Doc update for userns in 1.28 #41908
Conversation
k8s-ci-robot
added
do-not-merge/work-in-progress
|
cc @giuseppe |
k8s-ci-robot
added
the
sig/docs
k8s-ci-robot
added
size/M
👷 Deploy Preview for kubernetes-io-vnext-staging processing.
|
k8s-ci-robot
removed
the
do-not-merge/work-in-progress
|
This is ready for review, PTAL :) |
|
/lgtm |
k8s-ci-robot
added
the
lgtm
|
LGTM label has been added. Git tree hash: f090ff8f77650d7fedd9361331f2b9fe5e1fd301
|
There was a problem hiding this comment.
I'd expect to see a change to https://kubernetes.io/docs/reference/command-line-tools-reference/feature-gates/
Is that still needed? If not, why not?
content/en/docs/tasks/configure-pod-container/user-namespaces.md
Outdated
Show resolved
Hide resolved
content/en/docs/tasks/configure-pod-container/user-namespaces.md
Outdated
Show resolved
Hide resolved
content/en/docs/tasks/configure-pod-container/user-namespaces.md
Outdated
Show resolved
Hide resolved
k8s-ci-robot
removed
the
lgtm
|
@sftim I think that page is auto-generated, right? I think it is because the KEP didn't update the yaml (if this is auto generated). I've just opened a PR to fix the kep yaml: https://github.com/kubernetes/enhancements/pull/4147/files Do you know if that is enough? Or anything else we need to do to fix it? |
rata
force-pushed
the
rata/userns-1.28
branch
2 times, most recently
from
528252e to
0be42ca
Compare
k8s-ci-robot
removed
the
needs-rebase
The variable expansion is wrong: it currently expands to 1.27.3 on the rendered website, so it says it is supported in 1.27 and that it is not. Let's just re-work this paragraph so it is cleaerer and the variable expansion is what we want (1.27 and not 1.27.3)- Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
The note is no longer valid (the branch was already merged and the merged was done correctly). Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
rata
force-pushed
the
rata/userns-1.28
branch
3 times, most recently
from
ee88d1c to
05f6207
Compare
|
@sftim all fixed now. PTAL. CI is not running for some reason (but not failing either, just not running at all). |
|
I recommend rebasing against latest dev-1.28 and squashing to 1 commit. |
| Please note that containerd v1.7 supports user namespaces for containers, | ||
| compatible with Kubernetes {{< skew currentPatchVersion >}}. It should not be used | ||
| with Kubernetes 1.27 (and later). | ||
| containerd v1.7 is not compatible with the userns support in Kubernetes v1.27 to v{{< skew latestVersion >}}. |
There was a problem hiding this comment.
@tengqm that you can't use userns with containerd 1.7 and those k8s versions
There was a problem hiding this comment.
It won't work, it will throw an error.
There was a problem hiding this comment.
Let me try understand the situation.
containerd 1.7 + k8s 1.25/1.26 -> worked;
containerd 1.7 + k8s 1.27 -> this doesn't work;
If my understanding is correct, how about adjust the order of the two statements?
There was a problem hiding this comment.
@tengqm Your understanding is correct. But can you make a specific suggestion here on github? I mean, just changing the order doesn't make much sense IMHO, as the second sentence highlights that some version do support it. It would be weird to say that before sayin some version does NOT support it.
I can do the change that you want, but give me github suggestion to avoid misunderstandings :)
| The feature gate to enable user namespaces was previously named | ||
| `UserNamespacesStatelessPodsSupport`, when only stateless pods were supported. | ||
| Only Kubernetes v1.25 through to v1.27 recognise `UserNamespacesStatelessPodsSupport`; for | ||
| Kubernetes `{{< skew currentVersion >}}`, you need to use `UserNamespacesSupport`. |
There was a problem hiding this comment.
This is an abuse of the skew shortcode.
The 'currentVersion' is a moving target, so this statement will become obsolete soon.
We will eventually remove this statement, either because 1.28 becomes an ancient release or because the gate has graduated/deprecated and removed. We are not sure which one will happen first. So .. instead you may want to clearly call out the version number rather than playing the skew magic.
"for Kubernetes start from v1.28, you need to ..."
There was a problem hiding this comment.
"for Kubernetes start from v1.28, you need to ..."
If we forget to update the text for some future release, that proposed text becomes equally incorrect.
The trick is not to forget! Maybe one day though we'll be able to warn - or fail a built - when people forget (I can see how to write that).
There was a problem hiding this comment.
I have removed everything after the ;. This way, this sentence is always correct.
Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
|
Hey y'all! I'm swinging by for the v1.28 Docs team. Today is the docs deadline. Is there anything we can help you with to get this merged? |
|
I'm happy with the changes since #41908 (comment) /lgtm We have some time before the release @tengqm if you want to propose a revision. |
k8s-ci-robot
added
the
lgtm
|
LGTM label has been added. Git tree hash: e60b83195b7a55efd130a62d718f3aed2bba257f
|
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: giuseppe, saschagrunert, sftim The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
the
approved
Doc update for userns in 1.28
Commits 1-3 are ports of what we just merged in main, for 1.27. They improve the wording, fix a typo and use a timeless way for some sentences.
On top of that is the new commit that just removes mentiones to stateless pods, as we support all pods (stateful and stateless) now.