User Namespaces in Kubernetes v1.36: GA and What It Means for Pod Security
Kubernetes v1.36 ships User Namespaces to GA, enabling rootless security for pods with ID-mapped mounts, allowing privileged operations without host root.
Kubernetes v1.36 marks a significant milestone with the General Availability (GA) of User Namespaces, a Linux-only feature that finally brings robust rootless security to workloads. After years of development, this release enables a new level of isolation where containers can run with privileges without exposing the host to risks. The core innovation lies in ID-mapped mounts, which solve long-standing volume ownership issues. This Q&A covers the key aspects, practical usage, and the problems this feature solves.
What is the main security problem that User Namespaces address?
When a process runs as root (UID 0) inside a container, the Linux kernel still sees that process as root on the host. If an attacker exploits a kernel vulnerability or a misconfigured mount to escape the container, they immediately gain host-level root access. Traditional container security measures restrict capabilities and system calls, but they don't change the underlying identity of the process. User Namespaces solve this by mapping a container's root UID to an unprivileged, high-numbered UID on the host. This means that even if a container process breaks out, it has no more privileges than an ordinary user.
How do User Namespaces improve isolation for privileged containers?
With hostUsers: false set in a Pod spec, capabilities such as CAP_NET_ADMIN become namespaced. This grants administrative power over container-local network interfaces, but those permissions have no effect on the host. Previously, granting a container CAP_NET_ADMIN meant it could potentially manipulate host networking if it escaped. Now, the capability is confined to the user namespace. This enables use cases like running network tools or firewall rules inside a container without risking the host. It's a fundamental shift: you can give a container many root-like powers, but those powers remain strictly within its own namespace bubble.
What was the biggest technical hurdle for User Namespaces, and how was it overcome?
The primary blocker was volume ownership. When a container runs with a remapped UID (e.g., UID 12345 on host), any files in mounted volumes would need their ownership changed to that UID so the container could read and write them. Kubernetes had to recursively run chown on every file, which for large volumes could take minutes, destroying pod startup performance. The solution came from the kernel: ID-mapped mounts, introduced in Linux 5.12 and refined later. Instead of modifying disk ownership, the kernel transparently remaps UIDs and GIDs at mount time. Files appear owned by UID 0 inside the container, but on disk they remain unchanged. This is an O(1) operation—instant and efficient.
How do ID-mapped mounts work at the kernel level?
When a volume is attached to a Pod that uses User Namespaces, the kernel creates an ID mapping between the container's UID space and the host's UID space. For example, container UID 0 maps to host UID 165536 (the start of the namespace range). As files are read or written, the kernel transparently shifts the UID values in the inode metadata—but only in the memory representation, not on disk. This translation happens per-mount, so different Pods can see different ownership of the same underlying files. Because there is no disk I/O involved, the performance impact is negligible. This kernel feature made User Namespaces practical for production use, especially with stateful workloads that rely on persistent volumes.
How can I enable User Namespaces in my Pods?
Enabling the feature is straightforward: simply set hostUsers: false in the Pod spec. Here's an example:
apiVersion: v1
kind: Pod
metadata:
name: isolated-workload
spec:
hostUsers: false
containers:
- name: app
image: fedora:42
securityContext:
runAsUser: 0No changes to your container images are required. The container still runs as UID 0 internally, but that UID is mapped to an unprivileged range on the host. You can combine this with standard security contexts, like runAsNonRoot: true or capability restrictions. Note that this feature is Linux-only and requires a kernel with ID-mapped mount support (Linux 5.12+). It works with both OverlayFS and other volume drivers. For further details, see the earlier blog posts on User Namespaces alpha and User Namespaces beta.
What new use cases does User Namespaces GA enable?
Before this feature, running containers that needed special capabilities often forced administrators to choose between security and functionality. Now, you can safely run workloads that require CAP_NET_ADMIN, CAP_SYS_TIME, or CAP_SYS_ADMIN (within limits) without exposing the host. Examples include network monitoring tools, containerized firewalls, or performance tuning containers. Additionally, rootless containers no longer require complex workarounds like rootless podman—any container can run rootless simply by opting out of the host user namespace. This simplifies CI/CD pipelines and multi-tenant clusters where strict isolation is mandatory. Stateful applications with persistent volumes also benefit, because ownership remapping happens instantly without startup delays.
Are there any prerequisites or limitations to using User Namespaces?
The feature is Linux-only and requires a kernel version 5.12 or later (5.19+ recommended for full stability). It works with containerd or CRI-O runtimes that support user namespaces. Some volume plugins (like hostPath) may have caveats; ensure your CSI driver is compatible. Also, not all Linux distributions ship the necessary kernel patches—check your distro's documentation. Finally, note that hostUsers: false sets a pod-level policy; you cannot use it on a per-container basis. If you need to mix isolated and non-isolated containers in the same pod, that is not currently supported. Despite these constraints, the GA release marks a huge leap forward for Kubernetes security.