Currently, it is hard to run region controller from unprivileged kubernetes. Would it be possible to split region controller funcionality so that it can run unprivileged if not serving dns/dhcp?
It is possible with small changes. For k8s run, hostname override is needed as pods have various names. It would be nice to be able to disable some services such as bind reloading. And also, in unprivileged case, it cannot get hardware information, but it is not needed for region controller.