Azure · Copilot · Oct 21, 2025 · Oct 21, 2025 · Oct 21, 2025 · Oct 21, 2025
@@ -0,0 +1,128 @@
+# Azure Container Networking Service (CNS)
+
+Azure Container Networking Service (CNS) is a service that provides container networking capabilities for Azure environments. It manages IP address allocation, network policy enforcement, and container network configuration.
+
+## Features
+
+- **IP Address Management (IPAM)**: Dynamic allocation and management of IP addresses for containers
+- **Network Container Management**: Creation and management of network containers
+- **Multi-tenancy Support**: Isolation and management of network resources across multiple tenants
+- **Kubernetes Integration**: Native integration with Kubernetes for CNI plugin support
+- **Windows Service Support**: Run CNS as a Windows service for automatic startup and recovery
+
+## Running CNS
+
+### Linux
+
+On Linux systems, CNS is typically run as a daemon or managed by systemd:
+
+```bash
+./azure-cns [OPTIONS]
+```
+
+### Windows
+
+On Windows systems, CNS can be run as a standalone executable or registered as a Windows service.
+
+#### As a Windows Service
+
+CNS can be installed as a Windows service to enable automatic startup and recovery:
+
+```powershell
+# Install the service
+azure-cns.exe --service install
+
+# Start the service
+net start azure-cns
+```
+
+See [Windows Service Documentation](doc/windows-service.md) for detailed information on Windows service features and management.
+
+#### As a Standalone Executable
+
+You can also run CNS directly:
+
+```powershell
+azure-cns.exe [OPTIONS]
+```
+
+## Configuration
+
+CNS can be configured using:
+- Command-line arguments
+- Configuration file (JSON format)
+- Environment variables
+
+### Common Command-Line Options
+
+```
+  -e, --environment=           Set the operating environment {azure,mas,fileIpam}
+  -l, --log-level=info         Set the logging level {info,debug}
+  -t, --log-target=logfile     Set the logging target {syslog,stderr,logfile,stdout,stdoutfile}
+  -c, --cns-url=               Set the URL for CNS to listen on
+  -p, --cns-port=              Set the URL port for CNS to listen on
+  -cp, --config-path=          Path to cns config file
+  -v, --version                Print version information
+  -s, --service=               Windows service action: install, uninstall, or run as service (Windows only)
+```
+
+For a complete list of options, run:
+
+```bash
+azure-cns --help
+```
+
+## Building CNS
+
+To build CNS from source:
+
+```bash
+cd cns/service
+go build -o azure-cns
+```
+
+Or use the Makefile from the repository root:
+
+```bash
+make azure-cns-binary
+```
+
+## Documentation
+
+- [Windows Service Documentation](doc/windows-service.md) - Detailed guide for running CNS as a Windows service
+- [Swift V2 Features](../docs/feature/swift-v2/cns.md) - Swift V2 networking features
+- [Async Delete](../docs/feature/async-delete/cns.md) - Asynchronous pod deletion
+
+## API Documentation
+
+CNS exposes a REST API for container network management. The API documentation can be found in the [swagger.yaml](swagger.yaml) file.
+
+## Development
+
+### Testing
+
+Run tests using:
+
+```bash
+cd cns
+go test ./...
+```
+
+### Linting
+
+Format and lint the code:
+
+```bash
+make fmt
+make lint
+```
+
+## Support
+
+For issues and questions:
+- Create an issue in the [GitHub repository](https://github.com/Azure/azure-container-networking/issues)
+- Review existing [documentation](../docs/)
+
+## License
+
+This project is licensed under the MIT License - see the [LICENSE](../LICENSE) file for details.
@@ -0,0 +1,182 @@
+# Azure CNS Windows Service
+
+Azure CNS (Container Networking Service) can be registered and run as a Windows service, enabling automatic startup on system boot and automatic restart on failure.
+
+## Features
+
+- **Automatic Startup**: CNS starts automatically when the Windows system boots
+- **Automatic Recovery**: Service automatically restarts on failure (with 5-second delays)
+- **Event Logging**: Service lifecycle events are logged to Windows Event Log
+- **Service Management**: Easy installation and uninstallation via command-line flags
+
+## Installation
+
+To install Azure CNS as a Windows service, run the following command with administrator privileges:
+
+```powershell
+azure-cns.exe --service install
+```
+
+or using the short form:
+
+```powershell
+azure-cns.exe -s install
+```
+
+This will:
+1. Register the service with the Windows Service Control Manager
+2. Configure the service to start automatically on system boot
+3. Set up automatic restart on failure
+4. Create an event log source for CNS
+
+After installation, you can start the service using:
+
+```powershell
+net start azure-cns
+```
+
+or via the Services management console (`services.msc`).
+
+## Uninstallation
+
+To uninstall the Azure CNS Windows service, run the following command with administrator privileges:
+
+```powershell
+azure-cns.exe --service uninstall
+```
+
+or using the short form:
+
+```powershell
+azure-cns.exe -s uninstall
+```
+
+This will:
+1. Stop the service if it's running
+2. Remove the service from the Windows Service Control Manager
+3. Remove the event log source
+
+## Service Configuration
+
+The service is registered with the following configuration:
+
+- **Service Name**: `azure-cns`
+- **Display Name**: `Azure Container Networking Service`
+- **Description**: `Provides container networking services for Azure`
+- **Start Type**: Automatic
+- **Service Account**: LocalSystem
+- **Recovery Actions**:
+  - First failure: Restart the service after 5 seconds
+  - Second failure: Restart the service after 5 seconds
+  - Subsequent failures: Restart the service after 5 seconds
+  - Reset failure count after: 24 hours
+
+## Running as a Service
+
+Once installed, the service will automatically detect when it's being started by the Windows Service Control Manager and will run in service mode. No additional command-line flags are needed when the service is started by Windows.
+
+For testing purposes, you can explicitly run in service mode using:
+
+```powershell
+azure-cns.exe --service run
+```
+
+## Event Logging
+
+Service lifecycle events are logged to the Windows Event Log under the Application log with the source name `azure-cns`. You can view these logs using:
+
+```powershell
+Get-EventLog -LogName Application -Source azure-cns -Newest 20
+```
+
+or via the Event Viewer (`eventvwr.msc`).
+
+## Troubleshooting
+
+### Service fails to install
+
+Ensure you are running the command prompt or PowerShell as Administrator. The service installation requires elevated privileges.
+
+### Service fails to start
+
+1. Check the Windows Event Log for error messages:
+   ```powershell
+   Get-EventLog -LogName Application -Source azure-cns -Newest 10
+   ```
+
+2. Verify that all required configuration files are present
+
+3. Check that the executable path is correct
+
+4. Try running the executable directly (not as a service) to identify any configuration issues:
+   ```powershell
+   azure-cns.exe
+   ```
+
+### Service doesn't restart on failure
+
+The service is configured to restart automatically up to 3 times within a 24-hour period. If the service continues to fail, it will remain stopped. Check the Event Log for the root cause and fix the underlying issue before restarting the service.
+
+## Command-Line Reference
+
+```
+  -s, --service=               Windows service action: install, uninstall, or run as service {install,uninstall,run,}
+```
+
+**Available actions:**
+- `install`: Install Azure CNS as a Windows service
+- `uninstall`: Uninstall the Azure CNS Windows service
+- `run`: Explicitly run in service mode (typically not needed)
+- ` ` (empty): Normal execution mode (auto-detects if running as service)
+
+## Examples
+
+### Install and start the service
+
+```powershell
+# Install the service
+azure-cns.exe --service install
+
+# Start the service
+net start azure-cns
+
+# Verify the service is running
+Get-Service azure-cns
+```
+
+### Stop and uninstall the service
+
+```powershell
+# Stop the service
+net stop azure-cns
+
+# Uninstall the service
+azure-cns.exe --service uninstall
+```
+
+### Check service status
+
+```powershell
+# Using PowerShell
+Get-Service azure-cns
+
+# Using sc.exe
+sc query azure-cns
+```
+
+### View service logs
+
+```powershell
+# View recent events
+Get-EventLog -LogName Application -Source azure-cns -Newest 20 | Format-Table -AutoSize
+
+# View only errors
+Get-EventLog -LogName Application -Source azure-cns -EntryType Error -Newest 10
+```
+
+## Notes
+
+- This feature is only available on Windows platforms. On Linux, use systemd or other init systems to manage the service.
+- The service must be installed with administrator privileges.
+- The service runs under the LocalSystem account, which has high privileges. Ensure the executable and configuration files are properly secured.
+- Service configuration (command-line flags, config files) should be set via the Windows Registry or by using command-line parameters in the service's "Image Path" in the service properties.
@@ -346,6 +346,19 @@ var args = acn.ArgumentList{
 		Type:         "string",
 		DefaultValue: "",
 	},
+	{
+		Name:         acn.OptServiceAction,
+		Shorthand:    acn.OptServiceActionAlias,
+		Description:  "Windows service action: install, uninstall, or run as service",
+		Type:         "string",
+		DefaultValue: "",
+		ValueMap: map[string]interface{}{
+			acn.OptServiceInstall:   0,
+			acn.OptServiceUninstall: 0,
+			acn.OptServiceRun:       0,
+			"":                      0,
+		},
+	},
 }
 
 // init() is executed before main() whenever this package is imported
@@ -521,12 +534,54 @@ func main() {
 	telemetryDaemonEnabled := acn.GetArg(acn.OptTelemetryService).(bool)
 	cniConflistFilepathArg := acn.GetArg(acn.OptCNIConflistFilepath).(string)
 	cniConflistScenarioArg := acn.GetArg(acn.OptCNIConflistScenario).(string)
+	serviceAction := acn.GetArg(acn.OptServiceAction).(string)
 
 	if vers {
 		printVersion()
 		os.Exit(0)
 	}
 
+	// Handle Windows service actions (install/uninstall)
+	switch serviceAction {
+	case acn.OptServiceInstall:
+		if err := installService(); err != nil {
+			fmt.Fprintf(os.Stderr, "Failed to install service: %v\n", err)
+			os.Exit(1)
+		}
+		os.Exit(0)
+	case acn.OptServiceUninstall:
+		if err := uninstallService(); err != nil {
+			fmt.Fprintf(os.Stderr, "Failed to uninstall service: %v\n", err)
+			os.Exit(1)
+		}
+		os.Exit(0)
+	case acn.OptServiceRun:
+		// This is an explicit flag to run as service (for testing)
+		// Normally the service manager would start us and we'd detect it automatically
+		if err := runAsService(); err != nil {
+			fmt.Fprintf(os.Stderr, "Failed to run as service: %v\n", err)
+			os.Exit(1)
+		}
+		// The service control loop has exited, but we still need to run the main service logic
+		// Fall through to continue with normal startup
+	case "":
+		// No service action specified, check if we're running as a service
+		isService, err := isWindowsService()
+		if err != nil {
+			fmt.Fprintf(os.Stderr, "Failed to detect service mode: %v\n", err)
+			os.Exit(1)
+		}
+		if isService {
+			// We're being started by the Windows Service Manager
+			if err := runAsService(); err != nil {
+				fmt.Fprintf(os.Stderr, "Failed to run as service: %v\n", err)
+				os.Exit(1)
+			}
+			// The service control loop has exited, but we still need to run the main service logic
+			// Fall through to continue with normal startup
+		}
+	}
+
 	// Initialize CNS.
 	var (
 		err                error