}/runc.${ARCH}" \
     && chmod 755 /usr/local/sbin/runc \
     && containerd --version \
+    && runc --version \
     && systemctl enable containerd \
  && echo "Installing crictl ..." \
     && curl -fSL "https://github.com/kubernetes-sigs/cri-tools/releases/download/${CRICTL_VERSION}/crictl-${CRICTL_VERSION}-linux-${ARCH}.tar.gz" | tar xzC /usr/local/bin \

From 7c2fef2d957a53fdd04d4c4e1c451b3d3bd322fb Mon Sep 17 00:00:00 2001
From: Benjamin Elder <bentheelder@google.com>
Date: Wed, 10 Jun 2020 11:35:56 -0700
Subject: [PATCH 06/42] allow configurable progress output

---
 images/base/Makefile | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/images/base/Makefile b/images/base/Makefile
index 203a42cd91..b9fc4d36b7 100644
--- a/images/base/Makefile
+++ b/images/base/Makefile
@@ -6,8 +6,9 @@ export DOCKER_CLI_EXPERIMENTAL=enabled
 # build with buildx
 PLATFORMS?=linux/amd64,linux/arm64
 OUTPUT=
+PROGRESS=auto
 build: ensure-buildx
-	docker buildx build --platform=${PLATFORMS} $(OUTPUT) -t ${IMAGE} --pull .
+	docker buildx build --platform=${PLATFORMS} $(OUTPUT) --progress=$(PROGRESS) -t ${IMAGE} --pull .
 
 # push the cross built image
 push: OUTPUT=--push

From 8102d3eed5a9187f0359393b3f278601a293a22e Mon Sep 17 00:00:00 2001
From: Benjamin Elder <bentheelder@google.com>
Date: Wed, 10 Jun 2020 11:47:10 -0700
Subject: [PATCH 07/42] add pigz for parallel decompression

---
 images/base/Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/images/base/Dockerfile b/images/base/Dockerfile
index be9ee77231..0cfa9ca4b5 100644
--- a/images/base/Dockerfile
+++ b/images/base/Dockerfile
@@ -67,7 +67,7 @@ RUN echo "Ensuring scripts are executable ..." \
     && DEBIAN_FRONTEND=noninteractive clean-install \
       systemd \
       conntrack iptables iproute2 ethtool socat util-linux mount ebtables udev kmod \
-      libseccomp2 \
+      libseccomp2 pigz \
       bash ca-certificates curl rsync \
       nfs-common \
     && find /lib/systemd/system/sysinit.target.wants/ -name "systemd-tmpfiles-setup.service" -delete \

From 4640dbb5723374230a62f7a44c682f5c2f819848 Mon Sep 17 00:00:00 2001
From: Benjamin Elder <bentheelder@google.com>
Date: Wed, 10 Jun 2020 11:53:49 -0700
Subject: [PATCH 08/42] bump base image

---
 pkg/build/nodeimage/defaults.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pkg/build/nodeimage/defaults.go b/pkg/build/nodeimage/defaults.go
index d21267a491..f005195caa 100644
--- a/pkg/build/nodeimage/defaults.go
+++ b/pkg/build/nodeimage/defaults.go
@@ -20,7 +20,7 @@ package nodeimage
 const DefaultImage = "kindest/node:latest"
 
 // DefaultBaseImage is the default base image used
-const DefaultBaseImage = "kindest/base:v20200602-f5196892"
+const DefaultBaseImage = "kindest/base:v20200610-8102d3ee"
 
 // DefaultMode is the default kubernetes build mode for the built image
 // see pkg/build/kube.Bits

From 99eb061705bc449184ba09cd855652578352e534 Mon Sep 17 00:00:00 2001
From: Benjamin Elder <bentheelder@google.com>
Date: Wed, 10 Jun 2020 12:23:21 -0700
Subject: [PATCH 09/42] also fix umount

---
 images/base/files/usr/local/bin/entrypoint | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/images/base/files/usr/local/bin/entrypoint b/images/base/files/usr/local/bin/entrypoint
index e2cba5a5ca..327040fb1b 100755
--- a/images/base/files/usr/local/bin/entrypoint
+++ b/images/base/files/usr/local/bin/entrypoint
@@ -19,11 +19,11 @@ set -o nounset
 set -o pipefail
 
 fix_mount() {
-  echo 'INFO: ensuring we can execute /bin/mount even with userns-remap' 
+  echo 'INFO: ensuring we can execute mount/umount even with userns-remap' 
   # necessary only when userns-remap is enabled on the host, but harmless
   # The binary /bin/mount should be owned by root and have the setuid bit
-  chown root:root /bin/mount
-  chmod -s /bin/mount
+  chown root:root "$(which mount)" "$(which umount)"
+  chmod -s "$(which mount)" "$(which umount)"
 
   # This is a workaround to an AUFS bug that might cause `Text file
   # busy` on `mount` command below. See more details in

From b314bcf3b704190d6e2df42a29f2841bfff3c1f5 Mon Sep 17 00:00:00 2001
From: Benjamin Elder <bentheelder@google.com>
Date: Wed, 10 Jun 2020 12:28:18 -0700
Subject: [PATCH 10/42] bump base

---
 pkg/build/nodeimage/defaults.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pkg/build/nodeimage/defaults.go b/pkg/build/nodeimage/defaults.go
index f005195caa..724de555da 100644
--- a/pkg/build/nodeimage/defaults.go
+++ b/pkg/build/nodeimage/defaults.go
@@ -20,7 +20,7 @@ package nodeimage
 const DefaultImage = "kindest/node:latest"
 
 // DefaultBaseImage is the default base image used
-const DefaultBaseImage = "kindest/base:v20200610-8102d3ee"
+const DefaultBaseImage = "kindest/base:v20200610-99eb0617"
 
 // DefaultMode is the default kubernetes build mode for the built image
 // see pkg/build/kube.Bits

From a7b408bca966b487bed318e5038685274d00c21b Mon Sep 17 00:00:00 2001
From: Amit Watve <amwat@google.com>
Date: Wed, 10 Jun 2020 15:09:43 -0700
Subject: [PATCH 11/42] Add default cluster.local domains to no proxy.

---
 pkg/cluster/internal/providers/docker/provision.go | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/pkg/cluster/internal/providers/docker/provision.go b/pkg/cluster/internal/providers/docker/provision.go
index e54ff2812c..93926568e0 100644
--- a/pkg/cluster/internal/providers/docker/provision.go
+++ b/pkg/cluster/internal/providers/docker/provision.go
@@ -294,9 +294,12 @@ func getProxyEnv(cfg *config.Cluster, networkName string, nodeNames []string) (m
 
 		noProxyList := append(subnets, envs[common.NOProxy])
 		noProxyList = append(noProxyList, nodeNames...)
-		// Add .svc explicitly to no_proxy to allow in cluster
-		// pod and service dns resolution
-		noProxyList = append(noProxyList, ".svc")
+		// Add pod and service dns names to no_proxy to allow in cluster
+		// Note: this is best effort based on the default CoreDNS spec
+		// https://github.com/kubernetes/dns/blob/master/docs/specification.md
+		// Any user created pod/service hostnames, namespaces, custom DNS services
+		// are expected to be no-proxied by the user explicitly.
+		noProxyList = append(noProxyList, ".svc", ".svc.cluster", ".svc.cluster.local")
 		noProxyJoined := strings.Join(noProxyList, ",")
 		envs[common.NOProxy] = noProxyJoined
 		envs[strings.ToLower(common.NOProxy)] = noProxyJoined

From 747b6d211fc770c5f688666b7946d251e4e5b980 Mon Sep 17 00:00:00 2001
From: Amit Watve <amwat@google.com>
Date: Wed, 10 Jun 2020 15:10:07 -0700
Subject: [PATCH 12/42] Update podman with the no proxy settings.

---
 pkg/cluster/internal/providers/podman/provision.go | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/pkg/cluster/internal/providers/podman/provision.go b/pkg/cluster/internal/providers/podman/provision.go
index 766d5b2db5..2eeee8108d 100644
--- a/pkg/cluster/internal/providers/podman/provision.go
+++ b/pkg/cluster/internal/providers/podman/provision.go
@@ -251,9 +251,16 @@ func getProxyEnv(cfg *config.Cluster) (map[string]string, error) {
 		if err != nil {
 			return nil, err
 		}
-		noProxyList := strings.Join(append(subnets, envs[common.NOProxy]), ",")
-		envs[common.NOProxy] = noProxyList
-		envs[strings.ToLower(common.NOProxy)] = noProxyList
+		noProxyList := append(subnets, envs[common.NOProxy])
+		// Add pod and service dns names to no_proxy to allow in cluster
+		// Note: this is best effort based on the default CoreDNS spec
+		// https://github.com/kubernetes/dns/blob/master/docs/specification.md
+		// Any user created pod/service hostnames, namespaces, custom DNS services
+		// are expected to be no-proxied by the user explicitly.
+		noProxyList = append(noProxyList, ".svc", ".svc.cluster", ".svc.cluster.local")
+		noProxyJoined := strings.Join(noProxyList, ",")
+		envs[common.NOProxy] = noProxyJoined
+		envs[strings.ToLower(common.NOProxy)] = noProxyJoined
 	}
 	return envs, nil
 }

From e6c913bfd84dc226c06a69b68351df79e67884e9 Mon Sep 17 00:00:00 2001
From: Benjamin Elder <bentheelder@google.com>
Date: Tue, 16 Jun 2020 13:05:05 -0700
Subject: [PATCH 13/42] bump containerd to latest nightly

---
 images/base/Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/images/base/Dockerfile b/images/base/Dockerfile
index 0cfa9ca4b5..264019212c 100644
--- a/images/base/Dockerfile
+++ b/images/base/Dockerfile
@@ -23,7 +23,7 @@ FROM ubuntu:20.04
 
 # Configure containerd and runc binaries from kind-ci/containerd-nightlies repository
 # The repository contains latest stable releases and nightlies built for multiple architectures
-ARG CONTAINERD_VERSION="v1.4.0-beta.1-26-g834665d9"
+ARG CONTAINERD_VERSION="v1.4.0-beta.1-34-g49b0743c"
 # Configure CNI binaries from upstream
 ARG CNI_VERSION="v0.8.6"
 # Configure crictl binary from upstream

From ad0abb8eccb32b7b0db30ce58427f984b4e2cde5 Mon Sep 17 00:00:00 2001
From: Benjamin Elder <bentheelder@google.com>
Date: Tue, 16 Jun 2020 13:54:46 -0700
Subject: [PATCH 14/42] bump base image

---
 pkg/build/nodeimage/defaults.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pkg/build/nodeimage/defaults.go b/pkg/build/nodeimage/defaults.go
index 724de555da..4629d43116 100644
--- a/pkg/build/nodeimage/defaults.go
+++ b/pkg/build/nodeimage/defaults.go
@@ -20,7 +20,7 @@ package nodeimage
 const DefaultImage = "kindest/node:latest"
 
 // DefaultBaseImage is the default base image used
-const DefaultBaseImage = "kindest/base:v20200610-99eb0617"
+const DefaultBaseImage = "kindest/base:v20200616-e6c913bf"
 
 // DefaultMode is the default kubernetes build mode for the built image
 // see pkg/build/kube.Bits

From e9677bf76cdf4a60be7de3b0e9259aaab43c1c4f Mon Sep 17 00:00:00 2001
From: Benjamin Elder <bentheelder@google.com>
Date: Wed, 17 Jun 2020 12:12:35 -0700
Subject: [PATCH 15/42] add notice from kubernetes.io to site

---
 site/assets/css/inline.css        | 29 +++++++++++++++++++++++++++++
 site/layouts/partials/navbar.html |  9 ++++++++-
 2 files changed, 37 insertions(+), 1 deletion(-)

diff --git a/site/assets/css/inline.css b/site/assets/css/inline.css
index 51d7d7fee2..f7376a9f0d 100644
--- a/site/assets/css/inline.css
+++ b/site/assets/css/inline.css
@@ -101,6 +101,35 @@ body {
   vertical-align: middle;
 }
 
+#noticebar{
+  padding: 2em;
+}
+#noticebar>* {
+  max-width: 50em;
+  margin-left: auto;
+  margin-right: auto;
+  margin-block-end: 0;
+  margin-block-start: 0;
+}
+
+#noticebar.black {
+  color: white;
+  background: black;
+}
+#noticebar.black a {
+  color: white;
+}
+#navbar.black {
+  color: white;
+  background: black;
+}
+#navbar.black>#sidebar-toggle {
+  color: white;
+}
+#navbar.black>#github {
+  filter: invert(1);
+}
+
 #sidebar {
   height: 100%;
   position: fixed;
diff --git a/site/layouts/partials/navbar.html b/site/layouts/partials/navbar.html
index a4d4173452..821e1a326e 100644
--- a/site/layouts/partials/navbar.html
+++ b/site/layouts/partials/navbar.html
@@ -1,3 +1,10 @@
-<div id="navbar">
+<div id="navbar" class="black">
   <span id="sidebar-toggle" onclick="toggleSidebar()">&#9776;</span><span id="navbar-title"><a href="{{.Site.BaseURL}}">kind</a></span><span id="github"><a href="https://github.com/kubernetes-sigs/kind/"><img alt="github" title="github" src="{{ "third_party/GitHub-Mark-120px-plus.png" | relURL }}"></a></span>
 </div>
+<div id="noticebar" class="black">
+  <div><h2>Black lives matter.</h2></div>
+  <p>We stand in solidarity with the Black community.</p>
+  <p>Racism is unacceptable.</p>
+  <p>It conflicts with <a href="https://git.k8s.io/community/values.md">the core values of the Kubernetes project</a> and our community does not tolerate it.</p>
+  </p>
+</div>

From dd7e3c8d7953e3a4007bfcf9428b42d39ccf8b4a Mon Sep 17 00:00:00 2001
From: Benjamin Elder <bentheelder@google.com>
Date: Wed, 17 Jun 2020 15:11:38 -0700
Subject: [PATCH 16/42] improve link contrast

---
 site/assets/css/inline.css | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/site/assets/css/inline.css b/site/assets/css/inline.css
index f7376a9f0d..036af00a70 100644
--- a/site/assets/css/inline.css
+++ b/site/assets/css/inline.css
@@ -167,7 +167,7 @@ body {
 }
 
 /* consistent link color */
-a { color: #1f28f0; }
+a { color: #326be5; }
 
 /* ensure images don't go off the page */
 #content img { max-width: 100%; }

From 98efd5942e42b456d90cc91251edf3589d31bbac Mon Sep 17 00:00:00 2001
From: Benjamin Elder <bentheelder@google.com>
Date: Wed, 17 Jun 2020 15:12:01 -0700
Subject: [PATCH 17/42] cursor pointer on buttons

---
 site/assets/css/inline.css | 1 +
 1 file changed, 1 insertion(+)

diff --git a/site/assets/css/inline.css b/site/assets/css/inline.css
index 036af00a70..c7d6ec5391 100644
--- a/site/assets/css/inline.css
+++ b/site/assets/css/inline.css
@@ -235,6 +235,7 @@ table.includecode thead th button {
   color: white;
   font-weight: bold;
   margin: .25em;
+  cursor: pointer;
 }
 
 table.includecode pre {

From 9dde290bca0854f366a9b4c0c5142dc7de09c8be Mon Sep 17 00:00:00 2001
From: Benjamin Elder <bentheelder@google.com>
Date: Wed, 17 Jun 2020 16:10:13 -0700
Subject: [PATCH 18/42] suitable mobile margins

---
 site/assets/css/inline.css | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/site/assets/css/inline.css b/site/assets/css/inline.css
index c7d6ec5391..31e1896f03 100644
--- a/site/assets/css/inline.css
+++ b/site/assets/css/inline.css
@@ -47,10 +47,9 @@ body {
 }
 
 #content, .footer {
-  padding-left: .2em;
   margin: 0 auto;
-  padding: 0 4px;
-  width: calc(100% - 8px);
+  padding: 0 1em;
+  width: calc(100% - 2em);
   max-width: 50em;
 }
 

From 58c1816c96414abe0a3b10e517729e93d6b50196 Mon Sep 17 00:00:00 2001
From: Benjamin Elder <bentheelder@google.com>
Date: Wed, 17 Jun 2020 16:10:53 -0700
Subject: [PATCH 19/42] button color consistent with link color

---
 site/assets/css/inline.css | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/site/assets/css/inline.css b/site/assets/css/inline.css
index 31e1896f03..b13c10fd32 100644
--- a/site/assets/css/inline.css
+++ b/site/assets/css/inline.css
@@ -229,7 +229,7 @@ table.includecode thead th {
 }
 
 table.includecode thead th button {
-  background: blue;
+  background: #326be5;
   border: 1px solid white;
   color: white;
   font-weight: bold;

From d416c519377989fffd58c24094a80e579441e5f6 Mon Sep 17 00:00:00 2001
From: Benjamin Elder <bentheelder@google.com>
Date: Wed, 17 Jun 2020 16:13:13 -0700
Subject: [PATCH 20/42] use 0.8.1 in index

---
 site/content/_index.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/site/content/_index.md b/site/content/_index.md
index af21da66ac..a4a80c80ea 100644
--- a/site/content/_index.md
+++ b/site/content/_index.md
@@ -6,7 +6,7 @@ tile: kind
 [kind] is a tool for running local Kubernetes clusters using Docker container "nodes".  
 kind was primarily designed for testing Kubernetes itself, but may be used for local development or CI.
 
-If you have [go] \([1.11+][go-supported]) and [docker] installed `GO111MODULE="on" go get sigs.k8s.io/kind@v0.8.0 && kind create cluster` is all you need!
+If you have [go] \([1.11+][go-supported]) and [docker] installed `GO111MODULE="on" go get sigs.k8s.io/kind@v0.8.1 && kind create cluster` is all you need!
 
 <img src="images/kind-create-cluster.png" />
 

From ae62f601beb344e672238b7108bc71d53938a042 Mon Sep 17 00:00:00 2001
From: Benjamin Elder <bentheelder@google.com>
Date: Wed, 17 Jun 2020 16:13:40 -0700
Subject: [PATCH 21/42] yaml link

---
 site/content/docs/user/configuration.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/site/content/docs/user/configuration.md b/site/content/docs/user/configuration.md
index 95fd1b99f3..4bc6b3eef6 100644
--- a/site/content/docs/user/configuration.md
+++ b/site/content/docs/user/configuration.md
@@ -269,3 +269,5 @@ nodes:
       kubeletExtraArgs:
         node-labels: "my-label3=true"
 {{< /codeFromInline >}}
+
+[YAML]: https://yaml.org/
\ No newline at end of file

From 8ab7f5d31019ab100cea54eff8ec4c0ec385f84d Mon Sep 17 00:00:00 2001
From: Benjamin Elder <bentheelder@google.com>
Date: Wed, 17 Jun 2020 16:20:33 -0700
Subject: [PATCH 22/42] add known issue for firewalld

---
 site/content/docs/user/known-issues.md | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

diff --git a/site/content/docs/user/known-issues.md b/site/content/docs/user/known-issues.md
index b9cc278d56..03f5009de7 100644
--- a/site/content/docs/user/known-issues.md
+++ b/site/content/docs/user/known-issues.md
@@ -32,6 +32,7 @@ It may additionally be helpful to:
 * [Chrome OS](#chrome-os)
 * [AppArmor](#apparmor)
 * [IPv6 port forwarding](#ipv6-port-forwarding)
+* [Fedora 32 Firewalld](#fedora32-firewalld)
 
 ## Kubectl Version Skew
 
@@ -358,6 +359,21 @@ your workloads inside the cluster via the nodes IPv6 addresses.
 
 See Previous Discussion: [kind#1326]
 
+## Fedora32 Firewalld
+
+On Fedora 32 [firewalld] moved to nftables backend by default.
+This seems to be incompatible with Docker, leading to KIND cluster nodes not
+being able to reach each other.
+
+You can work around this by changing the `FirewallBackend` in the `/etc/firewalld/firewalld.conf ` file from `nftables` to `iptables` and restarting docker.
+
+```console
+sed -i /etc/firewalld/firewalld.conf 's/FirewallBackend=.*/FirewallBackend=iptables/'
+systemctl restart docker
+```
+
+See [#1547 (comment)](https://github.com/kubernetes-sigs/kind/issues/1547#issuecomment-623756313)
+
 [issue tracker]: https://github.com/kubernetes-sigs/kind/issues
 [file an issue]: https://github.com/kubernetes-sigs/kind/issues/new
 [#kind]: https://kubernetes.slack.com/messages/CEKK1KTN2/
@@ -382,4 +398,4 @@ See Previous Discussion: [kind#1326]
 [version skew]: https://kubernetes.io/docs/setup/release/version-skew-policy/#supported-version-skew
 [Quick Start]: /docs/user/quick-start
 [AppArmor]: https://en.wikipedia.org/wiki/AppArmor
-
+[firewalld]: https://firewalld.org/

From ede9e8413efb18f30368d8e39b22c90c306fe01f Mon Sep 17 00:00:00 2001
From: Benjamin Elder <bentheelder@google.com>
Date: Wed, 17 Jun 2020 16:22:13 -0700
Subject: [PATCH 23/42] fix link in contents

---
 site/content/docs/user/known-issues.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/site/content/docs/user/known-issues.md b/site/content/docs/user/known-issues.md
index 03f5009de7..a160a0bd2e 100644
--- a/site/content/docs/user/known-issues.md
+++ b/site/content/docs/user/known-issues.md
@@ -23,7 +23,7 @@ It may additionally be helpful to:
 * [Docker Installed With Snap](#docker-installed-with-snap)
 * [Failing to apply overlay network](#failing-to-apply-overlay-network)
 * [Failure to build node image](#failure-to-build-node-image)
-* [Failing to properly start cluster](#failure-to-properly-start-cluster)
+* [Failing to properly start cluster](#failing-to-properly-start-cluster)
 * [Pod errors due to "too many open files"](#pod-errors-due-to-too-many-open-files)
 * [Docker permission denied](#docker-permission-denied)
 * [Windows Containers](#windows-containers)

From 20e838dd57991eab08b61247e5cda324975dc770 Mon Sep 17 00:00:00 2001
From: Benjamin Elder <bentheelder@google.com>
Date: Wed, 17 Jun 2020 16:22:49 -0700
Subject: [PATCH 24/42] kind works on btrfs / zfs now

---
 site/content/docs/user/known-issues.md | 26 --------------------------
 1 file changed, 26 deletions(-)

diff --git a/site/content/docs/user/known-issues.md b/site/content/docs/user/known-issues.md
index a160a0bd2e..3710a67471 100644
--- a/site/content/docs/user/known-issues.md
+++ b/site/content/docs/user/known-issues.md
@@ -19,7 +19,6 @@ It may additionally be helpful to:
 ## Contents
 * [kubectl version skew](#kubectl-version-skew)
 * [Older Docker Installations](#older-docker-installations)
-* [Docker on Btrfs or ZFS](#docker-on-btrfs-or-zfs)
 * [Docker Installed With Snap](#docker-installed-with-snap)
 * [Failing to apply overlay network](#failing-to-apply-overlay-network)
 * [Failure to build node image](#failure-to-build-node-image)
@@ -82,31 +81,6 @@ With these versions you must use Kubernetes >= 1.14, or more ideally upgrade Doc
 
 kind is tested with a recent stable `docker-ce` release.
 
-## Docker on Btrfs or ZFS
-
-`kind` cannot run properly if containers on your machine / host are backed by a
-[Btrfs](https://en.wikipedia.org/wiki/Btrfs) or [ZFS](https://en.wikipedia.org/wiki/ZFS)
-filesystem.
-
-This should only be relevant on Linux, on which you can check with:
-
-{{< codeFromInline lang="bash" >}}
-docker info | grep -i storage
-{{< /codeFromInline >}}
-
-As a workaround, you'll need to ensure that the storage driver is one that works.
-Docker's default of `overlay2` is a good choice, but `aufs` should also work.
-
-You can set the storage driver with the following configuration in `/etc/docker/daemon.json`:
-
-```
-{
-  "storage-driver": "overlay2"
-}
-```
-
-After restarting the Docker daemon you should see that Docker is now using the `overlay2` storage driver instead of `btrfs`.
-
 
 **NOTE**: You'll need to make sure the backing filesystem is not btrfs / ZFS as well,
 which may require creating a partition on your host disk with a suitable filesystem and ensuring Docker's

From 2277fdaa04a8fc3d04031422c6fcf594a19803f5 Mon Sep 17 00:00:00 2001
From: Benjamin Elder <bentheelder@google.com>
Date: Wed, 17 Jun 2020 16:24:08 -0700
Subject: [PATCH 25/42] overlay network comments no longer apply

---
 site/content/docs/user/known-issues.md | 37 --------------------------
 1 file changed, 37 deletions(-)

diff --git a/site/content/docs/user/known-issues.md b/site/content/docs/user/known-issues.md
index 3710a67471..c1c2b10ec0 100644
--- a/site/content/docs/user/known-issues.md
+++ b/site/content/docs/user/known-issues.md
@@ -20,7 +20,6 @@ It may additionally be helpful to:
 * [kubectl version skew](#kubectl-version-skew)
 * [Older Docker Installations](#older-docker-installations)
 * [Docker Installed With Snap](#docker-installed-with-snap)
-* [Failing to apply overlay network](#failing-to-apply-overlay-network)
 * [Failure to build node image](#failure-to-build-node-image)
 * [Failing to properly start cluster](#failing-to-properly-start-cluster)
 * [Pod errors due to "too many open files"](#pod-errors-due-to-too-many-open-files)
@@ -96,42 +95,6 @@ Currently a workaround for this is setting the `TEMPDIR` environment variable to
 a directory snap does have access to when working with kind.
 This can for example be some directory under `$HOME`.
 
-## Failing to apply overlay network
-There are two known causes for problems while applying the overlay network
-while building a kind cluster:
-
-* Host machine is behind a proxy
-* Usage of Docker version 18.09
-
-If you see something like the following error message:
-```
- ✗ [kind-1-control-plane] Starting Kubernetes (this may take a minute) ☸
-FATA[07:20:43] Failed to create cluster: failed to apply overlay network: exit status 1
-```
-
-or the following, when setting the `loglevel` flag to debug,
-```
-DEBU[16:26:53] Running: /usr/bin/docker [docker exec --privileged kind-1-control-plane /bin/sh -c kubectl apply --kubeconfig=/etc/kubernetes/admin.conf -f "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version --kubeconfig=/etc/kubernetes/admin.conf | base64 | tr -d '\n')"]
-ERRO[16:28:25] failed to apply overlay network: exit status 1 ) ☸
- ✗ [control-plane] Starting Kubernetes (this may take a minute) ☸
-ERRO[16:28:25] failed to apply overlay network: exit status 1
-DEBU[16:28:25] Running: /usr/bin/docker [docker ps -q -a --no-trunc --filter label=io.k8s.sigs.kind.cluster --format {{.Names}}\t{{.Label "io.k8s.sigs.kind.cluster"}} --filter label=io.k8s.sigs.kind.cluster=1]
-DEBU[16:28:25] Running: /usr/bin/docker [docker rm -f -v kind-1-control-plane]
-⠈⠁ [control-plane] Pre-loading images 🐋 Error: failed to create cluster: failed to apply overlay network: exit status 1
-```
-
-The issue may be due to your host machine being behind a proxy, such as in
-[kind#136][kind#136].
-We are currently looking into ways of mitigating this issue by preloading CNI
-artifacts, see [kind#200][kind#200].
-Another possible solution is to enable kind nodes to use a proxy when
-downloading images, see [kind#270][kind#270].
-
-The last known case for this issue comes from the host machine 
-[using Docker 18.09 in kind#136][kind#136-docker]. 
-In this case, a known solution is to upgrade to any Docker version greater than or
-equal to Docker 18.09.1.
-
 
 ## Failure to build node image
 Building kind's node image may fail due to running out of memory on Docker for Mac or Docker for Windows.

From 2207aa5cd8af810d35455d517f34910d53d678ab Mon Sep 17 00:00:00 2001
From: Benjamin Elder <bentheelder@google.com>
Date: Wed, 17 Jun 2020 16:34:09 -0700
Subject: [PATCH 26/42] add very short TLDR to each known issue

---
 site/content/docs/user/known-issues.md | 29 +++++++++++++-------------
 1 file changed, 15 insertions(+), 14 deletions(-)

diff --git a/site/content/docs/user/known-issues.md b/site/content/docs/user/known-issues.md
index c1c2b10ec0..ff86328dc7 100644
--- a/site/content/docs/user/known-issues.md
+++ b/site/content/docs/user/known-issues.md
@@ -17,20 +17,20 @@ It may additionally be helpful to:
 - reach out and ask for help in [#kind] on the [kubernetes slack]
 
 ## Contents
-* [kubectl version skew](#kubectl-version-skew)
-* [Older Docker Installations](#older-docker-installations)
-* [Docker Installed With Snap](#docker-installed-with-snap)
-* [Failure to build node image](#failure-to-build-node-image)
-* [Failing to properly start cluster](#failing-to-properly-start-cluster)
-* [Pod errors due to "too many open files"](#pod-errors-due-to-too-many-open-files)
-* [Docker permission denied](#docker-permission-denied)
-* [Windows Containers](#windows-containers)
-* [Non-AMD64 Architectures](#nonamd64-architectures)
-* [Unable to pull images](#unable-to-pull-images)
-* [Chrome OS](#chrome-os)
-* [AppArmor](#apparmor)
-* [IPv6 port forwarding](#ipv6-port-forwarding)
-* [Fedora 32 Firewalld](#fedora32-firewalld)
+* [Kubectl Version Skew](#kubectl-version-skew) (Kubernetes limits supported version skew)
+* [Older Docker Installations](#older-docker-installations) (untested, known to have bugs)
+* [Docker Installed With Snap](#docker-installed-with-snap) (snap filesystem restrictions problematic)
+* [Failure to Build Node Image](#failure-to-build-node-image) (usually need to increase resources)
+* [Failing to Properly Start Cluster](#failing-to-properly-start-cluster) (various causes)
+* [Pod Errors Due to "too many open files"](#pod-errors-due-to-too-many-open-files) (likely [inotify] limits which are not namespaced)
+* [Docker Permission Denied](#docker-permission-denied) (ensure you have permission to use docker)
+* [Windows Containers](#windows-containers) (unsupported / infeasible)
+* [Non-AMD64 Architectures](#nonamd64-architectures) (images not pre-built yet)
+* [Unable to Pull Images](#unable-to-pull-images) (various)
+* [Chrome OS](#chrome-os) (unsupported)
+* [AppArmor](#apparmor) (may break things, consider disabling)
+* [IPv6 Port Forwarding](#ipv6-port-forwarding) (docker doesn't seem to implement this correctly)
+* [Fedora 32 Firewalld](#fedora32-firewalld) (nftables + docker broken, switch to iptables)
 
 ## Kubectl Version Skew
 
@@ -336,3 +336,4 @@ See [#1547 (comment)](https://github.com/kubernetes-sigs/kind/issues/1547#issuec
 [Quick Start]: /docs/user/quick-start
 [AppArmor]: https://en.wikipedia.org/wiki/AppArmor
 [firewalld]: https://firewalld.org/
+[inotify]: https://en.wikipedia.org/wiki/Inotify

From 54a68a2be36cb5e47cc86010c3762ae560fc4d37 Mon Sep 17 00:00:00 2001
From: Benjamin Elder <bentheelder@google.com>
Date: Wed, 17 Jun 2020 16:34:47 -0700
Subject: [PATCH 27/42] finish cleaning up zfs/btrfs references

---
 site/content/docs/user/known-issues.md | 13 -------------
 1 file changed, 13 deletions(-)

diff --git a/site/content/docs/user/known-issues.md b/site/content/docs/user/known-issues.md
index ff86328dc7..fb03abcd48 100644
--- a/site/content/docs/user/known-issues.md
+++ b/site/content/docs/user/known-issues.md
@@ -80,11 +80,6 @@ With these versions you must use Kubernetes >= 1.14, or more ideally upgrade Doc
 
 kind is tested with a recent stable `docker-ce` release.
 
-
-**NOTE**: You'll need to make sure the backing filesystem is not btrfs / ZFS as well,
-which may require creating a partition on your host disk with a suitable filesystem and ensuring Docker's
-data root is on this (by default `/var/lib/docker`). Ext4 is a reasonable choice.
-
 ## Docker Installed with Snap
 
 If you installed Docker with [snap], it is likely that `docker` commands do not
@@ -197,14 +192,6 @@ Dec 07 00:37:53 kind-1-control-plane kubelet[688]: I1207 00:37:53.229561     688
 Dec 07 00:37:53 kind-1-control-plane kubelet[688]: E1207 00:37:53.229638     688 eviction_manager.go:351] eviction manager: eviction thresholds have been met, but no pods are active to evict
 ```
 
-If on the other hand you are running kind on a btrfs partition and your logs
-show something like the following:
-```
-F0103 17:42:41.470269 3804 kubelet.go:1359] Failed to start ContainerManager failed to get rootfs info: failed to get device for dir "/ var/lib/kubelet": could not find device with major: 0, minor: 67 in cached partitions map
-```
-
-This problem seems to be related to a [bug in Docker][moby#9939].
-
 ## Pod errors due to "too many open files"
 
 This may be caused by running out of [inotify](https://linux.die.net/man/7/inotify) resources. Resource limits are defined by `fs.inotify.max_user_watches` and `fs.inotify.max_user_instances` system variables. For example, in Ubuntu these default to 8192 and 128 respectively, which is not enough to create a cluster with many nodes.

From aacbe4cad1a6b51d908f1eeff0e0b44cee511168 Mon Sep 17 00:00:00 2001
From: Benjamin Elder <bentheelder@google.com>
Date: Wed, 17 Jun 2020 17:27:47 -0700
Subject: [PATCH 28/42] upgrade core dependencies

---
 go.mod |  7 ++++---
 go.sum | 18 +++++++++++-------
 2 files changed, 15 insertions(+), 10 deletions(-)

diff --git a/go.mod b/go.mod
index d191ca84bf..64aababbcf 100644
--- a/go.mod
+++ b/go.mod
@@ -7,11 +7,12 @@ require (
 	github.com/alessio/shellescape v1.2.2
 	github.com/evanphx/json-patch/v5 v5.0.0
 	github.com/mattn/go-isatty v0.0.12
-	github.com/pelletier/go-toml v1.7.0
+	github.com/pelletier/go-toml v1.8.0
 	github.com/pkg/errors v0.9.1
 	github.com/spf13/cobra v1.0.0
 	github.com/spf13/pflag v1.0.5
-	gopkg.in/yaml.v3 v3.0.0-20200121175148-a6ecf24a6d71
-	k8s.io/apimachinery v0.18.2
+	golang.org/x/sys v0.0.0-20200615200032-f1bc736245b1 // indirect
+	gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776
+	k8s.io/apimachinery v0.18.4
 	sigs.k8s.io/yaml v1.2.0
 )
diff --git a/go.sum b/go.sum
index 65db11d103..c07e771d8b 100644
--- a/go.sum
+++ b/go.sum
@@ -111,8 +111,8 @@ github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGV
 github.com/onsi/gomega v1.7.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY=
 github.com/pelletier/go-toml v1.2.0 h1:T5zMGML61Wp+FlcbWjRDT7yAxhJNAiPPLOFECq181zc=
 github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic=
-github.com/pelletier/go-toml v1.7.0 h1:7utD74fnzVc/cpcyy8sjrlFr5vYpypUixARcHIMIGuI=
-github.com/pelletier/go-toml v1.7.0/go.mod h1:vwGMzjaWMwyfHwgIBhI2YUM4fB6nL6lVAvS1LBMMhTE=
+github.com/pelletier/go-toml v1.8.0 h1:Keo9qb7iRJs2voHvunFtuuYFsbWeOBh8/P9v/kVMFtw=
+github.com/pelletier/go-toml v1.8.0/go.mod h1:D6yutnOGMveHEPV7VQOuvI/gXY61bv+9bAOTRnLElKs=
 github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
@@ -182,6 +182,8 @@ golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5h
 golang.org/x/sys v0.0.0-20191022100944-742c48ecaeb7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200116001909-b77594299b42 h1:vEOn+mP2zCOVzKckCZy6YsCtDblrpj/w7B9nxGNELpg=
 golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200615200032-f1bc736245b1 h1:ogLJMz+qpzav7lGMh10LMvAkM/fAoGlaiiHYiFYdm80=
+golang.org/x/sys v0.0.0-20200615200032-f1bc736245b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/text v0.0.0-20160726164857-2910a502d2bf/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
@@ -209,15 +211,17 @@ gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10=
 gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
-gopkg.in/yaml.v3 v3.0.0-20200121175148-a6ecf24a6d71 h1:Xe2gvTZUJpsvOWUnvmL/tmhVBZUmHSvLbMjRj6NUUKo=
-gopkg.in/yaml.v3 v3.0.0-20200121175148-a6ecf24a6d71/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gopkg.in/yaml.v2 v2.3.0 h1:clyUAQHOM3G0M3f5vQj7LuJrETvjVot3Z5el9nffUtU=
+gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776 h1:tQIYjPdBoyREyB9XMu+nnTclpTYkz2zFM+lzLJFO4gQ=
+gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
-k8s.io/apimachinery v0.18.2 h1:44CmtbmkzVDAhCpRVSiP2R5PPrC2RtlIv/MoB8xpdRA=
-k8s.io/apimachinery v0.18.2/go.mod h1:9SnR/e11v5IbyPCGbvJViimtJ0SwHG4nfZFjU77ftcA=
+k8s.io/apimachinery v0.18.4 h1:ST2beySjhqwJoIFk6p7Hp5v5O0hYY6Gngq/gUYXTPIA=
+k8s.io/apimachinery v0.18.4/go.mod h1:OaXp26zu/5J7p0f92ASynJa1pZo06YlV9fG7BoWbCko=
 k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0=
 k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk=
 k8s.io/klog v1.0.0/go.mod h1:4Bi6QPql/J/LkTDqv7R/cd3hPo4k2DG6Ptcz060Ez5I=
-k8s.io/kube-openapi v0.0.0-20200121204235-bf4fb3bd569c/go.mod h1:GRQhZsXIAJ1xR0C9bd8UpWHZ5plfAS9fzPjJuQ6JL3E=
+k8s.io/kube-openapi v0.0.0-20200410145947-61e04a5be9a6/go.mod h1:GRQhZsXIAJ1xR0C9bd8UpWHZ5plfAS9fzPjJuQ6JL3E=
 sigs.k8s.io/structured-merge-diff/v3 v3.0.0-20200116222232-67a7b8c61874/go.mod h1:PlARxl6Hbt/+BC80dRLi1qAmnMqwqDg62YvvVkZjemw=
 sigs.k8s.io/structured-merge-diff/v3 v3.0.0/go.mod h1:PlARxl6Hbt/+BC80dRLi1qAmnMqwqDg62YvvVkZjemw=
 sigs.k8s.io/yaml v1.1.0 h1:4A07+ZFc2wgJwo8YNlQpr1rVlgUDlxXHhPJciaPY5gs=

From ee11f79640c4090562605008733aca3a444350fb Mon Sep 17 00:00:00 2001
From: Benjamin Elder <bentheelder@google.com>
Date: Wed, 17 Jun 2020 17:40:06 -0700
Subject: [PATCH 29/42] update kindnetd packages

---
 images/kindnetd/go.mod |  43 ++++----
 images/kindnetd/go.sum | 237 ++++++++++++++++++++++++++++++++++++-----
 2 files changed, 228 insertions(+), 52 deletions(-)

diff --git a/images/kindnetd/go.mod b/images/kindnetd/go.mod
index f1e81c7600..19fff32078 100644
--- a/images/kindnetd/go.mod
+++ b/images/kindnetd/go.mod
@@ -3,28 +3,23 @@ module sigs.k8s.io/kind/images/kindnetd
 go 1.13
 
 require (
-	github.com/coreos/go-iptables v0.4.3
-	github.com/gogo/protobuf v1.2.1 // indirect
-	github.com/golang/protobuf v1.3.1 // indirect
-	github.com/google/gofuzz v1.0.0 // indirect
-	github.com/googleapis/gnostic v0.2.0 // indirect
-	github.com/json-iterator/go v1.1.6 // indirect
-	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
-	github.com/modern-go/reflect2 v1.0.1 // indirect
-	github.com/pkg/errors v0.8.1
-	github.com/spf13/pflag v1.0.5 // indirect
-	github.com/vishvananda/netlink v1.0.0
-	github.com/vishvananda/netns v0.0.0-20180720170159-13995c7128cc // indirect
-	golang.org/x/crypto v0.0.0-20190506204251-e1dfcc566284 // indirect
-	golang.org/x/net v0.0.0-20190509222800-a4d6f7feada5 // indirect
-	golang.org/x/oauth2 v0.0.0-20190402181905-9f3314589c9a // indirect
-	golang.org/x/time v0.0.0-20190308202827-9d24e82272b4 // indirect
-	gopkg.in/inf.v0 v0.9.1 // indirect
-	gopkg.in/yaml.v2 v2.2.2 // indirect
-	k8s.io/api v0.0.0-20190409021203-6e4e0e4f393b
-	k8s.io/apimachinery v0.0.0-20190404173353-6a84e37a896d
-	k8s.io/client-go v11.0.0+incompatible
-	k8s.io/klog v0.3.0
-	k8s.io/utils v0.0.0-20190506122338-8fab8cb257d5
-	sigs.k8s.io/yaml v1.1.0 // indirect
+	github.com/coreos/go-iptables v0.4.5
+	github.com/json-iterator/go v1.1.10 // indirect
+	github.com/pkg/errors v0.9.1
+	github.com/vishvananda/netlink v1.1.0
+	github.com/vishvananda/netns v0.0.0-20200520041808-52d707b772fe // indirect
+	golang.org/x/crypto v0.0.0-20200604202706-70a84ac30bf9 // indirect
+	golang.org/x/net v0.0.0-20200602114024-627f9648deb9 // indirect
+	golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d // indirect
+	golang.org/x/sys v0.0.0-20200615200032-f1bc736245b1 // indirect
+	golang.org/x/text v0.3.3 // indirect
+	golang.org/x/time v0.0.0-20200416051211-89c76fbcd5d1 // indirect
+	google.golang.org/appengine v1.6.6 // indirect
+	google.golang.org/protobuf v1.24.0 // indirect
+	gopkg.in/yaml.v2 v2.3.0 // indirect
+	k8s.io/api v0.18.4
+	k8s.io/apimachinery v0.18.4
+	k8s.io/client-go v0.18.4
+	k8s.io/klog v1.0.0
+	k8s.io/utils v0.0.0-20200603063816-c1c6865ac451
 )
diff --git a/images/kindnetd/go.sum b/images/kindnetd/go.sum
index 5227417655..9bec104860 100644
--- a/images/kindnetd/go.sum
+++ b/images/kindnetd/go.sum
@@ -1,76 +1,257 @@
+cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
 cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
-github.com/coreos/go-iptables v0.4.3 h1:jJg1aFuhCqWbgBl1VTqgTHG5faPM60A5JDMjQ2HYv+A=
-github.com/coreos/go-iptables v0.4.3/go.mod h1:/mVI274lEDI2ns62jHCDnCyBF9Iwsmekav8Dbxlm1MU=
+cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU=
+github.com/Azure/go-autorest/autorest v0.9.0/go.mod h1:xyHB1BMZT0cuDHU7I0+g046+BFDTQ8rEZB0s4Yfa6bI=
+github.com/Azure/go-autorest/autorest/adal v0.5.0/go.mod h1:8Z9fGy2MpX0PvDjB1pEgQTmVqjGhiHBW7RJJEciWzS0=
+github.com/Azure/go-autorest/autorest/date v0.1.0/go.mod h1:plvfp3oPSKwf2DNjlBjWF/7vwR+cUD/ELuzDCXwHUVA=
+github.com/Azure/go-autorest/autorest/mocks v0.1.0/go.mod h1:OTyCOPRA2IgIlWxVYxBee2F5Gr4kF2zd2J5cFRaIDN0=
+github.com/Azure/go-autorest/autorest/mocks v0.2.0/go.mod h1:OTyCOPRA2IgIlWxVYxBee2F5Gr4kF2zd2J5cFRaIDN0=
+github.com/Azure/go-autorest/logger v0.1.0/go.mod h1:oExouG+K6PryycPJfVSxi/koC6LSNgds39diKLz7Vrc=
+github.com/Azure/go-autorest/tracing v0.5.0/go.mod h1:r/s2XiOKccPW3HrqB+W0TQzfbtp2fGCgRFtBroKn4Dk=
+github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
+github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ=
+github.com/PuerkitoBio/purell v1.0.0/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0=
+github.com/PuerkitoBio/urlesc v0.0.0-20160726150825-5bd2802263f2/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE=
+github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
+github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
+github.com/coreos/go-iptables v0.4.5 h1:DpHb9vJrZQEFMcVLFKAAGMUVX0XoRC0ptCthinRYm38=
+github.com/coreos/go-iptables v0.4.5/go.mod h1:/mVI274lEDI2ns62jHCDnCyBF9Iwsmekav8Dbxlm1MU=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/gogo/protobuf v1.2.1 h1:/s5zKNz0uPFCZ5hddgPdo2TK2TVrUNMn0OOX8/aZMTE=
-github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4=
+github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ=
+github.com/docker/spdystream v0.0.0-20160310174837-449fdfce4d96/go.mod h1:Qh8CwZgvJUkLughtfhJv5dyTYa91l1fOUCrgjqmcifM=
+github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc=
+github.com/emicklei/go-restful v0.0.0-20170410110728-ff4f55a20633/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs=
+github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
+github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
+github.com/evanphx/json-patch v4.2.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk=
+github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
+github.com/ghodss/yaml v0.0.0-20150909031657-73d445a93680/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
+github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas=
+github.com/go-openapi/jsonpointer v0.0.0-20160704185906-46af16f9f7b1/go.mod h1:+35s3my2LFTysnkMfxsJBAMHj/DoqoB9knIWoYG/Vk0=
+github.com/go-openapi/jsonreference v0.0.0-20160704190145-13c6e3589ad9/go.mod h1:W3Z9FmVs9qj+KR4zFKmDPGiLdk1D9Rlm7cyMvf57TTg=
+github.com/go-openapi/spec v0.0.0-20160808142527-6aced65f8501/go.mod h1:J8+jY1nAiCcj+friV/PDoE1/3eeccG9LYBs0tYvLOWc=
+github.com/go-openapi/swag v0.0.0-20160704191624-1d0bd113de87/go.mod h1:DXUve3Dpr1UfpPtxFw+EFuQ41HhCWZfha5jSVRG7C7I=
+github.com/gogo/protobuf v1.3.1 h1:DqDEcV5aeaTmdFBePNpYsp3FlcVH/2ISVVM9Qf8PSls=
+github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o=
+github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
+github.com/golang/groupcache v0.0.0-20160516000752-02826c3e7903/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
+github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
+github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
+github.com/golang/protobuf v0.0.0-20161109072736-4bd1920723d7/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
 github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
 github.com/golang/protobuf v1.3.1 h1:YF8+flBXS5eO826T4nzqPrxfhQThhXl0YzfuUPu4SBg=
 github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
+github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
+github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8=
+github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA=
+github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs=
+github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w=
+github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0=
+github.com/golang/protobuf v1.4.1 h1:ZFgWrT+bLgsYPirOnRfKLYJLvssAegOj/hgyMFdJZe0=
+github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8=
+github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
+github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
+github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
+github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
+github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
+github.com/google/go-cmp v0.4.0 h1:xsAVV57WRhGj6kEIi8ReJzQlHHqcBYCElAvkovg3B/4=
+github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/gofuzz v1.0.0 h1:A8PeW59pxE9IoFRqBp37U+mSNaQoZ46F1f0f863XSXw=
 github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
-github.com/googleapis/gnostic v0.2.0 h1:l6N3VoaVzTncYYW+9yOz2LJJammFZGBO13sqgEhpy9g=
-github.com/googleapis/gnostic v0.2.0/go.mod h1:sJBsCZ4ayReDTBIg8b9dl28c5xFWyhBTVRp3pOg5EKY=
+github.com/google/gofuzz v1.1.0 h1:Hsa8mG0dQ46ij8Sl2AYJDUv1oA9/d6Vk+3LG99Oe02g=
+github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
+github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs=
+github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
+github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg=
+github.com/googleapis/gnostic v0.0.0-20170729233727-0c5108395e2d/go.mod h1:sJBsCZ4ayReDTBIg8b9dl28c5xFWyhBTVRp3pOg5EKY=
+github.com/googleapis/gnostic v0.1.0 h1:rVsPeBmXbYv4If/cumu1AzZPwV58q433hvONV1UEZoI=
+github.com/googleapis/gnostic v0.1.0/go.mod h1:sJBsCZ4ayReDTBIg8b9dl28c5xFWyhBTVRp3pOg5EKY=
+github.com/gophercloud/gophercloud v0.1.0/go.mod h1:vxM41WHh5uqHVBMZHzuwNOHh8XEoIEcSTewFxm1c5g8=
+github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA=
+github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
+github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
+github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
+github.com/imdario/mergo v0.3.5/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA=
 github.com/json-iterator/go v1.1.6 h1:MrUvLMLTMxbqFJ9kzlvat/rYZqZnW3u4wkLzWTaFwKs=
 github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU=
-github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q=
+github.com/json-iterator/go v1.1.8/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
+github.com/json-iterator/go v1.1.10 h1:Kz6Cvnvv2wGdaG/V8yMvfkmNiXq9Ya2KUv4rouJJr68=
+github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
+github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU=
+github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00=
 github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
+github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI=
+github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
+github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
+github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE=
+github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
+github.com/mailru/easyjson v0.0.0-20160728113105-d5b7844b561a/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
+github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
 github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg=
 github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
+github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
 github.com/modern-go/reflect2 v1.0.1 h1:9f412s+6RmYXLWZSEzVVgPGK7C2PphHj5RJrvfx9AWI=
 github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
-github.com/pkg/errors v0.8.1 h1:iURUrRGxPUNPdy5/HRSm+Yj6okJ6UtLINN0Q9M4+h3I=
-github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
+github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
+github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw=
+github.com/onsi/ginkgo v0.0.0-20170829012221-11459a886d9c/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
+github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
+github.com/onsi/ginkgo v1.11.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
+github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA=
+github.com/onsi/gomega v1.7.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY=
+github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU=
+github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
+github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
 github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk=
+github.com/spf13/pflag v0.0.0-20170130214245-9ff6c6923cff/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
 github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
 github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/testify v1.3.0 h1:TivCn/peBQ7UY8ooIcPgZFpTNSz0Q2U6UrFlUfqbe0Q=
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
-github.com/vishvananda/netlink v1.0.0 h1:bqNY2lgheFIu1meHUFSH3d7vG93AFyqg3oGbJCOJgSM=
-github.com/vishvananda/netlink v1.0.0/go.mod h1:+SR5DhBJrl6ZM7CoCKvpw5BKroDKQ+PJqOg65H/2ktk=
-github.com/vishvananda/netns v0.0.0-20180720170159-13995c7128cc h1:R83G5ikgLMxrBvLh22JhdfI8K6YXEPHx5P03Uu3DRs4=
-github.com/vishvananda/netns v0.0.0-20180720170159-13995c7128cc/go.mod h1:ZjcWmFBXmLKZu9Nxj3WKYEafiSqer2rnvPr0en9UNpI=
+github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk=
+github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
+github.com/vishvananda/netlink v1.1.0 h1:1iyaYNBLmP6L0220aDnYQpo1QEV4t4hJ+xEEhhJH8j0=
+github.com/vishvananda/netlink v1.1.0/go.mod h1:cTgwzPIzzgDAYoQrMm0EdrjRUBkTqKYppBueQtXaqoE=
+github.com/vishvananda/netns v0.0.0-20191106174202-0a2b9b5464df/go.mod h1:JP3t17pCcGlemwknint6hfoeCVQrEMVwxRLRjXpq+BU=
+github.com/vishvananda/netns v0.0.0-20200520041808-52d707b772fe h1:mjAZxE1nh8yvuwhGHpdDqdhtNu2dgbpk93TwoXuk5so=
+github.com/vishvananda/netns v0.0.0-20200520041808-52d707b772fe/go.mod h1:DD4vA1DwXk04H54A1oHXtwZmA0grkVMdPxx/VGLCah0=
+go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU=
+golang.org/x/crypto v0.0.0-20190211182817-74369b46fc67/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
-golang.org/x/crypto v0.0.0-20190506204251-e1dfcc566284 h1:rlLehGeYg6jfoyz/eDqDU1iRXLKfR42nnNh57ytKEWo=
-golang.org/x/crypto v0.0.0-20190506204251-e1dfcc566284/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+golang.org/x/crypto v0.0.0-20200220183623-bac4c82f6975/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+golang.org/x/crypto v0.0.0-20200604202706-70a84ac30bf9 h1:vEg9joUBmeBcK9iSJftGNf3coIG4HqZElCPehJsfAYM=
+golang.org/x/crypto v0.0.0-20200604202706-70a84ac30bf9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
+golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
+golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
+golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
+golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
+golang.org/x/net v0.0.0-20170114055629-f2499483f923/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
-golang.org/x/net v0.0.0-20190509222800-a4d6f7feada5 h1:6M3SDHlHHDCx2PcQw3S4KsR170vGqDhJDOmpVd4Hjak=
-golang.org/x/net v0.0.0-20190509222800-a4d6f7feada5/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
-golang.org/x/oauth2 v0.0.0-20190402181905-9f3314589c9a h1:tImsplftrFpALCYumobsd0K86vlAs/eXGFms2txfJfA=
-golang.org/x/oauth2 v0.0.0-20190402181905-9f3314589c9a/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
+golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
+golang.org/x/net v0.0.0-20191004110552-13f9640d40b9/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20200602114024-627f9648deb9 h1:pNX+40auqi2JqRfOP1akLGtYcn15TUbkhwuCO3foqqM=
+golang.org/x/net v0.0.0-20200602114024-627f9648deb9/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
+golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
+golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
+golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
+golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d h1:TzXSXBo42m9gQenoE3b9BGiEpg5IG2JkU5FkPIawgtw=
+golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
+golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sys v0.0.0-20170830134202-bb24a47a89ea/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20190209173611-3b5209105503/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d h1:+R4KGOnez64A81RvjARKc4UT5/tI9ujCIVX+P5KiHuI=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190606203320-7fc4e5ec1444/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20191022100944-742c48ecaeb7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200217220822-9197077df867/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200615200032-f1bc736245b1 h1:ogLJMz+qpzav7lGMh10LMvAkM/fAoGlaiiHYiFYdm80=
+golang.org/x/sys v0.0.0-20200615200032-f1bc736245b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/text v0.0.0-20160726164857-2910a502d2bf/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
+golang.org/x/text v0.3.3 h1:cokOdA+Jmi5PJGXLlLllQSgYigAEfHXJAERHVMaCc2k=
+golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20190308202827-9d24e82272b4 h1:SvFZT6jyqRaOeXpc5h/JSfZenJ2O330aBsf7JfSUXmQ=
 golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
-golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/time v0.0.0-20200416051211-89c76fbcd5d1 h1:NusfzzA6yGQ+ua51ck7E3omNUX/JuqbFSaRGqU8CcLI=
+golang.org/x/time v0.0.0-20200416051211-89c76fbcd5d1/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
+golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/tools v0.0.0-20181011042414-1f849cf54d09/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=
+golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
+golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
+golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
+golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543 h1:E7g+9GITq07hpfrRu66IVDexMakfv52eLZ2CXBWiKr4=
+golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE=
+google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
 google.golang.org/appengine v1.4.0 h1:/wp5JvzpHIxhs/dumFmF7BXTf3Z+dd4uXta4kVyO508=
 google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
+google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
+google.golang.org/appengine v1.6.6 h1:lMO5rYAqUxkmaj76jAkRUvt5JZgFymx/+Q5Mzfivuhc=
+google.golang.org/appengine v1.6.6/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc=
+google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
+google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
+google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
+google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
+google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo=
+google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
+google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg=
+google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
+google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
+google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
+google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
+google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE=
+google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo=
+google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
+google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
+google.golang.org/protobuf v1.24.0 h1:UhZDfRO8JRQru4/+LlLE0BRKGF8L+PICnvYZmx/fEGA=
+google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY=
+gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys=
 gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc=
 gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw=
+gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw=
+gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw=
 gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
-k8s.io/api v0.0.0-20190409021203-6e4e0e4f393b h1:aBGgKJUM9Hk/3AE8WaZIApnTxG35kbuQba2w+SXqezo=
-k8s.io/api v0.0.0-20190409021203-6e4e0e4f393b/go.mod h1:iuAfoD4hCxJ8Onx9kaTIt30j7jUFS00AXQi6QMi99vA=
-k8s.io/apimachinery v0.0.0-20190404173353-6a84e37a896d h1:Jmdtdt1ZnoGfWWIIik61Z7nKYgO3J+swQJtPYsP9wHA=
-k8s.io/apimachinery v0.0.0-20190404173353-6a84e37a896d/go.mod h1:ccL7Eh7zubPUSh9A3USN90/OzHNSVN6zxzde07TDCL0=
-k8s.io/client-go v11.0.0+incompatible h1:LBbX2+lOwY9flffWlJM7f1Ct8V2SRNiMRDFeiwnJo9o=
-k8s.io/client-go v11.0.0+incompatible/go.mod h1:7vJpHMYJwNQCWgzmNV+VYUl1zCObLyodBc8nIyt8L5s=
+gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v2 v2.3.0 h1:clyUAQHOM3G0M3f5vQj7LuJrETvjVot3Z5el9nffUtU=
+gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
+honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
+honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
+k8s.io/api v0.18.4 h1:8x49nBRxuXGUlDlwlWd3RMY1SayZrzFfxea3UZSkFw4=
+k8s.io/api v0.18.4/go.mod h1:lOIQAKYgai1+vz9J7YcDZwC26Z0zQewYOGWdyIPUUQ4=
+k8s.io/apimachinery v0.18.4 h1:ST2beySjhqwJoIFk6p7Hp5v5O0hYY6Gngq/gUYXTPIA=
+k8s.io/apimachinery v0.18.4/go.mod h1:OaXp26zu/5J7p0f92ASynJa1pZo06YlV9fG7BoWbCko=
+k8s.io/client-go v0.18.4 h1:un55V1Q/B3JO3A76eS0kUSywgGK/WR3BQ8fHQjNa6Zc=
+k8s.io/client-go v0.18.4/go.mod h1:f5sXwL4yAZRkAtzOxRWUhA/N8XzGCb+nPZI8PfobZ9g=
+k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0=
+k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk=
 k8s.io/klog v0.3.0 h1:0VPpR+sizsiivjIfIAQH/rl8tan6jvWkS7lU+0di3lE=
 k8s.io/klog v0.3.0/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk=
-k8s.io/utils v0.0.0-20190506122338-8fab8cb257d5 h1:VBM/0P5TWxwk+Nw6Z+lAw3DKgO76g90ETOiA6rfLV1Y=
-k8s.io/utils v0.0.0-20190506122338-8fab8cb257d5/go.mod h1:sZAwmy6armz5eXlNoLmJcl4F1QuKu7sr+mFQ0byX7Ew=
+k8s.io/klog v1.0.0 h1:Pt+yjF5aB1xDSVbau4VsWe+dQNzA0qv1LlXdC2dF6Q8=
+k8s.io/klog v1.0.0/go.mod h1:4Bi6QPql/J/LkTDqv7R/cd3hPo4k2DG6Ptcz060Ez5I=
+k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE=
+k8s.io/kube-openapi v0.0.0-20200410145947-61e04a5be9a6/go.mod h1:GRQhZsXIAJ1xR0C9bd8UpWHZ5plfAS9fzPjJuQ6JL3E=
+k8s.io/utils v0.0.0-20200324210504-a9aa75ae1b89/go.mod h1:sZAwmy6armz5eXlNoLmJcl4F1QuKu7sr+mFQ0byX7Ew=
+k8s.io/utils v0.0.0-20200603063816-c1c6865ac451 h1:v8ud2Up6QK1lNOKFgiIVrZdMg7MpmSnvtrOieolJKoE=
+k8s.io/utils v0.0.0-20200603063816-c1c6865ac451/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA=
+sigs.k8s.io/structured-merge-diff/v3 v3.0.0-20200116222232-67a7b8c61874/go.mod h1:PlARxl6Hbt/+BC80dRLi1qAmnMqwqDg62YvvVkZjemw=
+sigs.k8s.io/structured-merge-diff/v3 v3.0.0 h1:dOmIZBMfhcHS09XZkMyUgkq5trg3/jRyJYFZUiaOp8E=
+sigs.k8s.io/structured-merge-diff/v3 v3.0.0/go.mod h1:PlARxl6Hbt/+BC80dRLi1qAmnMqwqDg62YvvVkZjemw=
 sigs.k8s.io/yaml v1.1.0 h1:4A07+ZFc2wgJwo8YNlQpr1rVlgUDlxXHhPJciaPY5gs=
 sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o=
+sigs.k8s.io/yaml v1.2.0 h1:kr/MCeFWJWTwyaHoR9c8EjH9OumOmoF9YGiZd7lFm/Q=
+sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc=

From 4b4fc238b20706df5b0d6ebc1ffc4b41fc9be3d7 Mon Sep 17 00:00:00 2001
From: Benjamin Elder <bentheelder@google.com>
Date: Wed, 17 Jun 2020 18:07:06 -0700
Subject: [PATCH 30/42] add context to client-go call

---
 images/kindnetd/cmd/kindnetd/main.go | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/images/kindnetd/cmd/kindnetd/main.go b/images/kindnetd/cmd/kindnetd/main.go
index f76cb07586..38c0bd95ba 100644
--- a/images/kindnetd/cmd/kindnetd/main.go
+++ b/images/kindnetd/cmd/kindnetd/main.go
@@ -17,6 +17,7 @@ limitations under the License.
 package main
 
 import (
+	"context"
 	"flag"
 	"fmt"
 	"os"
@@ -97,7 +98,7 @@ func main() {
 		var nodes *corev1.NodeList
 		var err error
 		for i := 0; i < 5; i++ {
-			nodes, err = clientset.CoreV1().Nodes().List(metav1.ListOptions{})
+			nodes, err = clientset.CoreV1().Nodes().List(context.TODO(), metav1.ListOptions{})
 			if err == nil {
 				break
 			}

From eda165fc7bcb9e6d33b1073fc40e547be205e31c Mon Sep 17 00:00:00 2001
From: Benjamin Elder <bentheelder@google.com>
Date: Wed, 17 Jun 2020 18:10:02 -0700
Subject: [PATCH 31/42] port kindnetd to buildkit

---
 images/kindnetd/Dockerfile | 13 ++++++++++---
 images/kindnetd/Makefile   | 29 +++++++++++++++++++++++++++++
 2 files changed, 39 insertions(+), 3 deletions(-)
 create mode 100644 images/kindnetd/Makefile

diff --git a/images/kindnetd/Dockerfile b/images/kindnetd/Dockerfile
index 4e23d2c7bb..6c2f0876ee 100644
--- a/images/kindnetd/Dockerfile
+++ b/images/kindnetd/Dockerfile
@@ -12,7 +12,14 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-ARG GOARCH=amd64
-FROM gcr.io/google-containers/debian-iptables-${GOARCH}:v12.0.1
-COPY --chown=root:root kindnetd /bin/kindnetd
+# first stage build kindnetd binary
+# NOTE: tentatively follow upstream kubernetes go version based on k8s in go.mod
+FROM golang:1.13
+WORKDIR /go/src
+COPY . .
+RUN CGO_ENABLED=0 go build -o ./kindnetd ./cmd/kindnetd
+
+# build real kindnetd image
+FROM gcr.io/google-containers/debian-iptables:v12.0.1
+COPY --from=0 --chown=root:root ./go/src/kindnetd /bin/kindnetd
 CMD ["/bin/kindnetd"]
diff --git a/images/kindnetd/Makefile b/images/kindnetd/Makefile
new file mode 100644
index 0000000000..c2264fe565
--- /dev/null
+++ b/images/kindnetd/Makefile
@@ -0,0 +1,29 @@
+TAG?=$(shell echo "$$(date +v%Y%m%d)-$$(git describe --always --dirty)")
+IMAGE?=kindest/kindnetd:$(TAG)
+# required for buildx
+export DOCKER_CLI_EXPERIMENTAL=enabled
+
+# build with buildx
+PLATFORMS?=linux/amd64,linux/arm64,linux/arm,linux/ppc64le
+OUTPUT=
+PROGRESS=auto
+build: ensure-buildx
+	docker buildx build --platform=${PLATFORMS} $(OUTPUT) --progress=$(PROGRESS) -t ${IMAGE} --pull .
+
+# push the cross built image
+push: OUTPUT=--push
+push: build
+
+# quick can be used to do a build that will be imported into the local docker 
+# for sanity checking before doing a cross build push
+# cross builds cannot be imported locally at the moment
+# https://github.com/docker/buildx/issues/59
+quick: PLATFORMS=linux/amd64
+quick: OUTPUT=--load
+quick: build
+
+# enable buildx
+ensure-buildx:
+	./../../hack/build/init-buildx.sh
+
+.PHONY: push build quick ensure-buildx
\ No newline at end of file

From 4f14bcc51e0e587a63e8b27ebabce9317d8711f6 Mon Sep 17 00:00:00 2001
From: Benjamin Elder <bentheelder@google.com>
Date: Wed, 17 Jun 2020 18:10:42 -0700
Subject: [PATCH 32/42] remove old kindnetd build

---
 images/kindnetd/VERSION       |  1 -
 images/kindnetd/build.sh      | 40 ---------------------
 images/kindnetd/push-cross.sh | 67 -----------------------------------
 3 files changed, 108 deletions(-)
 delete mode 100644 images/kindnetd/VERSION
 delete mode 100755 images/kindnetd/build.sh
 delete mode 100755 images/kindnetd/push-cross.sh

diff --git a/images/kindnetd/VERSION b/images/kindnetd/VERSION
deleted file mode 100644
index 7d8568351b..0000000000
--- a/images/kindnetd/VERSION
+++ /dev/null
@@ -1 +0,0 @@
-0.5.4
diff --git a/images/kindnetd/build.sh b/images/kindnetd/build.sh
deleted file mode 100755
index 28bb50b016..0000000000
--- a/images/kindnetd/build.sh
+++ /dev/null
@@ -1,40 +0,0 @@
-#!/usr/bin/env bash
-# Copyright 2019 The Kubernetes Authors.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-set -o nounset
-set -o errexit
-set -o pipefail
-
-# cd to the repo root
-REPO_ROOT=$(git rev-parse --show-toplevel)
-cd "${REPO_ROOT}"
-
-# build the binary
-export GOARCH="${GOARCH:-amd64}"
-export GOOS="linux"
-export SOURCE_DIR="${REPO_ROOT}/images/kindnetd"
-# NOTE: use a per-arch OUT_DIR so we send less in the docker build context
-export OUT_DIR="${REPO_ROOT}/bin/kindnetd/${GOARCH}"
-hack/go_container.sh go build -v -o /out/kindnetd ./cmd/kindnetd
-
-# TODO: verisoning
-# build image
-IMAGE="${IMAGE:-kindest/kindnetd}"
-TAG="${TAG:-$(cat images/kindnetd/VERSION)}"
-docker build \
-  -t "${IMAGE}:${TAG}" \
-  --build-arg="GOARCH=${GOARCH}" \
-  -f images/kindnetd/Dockerfile \
-  "${OUT_DIR}"
diff --git a/images/kindnetd/push-cross.sh b/images/kindnetd/push-cross.sh
deleted file mode 100755
index 935ab4f8cf..0000000000
--- a/images/kindnetd/push-cross.sh
+++ /dev/null
@@ -1,67 +0,0 @@
-#!/bin/bash
-# Copyright 2019 The Kubernetes Authors.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# builds and pushes the kindnetd image for all architectures
-
-set -o errexit
-set -o nounset
-set -o pipefail
-set -o xtrace
-
-# cd to the repo root
-REPO_ROOT=$(git rev-parse --show-toplevel)
-cd "${REPO_ROOT}"
-
-IMAGE="${IMAGE:-kindest/kindnetd}"
-TAG="${TAG:-$(cat images/kindnetd/VERSION)}"
-
-ARCHES=(
-  "amd64"
-  "arm"
-  "arm64"
-  "ppc64le"
-)
-
-# darwin is great
-SED="sed"
-if which gsed &>/dev/null; then
-  SED="gsed"
-fi
-if ! (${SED} --version 2>&1 | grep -q GNU); then
-  echo "!!! GNU sed is required.  If on OS X, use 'brew install gnu-sed'." >&2
-  exit 1
-fi
-
-# build all images
-images=()
-for arch in "${ARCHES[@]}"; do
-  # build image
-  tag="${arch}-${TAG}"
-  GOARCH="${arch}" TAG="${tag}" images/kindnetd/build.sh
-  docker push "${IMAGE}:${tag}"
-  images+=("${IMAGE}:${tag}")
-done
-
-# This option is required for running the docker manifest command
-export DOCKER_CLI_EXPERIMENTAL="enabled"
-
-# create and push the manifest
-docker manifest create "${IMAGE}:${TAG}" "${images[@]}"
-for image in "${images[@]}"; do
-    # image:arch-tag, grab arch
-    arch="$(${SED} -r 's/.*://; s/-.*//' <<< "${image}")"
-    docker manifest annotate "${IMAGE}:${TAG}" "${image}" --os "linux" --arch "${arch}"
-done
-docker manifest push -p "${IMAGE}:${TAG}"

From c83d0bd0ab31bd20f8151b6f2cf1568b1e83639c Mon Sep 17 00:00:00 2001
From: Benjamin Elder <bentheelder@google.com>
Date: Wed, 17 Jun 2020 18:13:38 -0700
Subject: [PATCH 33/42] optimize build

---
 images/kindnetd/Dockerfile | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/images/kindnetd/Dockerfile b/images/kindnetd/Dockerfile
index 6c2f0876ee..66137b2b9b 100644
--- a/images/kindnetd/Dockerfile
+++ b/images/kindnetd/Dockerfile
@@ -16,6 +16,10 @@
 # NOTE: tentatively follow upstream kubernetes go version based on k8s in go.mod
 FROM golang:1.13
 WORKDIR /go/src
+# make deps fetching cachable
+COPY go.mod go.sum .
+RUN go mod download
+# build
 COPY . .
 RUN CGO_ENABLED=0 go build -o ./kindnetd ./cmd/kindnetd
 

From 5ad8ae5f45b3efde8fb6fc48b2b6296a4e61d15e Mon Sep 17 00:00:00 2001
From: Benjamin Elder <bentheelder@google.com>
Date: Wed, 17 Jun 2020 18:19:21 -0700
Subject: [PATCH 34/42] drop arm (not arm64) from builds

---
 hack/release/build/cross.sh  | 1 -
 images/haproxy/push-cross.sh | 1 -
 images/kindnetd/Makefile     | 2 +-
 pkg/build/nodeimage/build.go | 1 -
 4 files changed, 1 insertion(+), 4 deletions(-)

diff --git a/hack/release/build/cross.sh b/hack/release/build/cross.sh
index cce93ed318..1c14094786 100755
--- a/hack/release/build/cross.sh
+++ b/hack/release/build/cross.sh
@@ -47,7 +47,6 @@ fi < <(cat <<EOF | tr '\n' '\0'
 export GOOS=windows GOARCH=amd64
 export GOOS=darwin GOARCH=amd64
 export GOOS=linux GOARCH=amd64
-export GOOS=linux GOARCH=arm
 export GOOS=linux GOARCH=arm64
 export GOOS=linux GOARCH=ppc64le
 EOF
diff --git a/images/haproxy/push-cross.sh b/images/haproxy/push-cross.sh
index 0973cab58c..9ecb0bfdaf 100755
--- a/images/haproxy/push-cross.sh
+++ b/images/haproxy/push-cross.sh
@@ -34,7 +34,6 @@ BASE="haproxy:${TAG}"
 # tag arch, manifest architecture, variant
 ARCHES=(
   "amd64,amd64,"
-  "arm32v6,arm,v6"
   "arm64v8,arm64,v8"
   "ppc64le,ppc64le,"
 )
diff --git a/images/kindnetd/Makefile b/images/kindnetd/Makefile
index c2264fe565..894d6617c5 100644
--- a/images/kindnetd/Makefile
+++ b/images/kindnetd/Makefile
@@ -4,7 +4,7 @@ IMAGE?=kindest/kindnetd:$(TAG)
 export DOCKER_CLI_EXPERIMENTAL=enabled
 
 # build with buildx
-PLATFORMS?=linux/amd64,linux/arm64,linux/arm,linux/ppc64le
+PLATFORMS?=linux/amd64,linux/arm64,linux/ppc64le
 OUTPUT=
 PROGRESS=auto
 build: ensure-buildx
diff --git a/pkg/build/nodeimage/build.go b/pkg/build/nodeimage/build.go
index 41c1aff28a..31759f6bac 100644
--- a/pkg/build/nodeimage/build.go
+++ b/pkg/build/nodeimage/build.go
@@ -74,7 +74,6 @@ func supportedArch(arch string) bool {
 		return false
 	// currently we nominally support building node images for these
 	case "amd64":
-	case "arm":
 	case "arm64":
 	case "ppc64le":
 	}

From f9b7e5a430af39069a08f7865ef611c7c92d3d9b Mon Sep 17 00:00:00 2001
From: Benjamin Elder <bentheelder@google.com>
Date: Wed, 17 Jun 2020 19:10:26 -0700
Subject: [PATCH 35/42] bump kindnetd

---
 pkg/build/nodeimage/const_cni.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pkg/build/nodeimage/const_cni.go b/pkg/build/nodeimage/const_cni.go
index 6050e8bfeb..154341149b 100644
--- a/pkg/build/nodeimage/const_cni.go
+++ b/pkg/build/nodeimage/const_cni.go
@@ -20,7 +20,7 @@ package nodeimage
 The default CNI manifest and images are our own tiny kindnet
 */
 
-var defaultCNIImages = []string{"kindest/kindnetd:0.5.4"}
+var defaultCNIImages = []string{"kindest/kindnetd:v20200617-5ad8ae5f"}
 
 const defaultCNIManifest = `
 # kindnetd networking manifest
@@ -93,7 +93,7 @@ spec:
       serviceAccountName: kindnet
       containers:
       - name: kindnet-cni
-        image: kindest/kindnetd:0.5.4
+        image: kindest/kindnetd:v20200617-5ad8ae5f
         env:
         - name: HOST_IP
           valueFrom:

From 07e601ffb50fcaa0189e48dd84c5218c1ca25f44 Mon Sep 17 00:00:00 2001
From: Benjamin Elder <bentheelder@google.com>
Date: Wed, 17 Jun 2020 19:30:39 -0700
Subject: [PATCH 36/42] standardize makefile for images

---
 images/Makefile.common.in    | 38 ++++++++++++++++++
 images/base/Makefile         | 30 +--------------
 images/haproxy/Dockerfile    |  3 +-
 images/haproxy/Makefile      |  1 +
 images/haproxy/push-cross.sh | 74 ------------------------------------
 images/kindnetd/Makefile     | 30 +--------------
 6 files changed, 42 insertions(+), 134 deletions(-)
 create mode 100644 images/Makefile.common.in
 create mode 100644 images/haproxy/Makefile
 delete mode 100755 images/haproxy/push-cross.sh

diff --git a/images/Makefile.common.in b/images/Makefile.common.in
new file mode 100644
index 0000000000..ee335d1e60
--- /dev/null
+++ b/images/Makefile.common.in
@@ -0,0 +1,38 @@
+# shared makefile for all images
+
+# get image name from directory we're building
+IMAGE_NAME=$(notdir $(CURDIR))
+# docker image registry, default to upstream
+REGISTRY?=kindest
+# tag based on date-sha
+TAG?=$(shell echo "$$(date +v%Y%m%d)-$$(git describe --always --dirty)")
+# the full image tag
+IMAGE?=$(REGISTRY)/$(IMAGE_NAME):$(TAG)
+
+# required to enable buildx
+export DOCKER_CLI_EXPERIMENTAL=enabled
+
+# build with buildx
+PLATFORMS?=linux/amd64,linux/arm64,linux/ppc64le
+OUTPUT=
+PROGRESS=auto
+build: ensure-buildx
+	docker buildx build --platform=${PLATFORMS} $(OUTPUT) --progress=$(PROGRESS) -t ${IMAGE} --pull .
+
+# push the cross built image
+push: OUTPUT=--push
+push: build
+
+# quick can be used to do a build that will be imported into the local docker 
+# for sanity checking before doing a cross build push
+# cross builds cannot be imported locally at the moment
+# https://github.com/docker/buildx/issues/59
+quick: PLATFORMS=linux/amd64
+quick: OUTPUT=--load
+quick: build
+
+# enable buildx
+ensure-buildx:
+	./../../hack/build/init-buildx.sh
+
+.PHONY: push build quick ensure-buildx
\ No newline at end of file
diff --git a/images/base/Makefile b/images/base/Makefile
index b9fc4d36b7..b52bda98fd 100644
--- a/images/base/Makefile
+++ b/images/base/Makefile
@@ -1,29 +1 @@
-TAG?=$(shell echo "$$(date +v%Y%m%d)-$$(git describe --always --dirty)")
-IMAGE?=kindest/base:$(TAG)
-# required for buildx
-export DOCKER_CLI_EXPERIMENTAL=enabled
-
-# build with buildx
-PLATFORMS?=linux/amd64,linux/arm64
-OUTPUT=
-PROGRESS=auto
-build: ensure-buildx
-	docker buildx build --platform=${PLATFORMS} $(OUTPUT) --progress=$(PROGRESS) -t ${IMAGE} --pull .
-
-# push the cross built image
-push: OUTPUT=--push
-push: build
-
-# quick can be used to do a build that will be imported into the local docker 
-# for sanity checking before doing a cross build push
-# cross builds cannot be imported locally at the moment
-# https://github.com/docker/buildx/issues/59
-quick: PLATFORMS=linux/amd64
-quick: OUTPUT=--load
-quick: build
-
-# enable buildx
-ensure-buildx:
-	./../../hack/build/init-buildx.sh
-
-.PHONY: push build quick ensure-buildx
\ No newline at end of file
+include $(CURDIR)/../Makefile.common.in
\ No newline at end of file
diff --git a/images/haproxy/Dockerfile b/images/haproxy/Dockerfile
index 954803126a..2f21d29194 100644
--- a/images/haproxy/Dockerfile
+++ b/images/haproxy/Dockerfile
@@ -13,7 +13,6 @@
 # limitations under the License.
 
 # standard haproxy image + minimal config so the container will not exit
-ARG ARCH="amd64"
 ARG BASE="haproxy:2.1.1-alpine"
-FROM ${ARCH}/${BASE}
+FROM ${BASE}
 COPY haproxy.cfg /usr/local/etc/haproxy/haproxy.cfg
diff --git a/images/haproxy/Makefile b/images/haproxy/Makefile
new file mode 100644
index 0000000000..b52bda98fd
--- /dev/null
+++ b/images/haproxy/Makefile
@@ -0,0 +1 @@
+include $(CURDIR)/../Makefile.common.in
\ No newline at end of file
diff --git a/images/haproxy/push-cross.sh b/images/haproxy/push-cross.sh
deleted file mode 100755
index 9ecb0bfdaf..0000000000
--- a/images/haproxy/push-cross.sh
+++ /dev/null
@@ -1,74 +0,0 @@
-#!/bin/bash
-
-# Copyright 2019 The Kubernetes Authors.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# builds and pushes the haproxy image for all architectures
-
-set -o errexit
-set -o nounset
-set -o pipefail
-
-# cd to the repo root
-REPO_ROOT=$(git rev-parse --show-toplevel)
-cd "${REPO_ROOT}"
-
-# cd to the image
-cd ./images/haproxy
-
-IMAGE="${IMAGE:-kindest/haproxy}"
-TAG="${TAG:-2.1.1-alpine}"
-BASE="haproxy:${TAG}"
-
-# tag arch, manifest architecture, variant
-ARCHES=(
-  "amd64,amd64,"
-  "arm64v8,arm64,v8"
-  "ppc64le,ppc64le,"
-)
-
-# build all images
-images=()
-image_infos=()
-for arch_info in "${ARCHES[@]}"; do
-  # build image
-  tag_arch="$(sed -E 's#^([^,]+),[^,]*,[^,]*$#\1#' <<<"${arch_info}")"
-  image="${IMAGE}:${tag_arch}-${TAG}"
-  docker build "--build-arg=ARCH=${tag_arch}" "--build-arg=BASE=${BASE}" -f Dockerfile -t "${image}" .
-  docker push "${image}"
-  # join image we tagged with arch info for building the manifest later 
-  images+=("${image}")
-  image_infos+=("${image},${arch_info}")
-done
-
-# This option is required for running the docker manifest command
-export DOCKER_CLI_EXPERIMENTAL="enabled"
-
-# create and push the manifest
-docker manifest create "${IMAGE}:${TAG}" "${images[@]}"
-for image_info in "${image_infos[@]}"; do
-  # split out image info
-  # image:arch-tag, grab arch
-  image="$(sed -E 's#^([^,]+),[^,]+,[^,]+,[^,]*$#\1#' <<<"${image_info}")"
-  #tag_arch="$(sed -E 's#^[^,]+,([^,]+),[^,]+,[^,]*$#\1#' <<<"${image_info}")"
-  architecture="$(sed -E 's#^[^,]+,[^,]+,([^,]+),[^,]*$#\1#' <<<"${image_info}")"
-  variant="$(sed -E 's#^[^,]+,[^,]+,[^,]+,([^,]*)$#\1#' <<<"${image_info}")"
-  args=("--arch" "${architecture}")
-  if [ -n "${variant}" ]; then
-    args+=("--variant" "${variant}")
-  fi
-  # add the image to the manifest
-  docker manifest annotate "${IMAGE}:${TAG}" "${image}" "${args[@]}"
-done
-docker manifest push --purge "${IMAGE}:${TAG}"
diff --git a/images/kindnetd/Makefile b/images/kindnetd/Makefile
index 894d6617c5..b52bda98fd 100644
--- a/images/kindnetd/Makefile
+++ b/images/kindnetd/Makefile
@@ -1,29 +1 @@
-TAG?=$(shell echo "$$(date +v%Y%m%d)-$$(git describe --always --dirty)")
-IMAGE?=kindest/kindnetd:$(TAG)
-# required for buildx
-export DOCKER_CLI_EXPERIMENTAL=enabled
-
-# build with buildx
-PLATFORMS?=linux/amd64,linux/arm64,linux/ppc64le
-OUTPUT=
-PROGRESS=auto
-build: ensure-buildx
-	docker buildx build --platform=${PLATFORMS} $(OUTPUT) --progress=$(PROGRESS) -t ${IMAGE} --pull .
-
-# push the cross built image
-push: OUTPUT=--push
-push: build
-
-# quick can be used to do a build that will be imported into the local docker 
-# for sanity checking before doing a cross build push
-# cross builds cannot be imported locally at the moment
-# https://github.com/docker/buildx/issues/59
-quick: PLATFORMS=linux/amd64
-quick: OUTPUT=--load
-quick: build
-
-# enable buildx
-ensure-buildx:
-	./../../hack/build/init-buildx.sh
-
-.PHONY: push build quick ensure-buildx
\ No newline at end of file
+include $(CURDIR)/../Makefile.common.in
\ No newline at end of file

From 84cd08e0a937accfbff1724d67ed1390bd3c54bd Mon Sep 17 00:00:00 2001
From: Benjamin Elder <bentheelder@google.com>
Date: Wed, 17 Jun 2020 19:32:02 -0700
Subject: [PATCH 37/42] bump haproxy to latest

---
 images/haproxy/Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/images/haproxy/Dockerfile b/images/haproxy/Dockerfile
index 2f21d29194..1b003cbbf6 100644
--- a/images/haproxy/Dockerfile
+++ b/images/haproxy/Dockerfile
@@ -13,6 +13,6 @@
 # limitations under the License.
 
 # standard haproxy image + minimal config so the container will not exit
-ARG BASE="haproxy:2.1.1-alpine"
+ARG BASE="haproxy:2.1.7-alpine"
 FROM ${BASE}
 COPY haproxy.cfg /usr/local/etc/haproxy/haproxy.cfg

From 368793aaa1f5318e68816e1965a266af0839a12e Mon Sep 17 00:00:00 2001
From: Benjamin Elder <bentheelder@google.com>
Date: Wed, 17 Jun 2020 19:34:12 -0700
Subject: [PATCH 38/42] bump haproxy image

---
 pkg/cluster/internal/loadbalancer/const.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pkg/cluster/internal/loadbalancer/const.go b/pkg/cluster/internal/loadbalancer/const.go
index e29c9c8899..3aa6ea0140 100644
--- a/pkg/cluster/internal/loadbalancer/const.go
+++ b/pkg/cluster/internal/loadbalancer/const.go
@@ -17,7 +17,7 @@ limitations under the License.
 package loadbalancer
 
 // Image defines the loadbalancer image:tag
-const Image = "kindest/haproxy:2.1.1-alpine"
+const Image = "kindest/haproxy:v20200617-84cd08e0"
 
 // ConfigPath defines the path to the config file in the image
 const ConfigPath = "/usr/local/etc/haproxy/haproxy.cfg"

From a4385ed2cfa92fbaacfeafb0b58b921b03d9e6c3 Mon Sep 17 00:00:00 2001
From: Benjamin Elder <bentheelder@google.com>
Date: Wed, 17 Jun 2020 20:17:23 -0700
Subject: [PATCH 39/42] bump base image

---
 pkg/build/nodeimage/defaults.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pkg/build/nodeimage/defaults.go b/pkg/build/nodeimage/defaults.go
index 4629d43116..54940364cd 100644
--- a/pkg/build/nodeimage/defaults.go
+++ b/pkg/build/nodeimage/defaults.go
@@ -20,7 +20,7 @@ package nodeimage
 const DefaultImage = "kindest/node:latest"
 
 // DefaultBaseImage is the default base image used
-const DefaultBaseImage = "kindest/base:v20200616-e6c913bf"
+const DefaultBaseImage = "kindest/base:v20200617-368793aa"
 
 // DefaultMode is the default kubernetes build mode for the built image
 // see pkg/build/kube.Bits

From 286a6c82bc39f8dbfd0f4a789dbd2f818dd53d70 Mon Sep 17 00:00:00 2001
From: Benjamin Elder <bentheelder@google.com>
Date: Wed, 17 Jun 2020 20:17:28 -0700
Subject: [PATCH 40/42] bump debian-base

---
 pkg/build/nodeimage/const_storage.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pkg/build/nodeimage/const_storage.go b/pkg/build/nodeimage/const_storage.go
index 78e3fe0c41..249b7dc32c 100644
--- a/pkg/build/nodeimage/const_storage.go
+++ b/pkg/build/nodeimage/const_storage.go
@@ -25,7 +25,7 @@ NOTE: we have customized it in the following ways:
 - install as the default storage class
 */
 
-var defaultStorageImages = []string{"rancher/local-path-provisioner:v0.0.12", "k8s.gcr.io/debian-base:v2.0.0"}
+var defaultStorageImages = []string{"rancher/local-path-provisioner:v0.0.12", "us.gcr.io/k8s-artifacts-prod/build-image/debian-base:v2.1.0"}
 
 const defaultStorageManifest = `
 # kind customized https://github.com/rancher/local-path-provisioner manifest
@@ -102,7 +102,7 @@ spec:
         - --debug
         - start
         - --helper-image
-        - k8s.gcr.io/debian-base:v2.0.0
+        - us.gcr.io/k8s-artifacts-prod/build-image/debian-base:v2.1.0
         - --config
         - /etc/config/config.json
         volumeMounts:

From 418b8cf874e9b3b7c236f8bab70a0e642da19bd9 Mon Sep 17 00:00:00 2001
From: Benjamin Elder <bentheelder@google.com>
Date: Wed, 17 Jun 2020 20:24:52 -0700
Subject: [PATCH 41/42] bump node image

---
 pkg/apis/config/defaults/image.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pkg/apis/config/defaults/image.go b/pkg/apis/config/defaults/image.go
index e9e8b93560..4a3ca756ec 100644
--- a/pkg/apis/config/defaults/image.go
+++ b/pkg/apis/config/defaults/image.go
@@ -18,4 +18,4 @@ limitations under the License.
 package defaults
 
 // Image is the default for the Config.Image field, aka the default node image.
-const Image = "kindest/node:v1.18.2@sha256:1ab458c61fbd408081c9d321ceec1a50adffc2d060e1013d823af3c61fe90ff2"
+const Image = "kindest/node:v1.18.4@sha256:9ddbe5ba7dad96e83aec914feae9105ac1cffeb6ebd0d5aa42e820defe840fd4"

From 40742f99f7940a3855d3d771f584001ca4555cf4 Mon Sep 17 00:00:00 2001
From: Benjamin Elder <bentheelder@google.com>
Date: Thu, 18 Jun 2020 10:03:43 -0700
Subject: [PATCH 42/42] Revert "Add support for dockerless builds in kind"

---
 pkg/build/nodeimage/internal/kube/dockerbuildbits.go | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/pkg/build/nodeimage/internal/kube/dockerbuildbits.go b/pkg/build/nodeimage/internal/kube/dockerbuildbits.go
index 5a9b6e4aa7..a0b07fca13 100644
--- a/pkg/build/nodeimage/internal/kube/dockerbuildbits.go
+++ b/pkg/build/nodeimage/internal/kube/dockerbuildbits.go
@@ -107,10 +107,9 @@ func (b *DockerBuildBits) build() error {
 			"KUBE_BUILD_CONFORMANCE=n",
 			// build for the host platform
 			"KUBE_BUILD_PLATFORMS=" + dockerBuildOsAndArch(b.arch),
-			// leverage in-tree-cloud-provider-free and docker-free builds by default
+			// leverage in-tree-cloud-provider-free builds by default
 			// https://github.com/kubernetes/kubernetes/pull/80353
-			// https://github.com/kubernetes/kubernetes/pull/87746
-			"GOFLAGS=-tags=providerless,dockerless",
+			"GOFLAGS=-tags=providerless",
 		},
 		os.Environ()...,
 	)