In Part 1 of this blog series, I demonstrated how to deploy a certified Kubernetes cluster on-premises using Docker Enterprise 3.0. I showcased how to install kubectl & install MySQL using Helm. In Part 2 of this blog series, I demonstrated how to build and configure Kubernetes external storage provisioner for iSCSI storage to work with DKS. Under this post, I will show how to add Windows Server 2019 as a worker node and deploy application across the hybrid cluster(both Linux & Windows).
Support of Kubernetes on Windows
Mixed Windows Server and Linux applications are becoming commonplace for both legacy application migration and greenfield development. Combined, these drive a need to enable the use of best-of-breed components within an application, regardless of platform
Docker Enterprise 3.0 supports worker nodes that run on Windows Server 2016 and Windows Server 2019. Only worker nodes are supported on Windows, and all manager nodes in the cluster must run on Linux. Additionally Windows worker nodes can only be used by the Swarm Orchestrator. Your Linux workloads runs on Linux nodes whereas windows workloads runs on Windows nodes.
Below diagram showcases kubelet in terms of hybrid environment like Linux and Windows.
Under this blog post, I will show the simple steps to enable a worker node on Windows.
- Install Docker Engine – Enterprise on Windows Server 2019.
- Configure the Windows node.
- Join the Windows node to the cluster.
Note: Refer to the Docker compatibility matrix for complete Docker compatibility information with Windows Server.
Pre-requisites:
- A Docker Enterprise 3.0 with 1 manager and 1 worker node
- Both of these nodes are Linux-based nodes
- Windows Server 2019 installed on any of bare metal or VM
Preparing Windows Server 2019
I assume that you have already installed Windows Server 2019 on your premises. My Windows OS configuration look something like as shown below:
Installing Docker Engine – Enterprise on Windows
To install the Docker Engine – Enterprise on your hosts, Docker provides a OneGet PowerShell Module.
Open an elevated PowerShell command prompt, and type the following commands.
Install-Module DockerMsftProvider -ForceInstalling Docker Engine – Enterprise
PS C:\Users\Administrator> Install-Package Docker -ProviderName DockerMsftProvider -Force
WARNING: A restart is required to enable the containers feature. Please restart your machine.
Name Version Source Summary
---- ------- ------ -------
Docker 19.03.2 DockerDefault Contains Docker EE for use with Windows Server.
PS C:\Users\Administrator>Verifying Docker Installables
Changing the default orchestrator type to Kubernetes
Go ahead and choose the right orchestrator as shown below:
Choose the “allow all authenticated users” as shown below:
Verifying if default orchestration is changed to Kubernetes
Choose the below options to make your setup ready to join Windows worker nodes.
Configuring Windows Node
Follow these steps to configure the docker daemon and the Windows environment.
- Pull the Windows-specific image of
ucp-agent, which is nameducp-agent-win. - Run the Windows worker setup script provided with
ucp-agent-win. - Join the cluster with the token provided by the Docker UCP web interface or CLI.
Pulling Windows specific images of ucp-agent
In case you encounter “TLS handshake timeout” error message, then you possibly need to disable firewall.
PS C:\Users\Administrator> docker image pull docker/ucp-agent-win:3.2.1
3.2.1: Pulling from docker/ucp-agent-win
bce2fbc256ea: Already exists
6f2071dcd729: Already exists
0d335bf1e3bd: Pull complete
c8f758ef1a6a: Pull complete
b6fb84b6b28d: Pull complete
8586fb09f5de: Pull complete
0b4b5a3a0ae1: Pull complete
Digest: sha256:7d68eb1e154b6f56ce40aff422b79268920d046c685cee8067fe8b3cdc65a083
Status: Downloaded newer image for docker/ucp-agent-win:3.2.1
docker.io/docker/ucp-agent-win:3.2.1PS C:\Users\Administrator> docker image pull docker/ucp-dsinfo-win:3.2.1
3.2.1: Pulling from docker/ucp-dsinfo-win
bce2fbc256ea: Already exists
6f2071dcd729: Already exists
0d335bf1e3bd: Already exists
c8f758ef1a6a: Already exists
613a367d6c82: Pull complete
2dedf3f2d68f: Pull complete
804be9775f1c: Pull complete
Digest: sha256:1675b6929f665fd88dbb94895bb5208e5c9c193f99dfe386a493fe0d91364981
Status: Downloaded newer image for docker/ucp-dsinfo-win:3.2.1
docker.io/docker/ucp-dsinfo-win:3.2.1Running the Windows node setup script
We will require to open ports 2376 and 12376, and create certificates for the Docker daemon to communicate securely. Use this command to run the Windows node setup script:
$script = [ScriptBlock]::Create((docker run --rm docker/ucp-agent-win:3.2.1 windows-script | Out-String))PS C:\Users\Administrator> Invoke-Command $script
Testing for required windows updates
Setting up Docker daemon to listen on port 2376 with TLS
Generating new certs at C:\ProgramData\docker\daemoncerts
Restarting Docker daemon
WARNING: Waiting for service 'Docker Engine (docker)' to stop...
Successfully set up Docker daemon
Opening port 2376 in the Windows firewall for inbound traffic
Opening port 12376 in the Windows firewall for inbound traffic
Opening port 2377 in the Windows firewall for inbound traffic
Opening port 7946 in the Windows firewall for inbound and outbound traffic
Opening UDP port 4789 in the Windows firewall for inbound and outbound traffic
Opening UDP port 7946 in the Windows firewall for inbound and outbound traffic When you run windows-script, the Docker service is unavailable temporarily. The Windows node is ready to join the cluster. Run the setup script on each instance of Windows Server that will be a worker node.
Joining Windows Worker Node
docker swarm join --token SWMTKN-1-3n4mwkzhy9ajvblqsuqlnhmt83poep86mt2hip0wonqagmjtos-bch9ezkt5kiroz6jncidrz13x 100.98.26.115:2377
This node joined a swarm as a worker nodeJust go to Shared Resources section under Docker Enterprise 3.0 and click on “Nodes” to get list of 1 Manager, 2 worker(1x Linux & 1x Windows Server) nodes.
Hence, you saw that it is super easy to build a hybrid environment with Linux master node and bunch of Windows nodes as worker.
Comments are closed.