Authors: Rodrigo Campos (Microsoft), Giuseppe Scrivano (Red Hat) Kubernetes v1.25 introduces the support for user namespaces. This is a major improvement for running secure workloads in Kubernetes.Each pod will have access only to a limited subset of the available UIDs and GIDs on the system, thus adding a new security layer to protect from other pods running on the same system.

How does it work?

A process running on Linux can use up to 4294967296 different UIDs and GIDs. User namespaces is a Linux feature that allows

Just published by Kubernetes: Read more