System OS: Windows Server 2016
* Windows Features: RemoteAccess and Routing - Note: If this is not installed on the machine, steps on how to install are in the directions in Rancher server
* Docker: Version >= 17.06
AWS Instance Requirements
* 1 core CPU
* 2+ GB memory
* One Subnet will be for NAT and used across Rancher Server and any hosts added
* One Subnet will be for the overlay network that allows cross host communication
Subnet B. For each additional host that is added, an additional network interface will need to be created in
Subnet A. Ensure the instance meets the Rancher server requirements.
Subnet Aand meets the Windows hosts requirements.
ipconfig. We only want one public IP to be assigned to the instance. We need to set the default route on the interface from
Subnet Athat will have the public IP as this is the subnet for NAT.
$ip=Get-NetIPAddress -ipaddress <subnet-B-ipaddress> set-NetIPInterface -ifIndex $ip.ifIndex -AddressFamily $ip.AddressFamily -Dhcp Disabled Remove-NetIPAddress -ifIndex $ip.ifIndex -AddressFamily $ip.AddressFamily -Confirm:$false New-NetIPAddress -IfIndex $ip.IfIndex -IpAddress $ip.IpAddress -PrefixLength $ip.PrefixLength
In Rancher Server, click on Infrastructure -> Add Hosts in the Windows environment. Follow the instructions on the screen.
Subnet Bcreated in AWS. This is a unique subnet in Rancher between the different hosts that will provide IPs to each container.
After running the custom command to add the hosts, you’ll need to wait a couple minutes before the host is up and running in Rancher. There will be a couple infrastructure stacks launched and running on the hosts.
If your host isn’t running, you can check the Rancher agent is running correctly. This service was launched through the
If the agent is running correctly, but there is no networking, check on the networking services (
Confirm that the Docker network has been established.
docker network inspect transparent
Check for the IP of transparent NIC with
ipconfig. The IP of the transparent NIC should be in the host subnet.
Check that the metadata route in the host is on the transparent NIC.
Check the NAT setting and confirm it includes all the physical network adapters being used.
On the Windows host, run following commands to un-register services and stop them.
"c:\program files\rancher\agent.exe --unregister-service"
"c:\program files\rancher\per-host-subnet.exe --unregister-service"
docker network rm transparent
Use devcon.exe to uninstall the virtual NIC
"c:\program files\rancher\devcon.exe remove *MSLOOP"
rm "c:\program files\rancher" rm "c:\programdata\rancher"
Available as of Rancher v1.6.13+
If you want to use images located in Amazon’s ECR Registry in a Windows environment, see Using Amazon’s ECR Registry to understand why you need AWS ECR Credential Updater and read the instructions on the AWS ECR Credential Updater page to configure it.
Prior to v1.6.13
Currently, Rancher only supports creating containers on specific hosts. Most of the other features in Cattle that may appear in the UI are currently not supported (e.g. service discovery, healthcheck, meta data, DNS, load balancer).
Note: There is a default Windows environment template available. If you try to create your own environment template with Windows, you will need to disable all other infrastructure services as they are currently not compatible with Windows.
In the dropdown of environments, click on the Manage Environments. To create a new environment, click on Add Environment, provide a Name, Description (Optional), and select an environment template that has Windows as the orchestration. If access control is turned on, you can add members and select their membership role. Anyone added to the membership list would have access to your environment.
After a Windows environment has been created, you can navigate to the environment by either selecting the name of the environment in the environment’s dropdown in the upper left hand corner or by selecting Switch to this Environment in the specific environment’s drop down.
Note: As Rancher adds support for multiple container orchestration frameworks, Rancher currently does not support the ability to switch between environments that already have services running in it.
In order to add a host into Windows, you’ll need to prepare a host running Windows Server 2016 with Docker installed.
In the Infrastructure tab, you will get a custom command to launch the Rancher agent service. Follow the directions to launch the Rancher agent service in Windows.
On the hosts, the agent binary will be download to a folder called
C:/Program Files/rancher and agent logs will be found at
As part of adding a host into Rancher, the Rancher agent is installed and registered on the host as a service. In order to re-use a host, you must delete the existing service. In the powershell, run the following command. After the service is deleted, you can re-use the host in a Windows environment.
& 'C:\Program Files\rancher\agent.exe' -unregister-service
By default, we support NAT and transparent networking.
Currently, the default Windows environment template supports a transparent network named
transparent, which is created by running
docker network create -d transparent transparent.
If you want to create a transparent network with a different name, you will need to create a new environment template with Windows as the container orchestration. After selecting Windows, you can click on Edit Config to change the name of the transparent network. The default name is
transparent. After creating the updated environment template, you can create a new environment that will support the newly named transparent network. The UI will continue to have
transparent as the default name, so you will need to update the command to be
docker network create -d transparent <NEW_NAME_IN_TEMPLATE.