►
From YouTube: CNCF TOC Meeting 2021-03-16
Description
CNCF TOC Meeting 2021-03-16
A
B
B
B
D
B
D
All
right
looks
like
we
have
stabilized
on
28
people
at
the
moment.
So
hello,
everyone
welcome,
let's
get
started
normal
introductions
apply
hello,
you
made
it
welcome
okay
and
we
have
the
tech
radar.
This
will
be
very
exciting.
I
can't
remember
who
do
we
have
to
present
the
tech
radio
do
we
have?
I
have.
F
C
Hello
to
you,
elena,
thank
you
all
right,
hello,
everyone,
my
name
is
alina.
I'm
a
software
engineer
at
apple
and
one
of
the
cncftocs,
and
today
I'm
going
to
be
presenting
the
cncf
and
user
technical
radar
on
secrets
management
that
got
published
last
week.
Secret
management
involves
tools
and
techniques
to
manage
secret
data
like
token
passwords
and
certificates,
and
it
becomes
more
essential
and
complicated
as
the
cloud
native
ecosystem
grows,
because
the
micro
services
need
to
talk
to
each
other
and
they
need
to
talk
to
each
other
in
a
in
a
secure
manner.
C
Next
piece:
now:
what
is
a
technology
radar
technology
radar
is
an
initiative
from
the
cncf
end
user
community
and
that's
a
group
with
over
140
companies
that
meet
regularly
and
discuss
challenges
that
are
involved
with
the
cloud
native
tools.
Adoption
and
the
goal
of
cncf
technology
radar
is
to
share
the
tools
that
actually
being
used
by
the
community
and
tools
that
end
user
companies
recommend
to
use.
It
is
a
community
driven.
C
The
data
is
contributed
by
cncf
and
user
companies
and
created
by
the
community
representatives,
and
the
adoption
of
the
initiative
focuses
on
the
future
adoption.
That's
why
we
went
with
three
rings:
adopt
trial
and
assess
adopt
is
when
the
technology
is
clearly
recommended
by
the
end
user
community
trial
is
that
companies
use
it
with
success
and
recommend
looking
at
it
and
it
says,
is
companies
try
it
out
and
find
it
promising
and
recommend
you
keeping
an
eye
on
it?
C
Next,
please
79
companies
participated
in
in
the
secret
management
technology
radar,
and
the
results
were
somewhat
interesting
and
surprising.
The
variety
of
tools
that
are
used
for
secrets
management
by
different
companies
was
wide.
Yet
we
are
able
to
identify
some
exciting
themes
of
how
people
use
secret
management
tools.
C
Next,
please
much
of
the
radar
team
was
initially
surprised.
Oh
please!
Next
just
so,
we
can
see
the
first
theme
that
walt
was
the
clear
winner
as
it
got
the
broadest
adoption
across
many
companies.
Vault
is
a
very
mature
solution
by
the
hershey
corp.
Yet
it's
not
the
easiest
one
to
use,
and
it
is
a
rather
complex,
complex
tool
with
a
high
operational
bargain,
but
the
adoption
was
high
and
the
more
we
looked
at
it,
the
more
we
realized
that
it
makes
sense.
C
If
you're
a
small
company,
you
would
most
likely
offload
your
secrets
management
to
the
company.
Who
knows
how
to
do
that,
and
also
it
is
a
very.
It
is
a
very
good
tool,
because
it's
a
cloud
agnostic
tool
and,
if
you're,
unsure
of
what
cloud
you're
going
to
operate
on
or
if
you
are
creating
across
multiple
clouds,
public
and
private
vault
is
a
great
solution
for
that.
C
Certificate
manager
is
the
kubernetes
native
tool
that
is
used
for
managing
the
certificates,
rotate
them
on
the
regular
basis
and
ensure
that
they
up
to
date.
It
offers
the
high
integration
with
the
rest
of
the
kubernetes
ecosystem
and
we
believe
that
secret
management
is
a
in
top
of
mind
of
everybody
who
uses
kubernetes.
C
B
One
question
in
chat:
actually
there's
quite
a
few
questions
in
chat.
Take
it
back
so
where
do
you
want
to
start
because
first,
one
is:
how
does
this
particular
tech
radar
response,
compare
to
other
subjects
done
previously
and
then
there's
a
question
from
liz
as
well,
so,
jim
liz?
Do
you
want
to
be
able
to
like
raise
your
questions
by
voice.
G
G
D
C
D
C
H
I
I
Yeah
there
there's
seems
to
be
the
the
contention
between
what
we
call
a
secret
traditionally
like
certificates
or
more
identities
than
secret
material,
and
perhaps
the
scope
should
be
brought
into
authentication
technologies
which
encompasses
both
touches
both
on
the
proof
of
possession
as
well
as
identities
and
recognition
technologies.
That's
like
spire
and
cirque
manager
would
be.
J
It's
traditionally
handled
very
well
by
lots
of
like
single
sign-on
providers,
octa
and
microsoft
solutions,
but
the
machine
to
machine
market
is
where
the
secrets
management
winds
up,
becoming
the
most
sort
of
like
natural
thing
to
do,
and
people
have
gone
by
with
certificate
rotation,
but
once
they
actually
realize
they've
got
to
do
some
real
secrets
management.
That's
where
vault
points
are
becoming
super
popular,
and
so
we
noticed
that
a
lot
well.
This
chart
on
the
radar
looks
very
much
like
what
we
see
when
we're
talking
to
customers.
J
J
D
H
D
K
Yeah,
I
think
in
vault,
is,
I
don't
know
if
if
it
has
changed
over
the
years,
but
I
looked
at
it
like
a
few
years
ago
and
then
and
they
were
in
keeping
that
in
memory.
So
essentially
you
you
had
a
cluster,
so
they
recommended
redundance
redundancy
where
you
had
like
several
several
nodes,
like
you
know,
maybe
three
nodes
and
that
key
was
actually
stored
in
all
of
the
nodes.
K
So
if
one
of
the
nodes
actually
went
down,
then
you
still
had
the
master
key
lying
somewhere,
but
then
the
question
came
up,
but
what,
if
all
the
nodes
went
down?
Where
would
that
master
key?
Be
right?
So,
but
I
don't
know
if
they've
actually
changed
some
of
that
implementation
over
the
years
they
might
have.
K
I
I
D
H
Published
right,
it
is
published,
I
mean
we
can
do
whatever
we
want
right.
We
can
make
changes
to
it.
I
so
the
the
radar
team
that
created
this-
I
don't
want
to
speak
on
their
behalf.
I
don't
want
to
change
things.
The
judgments
that
they
made
with
this.
I
think,
if
security
wanted
to
publish,
take
this
as
a
starting
point
and
then
publish
a
more
nuanced
discussion
or
suggestions
on
it.
That
would
be
fantastic.
D
D
H
And
this
is
actually
a
really
interesting.
We
had
quite
a
lot
of
discussion
when
forming
this
report
about
whether
this
truly
was
secrets,
management
or
whether
this
covered
various
categories
and
which
ones
so
I
agree.
Actually,
the
the
range
of
products
and
projects
listed
here
don't
quite
match
just
secrets
management.
H
H
Great
yeah
that
would
be
fantastic,
just
I'll
drop
my
email
into
the
chat,
and
I
think
this
has
always
been
just
a
starting
point.
I
mean
it's
always
opinionated,
always
biased
and
the
more
we
can
use
to
expand
on
this
and
give
experts
like
yourself
the
opportunity
to
respond
to
it
and
add
more
nuance,
like
I
think,
they're
better
for
everybody.
C
D
I
H
H
D
D
H
H
I
It's
all
predicated
on
this
building
blocks
so
any
way
that
we
can
energize
the
space
for
people
not
just
to
reassemble
existing
components
and
expect
different
configurations,
but
actually
introduce
breakthrough
technologies
and
breakthrough
ideas,
and
perhaps
this
this
will
precipitate
of
well
if
secret
certificate
manager.
Here,
maybe
there's
a
world
where
there's
just
enough
secrets
and
just
enough
identities.
I
So
we
can
reduce
blast
radius
of
things.
So
I
I
think
we
might
be
on
to
something
of
something
innovative
and
breakthrough
ideas
like
I
see
the
mention
of
compliance
well,
better
governance,
better
compliance
is
predicated
on
strong
identities
and
very
little
secrets,
or
only
as
many
secrets
as
necessary.
So
I
think
a
stride
in
that
direction.
So
there's
perhaps
a
framing
that
is
all-encompassing
of
different
security
dimensions
and
a
broader
narrative.
D
I
I'm
thinking
in
combination,
it
will
be
good
to
work
with
cheryl
sounds
like
she's,
also
working
in
other
areas
around
well.
How
do
people
do
modern
interpretations
of
landscapes
like
perhaps
this
is
not
a
topographic
map?
That's
more
a
a
subway
map.
What
station
you
get
on
and
your
destination
dictates
your
journey
and
we
we
can
take
well
the
the
report.
That's
been
done
and
the
data
from
it
and
either
perhaps
change
the
language.
So
it's
not
as
disparaging
of
certain
projects
or
like
shed
slide
of.
Why
do?
I
How
would
this
projects
come
into
the
equation,
not
being
secret
solution
on
their
secrets
management?
We
can
add
a
ton
of
color
of
like
how
can
you
leverage
both
in
combination?
We
can
also
do
like
the
next
set
of
things
like
well.
What's
the
intersection
of
the
two
and
do
a
write-up
about
it
about
it,
use
the
cloud
native
security
landscape?
H
I
would
love
to
brainstorm
with
you
on
how
to
do
those
things
together.
Definitely
I'm
open
to
new
formats,
new
ways
that
we
can
produce
helpful
content
for
people
yeah
just
to
help
guide
them.
I
think
it's
it's
very
hard
for
people
who
are
not
in
this
day-to-day
looking
at
it
to
really
understand
the
the
kind
of
reality
there's
a
lot
of
hype.
There
is
a
lot
of
hype
right.
H
D
100
agree
with
that,
and
I
think
we
have
some
very
good
articulations
of
like
kind
of
101.
You
know
how
to
adopt
cloud
native
101,
but
actually
you
don't
have
to
go
very
far
down
the
road
before
you
realize.
Oh
there's,
a
ton
of
security,
observability
all
kinds
of
other
bits
that
maybe
are
a
bit
more
confusing
yeah,
but
I
do
I
remain.
I
think
these
technology
radars
are
a
fantastic
initiative.
I
think
we're
learning
a
lot
about
what's
actually
being
used
and
that's
really
useful.
F
B
D
H
Good
question:
oh
yeah!
I
should
have
put
a
link
into
this,
so
if
you
go
cncf,
dot,
io,
slash
tech,
dash
radar
and
this
links
to
a
github
issue
where
you
can
put
in
you
can
make
a
suggestion
for
what
a
future
radar
should
be,
or
you
can
plus
like
thumbs
up
things
that
you're
interested
in
hearing
about,
and
then
it
will
be
up
to
the
next
techradar
team
to
decide
which
one
they
find
interesting
and
they
think
is
is
worth
having
a
radar
on.
H
H
D
H
People,
people
love
it
so
one
of
the
things
that
is
really
interesting
about
the
way
this
is
set
up
is
that
if
you're
an
end
user,
you
can
see
exactly
which
company
uses
what
technology
and
what
they
think
about
it.
So
you
have
a
lot
of
private
access
to
this
data
that
externally,
you
can
only
see
the
kind
of
aggregated
version,
so
internally,
people
really
really
have
found
a
lot
of
value
out
of
it.
They
go
present
it
to
their
own
teams.
When
they're
deciding
on
what
technologies
they
should
be
using
yeah.