►
From YouTube: CNCF CNF WG Meeting - 2021-09-27
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
All
right,
it's
five
after
we
ready
to
get
going.
A
A
I
don't
know
if
anybody
else
has
any
other
sessions
that
are
going
to
be
relevant
to
the
cnf
space
that
they
think
we
should
list
here
or
if
anybody
in
our
group
is
presenting,
but
please
feel
free
to
add
with
a
link
to
your
case
and
then
I
was
kind
of
hoping
that,
instead
of
slogging
through
pull
requests
today,
we
would
continue
the
discussion
from
last
week
around
use
cases
and
best
practices,
maybe
specifically
focusing
on
delivery
and
platform,
try
to
capture
some
notes
and
then
maybe
we
could
open
up
some
issues
or
discussions
after
this
and
then
start
getting
these
populated
in
the
repository.
C
A
I
did
an
initial
glance
at
this.
I
don't
think
there's
probably
anything
earth
shattering
probably
have
to
go
through
a
few
more
times
I
mean
I
looked
in
everything
small
grammatical,
so
I'm
good
to
approve
it
when
I
reviewed
it
this
morning,
they'll
probably
need
to
be
a
few
more
passes
over
it
too,
just
in
general,
but.
A
A
B
The
word
I
think
is
the
word
list
makes
it
feel
like
it
was
dictionary
or
something,
but
it's
it's
all
just
related
to
grammar
and
spelling
and
everything
else.
Lenting.
E
B
One
thing
that
could
happen
on
this:
one
would
be
relating
it
to
the
existing
use
cases.
It
doesn't
have
to
be
a
new
use
case.
B
So
in
that
that
one
section
is
really
the
only
place
that
was
left
in
this
use
cases
and
user
stories.
B
And
if
we
have
something
relating
it
to
the
existing
ones,
that
would
work
as
well.
B
B
A
I've
gone
through
this
one
a
few
times.
I
basically
just
need
to
re
view
now
that
most
of
the
comments
have
been
resolved
and
there's
still
a
couple
of
ian
isms
from
like
a
writing
style
standpoint.
I
think
that
we
might
want
to
tweak
a
tiny
bit,
but.
A
Okay,
well
I
mean
we
can
dive
into
this
one
taylor.
If
you
want
to,
let
us
do
it
or
we
could
kind
of
do
some
brainstorming
to
generate
some
issues,
slash
discussions
and
get
and
then
try
to
get
people
to
kind
of
work
asynchronously
on
generating
some
of
these
best
practices
and
use
cases
and
stuff.
A
Okay,
well,
then,
I
kind
of
just
want
to
redo
it
again
without
people
staring
at
my
screen.
While
I
share,
if
I
mean-
and
I
think
we
could
maybe
have
some
use
cases
that
pop
up
from
this.
But
if
we
talked
about
the
onboarding
and
life
cycle
management
use
cases,
I'd
be
curious,
around
best
practices,
people
think
of
delivery.
A
I
would
specifically
like
to
talk
about
air
gapped
installations
and
specifically
like
what
does
air
gap
in
general
mean
beyond
just
delivery,
but
also
like
you
know,
a
lot
of
third
parties
want
to
provide,
like
their
monitoring
platform
via
a
sas
model,
doesn't
necessarily
work.
Obviously,
if
there's
no
direct
access
to
the
internet-
or
you
know
thinking
outside
the
box
like
if
you're,
a
big
big,
you
know
customer
of
a
public
cloud,
you
have
things
like
a
direct
connector.
A
You
know
a
vpn
to
like
a
private
vpc
or
something
like
that.
Could
you
do
the
sas
offering
in
a
private
vpc
versus
a
vendor
vpc?
What
would
that
look
like?
Like?
I
don't
know
if
people
have
thoughts,
but
I
can
tell
you
that
I
have
to
go
through
and
constantly
figure
out
how
to
air
gap
a
lot
of
things,
and
so
I
don't
want
to
just
put
ci
cd
as
a
best
practice
I'd
rather
like
kind
of
talk
through
the
nuance
with
the
group
here
around
like
some
of
the
things.
A
I
know
that
I
do
and
that
others
I
talk
to
do
to
get
artifacts
checked
in
scanned
made
available
through
eternal
repositories.
You
know
figuring
out
the
right
balance
of
being
quick
enough,
but
safe
I'll
pause
there.
If
anybody
just
has
any
high
level
thoughts
before
I
just
start
putting
stuff
into
the
google
doc.
A
Thinking
that
a
lot
of
people
are
kind
of
hesitant
to
dive
into
git
and
like
99
of
all
activity
happens
on
these
monday
calls
so
I'd
kind
of
like
to
do
some
brainstorming
and
then,
like
a
few
of
us,
go
in
open
up
some
discussions
or
some
issues
in
the
notes
section.
A
Maybe
you
know
mark
things
as
like
good.
First,
you
know
attempts
or
whatever,
especially
once
we
get
past
kubecon
if
we're
lucky
and
we
you
know,
get
some
new
interested
parties
in
they
could
potentially
go
in
and
find
something
that
they
could
pick
up.
That's
you
know
seems
obtainable
to
them
and
put
in
a
pull
request.
B
Yeah,
it
makes
sense
to
me
the
I
have
questions
about
the
air
gap,
but
just
trying
to
see
what
we're
going
to
focus
on
if
we're
gonna
do
brainstorming,
it's
good
to
somewhat
have
some
rules
around
it,
the
idea
of
putting
being
able
to
put
forward
ideas
and
not
worry
about
critiquing
at
the
start,
and
then
we
can
come
back
through
after
we
have
a
essentially
a
dump.
So
whatever
people
want
to
look
at
so
someone
may
say:
ci
cd,
that's
fine,
and
then
you
say
well.
B
B
So
someone
has
an
idea-
and
you
think,
oh
what
about
this-
this
with
that
one
and
just
keep
adding.
A
A
What
developers
are
you
know
developing
what
challenges
they're
having
and
getting
their
software
out
to
customers
like
what
providers
are
doing
what
the
cncf
thinks
of
all
of
us,
crazies
trying
to
like
break
all
the
plumbing
inside
of
kubernetes
and
then
like.
I
said
I
think,
then,
if
we
go
in
and
also
pre-populate
some
stuff
and
get
it
might
be
easier
for
people
who
you
know
are
introverted
or
you
know
don't
have
the
confidence
in
the
subject
matter
to
just
like
completely
wing
it
on
their
own.
C
I
think
the
other
important
thing
to
cover
is
also
describing
the
problem
of
saying
right.
Like
I
mean
how
can
we
propose
something-
or
at
least
it's
something
that
I
feel
like
it
from
the
less
privileged
white
paper
like
having
very
clear,
which
is
a
problem
and
based
on
that
proposing
ideas
and
yes,
the
best
way
to
circle
those
things.
F
One
question
I
had,
and
I
think
the
least
privileged
one
demonstrates
it
is
what
about
the
things
we
can't
do
today
because,
as
an
example
with
least
privilege,
right
least
privilege
would
imply
that
you
can
you
don't
need
privileged
containers
with
any
level
of
privilege
for
doing
day-to-day
jobs
that
we're
going
to
need
to
do
for
nfv,
but
we've
already
discussed
that
there
are
places
where
you're
going
to
be
asked
for
capsis
net
and
cap
net
admin,
whichever
one
it
is,
and
we
don't
really
have
an
option.
F
A
Well,
we
can
dive
in
I'm
just
capturing
some
notes,
and
you
know
I'll
be
honest.
You
know
bill
and
taylor.
This
is
probably
some
place
too,
where
we
would
lean
on
you
guys
to
be
ambassadors
right.
I
mean
I
know
that
sometimes
we
have
unsensible
requests
that
the
upstream
community
is
just
going
to
balk
at
because
they
like
to
keep
things
simple.
They
like
the
way
that
kate's
works
now
so
us
coming
in
and
saying
we
want
to
fundamentally
change
things,
probably
not
going
to
go
that
far.
A
F
Is
to
have
a
good
reason
for
asking
in
the
first
place
right
to
say
there
is
truly
something
we
can't
do
because
coming
to
someone
saying
we
want
something
to
change
and
then
turning
around
saying.
But
you
know
I
don't
understand
why
that
would
be
necessary.
Why
you
can't
just
so
so
we
need
to
have
a
rationale,
particularly
since
it
you
know
we're
working
in
a
specialist
subject
and
it's
it
has
its
weird
requirements.
B
I
agree
with
what
you're
saying
and
I
think,
having
been
able
to
write
up
what
is
the
challenge
and
what
we've
looked
at
and
what's
available
within
the
ecosystem
and
that
we're
not
finding
any
anything
there
that
meets
the
challenge.
B
B
F
We
should
write
precisely
this
code
and
absolutely
not.
You
should
write
precisely
this
code
because
you
know
that
isn't
about
to
happen.
It's
open
source
because
we
write
what
we
need.
We
don't
just
expect
other
people
to
do
our
work
for
us.
So
it's
you
know
again
as
an
example.
Multiple
name
spaces,
there's
a
multi
solution
that
allows
you
to
get
a
certain
way
with
that.
F
But
you
know,
since
you
are
going
to
want
to
reprogram
a
namespace,
there's
only
so
much
that
so
far
that
gets
you
before
least
privilege
is
broken
and
it
becomes.
You
know
almost
impossible
after
that.
F
Anyway,
yeah
so
fine,
my
proposal
as
much
as
there
is
one
is
really
just
that
we
shouldn't
rule
out
possibilities
because
kubernetes
doesn't
do
it
today.
We
should
just
highlight
where
there
is
a
problem,
with
the
way
that
you
know
with
what
we're
asking
for
and
what
kubernetes
provides
that
looks
like
an
extension
is
required,
whether
that
extension
is
changing
code
that
exists
or
writing
an
entirely
new
plugin,
which
obviously
kubernetes
is
quite
happy
to.
Let
you
do
then
that's
a
solution,
specific
detail.
B
Jeffrey,
I
have
a
question
around.
I
guess
the
air
gap
stuff-
I
I
don't
think
you're
writing
other
things
in
there.
That's
fine
the
air
gap,
I'm
having
a
hard
time
thinking
about
the
relationship
of
air
gap
with
cloud
native.
B
It's
to
me
it
keeps
feeling
like
air
graft
is
another
feature
that
may
be
needed
by
some
users,
but
it
doesn't
seem
like
an
air
gap,
has
a
direct
relationship
with
being
cloud
native.
So
then,
I'm
wondering
is
there
a
way
to
do
cl
air
gap,
implement
air
gap
solutions
in
a
cloud
native
way?
I
guess
would
be
the
way
to
look
at
it,
but
I'm
wondering
what
you're
thinking
about
when
you
think
about
air
gap.
A
I
don't
know
it's.
I
think
you
ask
like
three
different
providers,
you'll
get
different
answers,
so
for
me
it's
an
iron-clad
requirement
from
my
folks
in
production,
right
like
we
do
not,
in
certain
environments,
allow
direct
internet
access
in
some
cases,
not
even
through
a
proxy
or
anything
else
right
for
safety
reasons
like
this
gets
into
all
right.
A
Let
me
think
of
how
I
want
to
like
phrase
this,
because
I've
got
a
lot
jumbled
in
my
mind,
so
a
I
don't
think
that,
like
whether
or
not
you
air
gap
something
or
don't
air
gap,
it
makes
it
cloud-native
or
not
cloud-native.
So
I
think
that
this
whole
concept
of
making
it
quote-unquote
cloud-native
via
air
gap
or
non-air-gapped,
doesn't
quite
click
in
my
brain.
A
Additionally,
you
could
argue
that
if
you
do
a
bunch
of
preceding
steps
right,
you've
minimized
the
risk,
and
maybe
you
don't
need
to
be
air
gapped,
assuming
that
you
know
exactly
what's
going
into
your
infrastructure
that
it's
versioned
correctly
that
it's
been
scanned
before
it
ever
sees
anything.
But
the
fact
of
the
matter
is
is
there's
been
lots
and
lots
of
stuff
hidden
underneath
the
covers
where
you'll
have
like
you
know,
repos,
you
know
that
are
listed
in
charts,
you'll
have
hidden
curl
commands
and
automation.
A
You'll
have
you
know
just
things
that
go
out
and
until
you've
actually
tried
to
go
and
install
something
in
a
world
where
there's
absolutely
no
internet
and
see
what
breaks?
There's,
probably
things
that
you
haven't
caught
and
this
like
opens
up
attack
vectors.
I've
seen
it
a
bunch,
both
in
my
time,
at
a
service
provider
and
on
the
vendor
side,
helping
lots
of
other
service
providers,
but
really
what
it
boils
down
to
is.
You
know
one
of
our
first
use
cases
was
cnf
onboarding
and
then
cnf
lifecycle
management.
A
One
of
the
biggest
challenges
you'll
have
is
getting
your
software
into
their
network
and
into
their
data
centers
and
into
their
private
vpcs
and
other
public
cloud
environments.
So
you
know
we
could
argue
that
it's
not
a
best
practice
to
do
air
gapped
installs.
Then
we
would
have
to
figure
out
like
what
we
say
to
service
providers
who
are
like.
Well,
then
I
guess
I
can't
do
cloud
native,
but,
like
I
said,
I
don't
think
that
being
air
gaps
makes
you
more
or
less
cloud
native.
B
It
seems
like
it
may
limit
your
choices
and
implementation.
If,
if
you
said
you
had
like
say,
distributed
pipelines
which
you
went
over
and
there's
a
use
case,.
A
A
I
think
I
could
still
pull
this
off
and
I'm
speaking
somewhat
from
first-hand
experience,
I
can
say
that
it's
insanely
insanely
challenging
to
get
the
initial
framework
in
place,
but
there
are
a
way
for
you
to
get
everything
you
need
into
your
own
repositories
to
watch
things
dynamically
upstream
and
then
ensure
that
stuff
is
safe
and
versioned,
based
on
the
versioning
that
you're
doing
within
your
infrastructure
and
if
you
look
at
books
use
case
right
around
the
life
cycle
management
piece.
A
You
know
it's,
in
my
opinion,
a
bad
practice
to
have
colon
latest
when
you
build
things
right
like
just
always
pull
the
latest.
You
need
to
be
able
to
like
roll
back
roll
forward.
You
need
to
be
able
to
do
root,
cause
analysis
based
on
the
current
version
that
you're
on,
and
I
I
do
think
that
there's
best
practices
that
make
it
so
that
you
can
do
air
gaps
while
not
necessarily
like
preventing
yourself
from
being
able
to
use
a
bunch
of
stuff
upstream.
F
All
right
so
to
pass
the
question
there
is
where's
the
break
right.
Does
it
need
to
be
between
your
ci
and
delivery,
or
does
it
need
to
be
between
your
ci
and
the
network?
You
know
you
pull
the
container
down.
You
feed
it
into
your
offline,
your
disconnected
ci
without
judgement.
I'm
not
saying
there's
a
right
answer
to
that.
That's
probably
a
it's
probably
an
opinion
thing.
A
A
Here
is
what
would
a
gate
look
like,
and
I
mean
probably
not
getting
down
into
granular
but,
like
let's
say
I
have
you
know
open
source,
repos,
vendor,
repos
etc,
like
what
does
the
first
gate
look
like
to
pull
in
their
artifacts,
like
what
initial
ci
am
I
doing
you
know?
How
does
that
roll
out?
What
is
the
this
is
once
again
getting
the
books
use
case
of
life
cycle
management
if
I've
got
different
dependencies
and
packages
changing
asynchronously?
A
How
am
I
like
orchestrating
all
that
chaos
and
ensuring
that
you
know
the
contracts
that
I've
made
with
various
entities,
whether
it's
at
the
platform
layer,
the
application
layer,
the
network
layer
are
being
maintained
like
I'm,
not
proposing
any
right
or
wrong
answers
here?
I'm
just
saying
you
know
we
keep
saying
like
what
are
the
challenges?
I
can
just
tell
you.
This
is
a
challenge
that
I
face
every
day
in
my
life
is
figuring
out.
This.
F
Yeah,
well
me
too,
I
mean
trying
to
make
sure
that
bill
comes
out
with
the
same
result,
every
time
when
there's
always
the
temptation
of
any
developer,
to
go
and
pull
a
random
package
from
a
random
source
on
the
internet.
F
Supply
chain
attacks
like
that
are
very,
very
easy
to
end
up
with,
if
you're,
not
careful,
which
isn't
quite
the
same
as
offline
install,
but
it's
there
for
very
similar
reasons,
but
that's
a
thing
where
I
wonder
whether
we
could
find
the
best
practice
document
of
someone
else's
and
refer
to
it.
You
know
not
say
we're
subject
to
our
own
supply
chain,
attack
someone
who
changes
the
source
document,
but
you
you
know
so
that
a
ci's
conclusion
should
not
change
just
because
it's
a
wednesday
effectively.
B
Jeffrey,
it
seems
like
we
could
go
down.
Two
different
paths
with
this.
One
is
how
to
best
practices
on
and
ways
of
deploying
into
an
air
gap,
environment
supporting
air
gap,
and
the
other
would
be
looking
at.
B
What
are
the
challenges
on
why
air
gap
was
even
needed
in
the
first
place
and
on
that
side,
there's
probably
best
practices
and
alternatives
to
solve
the
problems
that
air
gap
is
there
to
solve
with
regards
to
security,
and
that
could
open
a
whole
nother
area
for
us
to
write
up
the
use
cases
and
best
practices
doesn't
mean
everyone
then
doesn't
use
it
immediately
or
anything.
But
it's
I'm
mainly
just
saying
a
different
area
to
explore.
B
And
it
sounds
like
you
have
a
lot
of
insight
on
why
it's
there
is
that
something
that
you'd
be
willing
to
work
on.
A
Sure
I
mean
so
the
first
one
is:
you
know,
security
right,
specifically
minimizing
a
major
attack
vector
and
once
this
isn't
going
to
be
cnf
specific,
but
we
can
talk.
You
know,
at
least
at
like
high
levels
is
obviously
there's
the
notion
of.
If
I'm
exposed
to
the
internet,
then
that
means
that
the
internet
can
attack
me
so
now,
in
addition
to
the
inside
insider
threat,
you
have,
you
know
legitimate,
like
vulnerabilities
to
the
outside
world,
but
once
again
inverting.
A
That
argument
is,
if
you
are
air
gapped
it
province,
a
certain
level
of
insider
threat.
I
mean
you're
still
going
to
have
to
worry
about
east
west.
You
know
type
attacks,
horizontal
issues
but
like
let's
say,
let's
look
at
the
target
breach
that
was
in
kubernetes
right.
They
had
a
bunch
of
kubernetes
clusters.
I
don't.
A
This
is
public
right,
I'm
not
going
to
get
in
trouble
for
talking
on
this
recording
about
a
case
study.
I
read
in
my
because
I
mentioned:
let's
scratch
out
the
the
company's
name
anyways.
There
was
an
issue
where
they
pulled
down
a
helm.
Chart
the
helm
chart
had
certain
things
in
it
that
you
know
spun
up
certain
services
and
exposed
certain
ports,
because
these
were
these
clusters
did
have.
You
know
internet-facing
interfaces
they
you
know
eventually
got
caught
up
in
a
scan.
A
A
malicious
entity
like
knew
that
there
was
this
now
back
door
to
go
in
and
they
went
in
and
you
know
wreaked
havoc.
So
then,
once
again
like,
if
you
don't
need
to
provide
a
public
service,
you
know,
should
you
be
exposing
it
to
the
internet
at
all,
and
I
would
argue
that
the
majority
of
the
time
you
exposed
to
the
internet
has
nothing
to
do
with
like
speed
velocity
agility.
It
has
everything
to
do
with
convenience.
It
takes
a
lot
of
work
to
get.
A
You
know
your
distributed
pipelines
in
place
to
manage
your
artifacts
correctly
and
it's
just
kind
of
a
pain
right
like
if
you're
just
building
stuff
and
like
the
development
phase,
you
don't
necessarily
want
to
have
to
first
pull
in
artifacts
to
a
private
repository.
You
know
get
them
checked
scanned,
but
there's
a
big
difference
between
you
know.
Building
on
your
laptop
and
building
in
your
actual
lab
dev
environment,
right,
like
what
amount
of
risk
are
you
willing
to
expose,
so
I
mean
that's
one
thing:
the
security
in.
B
Specifically
exposure
to
the
internet,
so
it
sounds
like
if,
for
that,
one
being
able
to
open
ports
publicly
and
other
things,
the
first
level
would
be
a
proxy
server
and
you
can't
open
anything
directly.
You
have
to
use
a
proxy,
you
can
do
pull
only
maybe
no
push
or
anything
else.
No,
no,
a
capability
to
open
ports.
A
Acknowledgement
that
there
are
remediations
and
stuff,
but
once
again
anytime-
and
this
is
why
I
think
security
was
kind
of
a
tricky
one.
To
start
with,
everything
in
the
security
world
right
is
around
like
risk
analysis.
Risk
mitigation,
like
you
know,
it
just
depends
like
what
level
of
risk
is
your
ciso
willing
to
take?
If
they
are
super
super
risk
adverse,
they
might
not
be
willing
to
do
any
of
this
and
then,
like.
A
I
said
this
once
again
now
gets
into
the
least
privileged
conversation
pretty
interesting
how
this
stuff
ties
together
right
is
like
if
I
come
in
with
a
privileged
container
that
says,
hey,
mr
proxy,
I'm
allowed
to
do
this.
You
know
what
happens
if
I
pull
in
a
malicious
image
that
then,
as
long
as
it
can
phone
home
to
the
internet,
bad
things
happen
to
you
so,
but
I
mean
I
do
think,
though
everything
you
just
said,
taylor
is
great.
A
A
Sometimes
we
have
regulation,
so
then
it
depends
on
what
country
we're
in
and
like
what
restrictions
they've
put
on
you
from
a
networking
perspective
like
there
could
be
some
type
of
legal
restriction
that
prevents
you
right
so
like
if
the
nsa,
for
instance,
came
in
and
started
hanging
out
with
us
with
the
department
of
air
force,
which
is
doing
all
kinds
of
cool
things
with
containers,
they
will
not,
ever
in
a
million
years,
allow
you
to
pull
straight
from
the
internet
into
any
of
their
private
data.
Centers
right.
F
There
yeah,
I
think
we
have
to
remember
that
security
like
test
is
an
endless
task
right,
nothing
can
be
proven.
Secure
lots
of
things
can
be
proven
insecure,
nothing
can
be
proven
working,
but
you
can
prove
something
doesn't
work.
So
the
the
question
is
always
what
mitigations
have
you
got?
What
are
they
mitigating
and
what's
the
likelihood
that
somebody's
going
to
do
them?
F
You're,
arguing
that
disconnecting
your
actual
active
running
network
of
software
disconnecting
its
management
side
from
the
internet,
so
that
it's
not
randomly
communicating
as,
for
instance,
an
iot
device
in
your
house
might
do,
and
you
don't
know
what
it's
sharing
you
don't
know
that
it's
not
just
pulling
down
random
software
to
run
is
a
very
strong
mitigation
for
any
attack
on
the
management
side
of
the
network.
It's
not
perfect
proof
right,
there's,
always
malicious
actors
possible
in
your
company,
but
on
the
other
hand
it
is
a
strong
mitigation
for
a
lot
of
attack,
vectors.
A
Yeah,
that's
100,
correct
and
once
again
I'm
I'm
just
presenting
a
challenge.
I
have
to
work
in
an
air-gapped
world,
I'm
not
saying
that
that
is
a
best
practice
or
that
everybody
should
air
gap.
You
know
it's
just
a
reality
that
some
of
us
face
so,
like
you
know,
there's
original
question
of
like
well.
What
does
that
mean
for
a
distributed
pipeline?
So
I'm.
B
Just
kind
of
like
can
we
keep
adding
I'd
like
to
keep
adding
any
of
these
reasons
behind
it?
Yeah.
A
Another
thing
is
consistency
and
resilience,
consistency
and
resiliency
right.
A
So,
like
one
thing
too,
about
using
private
repos
and
not
allowing
things
to
go
upstream
to
repositories
that
you
don't
control,
is
you
get
to
ensure
exactly
what
packages
are
available
in
your
environments,
right
so
like
if
I-
and
this
gets
really
important
when
we
start
talking
about
like
networking
equipment
right
is,
you
know,
typically
they're,
very,
very
big,
complex
pieces
of
software
right
that
have
tons
and
tons
of
features
like
you
look
at
like
a
router
like
all
the
things
that
it
can
do
if
it's
like
you
know,
a
high-performing
high-end
router
from
one
of
the
major
vendors
and
typically,
there
is
like
a
certification
process
right
like
that.
A
Something
like
the
way
that
you
know
bgp
entries
are
added
or
withdrawn
from
your
routing
table
things
like
that,
like
sometimes
they
tweak
it
because
the
rfcs
don't
just
explicitly
say
this
is
how
you
will
write
your
code.
It
says
this
is
the
behavior
that
you
should
like
present
and
then
it's
kind
of
on
the
developers
to
achieve
that
so
like
once
again
like
if
you
have
a
version
that
you've
like
run
through
all
of
your
tests
and
eventually
long
term
yes
distributed
pipelines
should
hopefully
mitigate
this.
A
But,
like
you
know,
I've
got
four
major
vendors
that
I'm
you
know
doing.
Bgp
peering
across
or
you
know,
I'm
as
a
major
service
provider
in
a
pop
and
I'm
peering
with
one
of
my
other
major
service
providers
like,
and
we
have
an
agreement
that
I'm
on
this
version
of
you
know.
I
don't
know
cincinnati.
A
I
asr
code
right.
How
do
I
ensure
that
it's
always
on
the
package
that
I
want?
Well,
I
control
what
packages
are
available
and
once
again
not
saying
this
is
right
or
wrong.
It's
just
a
means
of
mitigating
risk.
A
It's
a
means
of
ensuring
consistency
and
where
it
becomes
important
right
is,
if
you
have
thousands
of
routers
or
thousands
of
cnfs
right,
it's
pretty
easy
to
make
sure
everything's
on
the
same
page,
when
you're
operating
in
the
tens
and
even
the
low
hundreds
once
you're,
starting
to
scale
big,
big,
big
things
to
the
thousands
and
like
that
kind
of
stuff,
then
you
know
ensuring
consistency
through
control
mechanisms
is
important
and
then,
like
I
said,
you
know,
here's
another
bullet
here
is
policy
as
a
means
of
building
trust.
A
You
could
potentially
tackle
this
a
different
way
than
air
gaps
right.
You
could
do
it
so,
where
you
write
policy
that
enforces
things
so
I'm
not
once
again
trying
to
prescribe
any
type
of
implementation.
I'm
just
talking
about
some
of
the
things
I
get
and
one
of
the
things
is.
You
know.
If
I
control
the
packages,
then
I
kind
of
you
know
have
a
little
bit
more
control
of
my
destiny
and
I
have
a
very
like
high
level
of
confidence.
What
has
or
hasn't
been
deployed
in
my
environments.
A
F
It's
there
are
a
couple
of
things
there.
I
don't
think
there's
any.
Firstly,
policy
is
fine
and
good,
but
it's
easy
to
have
policy
mistakes
as
well.
It
doesn't
solve
any
particular
problem,
completely
cutting
things
something
off
from
potentially
contacting
unsupervised
sources
of
whatever
variety
is
a
hundred
percent
certain,
whereas
policy
is
not
because
again
there
could
be
mistakes,
but
there
are
yeah.
F
I
mean
it's
the
reason,
so
I
was
having
a
conversation
last
week
with
somebody
about
trusting
software
and
one
of
the
things
funny
you
should
mention
asrs,
because
it
does
this
right.
Asrs
won't
run
software
that
hasn't
been
signed
by
cisco.
They
can
recognize
it.
We
have
a,
I
think,
it's
a
shared
key
arrangement,
but
honestly
I
don't
know
the
the
point
is
that
in
order
to
ensure
that
this
thing
is
running
exactly
what
it's
supposed
to
be
running,
which
is
better
for
all
concerned,
you
know
both
us
and
the
operator.
F
We
make
sure
it
will
only
run
things
that
we
intend
it
to
run
and
that's
why
I
stuck
the
next
line
in
there,
which
is
effectively
saying
how
do
we
have
end
to
end
chain
of
trust,
end-to-end,
a
guarantee
that
what
you
are
trying
to
run
is
exactly
what
your
cnf
author
intended
you
to
run.
It
isn't
the
same
solution
right,
because
that
software
could
then
try
and
reach
out
the
internet
and
pull
extra
pieces
of
code.
So
you
can't
prove
it.
F
It's
not
proof
alone
that
you're
getting
what
you're
looking
for,
but
it's
another
form
of
proof.
That
says
I
am
running
the
thing
that
I
intended
to
run
and
also
the
thing
that
I
run
through
ci
and
so
on
and
so
forth.
I'm
not
just
running
something
that
bob
in
you
know
in
whatever
department
decided.
I
would
run
today
because
he
hacked
it
around
a
bit
and
he
thinks
it's
cool.
F
It
has
stronger
mitigation
features
for
some
purposes
because
it
actually
stops
internal
actors
from
changing
your
software
as
well,
as
you
know,
pulling
the
wrong
thing
off
of
the
internet.
So
that's
another
one
that
serves
a
similar
kind
of
purpose.
F
I
mean
what
we're
ultimately
getting
to.
Is
you
run
what
you
intended
to
run
right?
That's
the
use
case
in
its
in
the
shortest
form.
It's
true
for
it's
partly
true
for
air
gapping
that
you
can't
go.
You
can't
have
software
randomly
fetching
further
instructions
from
the
internet.
It's
certainly
true
for
end-to-end
chain
of
trust.
The
other
thing
about
cutting
something
off
the
internet
is
independently.
It
cuts
off
an
attack,
vector
and
people
like
that,
as
well
for
obvious
reasons,
but
those
are
the
two
purposes.
E
F
A
Well,
it's
I'm
going
to
shut
up
after
this,
because
I
kind
of
want
some
other
opinions.
Let's
see
if
anybody
else
has
dealt
but
you're
right
it.
I
mean
that
this
is
a
solution
and
in
some
cases,
depending
on
like
what
the
the
compliance
or
regulations
are,
it
might
be
a
forced
solution.
So
then
you
know
what
are
the
challenges
for
like
how
do
you
like
mitigate
this
like
and
I
mean
like?
A
I
said
there
are
best
practices
where,
like
hey,
maybe
like
in
certain
like
in
your
dev
environment,
where
it's
like
you
know,
the
east-west
type
attacks
are
minimized
and
you're
willing
to
like
risk
it,
and
you
know
the
splash
domain
would
be
minimal.
You
put
the
proxy
in
there.
I
don't
know,
there's
a
million
things
right,
but
I'm
just
kind
of
curious
to
you
know
alexis
victor
others.
E
Yes,
definitely
as
soon
as
we
hit
production,
a
lot
of
the
applications,
we're
deploying
are
a
gap,
meaning
they
don't
have
any
internet
connectivity.
The
way
I've
seen
this
being
solved
is
really
to
you
know.
You
mentioned
the
ci
cd.
E
I'm
going
to
talk
about
a
solution,
not
necessarily
explaining
the
problem.
We
had
the
problem.
The
reason
for
the
no
connectivity
in
prod
for
these
applications
was
solely
because
you
know
security
purposes,
so
mainly
the
the
main
bullet
point
here,
the
first
one
and
and
and
the
way
to
work
on
it
was
basically
to
have
a
registry
in
a
production,
environment
and
a
registry.
B
E
The
only
you
know
bridge,
I
would
say
between
the
two-
was
the
fact
that
we
could
push
to
that
product
registry
from
that
you
know
pre-prod
registry
and
so
just
push
the
artifact
that
we
would
have
vetted
as
part
of
all
the
testing
and
all
the
the
build
done
prior
and
and
as
for
the
network.
So
of
course,
some
of
the
practices
in
this
application
is
don't
have
any
curl
in
them.
E
If
you
need
to
pull
things
well,
we
would
overwrite
all
the
information
to
point
to
to
the
registry
that
we
own
that
registry
wouldn't
be
a
proxy
registry,
wouldn't
proxy
anything.
It
would
be
fed
with
the
artifact
that
we
would
care
about,
and
and
and
that's
what
I've
seen
from
for
an
application
standpoint
now,
while
we're
talking
was
thinking
about
network
function
applications.
A
A
A
lot
of
vendors
have
moved
to
like
smart
licensing
servers
and
I've
seen
different
ways
of
handling
in
an
air
gap
world,
but,
like
you
know
the
default
behavior
that
a
lot
would
like
is
your
phone
home
and
you
know
hand
a
token,
a
key
or
whatever
say
I'm
licensed.
I've
got
this
functionality,
yada
yada
and
suddenly
we
say,
but
we're
going
to
stick
this
in
an
air
gapped
environment
until
like
ian's
point,
what
we're
really
saying
is
that
the
management
plan
is
going
to
be
completely
cut
off
from
the
internet.
B
E
No,
I
agree
and
that
phone
home
is
a
great
example.
I've
lived
through
it.
The
solution
that
was
provided
to
us
at
the
time
was
a
self-hosted,
basically
phone
home
server,
so
the
network
element
would
phone
home
to
something
that
is
internal
and
that
internal
piece
would
go
out
of
the
internet
to
register
to
the
vendor
provided
license
solution.
E
But
I'm
not
being
very
practical
here
I
mean
it's
just
the
tactical
answers
to
some
of
the
points
you
had.
I
my
point
was
I
I
don't
have
much
to
comment
on
the
air
gap
specifically
approach.
I
understand
the
concerns
that
it's
trying
to
address
and
we
do
see
actually
a
lot
of
customers
that
is
looking
into
our
gap
for,
for
the
run,
for
instance,
deploying
ram
applications
closer
to
the
edge,
but
I
don't
I'm
not
armed
with
enough
material
right
now
to
provide
any
insightful.
F
E
E
The
use
case
that
I
believe
that
lms
requires
to
be.
You
know
providing
a
license
exactly
what
you
said,
jeff,
and
so
we
had
a
capability
in
the
software
that
we've
chosen
for
it,
that
has
a
self-hosted
call
home
server
and
and
that
one
with
proxy,
basically
all
the
licensing,
but
that's
specific
to
the
license
again.
F
Unlived
experience
actually
just
one
question
there
was
that
a
thing
where,
at
the
late
in
the
late
in
the
day,
you
went
to
your
vendor
and
they
sort
of
turned
a
bit
pale
when
you
explained
that
their
licensing
system
was
a
problem
and
they
needed
to
rethink
it.
Or
was
it
well
thought
out
from
the
beginning.
E
A
Okay,
my
experience
has
been
everything
from
like
they're
like
hey.
This
is
a
really
great
idea
to
you
know.
Absolutely
not
you
know,
and
I
can
tell
you
like
we
talk
about
what
challenges
did
we
have
in
the
vnf
slash
in
a
v
space?
I
can
tell
you
this
is
one
I've
run
out
of
licenses
and
I'm
in
an
air
gap
world,
so
I
can't
just
like
suddenly
like
spin
them
up
on
demand,
I
have
to
go
through
like
some
cumbersome
manual
po
process
and
like
virtual
firewalls.
A
Don't
do
me
a
whole
lot
of
good
if
I
can't
just
spin
them
up
on
demand
like
at
that
point,
I
have
a
virtual
firewall
that
from
an
operations
and
supply
chain
standpoint
basically
deploys
the
exact
same
way
that
a
physical
firewall
does.
So
you
know
and
we've
used
some
methods
like,
and
this
is
what
I'm
actually
hoping
for
right
is.
A
F
A
long
conversation
on
how
that
gets
into
some
difficulties,
I
mean
I'm
not
saying
they're
not
insoluble,
but
please
bear
in
mind.
The
most
important
thing
you
could
do
right
now
is
write
down
why
that
works
better
than
the
other
solutions
you've
worked
with,
because
you
know
again
that's
a
solution.
The
problem
statement
is
critical.
E
E
Yeah
no,
but
what
I
wanted
to
add
was
another
example
that
I've
lived
through,
where
we
had
to
be
creative,
basically,
a
ucp
solution
that
we're
selling
to
enterprises,
and
we
were
also
selling,
of
course,
a
vnf
that
you
could
put
on
that
vcp.
So
the
customer
could
order
a
firewall
or
other
type
of
vnf
that
we
would
pre
integrate
upper
in
the
chain
to
manage
licenses.
For
these
elements
we
we
came
up
with
you
know.
E
Inventory
so
we
would,
we
would
get
you
know,
pool
of
licenses
and
as
soon
as
we
do
an
institution
we
get
a
license
from
it.
Market
has
used
consume,
but
but
again,
that's
there's
a
lot
of
work
at
hand,
and
it's
not
answering
all
of
the
points
that
you
raised
here,
but
it's
another
example
where
it's
completely
air-gapped,
because
it's
human
that
fill
in
the
inventory
of
the
license
are
available
to
have
that
license.
Pool
and
the
orchestration
would
just
whenever
spin
up
a
vnf
in
that
ucp.
A
E
E
B
Artifactory
harbor
there's
a
bunch
right
and
you
can
there's
some
that
combine
multiple
things
and
then
there's
others
that
split
it
up.
So
so
we'd
want
something
like
artifact
scanning.
E
And
so
that's
part
of
the
ci
cd
right.
So
before
you
push
things
in
that
artifactory
or
that
nexus
or
whatever
is
the
technology,
then
your
pipeline
would
but
that's
part
more
of
the
development
pipeline.
Whenever
you're
you're
producing
your
your
artifacts
so
yeah,
you
would
artifact
scan
the
artifact
or
scan
the
result,
images
for
vernal
ability
and-
and
in
that
scan
you
could.
You
know
we
talked
about
policy
at
some
point,
but
you
could
inject
policies
to
check.
E
F
Well,
it
does
work,
it
just
doesn't
work
to
the
internet.
You
know
there
are
reasons
why
you
might
want
curl.
I
mean
it's
a
perfectly
reasonable
policy.
If
that's
the
one
you
choose,
but
I
mean
it's
got
its
uses
in
different
sort
of
ways.
You
you'd
be
hard
pushed
to
find
something
that
didn't
have
http
client
code
in
it
somewhere,
but
you
what
you're
looking
for
is
that
it
has
no
means
to
attempt
an
internet
connection.
A
Correct
like
basically
and
I
under
since
we're
getting
into
this-
and
I
mean
some
of
this
like
artifact
scanning-
I
don't
know
if
that
would
go
in
package
management
or
in
you
know,
best
practices
for
gates,
but
once
again
this
is
the
type
of
stuff
you
have
to
figure
out
right
like
if
you
get
a
bunch
of
helm,
charts
or
a
knit
containers
that
do
have
curls
inside
of
them
and
they're
pointing
to
repos,
even
like
your
kate's
platform
right
like
if
it
thinks
you
can
just
go
straight
upstream,
to
pull
a
new
version
of
cubelet.
A
You
have
to
go
in
and
basically
make
sure
that
everything
has
been
cleaned
up
and
is
pointing
to
these
private
repositories.
And
then
you
know
you
have
to
have
some
type
of
other
automation
that
is
watching
the
upstream
repositories
and
pulling
those
in
and
making
them
available.
I
mean
it's.
F
F
I
think,
actually
it's
not
doable
you're
trying
to
prove
a
negative.
Is
this
ever
going
to
go
to
the
internet
to
do
something?
Well,
I
can
check
that
for
every
circumstance
I've
tested
it
isn't
doing
that,
but
I
can't
tell
you
that
it's
never
going
to
try
doing
that
because
I
haven't
found
every
particular
way
of
you
know
poking
it.
So
you
know
if
you're
proving
a
negative,
you
can't.
A
I'm
not
trying
to
prove
anything.
I'm
saying
that
I
can
set
up
things
to
where
I
pull
in
dependencies
to
a
private
repository
and
then,
as
I'm
going
through.
All
of
my
testing
and
validation,
I'm
ensuring
that
everything
that
I
do
points
to
the
private
repository
will
I
catch
everything?
No,
but
then
it'll
break
and
I'll
go
in
and
say:
oh
this
broke
because
it
was
trying
to
like
curl
to
this
url
that
is
out
on
the
internet
like
yeah,
I'm
not
trying
to
prove
or
disprove
anything.
A
I'm
just
saying
like
you
can
do
this
and
I
have
to
see
how
much
I'm
allowed
to
share
what
we're
doing
internally,
because
I
don't
want
to
get
myself
in
trouble
but
but
like
there
are
ways
to
do
this,
and
you
could
argue
that
doing
it.
Air
gapped
in
the
beginning
was
not
the
right
solution
to
start
with
and
we
could
have
those
talks.
A
But
but
I'm
just
saying
like
what
is
a
best
practice
for
smart
licensing
in
an
air
gap
world,
because
that's
just
a
reality
that
a
lot
of
us
service
providers
have
to
live
with,
and
so
I'm
hoping
smarter
people
than
me
can
help
me
in
this
group
propose
some
of
these
ways
to
like
overcome
these
challenges.
B
A
B
A
best
practice
would
be
splitting
the
dependency
ref
not
having
any.
I
guess
it's
like
a
full
reference
where
it
hard
codes
dependency
should
not
have
the
repository
hard
coded
with
the
artifact
so
that
you
can
save
the
artifacts
to
your
own
private
registry.
Do
scanning
separate
from
the
image
version.
F
B
So
that
so
that
could
be
maybe
a
best
practice
like
they.
I
don't
know
how
often
it
is,
but
there
may
be
helm,
charts
out
there.
I've
definitely
seen
it
in
other
code
that
reference
the
entire
repository
as
the
url
and
I'm
using
url
in
general.
It
may
not
be
http,
but
they
designate
the
entire
thing.
B
B
A
Taylor,
those
are
those
in
the
notes,
because
those
are
key
points
I
want
to
talk
on
later
is
like
additional
stuff
like
when
you
reference
an
entire
repository.
If
you
pull
all
of
helm,
you
get
things
like
bitcoin
mining,
charts
and
things
like
that.
So
there's
a
lot
to
unpack
and
it's
also
more
reasons
why
we
air
gap,
but
I'm
now
a
couple
minutes
late
to
my
next
call.
So
I
will
chat
with
you
all
on
slack
and
next
week.