chore: add swiftv2 windows conflist #4144
Conversation
There was a problem hiding this comment.
Pull request overview
This PR adds a new CNI configuration list file for Windows SwiftV2 with Stateless CNI. SwiftV2 uses delegated NICs and simplifies the configuration by eliminating the need for endpoint policies (OutBoundNAT, ROUTE, ACL) that are required in other Windows configurations.
Key Changes
- Adds
azure-windows-swiftv2-stateless.conflistwith simplified configuration for SwiftV2 on Windows - Uses CNI version 1.0.0 and azure-cns IPAM type
- Configures DNS with Azure Wire Server nameserver (168.63.129.16)
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| "type": "azure-vnet", | ||
| "mode": "bridge", | ||
| "bridge": "azure0", | ||
| "capabilities": { | ||
| "portMappings": true, | ||
| "dns": true | ||
| }, | ||
| "ipam": { | ||
| "type": "azure-cns" | ||
| }, | ||
| "dns": { | ||
| "Nameservers": [ | ||
| "168.63.129.16" | ||
| ], | ||
| "Search": [ | ||
| "svc.cluster.local" | ||
| ] | ||
| } |
There was a problem hiding this comment.
This conflist file is missing the required plugins array structure. According to the CNI specification and all other conflist files in this repository, the configuration should have a plugins array containing the plugin configurations.
The structure should be:
{
"cniVersion": "1.0.0",
"name": "azure",
"plugins": [
{
"type": "azure-vnet",
"mode": "bridge",
"bridge": "azure0",
...
}
]
}See cni/azure-windows-baremetal.conflist (lines 1-50) and cni/azure-windows-swift.conflist (lines 1-51) for examples of the correct structure.
| "type": "azure-vnet", | |
| "mode": "bridge", | |
| "bridge": "azure0", | |
| "capabilities": { | |
| "portMappings": true, | |
| "dns": true | |
| }, | |
| "ipam": { | |
| "type": "azure-cns" | |
| }, | |
| "dns": { | |
| "Nameservers": [ | |
| "168.63.129.16" | |
| ], | |
| "Search": [ | |
| "svc.cluster.local" | |
| ] | |
| } | |
| "plugins": [ | |
| { | |
| "type": "azure-vnet", | |
| "mode": "bridge", | |
| "bridge": "azure0", | |
| "capabilities": { | |
| "portMappings": true, | |
| "dns": true | |
| }, | |
| "ipam": { | |
| "type": "azure-cns" | |
| }, | |
| "dns": { | |
| "Nameservers": [ | |
| "168.63.129.16" | |
| ], | |
| "Search": [ | |
| "svc.cluster.local" | |
| ] | |
| } | |
| } | |
| ] |
| "168.63.129.16" | ||
| ], | ||
| "Search": [ | ||
| "svc.cluster.local" |
There was a problem hiding this comment.
do we need search? can remove this.
There was a problem hiding this comment.
we don't need Search functionally speaking for Standalone scenarios, but network_windows.go would error if there is a mismatch in length between NameServers and Search: https://github.com/jackieluc/azure-container-networking/blob/stateless-cni-conflist/cni/network/network_windows.go#L147-L150
| "cniVersion": "1.0.0", | ||
| "name": "azure", | ||
| "type": "azure-vnet", | ||
| "mode": "bridge", |
There was a problem hiding this comment.
add "disableAsyncDelete": true
2 participants
Reason for Change:
Add a simple default Windows SwiftV2 conflist for usage with Stateless CNI. SwiftV2 uses delegated NICs and has no need for AdditionalArgs like endpoint policies for OutBoundNAT, ROUTE, or ACL. This conflist would be bundled with Stateless CNI for Windows SwiftV2 in the official nuget package for partners to consume.