From dfab69553d023069aa9061580a164eb3bdfb2096 Mon Sep 17 00:00:00 2001
From: Justin Santa Barbara <justinsb@google.com>
Date: Mon, 8 Feb 2021 11:59:28 -0500
Subject: [PATCH] 4

---
 nodeup/pkg/model/containerd.go | 23 ++++++++++++++---------
 1 file changed, 14 insertions(+), 9 deletions(-)

diff --git a/nodeup/pkg/model/containerd.go b/nodeup/pkg/model/containerd.go
index 22ef213b10657..5d8e529144962 100644
--- a/nodeup/pkg/model/containerd.go
+++ b/nodeup/pkg/model/containerd.go
@@ -309,20 +309,25 @@ func (b *ContainerdBuilder) buildCNIConfigTemplateFile(c *fi.ModelBuilderContext
 
 	// Based on https://github.com/kubernetes/kubernetes/blob/15a8a8ec4a3275a33b7f8eb3d4d98db2abad55b7/cluster/gce/gci/configure-helper.sh#L2911-L2937
 	// TODO: Should we set MTU? upstream has "mtu": 1460
-	// TODO: As compared to GCE/netd configuration, we added snat here
+	// TODO: Upstream (GCE kube-up) uses ptp, but that breaks our NodePort tests
 	contents := `{
-    "cniVersion": "0.3.1",
+    "cniVersion": "0.4.0",
     "name": "k8s-pod-network",
     "plugins": [
         {
-            "type": "ptp",
-            "ipam": {
-                "type": "host-local",
-                "ranges": [[{"subnet": "{{.PodCIDR}}"}]],
-                "routes": [{ "dst": "0.0.0.0/0" }]
+            "type": "bridge",
+            "bridge": "cni0",
+            "isGateway": true,
+            "isDefaultGateway":true,
+            "ipMasq": true,
+            "promiscMode": true,
+            "ipam":{
+               "type":"host-local"
+               "ranges": [[{"subnet": "{{.PodCIDR}}"}]],
+               "routes": [{ "dst": "0.0.0.0/0" }]
             }
-        },
-        {
+         },
+       {
             "type": "portmap",
             "snat": true,
             "capabilities": {"portMappings": true}