Since Windows worker node support reached general availability in Kubernetes, Microsoft and Tigera have listened closely to feedback from the community. A big contention point of Windows container users in the Kubernetes community is: “One of the most important open source network policy tools in the market is not available for Windows.” This is limiting the adoption of Windows worker nodes for Kubernetes in environments big and small as customers cannot fulfill their policy and compliance requirements like they could address them in Linux.
Microsoft and Tigera have been working together to close several significant gaps in the Windows container networking stack. This work included enabling Direct Server Return, enhanced policy, packet logging, expanded firewall support in the Host Networking Service of Windows, multi-subnet support, and many more large and small improvements.
Now for the good news
- We are excited to share that with Calico 3.16, Windows container network policy support is now available in open source Calico. See the release notes for more details.
- With this release, Windows containers can be deployed and secured in Azure, any other cloud computing provider, or on-premises using networking components in Windows Server and Calico network policy.
- Calico for Windows version 3.16 can be found on the Calico site.
- If you have any questions or concerns contact us at the Calico User Slack Windows channel.
- If you want to try it out check out the quick start guide on projectcalico.org.
The release announcement from Calico can also be found on the Tigera blog.