Add a meeting Rate this page

A

I grabbed at least the very basic agenda and kind of plop it in there. So I think you can hear cool.

B

Thank you very much so getting started. Let's just imagine the bashing, so does anyone have anything to add to the agenda that is not currently on there.

C

Well, I sort of it's watching I sort of took a freedom to add the basic use case, so that's there feel free to cross it out. There is no time I.

B

I think we'll have time. The agenda seems a little shorter than last week, so I think we should should be able to get to it. Also I I think Prem should be coming back as soon as well. At once, Prem comes back, then he'd be a really great person for for you to get to know since he's doing a lot of the use case. Documents as well, so just just for your information I know.

C

I've been away, I got distracted for a few months, but I've been here before so I've looked at the prime stock already few times and I have lots of questions but I'm a bit I'm a simple guy, so I'm, starting with a basic one. Thanks cool.

B

Ok, so starting off for those of you who are going to be in Vancouver on August 28th for the opens for the for the open source summit, so the opens our summit runs from Wednesday to Friday, but the Monday and Tuesday before they're running workshops and on the Tuesday. There is a cloud native network function seminar and we highly encourage anyone who's attending the open source summit. If you're able to get to the network functions seminar to to sign up, and so the way that you sign up is when you are registering for the summit.

B

It'll ask you what additional workshops you'd like to attend and I believe: there's no cost for attending the cloud native network function. Seminar. There is a cost for some of the ones on Monday, but the Tuesday cloud native Network, one is should not have, should not have any cost to it and that's in the afternoon who's.

C

Running it can I ask if there is some more detail posted anywhere.

B

There is information if you click on the schedule. Yeah.

D

In.

B

The that's that's in the meeting notes. You'll see that it's you get some of the information on it, I believe it's ran by two two people, so one of them is Arpit who runs the the Linux Foundation Network group, so basically like their umbrella organization. That has like seven projects and he's he's the person at the top and also another guy named Dan cone.

B

Who is the executive director for the cognitive compute relation, so so very, very good people to get to to get to know, and definitely people who have a lot of sway in the kubernetes and cloud native and and networking communities. So.

C

So sorry I've got another another question because I quickly read: what's there is anybody from from this crowd attending anybody yeah.

A

I'll be doing.

E

Is not going to be a presenting kind of space, it's going to be a seminar with the audience. So in some sense, you know to be in the audience is to be part of the. What is going on they're, not just ok,.

C

That's actually what I, what they meant, and so you know being active, proactive loud occupying our space whatever. If you are out there I'm sure other side will be.

C

So because the topics is clearly very interesting and projects are too so, do we expect, apart from this crowd here, don't expect a lot of folks with you know the CNF dear to their hearts, talking about the actual real problems and and and ways they approaching this, this problems, I, don't.

E

Know what.

C

Do we believe that it is a war file place to be in I.

B

Suspect it'll it'll be a mixed group, so like we're, we're not we're not the only group who's participating in it, and so the fact that both are paid and Dan are both driving it and so for a start, the the I be very so I'd be very surprised if there weren't, if there was not a large presence from the from the kubernetes network, a sick group, and you also have under that under that umbrella.

B

You also have the cross cloud, see I, you have a own app Fido opendaylight, so I mean some pretty huge projects that are represented under under their fold. That deals specifically with with networking. Okay.

F

And.

B

So so I'd expect her to be a pretty diverse, diverse group. Their.

E

Experience frankly, it's actually.

E

This year, at all, okay.

C

Okay, thank you. Thank you, and here.

B

I thought you were going for my talk.

B

So.

B

Okay, so there was an actual item as well. That was that was assigned to you at about asking to make question about something or an invited to Signet working. So.

E

I I managed to do a different action item. That's later in the agenda, I've not actually got something else to him. Currently, I should get that done, but I did ask about sort of where we should go in formal structures within kubernetes and that's a little further down to me.

E

Okay, next time, the.

B

Yeah that that's further down the agenda so we'll definitely get to that. Okay. So next question is: do we want to cancel next week's meeting, since it is the fourth of July holiday in the United States? So for for reference? The fourth of July is on the Wednesday. Our meeting is is on the Friday American time, so.

B

What does anyone have any opinions towards whether we should cancel or not well,.

A

This.

A

Hyper Sinhalese around next Friday, so I want I, won't be attending. The call didn't happen, but I was just curious if a fair number of people weren't around and you might want to consider it.

E

Was all I think most things are canceling next week, just because of the bizarre placement of the holiday in the u.s. yeah.

B

Yeah and I also want to be careful not to feel like people are pressured to show up to the meeting, just because we're holding one as well. Yes,.

A

So I.

G

I'll be working next Friday, but for what it's worth so, if there's a meeting I'll attend it. If there isn't well, then I won't.

C

Give Americans a bit of the slack: they don't have that much of their you know holidays. So.

G

I am I'm one of those mattress, but nevertheless, I would be available. Next Friday Tom.

A

I think you're proving his point.

A

Thank you so.

B

What's a holiday.

C

Ask Webster guys guys you're filling the gap in the dictionary.

B

You're talking about the days when the days when the when previous jobs, when my boss got sick and didn't call meetings, okay, yeah I got it.

B

Yeah I think I.

B

I would I personally would be more comfortable, I personally be more comfortable canceling it just so that people don't feel forced to to come, who want to are going to take long weekends.

B

So, but what do you? What do you think that, should we should we cancel it, or should we you soon? We leave it on I.

E

Okay,.

B

Well, let's, let's, let's call it cancel the only problem that we're gonna have with canceling. It is that the person who can cancel it is on vacation right now.

A

Yeah.

B

I'll reach out because I'm is the one who who owns that calendar event and so I'll send a message to him but yeah. Well, that's a good idea. Let's it's thicker than the agenda as well, just just in case and.

H

We've got 15 people who have heard the news firsthand. So that's pretty good yeah.

B

So I mean if you want to show up, feel free to and you can have a conversation but yeah they're their own, be an official agenda.

B

Okay. So this was pretty exciting. So there's some discussion about becoming a kubernetes working group and it has all the details, so I'll I'll yield to him.

E

What do you think for mold thing for us to become system? Should we be a signet working sub project? Should we be a working group and so we've this question to the Signet working meeting yesterday and it was pretty forceful that he felt that we should be a state that he's working group which I'm completely fine with, and he talked me through a little bit of the sort of where do we go? What do we do? You know? How do we mesh with how that all that stuff is written kind of thing and so on?

E

My to-do list is to sort of get a PR going where we could that we could basically submit in order to get that wheel, rolling I'll, probably end up reaching out to folks on the network. Networking everything is that every service mesh mailing list just to give you guys a pointer to it. So you can comment and we can sort of get it converged a bit, but but that's actually very good news. So you becoming a formal working group.

B

Yeah one of one of the questions- that's that and I had spoken about really early on, was about I. What a what is a the best way to engage the the community and being a part of a group like kubernetes or CNC, F or so on.

B

We can see. I only only helps to drive people towards looking at the project and contributing and so and also the more people that we gave that we get and we get more use cases.

B

We better understand the problems work out where our holes are, and so this so there's more structure that would get put on we'd have to work in with with their release schedules and and pass information up about what we're doing on a regular basis and try to probably relax us a bit for us because of how new it is, but give them a roadmap and they ask for up to a year. But where will we be in the air? That's a pretty open question at this point and.

E

So is there's a bunch of stuff, they say there. That's listed that they're. Looking for in terms of questions, we should ask ourselves, but we look at the actual approved group proposals. For example, they are much simpler than at least when I initially imagined from reading.

E

One thing I do want to be careful about: is us making our lives unnecessarily difficult, so I'm drawing a lot of inspiration from other successful working group proposals.

B

So, oh yeah, so a little bit of overhead, but but overall I think it should be a good move.

B

Sir, they may any questions or concerns or comments.

A

For Jason that down I think it's gonna be pretty exciting to the project.

B

Alright so question for those who've involved: we need to start adding our images to docker hub and to start getting things start getting them automatically built and published. So would anyone like to volunteer to be that person.

D

Needs to pull the image from somewhere, so right now, I'm, just using some fake image, which is already there in darker it'll, be good to have I saw. There was a PR merge for the minute container, so it will be good to have all those images so that we can.

F

You know to use the unit image you don't have to have it on the docker hub because it gets built during recess I, so it's stored in local local storage. You just need to refer to it. That's it I mean it should as convenient, but it's workable solution.

E

I.

B

Don't think we're publishing anything to darker hubby, yet maybe I could be wrong about that.

B

Yeah I think the point to two docker hub should be or there's there's a couple. Other repositories as well, but I I, think picking one deploying it should be should be a good thing and if I recall, there's a there is I believe there's a legato username and that we could.

E

Have the option.

B

To.

E

But I do actually have that. You know this is why my brain was saying: I thought we were doing that and it was because I I wouldn't got the place to put things, but apparently do the work to actually put things there. Yeah.

B

There's a so docker hub will you can enable a trigger that will read a docker file and will I will build it, and so that's probably the mechanism that we that we should use.

D

Containing images one is more innocent, another one is for the inner container and the third one is for the mutations which disappear so.

D

That's also.

E

Okay,.

B

So I'm gonna stick that on is um and actually I Adam ed you're, probably the only one present that has access to it. So.

E

Possibility, yes, certainly could be true. It depends on how much presence of mind I had and win in terms of adding other folks. So.

B

Okay, well, my username is the same as my IRC name. So if you want some assistance with that, I can I can do that as well.

B

Okay, so there's a request for adding a make file for creating images and and binaries.

B

I personally, my my request: does anyone have any comments about Mike files.

A

Did we I think we recall this a few months ago when we started this, we I believe we decided not a make file, though I cannot recall why yeah.

E

I think part of weight. The weight started was that when we started out a make file, which just ridiculous amounts of overhead for a very simple thing right and then we transition to using doctor files to build things, and it made a lot more sense to have the build, be docker oriented.

E

You know, and so I'm not I.

E

Effectively moved a lot of what you would do and make into docker and so I think part of the question of like how much complexity do we think we we put it on a file that we don't currently put our the docker files and/or. What a very simple make file make things somewhat easier for some folks now.

B

We do have a set of script script files, so you run X scripts and there's a there's, a build and so on. They can be ran that will they will initiate at all. What option do we have, though, is a make file, is probably more discoverable like pretty much every custom or every major tool, with the exception of go idea based IDE this, how to properly use a make file.

E

Something that went around the docker builds or ran the scripts directly, but since what make is really good at which is managing dependencies, you'll go has largely abrogated the need for, because it's really good at forking building systems, I would tend to want to keep it as a simple convenience make file yeah.

B

So, let's, let's go in add one and it'll just be a big file that calls the scripts and they calls the build script and that's and then let's leave it at that and not not add anything else to it. That way, people can do like made a made, X make or go and make and a more or so on and just have the tool tool run it it automatically as well. I.

G

Think that's a good idea. Fredericton also will it will sort of flush out issues with things being missing in the scripts as well having a top-down small and it makes it more accessible, yeah.

B

And and at this point adding anything more complex than that I think should be rejected. So just we can get away with two or three lines.

D

Yeah.

B

Okay,.

B

Yeah so go ahead and if you wanna take, would you be control thinking we're on as as an action item and.

B

Who is, it was taken.

B

Okay, so action items are for review.

B

Its II couldn't take off that stop one. So we've been working on inventing a character for for Edie.

B

And I believe we have a candidate, but before we commit to such a candidate, wanna know if anyone else wanted to to create a character for head.

B

Does this may turn into a puppet show so pretty exciting.

B

So when I say that I don't say that in jest.

I

So.

B

Anyways this does anyone else want to participate in that.

C

What are the rules of engagement come.

B

Up with some type of a so see, if I give a good example, so when looking for some type of a mascot, you know and the two mascots I that speak a little bit alike when you're thinking of mass cause, like you look at the go mascot or you look at the Lumix mascot like they're, their things or animals that can they can do things, it can be actionable like analytics one, the artist who's, a artists from Texas A&M, who submitted to them.

B

I said that he wanted it to look like like a very happy penguin, who had just had a large meal of his favorite fish, and so but you look at it, it's like you, you know, Thursday can do things, it represents the community. So we want something that represents our community and can do things and it's active, and so, but also you know, friendly.

B

Kennedy became a character Fred and then it turned into a mascot I. Think.

F

And.

B

The reason why is because you said you wanted to have a character for for a book or for the Oprah's.

I

Really, the story.

E

Like yeah.

B

And then and then they grew from there. So this action item needs to be renamed to create a mascot.

B

Okay, well, how about we give it one more one more week and then after that, if nothing comes up and then we'll go with say with an ascot that at the end and I can can select.

B

Are we phrase that that's.

C

An excellent, a I for the fourth of July holiday, I think.

B

I think so too so I mean it's two weeks two weeks from now is this. Is that is that too long, it I.

E

Don't think.

B

So next tax action item so Tom you were gonna, look at some, so documentation. I! Remember you asked some questions as well. So how is that going? Yeah.

G

It's coming along I I, don't have it done yet. I had about half the week worked on it at the most and I.

G

You know, I'll generate a pull request when I get some mine, D files together, I just got text files all over the place at the moment and want to make sure I can reproduce everything in my VM you know and that in a in a controlled environment- and you know I'll reach out to you and others when I. If I have some questions, but so far it's just you know, there's a there's, a lot of very basic startup stuff. That seems to be missing and they think documentation.

G

That's what I started with, but sometimes I've got something concrete. Oh I will submit a pull request.

B

Okay, fantastic and just a heads up a future action item which is not going to be on on Tom. It's gonna be for someone who has not gone through the network service special project in detail to go through the documents and give the give the document suspend and give feedback.

G

I'm doing that I have some changes to the documents to that as I found mistakes, not mistakes, but the things that have changed I guess since the document was written, any consistencies with file names and things like that. But I checked that I fixed in my local versions as I went along I thought that might be part of the effort, but yeah absolutely everybody should look at them and then we'll merge all the changes.

G

So.

B

Ok, so action item for Taylor to document CN, CF, CN, F I will GU speak Taylor.

J

Hey can y'all hear me. Yes, okay, I started working on I guess the the document. What I didn't do is move it over into the wiki to create a wiki page I think that was the next part pulled together. Some notes on how the cross pod CI portion could help and with some of the testing on humanities clusters and then the actual CNN project, which is the comparison budget, probably two pages for this: a.

G

Question if I could interfere where we want to maintain some wiki pages, I I, just sort of was under the assumption that everything was going to be markdown, maybe I'm confusing that with discussions and other groups, but just a question: I mean that's. What I was having assumed with my stuff, as I was going to put it in my and the additional markdown file, as well as some changes in existing files on them. So wherever.

B

Y'all think yeah there is a wiki and it's made of town files, so you're good.

G

Fantastic nobody likes to edit wikis.

E

But everyone is at least.

J

On the github wiki is that, where y'all would like me to put the cns item.

B

Yeah that'd be that'd, be a fantastic place to to put them, and you should have the so. You have any.

D

Comments.

D

We should have, we can submit a document.

B

Yeah, that's that's good.

D

Maybe what I didn't do is I can add another talk, this document to.

B

Yeah, that's a good idea and then we can transcribe it. What.

F

About creating a dog folder in the repo and basically do it PR of it do with whatever the document you have in that Doka Doka folder, and then we can actually comment and then, when it's finalized it can get merged into that dog.

B

Yeah, that's a that's a good idea as well. My my hope is a github wiki would have some of the github standard features in it, because at the end of the day gives up. Wiki is just to get repo, so it's a the fact that it seems to be missing. These features is highly unfortunate.

G

How come with whatever you want to do too.

B

Okay, yeah and the only the only downside on well one of the downsides on adding it into the docks. Is that means that it's the hurdle to add to it is a bit higher, but that that might that might be okay, if it enables us to have reviews. So I have to think about think about that as well. For a little bit, we'll add an action item to to return to to that to work out where we should, where we should place these documents in the long run. So.

J

The wiki is a branch on the repo, so it may allow pull requests.

B

It was an entirely new, wiki or sorry an entirely new I get a repo, because the URL is different. Like you to download the wiki, you do git clone, get up a comma, slash, org, slash project wikidot to get so it's as it has a different URL.

J

That's new to me: it used to just be a branch on whatever the repo and you'd go to that branch and any changes you push up in. That branch would show us for the wiki.

E

If.

J

It's a completely different repos and that may even be easier to do pull request a dark folders totally fine, though, if we just want to do markdown files, it doesn't have to be on the wiki I.

A

Like the docs, folder and markdown files personally, but but I think at one point, Frederic had said that we could. We could convert the wiki eventually to markdown files in a doc repo, so yeah.

G

What it isn't that markdown a good starting point, though I don't know just to begin with the.

B

Content is, is not it's not really the problem itself, so in in both scenarios, it'll be the same content. It's just a matter of words. Where should the documentation live actually be part of the part of the main repo itself and part of the idea? Was that there's some information? That is that it doesn't really matter what version it is you're using oh yeah.

G

The.

B

Information is is relevant, but there's nothing wrong with with saying. If you want to see that information look at the latest.

B

Yeah.

B

Okay, well.

B

And.

D

Yeah.

F

Kubernetes uses the same that they have a community repo where all the proposals are stored and then there's a discussion happening over there. Pretty much common all.

B

Right.

E

Go yeah.

B

So when I make sure that we get to the use case as well, that that was listed below so let me go ahead and and move on so I'll take a look at that and then we'll we'll we'll revisit.

B

So, let's we had an action item as well for people to look at getting involved with the pod to NSF. Api I won't discuss that in detail at this particular point other than to say that we have something that's been merged, and that is its. What is there is not set in concrete, so based on the use cases, we really.

F

Change.

B

Things to to accommodate so, but it's there for people to take a look at.

B

Okay for issues that have occurred in the past or that have been closed in the last week, we've had we've actually had relatively busy, not from the issues side from the pool requests slide. We've had a pretty busy period of time, so we've added a new Sierra T handler interface.

B

The we also added an object store so that the Sierra T objects have a place to actually stay and live, and there's been improvements on on our logging. So we're moving towards at this point, we're moving towards log risks and having a produce I believe the plan is to have it produce Jason log files that can be ingested by.

B

Dura flu and d2 to a stack of of your choice. Oh sorry,.

F

I have a question about the logger. Sorry in to interrupt you I mean. Maybe it's just lack of my knowledge, but I mean one of the reason why I never used web browsers because I never managed to get in the message which generates the line number from the source core like when you debug and it's it's. It's less convenient with the joke. When you get a message with the name of the source file and the line number where that message was generated,.

E

Essentially, a JavaScript like block or source or whatever you choose to call it that contains that value. So, when you're dealing with something that is, you know you as a group of saying JavaScript, aware of JavaScript, aware of log digesters of various sorts, they you can pull more easily. You definitely do that.

E

I've seen it do it myself, and you definitely want to doing that totally cool.

F

If you could, if you could provide an example that would be awesome, cuz, it's a bit painful.

E

What you do is something that makes it really easy to do right. What you really want is to be such that every time logging that information being logged with all of them having to actually do something.

F

Yep.

B

So also there have been there's been work on getting plugins to become idempotent. So basically, when you call in it or close multiple times, so this is for plugins if depend on other plugins that things don't blow up on you. So.

B

Trying to make a dependent a plug-in dependency, an important step in making plug-in dependency management easy to easy to handle. We've been adding. We added the init container, which we discussed earlier earlier as well.

B

We are, we are also adding config config map parsing code, so basically could take. Map is a configuration that's stored within Koopman kubernetes and that informations pushed into the container and we're parsing parsing of that, and so on. The agenda for the next week is well depends on so we had kubernetes 1.11 that was recently released, so we've also are getting things set up for that migration. So, when client go cut the cuts, a branch, then we're also going to be moving the project to to 1.11.

B

So just a heads up and one make sure we get to the to the use case so I'll apologize. I forget your name wrong guys, a messy ik.

C

Yes, try again, ok.

B

So.

C

Dark magic is fine, it's not an Anglophone name, and it's also not a francophone nickname. It's a Polish name. So I'll spell it from the picnic next time.

B

You have a party, ok,.

C

I only have like four slides and, and they post it add the link, so I don't know, can I can I show you a screen, so you can see my mouse sure. Okay, all right see it works.

C

Ok should be able to see the online version of the slides.

C

Okay, so I think I've been on one of the calls here, a while back and I got distracted and I'm back and hopefully, I won't get distracted again, but I looked at the slides. Add that I think you put together or whoever and specifically the that this limited CNF this between bridge case and as I'm a bit allergic to l2 I thought why don't I?

C

Look at Ikey I also looked at the use cases document, but I I realized that I'm a bit behind so I'm going to apply a catch-up and if what this following four slides, if they are basically me, it mean that I'm barking up the wrong tree, just just feel free to shut me down at any time. I have used the slides referred to and I just you know, replies Alto semantics with ipv6 and ipv4 and I called it virtual routing and forwarding vrf.

C

Not this not a distributed, router, not a virtual Rooter, but I just you know I used at night. So if you are familiar with the slides that I referred to earlier, and you should be the digital bridge, then your brains must be now also very familiar with the calligraphy used on those slides. So thank you. It and the the problem is very simple.

C

You know throughout the decision bridge is just that the pots don't want to connect over the l2 bridge network, so the submitted bridge networks or emulated lands, but they like to connect it to get connected over this rooted, verbs and I'm, not calling it a VPN, because the the routing plane the control plane in network control plane, you think, is not part of this use case. It's actually orthogonal to it. It's it's really connectivity of the the pots to the to the IP forwarding instances whether they are public or private, doesn't really matter.

C

They are clearly you know, logically, isolated and and the way the this distributed thing is implemented is also you know, using some sort of IP tunneling and like in the in the case of a disputed bridge. The excellent was preferred to and and other tunneling technology is here. You know a vehicle on GPE, which is a new draft that is going through the IETF and basically adding the the protocol field in the DX on header and so forth, as the X on GP or GRE, or some other.

C

You know, IP over IP or IP over l2 or MPLS.

C

Encapsulation makes sense so far. Okay, now here is I, may have got things wrong, yep.

C

What's that question, it makes us to be good okay. So looking at the definitions network service, it's you know, the the name is VR m0 selector up is VR of 0 and the pot.

C

The the pod instance that is actually providing the service on a specific note is is basically labeled with the up vrf 0 and it carries the name of VR m0 pot in terms of the channels I have put here, the the name of the channel, a v RF IP 6, as this specific in this specific case, but this witted verb is serving IP, 6, ipv6, payloads, and but you know, ipv4 it's another option or if the dual stack is supported, then actually 4 and plus RT v6 and in terms of the the NSM way again, thanks that it was a bit of the reply soul here, the only difference from the project's rooted bridge is that the pot that is providing the service here is basically I providing VAR f 0 service, not the not a bridge, 0 service.

C

Everything else stays the same and in terms of the a disability plantation we can have. One can have those VR of 0 pots living on notes, and then they, you know, connect by magic and one. You know for the data point perspective could be the excellency PE tunnels between each other. In terms of you know, the address addressing IP, addressing management and IP address provision and into the the pots that are requesting the service, as well as a routing part, is orthogonal and out of scope, Addison cool.

C

Suzhou will this work.

E

I should work, I mean, should work just fine. Obviously, it's up to whoever is deploying the bureau serial pawns to figure out how they want to get reps, and things like that. You know just like it's up to whoever would deploy a beer 0pi, how they want to get. You know what they want to do about things like ARP and and broadcasts and bridge tables right.

D

You.

E

Were just fine, okay,.

D

Rugged.

F

It sounds like it's building a sort of a namespace support which is for the port, so you can have a multiple namespace.

C

It's providing a disability, RF service, so namespace from the you know, di IP namespace perspective sort of distributed. Yes, so what are things.

H

Struggle lewiston, some of these is who supplies IP address. Do we use the do we over? Do we reuse IP, address from kubernetes in the pod, or do we create a new.

E

Goes to connect to a network service which.

F

May also be.

E

The for example, or pod very connected the VRS, 0 or PI, then it should give its IP address, and possibly some routing information should come back from the VR f0 pod as part of setting up that connection, because network server smash doesn't have any idea what the right IP number is, or what prefixes should be sent to be ro 0, but the mirror 0 pot is a very good notion of that right.

E

Yes, it has a very good idea of of how VR s 0 is handling IBM and a very good idea of how of what prefixes with yeah. Let me fix this in the ER of zero. Yes,.

C

So I fully agree and in fact, for this specific case say with ipv6. Basically, here of zero port will emit an RA to to the connected pots and and and then use the the array based address allocation to to allocate addresses. So if that's, okay, with with a group here, I'm very happy to die to the a bit deeper I'll try to avoid the HCP for now at least and local 12 degree, we can use an existing. You know well-known and standard IP v6 mechanics to handle this specific problem. So.

H

We're saying that the should be orthogonal to the IP address space in kubernetes.

E

Unless there is something going on in the pod, that makes it yes.

C

Yeah.

H

I swear can sometimes struggle is how does the attraction of kubernetes happen, but we're creating or creating an overlay of pods, which is good, then yeah.

C

We are created only to the l2, this wooden bridge. We are creating here and an overlay Elfi Network yeah.

H

Yeah.

C

You know this rebuke adverse this way to the PM. It's nothing to do with the kubernetes network per se. It's almost like a private connected connectivity over. You know some IP. Yes,.

H

So III I see I, see the case, but I'm just trying to think of how communities would will have any interaction shouldn't have any interaction and at some point traffic has to go from I would assume wants to go from kubernetes to this dispute overlay. That's.

D

Or.

H

Not.

C

I think that's actually the the case where we would need to address the external connectivity. Yes,.

E

I would say there there's there's the civil case, there's easy case in my mind. There may be other cases right, I, don't think of everything but case in my mind, I think what you're getting at is. Where do we get the IP that's used for the tunnel here right? Where do we get the tunnel at I pee? The.

H

Tunnel address space for.

E

The.

E

One is you get it from the normal kubernetes networking space for the outer header. That's one possibility the other possibility.

H

So then, part of 202 addresses from kubernetes.

E

So in the mechanical sense, I would expect, for example, if you are setting up the criminal news network- and you have a kid or you have a date of playing- you might want to set aside some number of those. You know some address for tunneling. That's one possibility the other thing that I think is interesting, because it's semantically meaningful is, you can imagine a situation where you need to be tunneling via a network service right. So, for example, imagine that I have Radio Network right.

E

I have physical mixed connected to the radio network, and the network service have been trying to reach is actually only reachable via the radio network network service right. So that's a little more complicated scenario. I haven't thought it all the way through I am aware of it. Does that make sense, yeah.

G

But the way I, think of this- and maybe I'm I'm wrong here- is that this this vrf is really as magic explained, is really agnostic to what the tunneling mechanism is and the way I thought of it is that the tunneling mechanism is or the tunneling underlay is actually another negotiation with the network service manager and another provided function that will set up that tunneling network and that, in turn, will know about the ID. Id might be.

E

Make there are a bunch of different, interesting options there and I think they will vary somewhat depending on the data plane.

E

So you know I think it will vary somewhat depending on your dealing with this different data, planes will potentially handle it differently.

C

From from that, I gather sorry and that this problem has not been addressed yet, for this distributed bridge. Think correct.

E

Know the outer header IP for tunnels is not been explicitly addressed yet: okay, okay,.

B

So, just just a heads up we're over the scheduled meeting time, so we can still have discussions afterwards, but just need to close up the meeting. So again, just just remind people no meeting next week. The next meeting will be on July 13th and thank you. Everyone for attending.

J

Well, thanks.

G

Bye, everybody.

C

So I have a few more minutes, I know if anybody else wants to keep discussing this thing, because I would like to actually explore this verve case a bit further and if the pattern also applies to to this wooden bridge, for the outer think I think.

B

I think it may have to secured.

C

Disappeared.

B

Yeah.

C

Nobody.

G

Did I mean I I'm still here, then what I say make any sense and it's a.

C

Story, yes does, but the question comes down to IP address a location for the outer for the outer for the under light, whatever whatever the tunnel, and that needs to be for sure for sure coordinated with with kubernetes, because it's a kubernetes cluster that we running in that this thing is running in and I thought I'm not sure problem has been over the address, but I'm.

G

Not sure that's the case because we're this is a network service match and the kubernetes tarted talking about the stuff months ago and maybe I'm off off basis that the kubernetes would at least in one way of thinking about it, be responsible for an IP address space and what we might think of as analogous to the management plane and more conventional networks, and that the the network service mesh will be will be responsible for orchestrating the elements of the of the data plane which improper HAP's be based on a on a high speed, a higher speed data, plane and routing elements that are outside of the Cabrini's network.

G

That, and this would connect the pods. The pods would be able to talk to each other and some of the the gr pcs. If the remote might go over the kubernetes network. I know here, they're saying unix sockets, but the actual data plane traffic will not be part of the kubernetes network. That's one way of thinking of it and I realized that in the network working group there's a lot of people working on multiple address spaces and Malta's and various other things that look at the world a different way.

G

But I think tome that those were first principles. I thought there's.

H

I think it's multiple cases here, though, because I think you can have the ships in a night overlay case where there's two address spaces and to your case where the management network is kubernetes and then those are the expand overlay, that's completely isolated and for some use cases that may work the other cases where you need to bridge from the network service mesh into kubernetes some note. So then there has to be some way of at that point. Well,.

G

They'll never have to be a bridge now that I would assume that once.

H

Or something and then there's the case where you actually want to have an overlay network but use kubernetes to be nice, address, space and I. Think a lot of this is going to depend on what features each of those things want from kubernetes and visibility and control kubernetes has into the infrastructure yeah.

B

From the network side, I think the only strong requirement that I can think of at this pretender point is kubernetes. When you spin up a cluster, has two IP ranges: one of them is the pod, the pod I pee range and the second one is the service I pee range. You.

H

Know and.

B

So as long as there's as long as there's no collision along those two ranges, if you're using an IP network in your network service mesh, it can be an Canon most likely. It depends on altum. Utley depends on the Sdn that you're that you're using, but it should be seen as an independent as an independent construct from from the kubernetes based systems. You know, Vic. The implementation could create tunnels through through kubernetes IP network, like that.

B

That is definitely a possible implementation, but it's definitely not definitely not a requirement, and it is not the typical model that that I, think of when what I'm talking about network service meshes.

C

To comment on your service, IP range and pod IP range pod IP range is all it never actually makes it to the wire out correct we're a service. Ip range is actually irritable from outside and it lives on a wire physical wire outside of the physical compute model. Correct. That's.

B

The typical implementation, but it's not it's not actually mandated by kubernetes, so just has three basic rules. They could be flat accessible.

F

I mean the service range, I mean it could be internal addresses, and you have to do an extra step to expose them either to kind of marry them with a proxy or some-some, not device, or something like that. Would.

H

It be useful to consider if we become a working group to ask for an hour service mesh, address space.

H

Yeah.

C

But you know so so tell me if I'm, if I'm completely wrong here, whether it is you know at mandated or not if it is a de facto best practice or de facto standard, but the service IP that the pod IP range never makes it on out onto the wire and and the service IP range in most cases is on the wire, whether it is a publicly reachable wire or not. It is living on the physical wire, then the the the outer address space.

C

Sorry, the address space used for the for the under light in this very case must be actually coming from the service. Ip range.

B

And.

C

If so, and if so then, the the John's point about you know whether an SM needs a separate service on the same IP range or not, you know, that's it. That's that's the next question, but well. The first one is yes.

B

So the way, the way that it's that is set up is said when you do a when you want to set up a new connection, so the new connection would go over a UNIX socket to the network service mesh. So it doesn't, it doesn't ever kind of it doesn't connect to a traditional kubernetes service and in that sense the network service mesh themselves may end up communicating over a service to another network service mesh in order to negotiate a tunnel. But that's and.

G

You're right and that's where they they, that you worry about the IP addresses for that tunnel. That's.

B

A negotiation.

G

Between the NSM they're.

B

Using standard core, Nettie's primitives, so they're, basically talking over the pod over the pod network together.

F

To.

B

The RN SM and both of those ms/ms have to then negotiate with each other.

B

The capabilities and establish on both sides, the tunnel and, if you're, working within an IP range like if you're working with an IP tunnel as an example from your from one pod to another pod, then those those those ipiria where addresses do become important, but primarily just so that you don't accidentally create like if you're using the standard 1016 range, you don't want to create a 1016.

B

You don't want to create an IP address within that 1016 range, but that being said.

B

Like it is, you know, even if you were to spin up a pot and say no networking and then you were to then drop in connections, then you could stick something intensive and a 1060 range. So so there there is. There are ways to to make that happen, but yeah in general, it's the it is primarily to keep them, keep them as separate as possible, and we.

F

May.

B

We may need to add in some type of configuration just to say, wait these, like you, prefer these ranges or prefer these, but that would probably that would probably be with one of the plugin configs when, when it's being sapped, so I, don't think we we probably don't at this point, need to ask for for a default range.

B

We can probably just pick a default range and to start with, because that'd be an implementation detail of the of the plug-in itself and a different plug, and it's implements a different IP range could set it add the more. The more important part is that if it's important, if you're doing IP tunneling and it's an important feature, the most important part is that we we have a way to so. You configure that and that's one of things that we're working on is to make is to make the plugins configurable.

B

So you can add in whatever whatever needs to whatever it needs to know, is.

C

This the scenario that you are that's already you know a work in progress so for node 1 or for VAR f, 0 port on node 1 to be able to establish a tunnel to the VR of 0 on put on node 2, because they will have to communicate via an SM. Yes, so.

B

That.

C

That involves IP addresses that involves. Actually, you know, setting up the tunnel so.

B

The part that I mentioned is like, where we're still we're still building up the initial a gives you it's a uniform platform for such a thing to be built on, so we're not working on actively on that specific plugin at this point, but we one of the primitives that it will definitely need, is a way to set a configuration for that plugin to basically tell it to there's. Also another thing as well.

B

The NSM itself doesn't really care about what IP addresses you you use. So one one thing that we've spoken about is letting the connections themselves negotiate a an address, and so, when you request a tunnel or when you request a service, if it requires an IP address the it's possible that the service that's providing, that functionality may have the most context and could provide an IP for for downstream to use. And so that's that's one model that we're. Also that we're also looking at as well is so, and that's in that.

B

In that essence, one possible pattern would be to have the service be given a set of IP ranges and then, when the clients connect in the service could then hand out IP addresses as it sees fit exactly.

G

So if the services job is to provide a tunnel, then that service has to know about what IP addresses are available. They didn't negotiate with another service. That's the way, I think if it's all like a network of services, each of which supplies a difference, is.

C

This guy right, so this guy's, no that's what you're saying I! Don't.

G

I think this guy doesn't know, I think the guy the network service mesh that that he's talking to says. Oh, he needs a tunnel and then he negotiates the details of what that of what that tunnel is right. Okay,.

C

All right.

G

Anywhere because.

C

The set that you know this is being built, so this is currently in the in the github code, but are the options followed anywhere or is that so I'll.

B

Try to be I'll try to be accurate as possible, so right now, there's no tunnels that are being built yet because we're still building on building up the primitives for our plugins. So right now, what we're doing is we're building a where we're building the mechanism that will allow you to build a plugin. So that includes logging infrastructure.

B

How do you manage? How do you add and manage configurations, object? Storage for for those plugins, so we're we're trying to so we're we're building out like what does it even mean to be a plug-in at this particular plugin.

C

Okay, all right so Ellie in front okay, yeah.

B

So once once we get through, do that, then one of the questions then becomes. How do we build a layer, a layer, three plateau? How do we build a layer, two tunnel?

B

What should those which those look like, and one of the things that were that we're doing is we're trying to build the plugins in such a way that, if you, if you need to the decision, should come from whichever entity has the most context in this space and, interestingly enough, despite the fact that Network Service mesh is organizing a negotiation of these plugins, that does not necessarily mean that Network service mesh itself has the best context.

B

So it's possible that the service that is that is being exposed, may have more context about the problem and likely will have more context about the problem. Then then, network service mesh itself did does that make sense. Yeah.

G

And.

B

So, if that's the scenario, if that's the case, then that decision should be handed to that service and that service could work out.

B

Okay, I need to hand out this particular IP, address or I need to set these parameters or or so on and set the set the right, basically in the initialization of that connection, that it would pass that information back to the network, Service Commission and say yes, I am accepting this connection with these parameter requests and the other side accepts as well, and so now you have a successful negotiation and then you build up the tunnels and so from so that that's the current.

B

That's the current model that word that we're looking at is just to allow the service to provide that information. The service could say, users use this IP address, and so then, where would you program this IP address or the range of IP addresses aky├╝z? It would be at the it wouldn't yet the plug-in in that in that area, and another interesting thing as well is that all of the stuff is is technically point-to-point and so depending on the tunnel.

B

If the tunnel itself is transient and doesn't need to ever be seen, then it's possible that that, even if multiple systems end up reusing the same ip address during during the during the tunnels, it's possible that there'll be no adverse effect depending on how on how they get handed out and and how the negotiation works. So just as an interesting side effect, but yeah in in general, like we, we, the entity that has the most information as to whether this should be the one that that it hands it out.

H

The area for documentation we are.

C

All unsure perspective, yes, yeah yeah.

B

This is this is something that we're you know, we're we're. We've been discussing patterns and trying to work out like which, what direction that we should head- and this is one it's not the only pattern, but it's it's a pattern that that we think would be good to go towards. It is possible. It is possible that someone could have let the plug in that, where network service, which actually does hold that information and instead of having the service handle the configuration, the network service master plugin itself- could could deal with it. So it is.

B

It is possible to let's.

H

Mean literally possibilities and I think you know dreams help to match them to use cases, because there is a lot of possibilities here, but.

F

Yeah, it's.

H

Really critical to get this right because without it nothing works. Okay,.

B

Completely agree, and- and one of the things about it is that this is the system is flexible enough, that, if like, we want to provide good patterns or be able to follow those patterns and provide good templates for people to follow, but flexible enough that, if you watched you break out of the box, it doesn't stop you from breaking out of the box, but it should make common use cases very simple, very easy to follow. Yes,.

H

So.

B

That's that's sort of the way that we're looking at it so one one of these we want to be careful with is, if you actually do, have a need for something. That's that's not in the common pattern. We don't want to say no, so we want to be able to say you can try.

C

I think that clarifies a lot so with me. Let me think this through and if, if I have some thoughts on on that from the specific use case perspective and network mechanics our next meeting. Thank you cool.

B

Yeah and if you have any, if you have any concerns that pop up, you know, let us let us know, and one easy way to get a hold of us with relative ease, is on IRC. If you hop onto the network service, mesh channel and.

C

So but I'm going to approach it not from orchestration perspective, but from reporting perspectives. I would like to actually leverage all the hooks. We have him and networking specs and functionality that that should be there as part of the IP stack in the context of this, this video vrf, v4 and v6 to see to what degree this could be eased and anyway. Let me think mother thanks.

B

Yeah thanks and definite looking forward to hearing your feedback.

C

All right very much in.

B

July.

C

Break Joe thank.

B

You very much good.

G

Bye everybody bye.

H

You.
youtube image
From YouTube: Network Service Mesh WG - 2018-06-29

Description

Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io

Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects