►
From YouTube: Kubernetes SIG Apps 20170206
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
Hello
and
welcome
everyone
to
the
februari
6
2017
Sega
apps
thanks
everyone
for
coming
as
folks
trickle
in
we'll
get
see
what's
going
on
so
today.
Let
me
start
off
with
a
couple
announcements.
First,
we
have
product
p.m.
representatives
for
sig
apps.
We
have
Dan,
who
is
a
product
manager
at
Google,
who'll,
be
joining
us
and
Antoine
who's
at
kora
and
they'll,
be
working
together
to
provide
us
some
kind
of
product
oversight
and
just
keep
track
of
what's
going
on
and
help
us
manage
and
organize
that
you
know
the
reason
that
we
we
want.
A
A
A
B
C
Reading
can
you
see
my
screen
iron?
Okay,
all
right
be
good.
Yeah
yep
I
upgrade
my
zoom,
which
is
a
big
mistake.
So,
okay,
so
I
want
to
talk
a
little
bit
today
about
the
helm,
plug-in
system
that
was
released
in
helm,
2.1
and
just
kind
of
explained,
some
of
the
motivations
and
some
of
the
dot
designs
and,
more
importantly,
to
show
you
a
little
demo
of
how
to
create
one
I
know.
C
There's
been
a
lot
of
talk
among
the
coop
cgl
community
about
how
they
can
do
plugins
and
I
weighed
in
a
little
bit
there
just
sort
of
explained
there,
but
I
thought
it'd
be
nice
to
show
this
to
maybe
a
slightly
broader
audience.
So
for
those
of
you
familiar
with
helm,
you
know
that
it's
a
package
management
system
for
Cooper
Nettie's
and
when
we
first
set
out
to
sort
of
capture
what
we
wanted
in
in
helm,
we
wrote
these
user
stories.
C
We
came
up
with
personas
and
we
wrote
user
stories
and
tried
to
focus
very
tightly
on
the
package
management
story.
But
there
are,
there
are
other
personas
that
became
sort
of
secondary
for
us,
like
developers
of
charts.
You
know
we
knew
we
needed
to
provide
some
good
tools
for
chart
developers,
but
we
didn't
want
to
clutter
up
the
CLI
too
much.
So
we
gave
sort
of
what
we
saw
is
the
minimum
set
of
tools.
C
C
The
solution
to
this
was
the
come
up
with
some
kind
of
elegant
system
work
that
would
allow
us
to
create
ad
on
plugins
that
the
users
could
then
pick
and
choose
from
depending
on
whether
you
know
they
wanted
to
focus
on
chart
development
or
focus
on
the
CIPD
story,
or
you
know,
write
their
own,
so
we
came
up
with
a
couple
of
requirements
for
it.
The
first
one
was
that
we
would
do
this
in
a
two-phase
approach:
one
would
implement
the
plug-in
system
and
the
second
one
would
implement
the
plugin
management
system
phase.
C
Simple
plug-in
system
will
probably
grow
it
over
time,
as
we
understand
more
about
the
needs
of
the
developers.
But
what
we've
got
now
seems
like
a
really
good
starting
point
and
a
pretty
solid
foundation.
So
let
me
show
you
a
little
bit
about
it.
So
plugins
get
stored
in
the
helm
home
directory,
which
is
where
we
try
and
really
consolidate.
Most
of
the
bellman
configuration
data
inside
of
that
directory.
We
looked
at
trying
to
store
them
on
bin
sort
of
the
on
past.
The
way
that
it
does
it,
but
we
decided
really
having
it.
C
Segmented
off,
gives
us
a
few
advantages.
So
we
created
a
little
directory.
You
can
see
it
there
after
packs,
as
plugins
packs,
by
the
way,
as
a
way
to
to
sort
of
prepackaged
some
program
templates
so
that
when
you
create
a
new
chart,
you
can
grab
a
proto
template
and
drop
it
into
you're,
not
stuck
with
the
one
default
template.
We
as
we
add,
but
that's
a
topic
for
another
day,
so
plugin,
let's
go
in
there
look
around
and
we
have
kind
of
a
bunch
of
different
directories.
C
Every
directory
here
is
one
of
the
plugins
that
I
have
installed.
So
you
know,
if
I
take
a
look
at
the
gift
hub
plug-in
you
can
see.
There
are
a
couple
files
in
there.
That's
the
plug-in,
I
wrote
that
helps
me,
publish
my
own
charts
to
my
own
github
account.
So
if
you
got
a
github,
/,
Tecna,
sophos,
/
think
its
helm,
dash,
charts
or
something
like
that.
C
You'll
see
this
plug-in
and
a
couple
others
just
kind
of
hanging
out
there,
so
you
can
see
there
are
two
files
in
this
one,
but
rather
than
go
through
them
there,
I'm
just
going
to
create
a
new
plugin
and
will
kind
of
take
a
look
at
what
the
process
looks
like.
So,
let's
create
a
plug-in
called
example,
or
example
all
right
there
we
go
so
we've
got
a
directory.
So
now
that's
the
first
requirement.
They
write.
We
go
into
this
directory.
We've
got
no
fuss.
C
C
Sides
a
little
helper
hood,
so
the
first
field
on
here
is
going
to
be
the
name
of
the
plugin.
That's
going
to
be
the
name
that
you
use
on
the
CLI
and
then
the
second
one
is
going
to
be
the
version
of
your
plug
in
the
third
one
is
the
usage
that
you
get
when
you
do
like
a
help:
generic
health
command
and
it
shows
you
all
the
difference
of
command
and
then
the
description
is
like
the
long
health
text.
Okay.
C
So
these
are
the
things
that
hook
us
into
the
helm,
uses
to
sort
of
bootstrap
it
into
the
health
system,
and
then
the
command
is
just
going
to
be
something
we
want
to
run
so
I've
got
one.
You
know
my
default
here
is
a
nice
echo
that
happens
to
echo
the
helm
plug
in
der
environment
variable.
So,
let's
see
I
said
there
was
only
one
one
file
required.
So,
let's
see,
if
that's
true,
so
let's
try
out
how
I'm
help
and
we
can
see
if
we
scroll
back
through
here.
C
There
is
our
new
helm
example
plugin,
and
it's
showing
up
with
that
little
I
used
to
be
text
that
I
showed
their
silicate
helm
help.
Example,
they
receive
a
usage
documentation,
for
example,
now
note
that
we
already
have
we
have
that
we
show
the
global
flags
here,
even
though
I
didn't
declare
any
flags
in
my
plug-in.
It's
already
saying
that
there
are
some
flags
associated
with
this.
Now
here's
what
we
wanted
to
do
when
we
design
plugins.
C
We
wanted
to
make
it
easy
for
you
to
take
advantage
of
the
stuff
that
we
can
already
learn
about
your
environment,
and
so
what
we
did
was
we
took
all
the
global
flags
and
we
parse
them
and
we
drop
them
into
environment
variables
so
that
when
you're
writing
your
plugins
instead
of
having
to
parse
out
those
particular
flags
and
do
the
you
know
minor
processing
that
we
tend
to
do
on
them.
You
can
basically
just
check
your
environment
and
see
if
those
things
are
defined
and
use
their
values
to
continue
on
on
your
way.
C
And,
conversely,
if
they
type
those
in-
and
you
don't
use
them,
your
script
or
a
program
isn't
going
to
generate
any
error
than
the
user
is
going
always
you
know,
debug
works
on
everything
else
in
how
and
why
doesn't
debug
work
with
that
example
commands.
So
it
was
really
an
attempt
to
make
it
easier
for
the
plug-in
developer,
while
simultaneously
bumping
up
the
users
experience.
You
can
of
course
go
ahead
and
declare
your
own
flags,
but
we'll
skip
that
part.
C
There
that's
a
little
more
intense
because
it's
really
dependent
on
what
language
you
use
and
so
on.
Okay,
so
we've
got
that
now
we
should
be
able
to
actually
run
the
helm
example
command
right
and
recall
that
we
just
basically
had
an
echo
that
was
going
to
excess
echo
out
a
particular
environment
variable.
So
there
we
go.
It
just
echoes
out
that
entire
did
a
entire
environment.
Variable.
C
C
Most
of
the
ones
that
are
prefixed
with
helm
are
the
ones
that
are
that
are
passed
in
by
the
out
the
outer
home
by
neck
and
then
most
those
others
are
just
random
things
that
I've
set
on
my
system,
but
we
try
and
pass
as
much
as
we
can
through
those
plugins
so
that
you
can
take
advantage
of.
However,
you
want
the
users
environment,
so
you
can
use
you
know
Homer
or
pass
or
King
Bertha
right.
C
Instead
of
executing
a
shell
in
a
couple
shell
commands
in
line
it's
often
far
more
useful
to
do
something
like
this.
The
command
line
here
execute
an
entire
Creek,
so
the
the
helm,
plugins
are.
The
variable
that
we
echoed
out
earlier
will
give
you
the
path
to
this
particular
plugins
directory.
So
you
can
basically
do
this.
You
know
home
plug
in
der
/
and
then
something
inside
of
your
plug-in
directory
and
when
helm
sees
that
it'll
basically
drop
to
that
drop
to
a
shell
and
execute
that
particular
command.
C
So
we
should
be
able
to
see
you
know
the
github
plugins
help
here,
for
example,
and
so
this
particular
one
well
looks
like
I.
Have
a
bug
in
my
script
is
exiting
one
instead
of
0,
but
you
know,
and
actually
that's
a
good
example
of
how
even
errors
will
bubble
up
and
helm
will
show
you
an
error
message
based
on
the
exit
status
of
your
plugin.
C
So
so
they
were
looking
at
something
that's
a
little
bit
more
sophisticated,
and
so
this
script
is
fairly
well,
I
wouldn't
say
large,
but
it's
definitely
larger
than
a
one-line
shell
command,
and
we
even
have
some
like.
If
we
were
to
look
in
this
template
command
here,
which
is
a
client-side
template,
rendering
system
we
can,
we
can
see
that
actually
I,
don't
even
have
the
source
code
in
here.
I
just
have
a
compile
to
go
application,
it's
right
there
10.
C
So
the
idea
then
was
to
create
this
system
that
allows
you
to
do
anything
from
like
a
plug-in.
That's
just
you
know
a
bunch
of
shell
commands
up
to
you,
no
more
sophisticated
thing
that
sort
of
leverages
whatever
programming
language
and
whatever
frameworks
and
libraries
you
feel
comfortable
with,
and
then
it
exposes
all
of
these.
Some
of
the
more
sophisticated
things
are
because
helm
can
determine
stuff
about
your
environment
by
inspecting
coupe,
cgl
and
stuff.
C
You
can
actually
declare
in
your
plug-in
that
you
need
a
tunnel
open
to
tiller
and
it
will
open
up
the
tunnel
for
you
and
everything
and
you
don't
then
have
to
rewrite
particular
logic.
For
so
that
was
the
design
of
the
plug-in
system
we've
got,
you
know,
maybe
a
dozen
public
plugins
out
there
and
I
have
heard
stories
of
different
people
who
are
writing
internal
plugins
to
do
things
that
are
specific
to
their
environment.
C
C
C
There
are
some
pointers
in
the
references
document
inside
the
hell
documentation
that
will
show
you
some
of
the
other
plugins
that
have
been
developed,
including
the
ones
I
showed
today,
and
the
example
one
and
some
others
that
Adam
has
written
and
various
other
community
members
have
written
and
then
to
answer
an
earlier
question.
Sort
of
the
flow
for
installing
them
right
now,
which
is
the
non-ideal
flow,
is
basically
to
CD
into
your
helm,
home
directory.
C
Go
into
that
plugins
directory,
which
is
you
know
this
one
right
here:
whoops,
let's
try
typing
in
the
right
window,
just
go
into
this
directory
and
you
know
get
clone
the
remote
repository
or
whatever.
So
right
now
the
installation
of
plugins
is
sort
of
a
manual
kind
of
say
again
what
what
we're
going
for
is
in
phase
2
helm
will
have
the
right
wrapper
command,
so
you
can
type
in.
You
know
how
to
plug
in
install
whatever,
and
it
will
fetch
the
plug-in
and
install
us.
C
Then
you
can
do
I'll
plug
and
delete
whatever,
and
it
will
delete
the
plug-in
or.
However,
you
want
to
do
it.
Some
of
the
exciting
stuff
we've
got
coming
up
or
we're
going
to
work
on
some
install
and
uninstall
hooks.
So
that
for
say,
you're
writing,
Python
and
you
want
to.
You
want
to
have
an
opportunity
to
run
pip
or
you're
running
Ruby,
and
you
want
to
do
a
you
know,
build
or
something
like
that.
There
will
be
a
hook
there,
where
you
can
do
the
install
locally.
C
So
you
don't
have
to
check
all
your
dependencies
into
the
VCS
and
and
really
what
we're
interested
in
more
than
anything
is
sort
of
growing
the
plug-in
ecosystem.
You
know
we
identified
two
personas
that
we
feel
like
are
underserved
by
the
current
helm,
client
and
those
are
the
chart
developer
and
the
CIA
CD
thing.
But
we
also
know
that
everybody
out
there
has
workflows
and
interesting
ideas
that
others
would
be
able
to
take
advantage
of
and
do
some
cool
stuff
with
help,
and
this
is
a
great
way
of
doing
it.
Now.
C
I
did
want
to
close
by
just
saying
what
are
the
limitations
of
this
system.
Plugins
were
designed
for
client
only
stuff.
There
is
currently
no
way
to
take
the
server
side,
the
in
cluster
killer
tool
and
add
a
plug-in
to
that,
and
and
we
decided
to
focus
on
client
first,
because
client
workflow
were
the
particular
things
that
bubbled
up
we
would
in
the
future
and
we've
talked.
You
actually
saw
marantis
give
a
demo
last
week
of
some
of
their
ideas
about
plugins
on
the
tiller
side,
where
they
could
use
app
controller.
C
That's
the
direction
we
want
to
go
in
the
future,
we're
starting
to
look
into
the
design
of
a
system
like
that
to
try
and
understand
it,
but
that's
not
there
today
and
probably
won't
be
there.
You
know
in
a
2.3
times
right
all
right,
I'm,
happy
to
answer
any
questions.
Otherwise,
that's
all
I
got.
Thank
you.
Matt
did.
D
A
quick
question:
okay:
have
we
given
any
thought
to
actually
using
go
plugins
here
in
the
future
once
they
become
available.
C
Earlier
on,
I
tested
out
the
the
early
version
of
the
shared
object,
support
and
it
you
know,
didn't
quite
match
to
what
we
needed.
So
as
that
system
evolves
and
you
can
do
run
time
shared
dependencies,
we
will
probably
try
and
look
at
a
way
to
do
it,
either
by
a
plugin
that
can
load
those
things
or
by
just
implementing
it
straight
into
the
core.
C
It
would
be
nice
because
there
are
a
lot
of
things
like
template
engine
access
that
right
now,
you'd
have
to
reimport
libraries
and
stuff
like
that,
and
so
your
plug-in
size
is
fairly
large.
A
template.
One
I
have
is
kind
of
a
big
plug
in
it's
got
four
mag
or
so,
which
seems
really
big.
Can
you
so
yeah
that
would
be
something
we'd
be
interested
in.
However,
we
are
not
going
to
do
cutting
edge
on
this
one.
If
you
don't
break
anything
so
it'll
probably
were
probably
a
year
out
on
that
effort.
C
A
A
quick
question
here
as
I
noticed
that
the
plug
into
the
the
name
of
the
command
right
and
list
with
all
of
your
other
helm,
commands
on
the
list.
It's
not
separated
by
plugins.
Is
that
intentional?
Is
there
a
plan
for
maybe
I've
written
a
plug-in
with
a
name,
and
now
a
command
comes
in
with
that
same
name?
How
does
that
whole
flow
and
experience?
What's
the
direction
of
that.
C
So
you
know
we
try
to
toy
with
the
idea
to
paint
having
a
reserved
words
list
to
avoid
that,
because
that
really
feels
like
about
the
best
we
can
do,
but
we
we
haven't
done
that.
So
we
have
assumed
at
this
point
that
the
naming
system
is
flexible
enough,
that
if
we
end
up
with
a
conflict
in
the
future,
it
should
be
resolvable
by
a
couple
humans
discussing
it.
But
we
wanted
to
bubble
everything
as
close
to
the
top
namespace
as
possible
for
two
reasons.
C
One
of
them
is
because
less
typing
is
always
good,
but
the
other
one
was
because
we
wanted
the
plugin
system
to
feel
really
transparent
to
the
end
user.
So
if
you
as
the
operator
install
six
or
eight
plugins
as
part
of
your
standard
distribution
that
all
your
developers
use,
the
developers
shouldn't
have
to
know
the
different
when
they're
calling
a
plug-in
versus
whether
they're
calling
something
else.
C
So
we
basically
tried
to
take
the
human
interaction
idea
and
sort
of
over
over
value
that
and
maybe
undervalue
the
namespace
collisions
concern
so
right
now
it
really
would
cause
a
problem
if
you,
if
two
people
wrote
a
plug-in
called
github
and
you
try
to
install
both
of
them,
we're
just
assuming
that
the
solution
to
that
would
be
to
download
one
change,
the
name
to
github
day
or
whatever
else
you
wanted.
Okay,.
A
E
So
you
can
remove
a
quick
demo
of
Siena
bouquet,
not
just
like
enough
registry,
so
we
won't
be.
Work
is
a
little
bit
on
the
user
experience
about
how
we
can
share
answer
our
child
and
package,
and
we
wanted
also
to
be
closed.
What
we
used
to
are,
the
user
will
occur,
and
this
is
what
it's
about.
So
we
show
you
the
m
per
game
and
just
cover
the
feature,
and
then
we
get
it
back
in
question
or
interview
show
the
screen.
E
E
So
I
decided
a
report.
Our
society,
like
the
early
dismount,
will
do
an
integration
on
quite
as
I,
oh,
oh
yeah
emission
control
and
that
it
spoils
the
base
on
the
open
to
purpose.
Can
we
link
to
the
biggest
Rico?
So
it's
all
open
to.
So
there
is
one
server
and
the
answer
is
one
client,
so
the
kind
of
country
is
in
Python
but
really
are
working
on
the
Commission's
I
condition
with
ammo
like
the
same
way.
E
I
did
so
first
inside
the
client,
and
then
you
can
just
I
will
forgive
my
pajayjays
emo
of
amp
again.
So
then
we
need
to
know
how
we
keep
the
friggin
colleges
away,
and
then
we
just
appear
like
special
here
so
I
say,
is
on
the
way
to
share
a
package.
Is
so
if
I
eat
microserver
I
have
nothing
yet,
and
we
just
show
you
what
we
can
push.
Ok,
also
the
risk
yep.
E
E
E
E
Recovered
command,
when
a
when
did
I
say
it
would
be
like
some
permission,
control
around
our
packets
or
you
love
begin
also
come
on
that
we
just
get
you
the
permission
or
it's
a
package.
You
won't.
We
can
search
for
packages
which
are
you
can
inspector
so
by
like
you
can
navigate
inside
a
package,
so
everything
is
ready.
I,
when
we
want
also
to
see
is
right,
I'd,
really
like
a
community
project.
E
We
want
like
an
agreement
of
the
API
and
also
see
like
you
to
work
on
in
that
world
or
UI,
and
you
need
the
backend
sister.
This
may
be
a
good
server
which
starts
to
work
to
compare
to
work.
So
you
can.
We
can
do
it
all
together,
I
you
I
on
the
same
API
to
search
to
browse
packages
inspect
packages.
E
One
things
are
so
bring
back
to
the
user
experience
about
fashioning
winter
this
year
for
the
purpose
of
channel.
So
if
I
go
show
again,
so
the
version
are
really
like
an
idea
to
initiate
the
aiji's
I
click
on
change
over
time
like
the
gym
40
before
well,
step
that
but
sometimes
useful
to
look
like
a
stable
tag.
So
this
is
what
we
call
our
channel.
So
if
I
push
again
are
here,
I
can
say
this
is
my
paper
and
I
can
also
like
a
spare
time.
E
Ready
for
children-
and
you
can
put
your
accuser
societies
like
we
expect
user
to
say,
teaches
the
state
reservation
and
you
just
two
just
inside
the
stable
one.
So
if
I
go
back
to
the
user,
but
I
would
just
want
fish
dipper
attached
and
I'm
elated
a
package
here
to
decide
which
version
is
a
stable.
Is
it
the
q
40
41?
E
E
One
single
Oh
Gina,
so
this
is-
was
horrible
as
like
char,
but
still
as
I
said
it's
more.
They
can
cause
like
a
very
many
fit,
but
many
pet.
So
that
is
like
previous
some
point.
We
have
like
chop
the
tree
or
the
download
compatible
or
you
can
store
so
dr.
compose.
Whatever
comes
comes
in,
and
this
is
like
a
more
as
a
unique
buy
it
experience
about
that
soccer.
Camp
verde
I
am
in
WordPress.
E
E
E
Think
I've
done
the
to
the
decay
of
the
future.
So
I
like
it
like
for
your
personal,
what
see
I
just
end
with
a
declared
tools
of
your
occupied,
and
then
you
can
just
chain
with
other
step
of
like
Keanu
couche
mpiana
to
shop
your
configuration,
because
which
is
what
so.
This
is
what
you're
going
to
actually
keep
going
and
use
to
manage
your
application.
You
just
can't
have
a
lot
in
this
and
in
this
way,
in
your
CI
in
distribution
of
our
case,
do
you
have
any
question.
A
Alright,
so
so
I'll
ask
this:
when
CNR,
when
you
publish
something,
does
the
CNR
repository
also
format
to
the
standard
helm
charts
so
without
using
CNR,
so
somebody
who's
a
publisher
through
CNR?
Could
you
say
to
see
in
our
plug-in
to
do
it?
But
if
I
was
a
consumer
just
using
helm
and
not
having
the
CNR
plugin
could
I
consume
packages
in
there
in
the
same
style
workflow?
A
F
A
A
F
A
E
We
won,
we
didn't
work
out
in
the
compatibility
API,
but
this
is
pretty
where
we
want
to
go
in
two
directions
or
laser,
which
would
be
transparent
with
just
google,
tuna
or
user
internet
aesthetic
registry
without
having
the
universal
specified.
This
is
come
from
China,
it's
okay,
but
we
three
work
a
little
bit
together
to
know
how
we
can
achieve
this,
but
this
is
difficult.
The
user
experience
one.
A
A
H
A
G
G
My
grave
is
actually
to
debate
a
beta
feature.
I
reek
recently
ping
me
on
the
on
the
issue
that
there
there's
more
and
more
users
who
are
actually
actively
using
crowns.
I
was
asking
if
you
are
ready
to
migrate
the
feature
to
beta,
unfortunately
from
looking
at
the
of
the
requirements
that
we
said
to
ourselves
a
few
months
back,
we're
not
there
yet.
The
two
most
important
features
in
my
in
my
personal
opinion
is.
G
Removing
cron
jobs.
Currently,
if
you
try
removing
cron
job,
it
will
only
remove
the
cron
jobs
resource
without
the
cron
jobs,
without
the
job
that
the
conduct
created
in
the
meantime,
nor
there's
any
limiting
of
how
many
the
jobs
are
created
by
the
contact.
So
if
you
have
a
con
job
running
every
couple
minutes-
and
you
totally
forget
about
it-
you
may
end
up
with
your
cluster
beings
over
overwhelmed
by
DM
by
the
number
of
jobs.
G
So
this
is
sort
of
the
features
that
I
would
say
is
is
required
before
we
actually
goes
to
beta
the
others,
and-
and
this
is
I
personally
think
that
this
is
not
a
strong
requirement-
is
supporting
different
flavors
of
specifying
this
schedule.
G
Currently,
we
only
support
the
conf
impacts
from
regular
unicron,
but
the
other
view
that
we
talked
about
was
the
ISO
if
I
remember,
286,
I,
fun
and
and
the
promise
for
us.
So
the
question
is
given
the
knowledge
that
we
lack,
especially
the
the
removal,
is
the
sig
apps
ready
to
say
that
the
concept
should
migrate
to
to
beta
I,
probably
and
I,
see
that
Eric
is
on
call
I'll,
probably
give
Eric
a
safe
to
speak.
For
for
his
reasoning,
why
we
wanted
to
move
the
cron
jobs
to
beta
Eric
hi.
H
Yeah
I
guess
my
analogy
would
like
saiful
sets
would
be
when
moving
your
staple
sets
to
beta.
We
laid
out
our
plans,
but
we
didn't
require
to
finish
all
the
features
that
we
need
for
GA.
We
just
required
that
we
have
a
pretty
high
confidence
that
we're
not
going
to
have
a
breaking
API
change
to
to
get
to
those
between
data
NGA
and
also
that
it's
a
good
enough
quality
that
we
want
to
recommend
that
people
use
it
for
saiful
sets.
H
That
latter
part
was
a
bit
of
work,
I
think
to
really
walk
down
some
of
the
corner.
Cases
for
the
car
know
that
good
feedback
from
quite
a
few
people,
and
so
maybe
only
then
you
know
the
making
too
many
jobs
case
is
the
only
one
that
really
we
need
to
fix
to
sort
of
be
confident.
Recommend
people
use
it
not
to
stabilize
the
cluster.
So
again
the
two
and
they're
written
actually
somewhere
in
a
doc
for
Cooper
Nettie's.
H
The
requirements
for
beta
are
that
it
doesn't
really
seem
to
stabilize
your
cluster
and
we're
not
aware
that
we're
planning
to
break
it
and
we've
done
some
due
diligence.
So
I
think
should
go
down
those
issues,
one
at
a
time
and
say
like:
are
they
destabilizing
and
are
they
likely
to
break
if
we
fix
them
later
in
the
API.
G
So,
to
give
more
to
what
you
just
said,
is
that
there's
an
open
Pilar
that
implements
last
revision
history,
something
similar
to
already
what
we
already
have
and
the
deployment
API
for
con
jobs,
which
basically
allows
you
to
define
I
want
to
hack
up
to
this
many
successful
jobs
and
up
to
this
many
failed
jobs
that
should
be
maintained
overall,
overall
yeah.
G
So
this
would
definitely
help
us
with
the
use
case
that
you're
saying
that
the
teacher
should
not
stabilize
the
cluster,
because
that's
that's
basically,
the
only
thing
that
was
where
you,
the
most
that
we
didn't
have
anything
like
that
in
place
and
we're
moving
in
with
the
pain.
But
if,
if
that,
will
merge
and
I'm
hoping
to
look
at
it
tomorrow,
if
that
will
emerge
for
1.6
and
like
I,
guess
I'm
willing
to
to
actually
move
the
data.
G
To
cron
job
we
do
support,
we
still
support
scheduled
jobs,
meaning
you
can
create
a
resource
name.
Scheduler
job
it'll
be
converted
on
the
fly
to
conduct
and
will
be
persisted
at
concept
I'm
asking.
If
we
move
to
beta,
do
we
want
to
keep
conjunct
MV
alpha
and
in
debate
as
well,
or
we
are
going
where
we're
doing
clean
cut
and
removing
the
entire
Alpha
and
introducing
just
and
moving
entirely
to
to
wherever.
D
H
I
think,
if
it's
low
effort
for
us
to
have
at
least
one
release
of
overlap,
the
you
should
do
that
it
makes
people's
upgrade
stories
much
simpler
if
they
don't
have
to
atomically
change
their
config
manifests
and
upgrade
their
server.
I
would
say
include
a
deprecation
notice
for
the
Alpha
in
the
16
release.
Notes,
keep
it
in
16
to
get
out
of
17
weird
about
it.
G
G
It
landed
in
a
new
to
all
so
long,
so
it
was
like
sort
of
the
idea
to
be
to
be
part
of
you,
two
going
I'm
very
hesitant
to
actually
have
a
g2
and
that
I'm
perfectly
fine
with
cons
of
being
part
of
the
one
we're
not
breaking.
Do
you
want
in
any
way
or
just
extended
with
the
new
resource,
so
I
am
perfectly
fine
I'll,
try
to
sync
with
ultimate
issue
and
I'll
think
I
with
sick
API
folks.
What
do
they
think
about
that?
Because
we're
going
to
need
a
sign
up
of
them
should.
G
Okay,
I'll
open
an
issue
and
I
think
and
there's
this
looks,
and
it's
actually
the
the
folks
that
are
responsible
for
the
EPI
and
the
API
machinery
and
let
them
speak
what,
where
we'll
be,
that
will
give
us
enough
space
to
discuss
it
and
close
it
for
1.6,
which
will
be
done
and
three
weeks,
if
I
remember
correctly,
yeah,
okay,.
A
G
A
G
A
A
Thank
you
all
right,
then.
The
last
thing
we
had
on
the
agenda
and
looking
at
the
time,
we'll
probably
only
have
a
little
bit
of
time
to
start
it
is
looking
at
app
development,
best
practices
and
I
started
another
document
which
is
basically
empty
right
now
to
to
start
recording
this.
So
one
of
the
things
that
we
don't
have
much
detail
on,
but
people
keep
asking
for
and
if
you
go
back
six
seven
months
probably
I
could
probably
find
a
conversation
where
people
keep
asking
about
it.
A
What
are
the
best
practices
if
you're,
building
and
trying
to
write
applications
or
getting
them
ready
to
work
inside
of
Cooper
Nettie's
there?
You
know
for
new
app
developers
or
a
pop
artists
coming
on
board,
who,
when
I,
do
this
there's
this
learning
curve
of
learning?
How
do
I
do
it
and
find
it,
and
one
of
the
best
practice
is
what
are
the
pitfalls?
How
do
you
overcome
them
and
then
for
it
for
a
bunch
of
us
right
tools?
You
know
who
are
here
we're
trying
to
figure
out.
A
How
do
I
generate
tools
that
will
actually
help
people
get
their
work
done?
You
know
one
of
the
problems
people
are
encountering
and
so
I.
You
know
that
gives
me
feedback
to
build
better
tools,
and
so
we
wanted
to
have
a
conversation.
We
keep
meaning
to
have
this,
we
haven't,
and
so
today
we
probably
get
a
little
bit
of
time
to
kick
start
it
did
anyone
have
anything
they
wanted
to
start
off
with
with
one
of
those
things
have
not.
I've
got
a
couple
of
seed
topics.
A
All
right
due
to
the
quietness
I,
will
jump
in
I.
Think
one
of
the
first
things
that
caught
me
off
guard
was
dealing
with
secrets
and
we'll
start
with
secret
management,
because
you
can
use
Cooper,
nutty
secrets,
but
right
now,
they're,
actually
not
cryptographically,
secure
right,
its
base,
64
encoded
stuck
inside
at
saggy,
and
that's
how
it's
stored,
which
means
it's
not
secure.
A
So
if
you're
in
an
enterprise
environment
or
a
place
where
you
care
you've
got
to
worry
about
security,
you
can't
actually
use
that
right
now,
and
so,
when
it
comes
to
secret
management,
what
are
people
doing?
Okay
so
that
that's
a
pitfall?
How
are
people
handling
secrets?
Besides
the
core
capabilities?
A
B
B
A
Sure,
well,
we
can
talk
about
all
of
it
because
you
know
there
are
things
where
people
should
not
be
able
to
get
access
to
easily,
especially
in
its
raw
form,
and
so
it
might
be
good
to
bring
it
up
from
a
practical
standpoint,
app
developers
rather
than
just
general
security,
best
practices,
but
actually
look
at
solving
the
problem,
and
there
really
is
something
I
mean
if
you've,
you
know,
there's
lots
of
ways
to
encode
stuff
and
keep
it
encrypted.
A
So,
as
you
share
it,
you
know
somebody
else
can't
get
in
and
easily
poke
at
it.
If
somebody
were
to
get
inside
of
your
system
and
look
inside
of
your
storage
system
right,
we
restoring
these
things.
They
can't
just
grab
that
data
set
and
open
it
up
and
see
what
all
the
credentials
are
right.
We
do
a
lot
with
password
hashing
so
that
you
know
you
can't
get
a
list
of
the
password
hashes
and
easily
figure
out
what
they
are.
There's
a
lot
of
run
security
and
encrypting
this.
So
what
should
we
do
here?
H
F
That
follows
the
same
thing
that
we
did
was
what
healthy
publish
so
that
they
probably
get
to
is
can
actually
need
per
pod.
When
a
pod
comes
up,
it
needs
to
to
get
a
token
from
vault,
and
you
need
to
wrap
that
token
Kevin
not
stored
in
a
TV
show
you
probably
the
manipulate
the
way
proven
any
secret
view,
work
and
piggyback
on
them
by
wrapping
tosin
and
point
you
to
that
rapist
can.
B
A
H
I've
had
a
number
of
discussions
with
kelsey
and
people
in
the
vault
community
and
about
this
and
I
won't
say,
don't
know
how
to
do
it.
I'd
say
that
a
couple
I
learned
a
couple
of
things
in
those
discussions
and
I'll
just
saw
out
there.
One
was
that
sometimes
it's
not
necessarily
like
developers
that
are
choosing
what
the
secret
story
is.
Sometimes
that's
a
company
level
decision
so
like
when
you
try
to
have
a
conversation
about
how
it
would
logically
welcome
to
burn
Eddie's
like
it's
more
about
like
what
are
the
audit
requirements.
H
H
You
know,
have
some
level
encryption
I'll
ever
see
two
benetti's
secrets
like
independently
getting
to
the
level
of,
like
you
know,
TPM,
whatever
integration
like
crazy
stuff,
that
some
of
the
serious
secret
stores
yet
so
the
current
thinking
is
like,
let's
build
it
through
extensions
Kelsey
high
current
example
use
in
the
containers.
One
of
the
complaints
with
the
new
containers
was
that
this
sort
of
gross
blob
you
have
to
put
in
all
your
stuff
the
feedback
on
flex
volumes.
H
A
Okay,
so
I
see
those
conversations
about
how
we
could
handle
something
in
the
future,
as
well
as
a
little
bit
about
the
practical
of
what
we
can
do
today.
Yeah-
and
this
is
definitely
a
tough
problem.
How
can
we,
how
can
you
balance
different
companies
with
different
needs
along
same
lines
with
the
M
on
that?
Okay,
that
makes
sense,
Eric
I'm
glad
to
see
that
folks,
if
folks
want
to
engage
in
this
conversation
as
far
as
work,
uber
Nettie's
goes
what's
the
right
place
for
that.
J
F
C
A
C
In
order
to
be
closer
to
meeting
things
like
stock
to
compliance
where
the
where
the
developer
is
never
allowed
to
see
the
secret
and
the
secret
is
something
that
gets
injected
right
as
it
enters
the
cluster.
That
doesn't
really
address
the
question
of
whether
the
secret
is
stored
securely
inside
of
Cougar
betty's.
But
it
does
address
some
of
the
related
questions
or
making
sure
that
the
secrets
don't
leech
in
the
middle
or
during
the
workflow.
A
I
Has
anyone
given
any
thought
to
hardware
security
module
integration,
because
on
one
side,
you
have
more
like
I,
guess
cloud
native
ways
to
deal
with
secret
management,
but
for
companies
or
for
customers
that
are
going
to
have
like
strict
mandates
on
how
their
secrets
are
stored?
I,
don't
know
if
you
can
get
around
using
HSN
yeah.
A
And
I
think
for
some
of
that
that
gets
back
to
what
Eric
was
talking
about
earlier,
with
some
way
to
have
a
generic
thing
inside
of
Cooper
Nettie's
with
a
thats
a
little
step,
more
wrapped
something
else,
and
then
individual
companies
can
implement
their
own
pluggable
way
of
handling
it
so
that
you
can't
have
something
like
into
HSN.
You
can't
have
some
some
proprietary
saying
that
we
don't
even
talk
or
think
about
here.
A
You
have
all
these
different
systems
backing
it,
and
yet
app
developers
have
one
consistent,
API
and
set
up
to
work
with,
and
so
I
think,
but
I
think
that
falls
into
the
longer-term
category,
because
Cooper
Nettie's
doesn't
do
that
today.
It's
just
one
of
those
problems
we
have
to
solve
and
if
you're
an
app
developer
the
pragmatic
problem
of
what
do
I
do
today
to
solve
the
problem.
It's
still
sitting
out
there.
A
You
know
we
talked
a
little
bit
about
the
long-term
aspects,
but
if
I've
got
to
go
to
employing
application
today,
how
to
actually
do
this
well
and
so
I
think
we
came
in
at
least
out
of
this
I
plucked
two
things.
One
is
used,
vault
and
I've
dropped
in
a
couple
of
links
into
that
document.
That
I
started
there
and
then
the
other
two
useful
to
store
it.
A
Because
vault
has
the
ability
to
securely
to
some
extent,
do
some
of
this
and
then
the
other
is
to
possibly
use
helm
as
part
of
your,
so
your
CI
system
to
pull
and
inject
those
values
there
so
developers,
nobody
ever
ends
up
seeing
them,
which
is
important
for
someone
once
you've
got
to
deal
with
sox
compliance
and
stuff
like
that,
and
so
from
a
practical
standpoint.
I
think
there's
a
couple
of
things.
People
are
doing,
but
this
is
maybe
an
area
where
long
term
we
need
to
solve
to.
A
F
The
specific
use
case
I
was
mentioning
was
a
hardware
hsm
that
lived
off
cluster
and
I
used
things
Service
Catalog
the
stuff
they
were
doing
to
present
it
as
on
the
Cuban
at
ease,
API
and
then
basically,
the
mechanics
for
a
new
extra
app
dev.
Once
you
just
do
like
a
persistent
volume
claim,
so
you
do
a
claim
against
a
secret
research
and
the
you
had
a
controller
in
place
to
pick
that
up
talk
to
the
hsm
and
deliver
that
back
into
something
to
benetti's
could
talk
to
okay.
A
F
A
Alright,
so
that
sounds
good,
since
we've
only
got
two
minutes
left
I'm
actually
going
to
grab
the
discussion
here
this
this
app
development
best
practices
thing
is
something
that
I
think
might
be
worth
talking
a
little
bit
more
about,
and
so
you'll
publish
see
that
show
up
a
little
bit
more
if
you've
got
notes
to
add
around
the
security
stuff.
Here
please
do,
but
since
we've
only
got
a
couple,
minutes
left
and
I'll
be
respectful
of
everyone's
time.
Z.