From 90c595fd033cd6b988ba41fbaecf0261bffec751 Mon Sep 17 00:00:00 2001 From: Craig Wilhite Date: Thu, 7 Feb 2019 09:56:05 -0800 Subject: [PATCH] Include reference for how to run with --device on Windows. Explain limitations (no Hyper-V isolation, no LCOW). Signed-off-by: Craig Wilhite --- docs/reference/commandline/run.md | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/docs/reference/commandline/run.md b/docs/reference/commandline/run.md index 37b37ce7a1..d872598b8e 100644 --- a/docs/reference/commandline/run.md +++ b/docs/reference/commandline/run.md @@ -583,6 +583,28 @@ fdisk: unable to open /dev/xvdc: Operation not permitted > that may be removed should not be added to untrusted containers with > `--device`. +For Windows, the format of the string passed to the `--device` option is in +the form of `--device=/`. Beginning with Windows Server 2019 +and Windows 10 October 2018 Update, Windows only supports an IdType of +`class` and the Id as a [device interface class +GUID](https://docs.microsoft.com/en-us/windows-hardware/drivers/install/overview-of-device-interface-classes). +Refer to the table defined in the [Windows container +docs](https://docs.microsoft.com/en-us/virtualization/windowscontainers/deploy-containers/hardware-devices-in-containers) +for a list of container-supported device interface class GUIDs. + +If this option is specified for a process-isolated Windows container, _all_ +devices that implement the requested device interface class GUID are made +available in the container. For example, the command below makes all COM +ports on the host visible in the container. + +```powershell +PS C:\> docker run --device=class/86E0D1E0-8089-11D0-9CE4-08003E301F73 mcr.microsoft.com/windows/servercore:ltsc2019 +``` + +> **Note**: the `--device` option is only supported on process-isolated +> Windows containers. This option fails if the container isolation is `hyperv` +> or when running Linux Containers on Windows (LCOW). + ### Restart policies (--restart) Use Docker's `--restart` to specify a container's *restart policy*. A restart