Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

user-namespaces.md: subid count per pod is hard-coded to 65536 #49288

Merged
merged 1 commit into from
Jan 6, 2025
Merged

user-namespaces.md: subid count per pod is hard-coded to 65536 #49288

merged 1 commit into from
Jan 6, 2025
+2 −0

Conversation

AkihiroSuda
Copy link
Member

Description

The number of subuids and subgids for each of pods is hard-coded to 65536, regardless to the total ID count specified in /etc/subuid and /etc/subgid: https://github.com/kubernetes/kubernetes/blob/v1.32.0/pkg/kubelet/userns/userns_manager.go#L211-L228

This fact was not clarified in the documentation.

Issue

NONE

@k8s-ci-robot k8s-ci-robot added the cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. label Jan 5, 2025
@k8s-ci-robot k8s-ci-robot added language/en Issues or PRs related to English language size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. labels Jan 5, 2025
@netlify Netlify
Copy link

netlify bot commented Jan 5, 2025
edited
Loading

Pull request preview available for checking

Built without sensitive environment variables

Name Link
🔨 Latest commit 07ff00e
🔍 Latest deploy log https://app.netlify.com/sites/kubernetes-io-main-staging/deploys/677bd182a51e650007b6a44b
😎 Deploy Preview https://deploy-preview-49288--kubernetes-io-main-staging.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.

@AkihiroSuda
Copy link
Member Author

Opened a PR to allow customizing the count too:

@sftim
Copy link
Contributor

sftim commented Jan 6, 2025

/sig node

@k8s-ci-robot k8s-ci-robot added the sig/node Categorizes an issue or PR as relevant to SIG Node. label Jan 6, 2025
sftim
sftim reviewed Jan 6, 2025
View reviewed changes
Copy link
Contributor

@sftim sftim left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please consider mentioning the hard coded range under the (existing) heading “Understanding user namespaces for pods)”

The whole page needs more work and is not yet at beta quality. However, small targeted PRs like this are the right way to make incremental improvements.

@AkihiroSuda @sftim
user-namespaces.md: subid count per pod is hard-coded to 65536
07ff00e 
The number of subuids and subgids for each of pods is hard-coded to 65536,
regardless to the total ID count specified in `/etc/subuid` and `/etc/subgid`:
https://github.com/kubernetes/kubernetes/blob/v1.32.0/pkg/kubelet/userns/userns_manager.go#L211-L228

This fact was not clarified in the documentation.

Co-authored-by: Tim Bannister <[email protected]>
Signed-off-by: Akihiro Suda <[email protected]>
sftim
sftim reviewed Jan 6, 2025
View reviewed changes
Copy link
Contributor

@sftim sftim left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm
/approve

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Jan 6, 2025
@k8s-ci-robot
Copy link
Contributor

LGTM label has been added.

Git tree hash: 7e7c2f330d65583be2ee7e9a80078b957296fbc5

@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: sftim

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Jan 6, 2025
@k8s-ci-robot k8s-ci-robot merged commit a77363f into kubernetes:main Jan 6, 2025
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sftim sftim sftim left review comments

@drewhagen drewhagen Awaiting requested review from drewhagen

@reylejano reylejano Awaiting requested review from reylejano

Assignees

@sftim sftim

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. language/en Issues or PRs related to English language lgtm "Looks good to me", indicates that a PR is ready to be merged. sig/node Categorizes an issue or PR as relevant to SIG Node. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files.
Projects
SIG Node: code and documentation PRs
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@AkihiroSuda @sftim @k8s-ci-robot