79161694

Date: 2024-11-06 07:44:49
Score: 1.5
Natty:
Report link

Is there any support in Kubernetes for this feature to be enabled on the underlying Container Runtime?

2024: As mentioned by Akihiro Suda in "containerd v2.0, nerdctl v2.0, and Lima v1.0", containerd 2.0 is now an OCI runtime supporting user namespaces, mapping the user IDs in pods to different user IDs on the host. This feature allows mapping the root user in the pod to an unprivileged user on the host.
Source: PR 8803: "Add support for user namespaces (KEP-127)".

See "Pods / User Namespaces", with Kubernetes v1.30+ (Apr. 2024) (still in beta in Q4 2024).

Reasons:
  • Blacklisted phrase (1): Is there any
  • Probably link only (1):
  • No code block (0.5):
  • Contains question mark (0.5):
  • Starts with a question (0.5): Is there any
  • High reputation (-2):
Posted by: VonC