From d3e8a7bbf1f73e74f887037764f0ab9a58455080 Mon Sep 17 00:00:00 2001
From: Rodrigo Campos <rodrigo@amutable.com>
Date: Fri, 13 Feb 2026 17:32:31 +0100
Subject: [PATCH 1/4] content: document userns is GA

Signed-off-by: Rodrigo Campos <rodrigo@amutable.com>
---
 .../en/docs/concepts/workloads/pods/user-namespaces.md    | 2 +-
 .../feature-gates/UserNamespacesSupport.md                | 4 ++++
 .../docs/tasks/configure-pod-container/user-namespaces.md | 8 --------
 3 files changed, 5 insertions(+), 9 deletions(-)

diff --git a/content/en/docs/concepts/workloads/pods/user-namespaces.md b/content/en/docs/concepts/workloads/pods/user-namespaces.md
index 4d949d0a036ed..8fef19725e365 100644
--- a/content/en/docs/concepts/workloads/pods/user-namespaces.md
+++ b/content/en/docs/concepts/workloads/pods/user-namespaces.md
@@ -7,7 +7,7 @@ min-kubernetes-server-version: v1.25
 ---
 
 <!-- overview -->
-{{< feature-state for_k8s_version="v1.30" state="beta" >}}
+{{< feature-state for_k8s_version="v1.36" state="stable" >}}
 
 This page explains how user namespaces are used in Kubernetes pods. A user
 namespace isolates the user running inside the container from the one
diff --git a/content/en/docs/reference/command-line-tools-reference/feature-gates/UserNamespacesSupport.md b/content/en/docs/reference/command-line-tools-reference/feature-gates/UserNamespacesSupport.md
index eedc37e8d8747..0d4187fa7c006 100644
--- a/content/en/docs/reference/command-line-tools-reference/feature-gates/UserNamespacesSupport.md
+++ b/content/en/docs/reference/command-line-tools-reference/feature-gates/UserNamespacesSupport.md
@@ -17,6 +17,10 @@ stages:
   - stage: beta
     defaultValue: true
     fromVersion: "1.33"
+  - stage: stable
+    locked: true
+    defaultValue: true
+    fromVersion: "1.36"
 
 ---
 Enable user namespace support for Pods.
diff --git a/content/en/docs/tasks/configure-pod-container/user-namespaces.md b/content/en/docs/tasks/configure-pod-container/user-namespaces.md
index fc4880a40eb37..1062865686786 100644
--- a/content/en/docs/tasks/configure-pod-container/user-namespaces.md
+++ b/content/en/docs/tasks/configure-pod-container/user-namespaces.md
@@ -40,14 +40,6 @@ this is true when user namespaces are used.
 * The node OS needs to be Linux
 * You need to exec commands in the host
 * You need to be able to exec into pods
-* You need to enable the `UserNamespacesSupport`
-  [feature gate](/docs/reference/command-line-tools-reference/feature-gates/)
-
-{{< note >}}
-The feature gate to enable user namespaces was previously named
-`UserNamespacesStatelessPodsSupport`, when only stateless pods were supported.
-Only Kubernetes v1.25 through to v1.27 recognise `UserNamespacesStatelessPodsSupport`.
-{{</ note >}}
 
 The cluster that you're using **must** include at least one node that meets the
 [requirements](/docs/concepts/workloads/pods/user-namespaces/#before-you-begin)

From 8feab127b5a8738d8817475d38a2c18705ee2859 Mon Sep 17 00:00:00 2001
From: Rodrigo Campos <rodrigo@amutable.com>
Date: Fri, 13 Feb 2026 17:40:45 +0100
Subject: [PATCH 2/4] content: userns feature gate about PSS doesn't exist
 anymore

This was removed in:
	https://github.com/kubernetes/kubernetes/pull/132157

Signed-off-by: Rodrigo Campos <rodrigo@amutable.com>
---
 content/en/docs/concepts/workloads/pods/user-namespaces.md | 2 --
 1 file changed, 2 deletions(-)

diff --git a/content/en/docs/concepts/workloads/pods/user-namespaces.md b/content/en/docs/concepts/workloads/pods/user-namespaces.md
index 8fef19725e365..da3301e5dffe1 100644
--- a/content/en/docs/concepts/workloads/pods/user-namespaces.md
+++ b/content/en/docs/concepts/workloads/pods/user-namespaces.md
@@ -243,8 +243,6 @@ In Kubernetes prior to v1.33, the ID count for each of Pods was hard-coded to
 
 ## Integration with Pod security admission checks
 
-{{< feature-state state="alpha" for_k8s_version="v1.29" >}}
-
 For Linux Pods that enable user namespaces, Kubernetes relaxes the application of
 [Pod Security Standards](/docs/concepts/security/pod-security-standards) in a controlled way.
 

From 9b3d7fd44af560e7b98322547d0b0f6cd8d99da5 Mon Sep 17 00:00:00 2001
From: Rodrigo Campos <rodrigo@amutable.com>
Date: Fri, 13 Feb 2026 17:42:01 +0100
Subject: [PATCH 3/4] content: Fix typo in userns doc

Signed-off-by: Rodrigo Campos <rodrigo@amutable.com>
---
 content/en/docs/concepts/workloads/pods/user-namespaces.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/content/en/docs/concepts/workloads/pods/user-namespaces.md b/content/en/docs/concepts/workloads/pods/user-namespaces.md
index da3301e5dffe1..5dceb505a4917 100644
--- a/content/en/docs/concepts/workloads/pods/user-namespaces.md
+++ b/content/en/docs/concepts/workloads/pods/user-namespaces.md
@@ -251,7 +251,7 @@ namespaces, the following fields won't be constrained even in contexts that enfo
 _Baseline_ or _Restricted_ pod security standard. This behavior does not
 present a security concern because `root` inside a Pod with user namespaces
 actually refers to the user inside the container, that is never mapped to a
-privileged user on the host. Here's the list of fields that are **not** checks for Pods in those
+privileged user on the host. Here's the list of fields that are **not** checked for Pods in those
 circumstances:
 
 - `spec.securityContext.runAsNonRoot`

From cd96f2bfac162896bdb338d45f9fb5ae554d222b Mon Sep 17 00:00:00 2001
From: Rodrigo Campos <rodrigo@amutable.com>
Date: Fri, 13 Feb 2026 17:44:22 +0100
Subject: [PATCH 4/4] content: Remove old note about userns

AKS, EKS and GKE support userns already. I'm not aware of any provider not
supporting it, it's definitely the exception now.

The information about the versions we already have is more than enough now.

Signed-off-by: Rodrigo Campos <rodrigo@amutable.com>
---
 content/en/docs/concepts/workloads/pods/user-namespaces.md | 7 -------
 1 file changed, 7 deletions(-)

diff --git a/content/en/docs/concepts/workloads/pods/user-namespaces.md b/content/en/docs/concepts/workloads/pods/user-namespaces.md
index 5dceb505a4917..e7242295a8d16 100644
--- a/content/en/docs/concepts/workloads/pods/user-namespaces.md
+++ b/content/en/docs/concepts/workloads/pods/user-namespaces.md
@@ -52,13 +52,6 @@ user namespaces. The following OCI runtimes offer support:
 * [crun](https://github.com/containers/crun) version 1.9 or greater (it's recommend version 1.13+).
 * [runc](https://github.com/opencontainers/runc) version 1.2 or greater
 
-{{< note >}}
-Some OCI runtimes do not include the support needed for using user namespaces in
-Linux pods. If you use a managed Kubernetes, or have downloaded it from packages
-and set it up, it's possible that nodes in your cluster use a runtime that doesn't
-include this support.
-{{< /note >}}
-
 To use user namespaces with Kubernetes, you also need to use a CRI
 {{< glossary_tooltip text="container runtime" term_id="container-runtime" >}}
 to use this feature with Kubernetes pods: