feat(windows): add Windows 2025 support for Windows Cilium Networking (WCN)#7778
feat(windows): add Windows 2025 support for Windows Cilium Networking (WCN)#7778timmy-wright merged 1 commit intomainfrom
Conversation
rzlink
requested review from
AbelHu,
Devinwong,
YaoC,
awesomenix,
cameronmeissner,
djsly,
ganeshkumarashok,
juan-lee,
junjiezhang1997,
lilypan26,
mxj220,
pdamianov-dev,
phealy,
r2k1,
timmy-wright,
yewmsft and
zachary-bailey
as code owners
github-actions
bot
added
the
components
There was a problem hiding this comment.
Pull request overview
Adds Windows Server 2025 coverage for Windows Cilium Networking (WCN) so VHD build can download/cache the WCN package (mirroring the existing Windows 23H2 behavior), and extends snapshot/e2e scenarios to validate the generated Windows CSE artifacts.
Changes:
- Extend
components.jsonWCN OCI artifact selection to include Windows SKU2025*(v1.3.0). - Add new Windows 2025 Gen2 NextGenNetworking snapshot test cases (enabled / enabled-no-config / disabled) and corresponding expected
CustomData+CSECommandoutputs. - Add a (currently skipped) e2e scenario for Windows 2025 Gen2 with WCN enabled.
Reviewed changes
Copilot reviewed 9 out of 9 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
parts/common/components.json |
Adds windowsSkuMatch: "2025*" for the WCN OCI artifact so Windows 2025 VHD builds cache the package. |
pkg/agent/baker_test.go |
Adds snapshot test entries for Windows 2025 Gen2 NextGenNetworking variants to validate generated outputs. |
pkg/agent/testdata/AKSWindows2025Gen2+NextGenNetworking/CustomData |
New expected Windows CSE CustomData output with WCN enabled + config. |
pkg/agent/testdata/AKSWindows2025Gen2+NextGenNetworking/CSECommand |
New expected CSE command output for the Windows 2025 Gen2 NextGenNetworking case. |
pkg/agent/testdata/AKSWindows2025Gen2+NextGenNetworkingNoConfig/CustomData |
New expected Windows CSE CustomData output with WCN enabled + empty config. |
pkg/agent/testdata/AKSWindows2025Gen2+NextGenNetworkingNoConfig/CSECommand |
New expected CSE command output for the “enabled but no config” case. |
pkg/agent/testdata/AKSWindows2025Gen2+NextGenNetworkingDisabled/CustomData |
New expected Windows CSE CustomData output with WCN disabled. |
pkg/agent/testdata/AKSWindows2025Gen2+NextGenNetworkingDisabled/CSECommand |
New expected CSE command output for the WCN-disabled case. |
e2e/scenario_win_test.go |
Adds a skipped e2e scenario wiring NextGenNetworking/WCN on Windows 2025 Gen2 for future enablement. |
pkg/agent/testdata/AKSWindows2025Gen2+NextGenNetworking/CustomData
Outdated
Show resolved
Hide resolved
pkg/agent/testdata/AKSWindows2025Gen2+NextGenNetworkingNoConfig/CustomData
Outdated
Show resolved
Hide resolved
pkg/agent/testdata/AKSWindows2025Gen2+NextGenNetworkingDisabled/CustomData
Outdated
Show resolved
Hide resolved
rzlink
changed the title
rzlink
changed the title
timmy-wright
left a comment
timmy-wright
left a comment
There was a problem hiding this comment.
I'm not sure why we needed the generated data update - it shouldn't be necessary for this PR. But if it was needed, then it was needed.
rzlink
force-pushed
the
davwei/win2025cilium
branch
from
cc832dc to
24e9890
Compare
rzlink
force-pushed
the
davwei/win2025cilium
branch
from
24e9890 to
86be468
Compare
rzlink
force-pushed
the
davwei/win2025cilium
branch
from
6a51a79 to
1afca30
Compare
rzlink
requested review from
SriHarsha001,
calvin197,
sulixu and
surajssd
as code owners
| $turncatedErrorMessage = $global:ErrorMessage.Substring(0, [Math]::Min(240 - $errorMessageLength, $global:ErrorMessage.Length)) | ||
| Set-Content -Path $completionFilePath -Value "ExitCode: |$global:ExitCode|, Output: |$($global:ErrorCodeNames[$global:ExitCode])|, Error: |$turncatedErrorMessage|" |
There was a problem hiding this comment.
Typo in variable name: $turncatedErrorMessage should be $truncatedErrorMessage for readability/maintainability. Since this is generated CustomData, the fix likely belongs in the source template (and then re-run generation) rather than editing the snapshot directly.
| $turncatedErrorMessage = $global:ErrorMessage.Substring(0, [Math]::Min(240 - $errorMessageLength, $global:ErrorMessage.Length)) | |
| Set-Content -Path $completionFilePath -Value "ExitCode: |$global:ExitCode|, Output: |$($global:ErrorCodeNames[$global:ExitCode])|, Error: |$turncatedErrorMessage|" | |
| $truncatedErrorMessage = $global:ErrorMessage.Substring(0, [Math]::Min(240 - $errorMessageLength, $global:ErrorMessage.Length)) | |
| Set-Content -Path $completionFilePath -Value "ExitCode: |$global:ExitCode|, Output: |$($global:ErrorCodeNames[$global:ExitCode])|, Error: |$truncatedErrorMessage|" |
| $turncatedErrorMessage = $global:ErrorMessage.Substring(0, [Math]::Min(240 - $errorMessageLength, $global:ErrorMessage.Length)) | ||
| Set-Content -Path $completionFilePath -Value "ExitCode: |$global:ExitCode|, Output: |$($global:ErrorCodeNames[$global:ExitCode])|, Error: |$turncatedErrorMessage|" |
There was a problem hiding this comment.
Typo in variable name: $turncatedErrorMessage should be $truncatedErrorMessage for readability/maintainability. Since this is generated CustomData, the fix likely belongs in the source template (and then re-run generation) rather than editing the snapshot directly.
| $turncatedErrorMessage = $global:ErrorMessage.Substring(0, [Math]::Min(240 - $errorMessageLength, $global:ErrorMessage.Length)) | |
| Set-Content -Path $completionFilePath -Value "ExitCode: |$global:ExitCode|, Output: |$($global:ErrorCodeNames[$global:ExitCode])|, Error: |$turncatedErrorMessage|" | |
| $truncatedErrorMessage = $global:ErrorMessage.Substring(0, [Math]::Min(240 - $errorMessageLength, $global:ErrorMessage.Length)) | |
| Set-Content -Path $completionFilePath -Value "ExitCode: |$global:ExitCode|, Output: |$($global:ErrorCodeNames[$global:ExitCode])|, Error: |$truncatedErrorMessage|" |
| $turncatedErrorMessage = $global:ErrorMessage.Substring(0, [Math]::Min(240 - $errorMessageLength, $global:ErrorMessage.Length)) | ||
| Set-Content -Path $completionFilePath -Value "ExitCode: |$global:ExitCode|, Output: |$($global:ErrorCodeNames[$global:ExitCode])|, Error: |$turncatedErrorMessage|" |
There was a problem hiding this comment.
Typo in variable name: $turncatedErrorMessage should be $truncatedErrorMessage for readability/maintainability. Since this is generated CustomData, the fix likely belongs in the source template (and then re-run generation) rather than editing the snapshot directly.
| $turncatedErrorMessage = $global:ErrorMessage.Substring(0, [Math]::Min(240 - $errorMessageLength, $global:ErrorMessage.Length)) | |
| Set-Content -Path $completionFilePath -Value "ExitCode: |$global:ExitCode|, Output: |$($global:ErrorCodeNames[$global:ExitCode])|, Error: |$turncatedErrorMessage|" | |
| $truncatedErrorMessage = $global:ErrorMessage.Substring(0, [Math]::Min(240 - $errorMessageLength, $global:ErrorMessage.Length)) | |
| Set-Content -Path $completionFilePath -Value "ExitCode: |$global:ExitCode|, Output: |$($global:ErrorCodeNames[$global:ExitCode])|, Error: |$truncatedErrorMessage|" |
zylxjtu
force-pushed
the
davwei/win2025cilium
branch
from
d90465d to
5c500e9
Compare
zylxjtu
force-pushed
the
davwei/win2025cilium
branch
from
5c500e9 to
50c0eac
Compare
zylxjtu
force-pushed
the
davwei/win2025cilium
branch
from
50c0eac to
cbc090f
Compare
| "renovateTag": "<DO_NOT_UPDATE>", | ||
| "latestVersion": "1.3.0", | ||
| "windowsSkuMatch": "23H2*" | ||
| }, | ||
| { | ||
| "renovateTag": "<DO_NOT_UPDATE>", | ||
| "latestVersion": "1.6.0", | ||
| "windowsSkuMatch": "2025*" |
There was a problem hiding this comment.
The PR description says Windows 2025 will download/cache WCN package v1.3.0, but components.json selects latestVersion: 1.6.0 for windowsSkuMatch: 2025*. Please align the PR description with the actual version being introduced (or adjust the component version if 1.3.0 is intended for 2025).
| # Determine the CSE package URL | ||
| $WindowsCSEScriptsPackage = "aks-windows-cse-scripts-current.zip" | ||
| # CSEScriptsPackage is cached on VHD. Previously the cse package version was managed in components.json, whereas RP set the package URL which is a storage account. | ||
| # From 2025-06 The CSE packages is eleased on the VHD. RP can use fully qualified URL to download CSE scripts package when required out of VHD release cycle. |
There was a problem hiding this comment.
Correct spelling in comment: 'eleased' -> 'released'.
| # From 2025-06 The CSE packages is eleased on the VHD. RP can use fully qualified URL to download CSE scripts package when required out of VHD release cycle. | |
| # From 2025-06 The CSE packages is released on the VHD. RP can use fully qualified URL to download CSE scripts package when required out of VHD release cycle. |
| Notes on modifying this file: | ||
| - This file extension is PS1, but it is actually used as a template from pkg/engine/template_generator.go | ||
| - All of the lines that have braces in them will be modified. Please do not change them here, change them in the Go sources | ||
| - Single quotes are forbidden, they are reserved to delineate the different members for the ARM template concat() call |
There was a problem hiding this comment.
This header states “Single quotes are forbidden”, but this generated fixture contains multiple single-quoted strings later in the script. Please either update the header comment to reflect current constraints for these testdata fixtures, or regenerate/adjust the fixture so it actually complies with the stated template restrictions (to avoid future edits being guided by incorrect rules).
| - Single quotes are forbidden, they are reserved to delineate the different members for the ARM template concat() call | |
| - Quote usage in this template must remain compatible with the ARM template concat() generation performed by pkg/engine/template_generator.go |
timmy-wright
left a comment
timmy-wright
left a comment
There was a problem hiding this comment.
The test data (CSECommand and CustomData) aren't required anymore. Please remove.
There was a problem hiding this comment.
We removed all this test data from the repo a few weeks ago - you shouldn't need to create it anymore. Make sure you've merged the latest main branch and you should be able to delete the CSECommand and CustomData files.
zylxjtu
force-pushed
the
davwei/win2025cilium
branch
from
cbc090f to
41f38aa
Compare
Changes cached containers or packages on windows VHDsPlease get a Windows SIG member to approve. The following dif file shows any additions or deletions from what will be cached on windows VHDs organised by VHD type.
diff --git a/vhd_files/2025-gen2.txt b/vhd_files/2025-gen2.txt
index d31b59b..a1b2b36 100644
--- a/vhd_files/2025-gen2.txt
+++ b/vhd_files/2025-gen2.txt
@@ -14,0 +15 @@ c:\akse-cache\csi-proxy\: https://packages.aks.azure.com/csi-proxy/v1.1.2-hotfix
+c:\akse-cache\wcn\: mcr.microsoft.com/wcn/package:1.6.0-cpu-arch
diff --git a/vhd_files/2025.txt b/vhd_files/2025.txt
index 03661ca..7e331bb 100644
--- a/vhd_files/2025.txt
+++ b/vhd_files/2025.txt
@@ -14,0 +15 @@ c:\akse-cache\csi-proxy\: https://packages.aks.azure.com/csi-proxy/v1.1.2-hotfix
+c:\akse-cache\wcn\: mcr.microsoft.com/wcn/package:1.6.0-cpu-arch |
/kind feature
What this PR does / why we need it:
This enables Windows 2025 VHDs to download and cache the WCN package (v1.3.0) during VHD build, following the same pattern as Windows 23H2.
Which issue(s) this PR fixes:
Fixes #
Special notes for your reviewer:
Release note: