Rewrite coreos/flannel-cni for use in Typhoon

* Original coreos/flannel was written to drop CNI plugins and
binaries on container-optimized distros like CoreOS Container
Linux. I last released the image in 2017. Since then, flannel
has become less prominent, but its still in use and needs to
be kept up-to-date. The original is effectively no longer
maintained or accessible to me
* Rewrite flannel-cni for usage today on Fedora CoreOS and on
Flatcar Linux, especially within the Typhoon free Kubernetes
distribution
* https://github.com/coreos/flannel-cni

Warn: While Typhoon's supports flannel, it is no longer the default
or recommended CNI provider

CHANGES.md

@@ -0,0 +1,21 @@
+# flannel-cni
+
+Notable changes between versions
+
+## v0.4.0
+
+* Update CNI plugins from v0.6.0 to v0.8.6
+* Remove sleep to favor init container usage
+* Remove default CNI config to reduce scope
+
+### Infra
+
+* Rewrite [coreos/flannel-cni](https://github.com/coreos/flannel-cni) as [poseidon/flannel-cni](https://github.com/poseidon/flannel-cni)
+* Use Makefile and buildah for image builds
+* Use multi-stage to fetch binaries separately
+* Add Linux ARM64 image builds
+* Publish multi-arch images to `quay.io/poseidon/flannel-cni`
+
+## Earlier
+
+Earlier releases can be found at [github.com/coreos/flannel-cni](https://github.com/coreos/flannel-cni/releases).

Dockerfile

@@ -0,0 +1,15 @@
+FROM docker.io/alpine:3.12 AS builder
+ARG ARCH
+ARG CNI_VERSION
+COPY scripts /scripts
+RUN /scripts/fetch-cni.sh
+
+FROM docker.io/alpine:3.12
+LABEL maintainer="Dalton Hubble <[email protected]>"
+COPY --from=builder /bin/flannel /opt/cni/bin/flannel
+COPY --from=builder /bin/loopback /opt/cni/bin/loopback
+COPY --from=builder /bin/bridge /opt/cni/bin/bridge
+COPY --from=builder /bin/host-local /opt/cni/bin/host-local
+COPY --from=builder /bin/portmap /opt/cni/bin/portmap
+COPY --from=builder /bin/bandwidth /opt/cni/bin/bandwidth
+COPY scripts/install-cni.sh /install-cni.sh

Makefile

@@ -0,0 +1,18 @@
+VERSION=$(shell git describe --tags --match=v* --always --dirty)
+CNI_VERSION=v0.8.6
+
+LOCAL_REPO?=poseidon/flannel-cni
+IMAGE_REPO?=quay.io/poseidon/flannel-cni
+
+image: \
+	image-amd64 \
+	image-arm64
+
+image-%:
+	buildah bud -f Dockerfile \
+		-t $(LOCAL_REPO):$(VERSION)-$* \
+		--arch $* --override-arch $* \
+		--build-arg ARCH=$* \
+		--build-arg CNI_VERSION=$(CNI_VERSION) \
+		--format=docker .
+

README.md

@@ -0,0 +1,4 @@
+# flannel-cni
+
+`flannel-cni` installs a CNI config and CNI binaries on Fedora CoreOS and Flatcar Linux Kubernetes nodes.
+

scripts/fetch-cni.sh

@@ -0,0 +1,11 @@
+#!/usr/bin/env sh
+# Fetch CNI plugin binaries https://github.com/containernetworking/plugins
+# Requires ARCH and CNI_VERSION
+set -ex
+
+# install dependencies
+apk --no-cache add curl
+
+echo "Download CNI plugins ${CNI_VERSION} for ${ARCH}"
+curl -sSfL https://github.com/containernetworking/plugins/releases/download/${CNI_VERSION}/cni-plugins-linux-${ARCH}-${CNI_VERSION}.tgz | tar -xz -C bin/ ./flannel ./loopback ./bridge ./host-local ./portmap ./tuning ./bandwidth
+

scripts/install-cni.sh

@@ -0,0 +1,38 @@
+#!/bin/sh
+set -eu;
+
+# Install Flannel CNI binary on Kubernetes host
+#
+# Mounts:
+# Host CNI bin dir mounted at /host/opt/cni/bin
+# Host CNI conf dir mounted at /host/etc/cni/net.d
+#
+# Variables:
+# CNI_CONF_NAME - CNI config filename
+# CNI_NETWORK_CONFIG - CNI configuration
+
+CNI_BIN_DIR=${CNI_BIN_DIR:-/opt/cni/bin}
+
+if [ -w "/host/${CNI_BIN_DIR}" ]; then
+  echo "Writing CNI binaries to host ${CNI_BIN_DIR}"
+  cp /opt/cni/bin/* /host/${CNI_BIN_DIR};
+  echo "Wrote CNI binaries to host ${CNI_BIN_DIR}"
+else
+  echo "Skip writing CNI binaries"
+fi;
+
+CNI_CONF_NAME=${CNI_CONF_NAME:-10-flannel.conflist}
+CNI_NET_DIR=${CNI_NET_DIR:-/etc/cni/net.d}
+
+if [ -w "/host/${CNI_NET_DIR}" ]; then
+  echo "Writing CNI config to host ${CNI_NET_DIR}"
+  TMP_CONF='/flannel.conflist.default'
+  cat >$TMP_CONF <<EOF
+${CNI_NETWORK_CONFIG}
+EOF
+  mv $TMP_CONF /host/${CNI_NET_DIR}/${CNI_CONF_NAME}
+  echo "Wrote CNI config: $(cat /host/${CNI_NET_DIR}/${CNI_CONF_NAME})"
+else
+  echo "Skip writing CNI config"
+fi;
+