我的书签
添加书签
移除书签Understanding Windows container workloads
The following information details the supported platform versions, Windows Server versions, and networking configurations for the Windows Machine Config Operator. See the vSphere documentation for any information that is relevant to only that platform.
The following table lists the Windows Server versions that are supported by WMCO 8.0.0, based on the applicable platform. Windows Server versions not listed are not supported and attempting to use them will cause errors. To prevent these errors, use only an appropriate version for your platform.
| Platform | Supported Windows Server version |
|---|---|
Amazon Web Services (AWS) | Windows Server 2019, version 1809 |
Microsoft Azure |
|
VMware vSphere | Windows Server 2022, OS Build 20348.681 or later |
Google Cloud Platform (GCP) | Windows Server 2022, OS Build or later |
Bare metal or provider agnostic |
|
Supported networking
Hybrid networking with OVN-Kubernetes is the only supported networking configuration. See the additional resources below for more information on this functionality. The following tables outline the type of networking configuration and Windows Server versions to use based on your platform. You must specify the network configuration when you install the cluster. Be aware that OpenShift SDN networking is the default network for OKD clusters. However, OpenShift SDN is not supported by WMCO.
| Hybrid networking with OVN-Kubernetes | Supported Windows Server version |
|---|---|
| |
Custom VXLAN port | Windows Server 2022, OS Build 20348.681 or later |
Additional resources
- See
To run Windows workloads in your cluster, you must first install the Windows Machine Config Operator (WMCO). The WMCO is a Linux-based Operator that runs on Linux-based control plane and compute nodes. The WMCO orchestrates the process of deploying and managing Windows workloads on a cluster.
Figure 1. WMCO design
Before deploying Windows workloads, you must create a Windows compute node and have it join the cluster. The Windows node hosts the Windows workloads in a cluster, and can run alongside other Linux-based compute nodes. You can create a Windows compute node by creating a Windows compute machine set to host Windows Server compute machines. You must apply a Windows-specific label to the compute machine set that specifies a Windows OS image.
The WMCO watches for machines with the Windows label. After a Windows compute machine set is detected and its respective machines are provisioned, the WMCO configures the underlying Windows virtual machine (VM) so that it can join the cluster as a compute node.
Figure 2. Mixed Windows and Linux workloads
The WMCO expects a predetermined secret in its namespace containing a private key that is used to interact with the Windows instance. WMCO checks for this secret during boot up time and creates a user data secret which you must reference in the Windows object that you created. Then the WMCO populates the user data secret with a public key that corresponds to the private key. With this data in place, the cluster can connect to the Windows VM using an SSH connection.
After the cluster establishes a connection with the Windows VM, you can manage the Windows node using similar practices as you would a Linux-based node.
Scheduling Windows workloads to a Windows node can be done with typical pod scheduling practices like taints, tolerations, and node selectors; alternatively, you can differentiate your Windows workloads from Linux workloads and other Windows-versioned workloads by using a RuntimeClass object.
The following Windows-specific services are installed on each Windows node:
| Service | Description |
|---|---|
kubelet | Registers the Windows node and manages its status. |
Container Network Interface (CNI) plugins | Exposes networking for Windows nodes. |
Windows Instance Config Daemon (WICD) | Maintains the state of all services running on the Windows instance to ensure the instance functions as a worker node. |
Exports Prometheus metrics from Windows nodes | |
Interacts with the underlying Azure cloud platform. | |
Creates the OKD . | |
kube-proxy | Maintains network rules on nodes allowing outside communication. |
containerd container runtime | Manages the complete container lifecycle. |
Note the following limitations when working with Windows nodes managed by the WMCO (Windows nodes):
The following OKD features are not supported on Windows nodes:
Image builds
OpenShift Pipelines
OpenShift Service Mesh
OpenShift monitoring of user-defined projects
OpenShift Serverless
Horizontal Pod Autoscaling
Vertical Pod Autoscaling
Windows nodes do not support pulling container images from private registries. You can use images from public registries or pre-pull the images.
Windows nodes do not support workloads created by using deployment configs. You can use a deployment or other method to deploy workloads.
Windows nodes are not supported in clusters that use a cluster-wide proxy. This is because the WMCO is not able to route traffic through the proxy connection for the workloads.
Windows nodes are not supported in clusters that are in a disconnected environment.
Red Hat OpenShift support for Windows Containers does not support adding Windows nodes to a cluster through a trunk port. The only supported networking configuration for adding Windows nodes is through an access port that carries traffic for the VLAN.
Red Hat OpenShift support for Windows Containers supports only in-tree storage drivers for all cloud providers.
Kubernetes has identified the following :
Huge pages are not supported for Windows containers.
Kubernetes has identified several API compatibility issues.
