►
From YouTube: CNCF TOC Meeting 2022-09-13
Description
CNCF TOC Meeting 2022-09-13
A
B
C
D
D
Let
me
think
it's
really
use
it.
Okay,
because
I
was
trying
to
understand
the
reason
and
they
put
a
bunch
of
stuff
beforehand.
If
you
scroll
up
dims,
there's
a
link
to
the
English
version
there.
Oh
you
scrolled
past
it
oops
scrolled
past
it
the
other
way
right
after
the
header
there
you
go
yeah.
It
took
me
a
minute
too
foreign.
B
D
Okay,
I
I
only
got
the
briefest
of
looks
at
this
because
it
was
further
down
and
I
started
at
the
top.
It
was
one
of
the
later
ones
that
I
got
to
yeah,
but
it
looks
to
be
some
kind
of
serverless
framework,
but
I
couldn't
exactly
tell
why
they
wanted
it
to
be
in
the
cncf
to
understand
that
and
and
then
there
was
the
MIT
license
that
caught
my
attention.
C
Yeah,
the
MIT
license
is
okay,
we
can,
we
can
do
contingency
based
on
huge,
changing
license,
I
think
what
they
are
trying
to
do
here
is
you
know
you
are
a
normal
application
developer.
You,
you
have
some
serverless
code.
You
want
to
run
it
you,
you
know,
you
want
to
run
it
somewhere
right,
like
you
can
pick
where
you
want
to
run
it.
C
You
know
you
can
generate
a
template
based
on
you
know
different
languages,
so
it's
like
a
menu
driven
thing
and
it
will
generate
a
bunch
of
stuff
that
will
help
you
deploy
to
one
of
these
serverless
runtimes.
So
it
tries
to
make
it
easy
for
people
who
are
starting
their
serverless
Journey,
and
that
is
what
I
got
out
of
it.
A
C
Yeah
I
think
I
I
think
I
want
to
like
help
them
by
bringing
them
on
for
sure
the
other
one
that
triggers
also
is
like
hey.
Does
a
service
serverless
working
group?
Do
they
need
to
be
a
state
at
this
point
because
there's
lots
of
projects
already,
so
that's
a
different
conversation.
We
can
have
it
with
them,
but
for
the
purposes
here,
I
I
feel
okay,
but.
C
C
C
A
E
A
I
believe
we
asked
them
to
come
back
due
to
a
lack
of
clarity
in
the
project
and
the
direction
and
I
know
that
we
asked
them
to
present
to
tag
security.
So
the
maintainer
reached
out
to
me
to
verify
that
they
did
everything
that
we
asked
them
to
do.
They
have
they
presented
to
tax
security,
they've,
gotten,
better
vision
and
direction
to
move
forward
and
they're
working
on
their
Community
growth
and
development.
C
B
E
E
A
D
C
C
E
D
E
C
E
C
E
A
C
What
can
we
tell
them?
What
we
can
tell
them
is
hey,
the
people
should
be
able
to
run
cubescape
in
their
environments,
kubernetes
environments,
conformant
kubernetes
environments,
and,
if
and
the
CLI
should
be
able
to,
they
should
be
able
to
submit
whatever
they
need
to
submit
to
the
local
instance
and
be
couple
their
specific
SAS
out
of
this
equation.
C
B
C
E
A
B
E
C
B
E
B
Do
it
there's
a
the
the
model
that
they
want
is
to
hide
the
handling
of
containers
from
Mostly
scientific
communities
where
people
are
used
to
SSH
to
Central
machines
where
everything
is
installed
for
them
and
it's
kind
of
a
niche
project.
There's
not
a
lot
of
contributors.
It's
and
there's
something
to
be
checked,
which
is
it's
an
MIT
zero
license?
So
we
also
need
to
check
that
okay,
but
yeah.
So
it's
it's.
It
is
an
issue.
I
think
it
will
remaining.
E
E
C
A
There
are
organizations
and
companies
that
have
traditional
production
level
management
of
their
clusters,
where
you
have
folks
that
are
logging
into
prod
environments,
sshing
directly
into
containers
to
make
changes
on
the
Fly
instead
of
promoting
better
immutability
with
container
images
in
their
clusters.
So
this
is
kind
of
set
up
to
assist
in
offloading
some
of
that
behavior
into
a
more
isolated
container.
A
So
there's
value
there
in
organizations
that
already
have
those
and
getting
them
to
change
those
processes.
However,
because
it
is
a
container
that
you're
allowing
someone
to
SSH
into
those
reports
are
open.
There
are
potential
additional
concerns.
So,
generally
speaking,
I
see
the
value
in
this
I'd
be
interested
in
seeing
what
the
project
does,
but
I
would
weigh
heavily
that
they
really
need
heavy
security
involved
movement
from
whatever
their
default
configurations
are,
and
the
overall
behavior
of
the
container
within
a
cluster.
C
C
B
A
C
A
B
D
E
C
D
D
D
C
E
B
B
C
B
B
Story:
okay,
let
me
let
me
give
a
little
bit
more
background.
I
was
contacted
by
someone
who
who
also
worked
on
spice
CP
in
the
past,
and
they
they
were
concerned
about
over
open,
fga,
basically
forking
their
stuff
without
any
attribution
and
then
submitting
it
to
to
cncf,
which
has
an
ungot
smell
to
it,
in
particular,
unless
we
see
OCTA
actually
carry
this
forward.
C
C
C
B
Sandbox
I
think
we
need
to
make
sure
we're
we're
adhering
to
the
the
bar
that
we
expect
out
of
that,
I
think
is
what
dim's
saying
is
like
it
might
not
be
perfect,
but
it's
also
sandbox.
So
you
know
when
we
go
to
incubation,
we
can
certainly
list
this
is
concerning
that
needs
to
be
fixed
prior
to
their
application.
Yeah.
C
A
E
A
E
E
Foreign
I
think
it's.
You
know.
These
are
both
implementations
of
Zanzibar,
both
derived
from
something
else
anyway,
and
we're
not
being
King
makers
about,
like
I.
Think
that
and
it's
I
mean
I-
think
that
yes,
he's
got
a
horrible
chunky
initial
commit,
but
it's
not
all
copied
from
supposed
to
be
by
any
means.
So
yeah,
I'm,
I'm,
okay,
with.
C
A
E
C
C
C
Of
them
now,
okay,
Carvel-
this
is
from
VMware
Carvel
is
a
project
that
kind
of
says:
hey.
Helm
is
not
the
only
thing
out
there.
There
is
a
few
other
patterns
that
might
be
better
than
hell.
Here
is
a
set
of
tools
that
work
well
together,
Unix
fashion,
you
know
for
you
to
build
up
your
deployment
package
thingy,
that's,
basically
what
I
got
out
of
this.
E
C
D
Yeah
I
think
an
easier
way
to
think
about
this
is
Helm.
Is
a
package
manager
in
the
traditional
sense
right,
yeah
you
it's
like
apt
or
Homebrew
or
yum,
or
any
of
these,
and
it's
designed
for
packages.
This
is
more
and
so
there's
a
lot
in
what
makes
a
package
manager.
This
is
a
bunch
of
tools
that
are
small
slices
of
things
that
you
can
use
Standalone
or
pipe
into
each
other
in
different
ways.
Yeah,
it's
a
different
way
of
working
with
your
stuff.
C
Yeah
so
the
unit,
what
each
of
these
does
and
the
K
app
controller
is
one
which
understands
what
a
package
is,
and
you
can
I
guess
you
can
do
an
update
to
newer
versions,
rollback
and
things
like
that
too.
So
it's
kind
of
like
gives
you
the
github's
model
there
I
think,
and
there
is
something
there's
a
controller
for
secret
generation
too.
C
So
the
thing
here
is
yeah:
they
also
have
something
where
they
can
understand.
They
can
migrate
home
packages
to
parallel
packages
as
well.
I,
don't
think
they
called
it
out
here-
and
there
is,
you
know
sufficiently
big
team
working
on
this,
and
they
want
to
now
come
here
and
see
if
they
can
do
more
stuff
in
the
community.
C
B
E
C
C
B
C
E
C
E
C
E
E
A
A
E
Labor
is
a
compiled,
Lima
was
thinking
about
joining
as
a
containerdy
subproject,
and
then
it
decided
the
sandbox
was
more
appropriate.
It's
I
mean
it
sounds
weird
as
a
cloud
native
project
is
this
project?
That's
for
creating
VMS
on
Macs,
but
the
I
mean
the
context.
Is
it's
for
building
part
of
it
took
it's
part
of
the
base
tool
thing
for
creating
development
environments
for
running
container
engines
on
Macs,
but
it
still
is
weird
that
it's
a
it's
basically
a
tool
for
running
VMS
on
Macs,
which
just.
D
C
D
I
can
talk
a
little
bit
about
this
if
you're
using
Rancher
desktop
on
Mac
or
Linux
you're,
actually
using
Lima
under
the
hood,
it
provides
a
better
user.
Well,
I
would
argue
a
better
a
graphical
user
experience
on
top
of
Lima,
with
a
bunch
of
additions
and
Lima,
primarily
targeted,
initially
container
D
and
nerdy
control
work,
nerdy
control
being
sub-project
under
container
D
and
it
expanded
as
people
wanted
to
do
more.
C
C
C
D
I
have
questions
about
this
one
anyway,
because
you
know:
are
they
submitting
everything
because
they
operate
a
registry
and
they
have
a
policy
client?
Are
they
just
submitting
a
client
or
are
they
submitting
the
client
and
registry
I
I
wasn't
clear
on
that
when
I
was
looking
at
this
and
if
they
want
to
keep
the
registry-
and
we
have
the
client
and
that's
something
to
call
into
question
so.