Updates to the Windows Container Runtime support
Over the next year, Microsoft will transition support for the Mirantis Container Runtime (previously known as Docker Engine – Enterprise) to Mirantis support services. Windows Server containers will continue to function regardless of the runtime. The difference will be the coordination of associated technical support previously provided by Microsoft and Mirantis. The Mirantis Container Runtime will continue to be available from and supported by Mirantis. For more information, see Mirantis’s blog here.Busting the Myths around Kubernetes Deprecation of Dockershim – Windows Edition
The Kubernetes container orchestration project has deprecated dockershim. This isn't a big deal for running your containers. Read on to learn about the myths and the reality of what the dockershim deprecation means for Windows Server containers.
Announcing Active Directory Identity Improvement on AKS on Azure Stack HCI
We’re very pleased to announce that Group Managed Service Account (gMSA) for Containers with non-domain joined host solution is now available in the recently announced AKS on Azure Stack HCI https://github.com/Azure/aks-hci/releases/tag/AKS-HCI-2104! “gMSA with non-domain joined host” vs. “gMSA with domain-joined host” gMSA with non-domain joined host gMSA with domain-joined host Credentials are stored as K8 secret and authenticated parties can retrieve the secret. These creds are used to retrieve the gMSA identity from AD. This eliminates the need for container host to be domain joined and solves challenges with container host updates. Updates to Windows container host can pose considerable challenges. All previous settings need to be reconfigured to domain join the new container host. Simplified end-to-end gMSA configuration process by build-in cmdlets In AKS on Azure Stack HCI, even though you don't need to domain join Windows worker nodes anymore, there are other configuration steps that you can't skip. These steps include installing the webhook, the custom resource definition (CRD), and the credential spec, as well as enabling role-based access control (RBAC). We provide a few PowerShell cmdlets to simply the end-to-end experience. Please refer to Configure group Managed Service Accounts with AKS on Azure Stack HCI - AKS-HCI | Microsoft Docs. Getting started We have provided detailed https://docs.microsoft.com/en-us/azure-stack/aks-hci/prepare-windows-nodes-gmsa#before-you-begin on how to integrate your gMSA with containers in AKS-HCI with non-domain joined solution. Preparing gMSA in domain controller Configure group Managed Service Accounts with AKS on Azure Stack HCI - AKS-HCI | Microsoft Docs Prepare the gMSA credential spec JSON file (This is a one-time action. Please use the gMSA account in your domain) Install webhook, add Kubernetes secret and add gMSA Credential Spec can be finished by three cmdlets Deploy your application. As always, we love to see you try it out, and give us feedback. You can share your feedback at our https://github.com/microsoft/Windows-Containers/issues , or contact us directly at mailto:win-containers@microsoft.com. Jing Twitter: https://twitter.com/JingLi00465231
Azure Kubernetes Service on Azure Stack HCI Parity with AKS PowerShell
Azure Kubernetes Service on Azure Stack HCI's most recent release with PowerShell updates to align more with Azure Kubernetes Service (AKS), new networking options, and Active Directory integration! Azure Kubernetes Service on Azure Stack HCI (AKS-HCI) allows you to run your AKS clusters on-premises.
