►
From YouTube: CNCF CNF WG Meeting - 2022-12-12
Description
Don’t miss out! Join us at our upcoming event: KubeCon + CloudNativeCon Europe in Amsterdam, The Netherlands from April 17-21, 2023. Learn more at https://kubecon.io The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects.
A
B
A
Good
morning,
we'll
wait
until
about
five
after
to
get
started,
you
can
add,
if
you
can
add
your
name
and
any
agenda
items
to
the
meeting
notes,
be
appreciated.
A
C
C
Let
me
post
it
in
the
chat,
the
doctor,
because
it's
talking
about
multiple
interfaces,
you've
seen
cni
plugins
or
my.
B
A
All
right,
Victor,
who
welcome,
is
this
your
first
time
on
the
call
Victor
second
Victor
lift
you're.
Actually,
the
first.
B
A
It
right
so
this
is
one
of
cncs
talk,
I'm
initiatives,
Cloud
native
Network
function,
working
group
and.
A
Our
Focus
I
guess
the
past
year
has
been
on
around
best
practices
and
related
context
for
Telecom
use
cases.
So
this
is
telecom
applications.
Workloads
is
really
what
we've
been
primarily
looking
at,
but
that
does
extend
into
other
things
like
when
you're
looking
at
multi-interface
stuff,
like
this
Nomad.
That
was
just
put
forward
that
it'll
start
looking
at
what
could
be
referred
to
as
a
platform,
some
in
the
kubernetes
Community
think
of
kubernetes
just
as
a
a
framework,
so
you
could
think
of
it
as
applications
that
go
from
Hardware.
A
All
the
way
up
and
larger
platforms
could
be
thought
of
as
just
a
lot
of
applications
that
coordinate
and
work
together,
but
we've
primarily
been
working
on
the
best
practices,
use
cases
and
discussing
things
around
the
workload
so
from
Telecom
workload,
standpoint
and
then
working
back
from
there
there's
some
other
initiatives,
probably
the
biggest
one.
If
you
haven't
heard
about
it,
would
be
the
CNF
certification
from
cncf,
which
is
taking
test
from
another
initiative,
called
CNF
test
Suite
that
are
checking
on
application.
A
Behavior
and
attributes
work
workload
attributes
and
it
looks
at
some
that
we
think
are
essential
like
different
different
attributes,
that
we
think
every
everything
should
follow
and
then
some
would
be
more
of
like
bonuses
and
good
behavior
or
maybe
indicators
that
you're
looking
at
practices.
A
So
that's
the
main
area,
then
there's
I
think
the
intention
that
we
have
and
I
think
a
lot
of
the
folks
already
are
doing
it
on
their
own
is
to
collaborate
with
other
groups.
So
looking
at
stuff
within
Linux
Foundation,
like
aniket
project
and
then
Nephi
nephio,
which
is
focused
on
automation,
of
workload
deployments
and
the
management
of
them
to
some
extent
and
other
orgs
outside,
like
Silva
and
other
things.
So
quick
little
overview
for
you.
Do
you
have
any
questions
or
yeah.
B
.Com
is
always
something
Cutting,
Edge
and
yeah.
It's
interesting,
yeah
I'm
interested
I.
Guess
too.
A
Sounds
good,
okay,
we'll
just
jump
in
this.
Is
we
have
a
pretty
open
discussions?
Anything
could
be
added
to
the
agenda.
If
you
think
of
anything
or
have
colleagues
or
Associates
would
like
to
jump
on
and
talk
about
stuff,
then
please
invite
them
I!
Think
as
we're
moving
towards
the
holiday
season
for
a
lot
of
people,
it's
probably
going
to
be
a
little
light.
A
So
speaking
of
that
we're
not
going
to
have
meetings
on
the
26th
or
the
2nd
of
January
and
I
think
the
next
one
is
the
19th
and
Victor
Morales.
You
may
be
out
that
time,
so
I
think
co-leads
on
this
call
by
the
way
or
myself
Tom
kevlin
from
Vodafone
and
Victor
Morales
from
Samsung,
so
Victor.
C
I
would
prefer
not
to
have
it,
but
it's
not
necessary.
Let's
have
it
but
I,
don't
know
I
plan
to
take
start.
My
vacation
that
I
on.
A
That
day,
you'll
already
be
out.
That's
that's
fine.
I
think
I'm
gonna
be
in
for
at
least
a
few
days
that
week
so.
A
Well,
maybe
maybe
we
shouldn't
have
it
let's
see,
Oliver
are
you
gonna
be
out.
A
E
A
Not
sure
Lucinda
do
you
know
about
this?
One
is
that
the
Telecom
TV
I
think
that's
still
from
TV
actually,
so
that
would
be
at
least
partially
virtual,
if
not
okay,
fully
virtual
all
right.
Well,
let's
just
kind
of
notice
on
that,
keep
coming
to
you
and
they
submissions
for
that
are
already
passed.
A
Cloud
native
Telco
day,
just
hoping
to
have
the
that
open
already
definitely
want
to
get
things
open
for
that,
so
in
January.
Now
that
we're
towards
the
end
of
the
year
I
think
it's
there's
no
reason
to
try
to
force
it
in
December,
but
I'll
try
to
get
that
open.
We
do
need
sponsors
which
will
help
with
what
what
it
will
actually
be.
Can
we
do
virtual
or
not
well
need
to
get
sponsors
for
that.
A
There's
one
from
o
and
S,
which
will
be
in
October.
Oh
that's,
20,
21.,
I'm
kind
of
surprised
that.
A
There's
one
called
I
think
it's
like
connected
America
been
evil
heard
of
that
one.
C
A
A
It
seems
like
it's
there's
a
lot
of
like
government
Telecom
rural,
it's
gonna
be
big
city.
I
saw
some
like
Detroit
city
of
Detroit
other
large
cities,
so
it
seems
like
there's
going
to
be.
A
C
Well,
I
found
a
article
because
someone
was
asking
or
was
having
some
issues
to
connect
Nomad
with
with
Calico.
So
from
my
understanding.
Nomad
is
like
a
another
proposal
to
schedule,
containers
and
things
like
that.
I
haven't
played
around
with
Nomad,
but
it's
like
the
solution
that
hashicor
is
proposing
to
the
schedule.
Workloads
such
as
containers
and
what
I
was
surprised
about.
This
is
like
they
have.
They
seems
like
we
already
supporting
this
multi-interface
feature
that
we
have
in
stimulus
in
kubernetes
yeah.
C
Basically,
I
just
I
was
just
wondering
to
to
know
the
use
cases
and
why
they
decide
to
to
be
honest.
I
haven't
read
all
these
things
about
this
article,
but
I
found
quite
interesting
like
why
these
is
implementing
this
teacher.
C
C
And
they
have
to,
they
have
done
multiple
tests
to
prove
but
supports
a
huge
number
of
workloads,
but
I'm
using
our
glass
would
bring
things
like
that.
So
in
terms
of
performance
seems
like
supporting
more
but
yeah
I'm,
not
sure
like.
If
someone
is
considered
like
normal
for
hotel
closer
like
a
particular
use
case,.
C
E
A
All
right
so,
let's
see
so
what
do
we
have
here?
Going
back.
A
A
At
some
point,
it's
our
container
management
or
some.
However,
you
want
to
call
it.
It's
there's.
Definitely
some
overlap
with
what
kubernetes
doing
and
they're
saying
the
way
that
they're
working
there's
other
ways
of
tying
and
networking
directly
with,
if
you're,
using
docker,
there's
other
paths
but
instead
they're
using
the
cni
interface
so
they're.
It's
kind
of
interesting
that
they're
doing
this,
which
was
a
kubernetes
approach,
approach
yeah,
so
so
that
I
do
with
kubernetes
is
build
a
framework
with
that's
extensible
and
there
can.
That
was
pretty
early
on.
A
Organically
turned
into
interfaces
with
standard
definitions
and
stuff
on
how
to
work
through
them,
but
it
was
built
on
compatibility
of
working
software,
so
that's
kind
of
where
cni
and
storage
interface
and
all
the
other
different
pieces
for
plugging
in
different
options
like
this
came
from.
And
but
it's
generic
enough.
That.
D
A
I
guess
it
can
work
Standalone,
this
I
presume
they're,
probably
not
running
Hublot
and
stuff
they're,
probably
running
you
know
either
something
directly
built
off
of
doctor
Doctrine
extended
or
something
else
that
the
hashicorp
is
built
on
their
own
and
they've
made
it
compatible
with
that
interface.
I.
Think
that's
pretty
good
demonstration
of
how
kubernetes
has
made
itself
very
pluggable
down
to
core
pieces
than
cni
is
very
close
to
the
core
of
everything
on
kubernetes
and
the
fact
that
you're
able
to
take
it
and
use
it
somewhere
else.
A
Anyways
this
could
be
interesting
to
share
with
the
multi
interface
Sig
or
working
group.
I
can't
remember
what
it
was
multi-interface
over
in
kubernetes
and
then
also
the
the
folks
that
are
working
on
the
multis,
no
I'm,
sorry,
not
maltes.
The
Intel
CPU
policy
manager,
which
is
moving
towards
I,
think
essentially
the
same
thing
as
cni
for
plugins,
so
that
the
folks
that
are
working
on
that
or
there's
open
caps,
enhancement
proposals
and
kubernetes
for
around
policy
management,
plugins
and
stuff
to
make
it
general
purpose
to
where
we
can
have
other
options.
A
C
Well,
the
way
that
I
found
it
was
this
one
I
mean
yeah
to
one
West
seems
like
he
was
trying
to
interviews
Calico
with
a
nomad
and
he's
in
that
trouble.
He
was
referring
to
be
referencing
to
this
other
article
so
and
he
was
asking
help
on
on
the
cni
channel
after
any
big
Islands.
E
C
Yeah
I
mean
it's
an
interesting
topic,
especially
because
he's
really
with
a
multiple
Network
and-
and
it
seems
like
it-
is
not
the
only
one
who
are
facing
with
that
particular
use
case,
and
he
wants
to.
C
He
is
other
Alternatives,
so
I
just
want
to
particularly
like
the
use
case,
like
that
use
case
is
related
with
something
similar.
What
we
have
in
this
class
or
like
is
something
a
bit
different.
C
A
A
So
that
seems
like
they're,
oh
okay,
so
there's
specifically
a
wire
guard
device,
a
virtual
device
and
then
they're
wanting
to
connect
between
the
two
and
run
traffic.
A
All
right,
yeah,
thanks
Messina,
whoever
dropped
these,
so
they
on
the
Intel
CP
policy
management.
This
is
the
plugin
was
released
and
there's
a
cap
I
think
there's
a
whole
set
of
caps,
and
this
is
one
of
them
and
then
there's
going
to
be
a
discussion
about
updates
to
cubelet
that'll
be
related
to
this.
A
A
They're
wanting
feedback
on
the
caps
and
the
discussion.
So
if
you
have
time
or
have
anybody,
that's
interested
and
CPU
memory
policies,
all
that
sort
of
thing
are
going
to
be
related
to
what's
happening
with
cubelet,
making
it
pluggable
for
different
options
that
could
go
in
including
what
Intel
has
and
and
then
what
should
be
native
that'll
tie
right
into
what's
available
for
the
pods
and
everything
all
right.
Let's
see
best
practice,
just
kind
of
mentioning
this
to
everybody
else.
A
You
can
read
down
and
look
at
what
we
talked
about
before,
but
looking
at
ideas
for
best
practices
and
related
content
that
we
could
write
about
and
add
and
discussions
docs
and
hopefully
end
up
with
some
more
published
best
practices
and
there's
a
whole
set
of
them.
There's
a
large
dock
about
applying
lease
privileges,
I
think
it's
linked
out
of
the
discussion.
A
You
can
go
check
out
that
for
a
lot
of
content
here
and
then
even
more
once
you
get
over
in
a
Google
doc
for
that
so
security,
best
practices,
there's
a
set
of
tests
and
the
CNS
certification
from
essential
tests.
There's
15
normal
bonus
test.
Here's
the
essential
set
this
whole
document
lists
all
of
them.
The
test
Suite
has
more
than
this,
so
this
is
in
1o
beta
what
it
was
showing,
but
there's
a
lot
more
in
the
test
suite
and
there's
now
one
One
beta,
but
these
are
some
possible
ones.
A
So
we're
looking
at
some
of
these.
These
are
the
test
names
but
SC
Linux
options.
If
you're
using
SE
Linux,
there's
some
flags
that
will
make
your
containers
less
secure.
So
turning
those
off
single
process
type
talking
about
the
practice
which
is
older
than
kubernetes
for
trying
to
split
up
applications
into
your
microservices
have
the
microservices.
This
would
be
a
microservice
related
practice
and
have
your
microservices
running
a
single
type
of
process.
A
It
may
have
like
sub,
if
you're
familiar
with
the
processes
and
how
they
work
in
Unix,
so
sub
processes
or
children
processes
would
be
of
the
same
type.
So
you
may
have
multiple
processes,
but
they
would
be
of
the
same
type.
So
if
you're
familiar
with
like
mill
servers,
one
of
them
came
out
from
IBM
is
called
postfix.
Another
is
qmail
which
post-6
was
based
off
of
postfix
broke
up
the
different
processes
for
handling
mail
as
a
large
like
mail
server,
so
think
IBM,
size,
company
handling,
email
and
you
break
them
all
up.
A
So
if
any
different
ones
have
problems
bugs
security
issues,
then
you've
isolated,
where
the
problems
are
and
recovery
and
stuff
can
be
handled
separately,
scaling.
Anything
else,
there's
a
lot
of
different
parts
that
affect
that
yep.
So
here's
a
whole
set
non-root
containers,
and
that
would
be
one
where
we
already
have
published.
So
your
processes
shouldn't
be
running
under
the
root
or
uid
0
or
the
privileged
user.
A
Privileged
containers
is
about
pods
actually
running
with
the
privileged
flag,
so
these
are
some
of
them
that
we
could
look
at
doing
and
we've
listed
some
of
those
the
environmental
sustainability
working
group
is
another
area
where
we've
talked
about
collaboration
and
potentially
having
some
best
practices.
A
They've
released
a
sustainability
document
that
outlines
user
stories,
use
cases
they're
going
to
be
putting
out
some
continuing
from
this
with
other
documentation
or
best
practices,
as
well,
so
working
with
them
and
looking
at
practices
that
we
may
want
to
relate
to
specific
Telecom
use
cases
and
then
write
up.
The
best
practices
could
be
another
area
and.
A
This
is
one
Victor
put
forward
in
our
discussion,
so
a
CNF
shouldn't
depend
on
a
specific
kernel
version
on
a
host.
A
There's
projects
like
this
node
feature
Discovery
and
some
people
are
using
it
to
look
and
see
what
is
the
specific,
more
details
about
a
host
and
it's
I.
Guess
it's
okay,
if
CNF
takes
advantage
of
the
additional
information
requiring
it
to
function
like
not,
it
won't
work
at
all
is
really
what
we're
talking
about.
D
A
A
So
this
is
referencing
that
the
Readiness
checks
at
kubernetes
has
for
any
pod
coming
up.
Ideally,
those
are
being
used
to
help
communicate,
useful
information
from
CNS
to
each
other
and
to
the
kubernetes
orchestration
declarative
configuration
on
on
the
configuration
side
to
being
declarative
for
all
CNS.
So
there
is
a
test
around
checking
for
statically
configured
Network
addresses,
so
that
could
be
one
I'm
sure,
there's
a
lot
that
we
could
look
at
for
configuration
side,
the
life
cycle
of
CNS.
A
I
have
some
stuff
here:
operators
patterns.
We
could
look
into
some
of
that.
A
It
looks
like
Tom,
you
may
have
put
something
in
here.
Do
you
want
to
talk
to
that
real,
quick
and
then
yeah.
D
So
when
I
mentioned
about
the
CNF
life
cycle
stuff,
it
was
we've.
We've
done
a
bit
of
work
internally
about
just
mapping
out
how
we
like
how
we'd
like
to
see
cnfsp
managed.
D
So
you
know
quite
a
lot
of
that
details,
probably
a
bit
too
much
for
a
best
practice,
but
I
think
we
could.
We
could
maybe
tweak
the
wording,
so
it's
less
an
SEO,
specific
and
more
kind
of
generic,
so
that
kind
of
any
orchestrator
can
perhaps
meet
the
best
practice.
D
D
A
From
the
like
use,
cases
and
user
story,
stuff
I
think
it
would
be
good
to
provide
more
context
or
more
details
and
reference
material
at
a
minimum
about
the
different
things
out
there
that
are
related,
and
then
we
can
narrow
down
as
we
come
to
best
practices.
A
A
A
E
A
Removing
Hardware
support
I,
don't
think.
There's
any
tests
yet
does
work
around
Hardware
support
would
roll
into
other
areas
compatibility
configuration
the
compatibility
got
merged
into
one
called
insulation.
A
A
width
and
social
update,
called
compatibility,
installability
and
upgradability
scaling
was
also
merged
into
those
and
then
configuration
life
cycles
just
renamed
a
configuration.
Some
of
the
life
cycle
pieces
were
put
into
different
areas.
Resilience
is
renamed,
reliability,
resilience
and
availability,
and
the
no
change
to
Security
State
microservice
observability
I'll
bring
up
the
actual
diff
here.
A
So
this
is
what
it
would
look
like.
There
would
be
start
with
this
compatibility
and
solubility
upgradability,
which
is
a
mix
of
this,
mainly
the
first
two,
but
you
could
think
this
could
this
would
tie
in
with
a
lot
of
the
life
cycle
as
well.
You
know
the
day,
Zero
onboarding
of
CNF,
which
includes
both.
What's
the
compatibility
with.
A
The
environment
and
platform
that
a
CNF
is
going
to
be
running
on
there
and
in
as
well
as
compatibility
with
other
cnfs.
So
a
lot
of
what's
looked
at
previously
was
how
does
the
CNF
work
when
you
onboard
it
in
isolation
versus
how
are
you
going
to
bring
it
in
and
have
it
be
interoperable
with
multiple
cnfs,
including
across
multiple
vendors,
so
that's
kind
of
what
that's
covering
as
well
as
upgradability
and
I.
Think
compatibility
comes
back
into
this.
How
are
you
dealing
with
the
ongoing
maintenance?
A
Have
those
CNS
upgrades
to
those
and
then,
if
they're
running
in
a
workload
with
multiple
vendor
CNS
and
how
are
they
working
together,
so
I
think
all
of
that
kind
of
ties
in
configuration
ends
up
covering
across
a
lot
of
different
pieces
because
we're
talking
when
we're
looking
at
the
configuration,
you
can
look
at
we're
really
saying
that
as
CNF
should
CNS
deployment
implementation
management,
it's
all
declarative
that
can
get
into
API
as
well.
So
that
kind
of
ties
in
a
little
bit
with
compatibility.
A
But
how
do
you
communicate
and
talk
to
and
configure
it
so
declarative,
apis
declarative
configuration
we're
talking
about
whether
you
know
whatever
it
may
be,
Helm
or
anything
else
for
the
deployment
for
upgrades
for
the
management
of
multiple
CNS,
it's
going
to
cover
a
lot
of
areas
and
the
whole
life
of
Cena
microservices
didn't
change
other
than
this.
Maybe
it's
number
here.
A
A
A
A
A
A
Oliver,
thank
you.
Can
you
add
a
plus
one
on
the
into
the
door
thanks.
A
A
All
right
next,
one
which
should
be
related,
we'll
see
if
it
actually
merges
now
it's
not
going
to
merge.
We
need
to
I,
don't
know
if,
if
you
noticed,
whenever
I
was
in
there,
but.
A
The
some
of
the
best
practices
that
are
listed
or
maybe
all
of
them
they
were
just
oh
they're,
gone
okay,
so
what
we
had
before
emerged
was
some
examples
of
best
practices
that
don't
actually
exist,
so
we
want
to
start
adding
them.
So
luciness
created
a
pull
request
to
add
the
best
practice
to
Sender
security.
C
A
And
I
don't
know
if
I
can
resolve
conflicts,
it
probably
has
to
do
with
the.
D
A
All
right
thanks
Tom
thanks
Victor
and
Oliver
Victor
l,
you
can
add
yours
I,
think
we
have
enough.
The
three
of
us
approve
on
this
one
added
in
it's
been
published,
so
we're
not
really
saying
do
we
like
it,
I'm
gonna,
add
it,
but
anyone
that
wants
to
do
a
plus
one
appreciate
it.
So
it's
in
the
comment.
A
All
right,
let's
see
what
is
this
one.
A
I've
committed
that
one
cool
I'm
gonna
hit
it
again
here
so
thumbs
up
what
what
this
is
for
everyone
else.
This
is
communicating
a
little
bit
more
clearly.
What
are
we
doing?
A
Primary
goal
for
the
group
is
to
provide
a
set
of
cloud
native
and
kubernetes
best
practices
for
Network
applications
and
then
actually
give
a
link.
This
is
right
in
the
readme
as
the
idea
so
that
when
anyone
comes
and
they
go,
what
are
we
doing?
They
say.
Oh,
it
looks
like
you're
doing
best
practices.
Where
are
they
trying
to
find
the
best
practices
has
been
a
little
difficult.
You
can
go
over
this
folder
and,
if
you
look
all
around
then
eventually
you'll
find
it.
A
C
It's
just
Yeah,
you
sort
of
like
using
the
heightened
gymnastics.
A
The
out
there
all
right,
it's
fine
here,
the
marked
down
Relentless
person,
linting
person,
that's
right,
all
right,
I'm,
good!
It's
merged,
I'm
gonna,
go
ahead
and
squash
and
merge.
A
A
If
you're
telling
anyone
about
the
working
group,
I
can
say,
Here's,
Where,
We,
Are
I've,
already
think
that
maybe
this
paragraph
and
this
paragraph
need
to
be
updated
and
there's
a
little
redundancy.
But
at
least
you
can
see
pretty
quickly
that
here's,
the
best
practices
I
think
that'll
get
people
over.
They
can
come
here
and
we
can
start
getting
stuff
published
with
first
and
then
the
security
one
and
ideally
we'll
get
some
more
in
place.
A
A
Thanks
everyone
and
have
a
good
week,
I
will
be
on
the
call
on
the
19th
for
anyone
that
shows
up,
and
then
the
next
one
will
be
in
the
new
year
in
January,
not
the
second,
so
the
week
after
the
second.