Skip to content

envoy based node local load balancing can be supported on Windows (proof of concept) #2878

New issue
New issue
Open
Open
envoy based node local load balancing can be supported on Windows (proof of concept)#2878

Description

@doctorpangloss

doctorpangloss
openedon Mar 10, 2023

Is your feature request related to a problem? Please describe.

Using the rendered envoy manifests, I successfully ran a locally load balanced api endpoint on Windows. This would make HA work correctly in typical environments for Windows workers.

Describe the solution you would like

This proof of concept worked on my machines:

using busybox64.exe

# install crane
wget https://github.com/google/go-containerregistry/releases/download/v0.13.0/go-containerregistry_Windows_x86_64.tar.gz
tar xvf go-containerregistry_Windows_x86_64.tar.gz
# get the envoy binary from the docker images, because envoy doesn't distribute them separately
mkdir container/
./crane export --platform windows/amd64 docker.io/envoyproxy/envoy-windows-ltsc2022:v1.25.2 container/envoy-windows.tar
# install envoy
tar xvf container/envoy-windows.tar -c container/
mkdir -pv "C:/Program Files/envoy/"
mkdir -pv "C:/etc/envoy"
cp envoy.yaml C:/etc/envoy/envoy.yaml
cp cds.yaml C:/etc/envoy/cds.yaml
cp "container/Files/Program Files/envoy/envoy.exe" "C:/Program Files/envoy/envoy.exe"
mkdir -pv C:/var/log/envoy
# install nssm. simplest way is choco
choco install -y nssm
nssm install envoy "C:/Program Files/envoy/envoy.exe" "-c C:/etc/envoy/envoy.yaml"
nssm set envoy AppStdout "C:/var/log/envoy/envoy.log"
nssm set envoy AppStderr "C:/var/log/envoy/envoy.err.log"
nssm set envoy AppStdoutCreationDisposition 4
nssm set envoy AppStderrCreationDisposition 4
nssm set envoy AppRotateFiles 1
nssm set envoy AppRotateOnline 1
nssm set envoy AppRotateSeconds 0
nssm set envoy AppRotateBytes 1000000
nssm set envoy AppExit Default Restart
nssm set envoy AppRestartDelay 3
nssm set envoy Start SERVICE_AUTO_START
nssm start envoy

The rendered envoy.yaml and cds.yaml are unchanged compared to the Linux versions.

To join correctly, I intercept the bootstrap token, modify the bootstrap kubeconfig to point at https://localhost:7443, and resume the joining phase. I do not use k0s windows worker command because I prefer containerd, so I bootstrap and approve the CSR myself.

Describe alternatives you've considered

Proper load balancing.

Additional context

No response

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Assignees

No one assigned

    Labels

    area/windowsenhancementNew feature or request

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions