Last active
February 19, 2021 23:41
-
-
Save jeremyje/523f57f844cfe8c604aa4dc2b394cf07 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # # 1.17.12-gke.1501 is the earliest version to not install the KB package. | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: agnhost-fixed | |
| labels: | |
| run: agnhost-fixed | |
| spec: | |
| containers: | |
| - args: | |
| - netexec | |
| image: k8s.gcr.io/e2e-test-images/agnhost:2.20 | |
| name: agnhost-fixed | |
| imagePullPolicy: IfNotPresent | |
| ports: | |
| - containerPort: 8080 | |
| nodeSelector: | |
| #kubernetes.io/hostname: gke-dsr1189-sac-2c334099-gb17 | |
| kubernetes.io/os: windows | |
| --- | |
| apiVersion: v1 | |
| kind: Service | |
| metadata: | |
| name: agnhost-fixed | |
| spec: | |
| type: LoadBalancer | |
| externalTrafficPolicy: Local | |
| ports: | |
| - port: 8080 | |
| targetPort: 8080 | |
| protocol: TCP | |
| name: http | |
| selector: | |
| run: agnhost-fixed |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This script installs Windows DSR and enables it in kube-proxy (machine reboots may happen). | |
| # Use: | |
| # --metadata=windows-startup-script-url=https://gist.githubusercontent.com/jeremyje/523f57f844cfe8c604aa4dc2b394cf07/raw/install-sac.ps1 | |
| # TODO: Change this to the service name. | |
| $KUBERNETES_SERVICE_NAME = "agnhost-fixed" | |
| $KB_MSU = "http://download.windowsupdate.com/d/msdownload/update/software/updt/2020/09/windows10.0-kb4577062-x64_fe452cf752c4368d5eeb07fa34bc05f1296b4be7.msu" | |
| function Get-ServiceBinaryPath { | |
| param( | |
| [Parameter(Mandatory)] | |
| [string]$ServiceName | |
| ) | |
| $wmiSvc = Get-WmiObject -Query ('select * from win32_service where name="' + $ServiceName + '"') | |
| return $wmiSvc.PathName | |
| } | |
| function Install-WinDSR { | |
| $binPath = Get-ServiceBinaryPath -ServiceName "kube-proxy" | |
| Write-Host -ForegroundColor BLUE "kube-proxy binPath= $binPath" | |
| if ($binPath -NotLike "*WinDSR=true*") { | |
| Write-Host -ForegroundColor BLUE "Enabling Windows DSR in kube-proxy" | |
| $updatedBinPath = $binPath + " --enable-dsr=true --feature-gates=WinDSR=true" | |
| &sc.exe stop kube-proxy | |
| Start-Sleep 5 | |
| Write-Host -ForegroundColor BLUE "Updating kube-proxy binPath= $updatedBinPath" | |
| &sc.exe config kube-proxy binPath= "$updatedBinPath" | |
| Start-Sleep 1 | |
| &sc.exe start kube-proxy | |
| Start-Sleep 5 | |
| &sc.exe queryex kube-proxy | |
| Write-DebugLogs | |
| } else { | |
| Write-Host -ForegroundColor GREEN "Enabling Windows DSR is already enabled kube-proxy" | |
| &sc.exe queryex kube-proxy | |
| } | |
| } | |
| function Install-Hotfix { | |
| # https://www.danielengberg.com/install-msu-powershell-specific-kb/ | |
| # This Hotfix includes DSR for Windows Server 2019. | |
| # https://support.microsoft.com/en-us/help/4571748/windows-10-update-kb4571748 | |
| # https://www.catalog.update.microsoft.com/Search.aspx?q=KB4571748 | |
| $KB = "KB4577062" | |
| $SourceFolder = "c:\temp-msu\" | |
| if (-not(Test-Path $SourceFolder)) { | |
| Write-Host -ForegroundColor RED "Enabling Windows Update Service..." | |
| &sc.exe config wuauserv start=demand | |
| &sc.exe start wuauserv | |
| New-Item $SourceFolder -Force -ItemType "directory" | |
| Write-Host -ForegroundColor BLUE "Downloading $KB (~400 MB)" | |
| Invoke-WebRequest -Uri $KB_MSU -OutFile "$SourceFolder\UpdateForDSR.msu" | |
| Write-Host -ForegroundColor BLUE "Installing $KB" | |
| Start-Process -FilePath "wusa.exe" -ArgumentList "$SourceFolder\UpdateForDSR.msu /quiet" -Wait | |
| Write-Host -ForegroundColor GREEN "Update Installed! Re-Disabling Windows Update Service..." | |
| &sc.exe config wuauserv start=disabled | |
| &sc.exe stop wuauserv | |
| Restart-Computer -Force | |
| } else { | |
| &sc.exe config wuauserv start=disabled | |
| &sc.exe stop wuauserv | |
| Write-Host -ForegroundColor GREEN "$KB is already installed." | |
| } | |
| } | |
| function Write-DebugLogs { | |
| Get-Content C:\etc\kubernetes\logs\kube-proxy.log | |
| # https://techcommunity.microsoft.com/t5/networking-blog/direct-server-return-dsr-in-a-nutshell/ba-p/693710 | |
| New-Item "C:\sdn-debug\" -Force -ItemType "directory" | |
| cd "C:\sdn-debug\" | |
| $Script = Invoke-WebRequest 'https://raw.githubusercontent.com/microsoft/SDN/master/Kubernetes/windows/debug/collectlogs.ps1' -UseBasicParsing | |
| $ScriptBlock = [Scriptblock]::Create($Script.Content) | |
| Invoke-Command -ScriptBlock $ScriptBlock | |
| } | |
| function Install-HNSEndpoint { | |
| Write-Host -ForegroundColor BLUE "Install-HNSEndpoint" | |
| #Invoke-WebRequest -Uri https://raw.githubusercontent.com/microsoft/SDN/master/Kubernetes/windows/hns.psm1 -OutFile hns.psm1 -UseBasicParsing | |
| #Import-Module ./hns.psm1 -Force | |
| Import-Module C:\etc\kubernetes\hns.psm1 -Force | |
| $svcIP=(&C:\etc\kubernetes\node\bin\kubectl.exe get svc $KUBERNETES_SERVICE_NAME --output jsonpath='{.status.loadBalancer.ingress[0].ip}') | |
| $hcPort=(&C:\etc\kubernetes\node\bin\kubectl.exe get svc $KUBERNETES_SERVICE_NAME --output jsonpath='{.spec.healthCheckNodePort}') | |
| Write-Host -ForegroundColor GREEN "Creating NHS LB for $svcIP on port $hcPort" | |
| $ep=Get-HNSEndpoint | Where-Object Name -eq 'cbr0' | Select ID | |
| New-HNSLoadBalancer -Endpoints $ep.id -InternalPort $hcPort -ExternalPort $hcPort -Vip "$svcIP" | |
| } | |
| #Install-Hotfix | |
| Install-WinDSR | |
| Install-HNSEndpoint |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This script installs Windows DSR and enables it in kube-proxy (machine reboots may happen). | |
| # Use: | |
| # --metadata=windows-startup-script-url=https://gist.githubusercontent.com/jeremyje/523f57f844cfe8c604aa4dc2b394cf07/raw/install-sac.ps1 | |
| # TODO: Change this to the service name. | |
| $KUBERNETES_SERVICE_NAME = "agnhost-fixed" | |
| $KB_MSU = "http://download.windowsupdate.com/d/msdownload/update/software/updt/2020/09/windows10.0-kb4577062-x64_fe452cf752c4368d5eeb07fa34bc05f1296b4be7.msu" | |
| function Get-ServiceBinaryPath { | |
| param( | |
| [Parameter(Mandatory)] | |
| [string]$ServiceName | |
| ) | |
| $wmiSvc = Get-WmiObject -Query ('select * from win32_service where name="' + $ServiceName + '"') | |
| return $wmiSvc.PathName | |
| } | |
| function Install-WinDSR { | |
| $binPath = Get-ServiceBinaryPath -ServiceName "kube-proxy" | |
| Write-Host -ForegroundColor BLUE "kube-proxy binPath= $binPath" | |
| if ($binPath -NotLike "*WinDSR=true*") { | |
| Write-Host -ForegroundColor BLUE "Enabling Windows DSR in kube-proxy" | |
| $updatedBinPath = $binPath + " --enable-dsr=true --feature-gates=WinDSR=true" | |
| &sc.exe stop kube-proxy | |
| Start-Sleep 5 | |
| Write-Host -ForegroundColor BLUE "Updating kube-proxy binPath= $updatedBinPath" | |
| &sc.exe config kube-proxy binPath= "$updatedBinPath" | |
| Start-Sleep 1 | |
| &sc.exe start kube-proxy | |
| Start-Sleep 5 | |
| &sc.exe queryex kube-proxy | |
| Write-DebugLogs | |
| } else { | |
| Write-Host -ForegroundColor GREEN "Enabling Windows DSR is already enabled kube-proxy" | |
| &sc.exe queryex kube-proxy | |
| } | |
| } | |
| function Install-Hotfix { | |
| # https://www.danielengberg.com/install-msu-powershell-specific-kb/ | |
| # This Hotfix includes DSR for Windows Server 2019. | |
| # https://support.microsoft.com/en-us/help/4571748/windows-10-update-kb4571748 | |
| # https://www.catalog.update.microsoft.com/Search.aspx?q=KB4571748 | |
| $KB = "KB4577062" | |
| $SourceFolder = "c:\temp-msu\" | |
| if (-not(Test-Path $SourceFolder)) { | |
| Write-Host -ForegroundColor RED "Enabling Windows Update Service..." | |
| &sc.exe config wuauserv start=demand | |
| &sc.exe start wuauserv | |
| New-Item $SourceFolder -Force -ItemType "directory" | |
| Write-Host -ForegroundColor BLUE "Downloading $KB (~400 MB)" | |
| Invoke-WebRequest -Uri $KB_MSU -OutFile "$SourceFolder\UpdateForDSR.msu" | |
| Write-Host -ForegroundColor BLUE "Installing $KB" | |
| Start-Process -FilePath "wusa.exe" -ArgumentList "$SourceFolder\UpdateForDSR.msu /quiet" -Wait | |
| Write-Host -ForegroundColor GREEN "Update Installed! Re-Disabling Windows Update Service..." | |
| &sc.exe config wuauserv start=disabled | |
| &sc.exe stop wuauserv | |
| Restart-Computer -Force | |
| } else { | |
| &sc.exe config wuauserv start=disabled | |
| &sc.exe stop wuauserv | |
| Write-Host -ForegroundColor GREEN "$KB is already installed." | |
| } | |
| } | |
| function Write-DebugLogs { | |
| Get-Content C:\etc\kubernetes\logs\kube-proxy.log | |
| # https://techcommunity.microsoft.com/t5/networking-blog/direct-server-return-dsr-in-a-nutshell/ba-p/693710 | |
| New-Item "C:\sdn-debug\" -Force -ItemType "directory" | |
| cd "C:\sdn-debug\" | |
| $Script = Invoke-WebRequest 'https://raw.githubusercontent.com/microsoft/SDN/master/Kubernetes/windows/debug/collectlogs.ps1' -UseBasicParsing | |
| $ScriptBlock = [Scriptblock]::Create($Script.Content) | |
| Invoke-Command -ScriptBlock $ScriptBlock | |
| } | |
| function Install-HNSEndpoint { | |
| Write-Host -ForegroundColor BLUE "Install-HNSEndpoint" | |
| #Invoke-WebRequest -Uri https://raw.githubusercontent.com/microsoft/SDN/master/Kubernetes/windows/hns.psm1 -OutFile hns.psm1 -UseBasicParsing | |
| #Import-Module ./hns.psm1 -Force | |
| Import-Module C:\etc\kubernetes\hns.psm1 -Force | |
| $svcIP=(&C:\etc\kubernetes\node\bin\kubectl.exe get svc $KUBERNETES_SERVICE_NAME --output jsonpath='{.status.loadBalancer.ingress[0].ip}') | |
| $hcPort=(&C:\etc\kubernetes\node\bin\kubectl.exe get svc $KUBERNETES_SERVICE_NAME --output jsonpath='{.spec.healthCheckNodePort}') | |
| Write-Host -ForegroundColor GREEN "Creating NHS LB for $svcIP on port $hcPort" | |
| $ep=Get-HNSEndpoint | Where-Object Name -eq 'cbr0' | Select ID | |
| New-HNSLoadBalancer -Endpoints $ep.id -InternalPort $hcPort -ExternalPort $hcPort -Vip "$svcIP" | |
| } | |
| Install-Hotfix | |
| Install-WinDSR | |
| Install-HNSEndpoint |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Create a cluster with Kubernetes 1.17 using Windows SAC | |
| gcloud container clusters create dsr117 --enable-ip-alias --num-nodes=1 --cluster-version=1.17 --zone=us-west1-a | |
| gcloud container node-pools create sac --cluster dsr117 --zone=us-west1-a --image-type=WINDOWS_SAC --num-nodes=1 --machine-type=n1-standard-8 \ | |
| --metadata=windows-startup-script-url=https://gist.githubusercontent.com/jeremyje/523f57f844cfe8c604aa4dc2b394cf07/raw/install-sac.ps1 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment