diff --git a/.github/workflows/k8s_traefik_init_setup.yml b/.github/workflows/k8s_traefik_init_setup.yml
index 525f770..d61499f 100644
--- a/.github/workflows/k8s_traefik_init_setup.yml
+++ b/.github/workflows/k8s_traefik_init_setup.yml
@@ -41,27 +41,29 @@ jobs:
         kubectl config use-context runner-context
 
     # -----------------------------------------------------
-    # Build & Push Docker image (ARC-safe, no Docker daemon)
+    # Enable Buildx in Rootless BuildKit Mode
     # -----------------------------------------------------
+    - name: Install buildkit
+      run: |
+        curl -sSL https://github.com/moby/buildkit/releases/download/v0.12.5/buildkit-v0.12.5.linux-amd64.tar.gz -o buildkit.tar.gz
+        tar -xzf buildkit.tar.gz
+        mv bin/buildctl /usr/local/bin/
+        mv bin/buildkitd /usr/local/bin/
+        chmod +x /usr/local/bin/buildctl /usr/local/bin/buildkitd
 
-    - name: Set up Docker Buildx (rootless)
-      uses: docker/setup-buildx-action@v3
+    - name: Start buildkitd (rootless)
+      run: |
+        buildkitd --oci-worker-no-process-sandbox --rootless &
+        sleep 3
 
-    - name: Login to Docker Hub
-      uses: docker/login-action@v3
-      with:
-        username: ${{ secrets.DOCKER_HUB_USERNAME }}
-        password: ${{ secrets.DOCKER_HUB_TOKEN }}
+    - name: Build & Push (rootless buildkit)
+      run: |
+        buildctl build \
+          --frontend dockerfile.v0 \
+          --local context=./traefik \
+          --local dockerfile=./traefik \
+          --output type=image,name=docker.io/kimjunte/edge_router:${GITHUB_SHA},push=true
 
-    - name: Build & Push Traefik Image
-      uses: docker/build-push-action@v5
-      with:
-        context: ./traefik
-        file: traefik/Dockerfile
-        push: true
-        tags: |
-          docker.io/kimjunte/edge_router:${{ github.sha }}
-          docker.io/kimjunte/edge_router:latest
 
     # -----------------------------------------------------
     # Apply Storage Classes + PVCs