Hi All,
I need to start a Windows Container with Kubernetes on a W2016 Server with
a given group managed service account.
The Kubernetes Setup itself seems working, also the Docker installation.
Starting the Windows Container directly with docker works also fine.
This is the Docker start Command :
docker run -d -p 8000:9000 --security-opt "credentialspec=
file://svc1505.json ........."
The Parameter --security-opt applies the credentials stored in the file
"svc1505.json"
as wanted.
This is an example content of the json credentials file:
{"CmsPlugins":["ActiveDirectory"],"DomainJoinConfig":{"DnsName":"contoso.com","Guid":"244818ae-87ca-4fcd-92ec-e79e5252348a","DnsTreeName":"contoso.com","NetBiosName":"DEMO","Sid":"S-1-5-21-2126729477-2524075714-3094792973","MachineAccountName":"WebApplication1"},"ActiveDirectoryConfig":{"GroupManagedServiceAccounts":[{"Name":"WebApplication1","Scope":"DEMO"},{"Name":"WebApplication1","Scope":"contoso.com"}]}}
How is it possible to run this container with the needed Credentials under
Kubernetes ?
The Kubernetes Security context seems to related to linux only, is this
right ?
spec:
securityContext:
runAsUser: 1000
fsGroup: 2000
Cheers, Thomas
--
You received this message because you are subscribed to the Google Groups
"Kubernetes user discussion and Q&A" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to kubernetes-users+unsubscr...@googlegroups.com.
To post to this group, send email to kubernetes-users@googlegroups.com.
Visit this group at https://groups.google.com/group/kubernetes-users.
For more options, visit https://groups.google.com/d/optout.
