Hi, we are hosting several services on IIS, running on Windows, and these services are registered in our Consul cluster. All our Windows servers are running the Consul agent and we have sidecar proxies running for those services through the built-in Consul Connect proxy. There are a few hundred tenants using these services, but we are running several versions of these services and not all tenants are using the same version.
We were trying to implement some of the layer 7 features of Consul (routing and resolving), because they seem really great to direct tenants to different versions of our services. Unfortunately we found out that these features only work with Envoy proxy. Our problem is that the Envoy proxy is not available on Windows. On our loadbalancer we are running Nginx on Linux, so we can use Envoy proxy there.
So, what are our options for layer 7 traffic management for services running on Windows server 2019? We have full control of the windows hosts running IIS, we can probably install or configure anything if needed.
Envoy is in the process of being ported to Windows. An initial alphia was announced back in September (see Announcing Alpha Support for Envoy on Windows). There was a recent presentation at ServiceMeshCon which discussed the latest status of Envoy on Windows, and the roadmap to a GA release.
There’s some work needed in Consul to support running Envoy sidecars on Windows, but that should hopefully be a relatively small set of changes.
Aside from Envoy, there are currently no other options for an L7 proxy that supports Windows, and is integrated with Consul. However, it is possible to build one using the steps outlined in Consul’s Connect Custom Proxy Integration docs if you need a solution sooner.