XinShuYang
diff --git a/‎build/yamls/antrea-windows-containerd.yml‎
Lines changed: 18 additions & 15 deletions b/‎build/yamls/antrea-windows-containerd.yml‎
Lines changed: 18 additions & 15 deletions
diff --git a/‎build/yamls/antrea-windows.yml‎
Lines changed: 3 additions & 3 deletions b/‎build/yamls/antrea-windows.yml‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎build/yamls/windows/base/conf/antrea-agent.conf‎
Lines changed: 1 addition & 1 deletion b/‎build/yamls/windows/base/conf/antrea-agent.conf‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎build/yamls/windows/containerd/agent-containerd.yml‎
Lines changed: 0 additions & 1 deletion b/‎build/yamls/windows/containerd/agent-containerd.yml‎
Lines changed: 0 additions & 1 deletion
diff --git a/‎ci/jenkins/test.sh‎
Lines changed: 9 additions & 4 deletions b/‎ci/jenkins/test.sh‎
Lines changed: 9 additions & 4 deletions
@@ -1,11 +1,10 @@
 apiVersion: v1
 data:
   Install-WindowsCNI-Containerd.ps1: |
-    $ErrorActionPreference = "Stop";    
+    $ErrorActionPreference = "Stop";
     mkdir -force c:/var/log/antrea
-
     $mountPath = $env:CONTAINER_SANDBOX_MOUNT_POINT
-    $mountPath =  ($mountPath.Replace('\', '/')).TrimEnd('/') 
+    $mountPath =  ($mountPath.Replace('\', '/')).TrimEnd('/')
     mkdir -force C:/var/run/secrets/kubernetes.io/serviceaccount
     cp $mountPath/var/run/secrets/kubernetes.io/serviceaccount/ca.crt C:/var/run/secrets/kubernetes.io/serviceaccount
     cp $mountPath/var/run/secrets/kubernetes.io/serviceaccount/token C:/var/run/secrets/kubernetes.io/serviceaccount
@@ -15,7 +14,6 @@ data:
     cp $mountPath/etc/antrea/antrea-cni.conflist c:/etc/cni/net.d/10-antrea.conflist
     mkdir -force c:/k/antrea/bin
     cp $mountPath/k/antrea/bin/antctl.exe c:/k/antrea/bin/antctl.exe
-    
   Run-AntreaAgent-Containerd.ps1: |
     $ErrorActionPreference = "Stop"
     $mountPath = $env:CONTAINER_SANDBOX_MOUNT_POINT
@@ -25,7 +23,7 @@ kind: ConfigMap
 metadata:
   labels:
     app: antrea
-  name: antrea-agent-windows-kht6m7hthm
+  name: antrea-agent-windows-4d6m7hf65f
   namespace: kube-system
 ---
 apiVersion: v1
@@ -41,7 +39,7 @@ data:
     # Enable EndpointSlice support in AntreaProxy. Don't enable this feature unless that EndpointSlice
     # API version v1beta1 is supported and set as enabled in Kubernetes. If AntreaProxy is not enabled,
     # this flag will not take effect.
-    #  EndpointSlice: false
+    #  EndpointSlice: true
 
     # Enable NodePortLocal feature to make the Pods reachable externally through NodePort
     #  NodePortLocal: true
@@ -157,7 +155,12 @@ data:
       # Therefore, running kube-proxy is no longer required. This requires the AntreaProxy feature to be enabled.
       # Note that this option is experimental. If kube-proxy is removed, option kubeAPIServerOverride must be used to access
       # apiserver directly.
-      #proxyAll: false
+      proxyAll: true
+      # The value of the "service.kubernetes.io/service-proxy-name" label for AntreaProxy to match. If it is set,
+      # then AntreaProxy will only handle Services with the label that equals the provided value. If it is not set,
+      # then AntreaProxy will only handle Services without the "service.kubernetes.io/service-proxy-name" label,
+      # but ignore Services with the label no matter what is the value.
+      serviceProxyName: ""
 
     nodePortLocal:
     # Enable NodePortLocal, a feature used to make Pods reachable using port forwarding on the host. To
@@ -187,7 +190,7 @@ kind: ConfigMap
 metadata:
   labels:
     app: antrea
-  name: antrea-windows-config-89b7ch9t9b
+  name: antrea-windows-config-cb2hmgg648
   namespace: kube-system
 ---
 apiVersion: apps/v1
@@ -206,15 +209,11 @@ spec:
   template:
     metadata:
       annotations:
-        "microsoft.com/hostprocess-inherit-user": "true"
+        microsoft.com/hostprocess-inherit-user: "true"
       labels:
         app: antrea
         component: antrea-agent
     spec:
-      securityContext:
-        windowsOptions:
-          runAsUserName: "NT AUTHORITY\\SYSTEM"
-          hostProcess: true
       containers:
       - args:
         - -file
@@ -263,6 +262,10 @@ spec:
       nodeSelector:
         kubernetes.io/os: windows
       priorityClassName: system-node-critical
+      securityContext:
+        windowsOptions:
+          hostProcess: true
+          runAsUserName: NT AUTHORITY\SYSTEM
       serviceAccountName: antrea-agent
       tolerations:
       - key: CriticalAddonsOnly
@@ -271,11 +274,11 @@ spec:
         operator: Exists
       volumes:
       - configMap:
-          name: antrea-windows-config-89b7ch9t9b
+          name: antrea-windows-config-cb2hmgg648
         name: antrea-windows-config
       - configMap:
           defaultMode: 420
-          name: antrea-agent-windows-kht6m7hthm
+          name: antrea-agent-windows-4d6m7hf65f
         name: antrea-agent-windows
       - hostPath:
           path: /var/log/antrea/
 
@@ -142,7 +142,7 @@ data:
       # Therefore, running kube-proxy is no longer required. This requires the AntreaProxy feature to be enabled.
       # Note that this option is experimental. If kube-proxy is removed, option kubeAPIServerOverride must be used to access
       # apiserver directly.
-      #proxyAll: false
+      proxyAll: true
       # The value of the "service.kubernetes.io/service-proxy-name" label for AntreaProxy to match. If it is set,
       # then AntreaProxy will only handle Services with the label that equals the provided value. If it is not set,
       # then AntreaProxy will only handle Services without the "service.kubernetes.io/service-proxy-name" label,
@@ -177,7 +177,7 @@ kind: ConfigMap
 metadata:
   labels:
     app: antrea
-  name: antrea-windows-config-hc82tmf96f
+  name: antrea-windows-config-cb2hmgg648
   namespace: kube-system
 ---
 apiVersion: apps/v1
@@ -265,7 +265,7 @@ spec:
         operator: Exists
       volumes:
       - configMap:
-          name: antrea-windows-config-hc82tmf96f
+          name: antrea-windows-config-cb2hmgg648
         name: antrea-windows-config
       - configMap:
           defaultMode: 420
 
@@ -124,7 +124,7 @@ antreaProxy:
   # Therefore, running kube-proxy is no longer required. This requires the AntreaProxy feature to be enabled.
   # Note that this option is experimental. If kube-proxy is removed, option kubeAPIServerOverride must be used to access
   # apiserver directly.
-  #proxyAll: false
+  proxyAll: true
   # The value of the "service.kubernetes.io/service-proxy-name" label for AntreaProxy to match. If it is set,
   # then AntreaProxy will only handle Services with the label that equals the provided value. If it is not set,
   # then AntreaProxy will only handle Services without the "service.kubernetes.io/service-proxy-name" label,
 
@@ -4,7 +4,6 @@ metadata:
   labels:
     component: antrea-agent
   name: antrea-agent-windows
-  namespace: kube-system
 spec:
   selector:
     matchLabels:
 
@@ -252,7 +252,7 @@ function collect_windows_network_info_and_logs {
 
 function wait_for_antrea_windows_pods_ready {
     kubectl apply -f "${WORKDIR}/antrea.yml"
-    if [[ "${PROXY_ALL}" == false ]]; then
+    if [[ "${PROXY_ALL}" == false && ${TESTCASE} =~ "windows-e2e" ]]; then
         kubectl apply -f "${WORKDIR}/kube-proxy-${WINDOWS_YAML_SUFFIX}.yml"
     fi
     kubectl apply -f "${WORKDIR}/antrea-${WINDOWS_YAML_SUFFIX}.yml"
@@ -261,7 +261,7 @@ function wait_for_antrea_windows_pods_ready {
     kubectl rollout status deployment.apps/antrea-controller -n kube-system
     kubectl rollout status daemonset/antrea-agent -n kube-system
     kubectl rollout status daemonset.apps/antrea-agent-windows -n kube-system
-    if [[ "${PROXY_ALL}" == false ]]; then
+    if [[ "${PROXY_ALL}" == false && ${TESTCASE} =~ "windows-e2e" ]]; then
         kubectl rollout status daemonset/kube-proxy-windows -n kube-system
     fi
     kubectl get nodes -o wide --no-headers=true | awk -v role="$CONTROL_PLANE_NODE_ROLE" '$3 !~ role && $1 ~ /win/ {print $6}' | while read IP; do
@@ -372,13 +372,14 @@ function deliver_antrea_windows {
     # Enable verbose log for troubleshooting.
     sed -i "s/--v=0/--v=4/g" build/yamls/antrea.yml build/yamls/antrea-windows.yml
 
-    if [[ "${PROXY_ALL}" == true ]]; then
+    if [[ "${PROXY_ALL}" == false && ${TESTCASE} =~ "windows-e2e" ]]; then
+        sed -i "s|.*proxyAll: true|      proxyAll: false|g" build/yamls/antrea.yml build/yamls/antrea-windows.yml
+    else
         echo "====== Updating yaml files to enable proxyAll ======"
         KUBERNETES_SVC_EP_IP=$(kubectl get endpoints kubernetes -o jsonpath='{.subsets[0].addresses[0].ip}')
         KUBERNETES_SVC_EP_PORT=$(kubectl get endpoints kubernetes -o jsonpath='{.subsets[0].ports[0].port}')
         KUBERNETES_SVC_EP_ADDR="${KUBERNETES_SVC_EP_IP}:${KUBERNETES_SVC_EP_PORT}"
         sed -i "s|.*kubeAPIServerOverride: \"\"|    kubeAPIServerOverride: \"${KUBERNETES_SVC_EP_ADDR}\"|g" build/yamls/antrea.yml build/yamls/antrea-windows.yml
-        sed -i "s|.*proxyAll: false|      proxyAll: true|g" build/yamls/antrea.yml build/yamls/antrea-windows.yml
     fi
 
     cp -f build/yamls/*.yml $WORKDIR
@@ -493,6 +494,10 @@ function deliver_antrea_windows_containerd {
     # Enable verbose log for troubleshooting.
     sed -i "s/--v=0/--v=4/g" build/yamls/antrea.yml build/yamls/antrea-windows-containerd.yml
 
+    echo "====== Updating yaml files to enable proxyAll ======"
+    KUBE_API_SERVER=$(kubectl --kubeconfig=$KubeConfigFile config view -o jsonpath='{.clusters[0].cluster.server}')
+    sed -i "s|.*kubeAPIServerOverride: \"\"|    kubeAPIServerOverride: \"${KUBE_API_SERVER}\"|g" build/yamls/antrea.yml build/yamls/antrea-windows-containerd.yml
+
     cp -f build/yamls/*.yml $WORKDIR
     docker save -o antrea-ubuntu.tar antrea/antrea-ubuntu:latest