►
From YouTube: Ceph Orchestrator 2023-05-02
Description
Join us weekly for the Ceph Orchestrator meeting: https://ceph.io/en/community/meetups
Ceph website: https://ceph.io
Ceph blog: https://ceph.io/en/news/blog/
Contribute to Ceph: https://ceph.io/en/developers/contribute
What is Ceph: https://ceph.io/en/discover/
A
So
I
have
one
Topic
in
there.
They
might
also
Dan.
Vanderser
is
messaging
me
on
slack.
Yes,
you
want
to
talk
about
an
interesting
topic.
Maybe
I,
don't
know
a
difficult
topic,
but
we'll
see
if
Kathy,
joint
or
not,
but
at
least
in
the
meantime,
we
have
this
one
thing
in
here
about
the
IPv6
stuff.
I
see
somebody
put
it
there
asking
for
a
link
to
the
broken
code.
I
can
get
that
real,
quick
yeah.
A
Yeah,
so
we'll
quickly
do
this
topic
and
I
know
we
have
some
other
stuff.
Let
me
try
to
share.
A
Okay,
you
see
that
there's
a
screenshots
also
working.
B
A
Yeah,
so
we
do.
We
call
this
attempt
bind
thing
here
and
we
call
it
with
whatever
IP
we
have,
which
is
either
this
IPv6
or
ipv4.
If
we're
in
this
case
here
and
I'm
fine,
it
doesn't
actually
differentiate
them
once
you
get
there,
we
don't
tell
if
it's
ipv650
before
we
just
tried
to
time
with
this
little
Tuple
here
with
the
address
in
the
port,
so
I
guess
it's
1411.
A
Right
now
is
the
one
that's
where
it
breaks
and
as
the
other
pad
was
talking
about
the
reason
it
breaks
for
IPv6
is
because
the
IPv6
addresses
need
affordable
with
some
extra
fields.
That
was
basically
just
learning
about
the
other
day.
A
A
I
think
I
was
working
with
two,
which
I
think
correlates
to
a
link
level
scope,
but
I
was
trying
to
find
if
there
was
a
way
to
like
from
the
address,
find
out
exactly
what
scope
it
is
or
if
we
just
be
assuming
they're
all
going
to
be
linked
level.
Scopes
I
couldn't
find
there's
a
lot
of
information
on
it.
So.
B
A
D
A
To
have
the
extra
field
the
end
saying
what
the
scope
ID
is
right.
B
A
B
Good
that
you
raised
it,
but
like
yeah,
we
could
probably
either
Swap
this
discussion
to
the
end
of
the
meeting
about
like
code
or
just
to
save
it
for
another
day.
All.
A
Right,
yeah
we've
spent
some
time.
We
have
you
now
that
you
guys
know
about
it.
We
can
investigate
it
a
bit
later
and
come
back
to
it,
but
I
want
to
bring
it
up
because
currently,
if
you
try
to
boost
up
in
that
pv6
cluster,
it
just
always
fails.
It
doesn't
great
yeah.
A
Let
me
try
to
fix
that.
Like
you
said
there
are
other
people
here
see
Josh
and
them
I
Know,
Dan,
you're,
rejoining
I,
don't
know
if
Joshua
was
the
same
topic
as
him
or
if
you're
hearing
something
else,
hello.
A
Okay,
so
what
I
remember
from
the
brief
discussion
on
slack,
you
were
interested
Dan
and
sort
of
a
package
version
of
set
video.
E
Yeah
I
mean
so
I
guess
this
has
come
up
a
few
times.
Even
going
back
to
the
to
the
origin
stories
of
ceph
ADM.
There
was
always
I
mean
the
the
the
orchestrator
in
Seth
was
meant
to
be
kind
of
flexible
and
supported
different
plugins.
There
was
the
SSH
orchestrator.
There
was
the
Deep
Street,
the
deep
sea,
the
ansible
orchestrator
so
I
suppose
the
well.
E
The
purpose
of
the
call
is
to
understand
if
and
how
one
would
develop
a
package-based
SSH
orchestrator,
so
in
other
words,
a
package
version
of
a
package
orchestrated
version
of
Steph
ADM
I
mean
I'll,
I'll,
confess
I,
didn't
follow
the
development
of
safarium
lately
so
I'm,
not
at
all
an
expert
on
the
internals
of
How
It's
implemented
so
I'm
kind
of
here
to
understand,
like
at
a
high
level.
What
you
think
is
the
like
feasibility
of
that
and
how
that
would
be
attacked
and
also
like
actually
like.
E
However,
there's
a
contingent
of
users
that
don't
want
that
don't
want
a
container
based
ceph.
They
want
to
continue
using
RPMs
or
Debs.
E
E
But
if
we
can,
you
know
at
least
an
emotional
versions,
support
the
the
the
basics
of
a
core
theft.
Cluster
I
think
this
would
be
a
pretty
big
win.
A
Yeah
so
as
he
took
a
little
bit
of
a
look
around
which
things
are
very
dependent
on
specifically
container
stuff
in
which
things
are
more,
it's
abstracted
a
bit
yesterday
after
you
messaged
me
what
I
could
tell
the
manager
module
is
actually
mostly
abstracted,
with
the
exception
of
the
upgrades
and
there's
a
few
things.
I
specifically
expect
there
to
be
container
images
attached
to
the
demons,
but
it's
actually
fairly
abstract
up
there.
A
The
binary,
on
the
other
hand,
that
actually
does
host
actions
on
the
host
that
one
is
very
dependent
on
actual
implementation,
something
like
that
would
probably
have
to
be
almost
entirely
Rewritten
or
some
way
to
deploy
packages
like
at
least
the
core
functionality
like
we
got
to
be
able
to
like
say,
the
deploy
command
would
have
to
be
entirely
redone
packages.
The
ls
command,
which
finds
all
the
demons
on
the
hosting
would
have
to
be
redone
things
like
that.
A
I
think
it's
possible,
you
could
I,
wouldn't
put
them
together
into
the
same
module.
I.
Think
that's!
That's
too
much
too
risky
almost
try
to
put
it
into
the
current
sector
down,
but
you
could
have
a
module
where
you
start
with
roughly
the
current
Stephanie
M
module
code
base
and
make
some
modifications
there
I
think
it
would
work.
I
think
most
of
the
work
would
just
be
in
the
binary
on
like
the
low
level
functionality.
Okay,
it's
actually
deploying
the
demons
and
things.
E
A
I
mean
I,
don't
know,
I'm,
not
sure
exactly
I
would
want
to
name
this
one,
it's
kind
of
like
this
fpdm
package
version,
but
it
also
it's
not
because
I
assume.
If
this
was
a
separate
thing,
it
would
not
be
getting
all
the
same
updates
or
anything.
It
would
probably
just
be
the
core
functionality
in
this
case
unless
somebody
wanted
to
go
through
and
try
to
do
those
sort
of
updates.
E
A
Yeah
the
promises
that
the
upgrade
is
very
dependent
on
the
container
images,
so
that's
how
it
checks
what
upgrade
what's
been
upgraded,
what
hasn't,
and
so
you
can't
really
transfer
that
over
with
the
packages
I
think,
because
that
leaves
the
checkpoint
actually
different.
I
think
that's
one
of
the
biggest
Parts
in
the
manager.
Module
that
can't
be
transferred
over
is
just
to
upgrade
parts
mm-hmm.
B
D
B
Thing
I
would
add,
is
if,
if
you're
doing
talking
packages,
as
you
mentioned,
there's
two
varieties:
you've
got
the
dev
packages
and
the
RPM
packages.
So
then
you
can
kind
of
have
a
either
two
modules.
You
know
one
that's
dedicated
to
RPM
and
one
that's
dedicated
to
Deb
or
try
to
do
them
both
in
one
package
based
module.
But
then
you
might
run
into
a
whole
host
of
if
statements
and
you
might
find
hey.
A
Yeah
so
I
think
I
think
you
could
share
a
manager
module
for
it.
I
think
it's
possible
you'd
have
them
share
a
manager
module
that,
through
the
package,
stuff
I
think
the
binary
part
on
the
host
will
probably
have
to
be
separate.
A
If
there's
a
big
implementation,
differences
between
the
two,
then
I
think
it's
going
to
need
different
binaries.
Okay,
I'd
have
to
call
in
two.
A
So
that's
the
one
that's
most
that
goes
into
all
those
little
details
of
their
application
specific,
whereas
the
manager
module
is
supposed
to
abstract
at
some
level
and
I,
wouldn't
want
to
put
it
in
the
current
fpm
manager
module
because
there
are
some,
it
does
expect
containers
on
a
lot
of
things,
but
I
can
see
two
different
packages,
maybe
sharing
a
management
module.
There's
not
too
many
differences
at
that
level.
B
A
Yeah
I
could
definitely
see
a
world
where
we
take
some
of
the
stuff
from
Chef
EDM,
and
we
expose
that
to
all
like,
say
two
or
three
different
manager
modules.
It's
just
there's
certain
things
that
should
be
specific
to
The
Container,
one
I
think
including
the
upgrade
I
think
the
upgrade
is
one
of
the
ones.
That's
the
most
implementation,
specific
okay.
E
All
right
so
I
mean
at
a
high
level.
You
don't
think
this
is
crazy
and
always
I'm
I
mean
there
was
a.
There
was
another.
There
was
another
dimension
to
this,
which
is
I
was
like
we
still,
we
still
build
packages.
We
will
continue
to
build
packages.
The
containers
are
are
constructed
out
of
the
packages
that
we
build.
E
Is
there
there
are
I'm
right
in
saying
that
there
are
features
of
ceph
that
we
won't
be
able
to
do
via
the
package.
What
the
the
without
without
containers
right
take,
for
example,
Ganesha
gateways,
there's.
D
Yeah
there's
some
like
things
that
are
deployed
only
in
containers
that
you
would
wouldn't
be
able
to
play
without
containers,
but
that
doesn't
mean
that
everything
would
have
to
be
containers
right.
Yeah,
like
the
Prometheus
stuff,
the
Jager
tracing
stuff,
I,
think
those
are
all
right
to
quite
vegan
theaters.
E
Yeah,
maybe
it
could
you
could
even
imagine
a
mixed
scenario
where
some
things
are
running
in
containers
and
some
are
not
because
I
think
that
I
think
that
for
the
majority
of
the
users,
it's
like
they
want
to
adopt
an
existing
cluster.
That's
container
based
and
I
mean
that's
the
use
cases
I'm
aware
of
to
adopt
an
existing
ansible
or
whatever
based
package
based
cluster,
which
probably
doesn't
have
any
of
that
new
stuff
anyway.
A
Yeah,
so
that
could
work
as
long
as
you
can
figure
out
the
low-level
stuff
like
they
like.
They
could
be
deploying
a
demon
with
a
package.
It's
going
to
need
its
own
like
whole
I,
don't
know
set
up
to
do
that
versus
the
container
one.
That's
totally
different,
so
I
mean
if
it
was
going
to
be
able
to
do
both
things,
and
maybe
we
could
even
have
it
share
some
of
the
codes
that
VM
has
right
now
for
doing
that,
because
we
are
eventually
going
to
split
it
up
right
now.
A
It's
one
big
file,
but
after
the
reef
release
we're
going
to
start
splitting
up
that
file
into
multiple
pieces,
and
maybe
it's
possible
to
import
some
of
them
into
some
other
new
thing
after
that,
but
again,
I
think
the
the
big
sort
of
tasks
for
doing
this
sort
of
thing
would
have
to
be
starting
from
the
low
level
stuff
like.
A
If
I
give
you
a
like
a
key
ring
and
like
a
config
file,
can
you
deploy
a
staff
demon
with
a
package
or
something
like
that
if
I
asked
for
like
I,
don't
know
because
I
know
for
a
containers?
Also,
we
pull
the
images
down.
That's
pretty
simple.
You'd
also
have
some
way
to
like
install
the
packages
on
the
host.
A
If
you
won
the
link
before
like
that's
something
we
don't
have
to
worry
about
in
the
container-based
set
video,
because
we
can
just
pull
images,
it's
pretty
easy,
so
stuff
like
that,
would
have
to
be
figured
out.
But
if
you
had
a
binary
that
could
sort
of
replicate
like
three
or
four
of
the
main
sort
of
things
that
you
need
to
do
with
the
packages
and
I
think
you
could
start
working
on
a
manager
module
after
that.
That
could
at
least
do
those
those
simple
things.
A
Those
instructions
or
something
and
have
some
way
you
can
call
that
with
a
few
important
piece
of
information
and
do
that
yeah,
there's
pretty
much
with
the
safety
and
binary
does
like
for
deploying
things
just
a
bunch
of
the
manual
steps
to
deploy
a
container-based
set
demon,
and
then
we
just
automated.
It
happened
to
them.
Yeah.
A
Okay,
so
I
think
it's
possible
it
just
again.
You
need
somebody
who's
willing
to
put
the
time
into
that
low-level
stuff,
supplying
all
the
packages
and
stuff
and
understands
that
process.
Well,
so
they
can
automate
that.
A
We
do
we
really
only
worry
about
discovering
disks
for
the
most
part
and
set
video
for
the
OSD.
If
you
don't
break
well,
we're
going
to
probably
in
the
future,
add
some
more
stuff
by
looking
at
Hardware,
but
we
don't
currently
worry
too
much
about
any
other
Hardware
besides
disks
and
even
that
functionality
we
actually
have
sets
the
volume
do
that
so
I
assume
you
can
probably
use
set
volume
as
well
for
doing.
A
Yeah,
so
that
we
don't
worry
about
too
much
of
the
hardware
I
think
it's
just
they're
installing
the
packages
and
deploying
a
demon
with
the
packages
giving
us
few
sets
pieces
of
information
being
able
to
detect
all
the
demons
that
are
on
the
host
is
also
a
big
one.
Detecting
the
devices
as
you're
just
talking
about
would
be
a
big
one.
E
Oh,
you
need
yeah,
you'd
need
a,
but,
but
you
know
like
everything:
the
the
model
is
always
like.
Let's
say
polling
the
hosts
right,
there's
is
there
a?
Is
there
a?
Is
there
a
a
stateful
demon
that
runs
on
an
admin
node
that
checks
the
status
of
all
the
that
always
is
aware
of
the
status
of
all
demons
in
the
cluster.
A
We
have
one
that
we
it's
optional,
you
can
deploy
it.
It's
called
the
agent
it's
just
we
haven't
documented
or
anything.
It's
kind
of
experimental
like
runs
and
goes
into
the
check
itself,
but
even
that
is
sort
of
I
guess
a
pulling
thing.
It's
just
a
very
frequent
bullying
thing,
but
generally
right
now
the
effect
of
the
Employments.
It's
like
once
every
10
minutes,
it'll
go
and
they'll
check.
The
demons
are
on
the
host
or
something
something
like
that:
okay
yeah.
A
E
E
A
I
think
even
that
I
think
it
uses
the
system
D
units
for
a
bit
of
it
as
well,
but
it
definitely
does
use
the
containers
for
parts
so
we'd
have
to
replace
that
part
to
whatever
you
need
to
do
for
the
packages.
Okay,
but
I,
think
yeah.
If
you
could
install
the
packages,
you
could
deploy
a
demon
using
the
packages
and
you
could
check
which
demons
are
there
and
get
the
devices
as
well.
A
If
you
need
those
for
deploying
the
osds,
that
would
be
like
the
that
would
be
like
a
starting
point.
I
think
before
you
could
do
anything
else.
E
A
E
A
Is
reef
is
the
first
release
that'll
have
that,
but
right
now
it's
because
we
were
want
to
make
sure
it
actually
works.
First,
it's
still
just
one
file
we're
technically
compiling
it.
So
we're
compiling
a
single
file
into
a
okay
and
then
the
idea
is
after
the
reef
release.
If
that
role
goes,
okay,
we're
going
to
start
splitting
it
up
into
multiple
files
and
compile
those
together
into
a
binary.
A
Oh
yeah
yeah,
so
after
the
replays
comes
out,
it
kind
of
assuming
things
go
okay
and
that
doesn't
cause
any
issues
well
going
to
start
splitting
it
up
basically
say
you
wanted
to
like
import
some
things
from
there
or
whatever,
but
currently
it's
still
big
one
big
file.
So
it's
kind
of
hard
to
work
with,
but
post
brief
release
that
that
should
change
as
things
go
with.
Okay,.
E
E
B
B
Obviously
we
we're
not
going
to
convince
people
who
were
just
like
I
hate
containers
period
go
away,
but
if
there's
technical
pain
points
that
people
have
like
I'm,
not
sure
how
to
do
this,
we
could
probably
add
some
levels
of
automation
to
you
know,
run
the
docker
slash
podman
command
under
the
covers,
but
we
document
you
know,
run
Seth
80m,
shell
dash
dash
blah
blah
or
something.
So
if
there's
a
list
of
pain
points
that
people
have,
you
know
that
make
them
uneasy
of
using
containers
but
are
willing
to
try
it.
B
If
those
pain
points
are
eased,
I
would
love
to
see
that
list.
E
B
Personally,
no,
but
like
again,
we
could
abstract
some
of
the
things
so
that
they
don't
have
to
know
podman
or
Docker
XYZ,
but
obviously
we
couldn't
do
it
everywhere.
So
if,
if
the
issue
is
just
there's
this
new
thing
in
the
system
that
I
don't
like
I.
D
E
So
I
don't
know
we
could
we
could
try
to
I
mean
that's
probably
that's
something
that
should
happen
anyway,
just
find
out
where
people
are
still
need.
Help
I,
I
I.
Think
it's
already
quite
well
documented
right.
It's
quite
well
like
here's,
the
equivalence,
if
you
were
doing
package
based
this
is
what
you
do.
If
here's,
if
you
do
stuff
ADM,
this
is
what
you
do,
the
the
other,
the
other
like
orthogonal
issue,
is
there's
like
skepticism
about
the
security
of
things.
What
running
in
containers.
B
I
would
definitely
I
could
strongly
say
that
running
in
containers
is
no
weaker
than
running
in
packages.
You
could
quibble
if,
like
virtualization
I
can,
if
you're
not
running
containers
without
virtualization
extensions
to
protect
it
that
they're
not
they're,
not
better,
but
they're,
certainly
not
worse.
If
that
makes
sense.
E
I
mean
there's
I
mean
like
in
cases
that
any
SSL
libraries
broken.
For
example,
I
mean
it's
a
yum
update.
B
E
E
B
E
E
Okay,
so
I
I
guess
if
we,
if
we
decide
to
go
ahead
with
taking
a
taking
a
stab
at
this,
we
should
coordinate
on
the
coordinate
to
make
sure
that,
like
the
work
that
we
do,
doesn't
it
aligns
with
the
refactoring
that
you're
doing
or
because
you're
planning
that
refactoring
sort
of
like
this
summer
right
you'll
start
doing
that
you'll
split.
You
will
start
splitting
into
many
classes
this
summer,
yeah.
A
A
Yeah,
so
if
you
want
to
reuse
certain
parts
of
it,
I
mean
so
in
the
meantime
again,
the
the
main
thing
is
just
those
some
of
those
core
things
like
the
deployment
they're
pulling
the
packages
in
that
are
going
to
be
specific
to
this
version
like
if
you
wanted
to
get
that
working.
You
could
do
that
whenever
and
if
you
want
to
take
some
of
the
other
things
from
cifedm
the
currency
PDM
afterwards,
that's
on
the
other
functionality
I
think
we'll
have
the
chances
for
that
guy.
In
the
summer
later,
on,
okay.
B
We
should
probably
also
mention
that
there
is
a
second
orchestrator
back
end
in
the
tree.
It's
not
well
loved,
but
the
Rook
orchestrator
module
can
serve
as
a
jumping
off
point
for
seeing
how
the
the
code,
how
the
different
modules
interact.
A
Okay,
oh
yeah.
At
one
point
it
did
like
work
apparently
like
fine,
it
was
tested
and
everything,
but
just
it
wasn't
getting
any
use.
So
it
kind
of
was
like
withered
a
bit
and
the
tests
don't
actually
pass
anymore
because
some
issues
with
installing
some
of
the
kubernetes
and
some
things
I
think
so
it's
kind
of
there.
But
it
is
an
example
of
how
you
could
have
a
second
one.
B
A
There's
always
some
functionality
differences
between
them.
You
can
see
like
there's
certain
commands
that
aren't
implemented
in
The
Rook,
one
at
all,
so
you'll
just
get
a
not
implemented
error.
A
If
you
try
to
do
them,
but
it's
it's
fine
to
have
that
you
can
just
because
at
least
it
allows
us
to
still
use
that
orange
interface
for
all
of
them
and
if
there
is
shared
functionality,
which
there
often
is
for
some
things
like
say,
like
an
orange
PS
I
just
want
to
list
my
demons,
you
could
see
that
being
a
thing
in
multiple
different
orchestrators,
so
that
one's
fine,
but
something
specific
to
like
a
bare
metal
host
as
fpdm
does
Rook
just
won't
have
been
implemented,
and
that's
okay
as
well.
A
E
A
Yeah
I
can't
tell
if
it
was
on
my
end
or
not
so
so.
I
was
basically
just
saying
that
you
can
use
the
origin
interface
for
a
bunch
of
different
things,
doesn't
have
to
have
one-to-one
matching
with.
Let's
just
set
video
does
to
use
an
interface,
so
you
could
definitely
have
a
new
module
that
goes
through
there.
You
also
can-
and
we
do
this
occasionally
we
have
functions
that
are
or
that
this
are
defined
in
cephyria
or
various
commands.
A
So,
like
there's
like
our
court,
our
keyring
handling,
like
we
deploy
a
certain
client
rings
to
host
that
one,
the
even
the
outer
part
of
it
that,
like
parses,
that
that
command
is
actually
in
there's
no
orch
key
ring
whatever
in
the
workshooter
modules.
A
You
can
also
do
that
if
you
want
for
specific
things
and
those
fans
will
just
only
be
available
if
that
module
is
on
so
there's
a
few
ways,
you
can
do
that,
but
I
think
that's
that'll,
be
like
the
easier
part
of
this
I
think
I
think
the
hardest
part
is
just
going
to
be
doing
all
the
low-level
stuff
that
this
fvdm
binary
does
currently
to
the
foil,
the
packages
and
stuff.
E
A
A
For
example,
the
manager
module
actually
makes
calls
to
this
like
say
this
command
with
all
these
arguments
and
stuff.
Almost
nobody.
F
A
This
command
manually,
it's
like
yeah,
yeah
I,
got
it,
but
the
manager
module
calls
this
and
it'll
pass
in
some
of
these
configs
and
certain
things.
And
then
this
can
deploy
a
demon
and
you
can
do
it
manually,
like
I've,
tried
it
before
with
a
bunch
of
things,
but
you
almost
never
will
it's
just
almost
sort
of
like
testing
it
you'll
do
it
manually
at
first
then.
Eventually,
then
you
have
it
set
up.
The
manager
module
will
just
call
this
and
that's
how
you
deploy
a
demon.
Okay,.
E
So
the
stuff,
the
stuff
related
to
like
creating,
osds
and
and
let's
say,
creating
demons
that
should
all
be
pretty
pretty
standard.
That
should
all
that
should
all
be
the
same.
I
guess.
A
I
think
a
lot
of
stuff
we
write
ends
up
because
we
were
the
end
of
the
day.
We're
writing
VCA
unit
file,
I,
guess
what
you
write
in
the
unit
file
could
be
the
same.
It's
just
the
what
we
write
into
it
is
obviously
totally
different.
We're
writing
it.
Basically,
a
massive.
E
A
Yeah,
okay,
so
that
stuff's
all
going
to
be
different,
but
like
some
of
like
the
higher
level
parts
of
this,
you
could
probably
take
but
I
think
you
pretty
much
have
to
rewrite
this
I
think
you'll
be
too
complicated
to
have
this
like
work
for
a
package
and
a
container
at
once.
F
A
The
ideas
from
it
and
then
yeah
try
it
there.
Okay.
E
A
I
think
this
would
have
to
be
the
bigger
part
of
the
work
would
be
basically
replicating
some
of
this
stuff
for
the
m.py
stuff,
the
manager
module
is,
is
a
lot
more
abstract
than
the
this.
This
part,
this
part,
is
one
that
actually
interacts
with
the
containers
itself
in
deploys
them
and
things
so
I.
A
Think
if
you
had
this
again,
if
you
had
something
like
this
and
there's
a
few
other
commands,
I
think
you
would
probably
need
as
well,
and
then
you
replicated
that
you
could
pretty
much
take
most
of
what's
in
this
fvdm
manager
module
and
pretty
much
copy
it
over
and
move
a
few
things
here
and
there
and
I
think
it
would
work
with
some
some
mythical
package
version
of
this
binary
if
it
existed,
yeah,
okay,.
B
B
Does
raise
another
question
which
is
delivery
of
this
new
thing,
which
is:
should
it
be
as
part
of
the
existing
cephadium
binary
but
like
a
different
py
file,
or
would
people
be
literally
downloading
a
whole
new
binary?
You
know
call
it
ceph
PKG
admin,
you
know,
so
is
it
how
how
separated
is
that
part
and
what's
what's
the
workflow
around
there.
G
D
Well,
I,
don't
think
we
ever
said
that
it
was
the
only
thing
that
was
possible.
I
think
we've
been
always
been
saying
to
me:
can
you
can
you
to
build
packages
and
that's
off
look
on
I
think
when
I
we
asked
the
audience
so
that
it's
a
bit.
You
know
it's
one
particular
audience,
but
I
think
75
of
them
were
still
running
bare
metal,
yeah.
G
That's
one
person
say:
containers
only
have
the
future,
but
but
yeah
I
agree
with
you
I
think
the
users
are
not
there
necessarily
at
least
not
entirely.
D
Yeah
and
that
may
change
over
the
years,
but
yeah
I
think
it's
still
definitely
a
helpful
thing
for
a
lot
of
folks
today,.
G
So
so
I
don't
know
if
that
kind
of
goes.
If
that
that
affects
your
your
question
John,
but
it
does
seem
like
there's
a
lot
of
people
out
there
that
still
still
want
packages.
B
Yeah
because
the
binary
is
kind
of
a
it's
kind
of
a
misnomer,
but
it's
kind
of
stuck
at
this
point.
It's
it's
still
all
just
python.
It's
it's
not
compiled
C
code
or
C,
plus
plus
code
or
anything,
but
it's
it's
could
it
could
have
multiple
personalities
using
traditional
Unix
things
like
Arc,
v0,
switching
or
whatever.
So
to
say,
oh
you
know,
let's
have
one
workflow
might
be
a
good
thing.
B
You
know
you
download
this
file,
but
then
maybe,
depending
on
how
you
name
it,
it
will
have
a
different
personality
or
something
but
I
think
to
dance
earlier
point.
If,
if
it's
like
I
want
to
do
a
POC,
I
would
probably
start
independently
at
first
I
haven't
have
a
separate
binary
just
for
hacking
purposes,
and
then
we
can
come
back
to
the
whole.
You
know.
Does
it
does
it
live
together
in
one?
B
B
E
Okay,
oops
no
I
didn't
mean
to
raise
my
hand
all
right,
I
guess,
I,
don't
know,
I,
guess
we'll
we'll
go
back
on
our
side
and
debate
the
merits
of
this
and
then
and
then
see.
If
we
we
start
working
on
it,
I
don't
have
anything
else.
Unless
someone
else
had
something
else
on
that
topic,
yeah.
A
Not
the
book
I
think
we're
good
I,
said
I.
Think
I
said
my
piece
like
the
main
thing
is
just
those
low-level
things.
If
you
got
those
working
I
think
the
rest
of
it
could
be
work
through
I
think
that's.
The
hard
part
is
just
replicating
some
of
those
things
in
the
binary,
some
of
those
core
functionalities.
There.
B
A
B
Again
as
the
kind
of
container
partisan,
if
we
could
at
some
point
get
a
discussion
going
about
what,
where
people's
pain
points
are,
maybe
they
could
say
do
some
work.
E
E
It's
just
it's
just
the
the
the
it's
just
Seth
is
already
hard
enough
to
operate.
I
don't
want
to
also
learn
how
to
be
a
containers
person.
That's.
C
A
E
Focus
I
want
to
focus
on
pgs
and,
and
you
know,
that
sort
of
thing
not
not
having
to
work
out
how
Docker
why
docker's
broken.
G
I
can
I
can
give
you
a
couple
of
pain
points
that
I
know
of
just
from
having
worked
with
a
couple
of
people.
The
the
logging
is
a
big
one
and
and
then
figuring
out
how
to
do
things
like
GDB
and
other
tooling,
inside
the
container.
B
So
for
adding
tools,
you
can
bring
up
a
container
and
join
it
to
another
container's
name
space.
So
we
could
do
something
like
deliver.
A
debug
container
kubernetes
has
something
along
these
lines.
I
I
often
will
bring
up
kubernetes
as
a
model
of
things
where
you
can
like
steal
ideas
from
because
it's
a
little
bit
more
mature,
that's
a
general
platform,
the
GDP
one
yeah.
So
in
theory,
you
could
bring
up
a
container
joint
into
the
other
container's
namespace
and
and
run
GDP
within
it
and
yeah.
B
So
it's
is
this
doable
things,
but
it
would
have
to
be
like
okay
there
there
would
be
some
retraining
and
if
there's
like,
hey
I,
don't
want
to
learn
new
stuff
yeah.
G
G
B
Yeah
I
agree,
that's
something
you
could
reduce
do
similarly
to
a
cyphadium
shell
works
today,
shell
or
something
yeah.
G
Could
you
could
you
get
the
symbols
that
way
as
well
for
the
the
the
process,
assuming
you
didn't,
have
it
in
the
default
container.
B
So
it's
it's
doable,
it's
just
work.
Of
course.
It's
also
work
to
build
a
another
back
end
so
but
yeah
these
These
are.
These
are
good
topics
to
capture,
because
if
people
are
doing
them
in
a
pinch
and
again,
either
interface
could
implement
it.
So.
B
G
G
Well,
anyway,
that's
that's,
maybe
a
little
off
topic,
but
those
those
are
the
those
are
probably
the
two
big
ones
that
that
seem
to
keep
coming
up.
E
Yeah
before
you
join
the
other
one,
the
other
one
is
the
is
like
security
fixes
of
third-party
packages.
Yeah.
B
F
B
E
Yeah
I
mean
that
well,
I
mean
at
for
as
a
start
we
should
have.
We
should
try
to
trim
down
slim
down
the
container
images
that
we
distribute
right
now.
They're.
They
have
a
lot
of
unnecessary
packages.
If
you,
if
you
upload
one
of
the
images
to
Harbor
I,
think
you
get
something
like
250
critical
security
vulnerabilities.
D
B
E
Okay,
well
thanks
for
thanks
for
having
the
letting
us
jump
in
on
this
weekly
call,
and
and
do
this
early
brainstorming
we'll
be
back
in
touch
if
we,
if
we
decide
to
go
ahead
and
like
to
probably
get
more
more
detail
and
to
also
you
know,
bounce
some
bounce,
some
ideas,
how
do
you
prefer
to
that?
We
if
we
do
work
on
this?
How
do
you
prefer
like
at
this
at
this
meeting
or
by
a
SEF
devel
or
on
slack
or.
A
I'm
fine
with
kind
of
any
of
them.
This
is
usually
the
main
need
we
have
for
like
bigger
topics.
We
also
have
like
the
stand-ups
on
Monday
and
Thursday
for
smaller
updates
or
individual
questions
at
those
so
come
into
any
of
those
meetings.
I
think
I
was
depending
on
the
side.
If
it's
a
big
thing,
maybe
it's
better
on
today,
I'm
running
Thursday
and
also
I'm
fine
with
you
messaging
me
on
slack
or
something
is.
A
Okay,
there's
the
ability
there's
a
channel
in
the
Upstream,
it's
F1,
it's
just
as
the
almost
hasn't
been
used
really
like
Paul
kuzner
made
it
and
then
I
think
I
think
the
very
first
post
was
actually
today.
That's
the
FES
and
things
okay.
A
Right
I'll
join
so
we'll
see
yeah
you
can
definitely
Post
in.
There
is
right
now
it's
not
really
being
used.
So,
okay,
remember
whatever
you
want
to
talk
about
cool.
E
A
All
right,
yeah,
so
I
guess
that
was
the
big
topic
for
today
was.
Was
this
stuff
interesting
project
if
posing
I'll
just
see
if
they're
willing
to
go
to
I?
Think
it's
it's
possible
if
they're
willing
to
do
all
the
good
so
that
the
low
level
worked
to
get
this
stuff
to
go.
A
We
said
we
didn't
want
to
talk
about
the
IPv6
stuff
anymore,
maybe
put
that
up
for
next
week.
People
have
a
bit
more
time.
If
you
want
to
look
at
the
scope,
ID
stuff
I
forget
what's
going
on.
A
Is
there
anything
else
you
want
to
talk
about
this
week?
After
all
that
you
could
always
make
trackers
for
some
of
these
issues
as
well,
like
we've
talked
about
like
getting
GDB
or
the
logging
stuff
to
work
a
bit
better.
B
Yeah,
that
might
actually
also
be
worth
an
ether
pad
that
tracks
like
container
pain
points
because
I
some
of
them
are
little
two
apps
the
jdb
one,
yes,
could
probably
be
a
Tracker,
but
some
of
them
are
a
little
bit
abstract.
So
I,
don't
I,
don't
know
if
it's
worth
a
Tracker,
yet
I
also
didn't
imply
that
we
shouldn't
talk
about
the
IPv6
stuff.
I
just
want
to
make
sure
those
guys
got
a
chance
to
talk
first,
because
I
probably
could
talk
about
the
ipv
stick
stuff
for
15
minutes.
So,
okay,.
A
I
see
yeah
I
guess
maybe
we
can.
We
don't
have
much
in
here
to
put
starter
tracker
with,
but
I
guess
we
could
start
one
for
yeah.
B
I
can
definitely
say,
even
in
my
own,
like
when
I'm
like
hacking
on
something
and
like
I
was
well
I.
Think
the
last
time
was
when
I
was
hacking
on
some
of
the
NFS
stuff
and
I
kept
changing
settings
and
what
one
of
my
issues
is
I
kept
getting
the
names
I
kept,
not
typing
the
names
correctly,
so
you
know
maybe
a
local
command
that
helps
you.
Map
between
the
service
and
the
local
demon
name
could
be
handy
stuff
like
that.
A
Yeah
just
miscellaneous
pain
points,
I,
guess
distract
them
with
the
glitter
I
was
also
looking.
While
we
were
talking
about
the
tools
and
stuff,
we
do
have
this
thing:
I,
don't
think
it
does
what
he
was
talking
about,
but
this
is
sort
of
what
we
have
currently
for.
If
you
want
to
run
tools,
it's
mostly
thing
for
Steph
tools
rather
than
like
DVD,
but
right.
A
This
is
sort
of
what
we
have
I
guess.
We'd
have
to
expand
something
like
this.
C
B
Yeah
exactly
so,
what
we
would
want
to
build
is
a
container
image.
That's
layered
on
top
of
the
current
one,
so
you
don't
have
this
extraneous
stuff.
That
has
the
symbols
and
has
tools,
like
maybe
s,
Trace
GDB,
a
handful
of
other
things
that
you
find
useful
when
you're
doing
like
immediate
debugging.
A
Yeah
so
that'll
either
take
a
stock
with
or
someone
who's
more
about
the
build
stuff
and
see
if
it's
possible,
to
have
almost
a
separate
container
image
like
that
that
we
get
pulled
down.
B
That
yeah
I
think
right
now,
one
of
the
issues
with
the
build
process
might
be
I.
Think
ceph
produces
exactly
one
image,
and
this
is
definitely
an
ask
to
to
say.
B
Going
to
go
into
a
world
where
we
start
delivering
more
than
just
one
but
well
yeah,
it's
it's
something.
We
just
need
to
talk
about.
A
A
Eights
I
think
right
now,
there's
image
at
the
very
end.
B
You
can
have
all
sorts
of
like
discussions
like
do
you
keep
it
in
the
same
repository,
but
do
you
give
it
a
different
tag
like
v17-
debug,
or
do
you
just
do
you
have
a
separate?
You
know
you
can
get
into
all
that
kind
of.
A
A
It
like
very
formalized
like
that
I
can
help
with
that
stuff.
B
F
B
It
it's
similarly
to
the
debug
like
I,
there's,
a
debugging
tool,
I
didn't
know,
I
needed
or
the
security
fix
one.
My
thought
processes
are
giving
people
a
way
to
build
their
own
images.
Simply
it
could
be
opening
a
can
of
worms,
but
it's
something
to
to
think
about.
A
B
I
mean
it
would
take,
I
mean
that
actually
is
not
that
hard.
The
way
the
containers
are
are
layered.
So
basically
you
start
off
with
Seth
as
your
base
layer
and
then
you
do
whatever
right
either
a
dnf
install
blah
blah
blah
or
you
know,
I,
want
to
add
this
config
file
to
the
image.
The
question
is:
automating
it
and
giving
them
a
way
to
make
use
of
it
because
right
now
it's
like
we
expect
everything
to
be
in
a
public
registry.
B
So
that's
that's
kind
of
the
challenge,
because
they're
just
used
to
saying
okay,
Red
Hat,
just
published
or
Debian
just
published
a
open,
SSL
fix.
Okay
I
could
just
consume
that
now.
There's
there
is
an
issue
with
that
which
is
not
all
packages
that
say
use
SSL
are
necessarily
using
openssl
and
that's
one
of
the
reasons
like.
D
B
Forces
everyone
onto
the
same
SSL
even
for
stuff
that
were
the
Upstream,
tries
to
push
back
against
that
I'm
going
Wicked
off
topic.
Sorry,
I'm.
B
Sorry
I
was
gonna,
say
I
also
do
a
lot
of
go
and
go
has
the
same
problem.
Most
of
go
is
statically
compiled.
So
if
you're,
if
you're
delivering
a
go
binary,
it's
not
linking
to
live
fubar.so
it
it's
kind
of
pulled
in
at
compile
time,
so
those
folks
would
also
have
similar
issues
even
in
a
world
where
there
aren't
containers,
if
they're
using
languages
like
go,
that
are
doing
a
lot
of
static
compiles.
So
the
whole
drop
of
package
thing
is
not
a
Panacea.
C
B
Security
issues
but
I
can
understand
why
people
have
that
concern.
A
Yeah
it's
at
least
some
like
legitimate
reason,
something
we
could
improve
on
try
to
as
close
as
we
can
to
how
it
works.
Back
into
this
see
we
can
automate.
B
Oh,
and
he
mentioned
Harbor-
is
that
Dockers
security
scanner?
Does
anyone
know
I'm
more
familiar
with
Quake,
which
has
its
clear
I?
Think
it
has
a
security
scanner
built
in
I'm,
not
sure
myself,
I,
don't
know
all
right,
because
that's
interesting
that
he
said
Harvard
because
I'm
like
oh,
but
we
deliver
you
using
Quay
and
I'm
like
so.
Is
he
pulling
this
official
set
of
images
into
another
registry?
First
I,
don't
know.
B
Interesting
I
was
not
familiar
with
this
yeah.
Oh.
A
A
A
A
Use
case
for
I
just
think
it
was
something
we
didn't
even
improve
on
try
to
get
closer
to
how
easy
it
is
for
packages.
It
definitely
is
something
that'd
be
harder
for
containers
right
now,.
B
Yeah
so
I
think
it's
worthwhile
that,
like
I,
get
where
they're
coming
from,
but
I
think
it's
a
ton
of
work
and
if,
if
the
request
was
coming
from,
you
know
like,
oh
you
guys
do
the
work
I
would
be
like.
No,
you
know
they're
volunt,
they're
they're
interested
in
implementing
it,
which
is
good
but
I,
would
prefer
to
you
know,
give
them
better
container
tooling.
If,
if
I
had
my
away.
A
B
A
So
I
think
if
they
go
for
it
again,
it
could
be
a
nice
project.
You
know
and
I'm
I
guess
the
only
thing
to
sort
of
be
like
support
after
the
fact
after
they're
done
with
it.
If
there's
anybody
who
would
watch
it.
A
B
A
B
I
mean
if
this
is
one
of
those
like
we're,
gonna
build
it
and
use
it
ourselves
and
they've
got
probably
the
proper
amount
of
so-called
skin
in
the
game.
But
if
it's,
if
it's
something
like
we're
going
to
build
it
to
make
stuff
more
popular
and
then
there
isn't
a
ton
of
support
after
the
initial
code
drop
that
could
be
could
be
an
issue.
A
Yeah
another
concern
I
had
I
guess
I
didn't
talk
about,
then,
is
for
testing,
because
that
theory
could
almost
like
double
our
our
test.
Suite.
If
we
have
to
test
the
package
version
of
this
as
well
yeah,
so
there
would
be
a
lot
more
test
runs
that
have
to
happen,
which
I
know
the
lab
already
has
a
lot
of
stuff
going
on
there.
So
it
could
also
be
a
difficulty.
B
Yeah
I
mean
in
theory
it
would
be
good
because
you
could
just
say
oh
reuse,
most
of
the
existing
f80m
tests,
because
the
end
result
should
largely
be
the
same
like.
But,
like
I
said
these,
there
are
resource
issues
too
and
having
another
back
end,
could
you
know
in
theory
double
the
test
time
for
the
orchestration
pieces.
A
Tests
in
there
we
have
a
nice
cozy
one
now
that
actually
checks
the
Etsy
host
in
the
container,
because
we
had
that
other
issue.
A
That
obviously
wouldn't
be
a
thing
in
the
the
package,
one
so
there's
something
that
could
just
be
dropped
or
something
I
think
we
definitely
end
up
needing
like
some
sort
of
separate,
like
sub
sweeps
of
tests,
hopefully
be
one
that
we
can
run
like
regularly,
because
I
know
there
are
some
regular
runs
that
happen
to
check
the
things
are
okay
and
then
just
if
there's
modifications
to
that
one.
If.
C
B
C
C
A
Yeah
I
sounded
like
Dan,
was
going
to
go
with
whoever's
in
that
group
and
talk
about
after
this
meeting,
like
the
feasibility
of
stuff
that
we
talked
about
in
here.
A
There's
a
lot
of
like
the
tape
away,
but
I
think,
at
least
from
my
end,
was
that
most
of
the
works
could
be
on
the
low-level
stuff
like
actually
doing
the
deployment
of
the
the
demons
and
checking
where
they
are
and
installing
the
packages
and
stuff
it's
gonna,
be
the
harder
part
and
then
the
actual,
like
more
high
level
manager,
module
things
that
fidm
does
you'd
have
to
be
transfer
most
of
that
over,
and
so,
if
they
wanted
to
work
on
that,
there's
going
to
be
a
lot
of
like
proof
of
concept,
work
on
the
low-level
stuff.
C
Yeah
I
mean
up
front
I
should
also
with
withstanding
the
other
guys
as
well
I
mean
we
did
a
a
meet
up
with
sage
I
think
in
2021,
where
we
did
the
comparison
between
cefady,
Evan,
Rook
and
but
I
didn't
find
any
slides
on
this
or
how
I
can
see
the
progress.
So
it's
a
an
updated
slide
where
you
can
see
the
the
differences.
C
The
feature
sets
of
of
rook
and
self
ADM.
Do
you
have
something
like
this?
An
updated
version
of
it.
A
C
So
I
mean
we
have
this
two
we
are
at
the
moment
supporting
safe
ADM
I
mean
we
started
this
with
Sebastian
harnessing
a
few
years
ago
and
always
try
to
improve
self-adm
and
and
we
are
heavily
using
it
and
the
other
topics
that
we
use
the
Rook
since
a
while.
So
and
I
think
there
was
a
working
student
at
redhead
who
prepared
something
like
this.
C
I
cannot
remember
the
name
and
I
only
found
the
slides
in
in
my
recording
of
of
the
of
the
Meetup
I
think
it
was
end
of
end
of
I.
Think
one
day
before
Sage
left,
I,
think
13th
of
November
or
October
in
2021
and
I
tried
to
find
something.
If
there
was
an
update
in
the
last
few
years
and
yeah
I
did
not
find
anything
so
would.
A
Least
from
our
side,
I,
don't
think
we've
done
any
any
new
comparisons.
We
have
one
person
who's,
not
here
right
now,
they're
on
Parental
leave,
but
they.
D
A
Doing
they
were
working
on
rook
and
stuff
idiom
I
did
the
only
person,
I
know
who's
doing
that,
so
they
might
have
a
better
idea
of
that
stuff.
When
they're
back.
C
C
C
What
do
you
want
to
improve
in
in
safe
ADM,
especially
with
I?
Think
one
of
the
topic
was
with
with
the
specification
of
how
to
detect
a
hardware
or
devices
in
general,
we
had
some
some
problems
in
larger
clusters
yeah
a
few
months
ago.
A
C
C
A
A
The
meeting
for,
if
you
guys,
want
to
come
in
and
you
have
topics
this
is
what
we
have
this
meeting
for
so
yeah
I'm
glad
to
hear
stuff.
Okay,.
F
D
A
A
I
can
let
me
see.
F
A
A
I,
don't
know
I
stopped
again.
Hopefully
it
stops.
I
can't
sit
here
forever,
but
yeah.
So
you
said
the
channel.
What
do
you
mean
the
channel
of
the
everything.
F
No,
the
the
swipe
Channel,
maybe
call
it
stuff,
Orchestra
I
kind
of
know
what
we
did
on
IRC,
because
I
think
they're
building
another
yeah.