diff --git a/.github/workflows/nightly.yaml b/.github/workflows/nightly.yaml
index a85f14f59..11d677222 100644
--- a/.github/workflows/nightly.yaml
+++ b/.github/workflows/nightly.yaml
@@ -196,6 +196,7 @@ jobs:
           password: ${{ github.token }}
       - name: Run tests
         run: |
+            sudo ./scripts/enable_userns.sh
             ./examples/kind/kind-ci.sh
 
   cloud-scale-out:
diff --git a/scripts/enable_userns.sh b/scripts/enable_userns.sh
new file mode 100755
index 000000000..96a77cee9
--- /dev/null
+++ b/scripts/enable_userns.sh
@@ -0,0 +1,11 @@
+#!/bin/sh -xe
+
+# enable user namespaces
+sysctl -w kernel.apparmor_restrict_unprivileged_io_uring=0
+sysctl -w kernel.apparmor_restrict_unprivileged_unconfined=0
+sysctl -w kernel.apparmor_restrict_unprivileged_userns=0
+sysctl -w kernel.apparmor_restrict_unprivileged_userns_complain=0
+sysctl -w kernel.apparmor_restrict_unprivileged_userns_force=0
+sysctl -w kernel.unprivileged_bpf_disabled=2
+sysctl -w kernel.unprivileged_userns_apparmor_policy=0
+sysctl -w kernel.unprivileged_userns_clone=1