diff --git a/docs/admin/templates/extending-templates/docker-in-workspaces.md b/docs/admin/templates/extending-templates/docker-in-workspaces.md
index 4c88c2471de3f..51b1634d20371 100644
--- a/docs/admin/templates/extending-templates/docker-in-workspaces.md
+++ b/docs/admin/templates/extending-templates/docker-in-workspaces.md
@@ -266,6 +266,45 @@ Before using Podman, please review the following documentation:
    > For more information around the requirements of rootless podman pods, see:
    > [How to run Podman inside of Kubernetes](https://www.redhat.com/sysadmin/podman-inside-kubernetes)
 
+### Rootless Podman on Bottlerocket nodes
+
+Rootless containers rely on Linux user-namespaces.
+[Bottlerocket](https://github.com/bottlerocket-os/bottlerocket) disables them by default (`user.max_user_namespaces = 0`), so Podman commands will return an error until you raise the limit:
+
+```output
+cannot clone: Invalid argument
+user namespaces are not enabled in /proc/sys/user/max_user_namespaces
+```
+
+1. Add a `user.max_user_namespaces` value to your Bottlerocket user data to use rootless Podman on the node:
+
+  ```toml
+  [settings.kernel.sysctl]
+  "user.max_user_namespaces" = "65536"
+  ```
+
+1. Reboot the node.
+1. Verify that the value is more than `0`:
+
+  ```shell
+  sysctl -n user.max_user_namespaces
+  ```
+
+For Karpenter-managed Bottlerocket nodes, add the `user.max_user_namespaces` setting in your `EC2NodeClass`:
+
+```yaml
+apiVersion: karpenter.k8s.aws/v1
+kind: EC2NodeClass
+metadata:
+  name: bottlerocket-rootless
+spec:
+  amiFamily: Bottlerocket # required for BR-style userData
+  # …
+  userData: |
+    [settings.kernel]
+    sysctl = { "user.max_user_namespaces" = "65536" }
+```
+
 ## Privileged sidecar container
 
 A

<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>
<html xmlns='http://www.w3.org/1999/xhtml'>
<head>
<title>pFad - Phonifier reborn</title>
<meta http-equiv='Content-Type' content='text/html; charset=utf-8' />
</head>
<body>
<h1>Pfad - The Proxy pFad of &#169; 2024 Garber Painting. All rights reserved.</h1>


<!-- Disclaimer -->
<p>Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.</p>
<br>
<p>Alternative Proxies:</p><p><a href="http://rainy.clevelandohioweatherforecast.com/php-proxy/index.php?q=https://patch-diff.githubusercontent.com/raw/coder/coder/pull/17987.diff" target="_blank">Alternative Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/index.php?u=https://patch-diff.githubusercontent.com/raw/coder/coder/pull/17987.diff" target="_blank">pFad Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/v3index.php?u=https://patch-diff.githubusercontent.com/raw/coder/coder/pull/17987.diff" target="_blank">pFad v3 Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/v4index.php?u=https://patch-diff.githubusercontent.com/raw/coder/coder/pull/17987.diff" target="_blank">pFad v4 Proxy</a></p></body>
</html>