►
From YouTube: CNCF CNF WG Meeting - 2022-12-19
Description
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from April 17-21, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
A
A
B
Please
add
your
name
to
the
meeting
notes
and
any
agenda
items.
If
you'd
like
to
talk
about.
A
Foreign
right,
let's
mix
up
I,
have
got
a
hard
stopper
term
half
past
the
hour
today.
I'm
afraid
so
feel
free
to
continue
the
conversation
if
I
need
to
drop,
but
otherwise
I'll,
try
and
finish
by
then,
okay.
So
looking
down
the
agenda
so
holiday
period
for
some
of
us
no
meetings
on
the
26th
or
the
second,
so
the
next
meeting
will
be
on
January,
the
9th
2023.
A
So
yeah
the
cloud
native
Telco
days
event
in
Amsterdam
looks
like
there
needs
to
be
sponsorship
in
order
for
that
to
go
ahead
if
I've
understood
it
correctly,
and
so
we're
trying
to
gather
sponsorship.
Interest
for
that
and
Lucy
is
coordinating
that.
A
So
thank
you,
Lucia
for
doing
that.
Anyone
who's
got
sponsorship
leads.
Please
select.
A
no
by
close
play
tomorrow.
Is
that
the
deadline
from
the
cncf
you
see
now.
C
Good
morning,
well,
unfortunately,
the
deadline
from
conference
is
through
the
holidays
and
I'm
happy
to
submit
the
proposal
Forum
in
my
last
day
before
the
holidays
will
be
Wednesday.
A
A
Thank
you.
Okay,
thanks
for
saying
that
so
upcoming
events,
anything
else
to
add
to
this
other
than
what's
been
mentioned
before
so
we've
got
mwc.
A
Barcelona
connected
America
private
5G
in
the
edge
Summit.
You
can't
possibly
talk
a
day:
tacos
and
public
Cloud,
Summit,
Telecom,
TV
thing:
okay,
interesting,
OSS,
North,
America,.
A
So
this
is,
this
is
more
kind
of
events
that
might
be
of
interest
to
the
group,
I
think
where,
where
we've
got
something
specific
happening,
we'd
call
that
out
in
more
detail.
Okay.
So,
for
example,
there
was
a
talk
about
the
CNS
certification
program,
I
think
at
on
E
Summit
in
the
Autumn,
and
that
was
listed
on
here
as
something
that
was
happening.
D
Doing
something
at
at
mobile
Congress
is
not
entirely
out
of
the
question,
but
a
lot
of
that
energy
disappeared
when
covet
hit.
There
was
supposed
to
be
a
Linux
Foundation
event
the
first
year
that
it
was
canceled.
D
So
there
is
possibility
that
I
mean
definitely
not
this
this
coming
year,
but
there's
possibility
that
something
could
eventually
happen
again,
but
it
would
require
some
concerted
effort
for
people
to
kick
start
it
up
again
and
probably
collaborate
with
the
women's
Foundation
networking
to
to
have
it
make
sense
as
well
and
I
don't
know
if
those
connections
are
are
happening.
At
this
point.
A
A
A
That's
good
in
a
way:
I
wouldn't
expect
anything
to
be
open
today
or
before
January,
because
it's
going
to
be
quite
quiet,
yeah.
A
A
So
there's
quite
a
few
issues:
open
I
think
Let's
ignore
the
button
two
for
now,
because
they've
been
open
for
a
long
long
time
and
discussions
ongoing.
A
F
A
There's
a
bunch
of
there's
a
bunch
of
issues,
I'm
afraid
I
haven't
progressed
this
one
which
I've
been
assigned
to
for
a
little
while,
but
these
top
six
are
not
assigned
to
anyone
at
the
moment.
So
if
anyone's
willing
to.
A
Get
involved
and
help
push
some
of
these
forward.
That'll
be
great.
B
Some
of
them
were
created
while
we
were
working
through,
and
someone
mentioned
something
I
think
like
that
link,
one
that
you
were
referencing
was
similar
when
it
was
created,
but
the
new
ones
were
created
based
on
the
feedback.
I
think
the
most
important
thing
I
think
for
us
going
into
next
year,
is
getting
if
we're
going
to
get
more
best
practices
into
that
Google
doc.
I'm.
Sorry,
not
the
Google
Doc,
the
markdown
DOC
for
best
practices
for
CNF
developers.
B
We
need
to
go
through
and
actually
get
the
content
and
the
selection
that
we
have
those
issues,
those
top
ones
that
was
based
on
feedback.
B
You
know
that
we've
been
having
I
guess
all
year,
because
we
have
all
the
least
privileged
documentation
and
content,
and
then
we
have
other
pieces
that
we
had
gone
through
that
are
related
to
the
certification
and
everything.
So
those
would
be
the
ones
where
love
to
get
help
from
the
rest
of
the
community.
A
C
A
A
Okay,
I
think
foreign.
We
were
talking
about
trying
to
have
a
regular
Cadence
of
updates
to
the
documents.
In
terms
of
you
know,
new
best
practices
created
or
improvements
to
the
docs
I
wonder
if
we
should
track
I.
Suppose
that's
been
done
in
the
issues
just
trying
to
work
out
how
we
can
make
it
easier
for
people
to
sort
of
go.
This
is
the
sort
of
thing
that's
missing
that
they
can
that
they
can
work
on,
but
sure.
B
Can
you
bring
up
the
CNF
developer
best
practice
document.
F
B
And
that
should
be
now
linked
from
the
front
readme,
so
this
should
be
a
place
where
folks
can
come
to,
and
you
know
eventually
see
here
are
the
list
of
best
practices
within
the
categories
that
they
can
find,
and
then
you
know,
click
and
go
into
each
best.
Practice
I
I
think
is
where
we
were
headed
and
should
make
it
easier
for
people
that
are
looking
to
adopt
or
understand.
What's
out
there.
B
B
B
Any
practices
that
we
could
put
in
the
categories
would
be
the
high
level,
and
then
we
could
tag
potentially
tag
issues
with
add
a
a
tag
on
on
issues
that
are
indicating
that
we
want
help.
I,
don't
know
if
it's
you
can
there's
stuff
like
best
first
issue
or
good
first
issue,
not
the
best
good
first
issue
and
other
there's
other
things
on
GitHub
that
are
common
to
indicate.
B
Here's
a
place
to
get
started,
but
we
could
look
at
something
like
that
and
then
the
other
thing
we
could
think
about
would
be
the
GitHub
milestones
if
we
want
to
do
something
like
publish
a
certain
number
of
best
practices
in
this
document
within
a
time
frame
like
Q
q1,
end
of
q1
have
some
number
of
best
practices,
and
if,
if
we
add
those,
if
we
do
a
milestone,
you
can
add
issues
into
the
milestone,
we
could
actually
add
the
ones
that
are
that
we
have
right
now.
B
A
C
A
B
Yes,
does
anyone
else
have
any
thoughts
on
how
to
make
it
easier
to
get
folks
involved?
I
mean
that
we
have
a
lot
of
expertise
out
there
and
including
folks
on
this
call,
but
right
now
for
your
colleagues
that
might
be
willing
to
contribute
and
have
experience
in
Samaria,
it
doesn't
have
to
be
the
best
practices
that
we
list,
but
everyone's
solving
problems.
You
know
in
your
day
work
and
the
idea
is
to
share
those
practices
that
we've
found
as
we
overcome
stuff
so
that
you
know
we
go.
This
is
a
good
idea.
B
A
A
So
it
needs
that
kind
of
it
needs
that
initial
bit
of
effort
to
Define
it
quite
well.
In
order
from
you
know,
then
then
I
can
go
and
talk
to
the
expert
of
that
thing.
You
know
whatever
it
might
be,
and
you
know
there's
there's
probably
something:
they've
already
got
content
or
could
produce
content
quite
quickly
for
but
I
don't
think
people
yet
are
feeling
able
or
willing-
probably
the
former,
just
because
of
resource
pressures
to
spend
the
time
doing
that
initial
Discovery
and
definition
work.
A
G
Like
Tom
just
said,
we
can
go
back
to
people
on
our
team
and
and
say:
okay,
you
know
in
q1
we
want
to
fill
in
these
sections
and
our
and
and
I
think
we
can
go
back
and
and
allocate
the
resources
internally
to
be
able
to
help
support
that.
But
without
that
clear
definition
it's
if
it's
kind
of
open-ended
it's
tougher
because
other
people,
you
know
everybody-
have
their
day
jobs,
kind
of
situation.
B
All
right,
thanks
for
the
feedback,
I,
have
an
idea
on
making
things
a
little
bit
more
defined
before
that,
though,
let's
finish
what
you're
doing
Tom
and
put
at
least
a
this
can
be
like
a
draft
or
whatever
Milestone.
If
we
want,
but
in
the
title,
I
would
say:
2023
q1
best
practices
make
it.
B
You
know
you
put
space
after
yeah
and
and
then
yeah,
we
can
say:
I
mean
I.
It
seems
like
a
a
low
goal
would
be
three
best
practices,
ideally
in
q1.
If
we,
if
we're
only
doing
one
a
quarter,
then
it's
gonna
take
forever
to
have
yeah.
That
document
at
some
some
level
that's
useful,
but
if
we
could
get
three
in
the
first
quarter,
which
is
harder
with
the
holidays
and
getting
started,
then
maybe
we
get
enough
momentum
to
get
some
more
in
the
next
few
quarters.
F
B
Go
ahead
and
I
guess
just
save
that
and
then
go
to
one
of
the
tickets.
That
is
a
best
practice
proposal.
B
All
right,
and
then,
if
you
look
at
this,
it's
probably
just
based
on
what
you're
saying
it
may
be
and
Rich
and
and
you
both
Tom,
it
seems
like
this-
might
be
too
vague.
Unless
you're
already
doing
this
one's
about
configuration,
declarative
configuration
and
if
you're
already
working
on
that,
then
it
may
jump
out
to
yeah.
This
is
a
good
idea
and
I
can
help.
B
B
B
B
There's
no
way
to
unless
you're
a
have
the
correct,
edit
or
the
high
edit
access
to
a
repo.
Then
you
can't
go
edit
comment
so
I'm
trying
to
think
of
how
you
could
do
this
I,
don't
think?
No,
if
not,
everyone
is
going
to
be
able
to
go
add
to
the
description.
But
ideally
this
should
be
like
a
form
and
as
you
fill
it
out,
then
people
are
gonna
see.
Okay,
this
is
done.
This
is
done
this
it's
done,
but
what
could
happen
is
if
we
have.
B
Maybe
we
add
that
into
the
description
area
and
then
potentially
those
those
headers
for
each
section
and
then
say
this.
This
section
needs
to
be
filled
out
and
then,
as
someone
adds
a
comment,
here's
a
summary
or
whatever.
Then
we
could
keep
updating
the
description.
I,
don't
know
something
to
that
effect
so
that
we
have
here's
an
area,
here's
the
best
practice
proposal
that
we
need
help
on
and
we
need.
You
know
something
in
these
areas
and
then
go
from
there.
We
can
also
do
it.
B
A
A
You
know
if
it's
a
new
best
practice
and
then
in
here
there's
the
sections
that
you
were
talking
about
and
people
can
start
to
add
to
them.
Foreign.
B
A
Great
minds
because
I've
seen
that
used
in
other
in
other
sort
of
similar
things
where
we
then
get
a
fairly
consistent
issue.
First
comment,
which
is
helpful.
B
Right
and
then
anything
else
could
be
left
blank
and
I
would
say
if
it
might
be
good
I
mean
anyone
opening
these
and
trying
to
contribute.
You
know
if
you
have
your
own
workflow
and
stuff
happy
to
have
whatever
you're
going
to
contribute,
but
to
help
with
folks
who
don't
know
where
to
get
started,
then
doing
the
template
and
then
so
Tom
you
created
this
one
and
then
what
maybe?
If
if
you
create
a
Google
doc
or
a
hack,
MD
or
something
that's
yeah,
we
can
keep
modifying
and
has
version.
B
History
I
mean
Google
doc
you
can
do.
You
could
create
a
Google
doc
and
then
turn
on
comments
from
anybody
not
edible,
but
comments
for
anybody,
and
then
you
know,
of
course
give
edit
to
whoever
you
think
is
safe.
But
if
we're
going
to
drop
a
link
in
here,
then
you
can
drop
a
link
to
the
Google
Doc
and
people
can
just
start
adding,
and
then
we
just
roll
that
back
in
that
can
also
be
done
with
a
hack,
MD,
but
either
either
way.
Lets
people
see
the
template.
B
A
B
A
Yeah,
it
makes
sense
I'll
do
that,
for
that
top
one
I
do
need
to
drop
now
so
I've
got
to
imagine
the
meter
manager,
but
yeah
I
will
do
that
for
the
issue
that
we
had
open.
There
244
see
how
that
works.
People.
B
Sounds
good,
hopefully
that
helps
Rich
with
folks.
F
B
Yeah
so
I
saw
in
chat
of
Victor.
Did
your
resp
get
a
response
to
the
open
networking.
H
Yeah
yeah
just
curious
because
we'll
probably
be
quite
kind
of
common,
focused,
so
I
just
wondering.
What's
the
relationship
between
the
this
effort
and
that
Foundation.
B
Yeah
so
there's
several
different
orgs
out
there
that
are,
you,
know,
working
on
networking,
related
cloud
computing,
I
guess
I
could
say
and
in
different
ways.
So
we've
been
trying
to
reach
out
and
really
over
the
the
last
several
years
as
when
cncf
created
the
Telecom
initiatives
originally
trying
to
reach
out
and
collaborate
with
different
folks,
I
think
Frederick
you've
been
engaged
some
with
the
open
networking
directly
and.
D
B
So
it's
been
off
and
on
and
and
Frederick
is,
is
part
of
a
cncs
Sandbox
project
called
network
service
Smash
and
as
well
as
other
work
things
in
and
we've
had
some
effects
from
the
ons
join
like
the
taco
music
group
and
different
things
over
the
years.
But
it's
all
I'd
say
that
organizations
keep.
You
know
moving
around
its
fluid.
If,
if
you
have
anything
specific
where
you
think
this
is
a
mutual
interest
like
there's
overlap
or
complementary
work,
Victor,
then
please
let
us
know.
D
B
D
Job
with
to
help
with
the
onf
relationship
itself,
so
if
I
recall
properly,
that's
primarily
operator
operator
LED,
but
there
is
also
heavy
vendor
involvement.
It
was
part
of
the
reason.
I'm
not
I
was
not,
as
involved
as
much
in
Allen
was
that
at
the
time
I
was
in
either
an
operator
nor
a
vendor,
so
it
was
the
Rules
of
Engagement
made
it
very
difficult
for
me
to
contribute
myself,
but
that
being
said
that
they
do
rely
upon
several
of
our
or
us
as
the
the
cncf
and
Linux
Foundation
Technology.
D
So,
for
example,
things
like
kubernetes
have
heavy
usage
in
it.
You
have
things
like
tanks
and
fabric,
that's
that
is
that
sold
into
it
through
at
least
a
major
vendor.
Then
there's
also
projects
like
magma
and
similar,
which
I
when
I,
surprise
me.
If
those
ended
up
in
in
those
particular
areas,
plus
the
broad
ecosystem
that
kubernetes
itself
brings
into
brings
into
the
into
the
space.
D
So
definitely
so,
even
if
there
is
not
a
direct
like
this
group
talks
to
that
group,
there's
still
some
form
of
collaboration
that
occurs
between
the
different
organizations,
even
though
the
collaboration
may
be
more
may
be
more
indirect.
B
Quite
a
few
open
source
projects
itself,
so
there's
and
including
like
dpdk,
would
be
a
one
point.
That's
you
see
tied
across
many
foundations,
but
as
a
layer,
but
did
you
have
anything
specific
to
Victor.
H
No
I've,
just
I,
used
to
work
for
Telecom
now
I
actually
want.
My
friend
is
he's
volunteering
in
mostest
on
F
and
the
CIS
Benchmark,
the
the
community.
So
that's
why
the
the
the
the
question
that
was
posted
earlier
about
like
security
best
practice,
sounds
like
that's
something:
I
don't
go
back
and
talk
to
him
and
whether
that's
how
that
overlap
in
what
they're
trying
to
do
in
the
openness
or.
B
Yeah
would
love
to
share
and
collaborate
on
best
practices.
B
H
Also,
he's
part
of
that
contribution
to
the
CIS
benchmark.
H
Community
Community
Driven
the
center.
H
Security,
so
that's
that's
what
the
the
security
seems
to
be
because
that
Foundation,
but
let's
come
here,
yeah,
so
I'll
I'll
talk
to
you
and
see
whether
it's
any
overlapping
interests.
D
Let's
go
so
in
terms
of
CIS.
My
understanding
is
that
there
is
a
CIS
Benchmark
for
kubernetes
and
very
likely.
It
would
surprise
me
if
we
were
not
involved
with
it
in
the
cncf
tag:
Security
Group
and
there's
also
a
Sig
Security
in
the
kubernetes
project
itself.
D
If
you're
interested
on
the
security
side,
I
would
definitely
recommend
having
a
conversation
with
at
the
very
minimum,
the
the
attack
security
as
as
well
as
this
particular
group
and
I
think
there
was
some
initial
discussion
and
interest
between
this
group
and
tax
security
and
trying
to
find
places
where
they
could
collaborate
with
each
other.
So
if,
if
that's
an
area
of
interest
to
you,
it's
it's,
not
it's
not
really
an
issue
of
there
being
having
to
build
interest.
D
It's
more
an
issue
of
resources
and
people
to
to
take
it
on
who
who
want
to
make
back
to
move
in.
So
that's
something
you're
you're
interested
in
trying
to
find
definitely
could
use
the
help
there.
C
H
D
D
Both
exist,
the
the
tag
is
bound
to
the
cncf
itself.
The
Sig
security
is
bound
to
the
kubernetes
project
itself,
so
the
Scopes
are
are
very
different,
so
Sig
security
itself
will
generally
only
look
at
kubernetes
security,
we'll
only
look
at
things
that
are
related
towards
kubernetes
itself
and
the
cncf
cloud.
D
The
cloud
native
efforts,
if
let's
say
that
you
were
to
remove
kubernetes
from
the
picture
entirely,
there
are
still
very
large
spaces
that
the
cncf
still
touches
upon
and
has
projects
that
that
that
it's
involved
with
that
would
still
be
within,
would
still
have
white
scope.
So
so,
in
short,
there's
there's
definitely
there's
definitely
overlap
between
the
two,
but
the
scope
is
set
very
differently.
Okay,.
B
There's
you
have
people
that
are
in
late,
they've,
been
leading
and
and
long
time
and
and
sick
security
that
are
also
in
tag
Security.
Tax
security
is
gonna,
ensure
that
the
greater
cncf
and
I'll
say
cloud
native
ecosystem
is
covered.
So
looking
at
individual
projects
looking
at
workloads
ex
extending
kubernetes
core
and
those
sort
of
things
versus
the
more
focused
efforts
of
kubernetes
Sig
security.
C
B
It
would
depend
on
where
their
focus
is.
If,
if
you're,
looking
at
specific
apis
and
and
things
around
the
core
of
kubernetes,
then
sick
security
might
be
the
place
to
talk.
But
if
you're,
looking
at
the
workloads
and
greater
I
would
say
even
like
greater
networking
issues
than
tax
Securities
good
place,
but.
B
I
think
if
you
join,
if
someone
joins
cncf
tax
security
and
starts
going
to
those
meetings,
you're
going
to
have
references
to
seek
security,
I've
seen
that
in
the
past
and
then
once
things
make
it
up
to
like
the
cncf
Toc,
then
you'll
have
even
more
overlap
because
they're
they're,
looking
at
the
effects
of
what
are
the
big
changes
in
kubernetes
as
a
projects
and
how
does
that
affect
the
whole
ecosystem.
So
it
won't
hurt
to
get
involved
in
either
place
or
both.
H
Yeah
they're
trying
to
figure
out
what
each
meeting
is
about.
Let's
take
a
long
time,
probably.
B
Yeah
I
would
just
say
you
know,
join
them
and
or
look
at
you
can
look
at
the
past
meeting
and
for
the
meeting
agenda,
so
they're
published
for
the
sigs
and
tags
and
working
groups,
their
notes,
meeting
and
notes,
and
that
sort
of
thing
are
all
public,
including
a
lot
of
a
lot
of
them,
are
recorded.
So
you
can
even
go
and
and
look
at
published
recordings
that
are
they're
published
to
YouTube
yeah
thanks.