kubernetes
/
website
mirror of https://github.com/kubernetes/website.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

user-namespaces.md: subid count per pod is hard-coded to 65536 

The number of subuids and subgids for each of pods is hard-coded to 65536,
regardless to the total ID count specified in `/etc/subuid` and `/etc/subgid`:
https://github.com/kubernetes/kubernetes/blob/v1.32.0/pkg/kubelet/userns/userns_manager.go#L211-L228

This fact was not clarified in the documentation.

Co-authored-by: Tim Bannister <tim@scalefactory.com>
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
pull/49288/head
Akihiro Suda 2025-01-06 07:22:41 +09:00
parent 4ebe36553e
commit 07ff00e633
No known key found for this signature in database
GPG Key ID: 49524C6F9F638F1A
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
content/en/docs/concepts/workloads/pods/user-namespaces.md
View File

@ -177,6 +177,8 @@ to the `kubelet` user:
configuration.
* The subordinate ID count must be a multiple of 65536
(for Kubernetes {{< skew currentVersion >}} the subordinate ID count for each Pod is hard-coded
to 65536).
* The subordinate ID count must be at least `65536 x <maxPods>` where `<maxPods>`
is the maximum number of pods that can run on the node.