chore: remove cgroupnsMode setting from K3s container configuration

[lixin9311]

What does this PR do?

Remove cgroupnsMode setting from K3s container configuration

Why is it important?

It mirrors the official k3s documentation about running in Docker:
https://docs.k3s.io/advanced#running-k3s-in-docker

sudo docker run \
  --privileged \
  --name k3s-server-1 \
  --hostname k3s-server-1 \
  -p 6443:6443 \
  -d rancher/k3s:v1.24.10-k3s1 \
  server

My local dev machine is a MacBook Apple Silicon running OrbStack. With --cgroupns host, Linux VM development environments (especially when memory ballooning is enabled) Pods will experience SandboxChanged Pod sandbox changed, it will be killed and re-created. issue, and they will never become ready.

PoC, use OrbStack if you start k3s with host cgroupns, get in the k3s docker, check pods, they will never become ready:

sudo docker run \
  --privileged \
  --name k3s-server-1 \
  --hostname k3s-server-1 \
  --cgroupns=host \
  -p 6443:6443 \
  -d rancher/k3s:v1.24.10-k3s1 \
  server

OrbStack features memory ballooning; I presume the ballooning hack kinda interferes with kubelet.

I have to use a workaround.

testcontainers.WithHostConfigModifier(func(hc *dockercontainer.HostConfig) {
			hc.Privileged = true
			// hc.CgroupnsMode = "host"
			hc.Tmpfs = map[string]string{
				"/run":     "",
				"/var/run": "",
			}
			hc.Mounts = []mount.Mount{}
		}

k3s docker can handle cgroupns=private well, k3d also uses the default containerd cgroupns setting.

Related issues

• No issue. I have a local workground.

[netlify]

✅ Deploy Preview for testcontainers-go ready!

Name	Link
🔨 Latest commit	eda32e1
🔍 Latest deploy log	https://app.netlify.com/projects/testcontainers-go/deploys/69e205ccbb000f00087daf19
😎 Deploy Preview	https://deploy-preview-3653--testcontainers-go.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 60c87bf5-b110-4857-895b-0b936e1ff456

📥 Commits

Reviewing files that changed from the base of the PR and between 3caae2e and eda32e1.

📒 Files selected for processing (1)

• modules/k3s/k3s.go

💤 Files with no reviewable changes (1)

• modules/k3s/k3s.go

---

Summary by CodeRabbit

• Refactor
  • Updated container cgroup namespace configuration to use the default mode instead of forcing host mode, changing how container resource groups are accessed.

Walkthrough

Removed the forced hc.CgroupnsMode = "host" configuration from the k3s container host setup in the Run function, allowing the container to use its default cgroup namespace mode instead of overriding it.

Changes

Cohort / File(s)	Summary
Cgroup Configuration Cleanup modules/k3s/k3s.go	Removed forced host cgroup namespace mode setting, letting containers use their default namespace configuration.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Poem

A line removed with gentle care,
The cgroup defaults floating there,
No forcing "host" upon the pod,
Just letting nature run its mod! 🐰✨

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately and concisely describes the main change: removing the cgroupnsMode setting from K3s container configuration.
Description check	✅ Passed	The description clearly explains what is being changed, why it is important (mirrors official k3s documentation, resolves Pod sandbox issues on MacBook/OrbStack), and provides concrete examples and rationale.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[mdelapenya]

Hi @lixin9311 this LGTM, thanks for the fix!

As soon as the CI pass, we'll merge this one

[mdelapenya]

it's fine to remove it. In case somebody wants to re-add it, they can build their own HostConfigModifier