►
From YouTube: Kubernetes SIG API Machinery 20201007
Description
- [jdetiber] Demo / discuss https://github.com/thetirefire/badidea
- [jqmichael] Quick follow up on the discussion from July 15th 2020, “exclusion-based options to webhook configuration”.
- [soltysh] Aliases for related resources https://github.com/kubernetes/kubernetes/issues/95280
A
We
are
recording,
we
are
live
hello.
Everybody
thank
you
for
joining
us
today
in
the
kubernetes
sea,
apa
machinery
meeting.
We
have
a
very
nice
agenda
today
is
october
7th
2020,
this
wonderful
2020.,
so
I'm
presenting
the
agenda.
I
will
stop
presenting
to
allow
our
first
presenter
today,
jason,
to
give
us
a
demo
of
something
called
they've
been
working
on.
Give
me
a
second
and
stop
recording
these.
I
know
stop
presenting
okay,
all
yours.
B
All
right,
so,
hopefully
that's
coming
through
right
now,
yes,
so,
to
give
a
brief
overview,
I
decided
to
throw
out
a
crazy
idea
on
twitter.
A
few
weeks
ago,
I've
been
working
on
a
project
called
tinkerbell.
That's
you
know
trying
to
bring
kind
of
like
cloud-native
infrastructure
management
into
the
data
center,
and
one
of
the
things
that
we
started
doing
is.
Is
we
wanted
to
try
to
implement
an
event-driven
workflow
and
some
of
the
things
that
we
started
implementing?
B
For
that
reminded
me
a
lot
of
kubernetes
and-
and
I
kind
of
wish
we
could
just
reuse
some
of
the
kubernetes
api
machinery
and
stuff
to
kind
of
implement
some
of
the
things
that
we
were
doing
and
that
brought
me
down
this
whole
rabbit
hole
of
you
know.
Would
it
be
possible
to
build
a
minimally
viable
and
embeddable
api
server?
B
That
has
just
enough
components
to
be
able
to
host
and
manage
crd
type
resources-
and
I
know
folks
have
talked
about
that
various
times
over
the
past
couple
of
years,
but
I
had
trouble
finding
any
actual
concrete
implementations
of
it.
So
what
I'm
presenting
today
is
basically
the
kind
of
proof
of
concept
type
work.
I've
been
doing
about
trying
to
actually
do
the
thing,
and
you
know.
Basically,
what
is
the
goal
you
know
be
able
to
embed
a
minimal
api
servers
capable
of
supporting
crds
into
a
standalone
application.
B
I
also
wanted
to
try
to
avoid
vendoring
any
libraries
or
importing
anything
from
kubernetes
kubernetes,
because
you
know
once
you
do,
that
you
get
into
this
whole
big
thing
where
you
have
to
kind
of
lock
all
the
dependencies
in
the
go
mod
file,
and
it's
just
not
very
friendly
for
people
to
kind
of
manage
those
types
of
projects,
and
you
know
basically
just
try
to
do
a
proof
of
concept
to
prove
if
it
was
even
feasible
or
possible
to
do
some
of
the
other
minor
goals
that
I
had
was
to
try
to
avoid
reinventing
any
unnecessary
wheels.
B
I
I
didn't
want
to
have
to
recreate
and
duplicate
code
from
upstream,
if
at
all
possible,
I'd
like
to
use
what's
already
there
and
available
where
wherever
I
can
also
because
this
is
embedding
into
an
application,
I
want
to
avoid
exposing
a
necessary
port.
So
you
know
in
the
example
that
I'll
be
showing
in
a
little
bit.
It
actually
runs
that
cd
and
it
runs
the
aggregated
api
server
and-
and
I
didn't
want
all
of
these
things
to
actually
have
separate
http
endpoints.
B
I
want
to
be
able
to
take
advantage
of
some
of
the
delegation
services
that
are
available
and
there
are
two
main
use
cases
that
I
have
in
mind.
B
One
is
a
standalone
use
case
where
there
will
never
be
a
need
for
an
external
kubernetes
server
and
kubernetes
offers
way
too
many
things
that
you
might
not
actually
need
for
the
application
that
you're
building
and
then
the
other,
the
other
one
is
kind
of
like
a
bootstrapping
use
case,
where
it
would
be
great
to
use
kubernetes
once
it's
available,
but
in
the
case
of
infrastructure
software
and
trying
to
recover
from
say,
like
a
data
center
outage,
I
wanted
to
avoid
the
whole
chicken
and
next
scenario
of
having
to
have
a
kubernetes
cluster
up
before
you
can
actually
get
your
infrastructure
management.
B
B
You
know
it's
more,
like
kind
of
the
kubernetes
the
hard
way
of
api
servers,
it
would
be
possible
to
build
something
using
this,
but
it's
not
very
user
friendly
and
I've
really
grown
to
like
the
crd
type
tooling,
that
we
have
where
it's
really
simple,
to
define
the
types.
It's
really
simple
to
define.
You
know
the
applications,
it's
not
necessarily
tied
to
go.
Go-Based
implementations.
B
It
has
a
lot
of
nice
tooling,
but
it's
still
kind
of
tied
around
the
you
know:
command-based
architecture,
where
it's
like
you,
you
get
a
cobra
command
and
you
run
the
cobra
command
and
kind
of
the
same
with
api
server.
Runtime,
and
you
know
I'd
really
love
to
be
able
to
leverage
some
of
the
cue
builder
tooling.
But
you
know
that
kind
of
assumes
that
you
already
have
the
kubernetes
cluster
up
and
running.
B
So
and
then
you
know,
then
it's
like
okay.
Can
I
dig
into
the
underlying
libraries
and
one
of
the
first
things
that
I
found
is
that
there's
a
lot
of
verbosity
in
trying
to
use
the
underlying
libraries
directly
so
it
it
doesn't
really
seem
like
a
feasible
way
to
tell
people
to
kind
of
like
implement
this
on
their
own
there's
a
lot
of
replicated
configuration,
especially
when
you
talk
about
delegated
api
servers.
You
know,
there's
you
know
you
have
to
pass
some
common
config
among
all
of
them.
There's
separate
config.
B
That
needs
to
be
done.
It
there's
a
lot
of
complexity
there,
and
all
of
this
is
really
highly
tied
to
cobra.
You
know
you,
you
define
the
options
and
then
you
complete
the
options,
and
then
you,
you
know
take
it
that
and
you
input
that
into
the
config.
Then
you
complete
the
config
and
then
it
goes
into
the
command
and
and
so
forth,
and
and
I
wanted
to
try
to
kind
of
see
if
I
can
focus
on
a
more.
B
You
know
api
native
model
and
you
know
quite
a
bit
of
the
functionality,
especially
when
you
get
into
like
the
delegated
api
server
bits.
All
of
that
functionality
generally
lives
in
kk
and
it
gets
back
into
that
same
issue
of
vendor
and
then
kk
and
you
know,
even
if
you
could
vendor
it
in
and
it
wasn't
in
kk.
B
All
right
and
and
over
here
I've
already
built
kind
of
the
binary
for
this,
so
I
can
just
go
ahead
and
run
it
and
if
I
run
this,
it's
starting
up
at
cd,
it's
starting
up
the
aggregated
api
server
and
starting
up
the
api
extension
server
and
if
I
start
a
new
window
and
I'm
just
going
to
copy
and
paste
this
to
not
have
to
remember
all
of
it.
B
If
I
list
out
the
api
resources
currently,
the
only
things
that
are
exposed
right
now
are
api
services
and
custom
resource
definitions.
Obviously,
there's
going
to
be
need
to
be
more
implemented
to
fully
support.
You
know
non-trivial
crds,
but
this
was
enough
to
get
things
up
and
running
and
just
prove
that
I
could
run
the
minimal
server
needed
to
just
support.
B
Cluster-Scoped
crds
and
I've
kind
of
stolen,
a
couple
of
examples
directly
out
of
the
queue
builder
examples.
So
just
a
simple
cluster
scoped,
crd
definition.
I
can
create
this.
B
And
if
I
go
back
in
api
resources,
I
do
see
the
admiral
resource
there
and
if
I
wanted
to
create
one
again,
just
strictly
out
of
the
queue
builder
examples
I
can.
B
There
we
go,
I
don't
know
what
happened
in
that
other
window,
but
if
I
do
a
get,
I
actually
see
that
the
resource
is
there
and
you
know
populated
the
way
that
I
expect
it
to
be
so
from
the
basis
of
a
you
know,
single
version
stored
crd,
that
is,
cluster
scoped.
This
project
is
already
functional
and
let
me
switch.
B
B
And
I
apologize
if
anybody's
I
saw
that
there
were
some
things
in
the
comments,
but
I'm
not
able
to
kind
of
see
that
right
now
because
lovelyzoom,
but
you
know
with
that
demo
out
of
the
way
you
know,
what's
kind
of
missing
configurability
of
pretty
much
everything
at
the
moment
everything
is
kind
of
hard-coded
around
an
embedded
xtd,
that's
listening
on
a
unix
port
and
you
know
everything's
tied
to
kind
of
self-signed
certificates,
all
of
that
stuff,
so
so,
ideally
being
able
to
expose
configuration.
B
There
would
be
great
what
I've
kind
of
taken
to
call
in
like
the
core
core
components:
the
the
bits
that
are
needed
out
of
core
just
to
support
the
crds.
So
far
I
know
there's
going
to
be
namespaces
support.
I've
already
started
working
on
that,
hopefully
I'll
be
able
to
sort
that
out
soon.
Rbac
will
definitely
be
needed
because
you
know,
if
you're
going
to
invent
this
in
your
application.
B
You
want
to
have
some
type
of
security
model
and
it
seems
decent
to
be
able
to
leverage
our
back
where
possible,
config
maps,
possibly
secrets
and
then
something
to
support
the
defaulting,
validation
and
conversion
web
hooks,
because,
ideally,
you
know
be
able
to
leverage
the
the
tooling
you
know,
so
something
will
have
to
be
figured
out
there.
How
to
work
around
the
services.
B
To
you
know,
support
only
externally
hosted
things,
but
you
know
that's,
that's
probably
going
to
be
the
biggest
challenge
around
making
this
project
viable,
and
you
know
kind
of
the
keystone
is
going
to
be.
You
know,
can
we
be
able
to
run
a
non-deploy?
B
You
know
the
non-deployment
related
components
of
a
kind
of
non-trivial
crd-based
project,
and
I
just
kind
of
picked
cert
manager,
out
of
the
hat,
for
that
and
and
if
it's
possible
to
run
cert
manager
with
the
deployment
based
components
the
web
hooks
outside
of
you
know
this
api
server
are
the
components
actually
functional.
I
feel
like
that's
a
good
kind
of
test
and
the
last
bit.
You
know
part
of
the
reason
why
I
started
looking
into
this
was
the
whole
idea
of.
B
B
Any
clients
for
your
application
are
talking
directly
to
your
service,
but
then
you
know
once
you've
bootstrapped
a
kubernetes
cluster.
You
know
the
idea
is:
is
this
should
be
able
to
reach
out
to
that
kubernetes
cluster?
It
should
be
able
to
sync
kind
of
the
resources
that
it
knows
about
and
do
that
at
an
api
server
level
rather
than
you
know,
trying
to
do
eight
std
synchronization,
because
then
you
have
to
worry
about
you
know,
is
the
storage
version
between
you
know
the
ap,
this
embedded
api
server
and
the
kubernetes
cluster.
B
That's
running
the
same.
You
know
try
to
throw
all
of
that
out.
Just
api
server
based
sync
of
the
actual
resources
that
this
service
knows
about
and
and
avoid
any
of
the
other
various
kubernetes
types
that
the
actual
kubernetes
cluster
may
know
about,
and
then
once
things
are
synchronized
you
know
it
doesn't
make
a
lot
of
sense
to
have.
The
client
need
to
know
that
there's
two
different
endpoints
to
talk
to
you
know.
Oh
for
boot
trapping
purposes,
I
need
to
talk
directly
to
the
service,
but
then,
if
kubernetes
available,
should
I
talk
to
kubernete?
B
You
know
trying
to
put
that
logic
into
the
client
seems
a
little
crazy.
So
I
have
the
idea
that
we
should
be
able
to
continue
to
proxy
requests
through
to
the
kubernetes
cluster
when
it's
available,
so
the
kubernetes
cluster
itself
is
kind
of
the
record
of
origin
and
the
client
is
still
talking
to
our
service,
but
instead
of
communicating
directly
with
the
embedded
api
server.
That's
you
know
just
through
the
process.
You
know
worrying
about
the
process
of
syncing.
B
C
This
is
pretty
cool,
I
think
you
actually
accidentally
or
maybe
on
purpose
covered
all
the
most
of
the
stuff
in
the
the
chat
already,
I
think
one
thing
you
didn't
mention
was
mutating
and
validating
web
books.
What
do
you
think
about
those.
B
Yeah,
I
think
that
gets
into
some
of
the
same
challenges
around
the
deployment
components.
I
think
you
know
I
haven't
really
dove
too
deep
into
that,
because
I
you
know
I
was
trying
to
prove
out
just
the
initial
components.
To
start
with,
and
the
name
spaces
have
kind
of
been
kicking
my
butt
a
little
bit,
because
some
of
that
code
needs
to
be
replicated.
B
There
are
additional
controllers
involved
that
I
need
to
bring
in
there
and
it
highlighted
some
ways
that
I
was
bootstrapping
the
delegation
services
wrong
and
I'm
trying
to
have
to
fix
that
so
that
I
have
informers
available
so
that
when
admission
comes
up-
and
you
know
the
namespace
admission
controller,
all
of
that
stuff
is.
D
B
Properly,
you
know
it's
taking
a
little
bit
because,
because
it's
almost
like
having
to
figure
stuff
out
on
the
fly
a
little
bit.
C
Yeah,
I
I
I
have
a
bunch
of
thoughts.
All
my
first
one
is
is
actually,
I
think
you've
got
two
ideas
here.
The
the
second
one
is
you're,
actually
talking
about
a
right
through
cache,
almost
right.
It's
like
people
have
asked
us
to
do
that
for
cubelet
right
like
make
it
functional,
even
when
the
control
plane
is
not
there
and
yeah.
It
hasn't
worked
so
far.
C
E
About
just
want
to
share,
but
make
sure
to
understand
the
idea
here
when
you're
talking
about
adding
namespace
support.
Do
you
see
the
namespaces
present
in
the
little
crd
server
that
you
made
as
consistent
with
the
namespaces
in
the
kubernetes
cluster
that
you're
attaching
it
to,
or
do
you
see
them
as
distinct
just
so
that
I
make
sure
we're
talking
about
the
same
thing.
B
I
haven't
gotten
that
far
down
the
rabbit
hole,
yet
you
know
that
and-
and
there's
gonna
be-
you
know
some
level
of
complexity
here
in
that
you
know,
I
I
feel,
like
anything,
that
you
know
we're
worrying
about
on
the
scale
of
synchronizing
with
the
external
cluster
is
going
to
be
a
subset
of
what
exists
on
the
cluster,
so
I
would
likely
say
that
we
would
only
care
about.
E
B
Yeah,
I
think
the
sync
sets
for
this
use
case
are
are
likely
fine,
like
I
said,
like
the
idea
here,
like
there's,
really
two
use
cases
in
mind
because
we
are
taught
like
this
came
about,
because
I
don't
know
if
I
mentioned
the
project
the
tinkerbell
project,
trying
to
do
infrastructure
management
and
be
able
to
handle
like
the
disaster
recovery
scenarios
and
having
a
hard
dependency
on
kubernetes.
There
doesn't
necessarily
make
sense,
but
there's
going
to
be
a
lot
of
people
who
will
also
be
using
kubernetes.
B
So
if
kubernetes
is
there,
it
would
be
great
to
leverage
kubernetes
where
possible,
but
we're
going
to
have
some
folks
that
don't
ever
want
to
use
kubernetes,
so
that
standalone
use
case
is
kind
of
important
for
us
too.
All
right
so.
C
I
was
just
going
to
ask
one
more
one
more
thing
this
is
just
getting
back
to.
This
is
close
to
what
david
was
asking
about
when
you're
talking
about
adding
namespaces
and
some
of
the
other
things
you
mentioned.
C
C
B
So
from
my
perspective,
you
know
one
of
the
things
I
mentioned
there
is,
I
really
don't
want
to
have
to
reinvent
too
many
wheels
and
I
don't
want
to
have
to
manage
too
much
stuff.
So
I
would
be
more
than
happy
to
work
with
y'all
to
try
to
refactor
some
of
this
stuff
out
to
a
more
consumable
state
if
the
group
is
open
to
it
for
sure.
C
Yeah,
because
the
aggregator
and
the
extensions
api
server
are
fairly
reasonable
to
consume,
like
as
as
they
are,
it's
actually
the
built-ins
one
that
is
not
reasonable
at
all
to
consume,
because
it's
all
like
mashed
together.
So
this
is
kind
of
a
question
to
david,
like
like
yeah.
What
do
you
think
about
this.
E
So
I
like
the
idea
of
this
project,
I
like
the
idea
of
building
up
to
it
and
not
building
down
from
it
right,
so
I
I'm
supportive
of
the
idea
of
trying
to
build
a
server
up
to
provide
the
functionality
that
you
want.
I
don't
want
to
try
to
take
a
cube
api
server
and
turn
things
off.
That
would
make
me
pretty
unhappy
because
I
think
risk
wise.
We
would
have
an
accent
I
would
like
to
before
fully
endorsing
it.
E
The
name
spaces
are
weird
they're,
so
old
here
when
you
go
in
and
try
to
delete
them
and
finalize
them,
you
have
a
lot
of
logic
around
how
they
work.
It's
all
built
around
these
internal
types,
to
provide
validation
for
the
types
that
you're
going
to
be
using,
and
I
guess
I'm
probably
of
the
opinion
that
at
this
point,
people
are
used
to
external
types
enough.
E
C
I
think
it
would
be
interesting
for
all
the
like
if
you're
running,
like
david
suggested
as
like
just
inside
a
namespace
in
an
enclosing
cluster,
it
might
be
useful
to
hook
up
all
of
the
like,
far
back
and
cert
stuff
to
the
enclosing
cluster,
so
that
you
just
get
all
of
that
stuff
for
free
that
doesn't
get
the
other
that
doesn't
get
the
like.
C
E
Imagine
a
use
case,
though
daniel
of
one
that
that
I
may
or
may
not
have
heard
of
from
somewhere,
but
an
idea
where
you
want
to
have
crds,
because
they
give
you
good
capabilities
and
good
libraries
for
writing
controllers.
E
E
I
don't
know,
maybe
machines,
imagine
you're
you're
running
some
service
that
provides
physical
machines
and
you
want,
because
for
groups
of
those
physical
machines,
you
don't
want
to
wire
your
access
control
to
name
spaces
in
the
hosting
cluster
right.
You
want
to
have
a
different
concept
of
authentication
and
authorization.
C
F
F
Hat
cycle
sometimes,
and
anyway,
yeah
david
h,
was
just
saying
about.
I
just
want
a
place
to
build
a
controller-
that's
not
really
connected
to
kubernetes,
because
that
pattern
lends
itself
to
so
many
useful
abstractions
where
I
have
like
listeners
and
farmers,
and
it's
just
basically
the
reconcile
pattern
where
I
want.
I
want
a
declarative
state
that
other
actors
can
communicate
and
save
that
state,
and
you
can
build
a
lot
of
things
that
way.
F
I
think,
as
far
as
namespaces
go
in
my
mind,
I'm
kind
of
looking
at
it
like
a
separate
database
server,
where
it's
just
strictly
for
partitioning
in
our
back.
So
I
might
have
one
group
of
applications.
It's
talking
to
this
namespace
space,
but
yeah.
I
wouldn't
expect
it
to
be
tied
to
any
underlying
kubernetes
name,
space
or
server.
C
F
G
A
B
You
know,
looking
at
the
controllers
that
I've
been
dealing
with,
they've
used
config
map
for
like
the
leader
election
locking,
but
this
is,
I
think,
definitely
would
fall
in
scope
as
far
as
server
side
apply,
I'm
kind
of
either
way
on
that
one.
You
know
if
we
get
it
for
free
out
of
the
api
machinery
stuff
great.
If
not,
then
it's
not
really
a
huge
loss
for
the
use
cases
that
I
have
in
mind.
E
Yeah,
I
think
you
will
get
it
for
free,
so
I
will
also
come
down
on
the
if
this
is
going
to
be
used
by
controllers
and
if
controllers
are
going
to
use,
server
side
apply,
and
then
that
is
one
of
the
ga
requirements
to
talk
about
is
getting
at
least
one
controller.
You
service
that
applied
approval
that
works
well,
I
think
that
you're
gonna
need
service
that
apply
to
be
able
to
participate
in
that
area.
C
A
C
Thanks
jason,
how
do
people
want
to
keep
up
with
this
on
the
mailing
list?
Slack
channel?
Something
like
that.
I
think
it's
a
general
interest,
so
please
keep
us
posted
and
or
whatever
we
can
help
with.
B
Yeah,
definitely,
you
know
as
soon
as
I
get
a
little
bit
further
in
the
implementation
and
get
a
better
feel
for
what
the
api
is
looking
like,
then,
at
that
point,
I'll
be
ready
to
open
up
more
discussions
about
potentially
some
proposals
of
you
know
how
we
could
potentially
make
some
of
this
more
easily
consumable
instead
of
having
to
duplicate
it.
But
yeah.
Thank
you
for
entertaining
my
apparently
not
so
bad
ideas.
C
A
Yeah
I'm
back
to
present
in
the
agenda.
Hopefully
everybody
can
see
it.
So
second
is
a
follow-up
on
a
previous
discussion
that
we
have
so,
let's
jump
into
that
one
michael.
I
Yeah,
michael
thanks
for
taking
my
question,
so
I
want
to
follow
up
on
the
interesting
discussion
the
community
had
back
in
july.
I
That
was
about
a
issue
where
a
coup
controller
manager
would
might
lose,
might
stop
working
due
to
like
coming
out
or
failures
to
certain
web
hooks,
for
example,
opa
or
gatekeeper.
I
So
I
believe
the
conclusion
from
that
discussion
was
adding
the
exclusion-based
list
to
webhook
configuration
was
not
the
direction
the
community
wants
to
move
forward,
but
the
problem
still
exists.
So
I
just
want
a
quick,
quick
follow-up
on
the
long-term
recommendations
that
community
have
would
that
be
each
webhook
user
author
set
a
reasonable
configuration
policy
or
we're
considering
like
adding
like
as
daniel
mentioned
in
the
github
issue,
a
kind
of
a
list
of
critical
objects
that
the
cluster
operator
can
optionally
enable
saying
we're
not.
C
E
E
There
are
different
deployment
models
where
you
might
be
hosting
something
on
the
cluster
and,
depending
on
you
know,
which
vendor
you're
using
you
get
different
name
spaces
that
are
super
important
or
you
know
different
mode
of
something
running
where
it's
like
a
trip,
dependency
right.
D
E
E
C
H
E
I
Okay;
okay,
with
that,
it's
safe
to
say,
the
luncheon
recommendation
from
the
community
was
we
can
kind
of
expose
a
optional
list
of
critical
objects
to
a
cluster
operator
so
that
they
can
choose
to
bypass
certain
policy.
That's
the
long-term
direction
that
we
are
considering.
E
I
think
that's
what
we're
talking
about.
I
don't
know
that
either
myself
or
daniel
is
ready
to
say.
Yes,
that's
definitely
going
to
work
well,
I
think
I
think
part
of
the
request
is
someone
if
they're
motivated
to
look
into
this
trying
to
to
build
out
what
that
would
look
like
and
see
you
know
in
a
prototype.
Does
it
actually
work?
Well.
C
Yeah,
I
think
we
shouldn't
conflate
us
collectively
making
up
our
minds
with
actual
recommendation
right
like
we
haven't,
made
up
our
minds
yet.
So
that's
not
really
a
recommendation.
E
A
A
Thanks:
okay,
let
us
know
if
you
want
to
take
a
take
a
shot
to
that.
Okay
and
we
can
go
to
the
last
topic
of.
D
So
basically
the
question
is
people
approached
me
on
twitter
and
that
was
directed
at
six
cli
to
start
with
that,
they
would
like
to
have
some
kind
of
a
new
subgroup
for
accessing
all
of
the
web.
Hooks
yeah
cube
cuddle.
D
We
are
not
using
that
much,
so
I
figured
out
that
we
could
probably
reuse
that
kind
of
that
kind
of
category
and
expose
to
people
all
the
different
configuration
options
that
we
have
david
and
stefan
proposed
that
we
could
probably
somehow
group
these,
because
maybe
we
have
hooks
by
itself
is
not
necessarily
sufficient.
Maybe
we
could
have
some
logical
categories
that
will
be
grouping
resources
of
similar
functionality
or
related
functionality
in
some
logical
groups.
D
That
will
help
find
those
information,
because,
obviously
knowing
that
it
is
called
mutating
additional
web
co,
web
hooks
or
validating
admission
web
hooks
is
very
long.
Although
we
have
the
tube
cattle
api
resources,
which
will
give
you
the
list
of
all
the
possible
resources
that
the
any
server
you're
talking
with
has
but
gripping
through
that
it.
It
is
cumbersome
for
sure
so
and
and
to
answer
it
daniel's
question.
No,
there
are
no
short
names
for
mutating
admission
of
hooks,
nor.
C
Yeah-
and
I
I
realize,
as
I'm
looking
at
this,
that
I
actually
can't
remember
the
exact
name
of
the
resources
that
we
came
up
with
so
I
know.
E
Yeah
so
so
I
did
look
at
this
and
I
thought
about
the
request
for
a
category
just
for
web
hooks
that
doesn't
seem
very
efficient
to
me,
but
trying
to
figure
out
what
what
I
look
at
them
for
I
look
at
them
normally
to
see
if
the
combination
of
web
hooks
and
crds
and
api
services
that
I
have
all
the
api
extension
pieces
are
present.
H
D
C
The
the
short
name
is
part
of
the
api
definition
right,
so
we
wanted
to
add
a
short
name.
I
guess
that
would
be
us
and
not
take
cli.
E
Yeah,
I
I
like
the
idea
of
a
category
for
collecting
all
these
things,
because
I
often
want
to
look
at,
like
you
know,
what's
the
status
of
all
these
things,
it's
basically
my
api
extensions,
the
new
apis,
I
added
the
things
to
validate
those
apis.
Are
they
all
here.
C
Yeah,
I
yeah
it
does
sound.
Pretty
useful.
Crds
can
be
kind
of
big
when
you
list
an
entire
category.
Does
it
just
show
you
names
or
does
it
show
you
the
details
too?
It's
been
a
while,
since
I've
used
that
feature
it.
C
E
C
Yeah
yeah,
that
sounds
pretty
good.
Other
things
you
listed
there.
I
think
api
services
are
going
to
have
a
lot
of
noise
just
because
there's
a
lot
of
them
for
the
built-in
ones.
Is
that
true?
C
Yeah,
I
think,
yeah,
I
think
it's
a
good
list,
and
I
I
agree
that
I
often
want
to
see
all
those
things
together.
C
C
Are
there
other
kinds
of
extensions?
Could
we
just
go
with
extensions?
I
guess
that
collides
with
our
prior
group.
E
Philanthropic
group
name,
there
may
be
other
kinds
of
interventions,
yeah
extensions.
G
Yeah,
I
love
the
idea,
but
I
I
mean
I
question
whether
this
needs
to
happen
in
the
api
server.
This
seems
like
it
could
just
be
an
extension
to
the
cube
cuddle
tool
itself,
but
I
mean
the
ap.
The
api
is
to
get
this
information
exist
right,
so
it
just
seems
like
we
could
create
a
new
top-level
command,
which
is
you
know.
I
think.
C
Yeah
walter,
let
me
let
me
see
how
I
think
it
works,
and
people
can
correct
me,
but
I
think
the
way
it
works
is
we.
We
tag
our
our
apis
in
the
discovery,
information
with
what
group
they're
or
what?
What's
I
don't
know
what
the
word
for
this
is
what
thingy
they're
a
member
of
and
then
the
cube
control
already
has
a
command
which
will
list
all
resources
of
some
particular
category.
Yeah
category
things,
that's
something
so
there's
actually
no
like
the
cli
work
is
already
done.
C
D
C
Okay,
well,
it
sounds
like
we're
in
favor
of
adding
a
category.
That's
like
api
extensions
or
cluster
extensions,
something
like
that.
D
Okay,
I'll
open
a
vr
and
I'll
tag.
You,
including
adding
the
short
names
for
the
for
the
longer
names
that
we
have.
C
Sounds
good?
Okay,
thanks
daddy
back
to
you.
A
Yeah,
I
think
that
is
the
last
big
topic
that
we
have
for
today.
If
you
came
yesterday
to
the
back
triage
or
you're
going
to
come
in
the
future,
you
will
see
that
now
we
are
starting
to
use
aliases
the
labels.
Sorry
not
aliases
the
labels
for
the
triage,
which
is
great-
and
I
will
add
a
note
here
and
that's
all
for
today.
I
will
upload
this
recording
later
in
the
afternoon,
will
be
available
for
everybody.
A
Okay
sounds
good
well,
thank
you,
everybody
for
joining.
Thank
you,
jason
again
for
coming
and
presenting
and
everybody
for
participation.
I
hope
you
are
safe,
stay
safe
in
this
crazy
times
and
we'll
see
you
next
time.