manuelbuil
commented
1 year ago It is not as easy as I thought. Typha requires certificates and keys for tls connectivity. Calico-linux fetches those from kubernetes secrets. As calico in windows is not really running as a pod in Kubernetes, we will need a workaround
Is your feature request related to a problem? Please describe.
Describe the solution you'd like
Typha is a calico component that allows to scale on more than 100 nodes. Typha replaces kube-api for the queries of the calico-nodes.
When deploying calico with the operator, typha is deployed by default and calico-nodes connect to it. As the operator does not support windows nodes, we are executing calico-node in windows ourselves and currently, these nodes connect to kube-api directly.
Windows calico-node should follow the same config as the linux counterpart and connect to Typha to improve the scalability
Describe alternatives you've considered
Just connecting to kube-api
Additional context