►
From YouTube: Kubernetes sig-aws 20180727
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
Hello,
everybody:
it
is
July
2728
team.
This
is
our
bi-weekly
cig
AWS
meeting.
We
have
a
fairly
full
agenda,
so
we
should
probably
get
started
on
that.
But
if
people
do
have
more
items
for
the
agenda,
please
do
add
them.
Otherwise
it
seems
unlikely
you'll
get
items
that
are
not
on
the
agenda.
So
if
you
do
have
items,
please
do
add
them.
Otherwise,
I
suggest
we
jump
right
into
it.
Well,
the
first
one
is
actually
mine.
It's
actually
hopefully
a
fairly
quick
question,
which
is
it's.
A
B
A
I
mean
so
it
is,
it
is
reasonable
to
believe
so.
The
suggestion
was
that
someone
was
saying
that
they
could
launch
say
a
thousand
instant
Susy
very
quickly,
using
auto
scaling
or
faster,
using
auto
scaling
groups,
and
they
could
using
run
instances
and
sort
of
is
that
is
that
plausible
or
yeah?
It's
totally
plausible.
B
Yeah,
since
it
is
a
different
service,
I,
don't
know
what
would
scale
better,
but
I
would
imagine
that
auto
scaling
would
scale
better.
We
I.
If
you
want
concrete
numbers
we
could
reach
out.
We
can
take
an
action
item
to
reach
out
to
about
a
scaling
team,
even.
A
D
A
B
We're
exploring
we're
not
totally
I,
wouldn't
say
we're
committed
to
it
yet,
just
because
it's
still
kind
of
in
process,
but
we
want
to
do
this
out
in
the
open
so
that
everyone's
up
to
speed
on
what
we're
working
on
and
I
basically
gave
the
same
update
last
week,
but
I'm
sort
of
our
idea,
but
I
just
now
kind
of
put
it
in
a
put
it
in
a
Google
Doc.
So
that's
available
for
public
reading
and
I
just
put
the
link
in
the
meeting
here.
B
B
E
B
So
that's
kind
of
where
we
are
with
that
I
had
a
couple
other
questions
or
just
I,
guess
public
comments,
so
there's
been
a
lot
of
I've
got
a
lot
of
more
feedback
about
and
just
volume
about,
NLB
and
it's
something
I've
kind
of
been
I.
I
did
originally
when
I
was
just
part
of
the
community,
not
at
AWS
and
as
the
volume
is
turned
up.
We
really
is
that
something
we
want
to
support
and
move
to
be
one
stable.
B
So
I
commented
on
the
kubernetes
feature
issue
and
the
sort
of
target
right
now
is
to
have
sort
of
beta
status
as
of
one
twelve
and
then
targeting
v1
stable
for
one
thirteen
and
I
attached
a
number
like
known
issues
that
are
present
to
that
feature.
Issue
that
the
things
we
want
to
tack
whole.
But
if
anyone
has
any
bandwidth
and
wants
to
contribute,
we
really
welcome
that.
So
please
big
up.
If
that's
any
of
those
issues
or
something
you
want
to
take
on
or
work
on,
we'd
really
appreciate
and
welcome.
B
And
then
I
guess
one
other
question
I
had
for
kind
of
people
here
is:
there's
an
issue.
Your
couple
issues
out,
just
in
long
load,
balancers
in
general,
that
are
kind
of
the
same
thing
and
I
kind
of
wanted
people
who
have
used
load
balancers,
take
on
and
kubernetes.
If
this
is
something
we
should
support
or
not.
Basically,
if
you
try
to
switch
a
kubernetes
load,
balancer
service
from
internal
to
external,
it
doesn't
work
if
you
try
to
switch
a
low
balance
of
service
from
NLB
to
classic
VLB
or
vice
versa.
B
A
Think
one
clarifying
point
is
because
we're
using
an
annotation,
we
have
I
believe
no
reasonable
way
to
block
the
update
right,
I'm
going
to
make
sure
we
can
do
it
easy
anyway,
without
a
sort
of
API
extension
or
some
sort
of
hook.
But
what
is
the
behavior
currently?
Is
it
just
that
it
silently
fails
I'm.
B
Not
sure
entire
I
don't
remember
what
they
like
event
messages
or
anything,
but
I
think
we
could
detect
it
and
support
it.
Just
because
we
could
see
what
the
current
type
of
load
balancer
is
and
check
on
the
annotation
if
it's
supposed
to
be
internal
or
external
or
network
or
classic,
but
that
would
just
be
a
again
potentially
just
like
a
destructive
action
that
isn't
necessarily
obvious
to
the
user.
So
I
don't
know
if
that's
something
we
wanted
support,
I,
don't
know
if
anyone
has
any
other
feedback
on
that.
A
Might
God
feel
a
sort
of
straw
man
suggestion
would
be
to
not
support
it
initially,
but
try
to
surface
it
in
events
so
that
you
know
it's
it's.
The
behavior
is
reasonable
and
it
says
you
know
in
order
to,
we
can't
support
a
change
you
have
to
like
delete
and
recreate
or
something
like
that
and
then,
if
people
say
oh
that
really
sucks,
then
we
can
look
at
what
I'm
making
it
from
there.
A
But
for
a
like,
if
I
were
to
switch
from
an
email,
be
to
an
NL,
be
I,
would
I
would
have
to
make
another
change
right
to
my
TNS,
for
example,
unless
I
had
external
the
external
DNS
controller
or
something
performing
that
automatically
yeah,
it's
not
like.
A
C
B
B
Okay
and
then
I
had
one
other
issue
but
kind
of
after
thinking
about
it.
It's
probably
something
I'll
just
move
this
big
cloud:
there's
a
pull
request
to
remove
like
a
cluster
role,
accessible
bindings
that
are
specific
to
AWS,
that
gets
dropped
everywhere,
but
I'm
thinking
that
you
might
want
to
have
a
discussion
at
sea
cloud
to
talk
about
just
through
strapping
cloud
specific
roles
in
general
and
I.
Don't
know
that!
There's
a
real
mechanism
for
that.
A
Have
to
there's
a
storage
class,
that's
specific
to
AWS,
but,
and
someone
is
specific
to
GCE
that
is
installed.
So
there
is
a
set
of
manifests
that
every
think
that
every
installation
tool,
I'm
generalizing
from
cops
but
like
I,
think
that
every
installation
on
Cuba
the
every
installation
tool
should
install
based
on
the
cloud.
So
it
would
be
a
matter
of
like
maybe
adding
this
or
back
binding
to
to
that.
First
great
cloud,
I
think
make
sense.
D
So
this
is
actually
a
long-standing
issue.
That's
been
open
for
a
while
and
we're
trying
to
kind
of
figure
out
a
path
forward
here
said
you
wanna
know
this
is
this.
Is
consistency
is
in
the
ways
different
cloud
providers
treat
stopped
instances,
so
you've
started
up
some
instances,
they've
registered
node
objects
and
then
maybe
some
labels
got
added
to
those.
Maybe
some
taints
got
added
to
those
and
then
one
of
those
instances
is
stopped
but
not
terminated,
and
while
it
is
stopped,
the
node
controller,
if
it
happens
to
take
long
enough
and
notice,
will
actually.
D
Stopped
instance
as
if
it
doesn't
exist
and
will
delete
the
kubernetes
node
that
corresponds
to
it
losing
all
the
labels
that
replied
to
it
any
paints
that
were
applied
to
it
any
cordoning.
You
know
all
of
these
various
things
that
can
be
on
the
object
and
then,
when
the
node
is,
are
the
instances
started
back
up?
It
says
out?
D
Well,
let
me
reread
this
term
myself
and
you
kind
of
get
back
to
clean
state
initial
labels,
initial
taints,
whatever
the
the
clean
state
was
and-
and
so
this
is
inconsistent
across
cloud
providers
today
and
we're
just
trying
to
not
necessarily
boil
the
ocean
and
reach
agreement
on
like
every
method
in
the
club
provider
interface,
but
at
least
kind
of
stop.
The
bleeding
on
the
data,
loss
and
security
implications
of
this.
D
So
AWS
and
OpenStack
I
think
are
the
the
two
ones
I'm
most
familiar
with
that
have
this
behavior
of
treating
non
running
instances
as
if
they
didn't
exist,
and
it
sounds
like
the
OpenStack
folks
would
like
to
converge
to
what
GCE
and
some
of
the
others
are
doing,
where
they
leave
them
in
place
in
a
like,
a
not
ready
state,
and
so
I
wanted
to
come
to
AWS
and
see
what
people
were
thinking
here
and
there
are
other
other
perspectives.
Just
we
can
move
forward.
A
Yeah
I
mean
I
certainly
have
concerns
about
changing
the
behavior
like
just
casually,
but
I
mean
there's
been
a
lot
I
think
you
know
you're
being
thoughtful
about
how
you
do
it
and
I
think
that
makes
sense,
and
we
also
had
a
like
I
think.
The
convergence
argument
busy
sort
of
was
was
previously
blocked
on
st.
cloud
and
we
have
sick
time
now.
So
we
can
have
that
discussion
there,
but
we
can
certainly
figure
out
for
AWS
what
we
think
make
sense.
Yeah
I,
think
I.
A
Think
in
the
past
we've
debated
about
what
it
means
for
an
instance
to
be
stopped
like.
Why
is
an
instant
stopped
right
like
what
isn't
it?
What
is
the
use
case
for
stopping
an
instance
and
particularly
if
you're
gonna
significantly
change
its
character
right
if
you're
gonna,
like
start
changing
its
instance
type?
A
D
I
mean
in
our
case
we
were
stopping
instances
in
order
to
work
around
a
bug
and
looking
up,
addresses
and
putting
him
on
the
instance.
It
could
have
just
restarted
the
cubelet
process,
but
ops
was
ops,
had
access
to
the
dashboard.
So
they
did
it,
be
at
AWS,
dashboard
and
say,
shut
down
an
instance
and
start
a
backup
and
in
the
meantime
it
would
get
away,
didn't
lose
his
labels
and
stuff.
So.
D
A
I
think
the
I
think
a
Rees
I
think
so
stops
is
different
from
restarting
I
think.
So
this
is
a
I
think,
so
it
would
definitely
be
a
bug
if
you
know
you
just
issued
a
restart
which
is
sort
of
like
hitting
the
reset
button
on
your
desktop
right
and
then
so
just
does
a
cycle
like
a
reboot
that
is
very
different
from
stopping
it
and
starting
it,
which
I
think
like
stop
is
more
like
a
a
hibernate
as
I
understand
it.
A
D
D
A
A
Like
in
do
it
as
shutdown
command
in
Linux,
on
your
instance
and
I,
think
it
will
stay
in
the
running
State.
Is
that
true
I
think
that's
when
it
was
stopped
right,
it
stopped
was
when
you
did
it
from
the
ec2
API.
You
issued
a
stop
and
we'll
try.
This
I
guess
I
think
in
general
that
we
should
drive
it
from
the
use
case
of
like.
Why
am
I
stopping
the
Machine
and
what
do
what
do
we
expect?
A
What
is
the
person
that
stuffing
machine
doing
and
what
what
then
makes
sense
like
and
I
think
that's
what
we
didn't
really
have
clarity
on
to
date.
So
if
we
could
get
clarity
on
that,
then
I
think
we
could
figure
out
what
the
correct
operation
is
like.
There
is
certainly
the
operation
that
I'm
most
familiar
with,
for
when
you
stop
a
machine
is
when
you
are
changing
the
instance
type
I
believe.
D
They're,
changing
IP
addresses
fine,
the
node
reconciles
that
continuously
the
things
that
would
be
more
difficult
or
like
instanceid
things
like
that.
So
we're
talking
about
things
that
would
leave
the
instance
ID
the
same,
but
would
change
other
significant
aspects
of
the
node,
so
network
addresses
and
resources
like
memory
and
CPU,
that
is,
that
is
continuously
reported
by
the
node.
A
Agree-
and
we
actually
I
think
we're
in
a
better
state
with
the
movement
of
this
out
of
the
cube
that
right,
hopefully,
better
state
where,
where
we
now
are
starting
to
request
or
reconcile
more
than
information
via
the
cloud
controller
manager,
we
should
go
and
fetch
it
from
the
API.
So
is
hopefully
in
a
better
state
to
to
do
that.
Yeah
all.
D
Right,
so
if
people
who
are
familiar
with
kind
of
the
AWS
specific
aspects
could
describe
some
of
the
some
of
the
specific
concerns
that
we
want
to
make
sure
we
don't
regress
or
break
that
would
be
helpful
and
then
for
sig
cloud.
We
can
kind
of
agree
on
the
big
picture
like
what
does
it
mean
for
instances
to
go
away
and
come
back?
A
I
think
it'd
be
super
helpful
to
collect
up
any
use
cases
of
why
you're
stopping
the
instances,
because
I
think
that's
has
definitely
been
lacking
right-
is
to
understand
what
what
it
is
because
I
think
it
yeah.
It
will
help
us
so
I
am
the
issue
yeah.
D
I
mean,
but
the
ones
I
know
of
are
treating
it
as
a
like.
A
hard
reboot
I
know
our
ops
team.
That
was
what
prompted
me
to
go.
Looking
for
this
issue,
I
didn't
realize
this
has
already
been
reported.
They
were
doing
that
to
get
around
a
basically
go
hard
reboot
and
then
the
other
is
just
idling.
So
you
have
instances
you
want
to
idle
them
and
not
pay
for
him,
but
then
bring
them
back
up
and
so
having
those
go
into
not
ready.
D
A
Hayes
Fahrenheit
yeah
we
can,
we
can
talk
more
and
like
about
whether
it's
better
to
just
bring
up
the
new
instance
type
thing.
But
yes-
and
certainly
there
was
definitely
there-
definitely
like
two
others
that
I
think
there's
the
my
instance
might
be
compromised.
I
want
to
just
go,
look
at
it,
but
take
it
out
of
like
go
ahead.
It
down
stopping
image,
the
discs
type
thing
and
the
other
one
is
a
lot
changed
the
instance
type,
which
again
you
know.
A
D
A
Because
the
there's
two
things
right,
there's
the
what
is
the
right
thing
to
do
for
AWS
and
then
they're
separately
and
therefore
should
we
also
try
to
make
it
the
same
across
all
providers,
and
it
might
be
that
it
doesn't
make
sense
to
make
it
the
same
as
a
crossover
fighters
if
they
use
cases
like
changing
instance
types
or
something
which
might
you
know,
you
can
imagine
that
some
OpenStack
might
do
it
live,
but
I
can
t
they
might
have
to
stop
or
whatever.
It
is
right.
Some
differences
of
that
nature,
yeah.
D
If,
if
instance
type
is
part
of
the
fundamental
identity
of
a
node-
and
it
seems
like
that-
should
be
part
of
the
ID
somehow
like
the
two
particular
interface
methods,
I'm
looking
at
like
the
instance
exists
by
provider,
ID
and
an
ID
is
passed
in
and
it
ago
says
no,
this
instance
does
not
exist
because
it
found
it
and
it's
not
in
a
running
state
like
that.
That
doesn't
seem
right.
D
It's
also
not
I'm,
not
as
familiar
with
AWS.
To
know
like
what
changes
when
you
change
instance
type
is
that
you
know
everything
is
the
same,
has
just
got
more
resources
or
different
resources
or
like
there's
something
else
fundamental
about
it.
Change
so
it'd
be
good
to
for
people
who
do
know
that
about
any
of
us
to
fill
in.
A
A
A
Thank
you.
Yes,
it's
it's
a
tricky
one
and
there's
always
there's
always
the
option
to
make
it
a
like
a
cloud
provider
specific
to
that.
So
eight
of
us
has
a
cloud
config
file
right
where
we
can
set
options
like
that,
and
we
do
that.
For
you
know,
some
people
run
their
masters
in
different
V,
pcs,
for
example,
and
there's
always
that
option.
But
it's
sort
of
a
we,
the
risk
sort
of
fragmenting
yeah.
D
A
And
we
should
that
we
can
also
try
to
document
the
interface
a
little
bit
better
and
come
with
probably
better
in
names,
because
I
mean
yeah.
Some
of
those
names
are
not
don't
really
explain
exactly
how
they
are
used
right,
and
so
the
contract
is
more
defined
by
how
they
are
used
than
the
even
make
comments
on
that
on
their
methods.
Right
now,
yeah.
D
A
D
A
D
Okay,
well,
let's,
let's
coordinate
on
that
and
I'll
keep
this
up
for
a
sec
Club
thanks.
H
I
guess
you
all
know
about
the
head
of
yours:
I
am
authenticator,
which
was
renamed
a
sorting
order
of
Amazon
II
care,
I
added
the
two
other
projects,
one
in
CL,
the
ingress
controller,
I
ganador
maintain
we're
getting
a
lot
of
bugs
from
multiple
customers,
specifically
new
gene
networks
and
fresh
work,
and
if
folks
from
the
community
can
help
us
that
will
actually
be
really
helpful,
because
Craig
is
dealing
with
all
the
bugs
right
now
and
eld
side.
The
teller
project
is
the
it
obvious
encryption
provider
with
Justin
you
and
that's
worked
on.
H
We
had
a
review
with
the
AWS
crystal
ball
team
internally.
There
are
some
open
questions
as
to
how
reusable
the
decks
are
that
are
generated
by
Amazon
kms
and
our
rotation
of
the
kicks
that
happen
and
I'm.
Basically,
the
scalability
of
the
design
that
being
proposed
so
I
think
we're
working
progress
on
that
section
and
the
fourth
project
is
the
CSI
driver
for
EDF.
H
A
A
H
A
H
A
Certainly
send
an
email
to
the
sig
addressed
mailing
list,
I'm,
not
sure
whether
you
can
add
the
citrus
Google
Group,
but
you
could
try
doing
that
and
seeing
whether
it
worked
but
definitely
send
an
email
to
the
cigarettes
mailing
list
and
I
would
imagine
that.
Then
interested
parties
would
be
able
to
to
follow
along
and
just
would
love
to
hear
about
it,
even
if
they
are
not
gonna
actually
join.
The
meeting.
E
Far
yeah,
so
so,
given
the
Jordans
here
this
week,
I
thought
this
would
be
a
good
venue
to
bring
this
conversation
up,
and
it's
also
related
to
ETA
is
quite
a
bit
here.
So
so
we
actually
filed
an
issue
with
the
aggregation,
API
server
implementation,
which
actually
so
what
happens,
is
any
client
that
and
anybody
anyone
who's
actually
implementing
extension.
Api
server
uses
the
the
core
piece
of
the
the
aggregation
API
server
package
and
that
one
today,
when
it
sees
that
there's
no
client
certificate
bails
out
right
away
right.
E
So
basically,
what
this
means
is
extension
API
servers
operating
in
environments
where
there's
no
client
search
based
authentication
will
be
non-functional
right,
and
this
impact
PK
is
quite
a
bit
because
EJ's
uses
I
am
based
authentication,
so
we've
actually
filed
an
ich
filed
the
issue
and
made
the
fixes.
Well,
so
the
thing
I
want
to
ask
Jordan
here
is:
how
willing
can
this
be
cherry-picked
for
the
next
got
10
release
Jordan?
How
willing
are
you.
D
Make
sure
my
music
yeah
once
that
gets
in
I,
wouldn't
see
a
problem
with
like
getting
picked
back.
Ok,.
E
Yeah,
so
so,
we'll
also
we'll
also
spend
some
effort
making
these
changes
into
the
client
side
of
things
like
especially
the
Service
Catalog,
and
then
there
are
cube
state
metrics.
All
of
these
actually
today
are
not
possible
to
run
in
the
extension
API
server
mode
Ani
case,
so
we'll
actually
spend
some
effort
there
as
well
once
it's
get
Cherie
bit
yeah
cool.