Add GMSA support for V2 process isolated containers #797
Conversation
dcantah
force-pushed
the
gmsa
branch
2 times, most recently
from
00b4b82
to
57809ee
Compare
dcantah
changed the title
|
@kevpar @katiewasnothere @ambarve if one of you has time today could you take a gander at this :) |
|
Linking to #347 for tracking :) |
dcantah
force-pushed
the
gmsa
branch
4 times, most recently
from
c6d1de7
to
d7cf697
Compare
dcantah
force-pushed
the
gmsa
branch
3 times, most recently
from
a6b3546
to
4768792
Compare
|
Can you update the title so we don't use the term "V2 process isolated containers", please? |
What is the concern with the title/what would you rather it be? If it's with the V2 removing that wouldn't be accurate as we already do support GMSA for V1 schema containers. |
|
Realistically not a big deal I suppose. I'm trying to cut down on us using "v2" as an shorthand since I think it's vague (are you talking about v2 hcs schema, v2 hcs APIs, v2 containerd shim protocol, something else?). If you clarify in the description I think the title is okay. |
|
@kevpar Good point, all the V1-V2 and codenames was very confusing at the beginning so I understand haha. Added a clarification to the description. |
* Add generated V2 schema files for Container Credential Guard * Add new hcs calls that are necessary to setup container credential guard instances. * Add new resource type CCGInstance that implements ResourceCloser so a containers ccg instance will be cleaned up on container close. * Add tests to validate gmsa * Remove logging from resource Release methods and just return an error. Forego returning immediately on an error in ReleaseResources and return afterwards if any of the releases failed. Signed-off-by: Daniel Canter <dcanter@microsoft.com>
Support for V2 HCS Schema process isolated containers
instances.
ccg instance will be cleaned up on container close.
Signed-off-by: Daniel Canter dcanter@microsoft.com