[Release-1.28] Add CNI plugin flannel support for Windows

Dockerfile.windows

@@ -45,7 +45,9 @@ ARG KUBERNETES_VERSION=dev
 # windows runtime image
 ENV CRICTL_VERSION="v1.27.0"
 ENV CALICO_VERSION="v3.26.1"
-ENV CNI_PLUGIN_VERSION="v1.1.1"
+ENV CNI_PLUGIN_VERSION="v1.4.0"
+ENV FLANNEL_VERSION="v0.24.2"
+ENV CNI_FLANNEL_VERSION="v1.4.0-flannel1"
 
 RUN mkdir -p rancher
 
@@ -87,6 +89,8 @@ RUN sha256sum -c kube-proxy.exe.sha256
 RUN mv kube-proxy.exe rancher/
 
 RUN curl -sLO https://github.com/projectcalico/calico/releases/download/${CALICO_VERSION}/calico-windows-${CALICO_VERSION}.zip
+RUN curl -sL https://github.com/flannel-io/flannel/releases/download/${FLANNEL_VERSION}/flanneld.exe -o rancher/flanneld.exe
+RUN curl -sL https://github.com/flannel-io/cni-plugin/releases/download/${CNI_FLANNEL_VERSION}/flannel-amd64.exe -o rancher/flannel.exe
 RUN curl -sL https://github.com/Microsoft/SDN/raw/master/Kubernetes/windows/hns.psm1 -o rancher/hns.psm1
 
 RUN CONTAINERD_VERSION=$(grep "rancher/hardened-containerd" Dockerfile | grep ':v' | cut -d '=' -f 2- | grep -oE "([0-9]+)\.([0-9]+)\.([0-9]+)") \

bundle/bin/rke2-killall.sh

@@ -71,6 +71,7 @@ ip link show 2>/dev/null | grep 'master cni0' | while read ignore iface ignore;
 done
 ip link delete cni0
 ip link delete flannel.1
+ip link delete flannel.4096
 ip link delete flannel-v6.1
 ip link delete flannel-wg
 ip link delete flannel-wg-v6

bundle/bin/rke2-uninstall.ps1

@@ -102,7 +102,7 @@ function Invoke-HNSRequest {
 Write-Host "Beginning the uninstall process"
 
 function Stop-Processes () {
-    $ProcessNames = @('rke2', 'kube-proxy', 'kubelet', 'containerd', 'wins', 'calico-node')
+    $ProcessNames = @('rke2', 'kube-proxy', 'kubelet', 'containerd', 'wins', 'calico-node', 'flanneld')
     foreach ($ProcessName in $ProcessNames) {
         Write-LogInfo "Checking if $ProcessName process exists"
         if ((Get-Process -Name $ProcessName -ErrorAction SilentlyContinue)) {
@@ -147,7 +147,7 @@ function Invoke-CleanServices () {
 
 function Reset-HNS () {
     try {
-        Get-HnsNetwork | Where-Object { $_.Name -eq 'Calico' -or $_.Name -eq 'vxlan0' -or $_.Name -eq 'nat' -or $_.Name -eq 'External' } | Select-Object Name, ID | ForEach-Object {
+        Get-HnsNetwork | Where-Object { $_.Name -eq 'Calico' -or $_.Name -eq 'vxlan0' -or $_.Name -eq 'nat' -or $_.Name -eq 'External' -or $_.Name -eq 'flannel.4096' } | Select-Object Name, ID | ForEach-Object {
             Write-LogInfo "Cleaning up HnsNetwork $($_.Name) ..."
             hnsdiag delete networks $($_.ID)
         }

charts/chart_versions.yaml

@@ -23,6 +23,9 @@ charts:
   - version: v4.0.2-build2023081108
     filename: /charts/rke2-multus.yaml
     bootstrap: true
+  - version: v0.24.201
+    filename: /charts/rke2-flannel.yaml
+    bootstrap: true
   - version: 1.5.100
     filename: /charts/rancher-vsphere-cpi.yaml
     bootstrap: true

pkg/cli/cmds/server.go

@@ -17,7 +17,7 @@ const (
 
 var (
 	DisableItems = []string{"rke2-coredns", "rke2-ingress-nginx", "rke2-metrics-server"}
-	CNIItems     = []string{"calico", "canal", "cilium"}
+	CNIItems     = []string{"calico", "canal", "cilium", "flannel"}
 
 	config = rke2.Config{}
 

pkg/pebinaryexecutor/pebinary.go

@@ -62,10 +62,11 @@ type CloudProviderConfig struct {
 }
 
 const (
-	CNINone   = "none"
-	CNICalico = "calico"
-	CNICilium = "cilium"
-	CNICanal  = "canal"
+	CNINone    = "none"
+	CNICalico  = "calico"
+	CNICilium  = "cilium"
+	CNICanal   = "canal"
+	CNIFlannel = "flannel"
 )
 
 // Bootstrap prepares the binary executor to run components by setting the system default registry
@@ -111,16 +112,21 @@ func (p *PEBinaryConfig) Bootstrap(ctx context.Context, nodeConfig *daemonconfig
 
 	switch p.CNIName {
 	case "", CNICalico:
+		logrus.Info("Setting up Calico CNI")
 		p.CNIPlugin = &win.Calico{}
-		if err := p.CNIPlugin.Setup(ctx, nodeConfig, restConfig, p.DataDir); err != nil {
-			return err
-		}
+	case CNIFlannel:
+		logrus.Info("Setting up Flannel CNI")
+		p.CNIPlugin = &win.Flannel{}
 	case CNINone:
 		logrus.Info("Skipping CNI setup")
 	default:
 		logrus.Fatal("Unsupported CNI: ", p.CNIName)
 	}
 
+	if err := p.CNIPlugin.Setup(ctx, nodeConfig, restConfig, p.DataDir); err != nil {
+		return err
+	}
+
 	// required to initialize KubeProxy
 	p.KubeConfigKubeProxy = nodeConfig.AgentConfig.KubeConfigKubeProxy
 
@@ -192,7 +198,6 @@ func (p *PEBinaryConfig) KubeProxy(ctx context.Context, args []string) error {
 	}
 	logrus.Infof("Reserved VIP for kube-proxy: %s", vip)
 
-
 	extraArgs := map[string]string{
 		"network-name": CNIConfig.OverlayNetName,
 		"bind-address": CNIConfig.NodeIP,
@@ -290,6 +295,8 @@ func getCNIPluginName(restConfig *rest.Config) (string, error) {
 		switch h.Name {
 		case win.CalicoChart:
 			return CNICalico, nil
+		case win.FlannelChart:
+			return CNIFlannel, nil
 		case "rke2-cilium":
 			return CNICilium, nil
 		case "rke2-canal":

pkg/windows/calico.go

@@ -33,12 +33,6 @@ import (
 )
 
 var (
-	replaceSlashWin = template.FuncMap{
-		"replace": func(s string) string {
-			return strings.ReplaceAll(s, "\\", "\\\\")
-		},
-	}
-
 	calicoKubeConfigTemplate = template.Must(template.New("Kubeconfig").Parse(`apiVersion: v1
 kind: Config
 clusters:
@@ -135,6 +129,7 @@ const (
 	calicoNode             = "calico-node"
 )
 
+// GetConfig returns the CNI configuration
 func (c *Calico) GetConfig() *CNICommonConfig {
 	return &c.CNICfg.CNICommonConfig
 }
@@ -166,7 +161,7 @@ func (c *Calico) initializeConfig(ctx context.Context, nodeConfig *daemonconfig.
 
 	c.CNICfg = &CalicoConfig{
 		CNICommonConfig: CNICommonConfig{
-			Name:           "Calico",
+			Name:           "calico",
 			OverlayNetName: "Calico",
 			OverlayEncap:   "vxlan",
 			Hostname:       nodeConfig.AgentConfig.NodeName,
@@ -374,6 +369,7 @@ func (c *Calico) overrideCalicoConfigByHelm(restConfig *rest.Config) error {
 	return nil
 }
 
+// findCalicoInterface finds the interface to use for Calico based on the NodeAddressAutodetectionV4
 func findCalicoInterface(nodeV4 *opv1.NodeAddressAutodetection) (IPAutoDetectionMethod, calicoInterface string, err error) {
 	IPAutoDetectionMethod, err = nodeAddressAutodetection(*nodeV4)
 	if err != nil {
@@ -402,6 +398,7 @@ func findCalicoInterface(nodeV4 *opv1.NodeAddressAutodetection) (IPAutoDetection
 	return
 }
 
+// startConfd starts the confd service (for BGP)
 func startConfd(ctx context.Context, config *CalicoConfig, logPath string) {
 	outputFile := logging.GetLogger(filepath.Join(logPath, "confd.log"), 50)
 
@@ -424,6 +421,7 @@ func startConfd(ctx context.Context, config *CalicoConfig, logPath string) {
 	logrus.Error("Confd exited")
 }
 
+// startFelix starts the felix service
 func startFelix(ctx context.Context, config *CalicoConfig, logPath string) {
 	outputFile := logging.GetLogger(filepath.Join(logPath, "felix.log"), 50)
 
@@ -453,6 +451,7 @@ func startFelix(ctx context.Context, config *CalicoConfig, logPath string) {
 	logrus.Error("Felix exited")
 }
 
+// startCalico starts the calico service
 func startCalico(ctx context.Context, config *CalicoConfig, logPath string) error {
 	outputFile := logging.GetLogger(filepath.Join(logPath, "calico-node.log"), 50)