You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: content/zh-cn/docs/tasks/administer-cluster/kubelet-in-userns.md
+18-8Lines changed: 18 additions & 8 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -2,12 +2,14 @@
2
2
title: 以非 root 用户身份运行 Kubernetes 节点组件
3
3
content_type: task
4
4
min-kubernetes-server-version: 1.22
5
+
weight: 300
5
6
---
6
7
7
8
<!--
8
9
title: Running Kubernetes Node Components as a Non-root User
9
10
content_type: task
10
11
min-kubernetes-server-version: 1.22
12
+
weight: 300
11
13
-->
12
14
13
15
<!-- overview -->
@@ -21,7 +23,7 @@ without root privileges, by using a {{< glossary_tooltip text="user namespace" t
21
23
This technique is also known as _rootless mode_.
22
24
23
25
{{< note >}}
24
-
This document describes how to run Kubernetes Node components (and hence pods) a non-root user.
26
+
This document describes how to run Kubernetes Node components (and hence pods) as a non-root user.
25
27
26
28
If you are just looking for how to run a pod as a non-root user, see [SecurityContext](/docs/tasks/configure-pod-container/security-context/).
27
29
{{< /note >}}
@@ -318,6 +320,7 @@ the host with an external port forwarder, such as RootlessKit, slirp4netns, or
318
320
You can use the port forwarder from K3s.
319
321
See [Running K3s in Rootless Mode](https://rancher.com/docs/k3s/latest/en/advanced/#known-issues-with-rootless-mode)
320
322
for more details.
323
+
The implementation can be found in [the `pkg/rootlessports` package](https://github.com/k3s-io/k3s/blob/v1.22.3+k3s1/pkg/rootlessports/controller.go) of k3s.
321
324
322
325
### Configuring CRI
323
326
@@ -343,6 +346,7 @@ Pod 的网络命名空间可以使用常规的 CNI 插件配置。对于多节
0 commit comments