gen2-v20240814.0

What's Changed

• update Flannel (0.25.3) by @AkihiroSuda in #334
• update components (Kubernetes 1.31.0) by @AkihiroSuda in #336

Full Changelog: gen2-v20240527.0...gen2-v20240814.0

gen2-v20240527.0

What's Changed

• Add make kubeadm-reset by @AkihiroSuda in #328
• update components (Kubernetes 1.30.0) by @AkihiroSuda in #331

Full Changelog: gen2-v20240410.0...gen2-v20240527.0

gen2-v20240410.0

What's Changed

• Accelerate networking with bypass4netns by @AkihiroSuda in #326

Full Changelog: gen2-v20240404.1...gen2-v20240410.0

gen2-v20240404.1

What's Changed

• Remove ip addr add "${U7S_HOST_IP}" dev eth0 by @AkihiroSuda in #323
  • Also updates Kubernetes to v1.29.2, and add the support for Rootful Docker

Full Changelog: gen2-v20240203.0...gen2-v20240404.1

gen2-v20240203.0

What's Changed

• update components (Kubernetes 1.29.1) by @AkihiroSuda in #320

Full Changelog: gen2-v20231218.0...gen2-v20240203.0

gen2-v20231218.0

What's Changed

• Remove warning about linger from older systemd by @afbjorklund in #313
• update components (Kubernetes 1.29.0) by @AkihiroSuda in #315

New Contributors

• @afbjorklund made their first contribution in #313

Full Changelog: gen2-v20230919.0...gen2-v20231218.0

gen2-v20230919.0

• Support CONTAINER_ENGINE=(podman|nerdctl) in addition to docker (#305)
• Avoid printing kubeadm token to the terminal (#307)

gen2-v20230915.0

• Support VXLAN on GCP (as well as on AWS, Azure, etc.) (#300)
• Support Rocky Linux 9 and AlmaLinux 9 hosts (#301)
• Move init-host scripts out of the hack directory (#302)
• Add make kubectl (#303)

gen2-v20230906.0

This is the first release of "Usernetes Generation 2" (#287)

---

Usernetes: Kubernetes without the root privileges (Generation 2)

Usernetes (Gen2) deploys a Kubernetes cluster inside Rootless Docker,
so as to mitigate potential container-breakout vulnerabilities.

Note

Usernetes (Gen2) has significantly diverged from the original Usernetes (Gen1),
which did not require Rootless Docker to be installed on hosts.

See the gen1 branch for
the original Usernetes (Gen1).

Usernetes (Gen2) is similar to Rootless kind and Rootless minikube,
but Usernetes (Gen 2) supports creating a cluster with multiple hosts.

Components

• Cluster configuration: kubeadm
• CRI: containerd
• OCI: runc
• CNI: Flannel

Requirements

Note

Using Ubuntu 22.04 hosts is recommended.

• Rootless Docker:

curl -o install.sh -fsSL https://get.docker.com
sudo sh install.sh
dockerd-rootless-setuptool.sh install

• systemd lingering:

sudo loginctl enable-linger $(whoami)

• cgroup v2 delegation:

sudo mkdir -p /etc/systemd/system/[email protected]

cat <<EOF | sudo tee /etc/systemd/system/[email protected]/delegate.conf
[Service]
Delegate=cpu cpuset io memory pids
EOF

sudo systemctl daemon-reload

• Kernel modules:

sudo modprobe vxlan

Usage

See make help.

# Bootstrap a cluster
make up
make kubeadm-init
make install-flannel

# Enable kubectl
make kubeconfig
export KUBECONFIG=$(pwd)/kubeconfig
kubectl get pods -A

# Multi-host
make join-command
scp join-command another-host:~/usernetes
ssh another-host make -C ~/usernetes up kubeadm-join

# Debug
make logs
make shell
make down-v
kubectl taint nodes --all node-role.kubernetes.io/control-plane-

Limitations

• Node ports cannot be exposed automatically. Edit docker-compose.yaml for exposing additional node ports.
• Most of host files are not visible with hostPath mounts. Edit docker-compose.yaml for mounting additional files.
• Some volume drivers such as nfs do not work.

Advanced topics

• Although Usernetes (Gen2) is designed to be used with Rootless Docker, it should work with the regular "rootful" Docker too.
  This might be useful for some people who are looking for "multi-host" version of kind and minikube. (Support for "rootful" is currently broken: #297)

v20230816.0

Kubernetes version: v1.28.0

---

Build logs (available for 90 days): https://github.com/rootless-containers/usernetes/actions/runs/5874550853/job/15929481770