What is the problem you're trying to solve
kubernetes starting 1.27 sets Uid and Gid mappings on mounts for userns pods. However there is no version of containerd that is released that supports idmap mounts. containerd 1.7 which is the latest minor release has an explicit check that rejects any container with idmap mounts. I noticed that main branch does support this and we would need to backport this to release-1.7 branch but considering that is the latest released minor version I would expect this to work in latest patch version under 1.7 since we don't have a target date for 2.0 yet.
Without any released version it is hard for cloud-providers to test this kubernetes feature who rely on containerd.
Describe the solution you'd like
Please release containerd 1.7.x which has support for idmap mounts. This will give cloud-providers that rely on it enough time to test.
Additional context
No response
What is the problem you're trying to solve
kubernetes starting 1.27 sets Uid and Gid mappings on mounts for userns pods. However there is no version of containerd that is released that supports idmap mounts. containerd 1.7 which is the latest minor release has an explicit check that rejects any container with idmap mounts. I noticed that main branch does support this and we would need to backport this to release-1.7 branch but considering that is the latest released minor version I would expect this to work in latest patch version under 1.7 since we don't have a target date for 2.0 yet.
Without any released version it is hard for cloud-providers to test this kubernetes feature who rely on containerd.
Describe the solution you'd like
Please release containerd 1.7.x which has support for idmap mounts. This will give cloud-providers that rely on it enough time to test.
Additional context
No response