diff --git a/_service b/_service
index 158f980..51dec82 100644
--- a/_service
+++ b/_service
@@ -1,7 +1,7 @@
 <services>
   <service name="tar_scm" mode="disabled">
     <param name="filename">kubevirt</param>
-    <param name="revision">v0.49.0</param>
+    <param name="revision">v0.50.0</param>
     <param name="scm">git</param>
     <param name="submodules">disable</param>
     <param name="url">https://github.com/kubevirt/kubevirt</param>
diff --git a/disks-images-provider.yaml b/disks-images-provider.yaml
index 87e3a30..c972610 100644
--- a/disks-images-provider.yaml
+++ b/disks-images-provider.yaml
@@ -19,7 +19,7 @@ spec:
       serviceAccountName: kubevirt-testing
       containers:
         - name: target
-          image: quay.io/kubevirt/disks-images-provider:v0.49.0
+          image: quay.io/kubevirt/disks-images-provider:v0.50.0
           imagePullPolicy: Always
           lifecycle:
             preStop:
diff --git a/kubevirt-0.49.0.tar.gz b/kubevirt-0.49.0.tar.gz
deleted file mode 100644
index b27b73f..0000000
--- a/kubevirt-0.49.0.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:51d772935388420da27b31909bea1808403d0152ec4326fe501c0512ef4f923c
-size 13598687
diff --git a/kubevirt-0.50.0.tar.gz b/kubevirt-0.50.0.tar.gz
new file mode 100644
index 0000000..c3af21c
--- /dev/null
+++ b/kubevirt-0.50.0.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:b1416197db69e588cfd554ead0b4d13137fe82311002c0a2c154edaf46deace0
+size 14050058
diff --git a/kubevirt-psp-caasp.yaml b/kubevirt-psp-caasp.yaml
deleted file mode 100644
index c69653a..0000000
--- a/kubevirt-psp-caasp.yaml
+++ /dev/null
@@ -1,91 +0,0 @@
-#
-# A KubeVirt PSP for CaaSP-based Kubernetes clusters that makes use of the
-# CaaSP privileged PSP.
-#
-# After the KubeVirt operator has sucessfully deployed the KubeVirt service,
-# this PSP can be deployed to the cluster, giving virt-operator and
-# virt-handler access to cluster operations necessary for virtual machine
-# management.
-#
-# kubectl apply -f /usr/share/kube-virt/manifests/release/kubevirt-psp-caasp.yaml
-#
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: kubevirt-controller-caasp
-rules:
-- apiGroups:
-  - policy
-  resources:
-  - podsecuritypolicies
-  verbs:
-  - use
-  resourceNames:
-  - suse.caasp.psp.privileged
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: kubevirt-handler-caasp
-rules:
-- apiGroups:
-  - policy
-  resources:
-  - podsecuritypolicies
-  verbs:
-  - use
-  resourceNames:
-  - suse.caasp.psp.privileged
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  name: kubevirt-controller-caasp
-roleRef:
-  kind: ClusterRole
-  name: kubevirt-controller-caasp
-  apiGroup: rbac.authorization.k8s.io
-subjects:
-- kind: ServiceAccount
-  name: kubevirt-controller
-  namespace: kubevirt
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  name: kubevirt-handler-caasp
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: kubevirt-handler-caasp
-subjects:
-- kind: ServiceAccount
-  name: kubevirt-handler
-  namespace: kubevirt
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  name: kubevirt-controller-caasp
-roleRef:
-  kind: Role
-  name: kubevirt-controller-caasp
-  apiGroup: rbac.authorization.k8s.io
-subjects:
-- kind: ServiceAccount
-  name: kubevirt-controller
-  namespace: kubevirt
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  name: kubevirt-handler-caasp
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: Role
-  name: kubevirt-handler-caasp
-subjects:
-- kind: ServiceAccount
-  name: kubevirt-handler
-  namespace: kubevirt
-
diff --git a/kubevirt.changes b/kubevirt.changes
index 9cc02f0..fda930f 100644
--- a/kubevirt.changes
+++ b/kubevirt.changes
@@ -1,3 +1,15 @@
+-------------------------------------------------------------------
+Fri Feb 11 05:21:06 UTC 2022 - Vasily Ulyanov <vasily.ulyanov@suse.com>
+
+- Update to version 0.50.0
+  Release notes https://github.com/kubevirt/kubevirt/releases/tag/v0.50.0
+
+-------------------------------------------------------------------
+Wed Jan 19 13:30:51 UTC 2022 - Vasily Ulyanov <vasily.ulyanov@suse.com>
+
+- Pack nft rules and nsswitch.conf for virt-handler
+- Drop kubevirt-psp-caasp.yaml and cleanup the spec
+
 -------------------------------------------------------------------
 Wed Jan 12 06:29:18 UTC 2022 - Vasily Ulyanov <vasily.ulyanov@suse.com>
 
diff --git a/kubevirt.spec b/kubevirt.spec
index 273a854..a6f3557 100644
--- a/kubevirt.spec
+++ b/kubevirt.spec
@@ -17,24 +17,23 @@
 
 
 Name:           kubevirt
-Version:        0.49.0
+Version:        0.50.0
 Release:        0
 Summary:        Container native virtualization
 License:        Apache-2.0
 Group:          System/Packages
 URL:            https://github.com/kubevirt/kubevirt
 Source0:        %{name}-%{version}.tar.gz
-Source1:        kubevirt-psp-caasp.yaml
-Source2:        kubevirt_containers_meta
-Source3:        kubevirt_containers_meta.service
-Source4:        https://github.com/kubevirt/kubevirt/releases/download/v%{version}/disks-images-provider.yaml
+Source1:        kubevirt_containers_meta
+Source2:        kubevirt_containers_meta.service
+Source3:        %{url}/releases/download/v%{version}/disks-images-provider.yaml
 Source100:      %{name}-rpmlintrc
 BuildRequires:  glibc-devel-static
 BuildRequires:  golang-packaging
 BuildRequires:  pkgconfig
 BuildRequires:  rsync
 BuildRequires:  sed
-BuildRequires:  golang(API) = 1.16
+BuildRequires:  golang(API) = 1.17
 BuildRequires:  pkgconfig(libvirt)
 ExclusiveArch:  x86_64 aarch64
 
@@ -170,7 +169,7 @@ sed -i"" \
     -e "s#_REGISTRY_#${registry}#g" \
     -e "s#_PKG_VERSION_#%{version}#g" \
     -e "s#_PKG_RELEASE_#%{release}#g" \
-    %{S:2}
+    %{S:1}
 
 mkdir -p go/src/kubevirt.io go/pkg
 ln -s ../../../ go/src/kubevirt.io/kubevirt
@@ -186,16 +185,16 @@ KUBEVIRT_GIT_VERSION='v%{version}' \
 KUBEVIRT_GIT_TREE_STATE="clean" \
 build_tests="true" \
 ./hack/build-go.sh install \
-	cmd/virtctl \
-	cmd/virt-api \
-	cmd/virt-controller \
-	cmd/virt-chroot \
-	cmd/virt-handler \
-	cmd/virt-launcher \
-	cmd/virt-operator \
-	%{nil}
+    cmd/virtctl \
+    cmd/virt-api \
+    cmd/virt-controller \
+    cmd/virt-chroot \
+    cmd/virt-handler \
+    cmd/virt-launcher \
+    cmd/virt-operator \
+    %{nil}
 
-env DOCKER_PREFIX=$reg_path DOCKER_TAG=%{version}-%{release} KUBEVIRT_NO_BAZEL=true GO_BUILD=true ./hack/build-manifests.sh
+env DOCKER_PREFIX=$reg_path DOCKER_TAG=%{version}-%{release} KUBEVIRT_NO_BAZEL=true ./hack/build-manifests.sh
 
 %install
 mkdir -p %{buildroot}%{_bindir}
@@ -214,28 +213,29 @@ install -p -m 0755 cmd/virt-launcher/node-labeller/node-labeller.sh %{buildroot}
 # virt-launcher SELinux policy needs to land in virt-handler container
 install -p -m 0644 cmd/virt-handler/virt_launcher.cil %{buildroot}/
 
+# Install network stuff
+mkdir -p %{buildroot}%{_datadir}/kube-virt/virt-handler
+install -p -m 0644 cmd/virt-handler/nsswitch.conf %{buildroot}%{_datadir}/kube-virt/virt-handler/
+install -p -m 0644 cmd/virt-handler/ipv4-nat.nft %{buildroot}%{_datadir}/kube-virt/virt-handler/
+install -p -m 0644 cmd/virt-handler/ipv6-nat.nft %{buildroot}%{_datadir}/kube-virt/virt-handler/
+
 # Install release manifests
 mkdir -p %{buildroot}%{_datadir}/kube-virt/manifests/release
 install -m 0644 _out/manifests/release/kubevirt-operator.yaml %{buildroot}%{_datadir}/kube-virt/manifests/release/
 install -m 0644 _out/manifests/release/kubevirt-cr.yaml %{buildroot}%{_datadir}/kube-virt/manifests/release/
-# TODO:
-# Create a proper Pod Security Policy (PSP) for KubeVirt. For now, add one
-# that uses the CaaSP privileged PSP. It can be used with CaaSP-based
-# Kubernetes clusters.
-install -m 644 %{S:1} %{buildroot}/%{_datadir}/kube-virt/manifests/release/
 
 # Install manifests for testing
 mkdir -p %{buildroot}%{_datadir}/kube-virt/manifests/testing
 install -m 0644 _out/manifests/testing/* %{buildroot}%{_datadir}/kube-virt/manifests/testing/
 # The generated disks-images-provider.yaml refers to nonexistent container
 # images. Overwrite it with the upstream version for testing.
-install -m 0644 %{S:4} %{buildroot}/%{_datadir}/kube-virt/manifests/testing/
+install -m 0644 %{S:3} %{buildroot}/%{_datadir}/kube-virt/manifests/testing/
 install -m 0644 tests/default-config.json %{buildroot}%{_datadir}/kube-virt/manifests/testing/
 
 # Install kubevirt_containers_meta build service
 mkdir -p %{buildroot}%{_prefix}/lib/obs/service
-install -m 0755 %{S:2} %{buildroot}%{_prefix}/lib/obs/service
-install -m 0644 %{S:3} %{buildroot}%{_prefix}/lib/obs/service
+install -m 0755 %{S:1} %{buildroot}%{_prefix}/lib/obs/service
+install -m 0644 %{S:2} %{buildroot}%{_prefix}/lib/obs/service
 
 %files virtctl
 %license LICENSE
@@ -260,8 +260,11 @@ install -m 0644 %{S:3} %{buildroot}%{_prefix}/lib/obs/service
 %files virt-handler
 %license LICENSE
 %doc README.md
+%dir %{_datadir}/kube-virt
+%dir %{_datadir}/kube-virt/virt-handler
 %{_bindir}/virt-handler
 %{_bindir}/virt-chroot
+%{_datadir}/kube-virt/virt-handler
 /virt_launcher.cil
 
 %files virt-launcher