Creating gMSA credentials to windows container failed.

Dinesh Sharma 21 Reputation points
2021-02-25T07:12:26.493+00:00

We generated a .json file using New-CredentialSpec command.

when we try to attach it to a windows container it gives error "docker: Error response from daemon: security option not supported: CredentialSpecs." Google for this error but did not find any relevant information to resolve this.

Some Info About the env:

PS C:\Users> docker images REPOSITORY TAG IMAGE ID CREATED SIZE
gitlab/gitlab-runner-helper x86_64-2ebc4dc4-servercore1809 4049173eb4be 2 days ago 5.8GB
mcr.microsoft.com/windows/servercore ltsc2019 31902e4b25a6 2 weeks ago 5.21GB
mcr.microsoft.com/windows/servercore 1809 623c6707de60 2 weeks ago 5.21GB
mcr.microsoft.com/windows/nanoserver 1809 f524b7260f3c 3 weeks ago 252MB PS

C:\Users> docker --version
Docker version 19.03.14, build e820475

Command we used for attaching gMSA credentials is -
docker run -it --security-opt "--security-opt=credentialspec=file://labnet_win_docker.json" mcr.microsoft.com/windows/servercore:ltsc2019 powershell

Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,080 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Daisy Zhou 18,701 Reputation points Microsoft Vendor
    2021-02-26T07:50:47.627+00:00

    Hello @Dinesh Sharma ,

    Thank you for posting here.

    Please check if the command you are running is correct.

    References:
    Run a container with a gMSA
    https://learn.microsoft.com/en-us/virtualization/windowscontainers/manage-containers/gmsa-run-container

    Docker run reference
    https://docs.docker.com/engine/reference/run/#security-configuration

    Hope the information above is helpful.

    Best Regards,
    Daisy Zhou