feat: Windows HPC base image

[rbtr]

Windows HPC are special.

They explicitly do not run in a chroot or similar execution sandbox, and their filesystem is a merged view of the hostfs and their shipped containerfs. This means that we don't need to ship a filesystem: we recently moved from servercore to nanoserver and observed that the lack of pwsh.exe in nanoserver is manageable (in containerd 1.7+, automatically, and in 1.6, by tweaking the container PATH). We can go further and remove the rest of the OS since, as HPC, we don't need it and can escape to the hostfs for dependencies like powershell.

Further, HPC do not have the same Windows OS version compatibility requirements (the "os-version") as regular Windows containers - any Windows HPC may run on any Windows Server Host (given the executables are compatible with that Host).
In some of the testing with WS25 we have seen that this may happen - it was observed that containerd on WS25 inconsistently fetched the WS25 CNI image specified in our multiplatform manifest but was able to run other WS images without any issue.
Containerd >= 1.6 should have compatibility for Windows HPC without an os-version set, so we don't need to build separate Windows images for all of our target WS variants and can simply build one without that extra metadata.

[rbtr]

/azp run Azure Container Networking PR

[azure-pipelines]

Azure Pipelines successfully started running 1 pipeline(s).

[jpayne3506]

Checking if the makefile changes impact other E2E besides PR.

i.e

azure-container-networking/.pipelines/npm/npm-cni-integration-test.yaml

Line 72 in cf89840

kubectl set image daemonset/azure-npm-win -n kube-system azure-npm=$IMAGE_REGISTRY/azure-npm:windows-amd64-ltsc2022-${{ parameters.tag }}

[jpayne3506]

/azp list

[azure-pipelines]

CI/CD Pipelines for this repository:

• Azure Container Networking PR
• NPM Conformance Tests
• CNI Release Test
• NPM Scale Test
• Cilium Scale Test
• Cilium Hubble Enablement
• ACN Network Observability E2E
• TriggerCompliantBuild

[jpayne3506]

/azp

[azure-pipelines]

Supported commands

• help:
• Get descriptions, examples and documentation about supported commands
• Example: help "command_name"
• list:
• List all pipelines for this repository using a comment.
• Example: "list"
• run:
• Run all pipelines or specific pipelines for this repository using a comment. Use this command by itself to trigger all related pipelines, or specify specific pipelines to run.
• Example: "run" or "run pipeline_name, pipeline_name, pipeline_name"
• where:
• Report back the Azure DevOps orgs that are related to this repository and org
• Example: "where"

See additional documentation.

[jpayne3506]

/azp run NPM Conformance Tests, NPM Scale Test, CNI Release Test

[azure-pipelines]

Azure Pipelines successfully started running 3 pipeline(s).

[rbtr]

/azp run Azure Container Networking PR

[azure-pipelines]

Azure Pipelines successfully started running 1 pipeline(s).

[rbtr]

/azp run NPM Conformance Tests, NPM Scale Test, CNI Release Test

[azure-pipelines]

Azure Pipelines successfully started running 3 pipeline(s).

[rbtr]

cc @tyler-lloyd @paulgmiller for viz

[timraymond]

I'm going to say LGTM, but only in that there's nothing obviously wrong here to my eye. I don't know all the fiddly SKUs and IDs for Windows (and I trust that @rbtr probably found the right ones), so I'll let others with more specific knowledge of those judge that aspect of this PR.

[rbtr]

I'm going to say LGTM, but only in that there's nothing obviously wrong here to my eye. I don't know all the fiddly SKUs and IDs for Windows (and I trust that @rbtr probably found the right ones), so I'll let others with more specific knowledge of those judge that aspect of this PR.

I figured out all the fiddly Windows SKUs way back when I originally set up multiplat image builds... this removes them because it turns out we don't need them (or any OS in our Windows base images at all, really) 🪄