This document describes the schema for the Windows-specific section of the container configuration. The Windows container specification uses APIs provided by the Windows Host Compute Service (HCS) to fulfill the spec.
You can configure a container's resource limits via the OPTIONAL resources field of the Windows configuration.
memory is an OPTIONAL configuration for the container's memory usage.
The following parameters can be specified:
limit(uint64, OPTIONAL) - sets limit of memory usage in bytes.
"windows": {
"resources": {
"memory": {
"limit": 2097152
}
}
}cpu is an OPTIONAL configuration for the container's CPU usage.
The following parameters can be specified:
-
count(uint64, OPTIONAL) - specifies the number of CPUs available to the container. -
shares(uint16, OPTIONAL) - specifies the relative weight to other containers with CPU shares. -
maximum(uint, OPTIONAL) - specifies the portion of processor cycles that this container can use as a percentage times 100.
"windows": {
"resources": {
"cpu": {
"maximum": 5000
}
}
}storage is an OPTIONAL configuration for the container's storage usage.
The following parameters can be specified:
-
iops(uint64, OPTIONAL) - specifies the maximum IO operations per second for the system drive of the container. -
bps(uint64, OPTIONAL) - specifies the maximum bytes per second for the system drive of the container. -
sandboxSize(uint64, OPTIONAL) - specifies the minimum size of the system drive in bytes.
"windows": {
"resources": {
"storage": {
"iops": 50
}
}
}You can configure a container's networking options via the OPTIONAL network field of the Windows configuration.
The following parameters can be specified:
endpointList(array of strings, OPTIONAL) - list of HNS (Host Network Service) endpoints that the container should connect to.allowUnqualifiedDNSQuery(bool, OPTIONAL) - specifies if unqualified DNS name resolution is allowed.DNSSearchList(array of strings, OPTIONAL) - comma seperated list of DNS suffixes to use for name resolution.networkSharedContainerName(string, OPTIONAL) - name (ID) of the container that we will share with the network stack.
"windows": {
"network": {
"endpointList": [
"7a010682-17e0-4455-a838-02e5d9655fe6"
],
"allowUnqualifiedDNSQuery": true,
"DNSSearchList": [
"a.com",
"b.com"
],
"networkSharedContainerName": "containerName"
}
}You can configure a container's group Managed Service Account (gMSA) via the OPTIONAL credentialspec field of the Windows configuration.
The credentialspec is a JSON object whose properties are implementation-defined.
For more information about gMSAs, see Active Directory Service Accounts for Windows Containers.
For more information about tooling to generate a gMSA, see Deployment Overview.
When a container terminates, the Host Compute Service indicates if a Windows update servicing operation is pending.
You can indicate that a container should be started in a mode to apply pending servicing operations via the OPTIONAL servicing field of the Windows configuration.
"windows": {
"servicing": true
}You can indicate that a container should be started in an a mode where disk flushes are not performed during container boot via the OPTIONAL ignoreflushesduringboot field of the Windows configuration.
"windows": {
"ignoreflushesduringboot": true
}hyperv is an OPTIONAL field of the Windows configuration. If present, the container MUST be run with Hyper-V isolation. If omitted, the container MUST be run as a Windows Server container.
The following parameters can be specified:
-
utilityvmpath(string, OPTIONAL) - specifies the path to the image used for the utility VM. This would be specified if using a base image which does not contain a utility VM image. If not supplied, the runtime will search the container filesystem layers from the bottom-most layer upwards, until it locates "UtilityVM", and default to that path. -
sandboxpath(string, REQUIRED) - specifies the root of the path to the sandbox to be used for the container.
"windows": {
"hyperv": {
"utilityvmpath": "C:\\\\path\\\\to\\utilityvm",
"sandboxpath": "C:\\\\programdata\\\\docker\\\\windowsfilter
}
}