From 07ff00e633178d0c95033cd14f7758c12a6ada86 Mon Sep 17 00:00:00 2001
From: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Date: Mon, 6 Jan 2025 07:22:41 +0900
Subject: [PATCH] user-namespaces.md: subid count per pod is hard-coded to
 65536

The number of subuids and subgids for each of pods is hard-coded to 65536,
regardless to the total ID count specified in `/etc/subuid` and `/etc/subgid`:
https://github.com/kubernetes/kubernetes/blob/v1.32.0/pkg/kubelet/userns/userns_manager.go#L211-L228

This fact was not clarified in the documentation.

Co-authored-by: Tim Bannister <tim@scalefactory.com>
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
---
 content/en/docs/concepts/workloads/pods/user-namespaces.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/content/en/docs/concepts/workloads/pods/user-namespaces.md b/content/en/docs/concepts/workloads/pods/user-namespaces.md
index 1aa420588c738..ec958af634853 100644
--- a/content/en/docs/concepts/workloads/pods/user-namespaces.md
+++ b/content/en/docs/concepts/workloads/pods/user-namespaces.md
@@ -177,6 +177,8 @@ to the `kubelet` user:
   configuration.
 
 * The subordinate ID count must be a multiple of 65536
+  (for Kubernetes {{< skew currentVersion >}} the subordinate ID count for each Pod is hard-coded
+  to 65536).
 
 * The subordinate ID count must be at least `65536 x <maxPods>` where `<maxPods>`
   is the maximum number of pods that can run on the node.