Setting up the VPC CNI plugin for Windows support
In order to enable Windows-based node support on Amazon EKS, two Kubernetes controllers are required to successfully route Windows pod network traffic through Amazon VPC using Amazon VPC CNI:
- The VPC admission controller is responsible for creating and integrating AWS VPC resources on Kubernetes
- The VPC resource controller is responsible for enabling Windows IP address management (IPAM) and instructing
kube-proxyto create and maintain network rules from Windows pods all the way up to the VPC
In the past, customers enabled Windows support by deploying the VPC admission controller and VPC resource controller on the data plane, on top of a Linux node group in the kube-system namespace. The problem that came along with that approach was that not much AWS documentation was around on how to properly set up high-availability or troubleshoot such critical controllers. Well, AWS moved on and, in 2022, made life easier, by...
