►
From YouTube: 2020-08-21 GitLab.com k8s migration EMEA
Description
Reviewing migration blockers and production readiness plan for WebSocket and Git https nodes on Kubernetes
A
B
A
B
Looks
like
we've
had
some
good
progress,
so
the
first
attempt
at
the
live
traces
on
production
has
been
completed.
Just
added
the
note
there.
So
it
looks
like
it
was
fine,
but
there's
some
follow-up.
So
there's
a
couple
of
follow-up
issues
for
this
one.
A
Yeah
I
haven't
been
following
it
closely:
what's
the
follow-up
issue
or
what's
the
what's,
the
dldr
of
this.
B
So
I
think
the
structure.
B
Yeah,
hopefully
yeah
they
both
got
13.4
on
them
so
yeah.
Hopefully
that
will
just
go
ahead
nicely
yeah
at
what
point
do
we
we're
not
like
immediately
blocked
for
those?
Are
we
that's
as
we
move
more
towards
the
web
stuff?
Is
that
right.
A
B
Great
okay,
nice,
that's
good,
good,
start
cool
and
then
the
support
for
dependency
proxy
is
closed.
It's
got
a
13.3
milestone
on
it.
A
B
That's
good
the
remove
nfs
dependency
for
pages.
I've
just
dropped
in
an
update
here
for
the
sidekick
stuff.
That's
from
what
rachel
had
yesterday
in
the
sas
meeting.
A
I
have
a
bunch
of
new
ones
that
we
need
to
add,
so
let's
just
go
ahead
and
start
adding
them.
So
first.
A
B
Yes,
there's
a
comment
from
yesterday:
I
think
jesse
put
it
on
it.
Doesn't
it
still
doesn't
look
yeah
from
this
day,
it
still
doesn't
look
like
it's
a
good
idea
for
how
that
would
be
solved,
but
it's
still
being
reviewed.
At
least
cool
logging
is
great
and
I've
added
on
the
catch-all,
email,
config
stuff
as
well
so.
A
Costume,
never
ending
right.
So
first
is
proxy
request:
buffering
blocker
for
web
api.
A
A
So
that's
that's
good.
B
A
Yeah
trying
to
look
at
what
other
things
I'm
sure
my
screen.
A
So
this
is
related
to
live
traces.
I
guess
for
camille
proxy
requests.
Buffering
is
what
we
just
talked
about
service
desk.
You
have
that
incoming
mail,
you
have
it.
This
is
the
nginx
one
of
the
issues,
but
I
think
this
is
this
is
what
I'm
proposing
for
reducing
the
amount
of
crosshairs
across
daisy
traffic.
A
A
I
don't
know
if
this,
so
we
can
link
to
this
one
too.
A
A
A
A
A
I
think
whether
or
not
like,
even
if
we
create
the
sidecar,
we
still
have
this
problem
unless,
if
we
use
a
local
like
a
unix
socket
or
something-
and
we
just
need-
probably
I
don't
know
should
we
get
secured,
I'm
afraid
to
get
security
involved.
You
know,
but
maybe
that's
what
we
need
to
do.
A
B
Yeah,
I
think
we
should
probably
should
do
you
know
if,
assuming
if
they
come
back
and
say
yes,
it
should
be
encrypted.
Does
that
cause
us
big
problems
like
do?
We
know
how.
A
God
I
mean
like
what
workhorse
doesn't
support,
tls
so
outside
of
adding
dls
support
to
workhorse,
which
is
not
going
to
go
over
well,
it
might
be
using
like
a
local
socket
instead,
but.
B
A
Like
you
still
have
the
probably
the
same
problem,
maybe
we
just
need
to
like
document
this
and
move
on.
I
don't
know
like
it's.
It's
I
think
it's
a
bit.
A
You
know
it's
like
it's
like
a
bit
worse.
I
think,
because
nginx
and
you
know,
nginx
and
web
service
are
running
on
two
different
nodes
and
we
have
a
small
number.
I
don't
know
it
seems.
Like
I
mean
we
have
a
small
number
of
nginx
pods
that
are
servicing
all
the
traffic
and
then
they're
forwarding
to
they're
fanning
out
these
web
service.
A
A
B
Yeah
definitely
like
how
do
we
move
that
one
forward,
as
long
as
we
can
see
igor,
has
added
some
comments
and
yeah
back
to
graham
but
like
who?
Who
does
this
fall
to
like?
Is
this
a
like
infrastructure
as
a
whole
type
of
question
like
or
who
should
make
a
call
on
this.
A
I
think
I
think,
for
one
it's
it's
probably
not
gonna
block
canary.
Well,
it
shouldn't
block
canary.
I
don't.
I
don't
see
it
by
causing
that
much
a
problem
for
that,
but
yeah.
We
need
to
decide
whether
we're
we're
okay
taking
on
the
extra
cost
or
whether
we
want
to
my
proposal
was
to
run
nginx
as
a
side
car
and
that
would
at
least
keep
nginx
close
closer
to
the.
A
Pod,
that
means
we
go
from
3x
to
2x,
which
is
a
bit
better
and.
B
B
A
So
yeah,
let's
see
where
this
side
conversation,
how
you
know,
let's
see.
A
It
might
be
a
bit
hairy
in
the
charts,
but
I
don't
know
like
I
see.
No
other
downside.
I
don't
see
anything
like
I'm,
not
sure
why
I
was
looking
through
the
charts
to
figure
out
why
they
decided
to
do
it
this
way.
B
B
A
A
Configuration
audit
what
I'm
doing
here
is.
I
I
spun
out
the
nginx
configuration
audit
into
a
separate
issue.
As
you
see
here,
I
think
we're
pretty
much
done
with
this.
I
did
make
some
changes
out
of
it,
which
was
to.
A
I
finished
this
so
this
is
done.
I
just
need
to
confirm
it's
working,
so
so
really
we're
actually
like.
I
know
I
keep
on
saying
this,
but
we're
ready
to
go
to
canary
it's
just
that.
We
had
a
whole
bunch
of
little
small
issues
yesterday
and
this
morning
that
I
had
to
work
through.
So
I
guess
like
to
my
current
knowledge
in
this
moment
in
time,
there's
nothing
that
prevents
us
from
preparing
the
change
issue
and
getting
to
canary.
A
But
it's
actually
this
this
production
reviews
review.
I
was
a
little
hesitant
to
do
it
at
first,
but
it
actually
really
helped
and.
A
We
really
were
able
to
figure
out
some
things
like
this
nginx
stuff
came
out
of
it.
This
network
stuff
came
out
of
it,
so
I
think
in
hindsight
I
think
it
was
good
that
we
spent
a
little
bit
of
extra
time.
B
A
B
A
Cool
okay,
so
I
think
that's
it
sadly
no
canary
today,
but
it
sounds
like
we'll
be
in
we'll
be
positioned
to
do
this
monday.
When
is.
B
B
It's
next
wednesday,
so
so
I
was
gonna
I'll
link
the
slides
into
the
to
delivery,
but
they'll
start
being
shared
around
the
end
of
monday.
So.
A
A
A
I
really
like
this
diagram
because
it
shows
the
the
green
for
for
migrating
https.
First,
it
gives
you
a
big
picture
of
the
cluster
and
everything
we
have
running
in
it
and
the
things
that
are
colored
green
are
the
new
things
for
git
https,
as
well
as
the
new
dependencies
outside
of
the
cluster
for
get
https.
A
So
the
ones
highlighted
in
blue
are
things
that
exist
in
virtual
machines,
but
new
things
that
we
depend
on.
For
example,
we
depend
on
the
console
cluster.
Now
we
depend
on
the
replicas,
which
is
new
and-
and
we
now
depend
on,
like
the
load
balancer
the
aj
proxy,
for
these
back
ends.
So
I
don't
know
we
could
possibly
incorporate
that
into
the
group.
Conversation
slide
or
at
least
point
to
the
readiness
talk.
B
B
On
the
handbook,
you
know
the
kind
of
clustering.
A
A
It
would
be
cool,
though
yeah,
but
anyway,
a
diagram
like
this
would
be
would
be
nice.
I
have
something
similar
in
the
handbook,
but
it
doesn't
go
into
this
level
of
detail,
although
this
is
very
specific
to
the
https
git
migration,
but
it's
just
nice
to
see
like
what
we're
adding.
B
Yeah,
okay,
cool
I'll,
see
if
I
can
fit
that
in
yeah,
it's
nice
cool,
so
in
terms
of
pushing
blockers
and
things
through
I'll
leave
you
to
do
the
sidecar
engine
stuff.
B
And
what
else
do
we
need
to
be
pushing
on
a
lot
of
this
stuff's
just
moving
itself,
which
is
great?
Oh,
I
suppose,
there's
this
unencrypted
stuff.
A
Yeah,
do
you
want
to
try
talking
to
security
about
that,
or
at
least
at
least
bring
it
up
to
them?
And
I
can
I
can
be
part
of
the
conversation
as
well.
Maybe
maybe
we
should
talk
to
distribution.
First,
okay,
get
their
feedback,
and
then
we
can
move
to
security
if
they're,
if
they
can
confirm
what
I'm
saying.