user-namespaces.md: subid count per pod is hard-coded to 65536

The number of subuids and subgids for each of pods is hard-coded to 65536, regardless to the total ID count specified in `/etc/subuid` and `/etc/subgid`: https://github.com/kubernetes/kubernetes/blob/v1.32.0/pkg/kubelet/userns/userns_manager.go#L211-L228 This fact was not clarified in the documentation. Signed-off-by: Akihiro Suda <[email protected]>
kubernetes · Jan 5, 2025 · cf9bb50 · cf9bb50
1 parent 4ebe365
commit cf9bb50
Showing 1 changed file with 1 addition and 0 deletions.
diff --git a/content/en/docs/concepts/workloads/pods/user-namespaces.md b/content/en/docs/concepts/workloads/pods/user-namespaces.md
@@ -180,6 +180,7 @@ to the `kubelet` user:
 
 * The subordinate ID count must be at least `65536 x <maxPods>` where `<maxPods>`
   is the maximum number of pods that can run on the node.
+  Currently, the subordinate ID count for each of pods is hard-coded to 65536.
 
 * You must assign the same range for both user IDs and for group IDs, It doesn't
   matter if other users have user ID ranges that don't align with the group ID