Kubernetes on Windows

This page serves as an overview for getting started with Kubernetes on Windows by joining Windows nodes to a Linux-based cluster. With the release of Kubernetes 1.12 on Windows Server version 1803 beta, users can take advantage of the latest features in Kubernetes on Windows:


If you would like to deploy a cluster on Azure, the open source ACS-Engine tool makes this easy. A step by step walkthrough is available.


Plan IP addressing for your cluster

As Kubernetes clusters introduce new subnets for pods and services, it is important to ensure that none of them collide with any other existing networks in your environment. Here are all the address spaces that need to be freed up in order to deploy Kubernetes successfully:

Subnet / Address range Description Default Value
Service Subnet A non-routable, purely virtual subnet that is used by pods to uniformally access services without caring about the network topology. It is translated to/from routable address space by kube-proxy running on the nodes. ""
Cluster Subnet This is a global subnet that is used by all pods in the cluster. Each nodes is assigned a smaller /24 subnet from this for their pods to use. It must be large enough to accommodate all pods used in your cluster. To calculate minimum subnet size: (number of nodes) + (number of nodes * maximum pods per node that you configure)

Example for a 5 node cluster for 100 pods per node: (5) + (5 * 100) = 505.

Kubernetes DNS Service IP IP address of "kube-dns" service that will be used for DNS resolution & cluster service discovery. ""


There is another Docker network (NAT) that gets created by default when you install Docker. It is not needed to operate Kubernetes on Windows as we assign IPs from the cluster subnet instead.

Disable anti-spoofing protection


Please read this section carefully as it is required for anyone to successfully use VMs to deploy Kubernetes on Windows today.

Ensure MAC address spoofing and virtualization is enabled for the Windows container host VMs (guests). To achieve this, you should run the following as Administrator on the machine hosting the VMs (example given for Hyper-V):

Set-VMProcessor -VMName "<name>" -ExposeVirtualizationExtensions $true 
Get-VMNetworkAdapter -VMName "<name>" | Set-VMNetworkAdapter -MacAddressSpoofing On


If you are using a VMware-based product to meet your virtualization needs, please look into enabling promiscuous mode for the MAC spoofing requirement.


If you are deploying Kubernetes on Azure IaaS VMs yourself, please look into VMs that support nested virtualization for this requirement.

What you will accomplish

By the end of this guide, you will have:

Next steps

In this section, we talked about important pre-requisites & assumptions needed to deploy Kubernetes on Windows successfully today. Continue to learn how to setup a Kubernetes master: