►
From YouTube: CNCF CNF WG Meeting - 2023-03-06
Description
Don't miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from 18 - 21 April, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
B
B
B
B
B
B
There's
a
microservice
club
CNF
paper
about
one
concern
per
container.
C
Who's,
it
was
really
interesting.
I
can't
remember
whether
it
was
on
Twitter
or
slack
somewhere.
There
was
a.
It
was
a
good
discussion
of
whether
it
was
an
appropriate
set
of
examples,
but
I
think
the
general
gist
of
it
seems
to
deal
with
the
problems.
Gurga
had
I
think
on
a
few
weeks
back
a
couple
of
months
ago,.
B
All
right,
do
you
think
the
wherever
you
saw
that
discussion?
Would
it
be
something
good
to
link
to
and
I
think
we
have
a
related.
B
B
A
I
I
just
receive
a
comment
in
my
linking
post
and
I,
of
course,
the
person
to
put
the
comment
on
on
these
physical
discussions
so
but
it
seems
like
he
didn't.
He
didn't
put
that
information.
B
All
right:
well,
if
you
do
find
it
Tom,
would
you
drop
the
link
into
the
issue?
Yeah.
B
So
we
don't
have
a
poor
request
yet
for
this
one
or
a
a
separate
document,
but
I
think
you
know
this
would
be
a
big
write-up
or
material
could
be
pulled.
What
do
you
all
think
as
far
as
moving
forward
and
and
starting
a
draft
on
this,
a
Google
doc
that
we
could
start
writing
at.
B
Yeah
I,
don't
think
I
created
a
Google
doc
for
that
one
kind
of
jump
on
ahead,
but
all
right
I
will.
Let
me
let
me
go
ahead
and
put
that
as
something
down
here
and
then
we'll
come
back
to
it
here.
In
a
few
minutes.
B
C
C
So
quite
often,
mwc's
focused
on
you
know,
iPhones
Androids,
etc,
etc.
But
there
seemed
to
be
from
his
point
of
view,
more
discussion
about
the
sustainability
of
toku
in
general,
and
also
less
discussion
about
6G
than
he
was
expecting.
B
I
saw
a
what
is
it
Telco,
TV
or
the
Telecom
TV
discussion,
where
there
was
it
was
around
6G
and
5G
and
where
the
focus
should
be,
and
it
definitely
seemed
like
a
pretty
strong
split
between
that.
B
Not
just
really
getting
5G
fully
deployed.
But
even
that
there's
a
lot
to
explore
left
on
the
one
side.
And
then
some
folks
feeling
like.
B
Almost
like
it
just
need
to
be
jumped
over
and
and
head
right
to
16..
So
if
there's
I
wonder
if,
because
of
the
the
split
on
how
people
feel
about
that,
if
it's
I
mean
it
seems
like
sometimes
the
conflict
would
have
increased
the
discussion,
but
I
don't
know.
Maybe
there
wasn't
enough
people
that
were
willing
to
talk
about
it
to.
C
Yeah-
and
it
may
also
have
been-
you
know
the
expectation
he
had
versus
you
know
his
his
expectation
may
have
been.
There
has
been
loads
of
discussion
about
6G,
and
maybe
there
wasn't
I
think
the
other.
The
other
thing
you
mentioned
was
there
was
quite
a
lot
of
discussion,
especially
around
the
Vodafone
stand
about
open
run
and
how
that
Canon
should
be
adopted
at
scale,
but
again
that
that
might
have
been
just
his
view
from
where
he.
C
It's
not
something
you
mentioned,
but
I
know
that
Vodafone,
for
example,
had
the
announcement
about
essentially
Pro
5G
on
a
Raspberry
Pi
and
trying
to
drive
the
cost
of
that
down,
so
that
it's
affordable
for
anyone
and
very
fairly
similar
costs
to
a
Broadband
router
I.
He
didn't
so.
He
didn't
mention
it
in
his
summary
of
things
that
he
took
away
from
the.
C
I
think
it's
termed
a
prototype
at
the
moment,
but
I
think
the
idea
is
that
it's
it's
something
that
will
will
drive
further.
B
B
All
right,
I
I,
think
that
there's
a
lot
that
we
can
explore
on
the
whole
private
5G
side
and
there's
overlap
into
all
the
kubernetes
edge.
Of
course,.
B
B
C
No,
so
that
will
be
that
would
have
been
done.
R
d
Center
in
Malaga,
which
I'm
not
not
part
of
all,
particularly
linked
to
the
kind
of
I'm
I'm
more
involved
in
the
mobile
core
Cloud
stuff,
which
I
know,
is
linked
from
a
functional
point
of
view.
But
it's
a
very
different
part
of
the
business.
C
C
You
know,
because
I
I
tend
to
agree
with
you.
It's
really
interesting
to
see
how
some
of
the
core
functions
have
been
shrunk
to
the
point
where
they
can
run
on
a
Raspberry
Pi
compared
to
the
dimensioning
that
we
see
in
the
Mobile
call
for
a
kind
of
Country-Wide
deployment.
B
Yeah,
the
being
able
to
limit
the
context
could
allow
us
to
focus
in
on
one
area
and
talk
about
benefits
and
other
things,
I
mean
of
course,
then
you
can
talk
about
caveats
and
other
stuff,
but
being
able
to
at
least
have
the
dialogue
in
a
more
focused
area.
I
think
has
been
helpful
in
the
past
of
move.
Some
things
forward
sounds
good.
Does
anyone
else
have
anything
about
mwc.
D
I'm
about
NWC,
but
another
topic
585g,
so
always
trying
to
figure
out
because
there's
two
products,
that's
the
difference
to
be
related.
We've
talked
about
a
lot.
One
is
Linux
foundation's
magma
project.
D
B
D
Oh
yeah,
my
it's
my
laptop
audio.
It
has
a
problem
recently
and
I
probably
need
a
new
laptop.
D
Yeah,
so
both
those
things
too
about
5G,
probably
5G,
so
it
was
how
do
they
work
together?.
E
B
All
right,
I
haven't
really
heard
much
about
this,
since
it
was
getting
going.
B
The
main
thing
that
I
recall
so
I
I
think
Magma's
5G,
core
I,
didn't
know
if
they're
doing
any
like,
of
course,
any
of
these
pieces,
like
Thomas
saying
they
could
be
shrunken
down
and
you
cut
up
pieces
to
your
Edge,
but
I
I
didn't
think
they
were
as
focused
on
edge
I
thought
they
were
doing
more
of
the
core
mobile
core,
and
this.
This
part
I
thought
was
one
of
the
big
things
that
they
were
doing.
The
way
that
the
Federation
and
the
way
that
the
different
components
in
the
core
talked.
B
They
don't
all
use
3gpp
interfaces,
some
of
them
actually
use
grpc
for
talking
and
taking
advantage
of
of
that
for
some
of
the
features.
D
I
I
know
both
are
pretty
active
projects,
so
magma
is
from
Facebook
and
it's
actually,
it
was
actually
a
kind
of
a
clone
of
the
omdc
project.
D
B
I,
don't
know
about
any
type
of
collaboration
between
the
two
projects,
Aether
and
magma,
I'm
sure,
there's
people
that
are
work
with
companies
that
are
working
on
both
I,
don't
know
you
know
about
any
overlap.
D
So,
just
from
a
telecom
use
case
perspective,
are
they
provide
overlapping
each
other?
You
see
oh
they're,
doing
different
things.
B
Was
that
a
question
I
I
missed
I
missed
part
of
that
yeah.
It's
a.
D
Question
yeah
I
was
wondering
what,
because
they
do
both
for
private
5G
but
I
I,
don't
know
what
they're
it's
all
I'm
going
to
see
is
core
right
so,
but
for
but
magma
is
Access
Network
projects
so
easily
yeah.
So
I
don't
know
how
much
overlaps
they
have
between
the
two
projects.
Foreign.
B
Maybe
something
to
look
into,
we
are
regarding
the
like:
the
CNF
certification,
best
practices
use
cases
interested
in
digging
more
into
private
5G,
so
definitely
are
going
to
be
talking
more
and
more
with
projects
so
and
Owen
the
open
networking.
B
If
you
know
anyone
or
then
we
want
to
try
to
encourage
them,
also
to
get
involved
with
what
we're
doing
all
right,
let's
see
going
back
quickly
connected
America
private
5G,
there's
a
lot
of
events
this
year
that
are
the
5G
related
and
looking
at
the
topics
like
this
big
5G
event,
Tom
Victor,
y'all
planning
on
going
or
know
anybody
that's
going
to
be
going
to
this
5G.
It
looks
like
a
fairly
big
event.
B
C
I,
don't
know
anyone
going
I
think
it's
unlikely
that
someone
will
go
to
home.
Okay,
just
because
of
the
location,
all
right.
B
Some
of
the
topics
of
check
it
out.
It
could
be
interesting
enough
that
there
may
be
enough
discussion
and
with
y'all
having
like
demoing
a
product,
and
there
may
be
a
reason
for.
B
B
S
from
like
cncf
I
bet,
there
were
a
few
people
that
went
to
mwc
in
the
EU,
but
a
larger
presence,
and
maybe
even
you
know,
I
I,
don't
know
if
it's
demoing
a
table,
maybe
even
something
conversations
to
tie
people
back
to
the
working
group,
but
considering
something
for
the
mwc
North
America
and
see
what
was
the
other
one.
B
B
B
I
think
we
should
set
a
time
and
start
marketing
the
session,
the
the
informal
session
it's
not
going
to
be
listed
so
we'll
need
to
tell
people
about
it
ahead
of
time
and
then,
of
course,
we
can
mention
it
during
Cloud
native
Telco
day
I,
don't
know
when
we
want
to
do
it.
I
can
try
to
find
a
see
if
I
can
find
a
room
or
anything
ahead
of
time,
but
it
could
be
just
a
hallway
find
a
table
or
something
that
we
stand
around
or
sit
at.
B
But
how
much
time
would
we
want?
Do
we
want
to
just
mate
for
a
be
available
for
more
like
a
office
hours
working
time,
or
do
we
want
to
set
something
more
like
a
working
session
like
Sig,
multi
or
I?
Guess
it's
a
working
group,
the
multi
interface
working
group,
or
if
they
did
that
at
that
kubecon
and
had
a
I
think
that
they
had
like
an
all-day
type
of
thing,
but
we
could
do
a
working
session
and
actually
you
know,
work
on
riding
at
practices
digging
into
a
topic
or
whatever.
A
No
besides,
brainstorming,
probably
just
having
some
backup
topics
to
discuss
other
few
things.
A
Just
in
case
that
there's
no
one
like
I,
don't
know
Icebreaker
or
something
like
that.
C
Much
yeah
I
think
for
the
the
working
session.
I
think
we'd
have
to
have
a
very
clear
scope
or
set
of
objectives,
I
think
from
so.
For
example,
when
I
was
involved
in
an
account
we
used
to
have
working
sessions
at
the
what
they
call
the
development
test,
forums
and
I.
Think
some
sessions
were
quite
open
and
let's
review
this
document
and
see
what
updates
we
should
make
and
they
they
sometimes
didn't
flow
very
well,
and
it
took
a
long
time
to
get
people
to
kind
of
get
involved.
C
Whereas
if,
if
you,
if
we
started
with
a
there's,
this
particular
section-
or
this
particular
best
practice
that
we
want
to
work
on
and
I,
think
it
kind
of
focuses
people's
minds
a
bit
and
I
I
think
it
got.
B
All
right
well,
do
you
have
any
I
think
that's
that
ties
in
with
this
have
topics
ahead
of
time.
B
All
right,
I'm
gonna,
do
it
like
this
possible
topics,
so
best
practice
drafts,
which
we
have
some,
but
we
could
create
them.
B
Choose
practices
ahead
of
time,
sand,
CF
glossary,
choose
Plastering
terms
ahead
of
time.
We
could
do
that
as
well
length
of
time.
B
B
B
B
C
I
think
two
hours
is
a
minimum,
don't
give
us
any
longer
than
that.
We
need
to
build
Brakes
in
obviously,
but
I
think
it
depends
on
how
much
top,
how
many
topics
where
you
want
to
cover
really.
B
Unless
we
decided,
we
didn't
want
anyone
to
bring
something
else,
I'd
be
willing
to
have
it,
maybe
even
like
four
hour
half
you
know
half
day
or
whatever,
and
then
we
could
call
it
like.
It's
almost
like
an
office
hours.
It
could
be
birds
of
feather
whatever.
B
You
know
hour
long
presentation,
but
it
was
all
ad
hoc,
but
that's
more
of
how
we
want
to
Market
this
if
we
say
that
we're
going
to
be
there
and
we're
open
to
people
putting
stuff
forward
fine,
but
we
can
have
topics
Chosen
and
then
get
going,
and
you
know
whoever
is
available,
but
have
it
more
of.
If
we
know
that
we
were
there
well
I
can
office
hours.
Then,
if
people
show
up,
you
know
come
in
and
they
want
to
talk
about
something,
then
we
can
start
digging
in.
B
B
And
by
that
I
mean
it
could
force
us
to
prepare
some
stuff,
that's
more
of
who
are
we?
What
are
we
doing
so?
We
had
already
talked
about
this
being
one
of
the
areas
that
would
be
nicer
to
send
people
to
to
get
started
on.
B
Might
be
able
to
even
have
it
like
as
a
this?
Is
me
thinking
through
it?
But
if
it
was
like
a
open
Office
hours,
we
can
do
a
working
session
on
the
working
group.
But
do
it
coincided
with
maybe
cncf
Telco
office
hours
or
something
like
that
and
have
there's
someone
that
one
of
the
folks
on
the
Certification
testing
team
that
does
a
lot
of
the
QA
and
talking
with
people
working
through
issues
is
interested
in
trying
to
help
as
more
more
of
like
a
workshop
type
of
thing.
B
B
Well,
that's
where
I
think
it
could
be
like
the
a
half
day
yeah
and
we
just
say
someone's
gonna
be
available
of
we
can
still
decide.
We
definitely
want
a
working
session
because
we
want
to
move
forward
on
the
glossary
you
know,
but
yeah
we
go
we're
going
to
do
an
hour
on
that
or
two
hours,
whatever
that's
fine,
but
we
could
say
for
half
a
day,
we're
gonna
have
someone
available
from
the
working
group
to
talk
and
someone
available
for
the
certification.
It's
just
like
here's
a
place.
B
We
don't
have
a
booth
specifically
or
anything,
but
I'm
I'm
sure
we
could
tell.
Even
if
we
did
something
like
this,
we
could
even
tell
probably
talk
with
like
the
cncf
main
booth
and
say
if
anyone's
asking
about
Telco
then
send
them
over
here,
yeah
I
guess
we
could
even
consider
this
is
all
this
is
consideration
a
whole
day
so
one
whole
day,
but
you
know
we'd
want
to
make
sure
someone's
there.
So
you
kind
of
treat
it
like
a
booth
but
an
area
where
we're
maybe
doing
like
working
session.
B
Someone
comes
up
and
they
go
hey.
I'm
interested
in
you
know
what
y'all
are
doing
in
these
groups
and
we
go
okay
well
right
now
we're
working
on
a
best
practice,
and
maybe
they
we
just
go
we're
going
to
be
doing
this
for
the
next
hour.
Do
you
want
to?
We
can
talk
while
we're
doing
it?
I
don't
know
something
like
that.
E
B
B
All
right,
I'm
thinking
not
on
top
of
a
day,
seems
like
the
logistics
of
anyone
trying
to
do
manage
it
and
do
both
or
whatever,
at
the
same
time,
I'm
not
on
the
culture
board,
but
it
seems
like
that
could
be
too
much
to
try
to
do
both
I
would
say
another
day
myself
was
anyone.
Disagree
tell
good
days
half
a
day,
I
mean
theoretically,
we
could
do
like
a
two-hour
session
or
something
or
a
half
day,
but.
B
C
B
C
B
Well,
I'm
gonna
jump
forward.
Does
anyone
have
anything
else
that
they
think
is
very
important
or
cannot
focus
on
the
pull
requests
and
other
items
that
we
have.
B
All
right,
if
you
have
a
topic
that
or
didn't
get
to
you,
can
write
it
in
as
to
talk
about
next
time
or
just
add
it
to
the
agenda.
Please
for
next
time,
don't
want
to
miss
anything,
but
so
I
just
want
to
talk
about.
Let's
see,
okay,
so
I
think
Yep.
This
only
says
one
full
request,
so
this
is
a
pull
request.
B
B
Someone
could
gain
access
to
the
container
and
then
try
to
gain
access
to
the
host
running
the
Pod.
It's
a
trying
to
restrict
the
access
when
you're
talking
about
bugs
and
stuff.
You
may
have
problems
in
the
container
that
just
inadvertently
cause
more
hist
problems.
B
Victor,
maybe
I
don't
I,
were
we
supposed
to
update
this?
This
might
have
been
from
the
non-root.
B
I
I
mean
I
think
it's
true
that
on
SC
Linux
by
default,
you're
not
going
to
be
running
privileged
containers,
but
I
think
that
would
be
a
different
statement
here.
So
that
needs
to
be
updated,
but
anyways
goals.
Here
non-goals
we
have
the
overall
proposal
so
when
you're
creating
a
pod,
set
the
privilege
flag
policy
to
false
a
little
bit
more
expansion
on
why
this
is
a
good
idea,
a
reference
link
directly
in
the
proposal
to
the
kubernetes
talks
about
that.
B
B
Best
practice
is
relevant
here
and
similar
caveats
about
pulling
in
Upstream
dependency,
so
Upstream
containers
your,
however
you're
pulling
them
in
like
Helm.
The
definitions
may
pull
in
an
image
that
ends
up
having
a
privileged
pod
definition.
So
that's
something
to
look
at
if
you're
doing,
Integrations
and
deployments
and
stuff
like
that,
and
it
could
be
examples
or
it
could
be
situations
where
you
do
want
a
pod
to
have
privileges
the
invoice,
sidecar
Cube
proxy,
for
example.
B
So
there
may
be
something
there
and
I
think
that
would
be
related
to
separation
of
concerns
applied
to
security.
It
ends
up
affecting
that.
So,
if
you're
splitting
that
out,
here's
where
we're
going
to
need
privileges,
then
it
means
you're,
you're,
entire
CNF
won't
be
privileged,
but
just
a
one
aspect
that
helps
with
debugging
and
isolation
and
other
things,
and
this
is
the
privileged
escalation.
B
So
if
you
have
a
non-privileged
container,
but
it
could
be
estimated,
you
may
not
even
intend
for
it
to
be
escalated,
but
if
there's
some
type
of
bug
or
something
there
may
be
a
way
for
the
container
to
try
to
escalate
its
privileges.
So
you
can
actually
deny
those
sort
of
things.
So
that's
a
related
item
to
look
at
we've
got
a
bunch
of
references
around
not
running
containers
with
privileged
flag
set
to
true
a
lot
of
different
places:
Cloud
providers
and
vendors
alike.
B
You
know
a
few
Alternatives
and
it
is
testable.
So
that's
an
important
thing
with
best
practices.
Is
this
something
we
can
actually
test
easily
and
feel
confident
that
it's
being
followed
or
not
followed?
And
this
one
is
testable
and
it's
actually
included
in
the
CNF
test
Suite.
So
we
know
it's
there
and
it
can
be
tested
in
other
ways,
all
right,
so
I
think
other
than
maybe
this
one.
It
seems
like
it's
ready
to
go.
B
Thanks
Tom
I,
don't
know
why
it
didn't
give
you
a
check
mark,
oh
no,
it
did
so.
We
need
a
few
more
check
marks.
B
B
C
If
you
I,
think
you
just
refresh
I'm,
not
sure,
if
you're
getting
it
or
not
should
have
gotten
it.
B
B
Well,
we're
at
time
I
guess.
The
last
thing
here
to
say
is:
there's
a
some
other
best
practice
proposal
issues
that
are
here.
If
you
take
a
look
at
these,
got
them
started
forgot
who
put
the
template
in
I,
think
Lucina
and
somebody
Victor
Tom
somebody,
but
it
was
appreciated
that
makes
it
nice
to
get
started.
B
So
some
of
these
practices-
we've
talked
about
in
the
past-
and
we
just
didn't-
have
issues
so
I
put
those
in
for
some
of
these
to
get
started
added
some
references,
some
initial
content
and
then
I
tried
to
create
I'm
hoping
I
did
it
for
each
of
them
but
create
a
Google
doc
and
share
that
I.
Think
it's
just
anyone
can
comment.
So
even
random
people
on
the
internet
they
had
suggest
edits.
B
I
think
is
how
it'll
come
across,
so
we
can
approve
or
delete
or
whatever,
but
we'll
see
how
that
goes
and
initial
summaries
there.
We
base
this
on
another
practice,
so
the
red
is
just
something
more
of
example,
and
we
can
delete
that,
but
it
has
some
initial
content
and
I've
done
that
for
each
of
them,
so
we
can
continue.
If
there's
any
of
these,
that
are
interesting,
then
just
jump
in
maybe
I
even
need
to.