user-namespaces.md: subid count per pod is hard-coded to 65536

AkihiroSuda · Tim Bannister · AkihiroSuda · commit 07ff00e63317 · 2025-01-06T21:50:01.000+09:00
The number of subuids and subgids for each of pods is hard-coded to 65536, regardless to the total ID count specified in `/etc/subuid` and `/etc/subgid`: https://github.com/kubernetes/kubernetes/blob/v1.32.0/pkg/kubelet/userns/userns_manager.go#L211-L228 This fact was not clarified in the documentation. Co-authored-by: Tim Bannister <tim@scalefactory.com> Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
diff --git a/content/en/docs/concepts/workloads/pods/user-namespaces.md b/content/en/docs/concepts/workloads/pods/user-namespaces.md
@@ -177,6 +177,8 @@ to the `kubelet` user:
   configuration.
 
 * The subordinate ID count must be a multiple of 65536
+  (for Kubernetes {{< skew currentVersion >}} the subordinate ID count for each Pod is hard-coded
+  to 65536).
 
 * The subordinate ID count must be at least `65536 x <maxPods>` where `<maxPods>`
   is the maximum number of pods that can run on the node.
