►
From YouTube: Antrea Community Meeting 02/27/2023
Description
Antrea Community Meeting, February 27th 2023
A
Good
morning,
good
evening
or
good
afternoon,
thanks
for
joining
in
this
instance
of
gentria
community
meeting
today
is
a
Tuesday,
February,
28th
or,
of
course
month
till
Monday.
If
you
are,
if
you
are
in
United
States
and
for
today
we
have
two
topics
on
the
agenda.
A
The
first
is
will
be
discussed
by
antonan,
and
it's
about
resisting
the
anterior
user
interface
to
move
away
from
the
octant
plugin
and
develop
a
new
react
web
user
interface.
The
second
topic
will
be
discussed
by
pulkit,
and
it's
about
setting
up
a
continuous
CI
pipeline,
a
CI
pipeline
for
rancherit
for
Andrea
Rancher
integration
So.
Since
today
we
have
a
fairly
parked
meeting.
I
will
probably
defer
to
Antonin
to
start
with
the
first
topic
for
today
into
this
agenda.
B
Hey
thanks:
Salvatore
hi
everyone,
so
I
don't
have
slides,
but
I
will
just
like
give
a
quick
walkthrough
of
my
proposal,
for
which
I
have
opened
the
GitHub
issue
and
then
I
will
do
a
demo
of
the
prototype
I've
built.
So
let
me
share
my
screen.
B
All
right,
hopefully,
you
guys
can
see
my
my
browser
right
now
and
GitHub
issue.
I
have
opened
for
this,
so
as
as
you
guys
may
be
familiar
with,
I
mean
you're,
probably
familiar
with
early
on
in
the
life
of
the
Andrea
project.
We
decided
to
develop
a
knockdown
plugin,
so
Octan
is
some
sort
of,
or,
as
there
was
some
sort
of
dashboard
for
communities
giving
you
access
to
your
community's
resources.
So
you
can
quickly
check
the
resources.
B
You
have
access
things
like
the
logs
of
your
different
parts,
for
example,
look
at
your
crds
and
so
on,
and
when
we
developed
the
entry
octane
plugin,
the
first
functionality
we
added
and
actually
is
a
pretty
much
as
a
major
functionality.
We
added
was
the
ability
to
run
trace
flows
from
the
octant
web.
C
B
B
Think
Chen
pointed
that
out
in
the
previous
meeting
and
in
addition
to
octant
no
longer
being
maintained,
I
think
I
want
to
point
out
that
keeping
the
octant
plug-in
running
in
the
last
couple
years
has
not
been
like
super
easy,
because
the
Octon
API,
which
which
is
used
as
a
communication
Channel
between
octant
and
the
Octon
plugin,
has
been
changing.
It's
been
hard
for
users
to
figure
out
which
version
of
octane
they
should
use
with
each
version
of
entry
and
so
on
and
I
mean
I
I
detailed.
B
A
few
of
those
issues
in
in
the
GitHub
issue
here
and
in
addition
to
that
I
think
it's
it's
not
super
clear,
like
what
kind
of
value
we
provide
with
the
Octan
UI.
Of
course,
people
can
run
trace
flow,
but
it's
also
possible
to
run
trace
flow
from
the
CLI,
for
example,
and
I.
Don't
think
just
the
ability
to
run
stress
flow
like
makes
it
really
interesting
to
to
deploy
octant
with
the
entry
Octon
plugin.
B
B
So
what
I
propose
in
this
issue
is,
of
course,
to
remove
or
remove
support
for
our
octane
plug-in,
even
deleted,
potentially
from
the
code
base
in
in
a
couple
of
releases
and
replace
it
with
a
custom
web
UI,
which
at
first
would
have
the
same
functionality
as
our
octane
plugin,
but
which
would
have
like
a
a
large
potential
for
growth.
B
For
example,
if
we
want
to
be
able
to
add
some
visibility,
features
to
the
UI
and
for
the
sake
of
this
presentation,
I've
built,
like
I've,
built
a
prototype
of
a
UI
using
the
react
web
framework
and
the
clarity
design
system,
which
is
also
a
design
system
for
web
applications.
That
was
open
sourced
by
VMware.
B
But
it's
been
around
for
a
long
time
and
so
I
think
I'm
gonna
jump
right
away
into
the
demo
and
then
I
can
come
back
on
on
the
architecture
and
talk
about
like
possible
improvements
and
kind
of
like
the
proposed
architecture.
B
So
a
little
bit
of
background
on
my
setup
here,
I
have
added
training
for
a
while,
but
basically
I
I
just
have
one
Community
cluster
running
on
my
laptop
I've
deployed
a
couple
of
parts
for
the
sake
of
being
able
to
run
trace
flow.
Of
course
the
cluster
is
running
in
Tria
and
on
top
of
that,
I
have
a
web
server
running
in
this
tab,
which
is
serving
my
react.
B
Application
and
here
I
have
an
API
server,
which
is
gonna
well
serves
the
apis
which
are
invoked
from
the
react
application
to
access
information
about
entria
and
to
run
trace
flow.
B
C
B
Go
so
on
this
tab
is
kind
of
like
what
I
call
the
summary
Tab
and
what
it
does.
Is
it's
very
simple
right
now.
It's
just
fetching
the
information
which
we
publish
in
the
agent
info
crd
and
controller
info
crd,
and
it's
displaying
some
of
that
information
here,
so
it
this
is
mostly
a
placeholder
I'm
only
showing
a
very
small
subset
of
of
this
information.
Here,
of
course,
we
could
add
more
information
to
this
page
as
a
second
tab.
I
built
here
is
well
where
I've
spent
the
most
time
already.
B
It's
the
trace
flow
implementation,
I'm,
not
sure
it's
totally
feature
complete
compared
to
what
we
have
in
the
Octon
plugin
today,
for
example,
I,
don't
think
I
haven't
implemented,
live
traffic,
Trace
Pro,
but
I'm
just
gonna
run
a
quick
Trace
Flow
by
copying
the
names
of
the
pods
so
I'm
going
to
take
this
one
and
that
one
and
leave
everything
default
run
trace
flow.
So
it's
going
to
take
tell
me
it
can
take
a
few
seconds
and
then
here
we
go
it.
B
It's
going
to
deploy,
display
or
graph
I
didn't
spend
too
much
time
on
the
formatting.
It
would
be
possible,
of
course,
to
have
that
graph
to
reorganize
that
graph
I
think
in
the
current
octane
plugin.
We
have
nodes
in
with
a
horizontal
layout
and
not
a
vertical
layout
like
this
but
yeah.
So
basically,
this
is
how
you're
on
Trace
flow
is
very
easy
to
run
the
same
Trace
flow
again,
you
just
click
the
button.
B
Again,
it's
going
to
run
it
and
well,
we
don't
see
any
change,
but
because
the
same
graph
is
generated
actually
can
I
take
another.
Let
me
take
another
part,
maybe
the
core
DNS
one
here.
C
B
Oh
thanks
a
lot.
Yeah
I
haven't
added
error
reporting
in
the
UI
yet
so.
C
B
Yeah
I'm
just
brings
all
trace
for
you,
I
guess
there
is
a
probably
an
error
somewhere
things
and
if
they
run
it
there
we
go
so
it's
on
the
same.
Not
this
time
and
yeah.
There
is
a
reset
button
to
just
go
back
to
all
defaults
and
the
next
tab,
so
this
one
I
haven't
implemented,
but
but
sorry
I've
implemented
some
UI
ports.
Obviously,
but
I
haven't
implemented
any
back-end
part.
B
So
this
is
kind
of
like
a
very
small
example
of
what
we
could
do
if
we
wanted
to
display
some
flow
visibility.
Information
into
the
UI
and
I
just
did
this
using
like
fake
data
from
a
Json
files
that
I
created
with
a
script
I
just
wanted
to
show
what
could
be
done
with
kind
of
like
the
graph
libraries
that
we
can.
B
The
JavaScript
live
graph,
libraries
that
we
could
use,
so
it's
just
displaced
kind
of
like
here
in
the
tab,
the
latest
flows
and
in
the
graph
the
rates
of
new
connections
per
minute.
So
with
that
sample
data,
we're
always
at
about
like
20
15
to
20
new
flows
per
minute
in
the
cluster
I
put
like
a
sample.
B
Network
policy
tab
years,
but
there
is
no,
no
there's
nothing
yet,
but
we
could
imagine
being
able
to
to
run
network
policy
recommendation
from
here
and
have
the
API
server
for
this
web
application
took
to
the
CIA
manager
to
manage
Network
policy
recommendation
and
then
have
a
download
option
to
download
the
yaml
recommendations,
for
example
foreign.
So
that's
that's
about
it
for
the
Prototype
as
a
UI,
prototype
I've
built
for
this
I.
Think
I
can
maybe
take
a
quick
break
here
and
see
if
there
are
any
questions.
A
A
very
stupid
question
on
my
end:
I'm
more
about
a
development
effort,
so
in
in
your
opinion,
you
know,
I
know
nothing
about
UI,
but
in
your
opinion,
how
challenging
is
how
is
it
more
difficult
to
develop
for
this
new
UI
rather
than
you
know,
keeping
maintaining
the
Octan
plugin?
Besides
the
fact
that
octane
is
deprecated,
do
you
think
that
it
will
need
the
the
dev
team
to
gather
more
skills?
There
will
be
more
dependencies
to
manage,
or
it's
pretty
much
straightforward.
B
I,
don't
think
it's
very
difficult.
Obviously
there
is
a
bit
of
effort
to
get
started,
but
if
you
look
at
the
octane
plugin
we
have,
there
was
also
kind
of
like
a
some
effort
initially
for
the
people
working
on
this,
because
it's
using
kind
of
like
the
internal
octant
API
to
do
things
like
if
you
think
about
the
trace
flow
plugins.
B
We
have,
which
has
like
a
form
with
field
like
this
well,
instead
of
doing
dealing
with
like
the
HTML
form,
Fields
you're
dealing
with
like
the
octant
API
to
to
create
the
form.
So
obviously
there
is
a
bit
of
effort
to
to
get
familiar
to
with
the
the
framework,
but
I
think
the
idea
is
to
have
something
that
we
can
keep
building
incrementally
and
that,
well
obviously
doesn't
rely
on
the
project.
That's
deprecated.
E
Anthony
and
I
do
have
one
question
also,
which
is
has
the
idea
come
up
of
instead
of
building
a
separate,
UI
I'm,
just
wondering
a
lot
of
other
plugins
that
existed
for
Oct?
Didn't
move
to
writing
plugins
for
lens,
for
example,
which
has
kind
of
become
the
standard
replacement
for
octant
wondering
if
that
came
up.
B
E
B
I'll,
take
I'll,
take
a
look
I'm,
a
bit
worried
about
the
whole
plugin
model,
because
you
always
tend
to
run
into
an
obstacle
at
some
point
and
you're
trying
to
do
something
and
you
just
cannot
do
it
with
it
or
it's
not
easy
to
do
with
the
plugin
framework,
but
I'll
definitely
take
a
look.
You.
E
Also
depend
on
the
client,
the
user
having
another
tool,
instead
of
just
being
dependent
on
your
UI.
B
C
B
Was
the
case
also
here
where
we
were
asking
users
to
deploy
octant,
possibly
just
to
be
able
to
run
trace
rules
for
Andrea,
for
example,.
E
B
I
haven't
kind
of
like
made
up
my
mind
of
what
about
what
the
authentication
schemes
could
be.
I.
Think
a
lot
of
when
I
started.
B
Looking
at
building
the
UI,
you
kind
of
look
at
what
cilium
had
done
with
apple
and
I
was
kind
of
surprised
that
there
was
no
authentication
mechanism
built
in
for
Apple,
because
it
seemed
to
me
that
if
you
expose
the
uis
and
people
can
collect
information
about
like
the
flows
in
your
network,
for
example,
pretty
pretty
easily,
and
so
I
wanted
us
to
think
about
how
we
could
like
build
in
some
authentication
layer
to
make
it
a
bit
more
secure.
B
I
was
always,
of
course,
I
mean
you
can
always
be
careful
and
configure
like
Network
policies
to
prevent
access
to
your
UI
service,
but
yeah
having
it.
It
doesn't
hurt
to
have
some
basic
authentication.
I
know
that
even
graph
are
now
in
the
free
version.
When
you
deploy
it,
you
have
some
basic
authentication
mechanism
which
is
password
based
as
well.
D
B
Yeah
I
mean
you
need
to
so
I
I
was
gonna
cover
that,
but
it
depends
on
how
we
decide
to
run
the
UI
right,
for
example,
if
it
runs,
it
could
run
as
a
container
in
the
entry
controller
pod,
and
in
this
case
it
may
be
not
the
most
secure
solution.
It
would
inherit
the
our
back
configuration
from
the
controller
or
if
we
run
it
as
a
pod,
then
we
need
to
as
a
separate
pod
and
a
separate
deployment.
B
Then
we
need
to
configure
the
service
account
to
to
have
the
necessary
permissions
to
do
things
like
create
Trace
flows
and
access,
the
agent
info
and
controller
info,
CRS
and
and
so
on.
B
C
C
E
Could
it
also
be
a
feature
like
an
and
cuddle
is
the
CLI
of
just
doing
like
and
cuddle
UI?
That
would
connect
to
my
local
Cube
config,
and
then
you
don't
have
any
server
side
component
and
then
it
would
use
the
local
Cube
config
by
default.
That
could
then
be
within
a
container
technically.
If
someone
wanted
to
run
it
server
side.
E
B
If
you
do
what
you're
describing
I
think
I
mean
you
need
the
ability
to
run
some,
maybe
we
would
have
to
think
about
how
to
package
it.
So
you
can
run
it
locally
easily
on
your
laptop
but
I
guess
it
is
possible.
B
The
thing
is
when
you
do
that
you're
kind
of
restricting
yourself
in
terms
of
what
kind
of
apis
you
can
invoke
right
because
it
basically
you're
only
talking
to
the
communities
API
server.
So
obviously
you
have
access
to
the
kubernetes
apis.
You
have
access
to
crds,
you
have
access
to
aggregated
apis,
but,
for
example,
invisibility
having
access
to
the
CIA
manager
apis
would
would
be
more
complicated
than
if
if
the
web
server
was
running
as
a.
D
C
B
I
didn't
say
that
explicitly,
but
that's
kind
of
my
ideal
goal.
Yes,
I
think
I
like
to
see
if
we
can
like
build
visibility,
features
inside
that
UI
so
that
we
have
like
a
single
UI
and
and
once
again,
and
it's
related
to
Scott's
earlier
comment
about
like
a
lens,
so
that
we
don't
require
users
to
deploy
an
additional
service
like
graphene.
If
they
don't
need
to
or
don't
want
to.
F
Yes,
for
our
auction
UI,
it's
kind
of
a
simple
I
think
it's
easy
for
me
to
understand
for
the
photograph
now
they
also
have
a
relation
that
from
the
efforts
leader
to
rebuild
all
the
features
we
have
and
the
potentially
new
features.
B
It's
pretty
primitive,
of
course,
but
I
think
from
the
point
of
view
of
just
being
able
to
draw
graph,
it's
not
very
difficult
and
I
think
implementing
an
API
for
the
back
end,
that's
kind
of
like
similar
to
what
graphene
is
doing,
but
just
for
our
use
case
I,
don't
think
it
would
be
very
complicated
either
and
the
advantage
would
be
that
we
could
easily
support
both
like
our
clickhouse
implementation
and
our
snowflake
implementation
yeah
with
the
same
API.
F
A
B
Either
way
is
okay
right
now,
I've
developed
it,
assuming
that
it
would
probably
be
a
separate
repository,
at
least
as
for
at
first
and
so
I
mean
one
implication
of
that
is
to
keep
things
simple.
When
I
invoke
like
kubernetes
apis
I
use
a
dynamic
client,
so
I
don't
need
to
have
access
to
the
entry
API
types
for
Trace
flow,
for
example,
but
it
can
also
be
part
of
the
same
repository
I.
Think
it's
just
up
to
us.
B
B
It
is
a
bit
tedious
to
have
many
repositories
after
some
time
right,
because
when
we
update
like
things
like
tooling,
for
example,
the
Google
version
or
GitHub
actions,
or
things
like
this,
we
kind
of
have
to
go
back
and
do
it
in
every
repository,
which
can
be
a
bit
tedious.
But
yes,
one
more
repository
is
not
going
to
make
a
big
difference.
D
B
Has
mostly
come
up
in
the
previous
discussions
and
comments
from
Scott
and
Chan,
but
yeah
the
the
idea
is
basically
that
if
you
with
a
simple
just
a
couple
commands,
we
would
be
able
to
give
the
user
access
to
the
UI.
It
would
mostly
rely
on
cubectl
port
forward
to
expose
the
entry
UI
service
locally
and
then
user
would
just
be
able
to
connect
to
that
port
in
their
local
browser.
B
As
the
entry
UI
is
essentially
just
a
web
server,
which
is
serving
both
the
react,
application
at
the
base
path
and
is
serving
some
apis
at
slash,
API
and
those
apis
are
invoked
by
the
react,
application
and
inside
the
API
implementation.
We
can
access
pretty
much
anything
we
want
since
we're
running
inside
the
cluster.
So
with
the
right
R
back,
we
can
access
kubernetes
API
server
and
we
should
also
be
able
to
access
a
CM
manager
for
visibility,
potentially
flow
aggregator
directly
I
didn't
I,
wasn't
sure
what
was
the
best
option
there.
B
And
yes,
that's
that's
about
it
for
the
presentation,
so
I
was
intending
to
keep
working
on
this
a
bit
and
then
submitted
Upstream
for
review.
B
A
A
A
We
have
probably
to
work
a
little
bit
to
figure
out
how,
if
and
how
we
can
reuse
all
the
work.
That's
been
invested
in
grafana,
but
there
will
be
time
for
thinking
about
it
and.
A
So
now
the
next
Topic
in
today's
agenda,
as
mentioned
during
the
introduction
to
the
meeting,
is
the
CI
pipeline
for
launcher
integration.
So
that
will
go.
They
will
go
a
night
Edition
in
terms
of
supporting
the
supported,
equivalency
distributions
for
Andrea
and
I.
Think
that
the
pool
kit
will
give
us
a
presentation.
Is
that
correct.
G
The
agenda
for
today's
presentation
is
the
design
of
the
CI
pipeline,
the
implementation,
the
technical
issues
that
we
have
faced,
the
future
development
plan
for
the
CI
pipeline
demo,
and
then
we
will
have
the
question
and
answer
around
for
it
so
moving
forward
with
the
design
for
the
Rancher
CI
pipeline.
So
it
follows
the
usual
design
pattern
that
we
have,
that
we
follow
for
our
CI
pipeline.
So
we
have
a
GitHub
tracker
phase
which
which
passes
on
to
the
SME
service,
which
triggers
the
job
on
the
public
Jenkins.
G
So
for
rancher,
the
different
thing
that
we
have
is
we
have
a
Rancher
Servo
and
we
have
Rancher
agent.
These
two
are
the
main
things
for
the
Rancher.
Were
the
Rancher
server
deploys
the
UI
console?
That
is
the
dashboard
from
where
we
perform
the
manual
credit
operations
to
create
the
Rancho
cluster
and
then
on
this
Rancher
cluster.
We
run
the
test,
so
Rancho
cluster
is
connected
to
our
Rancher
agent,
with
the
help
of
the
access
token
in
the
cluster
context.
G
So
these
are
the
two
things
with
the
help
of
which
we
connect
our
Rancher
agent
node
to
the
Rancher
clusters
on
which
we
are
running
the
test
and
Rancher
agent
is
also
connected
to
the
Rancher
server.
So
with
the
help
of
the
API
and
this
agent
node
is
registered
as
a
Jenkins
node,
which
performed
the
which
perform
the
test
on
the
Jenkins
on
the
Jenkins
like
whenever
we
trigger
any
job.
So
what
happens
is
on
this
node
and
the
job
on
this
node?
G
We
perform
the
operations
like
the
cube
CTL
and
the
Rancho
commands
we
run
on
this
node,
and
this
node
in
further
runs
the
test
on
these
on
this
cluster.
So
all
the
kubernetes
is
deployed
on
this
cluster
and
we
have
the
Rancher
com,
Rancher
CLI
and
the
Rancher
commands
to
be
run
on
this
node.
This
is
the
Rancher
agent
node
and
this
UI
dashboard.
This
is
important
because
currently
we
are
creating
the
Clusters
manually,
so
we
are
creating
and
deletion
both
of
the
both
these
operations,
creation,
deletion,
updation
and
even
fetching.
G
The
data
is
with
the
is
the
manual
operation
from
the
UI,
though
we
can
have
few
CLI
commands
to
fetch
the
cube
config
files
and
to
get
the
list
of
the
nodes
the
pods
running
with
from
the
Rancher
cluster,
with
the
help
of
this
Rancher
CLI
commands.
So
this
is
a
design
for
this
Rancher
CLI,
Rancher
CI
pipeline,
then
moving
forward
with
the
implementation.
So
implementation
has
two
steps.
G
One
was
the
setting
up
of
the
Rancher
Servo
and
the
another
one
was
the
setting
up
of
the
Rancher
CLI
or
the
Rancher
agent,
because
these
two
are
the
most
important
part
of
the
Rancher
CI
pipeline.
So
setting
up
of
the
Rancher
server
was
basically
running
the
Rancher
server
container
from
the
server
node,
and
then
we
had
a
UI
dashboard
deployed
with
the
like.
G
Whenever
we
run
the
Rancher
server
container,
then
on
the
same
IP
with
the
ports
that
we
have
specified,
we
have
a
UI
dashboard
deployed
and
from
that
UI
dashboard
we
can
create
the
Clusters
so
to
create
the
Clusters.
We
can
specify
the
node
templates
and
whatever
specifications
we
want
and
on
that
itself
we
can
specify
Andrea
as
the
network
plugin
there,
so
that
I'll
also
show
in
the
demo,
when
I'll
give
the
demo
that
how
Andrea
is
applied
when
creating
the
Rancher
cluster
through
the
UI
and
then
once
the
server
is
deployed.
G
Firstly,
we
need
to
connect
it
to
the
server
and
then
we
need
to
connect
it
to
the
cluster
with
the
help
of
the
cluster
context,
so
that
we
can
fetch
the
Clusters
coupon
pick
the
nodes
that
are
running
and
the
ports
that
are
there
on
that
clusters.
And
then
this
agent
node,
is
is
registered
as
a
test
bed
on
the
Jenkins
so
that
we
can
run
e2e
conformance
in
network
policy
test.
So
this
is
basic
implementation
of
the
CI
pipeline.
G
Moving
forward
with
the
technical
issues
that
we
have
faced
due
the
technical
issues
that
were
faced
during
this
CI
pipeline
setup,
so
the
first
one
was
the
dynamic
cluster
creation.
So
this
is
still
now
not
fixed.
So
we
have
also
raised
an
issue
with
the
Rancher
Community,
because
there
was
an
issue
when
we
created
this
vsphere
clusters
with
the
help
of
the
Rancher
CLI
command
and
deployed
Andrea
as
a
network
plugin
there.
G
So
it
was
not
taking
these
fare
as
the
infrastructure
provider,
and
neither
it
was
applying
Android
either
it
was
taking
a
custom
infrastructure
provider
and
the
Andrea
plugin
was
also
not
working
with
the
dynamic
cluster
creation.
So
this
is
one
of
the
technical
issue
that
we
are
facing
and
the
second
one
was
the
chains
and
tolerations
of
the
Rancher
node,
so
the
teens
and
tolerations
the
diff.
The
error
that
was
here
was
like
in
general,
our
e2e
code
is
familiar
with
the
control
hyphen
plane.
G
That
is
a
that
is
an
issue
with
the
like.
That
is
a
label
that
we
provide
to
the
control
plane
node,
but
in
this
Rancher
it's
a
property
that
the
label
of
the
control
plane
node
is
control,
plane,
comma
etcd,
and
then
there
are
few
additional
chains
because
of
which
the
pods,
when
running
the
end-to-end
test,
they
were
not.
They
were
not
being
assigned
or
not
being
scheduled
to
any
of
the
nodes
because
of
the
chains
that
were
there.
G
So
this
was
fixed,
May,
remove
certain
things
and
in
certain
parts
we
modified
the
e2e
code
where
it
was
flexible
and
then
we
had
the
test
running
successfully.
Second,
one
was
the
issue
in
fetching
the
cluster
Siders
in
the
server
side.
So
generally,
what
we
had
was
the
the
cube,
the
cube
controller
manager,
Cube
controller
manager.
It
runs
as
a
pod
in
a
general
kubernetes
cluster,
but
in
a
Rancher
cluster
we
do
not
have
this
Cube
controller
manager
running
as
a
pod.
G
So
the
way
we
need
to
fetch
the
cluster
Siders
and
serviceiders
was
different,
as
it
was
already
present
in
the
Android
a2e
code.
So
we
needed
to
modify
it
because
in
Rancher
we
need
to
run
this
command
from
the
control,
plane,
node
and
then
from
there
we
can
fetch
from
the
click
the
control
plane
node
logs
from
there.
We
have
this
cluster
ciders
and
the
surface
sliders
there.
Instead
of
cube
controller
manager,
pod
logs
and
then
the
third
issue
was
the
configuring
properties
of
the
cluster.
G
So
there
were
few
properties
like
this
service
cluster
IP
range
itself,
so
the
service
cluster
IP
range
generally.
We
can
provide
it
in
the
yaml
file
and
we
can
apply
that.
But
in
this
case
of
the
Rancher
cluster
that
cannot
be
done.
G
Then
we
need
to
have
a
particular
template
and
few
of
the
properties
that
needed
to
be
set
up
to
have
this
service
cluster
IP
range
and
the
cluster
side
is
in
place
and
they
have
to
be
applied
also
in
a
different
manner,
from
the
Rancher
agent
from
the
Rancher
agent,
so
that
they
are
in
the
working
state.
So
these
were
few
of
the
technical
issues
that
we
faced,
so
few
of
them
were
fixed
and
dynamic.
G
Cluster
creation
is
still
in
place
or,
and
the
issue
is
there,
with
the
Rancher
Community,
we
haven't
heard
back
from
them,
then
moving
forward
with
the
future
development
plan
for
this
So.
Currently,
since
we
are
doing
everything
manually,
we
are
creating
the
cluster
manually
and
we
are
deleting
the
Clusters
also
manually.
So
in
future
we
plan
to
have
this
like
creation
of
the
cluster
manually
in
the
runtime,
like,
so
that
we
can
have
multiple
jobs
triggered
at
the
same
time.
Currently
we
want
to
trigger
multiple
jobs.
G
Then
we
need
to
create
the
multiple
clusters
manually
from
the
Rancher
UI
dashboard.
So
once
we
have
this
issue
set
up
and
we
have
a
workaround
on
this,
then
we
can
proceed
with
the
dynamic
cluster
creation
so
that
we
can
create
clusters
in
the
at
the
time
off
run
of
the
job
so
that
we
do
not
need
to
go
to
the
UI
dashboard
every
time
and
create
the
cluster
there
and
then
delete
it
from
there
after
the
tests
are
completed.
So
this
is
what
our
future
development
plan
is.
G
G
So
these
are
the
Clusters
which
are
there
and
then
so
that
we
can
directly
create
a
cluster
here
using
the
VMware
vsphere,
so
as
I
mentioned
in
one
of
the
technical
issues.
So
if
we
created
the
cluster
with
the
help
of
the
CLI
command
and
the
provider
here
was
coming
out
to
be
a
custom
provider
instead
of
the
VMware
vsphere
provider,
so
here
we
have
these
providers.
G
This
is
this
is
the
cluster
we
are
using
for
the
test
purpose.
So
we
have
all
these
controller
nodes
and
the
worker
nodes
running
here.
We
can
also
check
the
status
of
the
pods
that
are
there
on
the
particular
node.
So
we
have
like
these
are
the
parts
that
are
running
on
this
node
and
similarly
we
can
check
for
the
other
node,
and
then
we
can
run
the
cube
Cube
CTL
shell
directly
here.
So
these
are
the
labels
that
are
there.
G
G
So,
whenever
creating
a
cluster,
we
need
to
have
a
node
template,
so
this
one
is
for
the
controller,
node
node
template,
and
these
are
the
worker
node
node
templates.
So
if
you
want
to
have
a
look
at
it,
so
here
we
specify
this
thing
so
like
in
this
labels,
we
can
specify
the
control
hyphen
plane,
which
is
our
label
for
the
same
and
then
so
that
we
can
have
this
also
as
one
of
the
chains
here,
which
is
which
is
generally
with
the
other
kubernetes
clusters.
G
So
it
has
to
make
it
work
similar
to
that.
So
this
is
how
the
node
templates
are,
and
then
we
can
have
the
node
templates
for
the
worker
nodes,
also
where
we
will
not
have
this
Danes
and
everything.
So
whenever
we
can
I
want
to
create
a
cluster,
we
can
directly
click
on
create.
We
can
select
our
provider
and
then
we
can
name
the
cluster.
We
can
choose
the
template
like
for
the
control
plane,
node,
we
can
choose
the
control
plane
template.
G
We
can
select
that
it
should
be
an
edcd
and
a
control
plane
one
and
then
similarly
we
can
have
our
convert.
It
is
must
to
have
an
Etc
denote
here,
but
otherwise
the
cluster
will
not
be
created
and
the
cluster
agent
will
also
not
get
connected,
but
if
we
do
not
have
all
these
type
of
nodes
specified
here,
this
is
the
Ranger's
UI,
and
then
we
have
this
launcher
cluster.
Also,
so
I'll
share
this
one
yeah.
So
this
is
the
Ranger
CLI
command
that
was
set
up
here.
G
So
if
we
want
to
get
the
nodes,
then
we
can
directly
do
this
run
this
command,
so
it
will
list
us
the
nodes
that
are
there.
This
is
the
controller
node.
Then
we
have
two
worker
nodes
that
are
running
here
and
then,
if
we
want
to
list
the
Clusters
that
are
there,
so
there
is.
This
is
the
ranges
UI
one
then
test,
and
this
is
the
local
cluster
that
is
created
whenever
we
have
deploy
a
dashboard
deploy
the
Rancher
server.
Then
this
cluster
gets
automatically
created.
G
G
G
To
fetch
the
cue
Point
fit
from
any
of
the
cluster,
we
we
can
just
specify
Rancho
cluster
KF,
and
then
we
can
specify
the
name
of
the
cluster
like
here.
It
was
launcher
test
and
this
will
give
us
the
Q
contract
for
a
particular
cluster,
and
then
we
can
export
it
to
the
cubeconcept
file.
That
is
there
and
we
can
use
the
cube
CTL
commands
to
work
on
it
like
we
can
refresh
the
board
to
create
any
network
policies
and
for
any
of
the
test
purpose.
G
We
can
use
this,
so
this
was
basic
things
about
the
ranches
Sierra
command.
There
are
other
answers
here
like
commands
as
well,
and
then
we
have
used
this
to
set
up
our
test
script
for
the
Rancher
CI
Pipeline
and
we
have
a
trigger
face.
That
is
the
test
transfer
e2e
and
then
we
have
for
conformance
and
network
policy,
and
the
tests
are
running
fine
on
the
Jenkins
node.
So
this
was
all
about
the
demo.
Any
questions
or
any
input.
G
A
G
Oh
yeah,
so
we
will
be
running
so
this
is
the
CI
pipeline
setup
so
that
we
can
have
this
launcher.
Press
enter
integration
so,
like
other
tests
that
are
running
so
whenever
a
PR
will
be
created,
the
Ranger
test
will
also
be
running
so
as
to
check
that
whether
the
any
of
the
code
changes
that
have
been
made
are
they
compatible
with
the
Rancher
or
not,
or
is
there
any
issue
for
the
new
code
changes?
So
this
is
similar
to
other
other
CI
pipeline
that
are
working.
C
A
Great-
and
this
is
just
for
my
ignorance-
but
how
does
the
ranchers
do
do
launcher,
have
a
certification
program
and
how
does
it
work?
They
just
ask
us
to
run
a
kubernetes
conformance
test
or
or
do
they
have
some
specific
program
for
cni
certification.
G
Like
for
CNN
certification,
any
program
that
I'm
not
aware
of
but
like
for
this,
if
they
want
like,
we
can
share
the
report
on
the
community
that
the
cni
is
working
well,
so
that
they
can
provide
as
a
plugin
option
there.
It
currently
would
not
have
entry
as
a
plugin
option
there
and
we
need
to
apply
it
with
the
help
of
the
yaml
there.
So
like
once,
we
have
a
successful
report
that
all
the
conformance
network
policies
and
the
other
tests
are
running
fine.
G
A
And
it
seems
that,
probably
all
for
the
launch
of
C
integration,
so
we
are
looking
forward
to
see
these
deployed
as
soon
as
possible.
Thanks
a
lot
pulkit
for
this
presentation,
and
now
we
move
to
open
discussion.
So
thanks.
So
is
there
any
other
topic
that
you
would
like
to
bring
up
for
discussion
any
other
concerning
issue
anything
any
idea:
Allah.
H
A
H
Ahead,
how
profound
presentation
about
Android
proxy
enhancements
plan
and
do
but
I'm
not
sure
if
we
have
enough
time
to
to
make
this
project
reason?
Because
there
is
a
we
don't
have
much
time
now.
Maybe
next
time
or
I
just
go
quick
presentation.
A
A
A
H
What
we
are
going
to
do
include
open
Flow,
one
dot
file
and
operations
that
insert
back
in
any
way
back
in
and
another
I
have
how
I
have
talked
up
it
in,
and
we
are
already
a
community
meeting
more
fun
during
the
puzzle.
Update
of
entrance
entry
proxy
and
then
another
is
the
to
pass
more
Signet
tests.
We
need
to
do.
We
are
going
to
do
foreign
proxy.
H
H
Photography
proxy,
it
has
been
supported.
The
motivation
of
this
feature
is
that
for
two
purpose
purposes:
first
of
all
cost
saving
by
keeping
those
traffic
within
a
lot
of
drone.
Generally,
the
drawings
defined
by
labeling
on
kubernetes
nodes,
which
which
tablet
it
out
kubernetes.io
slash,
Zone,.
H
Another
purpose
is
for
potential
better
performance,
General
speed.
Generally
speaking
within
a
drawing,
there
will
be,
there
will
be
less
latency
and
the
bandwidth
constraints,
and
then
there
is
some
requirement
for
this.
For
this
feature
first
and
points
last,
like
you
guys
enable
the
increments
and
and
point
slice
respect
is
enabled
and
Ensure
and
I
enable
in
this
picture.
H
H
H
But
this
picture
is
used
to
reduce
person
potential
traffic
laws
that
that
occurs
on
rolling
updates,
follow
the
balance.
H
Only
ready
and
points
will
be
selected.
We
can
see
that
on
the
service
know
how
ready
I'm
determinating
on
the
points,
and
we
only
select-
or
we
only
select
ready
on
points
and
without
any
random
points,
and
the
service
will
not
have
backend
the
box.
But
when
we
enable
this
this
one,
we
can
see
that
when
the
service
has
already
happened
in
advance,
it's
just
on
instilled.
H
H
D
H
There
is
something
to
we
are
going
to
do
in
the
future
like
make
use
of
open
floor
abandoned
file,
you
start
backing
on
remote
backup
operations,
and
this
is
also
used
to
reduce
potential
traffic
laws,
updating
and
points
of
service
in
your
entry
proxy.
H
Currently
we
will
update
in
a
service
and
the
points
we
will
generate
a
new
OS
group
to
override
the
application
one
by
introducing
the
insert
bucket
and
remote
bucket,
we
can
update,
update
the
existing
OS
group,
but
once
you
we
need
to
verify
that
whether
the
Delta
updating
of
an
OS
group
is
better
than
origin.
The
existing
OS
group,
another
another
thing
is
to
do.
Another-
is
more
finger
in
the
possible
updated
of
service
yeah.
H
For
for
this,
for
this
item,
I
thought
of
the
this
around
the
distance
disadvantage
of
these
plants.
The
first
one
after
taking
some
attributes
would,
as
always
maybe
Corner
paste.
Another
disadvantage
is
that
we
will
introduce
more
if
else,
plants
in
actually
proxy
code
under
the
potential
advantage
of
this,
of
this
might
be
reduced,
reduce
potential
traffic
laws
that
occurs
on
updating
on
service.
H
The
last
scene
we
are
going
to
do
is
pass
mode
signal
test
using
one
one
in
the
in
the
coming
release
of
interim
and
the
rprs
into
result.
With
this
test
I'm
sorry,
these
tests
are
not,
we
can't
decide,
so
we
can
pass
the
foreign.
H
H
And
we
were
going
to
pass,
we
are
going
to
pass
this
part
in
the
in
the
in
the
coming.
You
know
coming
release
now
for
other
tests.
I
think
we
will
handle
them
in
the
future.
Okay,
that's
all
it
sucks.
Thank.
D
Well
now,
I
have
a
question:
okay,
when
I
was
having
presentation
in
China
I
go
and
check.
I
received
some
questions
about
whether
natural
proxy
could
support
features
that
ibos
could
support
like
a
different
back-end
selection
algorithm.
Do
you
think
it
would
be
possible
to
support
that
with
Android
proxy.
H
H
H
As
well
as
I
know,
we
can
we
can
do
that
since
I
don't
find
any
document
that
you
know
ask
group
to
to
have
such
that
options
are
or
configurations
when
we
I
think
I'm.
Sorry,
oh,
we
know
I.
I
Just
want
to
comments,
one
thing
effect
for
OS,
it
does
suppose
I,
remember
two
or
three
methods
for
the
bucket
selection.
I
think
it
could
be
used
for
the
configurations.
H
Okay,
it
seems
that
we
don't
have
any
questions.
A
No
problem,
thanks
for
your
presentation-
and
we
just
have
a
couple
of
minutes
left
in
the
meeting,
so
if
anybody
wants
to
bring
something
else
very
quickly
well,
we
have
one
minute
left
in
the
meeting
now,
just
all
right,
so
thanks.
So
man
thanks
to
Everyday
presenters,
in
particular
thanks
for
all
young,
for
keeping
this
presentation
fairly
short,
so
that
we
could
fit
it
in
the
schedule.
The
meeting
time
it's
been,
it's
been
great
to
know
more
about
the
new
plans
for
the
UI.