Add a Windows worker node to MicroK8s

@balchua1

It is the rebuilt cluster and running fine. However, there is also only 1 calico-node and FYI. Thanks!

NAMESPACE NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE
kube-system calico-node 3 3 3 3 3 kubernetes.io/os=linux 23d
ingress nginx-ingress-microk8s-controller 5 5 3 5 3 16h
kube-system csi-smb-node 3 3 3 3 3 kubernetes.io/os=linux 15h
kube-system csi-smb-node-win 2 2 2 2 2 kubernetes.io/os=windows 15h

This is the state before enabling rbac?

Yes, rbac is not enabled yet

Looking at this output, im guessing you have 3 linux nodes and 2 windows nodes?

NAMESPACE NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE SELECTOR AGE
kube-system calico-node 3 3 3 3 3 kubernetes.io/os=linux 23d
ingress nginx-ingress-microk8s-controller 5 5 3 5 3 16h
kube-system csi-smb-node 3 3 3 3 3 kubernetes.io/os=linux 15h
kube-system csi-smb-node-win 2 2 2 2 2 kubernetes.io/os=windows 15h

Just like this csi-smb-node-win DaemonSet where there are 2 pods on windows.

I don’t see it for the calico-nodes on windows.

My guess is that it should have the selector kubernetes.io/os=windows for calico-node DaemonSet.

Fyi, i’ve never tried kubernetes on windows at all tho, but just tryin to help.

Hi, Does anyone know where are the images stored in the node or cluster? In my windows node, I tried to find it by tying docker image ls or ctr image ls; none of them can find any; also in the Linux node, please? Because I tried to delete some images but in vain. Many thanks!

Try with microk8s ctr images list

Thanks for your reply always. I saw some daemonset images in the Linux nodes but I can’t find any in the windows nodes…by trying both docker image ls or ctr image ls.

I’ve not tried windows node at all, can you show all calico pods especially those on windows.

Is this article support k8s 1.25.0?

@bangzhuzhu I haven’t personally tested it on 1.25 but it is certainly intended and expected it should work

The download link to the script changed!
Wrong = https://docs.projectcalico.org/scripts/install-calico-windows.ps1

Correct = https://github.com/projectcalico/calico/releases/download/v3.25.0/install-calico-windows.ps1

Many thanks for this, I will update accordingly!

This documentation doesn’t appear to work anymore, due to a Calico issue. Windows quickstart results in failing kubelet · Issue #7552 · projectcalico/calico · GitHub

The Calico documentation linked in the Install section also goes nowhere.

Thanks for reporting, I will check into it

This is giving error:
Failed to auto detect backend type. IPIP is not supported on Windows nodes but found IP pools with IPIP enabled. Rerun
install script with the CalicoBackend param provided
At C:\k\install-calico-windows.ps1:179 char:16

• … throw "Failed to auto detect backend type. IPIP is not su …

•             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  

  • CategoryInfo : OperationStopped: (Failed to auto … param provided:String) , RuntimeException
  • FullyQualifiedErrorId : Failed to auto detect backend type. IPIP is not supported on Windows nodes but found IP
    pools with IPIP enabled. Rerun install script with the CalicoBackend param provided

Kindl provide complete latest steps for adding windows node to linux master node

Hi @Karthik_Medam, looks like the Windows node is having trouble contact the Kubernetes API server. Can you share some more details here (or perhaps in a GitHub issue)?

• Did you download the install-calico-windows.ps1 from https://github.com/projectcalico/calico/releases/download/v3.25.1/install-calico-windows.ps1 or somewhere else?
• Which MicroK8s version are you using?
• Is c:\k\config a valid kubeconfig file for the cluster?

I think I am running into this same problem connecting a windows server 2022 Standard to a microk8s cluster running 1.27.2. I follow the steps outlined but when I query for nodes in the cluster after copying the kube config over and starting the kubelet service, but still no windows node. Is there any troubleshooting forum/slack/email that I can request help through?

sorry you are having an issue. @neoaggelos are there any further testing steps or troubleshooting things we can add here?

I get an error trying to get logs from the pod running in the windows server node

PS C:\Windows\system32> kubectl logs test-pod
Error from server: Get “https://192.168.1.51:10250/containerLogs/default/test-pod/test-pod”: tls: failed to verify certificate: x509: cannot validate certificate for 192.168.1.51 because it doesn’t contain any IP SANs

Hi @rafedecuba , I’ve found that on the new cluster version 1.28 and 1.29 kubelet on linux hosts (port 10250) has its IP address added to certificate subject alternative name, but that not happen on windows hosts, but i don\t know if it is the problem with microk8s or kubernetes itself. If you upgrade existing 1.27 cluster to 1.28, certificates that was generated without IP SANs in the previous version are used and it also does not check IP SANs and you can show logs from windows contianers, so there must be some internal check that is enabled only on new cluster.