diff --git a/docs/windows.md b/docs/windows.md index 2bfd7f92eea..6be4fbcdeba 100644 --- a/docs/windows.md +++ b/docs/windows.md @@ -23,6 +23,7 @@ The following components should be configured and run on the Windows Node. antrea-agent and kube-proxy run as processes on host and are managed by management Pods. It is recommended to run OVS daemons as Windows services. +We also support running OVS processes inside container. If you don't want to run antrea-agent and kube-proxy from the management Pods Antrea also provides scripts which help install and run these two components directly without Pod, please see [Manually run kube-proxy and antrea-agent on Windows worker Nodes](#Manually-run-kube-proxy-and-antrea-agent-on-Windows-worker-Nodes) @@ -302,6 +303,14 @@ get-service ovsdb-server get-service ovs-vswitchd ``` +If you want to containerise OVS for containerd runtime, you don't need to install +OVS userspace processes on host and hence you can use the `InstallUserspace` parameter +as false. + +```powershell +.\Install-OVS.ps1 -InstallUserspace $false +``` + #### 2. Disable Windows Firewall ```powershell diff --git a/hack/windows/Install-OVS.ps1 b/hack/windows/Install-OVS.ps1 index 1f4959b00e8..b32a37b1f6e 100644 --- a/hack/windows/Install-OVS.ps1 +++ b/hack/windows/Install-OVS.ps1 @@ -21,6 +21,10 @@ .PARAMETER ImportCertificate Specifies if a certificate file is needed for OVS package. If true, certificate will be retrieved from OVSExt.sys and a package.cer file will be generated. + + .PARAMETER InstallUserspace + Specifies whether user wants to install OVS userspace processes.If false, these processes will not + be installed on the host and user can run these processes inside container. #> Param( [parameter(Mandatory = $false)] [string] $DownloadDir, @@ -28,7 +32,8 @@ Param( [parameter(Mandatory = $false)] [string] $OVSInstallDir = "C:\openvswitch", [parameter(Mandatory = $false)] [bool] $CheckFileHash = $true, [parameter(Mandatory = $false)] [string] $LocalFile, - [parameter(Mandatory = $false)] [bool] $ImportCertificate = $true + [parameter(Mandatory = $false)] [bool] $ImportCertificate = $true, + [parameter(Mandatory = $false)] [bool] $InstallUserspace = $true ) $ErrorActionPreference = "Stop" @@ -251,6 +256,13 @@ function ConfigOVS() { ovs-vsctl --no-wait set Open_vSwitch . ovs_version=$OVS_VERSION } +if ($InstallUserspace -eq $false) { + if(!(Get-Process containerd )){ + Write-error "Containerd runtime not found. Containerd runtime is required for OVS Containerisation." + exit 1 + } +} + Log "Installation log location: $InstallLog" CheckIfOVSInstalled @@ -259,8 +271,10 @@ DownloadOVS InstallOVS -InstallDependency +if ($InstallUserspace -eq $true) { + InstallDependency -ConfigOVS + ConfigOVS +} Log "OVS Installation Complete!" diff --git a/hack/windows/Prepare-Node.ps1 b/hack/windows/Prepare-Node.ps1 index 92ffcb07bd4..157aac964ad 100644 --- a/hack/windows/Prepare-Node.ps1 +++ b/hack/windows/Prepare-Node.ps1 @@ -22,6 +22,9 @@ Install OVS .PARAMETER NodeIP The node ip used by kubelet +.PARAMETER OVSContainerisation +To determine whether ovs daemons are required to run inside container or on windows host. + .EXAMPLE PS> .\Prepare-Node.ps1 -KubernetesVersion v1.18.0 -InstallOVS -NodeIP 192.168.1.10 @@ -32,6 +35,7 @@ Param( [parameter(Mandatory = $true, HelpMessage="Node IP")] [string] $NodeIP, [parameter(Mandatory = $false)] [switch] $InstallOVS = $false, [parameter(Mandatory = $false, HelpMessage="Kubernetes download")] [string] $KubernetesURL="dl.k8s.io" + [parameter(Mandatory = $false)] [bool] $OVSContainerisation = $false ) $ErrorActionPreference = 'Stop' @@ -127,5 +131,9 @@ New-NetFirewallRule -Name kubelet -DisplayName 'kubelet' -Enabled True -Directio if ($InstallOVS) { Write-Host "Installing OVS" - & .\Install-OVS.ps1 + if ($OVSContainerisation){ + & .\Install-OVS.ps1 -InstallUserspace $false + } else { + & .\Install-OVS.ps1 + } }