* kubelet-in-userns.md: fix typoes
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
* kubelet-in-userns.md: fix unexpected config paths
Referring to `/etc/containerd/config.toml` makes sense only when the user has
read/write permissions to `/etc/containerd/config.toml` in the current mount
namespace, which is not always assumed in the context of this documentation.
The same applies to `/etc/crio/crio.conf`, too.
Partially revert PR 30020.
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
* kubelet-in-userns.md: add back the link to example port forwarder implementation
Add back the link to `k3s/pkg/rootlessports/controller.go` removed in PR 30020.
As stated in `{{ <note> }}`, the corresponding section is written for developers
of Kubernetes distros, not for end users.
So we should retain the implementation details here.
Partially revert PR 30020.
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Enables support for running kubelet in a user namespace.
The user namespace has to be created before running kubelet.
All the node components such as CRI need to be running in the same user namespace.
- Tracking issue: kubernetes/enhancements issue 2033
- KEP: https://github.com/kubernetes/enhancements/tree/master/keps/sig-node/2033-kubelet-in-userns-aka-rootless
- Implementation: kubernetes/kubernetes PR 92863
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Akihiro Suda
Qiming Teng