►
From YouTube: Mesos Containerization WG 09212017
Description
Agenda and Notes:
https://docs.google.com/document/d/1z55a7tLZFoRWVuUxz1FZwgxkHeugtc2nHR89skFXSpU/edit?usp=sharing
A
A
A
A
A
C
You
guys
hear
me
yep,
okay,
cool,
so
I'm
Andrew
I'm,
a
software
engineer
here
at
Riot,
Games
I'm
working
on
a
team
trying
to
deploy
a
couple
different
database
products
in
containers
on
on
maysa.
So
one
of
the
features
that
we're
looking
at
adding
is
ramicus.
We
can
talk
about
it
more
after
press
cool.
D
A
C
The
way
we're
doing
it
right
now
is
by
using
elevated
Linux
capabilities
and
letting
it
actually
just
do
the
mount
itself,
which
we
don't
want
to
do
long
term
because
of
the
security
implications
of
allowing
that,
and
also
it
actually
doesn't
allow
tasks
in
a
pod
to
share
the
same
RAM
drive,
which
might
be
something
we
want
to
do
in
the
future,
so
that
make
sense.
Yeah
I
think
that.
C
And
that's
the
nice
thing
about
temp
FS
is
that
you
have
more
control
over
the
limit
right,
so
the
way
I
kind
of
envisioned
this
was
you
know
in
in
your
app
definition,
whatever
just
like
with
a
persistent
volume,
you
would
define
the
the
size
in
memory
and
that
gets
added
to
the
you
know
the
resource
requirements
for
that
task
to
execute,
and
so
that
task
individually
would
get
charged
for
it.
But
I
don't
know
necessarily
yes,
your
hard
that
be
to
implement
right.
So.
A
If
I
remember
correctly,
I'm
not
sure,
like
list
of
things
out
should
double-check
to
see
well,
which
container
will
be
taught
to
the
memory,
because
it's
gonna
go
I
mean
yes,
yep
that
memory
users
get
charged
to
some
of
the
container,
then
potentially
you
can't
whom
the
other
container,
because
the
usage
in
the
REM
offense
or
tempeh
fleshy
memory
usage.
That's
the
one
thing
that
we
should
figure
out.
A
Definitely
there
absolutely
I
think
yeah
I,
like
the
direction
I
think
like
what
we
can
do
is
like
that's
something
kind
of
relates
to
the
second
Jenna
item
that
I
did
recently
did
the
coming
on
with
the
volume
documentation,
I
think
one
natural
way
to
do.
This
is
just
like
adding
a
new
morning
source
called
tempo,
Faso,
Rama,
Fest
and
and
in
a
continuing
flow
and
ends
that
would
just
be
mounted
inside
a
container,
and
you
have
an
isolator
to
do
that.
Yeah.
C
A
We
do
want
to
account
for
the
memory
usage
because
we
do
have
a
UCS
we're
like
two
containers
wants
to
share
the
same
Rama
fast.
We
do
have
that
use
case.
I
think
if
I
remember
correctly,
either
like
a
luke
seal
or
something
else
like
like
there's,
some
like
Rama
class
face
hands,
Irish
and
scheming,
spark.
A
There's
a
company
doing
that,
and
their
economy
is
like
multiple
container
in
can
share
the
same
most
of
multiple,
for
example,
multiple
tasks
or
multiple
executor
can
share
the
same
MSS
and
for
that
to
be
working
properly,
to
have
some
way
to
translate
the
memory
usage
memory
resource
to
this
to
resource
in
place.
To
claim
I
think
that
ferny
does
the
resource
provider
stuff
that
we
are
building
my
house,
but
that's
kind
of
like
not
something
to
do
immediately.
The
immediate
thing
is
like
adding
a
new
warning
source
sounds
good
to
me:
cool,
okay,
any.
A
C
C
I
mentioned
are
below
docker,
has
a
temp
FS
flag
in
the
docker
Damon
that
actually
does
just
set
this
basically
do
the
same
thing.
It
would
still
be
specific
to
each
individual
executor.
It
wouldn't
be
shared
across
executors,
or
at
least
that's
how
I
understand
it.
So
if
we
wanted
that,
we
would
have
to
have
just
a
regular
like
mount
at
the
docker
level
and
then
create
the
I
was
outside
of
it
right.
I.
A
A
A
A
A
A
No
okay,
so
sounds
good.
So,
let's
move
to
the
next
one.
We
have
a
pretty
big
night
planned
today,
so
okay
I
want
to
talk
about
the
documentation
cleanup
and
that
I
recently
did
as
part
of
the
hackathon
project
during
May,
so
Scott
and
I
also
need
some
help
from
you
guys
to
to
add
me
adding
more
documentation.
So
let
me
share
my.
Let
me
go
to
the
the
current.
A
Current
documentation,
just
just
show
you
guys,
like
white,
did
and
and
of
how
you
can't
help,
because
I
think
one
thing
that
we
don't
do
very
well
previously
was
the
documentation
and
I
think
we
should
improve
that.
So
here
is
what
I
did
so.
It
used
to
be
like
a
very
that
there's.
A
one
single
page
has
a
subset
of
the
isolated
documentation.
It's
not
a
full
list,
and
people
don't
know
how
to
use
those
isolators
in
Mesa,
spinner,
Iser,
so
I
end
up
doing
is
I.
A
Have
this
file
being
an
index
file
and
have
a
link
to
each
individual,
isolated
documentation?
We
do
have
a
bunch
of
isolated
documentation
for
things
like,
for
example.
Next,
as
if
we
go
to
this,
we
do
have
some
documentation
for
that,
but
we
don't
have
the
documentation
for
some
of
them,
for
example,
documentation
for
file
system
isolator.
You
don't
have
documentation
for
like
ammonium
image,
so
that's
something
that
I
I
kind
of
want.
A
You
guys
to
help
with
like,
if
you
can,
if
like,
for
example
like
if
you're
the
owner
of,
for
example
morning,
image
I,
think
reduce
Gilbert
view
that
I
would
be
nice
to
have
some
documentation
and
update
this
talk
so
that
we
have
a
full
talk
for
every
single
isolated
that
we
have
right
now.
That
would
be
super
helpful
for
the
community.
I
read
it
yeah
that
sounds
great
I.
A
Think
like
there's,
some
other
like
Isolators,
are
kind
of
legacy
that
we
don't
have
owners
like
non
compos
ships
ones,
but
those
are
gonna,
be
pretty
simple.
I
think
I
can't
own
this
link
file
system,
Linux,
because
I
think
there's
a
bit
like
logic
there
and
I'm
quite
familiar
with
that.
So
I'll
take
a
no
action
on
to
up
to
the
talk
for
that.
I'll
need
some
help
for
the
serious
ones,
especially
log
file.
That
I
believe
we
do
add
some
functionality
into
blog
file
stuff,
especially
getting
the
stats,
but
we
do
have.
A
A
A
Okay,
so
it's
a
good
start.
Any
anyone
volunteer
for
the
rest
of
the
Isolators
I
think
like
I.
Think
Houston
is
the
one
that
did
the
refactor
and
adding
those
support.
I'll
paint
him
see
if
he
can
add
some
documentation
for
the
for
the
the
Restless
eager
and
afoot
device,
I'll
ping,
a
different
guy,
because
I
think
he'd
get
some
change
and
there's
some
undocumented
behavior.
So
gol
follows.
A
A
Okay,
anything
else,
file,
system,
windows,
I,
think
this
is
from
Microsoft.
Is
there
any
guy
from
Microsoft
online?
Okay?
So
no
I
think
I'll
ping
Andrew
on
this.
A
Okay
and
these
two
extra
view
I
purchased-
do
that.
Okay,
that
sounds
good
I,
think
we
have.
We
have
everything
covered
great
okay.
These
are
the
Isolators
that
we
did
I,
think
the
other
one
is
volumes
that
I
recently
did
the
container
volume.
That's
a
new
documentation.
I,
add
so
right
now,
House
floor
source
types,
post,
fast,
sandbox
have
dr.
wahlmann
secrets:
I
think
we
think
I
add
a
documentation
for
host
class
and
sandbox,
half
and
I
think
we
already
have
documentation
for
dr.
long
and
a
secret.
A
A
A
The
third
thing
I
want
to
discuss
okay
by
the
way.
Folks,
if
you
have
any
agenda
items,
feel
free
to
add
to
the
talk.
I
add
a
bunch
this
week,
because
I
think
there's
a
lot
of
things
going
on
so
the
facts,
then
the
next
thing
I
want
discuss,
exists
in
the
integration,
so
I'm
not
sure
everyone
familiar
with
what
we
are
doing
right
now
with
with
regard
to
systole.
A
A
The
reason
for
that
is
right
now
what
we
did
is
we
essentially
put
all
the
the
process
into
a
single
slide
from
ASOS
and
secured
all
slice
that
contains
all
the
the
processes
from
from
from
the
containers,
we
don't
split
into
multiple
services
horoscopes,
so
the
reason
we
need
to
do
that
is
on
this
ticket
I.
Think
not
this
ticket,
sorry,
not
this
ticket.
A
Name
system
hierarchy
is
different
name
system.
D
is
a
senior
Iraqi
I
used
by
system
deep,
exclusively
to
name
C
group
hierarchy,
so
so,
basically
system.
You
were
looking
to
that
hierarchy
and
find
out
all
these
units
inside
that
hierarchy
and
trying
to
do
a
sync
with
other
Iraqis
like
CPU
memory
and
block
I/o
things
like
this,
and
because
of
that
to
try
to
migrate
heads
if
it
didn't
feel
corresponding
units
or
slides
or
scope
inside
the
name
system.
Deceive
you.
A
So
that's
that's
the
bug
previously,
if
you
need,
if
you
want
to
like
looking
to
more
details,
I
think
there's
a
reproduce
apps
that
you
can
do
in
yours.
It
the
change
at
a
time
and
to
bypass
this
bug.
But
the
way
we
did
die
is
pretty
tacky
and
and
look
at
the
implementation
like
this
week
and
I
actually
wants
to
propose.
Is
this
tickets.
A
So
so,
basically
like
I
propose
here
is
like
we
tried
to
do
similar
to
what
doctor
does
right
now.
What
is
there
a
secret,
a
fast
seafood
driver
on
that
we
will
Chris
severs
under
the
name
system,
D
senior
legal
kuraki
and
put
the
pits
into
the
cursed
found
in
secret
like
selfish,
leave
your
system
be
and
then
create
new
basis,
and
we
adding
a
container.
F
A
As
subdirectories-
and
there
makes
us
so
that,
like
the
benefit
of
diet,
is
at
least
you
can
do
Cebu
ALS
to
on
this
containers
and
do
Cebu
top
to
shostats
for
makes
was
containers.
Another
benefit
is
I.
Think
that's
internal
requests
brought
us
that
we
want
to
run
community
some
basis
and
incriminates
has
a
very
real
check
that
to
make
sure
that
do
the
bill
check
on
the
system,
DC
group,
so
that
will
allow
us
to
cast
a
check
as
well.
A
F
A
A
I,
don't
think
it
will
break
so
see
all
the
easing
container
will
be
part
of
the
original
basis
and
secure
slice.
So
we
won't
change
that
we
won't
try
to
migrate,
so
the
new
containers
will
be
put
under
this
new
hierarchy
like
that,
for
every
new
container
that
launched
by
the
new
agent,
it
will
be
under,
like
slash
user,
slash,
the
container
ID
in
the
system,
D
names,
the
name
karate,
so
the
old
ones,
doing
the
Oh
like
make
sauce
and
secured
all
slice.
A
A
Yeah
I
guess
then
I
think
the
only
thing
I.
Actually
I
chat
with
the
Auris
of
who
wrote
this
original
hack
yesterday,
so
I
think
I.
Think
one
thing
we
should
do
is
adding
more
taxing
a
code
to
make
sure
that,
because
he's
still
worried
about
the
migration,
because,
honestly
the
system
Pico
is
not
that
readable,
like
I,
try
to
read
a
book,
it's
it's
I
know
like
a
what
they're
trying
to
do,
but
to
exact
I'm,
not
hundred
percent
sure,
because
the
code
is
like
not
that
readable.
A
So
he
still
can
he's
kind
of
little
worried
about
like
a
little
bit
about
like
we
fully
understand
consistently
behavior.
So
what
I
was
planning
to
do
is
adding
some
tracks
in
the
code
to
make
sure
that
whatever
the
to
make
sure
that,
for
a
given
kid
inside
a
container
I
want
to
make
sure
that
the
Seeger
folders
name
system
hierarchy
are
in
sync,
with
the
the
Seger's
for
some
other
hair
until
I
see
pure
memory
to
have
some
check
like
this
to
make
sure
that
the
pit
is
not
migrated
devices.
A
So
if
there's
a
migration
happening,
we
will
notice
immediately.
So
that
way,
we
were
confident
that
in
this
way
we
don't
have
a
mic
receive
sure
that
we
just
rediscover
previously
but
I'm
pretty
confident.
This
should
be
the
case,
because
that's
what
doctoring
the
Kuban
eyes
does
right
now.
So
so,
if
there's
an
issue
for
that,
I
mean
there
should
be.
There
should
be
some
ticket
I
searched
a
little
bit
online
and
I
don't
find
any
relevant
ticket
for
the
migration
issue,
see.
G
G
G
G
H
A
Sorry,
sorry
guys
I
see
it
a
lot
of
thing
yeah,
so
I'm
saying,
like
you
guys,
haven't,
have
any
like
comments
on
this,
and
I
also
mentioned
that
sorry
I
speak
a
lot.
So
I
also
mentioned
that
that
this
the
side
effects
of
this
change
is
like
one
nice
side
effect
of
this
change
is,
you
know,
should
be
able
to
suffer
like
a
running
maysa
agent.
A
So
previously
there's
a
kind
of
like
a
blocker
foot.
That
support
is
because
we
don't
enable
all
the
seat
name,
we
don't
even
able
all
the
hierarchies
and
that
doctor
supports,
and
that
caused
some
issues
now,
once
we
have
that
support
process.
Indeed,
then
we
essentially
like
on
par
with
doctor,
so
that
so
that
we
not
only
any
Co
change
to
be
able
to
use
like
missus
reading
in
doctors.
If
you
want
I'm,
not
saying
that
would
suggest
that
way,
but
it's
possible
now
was
this
change.
I
A
It
would
be
the
full
fashion
of
the
agent,
so
it
shouldn't
be
any
difference
then,
like
the
running
agent
on
bare
metal,
so
it'll
be
the
same
functionality
and
although
also
I
think
that
the
previously
that
the
kind
of
the
blocker
is
like,
after
on
the
target
container
crashes
in
the
restart
agent,
there
might
be
some
being
my
greatest
by
I
mean
doctor
or
like
trying
to
kill,
because
I
think
dr.
rely
on
the
seeing
information
inside
his
name
is
Justin,
deep
hierarchy,
which
we
don't
support
furiously.
A
So
they
were
try
to
kill
those
continue,
and
with
this
support
then
you
I
mean
it
should
be,
should
be
able
to
handle
that
there's
some
configuration
you
have
to
do,
especially
for
some
directory.
That
makes
one
series
like
bar
live,
make
those
parameters,
and
you
want
to
make
sure
those
are
share.
Mounts
I
think,
besides
that,
once
the
configuration
right,
then
it
should
be
able
to
handle.
You
should
be
able
to
run
agent
inside
dr.
Contreras
already.
I
A
I
A
No:
okay:
let's
move
to
the
next
one
in
the
final
one
we
have
today,
okay,
so
the
context
for
this
one
is
I,
got
some
feedback,
so
I,
always
at
open
source
summit
and
also
makes
us
count
last
week
or
the
week
before
last
night
last
week
and
I
got
some
feedback.
So
seven
people
ask
me
that
when
is
the
VM
supporting
English
special
measures
can
analyzer
and
and
the
reason
people
asking
for
that.
One
is
because
I
think
rocket
support
in
child,
clear,
container
and
and
also
I.
A
Think
for
some
folks
that
wants
to
achieve
to
multi-tenancy
like
contain
yourself
is
not
as
secure
compared
to
virtual
machine.
Like
PFF.
People
are
very
worried
about
like
security
like
if
you
want
to
have
a
to
multi-tenancy
like,
for
example,
public
cloud,
then
having
a
virtual
machine
is
more
desirable
than
having
containers
because
of
the
security
that
it
provides
is
much
stronger
than
a
container
which,
basically
all
containing
the
same
machine,
share
the
same
kernel.
A
So
trusting
computing
base
is
much
smaller
for
virtual
machines.
So
that's
like
several
people
asked
that
IBM
support
that
to
me
that
I
want
to
start
this
discussion
and
at
least
the
some
background
research
I
know
like
there's
some
some
stuff
like
I,
know,
I
think
there's
some
previous
attempt
on
supporting
VM
on
missiles
and
I
know
like
some
people
using
a
different
way
to
do
BMS.
A
Our
problem
is
those
basically
did
a
CT,
replace
away
I
guess
if
you're
launching
motor
machines
make
sure
it's
not
rip
virtual
machine
so
but
I
want
to
achieve
here
is
that
we
can
launch
merge
like
basically
like
the
frame
of
a
just
give
a
container
image
or
a
virtual
machine
image
to
makers,
and
the
mixers
can
just
lie
back
container
or
that
virtual
machine
image
using
a
virtual
machine.
So
if
it's
a
virtual
machine
image,
then
you
would
just
launch
that
virtual
machine.
A
If
it's
a
container
image,
then
we
will
launch
a
virtual
machine
and
then
inside
a
virtual
machine.
We
launch
seconds
so
that's
kind
of
the
go
out
on
one
sheet
and
we
have
a
lot
of
like
a
background
research
used
to
do
so.
That's
really
call
out
here.
I
see
folks
help
on
this
or
like,
if
there's
any
interest
like
what
we
are
missing
here,
I
create
a
stock
I
kind
of
list,
all
the
thing
I've
seen
ice
cream,
yes,
okay,
so
yeah
I
create
a
stock
I.
A
Think
the
first
step
for
us
is
trying
to
do
a
thorough
like
background
research
on
like
what's
the
state
of
the
art
and
what
people
are
doing
right
now
and
is
that
right?
Is
that
not
right?
And
and
what
should
we
do?
So?
That's
that's
basically
like
the
first
step.
I
was
thinking,
so
we
have
a
bunch
of
ticket
for
those
feed
and
support
like
that
dates
back
to
like
101,
that's
like
for
like
five
years
ago.
I
think
I
don't
know
anyway.
So
I
think
like
we
have
a
bunch
of
related
work.
A
I
want
help
from
folks
to
do
our
research
on
that.
Like
I
know
like
there's
a
kbm
there,
Intel
clear
container
and
there's
hyper
and
rocket
has
VM
support.
True
beam
eyes
has
VM
support.
I
put
some
link
there.
I
think
J
peach
also
put
some
links
there
and
then
there's
some
Cal
providers
like
easy
to
GCE
as
you're,
and
also
we
have
OpenStack.
So
there's
a
lot
of
things
that
we
partly
to
do
some
research
for
and
I
think
definitely
some
from
folks
yeah.
We
do
have
a
previous
designs
off
with
this.
A
I
need
to
go,
go
back
to
that
and
see
what's
being
changed
and
what
should
we
do?
I
think
a
go.
I
don't
want
to
introduce
yet
another
containerize.
If
we
don't,
if
we
can
avoid
that,
I
think
that's
we're
on
the
go
that
one
achieve
as
well
like
I,
don't
know,
introduce
because
maintaining
like
them.
Several
container
Rises
super
complex
and
it's
not
like
a
maintainable
future.
G
So
why
is
one
thing
I
have
to
say
is
running
contained
if
your
design
goal
is
running
containers
inside
IBM,
it's
a
pretty
different
design
goal
than
running
VMs
in
general,
so
I
think
we
once
we
get
through
the
related
work
on
the
research
I
think
their
set
of
use
cases
which
you
just
going
to
be
pretty
important
for
how
this
gets
designed.
Yeah.
A
I
think
we
can
delete
that
discussion
later.
I
think
the
reason
I
mention
this
is
because
I
took
a
look
at
well
kiss
me.
I'm,
surprised,
I,
think
that's
what
they
did.
I
think
in
some
sense
it
makes
sense
like
for
some.
Some
people
like
I
just
want
security.
I
have
this
docker
image
I
just
want
some
security
like
more
level
of
security
and
running
that
inside
the
mia
kind
of
makes
sense
to
me.
But
that's
the
reason
I
mentioned
this
kind
of
this.
This
point,
but
yeah
I
think
can
do
more.
A
A
G
G
G
G
A
A
J
J
G
A
A
Is
pretty
important?
Okay,
so
I
think
like
we
have
a
bunch
of
system
that
what
you
want
to
research
I
want
how
from
you
guys
like
anyone
volunteer
for
I,
could
do
some
research
I
think
it
go?
Is
trying
to
populate
this
dog
like
just
just
write
what
you
discover
for
that
thing
and
how
can
can
we
potentially
integrate
with
things
like
TV
I,
mean
turn
Intel
clear
container,
like
what
they're
doing
right
now?
What's
the
background
and
well
other
what.
A
H
A
A
G
G
J
A
I
don't
have,
but
the
timeline
for
this
I
mean
I
think
like
let's
try
to
shoot
for
like
a
month
for
this
okay,
all
right,
like
like,
like
being
a
month
I,
was
scheduled
on
a
missing,
maybe
like
during
the
working
group
for
him
to
sync
on
this
and
see.
What's
the
progress
there,
I
just
want
to
get
this
thing
started.
A
Okay,
yeah
so
for
Kirby,
nice,
furniture,
ass
and
folks
that
are
familiar
with
kubernetes,
see
if
they
can
fill
in
like
this
some
stuff
for
us
and
hyper
and
KVM
I.
Think
these
strawberry
KBM
used
a
layer
containing
three
when
I
did
I.
A
A
B
A
So
let
me
do
this
so
Gilver,
you
all
didn't
reach
out.
Well,
it's
not
pretty
design
cough
I.
Think
I
know
like
we
have
some
integration
like
new
cloud
users:
yeah,
listen,
a
sauce
leniency
quizzes,
you
yeah
I
mean
nice
to
get
some
detail.
I'm
just
yeah
sounds
good
thanks,
thanks
Gilbert,
okay,
so
I'll
ever
like,
if
no
one
to
KVM
or
do
this
kbm
to
because
I'm
also
interested.
A
Okay,
I
think
that's
a
good
start
thanks.
Everyone
I
think
that's
a
very
good
start.
That's
true
for,
like
a
one
month
check
on
this
progress
of
this
one
yeah
and
and
go
from
there.
Okay.
So
that's
it
for
today's
agenda.
Anything
else
that
people
wants
to
to
add
to
the
agenda
or
you
want
to
discuss
anything
else
you
can
discuss
here.
H
G
My
view
is:
was
requiring
operators
to
know
what
the
correct
order
is.
This
is
it
is
too
onerous
like
just
having
a
lot
of
Isolators
already
it's
already
too
complex,
so
yeah
telling
people?
Oh,
you
have
to
get
the
order
and
right
it's
also
too
complex,
but
looking
through
the
get
history,
it
looks
like
we've
been
down
this
path
before,
because
the
patch
I
came
up
with
was
extremely
similar
to
some
previous
work
that
Kevin
closed
it
and
it
like
going
through
the
history.
I
have
like
pretty
close
to
the
same
code.
F
G
A
I
think
what
we
really
need
to
find
out
is:
is
there
any
requirement,
I
think
like
the
for
internal
West,
for
sure
we
can
do
that.
I
think
the
tricky
part
is
like
for
custom
modules
that,
if
there's
all
during
dependency
between
custom
module
and
building
Isolators
like
if,
if
people
have
that
dependency
or
not
nowadays,
if
there's
no
dependency,
we
can
just
do
that
and
just
say
that
all
the
custom
module
will
can
be
executed
after
those
building
modules.
A
But
if
there's
a
dependency,
we
need
to
figure
out
the
room
link,
so
I
would
say,
like
let's
start
eight
reading
the
SS
and
just
asking
all
user
sorry,
we
should
do
that
in
the
user.
Let's
just
asking
for
people
if
people
have
dependencies
on
their
their
custom,
isolator
module
which
building
I
see
their
mothers.
A
Will
have
that
dependency
and
I?
Think
like
another
goal,
we're
trying
to
achieve
is
like
somehow
I
got,
maybe
in
the
future
we
don't
have
that
dependency
anymore.
I
can
use
there
a
way
to
get
rid
of
that
dependence
to
which
I
have
less
dependency,
if
possible.
To
be
honest
but
I
think
that's
a
separate
discussion.
B
G
B
So
so
so
right
now
we
have
some.
If
I
remember
correctly,
you
have
some
special
logic
to
put
always
put
the
Linux
files,
it's
nice
later
as
the
first
one
and
always
put
the
GPU
isolator
as
the
last
one
in
the
dependency.
So
if
we
want
to
allow
like
operator
to
specify
the
sequence,
how
we
launch
the
isolated,
so
some
of
those
isolator
will
not
be
cannot
it's
Hockaday
in
in
container,
so
it
cannot
be
defined
in
the
order
from
the
operator
side.
Yes,.
G
G
I
agree,
and
we
have
things
like
we
implicitly
add
we
implicitly
add
modules
to
alright.
We
insert
their
network
CNI
so
as
soon
as
we
insert
Network
CNI.
Well,
how?
Where
should
we
do
that
in
the
ordering?
If
the
ordering
is
you
know,
fixed
by
the
operator,
know
that
so
now
all
these
things
that
we
manipulate
with
the
way
we'd
load,
Isolators
kind
of
violate
that
go.
A
G
A
Okay,
so
so
the
action
is
James
well.