►
From YouTube: CNCF CNF WG Meeting - 2022-04-04
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
B
B
A
B
A
B
B
Let's
see
I
don't
yep,
we
don't
have
jeffrey
on
the
call.
So
I'm
going
to
wait
on
air
gap,
he
said
last
call
he
was
going
to
work
on
it
ian.
Should
I
open
the
compliance
I
want
to
talk
about
that.
Did
you
have
time
to.
B
Maybe
let
brian,
I
think
this
might
be
your
first
time
on
this
call.
Is
that
correct.
D
B
So
you
take
a
look
if
you
feel
like
it
on
the
notes.
We
actually
have
these
recordings.
B
B
Most
of
the
content,
if
it's
not
in
the
meeting
notes,
is
going
to
be
in
the
github
itself
and
the
areas
are
going
to
be
use
cases
and
user
stories.
There's
a
lot
of
context.
There
we're
trying
to
put
best
practices
they're
going
under
here
and
there's
also
a
forum
discussion
forum,
where
you
can
see
a
lot
of
different
topics
here,
where
there's
things
going
on
and
when
new
content
is
coming
in,
we'll
get
a
pull
request
and
we
will
discuss
the
different
comments.
B
And,
let's
see
so
the
jeffrey
salin's,
he
was
at
charter
communications,
he's
now
at
dell,
so
he's
putting
in
something
about
air
gap,
environments
context
for
what
that
is
about
ian's,
been
working
on
one
for
recording
your
compliance
to
the
best
practices.
So,
if
you're
not
following
it,
maybe
there's
a
security
best
practice
and
you're
saying
there's
a
application
or
component
that,
for
some
reason,
can't
follow
a
best
practice
like
not
running
as
root
or
having
privileges
disabled.
B
You
want
to
make
sure
that
it's
recorded
and
communicated
so
that
the
ones
consuming
and
using
the
application
and
service
providers
like
vodafone,
where
you
are,
will
know
and
can
handle
that.
So
that's
the
idea
around
that
practice
and
you
can
feel
free
to
come
read
and
look
at
the
comments.
Go
look
at
the
different
content
in
here
about
the
best
practice
itself.
B
Let's
see
so
another
one
here
and
we
may
not
have
been
on
this
call,
so
I'm
not
sure
if
it's
been
handled.
This
is
a
best
practice
around.
B
B
B
Practices
I'm
going
to
go
back
here
for
a
second
but
yeah,
I'm
only
seeing
one.
So
I
don't
think
this
best
practice
is
one
to
that.
We
can
do
much
about
right
now
if
ben
hasn't
made
the
updates,
but
eventually
we'll
have
something
like.
Let's
do
this
one
no
root,
so
we
have
motivation
the
goals
of
the
best
practice,
so
this
one's
about
not
running
processes
is
rate
to
run
them
as
non-root
user
non-privileged
users
go
over
the
proposal
why
this
is
a
good
idea,
have
some
type
of
context.
B
User
stories
use
cases
that
relate
it.
This
actually
goes
to
a
whole
set
of
user
stories
supply
chain
attacks,
which
you
might
be
interested
in
since
you're
doing
security
over
medicine.
We
talked
about
different
issues
and
how
having
not
not
allowing
root
users
can
get
positive
for
those
and
then
problems
or
caveats
that
you
could
see.
B
C
Not
nothing
specific
taylor,
I
think
one
of
the
things
is
just
I
know
we
have
use
cases
and
we
have
some
user
stories
around
for
the
stateful
cnfs,
not
exactly
sure.
C
I'm
not
sure
if
we,
you
know
how
we
kick
off
some
of
the
the
best
practice
work.
So,
for
example,
you
know,
based
on
any
of
the
user
stories
and
use
cases
that
you
know
that
may
have
been
submitted.
C
B
Yeah,
if,
if
you
have
some
idea
of
one
or
two
or
whatever,
that
you
have
a
good
grasp
on
this
would
be
you
think,
it'd
be
a
good
one.
I
would
just
start
writing
it
up
and,
however,
that's
most
comfortable.
B
B
Putting
in
his
draft
would
just
be
more
communicating
actually
putting
in
his
graph
will
not
allow
it
to
be
merged,
so
you
want
to
make
sure,
but
where
to
get
started
would
be
what
you
think
you
can
talk
about,
that
you
feel
like
you,
have
enough
information
and
then,
wherever
you
would
want
to
work
on
it
as
far
as
in
here,
if
you
look
at
what
ben
did,
these
are
more
of
the
high
level.
This
is
more
in
my
mind,
the
proposal
and
summary
section
of
the
best
practice,
which
is
fine.
It's
a
good
start.
B
Now
we
need
to
fill
in
other
pieces
that
we
think
are
necessary
before
we
move
forward.
You
could
start
like
that
or
you
could
go
with
I'm
in
the
wrong
area.
Let
me
go
back.
You
could
always
copy
like
this,
not
no
rooting,
containers
and
then
start
filling
in
each
of
the
pieces,
and
I
believe
ian
said
last
time,
we'll
probably
want
to
make
some
adjustments
on
what's
required
before
we're
going
to
let
it
through.
B
We
don't
think
everything
in
here
now
is
as
relevant,
but
it's
I
I'd
say
if
I
was
going
to
point
it
out.
The
summary
and
motivation
goals
are
important.
Non-Goals,
usually,
but
you'd
probably
be
intuitive
on
whether
that's
important.
The
proposal,
of
course,
would
be
important
and
then
the
context.
Well,
you
already
have
the
user
stories,
so
we
have
those
in
there.
We
could
just
put
links
to
existing
user
stories,
so
I
think
you're
good
to
go
there.
B
Trade-Offs
and
constraints-
probably
important
but
doesn't
have
to
start-
could
be
empty.
I
think
references
are
very
important
when
we're
talking
about
these,
but
it
doesn't
have
to
be
as
extensive
this
one
we've
even
added
to
this
particular
one
I
think
a
month
or
six
weeks
ago,
so
we
keep
adding
to
it,
which
is
totally
fine.
B
C
B
And
you
may
be
interested
in
this
brian
yeah
definitely
so
exceptions.
So
this
this
one
isn't
really
specific
to
least
privilege.
I
think
we
were
just
putting
notes
in
here
ian
and
I,
but
we
probably
it's
applicable
anywhere
best
practice
right
up,
but
if
I
scroll
down,
why
do
we
want
least
privilege
so
there's
this
whole
content
about?
Why
that's
important
and
then
where
it
could
potentially
affect
some
examples
and
other
things,
and
then
we
actually
start
talking
about
behavior
and
stuff.
Eventually.
B
B
So
there's
a
whole
set
of
things
in
here
that
you
may
be
interested
in.
We
have
stuff
in
the
just
the
discussion
forum,
which
I
was
mentioning.
A
D
Yeah
definitely
I
mean
this
is
it's
kind
of
heating
up
in
vodafone
as
it
is
one
of
the
the
objectives
is
trying
to
work
out
how
we
align
our
own
internal
organizational
model
as
well.