►
From YouTube: 2021-10-14 GitLab.com k8s migration APAC
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
A
Awesome
so,
graham
over
to
you
for
a
demo.
C
D
So
this
is
basically
a
test.
Gitlab
pages
website
john
set
up
in
pre-environment.
As
we
can
see.
You
know
this
is
loading
correctly.
It's
a
you
need
to
be
logged
in,
which
is
why
you
see
that
redirect
there.
If
I
refresh
this
a
few
times,
we
can
see
two
different
things.
D
We
should
see
some
metrics
coming
through
now
for
free,
no,
maybe
not
okay.
So
then.
C
D
C
D
Perfect,
if
we
go
here.
D
We
can
see
that
this
is
basically
the
requests
that
I'm
doing,
and
we
can
tell
that
usually
because
they
come
from
a
fedora
host
and
I'm
one
of
the
very
few
people
that
run
fedora
here.
So
we
can
see
that
these
requests
are
actually
going
to
the
container.
D
We
can
look
at
proxy
and
we
can
see
that
the
only
backend
now
is
pages
gke,
which
we
can
see
is
sending
the
traffic.
So
the
vms
are
no
longer
being
used
in
pre,
and
then
I
guess
the
final
thing
I
can
demonstrate
is
that
we
actually
are
getting
logs
into
elasticsearch.
C
D
Fedora,
linux
and
basically
that's
my
ip
as
well,
I'm
pretty
sure
so
yeah
we
can
basically
see
that
we've
got
logs
flowing.
We
in
terms
of
metrics
I'll
quickly
jump
back.
We
have
oh,
it
looks
like
we
do.
Have
this
ally
metrics
so
now,
but
they're
very
spotty,
probably
because
we've
got
this.
This
site
just
gets
such
a
small
amount
of
requests,
it's
very
hard
to
get
accurate
data,
but
yeah.
So
we
can
see
that
we've
got
you
know.
Metrics
we've
got
logs.
D
The
pages
app
seems
to
be
working
from
very,
very,
very
simple,
brief
tests,
and
so
that's
kind
of
the
status
of
where
we're
at
we're,
basically
more
or
less.
Unless
I
find
something
else,
that
kind
of
jumps
out
to
me
kind
of
happy
to
say
that
pages
and
pre
is
now
pretty
much
done
or
pretty
much
ready.
E
Yeah
I
had
a
couple
just
one
a
is
just
an
fyi.
It
is
a
good
mr
to
follow,
because
I'm
really
excited
about
having
rate
limiting
for
pages
and
we'll
have
to
see
when
this
lands
and
how
it
lines
up
with
the
kubernetes
migration.
You
know
we
might
need
to
make
some
a
helm
chart
update
for
this
as
well.
If
it
hasn't
been
done
yet
to
target
yeah.
D
Yeah,
so
I
looked
at
it
earlier,
we
can
toggle
it
on
and
off,
but
unfortunately
the
helm
charts
got
all
this
logic
hard-coded,
which
means
that
we're
gonna
have
to
get
possibly
chart
changes
done
because
it's
it's
like.
If
you
set
this
setting,
then
I'll
set
this
and
like
basically
there's
some
places
we
tell
pages
in
the
helm,
chart
it's
not
behind
a
proxy
and
then
there's
kind
of
some
places
we
do,
and
this
is
just
because
of
how
we
set
it
up
that
it's
not
just
exposed
directly
to
the
internet.
D
We
have
headshot
proxy,
so
all
of
the
smarts
they
put
in
the
helm
chart
like
the.
If
statements
on
the
config
map,
I
I
think
we
may
need
some
better
logic
or
like
a
the
option
to
force
override
or
something
like
that,
but
it's
there
in
the
helm
chart,
but
it
I
couldn't
get
away
to
get
the
options
that
we
needed
with
the
current
setup.
So
I
think
some
more
work
might
be
needed
there
from
okay.
D
E
Great
and
b
are:
did
you
just
copy
requests
and
limits
from
the
registry
service,
or
did
you
try
something
different
or
did
you
use
the
helm
defaults
or?
Is
that
still
like
a
dvd.
D
Good
question
so
skybeck
actually
got
the
pods
up
and
running,
so
I
haven't
actually
checked
that
I
was
doing
all
the
other
bits
around
it.
I
guess,
but
we
can
have
a
look
right.
C
D
The
only
thing
we
have
set
is
requests
of
50
milli
cpu.
So
it's
basically
we
don't
set
any
requests
or
limits
at
all
at
the
moment,
and
we
should
obviously
rectify
that.
I'm
not
familiar
enough
with
pages
to
know
what
we
should
set
that
to
I'll
have
to
go
and
have
a
look
at
the
vm
setup
and
see
how
that
works,
but
yeah,
that's
something
we
should
obviously
look
at.
E
B
E
B
But
it's
a
different
service
on
a
different
host
host
name.
So
there
are,
I
mean
the
reason
why
we,
lo
we
do
layer
four
proxies,
because
people
can
bring
their
own
certificate,
their
own
name
servers
and
things
like
that
yeah.
So
I
will
not
consider
that
the
same
way
as
we
consider
the
main
application,
but
in
theory
we
should
be
able
to
do
https,
so
not
layer
for
proxing
for
the
domain
we
own.
So
in
that
case
we
should.
F
B
For
for
the
first
iteration,
but
I
mean
at
least
in
the
staging
environment,
if
we
can
just
say,
95
percent
of
traffic
goes
to
cannery.
Five
percent
go
to
main,
because
I'm
I'm
really
thinking
in
what
I
want
to
have
the
the
main
stage,
the
canary
we
can
re-staging
being
more
taking
more
loads
than
the
main
stage.
E
Staging
so
I
think
what
you're
saying
is
like
for
hit
proxy.
We
create
a
new
front
end
for
gitlab.io,
which
is
you
know,
which
we
can
do
all
the
cookie
inspection
and
then
for
custom
domains.
B
I
think
it
should
work,
because
if
you
do
so
out
of
the
box,
it
is
doing
https
termination
for
both
for
everything
right.
So
the
gitlab
io
and
custom
domains.
But
I'm
quite
sure
that,
because
we
own
gitlab
io,
we
can
just
generate
an
extra
certificate
and
do
https
to
https
proxy
and
it
will
just
work.
A
You
two
are
going
to
have
to
put
an
issue
together
so
for
everyone
else
on
the
call
we
are,
we
are
preparing
to
reorder
the
auto
deploy
pipeline
and
this
will
give
us
better
coverage
for
the
mixed
deployment
testing
challenges
that
we're
facing.
A
E
Yeah,
okay,
those
are
all
my
questions.
How.
A
How
do
we
fit
that
stuff
in
so
it
sounds
like
for
that.
There's
some
decent
infra
changes
and
some
testing
on
pages.
Should
we
should
we
assume
that
pages
will
be
on
kubernetes
when
we
we
make
this
shift
over
and
actually
try
and
get
this
stuff
up
on
pre
right
now
and
test
it.
E
Pages
will
be
deployed
with
auto,
deploy
right,
yeah
yeah.
I
guess
I
think
we
should
yeah.
I
mean
like
if
we're
talking
like
that,
the
timing
of
creating
a
canary
for
pages,
I
think,
should
come
well.
I
guess
that
can
be
done
in
parallel
to
the
kubernetes
migration,
but
we
should
avoid
making
too
many
changes
at
once.
So
I
yeah,
I
don't
know
we.
B
We
just
start
the
migration
with
canary,
so
we
say
that
the
first
official.
E
E
I
that's
what
I
would
prefer
to
do,
but
I
think
like
creating
this
canary
for
pages
is
like
kind
of
a
big
task.
We
have
to
create
this
new
front
end
in
aj
proxy.
We
have
to
use
the
gitlab.,
you
know
with
the
gitlab.io
certificate
and
then
we
have
to
make
sure
that
it
still
works
with
pages.
So.
B
B
On
so
we
can
safely
test
on
this
specific
project
or
namespace
whatever,
and
this
would
be
an
extra
pages
running
there.
B
E
E
Rails
right,
like
it's,
stateless,
it's
stateless!
It
scales
up
quickly.
It's
all
these
things,
but
still
we
could.
I
think
it's
reasonable
for
us
to
create
the
canary
pages
with
five
percent
traffic
routing
and
if
we,
if
we're
okay
with
it
being
not
like
toggleable
by
users,
then
we'll
just
do
that
so
I'll
open
up
an
issue
for
that.
A
D
Yeah
I
mean
this
was
I
kind
of
realized.
Maybe
people
have
already.
D
Yeah
sure,
okay,
let
me
just
quickly
show
from
let's
say
one
of
the
pipelines
auto
deploy
pipelines
today.
So
for
those
of
you
unaware,
we
finally
have
some
kind
of
visibility
back
into
our
kubernetes
deployments,
just
trying
to
find
one.
That's
maybe
this
one
non-prod
canary,
let's
see.
D
C
D
There
we
go
cool
there,
we
go
so
you
can
see
here
now
we're
actually
getting
a
basically
a
log
of
you
know,
using
just
plain
old
cube,
ctl
rollout
status
behind
the
scenes
to
basically
just
kind
of
give
us
an
update
on
what's
going
on
during
the
deployment.
So
this
will
happen
in
real
time.
It'll
just
say
you
know,
I'm
waiting
for
this
to
pat
I'm
waiting
for
new
pods
to
come
up,
I'm
waiting
for
old
pods
to
come.
D
You
know
to
be
terminated
and
just
basically
give
you
an
idea
into
what's
going
on.
It's
not
the
best
solution.
By
far
it's
got
some
rough
edges,
but
at
least
it
gives
us
something
it's
better
than
better
than
nothing.
To
be
perfectly
honest.
Rollout
status
as
well
has
got
some
interesting
idiosyncrasies
to
it
in
that
it
won't
necessarily
make
it
clear
if
a
pot
is
crash.
Looping
like
it
won't
just
be
like.
D
I
see
a
pug
crash,
looping
and
bubble
that
up
you'll
just
basically
see
the
replicas
haven't
progressed,
and
things
like
that.
So
this
is
by
no
means
the
most
ideal
solution
and
we're
still
using
essentially
helm's
logic
to
determine
if
a
release
is
is
if
an
applies
successful
and
to
roll
back,
if
it's
not
but
yeah,
but
at
least
we
have
something
to
watch
now.
If
you
ever
want
to
jump
into
one
of
these
while
you're
doing
your
deploy.
F
E
The
risk
is
that
well,
the
risk
is
that,
if
for
other
canary
deployments,
people
have
the
option
of
setting
the
cookie
to
say
true
or
false,
it's
like
gitlab
underscore
canary
equals,
true
or
gitlab
canary
equals
false,
and
you
can
set
this
there's
a
web
interface
for
setting
this
on
next.getlab.com.
E
That
allows
you
to
that.
That
allows
you
to
opt
in
or
out
of
the
canary.
For
other
reasons,
I
won't
go
into
that's
not
really
working,
because
we
do
this
percentage
routing
and
we're
trying
to
fix
that.
But
in
any
case,
because
you
know
because
aj
proxy
is
layer
four
for
pages,
it's
a
tcp
load,
balancer,
there's
no
way
for
us
to
inspect
a
cookie.
So
there
would
be
no
way
for
us
to
allow
users
to
opt
out
of
canary
and
that's
that's
the
reason.
Does
that
make
sense.
B
C
B
E
A
Cool
awesome,
cool,
okay
and
then
one
last
thing
I
just
wanted
to
mention
was
so
as
part
of
the
kubernetes
migration
working
group.
We've
been
kind
of
coordinating,
so
it's
represented
in
there.
We
go
along
and
talk
about
kubernetes.
Of
course,
distribution
are
there,
and
quality
are
very
involved
as
well
as
random.
We
sometimes
get
random
people
from
development.
A
So
right
now
we
have
people
from
pages
are
joining
us,
but
one
thing
we've
been
talking
about,
is
kind
of
preparing
for
a
gitly
and
profit
migrations
and
there's
been
kind
of
firms.
Requests
for
testing,
so
quality
will
lead
on
that
and
they're
going
to
test
out.
Basically,
what
happens
like
is
giddally
possible
to
migrate.
A
What's
the
impact
on
gitli,
if
that
happens,
and
also
perfect
now,
when
we
went
through
this
a
few
months
ago,
there
was
a
kind
of
assumption,
as
we
came
out,
that
gidley
was
going
to
be
really
hard
and
that
profit
would
be
really
easy
and
was
ready
to
go
and,
as
we
have
discussed
this
more,
it
has
been
pointed
out.
That
actually
perfect
cannot
be
migrated
right
now,
because
the
chart
is
in
beta,
so
distribution
don't
have
time
to
help
us
work
on
this
prioritize
this.
A
So
this
is
a
known
blocker
for
the
perfect
migration
and
quality,
and
now
going
to
go
back
and
test
gitly.
One
of
the
slight
complexities
was
that
what
people
don't
think
is
possible,
which
will
have
to
be
possible,
is
whether
you
can
have
a
hybrid.
A
So
we
would
have
to
have
this
possible
because
of
the
way
we
do
our
rollouts
anyway,
but
actually,
what
we're
also
now
saying
is
that
prefect
would
not
be
on
getting
on
kubernetes
and
gitly
potentially
would
be
so.
Quality
are
going
to
do
some
testing
and
see
what
what
that
looks
like
and
see
what
the
impact
is
and
whether
that's
actually
possible,
but
I
think
from
our
side,
like
I
very
much
doubt
either
of
these
will
be
ready
for
us
to
consider
migrating
for
for
some
time.
Alessia
go
ahead.
B
A
Yeah,
so
I
mean
I
think
it's
just
simply.
I
know
we
make
a
lot
of
changes
to
things
as
we
as
we
do
the
migration,
so
certainly
we
will
be
contributing
that
way.
I
think
it
was
more
of
a
it's
more
of
an
indicator
that
other
teams
are
not
not
comfortable
with
things
being
ready
for
us
to
go
ahead.
B
A
Yes,
so
we'll
keep.
This
is
not
a
kind
of
wrapped
up
final
like
status,
but
as
it
as
it
stands
right
now
like
I,
I
would
not
be
suggesting
we
attempt
to
touch
either
of
these
two
in
q4.
A
Cool
great
is
there
anything
else,
people
want
to
bring
up.
F
Thank
you.
I
was
just
just
observing
and
being
quiet.
There
was
something
that
I
wanted
to
ask,
but
I
didn't
want
to
deviate
the
conversation.
Okay.
Regarding
pages,
it's
not
being
fronted
by
call
foreign
right-
and
this
is
we
are
doing
layer
4,
because
the
customers
are
providing
other
certificates.
F
But
I
was
wondering
because
co-op
for
now
can
do
advanced
certificate
management,
and
it
can
also
issue,
let's
encrypt,
so
we
could
actually
front
pages
with
software
whilst
providing
certificates
for
the
customers,
which
will
give
us
much
more
flexible
flexibility
on
whether
we
want
to
do
canary
or
not.
In
the
background.
E
A
B
Yeah,
there's
also
another
point
that
maybe
wasn't
wasn't
considered
and
from
someone
living
in
europe.
Using
pages
is
already
a
pain
in
terms
of
gdpr
compliance,
and
you
kind
of
can
deal
this
describing
that
you
are
running
in
these
things
and
you
point
to
the
the
gitlab
terms
of
service
for
things
like
that.
But
if
you
put
even
another
extra
layer
on
top
of
that,
that's
kind.
Basically,
you
think
that
you're
you're
providing
your
certificate
and
that
everything
is
say,
is
trusted
between
the
client
and
github
servers.
B
B
D
A
little
bit,
I
think
that
the
bigger
thing
is
just
basic
rate,
limiting
like
definitely
like
protection
from
the
like
full
scale
like
a
full
scale.
Attack
and
stuff
would
be
great.
I
mean
it'd
be
great
to
have
cloud
play
in
front
of
it.
There's
definitely
would
be
great
to
do
it.
It's
it's
just
the
time
and
effort
and
really
with
for
the
from
the
product
perspective.
We
would
have
to
basically
do
work
in
pages
to
talk
to
cloudflare's
apis,
to
do
all
that
and
make
it
smoother.
D
It'd
have
to
be
become
a
functionality
in
the
product,
it's
something
we
couldn't
switch
out,
and
I
I
like
there's
an
epic.
I
think
people
want
to
do
it,
it's
just
finding
the
time
to
to
do
it
in
that
trade-off,
but
yeah.
I
think
the
big
thing,
the
big
thing
we
suffer
from
more
than
anything
is
just
people
actually
using
abusing
it
like
deliberately
they're
like
I'll
put
something
like
a
android
apk
to
download
on
gitlab
pages,
and
then
we
get
like
you
know.
D
Thousands
of
requests
and
cloudflare
would
help
us
with
that
a
little
bit.
Definitely
we
could
use
cloudcaching
because
a
lot
of
the
top
content
should
be
static
and
but
yeah,
I
think
it's
just
doing
those
technical
pieces
to
make
it
work.
A
I
think
it
probably
was
previously.
I
am
like
I
think,
last
year.
Maybe
there
was
a
discussion.
I
think
it's
with
the
whole
migration
and
everything
I
think
it's
here
to
stay
it.
It
serves,
serves
a
purpose
I
am,
I
saw
it
mentioned
on
the
we
have
the
kind
of
product
view
of
like
how
of
the
loved
status
it's
on
there
and
it's
kind
of
in
the
in
between,
like
it's
not
not
loved,
but
I
think
I
won't
be
surprised
if
it
gets
built
out
further
in
the
future.