►
From YouTube: Antrea Community Meeting 10/12/2020
Description
Antrea Community Meeting, October 12th 2020
A
A
The
agenda
has
been
shared
on
the
andrea
channels
on
the
kubernetes
slack
and
we
will
start
discussing
the
cnf
support
for
andrea.
We
have
a
very
fairly
big
proposal
on
on
the
entry
github
site,
which
I'm
sharing
on
the
zoom
chat.
Now
and,
and
basically
the
idea
will
be
for
today
to
start
discussing
this
proposal.
A
A
We
can
cover
this
all
these
topics
in
in
a
single
meeting,
but
it
would
probably
be
nice
at
least
starting
covering
multus
and
iphone
for
secondary
interfaces,
at
least
and
then
another
topic
which
has
been
proposed
by
jun
is
discussing
the
solution
for
node
ipam
on
eks.
A
So
obviously,
then
we'll
try
and
also
save
some
time
at
the
end
of
the
meeting
for
open
discussion.
But
since
today
we
have
a
fairly
packed
agenda
without
much
further
ado,
I
would
start
the
discussion
of
the
of
the
cnf
support
proposal.
I
think
the
I
think
arun
kumar,
the
proposal
for
highest.
A
Yeah,
hello-
and
I
don't
know-
I
don't
know
which
turn
zone
are
you
in?
I
suppose
it's
good
evening
for
you.
C
C
Yeah
so
just
introduce
myself
I'm
from
intel
here,
I'm
working
as
part
of
the
vmware
enabling
team
here
in
intel.
Mainly
I
look
after
enabling
the
vmware
product
for
portfolio
solutions
into
intel
products
right.
This
is
our
main
thing
here.
So
as
part
of
that,
along
with
me,
I
have
our
principal
engineer.
Seidelu
is
also
with
me
today,
high
side,
lou
yeah
thanks
for
joining
yeah.
C
So
we
both
are
here
representing
this
topic
today,
so
we
are
exploring
options
to
contribute
on
andrea
community
from
intel
point
of
view,
so
we
had
gone
through.
We
took
a
look
or
detail
look
on
the
road
map,
so
one
of
the
interesting
topic
for
us
is
the
cnf
support
right.
So
containerized
network
function
support
on
andrea.
C
So
I
think
this
topic
was
kind
of
proposed
by
us
internally
as
well,
some
time
back,
maybe
three
months
back
by
sidolu
as
part
of
some
other
discussions,
so
we
saw
that
it's
been
accepted
as
a
roadmap
plan.
C
So
we
would
like
to
explore
more
on
this
topic
now
to
see
how
far
it
is
already
how
far
we
have
existing
support
on
andrea.
What
is
the
gap?
We
may
have
and
what
kind
of
development
activities
and
design
we
need
to
come
up
with
right.
Please
let
me
know
if
you
want
me
to
adjust
my
voice
or
the
way
I
speak.
C
If
is
this
clear
to
you
guys
it's
great
yeah,
oh,
thank
you
thanks
yeah.
So,
basically,
we
are
looking
to
support.
Add
support
for
cnf
containers
network
function
in
andrea,
so,
while
exploring
these
options
mainly,
these
are
these
are
the
very
great
use
cases
mainly
for
mainly
for
once
one
second
yeah.
I
think
we
can
kind
of.
I
have
some
slides
to
share.
Can
I
share
that
right
now
here,
so
it
can
make
it
more
easy
for
people
to
understand
the
context
yeah.
A
C
Okay,
so
part
of
the
cnf
support.
So
what
what
we
really
see,
which
is
required
at
the
anterior
point
of
view,
is
to
enable
multiple
interface
support
and
network
function
chaining
right.
So
these
are
the
key
things
to
support
cnf
use
cases
mainly
on
the
andrea
side.
So
the
agenda
we
look
at
is
like
vnfcnf
requirements,
solution
approach
like
we
have
some
thoughts.
I
just
want
to
have
level
set
the
expectation
here.
C
Seidel
and
myself,
don't
have
a
clear
proposal
from
our
side
at
this
point,
so
we
wanted
to
open
up
this
topic
to
community
and
understand
more
exactly
where
we
are,
and
is
there
any
proposals
with
the
existing
group,
so
we
wanted
to
go
from
there.
That's
the
main
thing.
So,
if
you
ask
us
like
hey,
do
you
have
a
solution?
Already?
Ready
may
not
be
at
this
at
this
time
yeah.
So
we
just
want
to
let
you.
E
Know
you
have
to
add
a
little
bit
to
r1.
So
basically,
we
have
ideas
of
solution,
saying
that
okay
ods
based,
we
can
create
multiple
instances
of
obvious
or
we
go
into
the
centralized
component
kind
of
open
kind
of
environment.
We
have
certain
ideas
and
high
level
solution,
details
and
also
internally.
E
We
are
little
bit
deep
dive
into
multiple
areas,
but
before
presenting
the
detail
design,
we
want
to
understand
from
community
whether
it
makes
sense
going
it
one
of
the
way
then,
based
on
that,
we
want
to
go
ahead
and
propose
the
detailed
solution.
C
Awesome,
please
go
ahead.
Thank
you.
That's
great
thanks,
thanks
for
putting
it
clear,
yeah.
Thank
you
yeah.
So
the
nfe
cnf
requirements
for
cloud
native
environment
is
is
mainly
multiple
network
interface
support
per
part.
So,
basically
it
means
like
where
the
kubernetes
gives
the
default
interface
and
a
subnet
for
for
communication.
Along
with
that,
so
we
need
to
support
a
virtual
or
provider
network.
Specific
subnet
per
custom
resource
definition
writes
your
definitions
as
such.
C
So
as
of
now,
we
have
only
one
support
per
one
interface
per
pod
with
antonio
cni,
so
we
would
like
to
add
virtual
broader
network,
specific
interface
and
corresponding
subnet
configuration
right.
This
is
one
of
the
key
requirement.
Another
thing
is
dynamic,
dynamic,
virtual
network
creation.
This
is
one
of
the
main
requirements
for
service
function.
Chaining
next
is
network
service
function,
chaining
itself
between
the
cnfs
actually
or
vnfs.
C
Actually,
actually,
we
are
talking
about
cnfs
more
now
between
cnf
services,
right
microservices,
as
such,
it's
either
within
services
or
between
nodes
itself,
right
within
nodes
or
between
nodes.
C
So
what
we
see
at
least
from
what
we
explored
so
far
is
we
do
not
see
andrea,
supporting
the
above
use
cases.
Please
let
us
know
if
you
are
missing
some
points
here
as
per
what
we
explored
so
far,
we
don't
see
these
things
supported
in
andrea,
so
that's
where
we
opened
up
this
topic
mainly
to
discuss
and
understand
more.
What
is
our
plan
towards
that.
B
I
think,
and
through
our
case
we
do
support
it
with
smart
tasks.
You
can
use
our
single
plugin
to
create
secondary
interface
for
your
port
for
the
right.
E
E
As
we
mentioned
in
the
next
slide,
we
felt
that
if
we
go
ahead
with
multis
and
create
a
second
interface
through
multis,
our
support
second
cna,
but
more
and
more,
we
go
towards
the
edge
and
where
we
are
having
the
lower
resource
to
edge
deployments.
E
We
see
that
multisees
taking
memory,
which
is
considerable
memory,
and
also
we
see
the
performance
overhead.
So
that
is
where
we
are
expecting
the
suggestion
or
guidance
from
the
community,
whether
it
makes
sense
or
we
go
ahead
and
support
multiple
interfaces.
B
Okay
got
it,
I
think,
to
me
just
my
personal
opinion.
Probably
others
have
some
other
ideas.
I
just
feel
I
think
the
key.
That
is
not
that
we
support
the
multiple
interface
or
not.
I
think
you
guys
also
mentioned
that
it's
more
about.
B
Could
we,
you
know,
create
some
customized
network
and
put
interface
on
that
network.
Yeah.
There's
something
not
very
clear
to
me
like
what
kind
of
network
we
can.
We
can
create
and
put
interface
on,
for
example,
with
smartpassport.
You
can
do
srv.
B
That's
why
I
don't
think
we
can
really
do
much
better
compared
to
the
open
source,
sro
interface
or
you
can
do
micro
elan
and
that's
that's
some
way
for
you
to
connect
your
interface
to
some
window
network.
I
guess.
E
Yeah,
basically
yeah
sorry
yeah
go
ahead,
go
out
of
this,
so
basically
multiple
interfaces.
We
see
and
the
other
way
side
also
example.
When
the
sd-wan
vnf
we
are
having
it.
One
interface
has
to
support
externally
and
when
we
make
a
sdn
micro
services
based,
so
we
might
be
having
multiple
micro
services
and
within
the
cluster,
we
need
the
communication
facility
that.
B
Is
if
I
understand
you
criteria,
you
mean
actually
the
overlay
network
inside
the
cluster
right
exactly
yes,
I
see,
I
see.
E
And
also
other
one
when
we
try
to
create
a
cnf
chaining,
where
cnfs
are,
instead
of
just
like
a
bulk
vnf.
When
we
make
cnaps
into
multiple,
smaller
microservices,
we
hit
into
the
similar
scenario
within
the
clusters
overlay
and
we
should
be
able
to
communicate
and
similarly
5g
deployments
when
we
see
where
latency
is
going
to
be
super
important
for
5g
deployments
and
where
we
see
the
similarity.
C
Yeah
yeah,
so
I
have
a
quick
question
there.
So,
since
you
said
the
multis
is
already
supported
in
andrea,
is
that
correct
understanding.
B
Problem
toning
can
provide
more
information
here.
I
I
don't
think
we
do
anything
special
for
matas,
just
like
we,
we
are
able
to
walk
together
with
matthias,
go
ahead.
D
C
E
A
A
E
C
Yeah
that's
correct,
but
maybe
maybe
I
was
looking
into
a
little
more
details
on
okay.
When
we
have
another
interface
created
on
the
bot
scope,
how
is
it
getting
communicated
with
the
obvious
bridge
right.
E
B
I
just
want
to
explain
little
why
we
support
matas.
I
think
it's,
I
think
it's
funny,
because
we
got
some
requirements.
Some
nfa
use
case
requirements
that
customer
they
want
to
put
the
segmented
interface
onto
the
s3
or
or
just
use
the
srv
to
connect
second
interface
or
put
a
secondary
interface
to
to
some
villa
network
for
the
taco
service.
B
D
Separate
so
so,
I
think
to
janjun's
point
when
he
mentioned
earlier
things
that
are
not
clear
to
him
and
not
clear
to
me
either
is
whether
there
would
be
value
in
entry
or
providing
like
a
separate,
like
obvious
bridges,
for
example,
to
to
provision
secondary
networks.
E
E
D
E
B
I
think
it's
multiple
overlay
network,
which
led
one
network
service
service
match
use
case,
definitely
one
potential
scenario
we
can
address
with
sanctuary.
B
I
I
just
mean
so
far
we
haven't.
We
haven't
looked
at
that
part
yet
so
far,
we'll
just
look
at
the
basic
taco
use
case
that
people
want
to
put
a
cyclone
interface
to
vila
network
or
srv.
That's
why
we
started
from
martins.
E
E
B
B
I
think
I
got
a
point
about
performance
and
I
was
also
thinking
about
because
I
know
some
customers
they
pre-prefer
species,
plugging
like
a
microwave
on
ipvlan
for
their
segment
interface.
That's
more
due
to
their
experience.
I
think
probably
they
have
preference
for
that,
but
I
was
also
thinking
if
we
put
a
second
interface
on
opengl
switch
and
we
can
even
do
os
dpdk
whatever
so
high
quickly.
We
can
achieve
a
much
better
performance
than
micro
electri
land.
B
Maybe
it
can
be
a
good
use
case
too
for
the
wheel
level.
We
never
write
it
with
customers
so
so
far
we're
not
very
certain
on
it.
I
mean
we
definitely
want
to
learn
your
subs
too.
If
you
guys
have
more
knowledge
on
this
restaurant.
E
Yes
and
I'll,
we
will
take
action.
One
is
bringing
the
performance
numbers
and
also
other
use
cases
where
just
with
multis
is
not
easy.
B
C
Yeah
yeah
so
yeah
sure
yeah.
So,
as
silo
mentioned,
like
that's
the
reason,
actually
we
have
two
one
is
melted.
Space
one
is
andrea,
based
is
what
we
are
trying
to
explore
obvious
reasons
as
side
lumens,
and
so
the
the
memory
constraints
and
the
performance
overhead
is
the
is,
is
the
concern
for
us
to
use
multis.
So
we
will
explore
more
on
that,
like
with
the
data
point
right,
okay,
yeah,.
C
So
this
is
a
high-level
solution,
thought
for
cni
functionality
around
cnf,
so
to
configure
the
network
parameter
for
network
functions,
running
as
a
microservice.
Andreas
cni
would
need
to
support
the
following
functionality.
C
So,
basically
dynamic
network
creation,
dynamic
creation
of
obvious
bridges,
that's
what
we
were.
Actually
we
are
thinking
like
we
will
add
one
obvious
bridge
per
subnet
right
so,
which
means
like
we
have
two
interface
attached
addition
in
addition
to
the
existing
default
interface,
you
have
two
interface
getting
added
to
the
part
scope.
We
would.
We
would
ultimately
have
two
additional
obvious
bridges,
but
that
is
per
interface.
You
have
additional
bridge
created,
never.
C
B
One
I'm
just
trying
to
understand
what
we
want
is
I
mean,
because
even
with
one
bridge,
you
can
create
multiple
isolated
network
right
yeah
with
clothes.
E
C
C
E
Yeah,
it
is
not
especially
anything
because
if
we
see
one
kind
of
centralized
in
network
is
there
one
kind
of
one
internally
we
are
having
it.
So
in
that
case
we
do
obvious
multiple
bridges
or
multiple
open,
separate
networks,
so
that
we
can
have
the
a
lot
of
flexibility.
E
We
see
that
here
one
is
flexibility,
point
of
view,
but
to
simplify
the
things.
Adding
the
more
flows
also
will
help
yeah.
It
is
like
open-ended,
so
there
is
no
way.
This
is
good,
and
that
is
bad.
C
So
another
thing
is
the
dynamic
route
management
across
virtual
and
external
network
right.
This
is
actually
key
for
the
application
service
chaining.
So
it's
basically
about
programming
the
default
route
between
your
left
and
right
service
provider
network
right.
C
So
so
when,
when
your
sd-wan
use
case,
if
you
take
an
sd-wan
use
case,
if
somebody
wants
to
reach
out
to
the
internet,
so
the
service
chain
flow-
or
maybe,
if
you
take
a
security
use
case
like
whether
it
has
to
go
to
a
load
balancer
and
it
has
to
go
through
a
firewalling
and
all
these
things
right.
So
probably
we
need
to
find
the
program
the
next
hop
routes
properly
using
the
andrea
functionality.
This
is
one
thing
has
to
be
achieved.
C
Another
obvious
thing
is
the
load
balancing
between
network
services
or
these
cnfs
right.
So
these
are
the
things
at
the
high
level
we
we
need
to
achieve
with
the
anterior
cni
to
support,
see
enough
use
case.
E
So
on
the
load
balancing,
especially
we
are
looking
where
you
are
deployed,
cnfs
as
a
microservices,
you
might
be
similar,
see
a
particular
cnf
instance
can
be
deployed
in
number
of
instances
based
on
the
load.
We
can.
We
can
add
more
so
making
sure
that
we
are
load
balancing
across
the
micro
services.
E
B
B
Actually,
you
you
programmed
the
owen
through
api
to
add
results
to
to
own
launchpad.
Router,
yes,
is
that
one
I
see
I.
E
B
C
So
these
are
the
challenges
and
the
next
steps.
What
we
look
to
explore
further
is
the
comp
it's
the
complexity
of
multiple
obvious
instance,
management
per
road
right.
So
one
of
the
proposals
we
had
either
we
can
go
for
flow
based
or,
as
said,
you
mentioned,
that
it's
it's
an
easier
approach,
also
to
have
multiple
open
instances,
so
obvious
instances
here
how
to
manage.
C
These
is
kind
of
like
a
complicated
area
which
we
need
to
explore
further
right
and
network
policy
updates
among
multiple
obs
bridges
per
subnet
interface.
Also,
is
this
kind
of
a
challenge
we
have?
We
need
to
see
how
the
packet
switching
can
happen
between
the
obs
bridges
in
this
case
as
well
right.
How
do
we,
what
kind
of
flows
to
be
updated
and
kind
of
complicates
things?
We
need
to
understand
more
on
that.
D
C
E
Yes,
basically,
you
are
having
sd
card
interface,
you
take
it.
One
is
external
one
where
you
have.
The
policy
management
is
separate,
maybe
like
it
is
connected
to
internet
and
second
one
internal
interfaces.
Those
like
micro
services,
you
deployed
within
the
cluster,
so
might
be
different
policies.
A
In
addition
to
water
antonin
just
asked,
I
was
wondering
if
you
are
also
planning
some
sort
of
extension
to
kubernetes
network
policy
for
specifically
and
all
the
additional
interfaces,
or
you
just
want
to
apply
the
kubernetes
network
policy
to
all
the
interfaces
that
might
be
pretty
defined.
On
a
on
a
container
host.
E
Yes,
that
was
one
question
we
want
to
discuss
at
length.
Maybe
we
will
present
in
the
next
communications
only
default
across
the
kubernetes
cluster,
the
same
policy.
It
might
get
tricky
because
we
need
to
see
the
multiple
different
areas
which
is
going
to
have
the
different
policies.
G
Yes,
yes,
thank
you
so
today,
with
the
network
policy
api,
the
way
it's
defined,
the
spec
mentions
that
the
the
network
policy
applies
to
only
the
primary
interface.
The
the
default
interface,
and
there
is
the
the
api
itself
does
not
have
a
way
to
select
a
particular
interface
on
the
pod
to
apply
a
network
policy.
So
I
mean,
since
this
multiple
networks
came.
You
know
a
few
releases
after
network
policy,
so
there
was,
you
know
no
real,
as
in
you
know,
written
word
on
like
how
how
network
policy
applies
to
multiple
interfaces.
G
So
it's
up
to
interpretation,
but
at
the
moment,
with
the
current
spec
that
we
have,
you
would
either
be
able
to
apply
the
policy
on
this,
the
default
or
the
primary
interface
or
on
all
the
interfaces.
C
Sure
yeah
so
pretty
much.
We
discussed
this
as
well
right
so
multi-swiss
entry
extension
for
nfv.
What
do
we
really
into?
I
think
we
need
to
deep
dive
for
this,
so
maybe
right
side,
lou,
yes,
yeah.
E
C
Right
right,
so
the
other
thing
also
to
reduce
the
complexity
with
the
obs
and
do
we
need
to
consider
a
subset
of
own
functionality?
Do
we
need
to
have
a
similar
functionality
yeah,
please
go
ahead
and
add
on
this.
E
E
Antonia
and
orlando
is
it
makes
sense
or
any
more.
You
want
us
to
bring.
B
I
I
personally
just
feel
I
mean
it's
cnf
and
the
taco
use
case.
There
are
lots
of
things
to
do.
I'm
just
thinking.
Do
you
guys
think
we
can
start
from
something
relative,
important
and
the
basic?
B
Of
course
I
am
not
against
to
us
together.
Proposals
with
more
complete
use
case
use
cases
covered,
but
I
was
just
thinking
if
we
want
to
get
started.
That
is
that
is
that
a
better
approach
to
start
from
something
more
basic
like.
E
B
E
Yeah
exactly,
I
think,
the
basic
one
here
might
be
like
supporting
the
multiple
interfaces:
either
we
multis
yeah
or
it
is
like
extension.
Maybe
we
start
from
there.
What
do
you
think
sure.
B
But
again,
when
you
see
multiple
interfaces,
it's
not
very
clear
to
me
because
I
was
thinking
it's.
We
can
create
a
microphone
for
it's
more
like
how
we
connect
to
the
interface
right
like
either.
E
B
Do
overlay,
or
we
do
something
similar
to
micro,
elan
that
you
yeah,
I
think,
used
to.
We
learned
that
something
like
this
yeah
yeah,
I'm
just
thinking.
Maybe
you
guys
have
some
ideas
already
like
what
kind
of
network
we
should
protest
and
then
maybe.
E
D
Yeah,
I
also
think
starting
with
maltose
is
probably
a
good
idea,
and
if
you
do
bring
that
data
about
like
member
impact
of
multus,
then
we
can
probably
support
like
custom
crds.
In
addition
to
multus
using
the
same
code,
pretty
much
just
with
different
apis.
E
E
B
E
E
One
question:
anyway:
we
are
discussing
similar
topic.
What
do
you
guys
think
on
the
af
xdp
interface.
B
D
I
was
gonna
say
I
think
it's
very
similar
to
obvious
dpdk
in
a
way
because
what.
E
D
Been
told
in
the
past
right
is
that,
if,
if
you
use
af
xdp
to
send
packets
to
the
obs
net,
dev
data
pass,
and
then
you
use
like
regular
vs
to
send
packets
to
the
containers.
You
basically
lose
any
performance
advantage
of
using
a
fxdp
for
packet
io
on
the
host
in
the
first
place.
D
So
if
I
think,
if,
if
you
use
like
af
xdp
on
the
host,
you
have
to
find
like
some
alternative
ways
of
sending
packets
to
containers,
you
cannot
use
regular
v
source.
There
isn't
like
much
interest
much
advantage
yeah.
I
think
I
may
be
wrong,
but
I
think
you
can
use
af
xdp
in
the
host
and
then
you
can
use
like
vos
interfaces
to
to
bring
packets
to
the
containers.
Assuming,
of
course,
the
application
is
okay
with
not
having
access
to
the
standard.
B
Yeah
yeah,
I'm
just
I
was
just
about
to
say
something
similar
to
what
antonio
showed,
but
I
was
also
thinking.
Afsd
is
similar
to
dpdk,
but
my
my
understanding
that
with
dvdk
data
pass,
if
we
run
dvd
stack
inside
the
container
in
most
cases,
the
dbdk
database
still
have
a
better
performance
than
ss
af
sdp.
B
Yes,
even
on
high
providers
like
on
whisper
or
qn,
that's
that's
my
understanding
right.
So
all
india-
I
was
thinking.
Probably
we
we,
of
course
we
can
do
both.
But
once
I
was
thinking
we
want
to
prioritize
dbdk
for
the.
B
Case
but
I
know
some
benefits
with
fsdpr,
it's
easier
to
config
at
least.
C
A
Sounds
great,
is
there
any
other
question
regarding
his
presentation
on
cnf
support,
cnf
support
in
general.
A
And
I
guess
further
discussion
will
be
different
later
to
the
github
issue
or
to
the
next
unfair
meeting.
So
next
topic
on
the
agenda
is
next
topic
on
agenda
is
ipam
support
for
eks
integration.
A
I
think
that
the
problem
can
be
summarized
as
we
in
order
to
run
the
goal
is
to
run
andrea
as
a
primary
cni
in
aks.
In
order
to
do
that,
we
must
support
ipam.
Unlike
what
we
do
in,
let's
say
traditional
kubernetes
deployment.
We
cannot
just
leverage
the
node
diaphragm
controller,
because
that
seems
to
not
be
allowed
in
eks
and
therefore
we
need
to
find
a
different
solution.
So
perhaps
zhenjun
would
would
you
like
to
introduce
the
problem.
B
Sure
I
think
she
already
covered
the
background
of
the
of
the
requirement.
I
think
it's
from
eks.
Basically,
since
we
are
unsure
the
supported
singer
in
eks
not,
but
we
can
only
to
be
the
cycleness
thing,
I
would
do
singer
training
with
the
amazon
opc
singer
plugins
to
be
a
primary
client
that
will
do
ipam
and
then
implement
the
connectivity
between
ports
and
untrial
register
later
policy
enforcement.
B
But
we
got
some
inputs
from
amazon
fox
eks
team.
Obviously
they
are
seeing
with
amazon
vp
spacing
I
there's
a
there's
a
limit
on
the
number
of
ips
you
can
allocate
in
the
vpn,
so
there
there
will
be
some
scale
limit
for
for
your
cluster.
Sorry
for
the
for
the
polar
density,
actually
the
number
of
ports
on
a
single
node.
I
cannot
remember
that
number.
Maybe
it's
100
or
something.
A
B
E
B
Said
probably
that
means
we
need
to
support
some
ipam
solution,
because
in
eks.
B
B
Of
course,
there
can
be
multiple
choice
here,
like
we
can,
we
can
implement
ipam
by
ourselves
or
we
leverage
some
other
open
source
ipad
solutions.
I
think
there
are
some
solutions
available
for
today,
probably
the
the
the
the
major
option.
I
want
to
discuss
with
you
guys
it's
like.
Could
we
just
leverage
kubernetes
know,
load
ipam
controller?
B
That
means
probably
we
just
leveraged
the
little
iphone
controller
packages
from
chrysler
dream
and
then
go
ahead.
Sorry.
A
I
mean
I,
I
was
discussing
a
couple
of
weeks
ago,
this
mother,
with
a
copy
in
a
chat,
and
we
kind
of
thought
that
this
was
also
the
easiest
idea
you
know
just
using.
I
think
you
may.
I
was
looking
at
your
pr
1342
and
basically
the
idea
is
just
to
use
the
no
diaphragm
controller
as
a
library
in
andrea,
pretty
much
right,
statically
linking
it
to
andrea,
but
you
know
I
think
this
could
be.
A
B
Right,
if
we
do
subreddit
pronoun,
definitely
all
right.
B
Sure
I
think,
finally,
probably
we
want
to
support,
we
might
want
to
support
other
ipads
like
some
like
namespace,
but
this
it's
not
in
the
short
term
plan
yet,
but
I
want
to
mention
I
I
I
saw
two
uses
with
comments:
no.pan,
I'm
probably
actually
gonna
say
useless
at
first.
I
I
haven't
tested
it
yet,
so
I
think
it
probably
should
work.
I
have
no
no
problem
to
compare
the
code,
but
we
haven't.
B
I
haven't
tested
the
code
and
work
or
not
yet
okay,
but
I
I
I
guess
they
can
be
too
useful
here.
Why
is
that?
I
think
you
also
mentioned
that-
and
I
also
mentioned
that
in
my
pr
it's
not.
The
ipad
container
is
not
really
assumed
to
be
a
public
package,
so
you
need
some
small
hacks
to
to
link
the
packages
like
you
need
to
have
some
way
to
resolve
the
dependency
of
these
packages.
It
does
have
some
other
dependencies
and
something
to
the
deepness
go
ahead
and.
B
B
I
saw
the
binary
size
increased
quite
a
lot.
It's
I
think
it
increased
from
around
16
megabytes
to
lighten
megabytes.
B
So
almost
fifty
percent
size
increase.
I'm
not
sure
it's
due
to
too
many
dependencies
from
the
stuff
that
I'm
concerned.
A
I
mean
I
think,
that
the
size
increase
if
it's
only
acceptable
size
increasing-
maybe
it's
not
extremely
concerning,
but
we
probably
need
to
run
the
code
and
evaluate
also
resident
memory
usage.
A
You
know
the
memo
if
this
also
means
that
we
are
using
more
memory,
I
don't
think
so,
but
that's
something
that
we
need
to
evaluate
it's
it's
good
that
you
mentioned
that
there
are
also
like
a
kind
of
a
few
issues
with
the
dependency
management,
because
if
then
incorporating
the
no
diaphragm
controller
in
this
way
becomes
a
little
bit
painful
like
we
very
you
know
like
periodically,
like
updates
to
no
diaphragm
controller,
periodically
break
entry
or,
for
instance,
because
of
this
dependency
issues,
then
it
might
be
worth
considering
considering
re-implementing
the
logic,
because
at
the
end
of
the
day
I
seem
to
recall
that
the
actual
ipam
logic
near
no
diamond
controller,
it's
something
that
is
contained
in
a
couple
of
golem
modules.
A
There
will
there
will
be
you
know
there
will
be.
I
I
don't
know
if
there
are
some
concerns
from
a
let's
say,
a
attribute.
D
Would
we
need
to
persist
some
state
using
a
custom
resource
or
something
junjon
if
we
were
to
re-implement
node
ipam
controller.
D
For
in
case
of
a
controller
restart,
how
do
we
keep
track,
of
which
subnets
have
been
allocated
already,
or
do
we
just
like
go
over
all
the
node
specs
and
look
at
which
subnet
they're
using.
B
That
that
that
is
what
I
was
thinking,
even
if
you
know
the
ipad
controller,
is
it
works
in
that
way,
right.
D
A
I
mean
the
thing
is
that
if
dependencies
are
really
a
problem
and
no
divem
controller
has
not
been
conceived
to
be
to
be
used
as
a
library,
the
time
that
we'll
be
saving
now,
it
will
be
paid
with
interest
over
time
from
managing
managing
dependencies
and
periodic
breakages
of
andrea.
So
it
might
be
probably
worth
for
implementing
the
logic.
A
B
Actually,
I
was
thinking
that
even
we
want
to
use
the
apartment
tuner
for
now,
probably
I'll,
just
link
it
to
into
one
track
control.
I
think
probably
a
better
strategy
like
we.
We
just
create
a
new
binary
and
the
new
container
to
to
run
it,
so
that
is,
it
will
not
mess
up
the
dependency
for
other
anterior
components.
F
B
Yeah
that
can
be
one
way
to,
but
I
I
I
didn't
look
at
the
all
the
dependencies
to
say
it's
easy
to
try
a
code
out
or
not.
Hopefully
we
can
do
it.
A
And
am
I
right,
that's
anton
was
suggesting
to
run
the
iphone
controller
in
a
separate
container.
D
No
jenjen
just
said
that,
if,
if
we
did
go
this
way,
we
would
probably
run
it
in
a
separate
binary.
That's
what
it
said.
Okay!
Well!
I
guess
that
would
be
a
container,
probably
a
different
container.
Then
we're.
B
Anyway,
that
is
only
for
very
specific
department
like
eks
right,
so
probably
we
don't
need
to
increase
binary
size
for,
for
that.
A
But
allow
me
one
question
on
this
on
this
proposal.
In
that
case,
we
will
need
to
run
the
iphone
controller
as
a
service,
because
at
the
moment
it's
not
really
a
service.
It's
like
an
accessible
that
it's
invoked
every
time
you
need
an
ip
address
we
will
need
to.
We
will
need
to
wrap
it
into
some
sort
of
services
to
you
know
to
return
ip
addresses
on
demand
right.
D
I
think
it
would
be
the
same
observatory-
I'm
not
hundred
percent
sure,
but
I
think
it
waits
for
specs
and
then
it
updates
the
pod
side
or
in
the
node
sorry
it
waits
for
node
spec
and
then
it
updates
the
parts
hider
in
the
node
spec,
because
I've
seen
instances
where
there
is
a
bit
of
a
delay
between
the
node
spec
being
created
and
the
pod
sider
field
being
set
in
the
node
spec.
So
I
imagine
it
works
this
way.
B
Exactly
I
think,
it's
pretty
simple
at
the
lower
the
airplane
controller,
just
watch
the
node,
and
then
you
you,
you
pass
theta
and
some
other
parameter
to
the
node
controller.
When
you
start
it
and
you
will
locate
the
sub
format,
it
also
supports
other
strategies.
So
I
didn't
look
into
that.
For
example,
you
can
also-
actually
I
didn't
really
look
into
that,
but
I
I
saw
some
cody
can
talk
to
the
cloud
provider.
B
D
D
B
Got
it
okay,
I
think
anyway,
probably
you
guys
can
look
at
the
pr.
I
created
it's,
not
a
cleaning
one,
probably
just
for
you
to
get
a
sense.
How
how
we
can
you
know,
go
into
the
pan
container
and
what's
the
dependency
usually
because
if
you
look
at
the
go
dot
mode
or
my
pr,
you
can,
you
can
see
all
the
dependencies
change
here
and
then
we
can
discuss
more
often
that's
good
by
the
way,
sorry
and
kobia.
If
you
guys
want
to
take
that
change,
it's
pretty
fun
to
me.
F
A
Yeah
yeah
I
mean
yes,
that
would
be.
That
would
be
nice.
I
think
that
I
don't
know,
I
don't
know,
if
kobe
will
need
to
take
kobe's
feedback.
Whether
he's
a
are
you
there,
yeah.
A
Yeah
sure,
okay,
that's
great
okay,
so
I
think
that
we
probably
have
the
problem
framed
correctly
framed,
and
you
know
then
I
I
I
have
a
very
dumb
question,
and
this
is
only
my
ignorance
when
we
want
to
test
code
for
eks.
Do
we
have
some
sort
of
vks
account?
Is
a
amazon
giving
us
some
free
free
stuff.
D
Yeah,
we
have
an
account,
we
can
add
more
jobs
and
I
think
anyway,
genji
and
stuff.
In
a
way
you
can
test
it
with
rtks
right.
You
just
have
to
disable
no
diaper
bags.
A
D
A
Okay,
thanks
all
right,
so
I
think
that
this
can
consider
the
discussion
on
this
topic
close
to,
and
at
least
from
from
the
conversation
on
the
slack
channel
it
doesn't
seem
there
are
any
more
topics
for
today
is
the.
Is
there
anything
else
you
like
to
bring
up.
G
G
That
we
would
like
to
work
on
as
caps,
and
I
think
they
they
would
pre
stories
that
we
went
forward
with
the
first
one
was
a
small
one
with
the
introduction
of
port
ranges
to
the
existing
viva
network
policy
api.
So
the
good
news
is
that
in
andrea
we
are
also
tracking
a
similar,
similar
user.
E
G
And
I
think
grayson
is
already
working
on
something
similar
to
support
port
ranges
and
npr
policies.
The
second
user
story
was
the
the
selection
of
namespaces,
by
name
instead
of
namespace
or
not
instead,
along
with
the
namespace
selector.
G
So
this
would,
you
know,
I
think,
jay
from
map
view,
or
you
know
from
within
vmware,
is
going
to
write
a
cap
for
this
and
again
I
think
this
is
this
is
something
on
the
roadmap
for
anti-network
policies,
also
anti-native
policies.
Also,
the
third
one
which
was
kind
of
agreed
upon
by
folks
was
the
clusterscope
network
policy
for
administrators
and
on
this
effort,
young
and
I,
along
with
a
couple
of
google
folks,
are
working
on
a
spec
for
this.
G
In
addition
to
that,
today's
meeting,
one
google
engineer
kind
of
like
came
forward
with
wanting
to
push
dns
based
egress
policies,
or
rather
dns
or
fqdn,
based
policies
which
is
similar
to
the
to
what
psyllium
already
supports
so
so
he's
trying
to
push
that
in
upstream,
and
I
think
that
is
one
thing
that
we
probably
still
don't
have
a
an
open
issue
or
a
good
story
on
in
andrea.
G
So
it
might
be
worthy
to
you
know,
take
up
or
take
a
look
at
this
particular
respect
or
use
a
story,
because
if
at
all
that
goes
upstream-
and
it
is
accepted
and
is
part
of
the
network
policy
api-
that
probably
cm
is
going
to
be
the
only
one
supporting
it
in
open
source.
Calico,
I
think,
has
an
enterprise
version
of
it.
A
Summary
all
right
so
before
the
concluding
in
the
meeting
I
just
want
to
figure
out
if,
for
the
next
installment
of
gentria
community
meeting,
if
alone
and
sidoro
are
presenting
to
do
planning
to
do
another
presentation
on
cnf
to
integrate
to
this
presentation.
A
Perfect,
okay
and
say
that
I
think
I
can
wish
everyone.
I
can
thank
you,
everyone
for
attending
today's
meeting,
especially
as
usual
for
our
friends
joining
from
the
u.s
that
are
forced
to
to
do
this
late
in
their
evenings.
So
thank
you
very
much
and
I
wish
everyone
and
good
morning
a
good
afternoon
or
a
good
evening.