►
From YouTube: SIG Cloud Provider 2022-03-16
Description
Agenda: https://docs.google.com/document/d/1OZE-ub-v6B8y-GuaWejL-vU_f9jsjBbrim4LtTfxssw/
* Leader migration update
* PRs to review before code freeze
A
Hello:
everybody
welcome
to
the
sig
cloud
provider
meeting
on
wednesday
march
16th.
We
will
go
ahead
and
get
started.
Please
remember
to
abide
by
the
cncf
code
of
conduct.
B
B
Well,
can
we
just
assign
it
to
you
and
accept
it.
C
A
C
A
And
go
through
subproject
updates,
so
for
provider
aws.
I
don't
have
too
much.
I
think
we
bumped
122
our
122
release
and
made
some
progress
on.
We
added
some
e
to
e
tests.
Anything
kishore
for
the
load,
balancer
controller.
A
A
Okay,
oh,
you
can
add
the
version
there.
If
you
want
asher,
do
you
want
to
give
an
update.
D
Sure
yeah
no
major,
updates
or
changes.
I
do
have
a
couple
of
pr's
we're
trying
to
get
through
and
I
had
talked
to
andrew
sidekim
about
the
second
one
he
said:
maybe
take
it
to
sig
network.
So
I'm
gonna
talk
to
them
about
that.
Hopefully,
but
question
about
that.
First,
one
andrew.
You
added
some
comments.
D
Yesterday,
I'm
just
kind
of
wondering.
I
know
that
we
obviously
aren't
you
know
getting
this
in
right,
the
second
or
anything
but
like
basically
it
looks
like
you're
you're
saying
hey.
Maybe
we
should
take
a
totally
different
approach
and
like
if
we're,
if
we're
trying
to
kind
of
I
kind
of
want
to
yes
and
that
like,
if
we're
trying
to
solve
an
actual
bug,
do
we
wait
for
the
optimal?
B
Yeah
so.
B
I
do
think
that
so
I
don't
think
my
suggestion
was
like
a
completely
different
approach.
It
was
more
like
let's
do
a
bit
of
cleanup
along
the
way.
Okay,
but
so
this
is
on
the
agenda
for,
like
just
general
prs,
we
should
review
for
code
fees,
so
maybe
oh.
D
A
All
right,
gcp.
B
Yeah
so
made
some
progress
on
the
e2e
test
for
a
cubic
credential
provider.
I
kind
of
have
to
work
around
sort
of
it's
on
the
review
list
below
so
we
can
talk
about
it
more
then.
I
don't
know
if
walter
you
had
anything
else
to
add.
A
C
Ibm
yeah,
we
just
finished
our
124,
bring
up
working
with
red
hat
on
the
4.11
hippie
work
install
with
the
cloud
provider
there
and
then
we're
doing
some
refactoring,
our
vpc
load,
balancer
code,
if
you
recall
a
while
ago,
talked
about
the
open
source
for
that
we
have
kind
of
is
broken
into
two
bits
and
we're
trying
to
refactor
that
to
make
it
a
little
bit
easier.
I
know
andrew
you
had
mentioned
that
it
would
be
nice
to
not
have
those
two
repos
and
that's
what
we're
working
on
cleaning
that
up.
A
Cool
bisphere.
C
We'll
just
release
the
one
that
when
you
see
that
too,
but
191.2
for
some
bug
fixes
didn't
make
any
progress
on
the
e3
test.
Yet.
A
Cool
extraction,
migration:
walter:
do
you
want
to
go
first.
E
Sorry
I
had
to
find
the
unmute
button.
Yeah
server
network
network
proxy
they've
been
a
bunch
of
fixes
in
the
last
few
weeks
and
we
did
put
out
a
dot,
30
release
and
that
that
includes
some
fixes
on
the
client
library
which
goes
into
the
cube
api
server.
So
I
would
recommend,
if
anyone's
using
the
api
server
network
proxy
to
make
sure
they
pick
up
the
dot
30
release.
E
C
A
E
So
might
be
actually
valuable
to
be
a
little
more
directive.
I
think
the
big
one
that
we
are
missing
is
azure,
and
so
I
don't
know
I
mean
I
I
know
el
mico
was
looking
to
help,
but
we
had
also
been
looking
to
try
and
reach
out
to
bridget
and
since
bridgette
is
on
the
call
yeah.
D
El
mico
and
I
have
an
email
thread.
I
just
have
had
I've
inconveniently
scheduled
vacation
over
the
last
couple
of
weeks.
I've
been
in
and
out
so
I
have
no
update
on
it
because
I
have
not
been
able
to
look
through
the
stuff
you
sent
me.
A
Yeah,
so
we
are
exercising
it
in
eks,
like
we've,
pretty
decently,
well
tested
it.
A
Yeah,
I
guess
it
like
we're
gonna
we're
planning
on
using
it
fairly
soon,
so
we
have
like
internal
tests
using
it.
We
just
don't.
A
B
Gotcha,
okay,
so
I
think
job
here.
I
think
the
context
is
like
the
v1
api
update
and
the
graduation
coming
up
right
like
whether,
if
there's
any,
if
there
are
any
issues
or
or
api
changes,
we
want
to
propose
before
we
go.
Ga
124
like
now
would
be
like
the
time
to
do
that,
so
so.
C
B
I
mean
we
still
have
two
weeks,
so
maybe
so
like
the
pr
that
you
have
up
is
is
just
the
the
v1
types
right,
but
not
right,
so
maybe
like
when
there's
a
follow-up
pr
to
bump
the
feature
gate
we
can
just
huddle
again
and
just
make
sure
that
we're
all
okay
with
the
g
graduation
going
into
124
and
discuss
it.
Then.
D
Okay,
quick
question:
has
somebody
put
in
a
docs
placeholder
pr,
because
I
know
for
a
different
not
related
to
this
thing
that
I
have
going
into
this
release.
C
C
A
B
So
sorry,
nick,
I
have
a
question
for
you,
so
you
you
might
like
you're
testing
it
and
you
guess,
but
you
you
mentioned,
the
external
cloud
provider
hasn't
enabled
the
configs
yet
so
like.
How
does
that?
How
does
that
work
like?
Don't
you
need
the
external
provider
to
have
the
migration
config
wired
in.
A
B
A
Have
it
I
mean
we
have
it
on
eks,
like
we
have
the
config
setup
in
eks121
clusters
and
we're
adding
or
we're
doing
the
migration
in
122,
which
isn't
out
yet
any
chaos.
But
what
I
meant
was
like.
We
haven't
done
that
work
in
the.
B
Yeah,
I
think,
we're
I
think
for
gcp
we're
guilty
of
that
too,
like
I
know,
there's
the
the
cops
work
that
jelly
did
but,
like
we
don't
have
anything
in
the
all
right.
Maybe
we
do
with
cuba
never
mind.
I
take
that
back.
I
think
we
do.
A
Cool
yeah
yeah.
I
just
need
to
add
something,
but
I
haven't
got
to
yet.
A
A
So
we
have
cubic
credential
provider
tests.
We've
got
the
v1
types
that
we
were
talking
about
before
for
the
leader
migration.
We
have
avoid
updating
services
with
stale
specs.
B
Yeah
so
the
context
for
my
last
or
sorry,
let
me
back
up
so
there
seems
to
be
a
bug
in
the
service
controller.
B
Where
and
service
controller
is
one
of
those
like
controllers
that,
like
the
ownership,
has
hasn't
always
been
clear
like
if
it's
network
or
cloud
provider,
because
it's
it's
a
controller
that
operates
on
service.
But
it's
only
for
cloud
providers
like
it's,
not
a
generic
kubernetes
controller
but
anyways.
There's
a
there's,
a
bug
here
where
we're
not
updating
the
internal
cache
and
when
I
say
cache,
I
mean
service
controller
has
its
own
like
really
simple,
cache
implementation
of
service
that
it
populates
from
the
actual
controller
cache,
and
the
reason
why
it
has.
B
You
need,
when
you
delete
a
service,
it's
immediately
removed
from
the
controller
cache,
so
service
controller
has
its
own
cache
to
preserve
that
service.
That
was
deleted.
So
we
can
then
do
the
delete
operation,
and
that
was
before
we
added
finalizers
for
server-side
load
balancers
in
like
1,
19
or
118,
like
that
and
there's.
C
B
So
this
is
fixing
like
the
cash
update,
and
I
think
my
point
was
like
we
added
the
finalized
support
in
119
or
118,
which
means
that
we
don't
have
to
worry
about
the
service
being
deleted
from
the
cache
and
not
being
able
to
do
the
delete
operation,
because
we
have
the
finalizer
to
block
that.
And
so
I
think
we
can
just
do
some
cleanup
here
and
just
delete
the
service
cache.
The
internal
service
cache
and
just
use
the
controller
cache
directly.
B
But
I
do
I
do
agree
that,
like
oh,
it
is
like
a
bit
of
extra
work
to
do
and
like
we
are
like
two
weeks
out
from
code
freeze.
So
maybe
we
just
fix
the
bug
and
then
do
the
cleanup
after
I
think
I
could
like
I
think
either
we
could
like.
I
think
I
can
be
convinced
like
either
way
but
wanted
to
hear
what
other
people
thought
about.
B
About
what
we
should
do,
leading
up
to
code
freeze.
D
You
know
I
like
the
idea
of
fixing
the
bug.
I
also
would
like
to
get
the
further
improvements
in
that
you're
talking
about
I'm
just
kind
of
wondering
if
we
can
or
should
decouple
them
and
what
your
thoughts
are
on
that
you
know.
So
it's
to
not
let
the
perfect
be
the
enemy
of
the
good,
etcetera.
E
It
sounds
like
if
we
do
the
delete
that
the
original
problems
having
to
do
with
with
deleting
the
the
services
were
probably
somewhat
subtle
and
subtle.
Bugs
worry
me
to
when
we
get
close
to
code.
Freeze
do
we
know
if
we
have
any
tests,
especially
e
to
e
tests
that
are
specifically
around
why
we
have
that
additional
cash.
B
Yeah,
I'm
I
very
certain
I
remember
reviewing
a
pr
for
adding
an
ed
test
for
this,
for,
like
the
finalizer
like
deleting
a
low
bounce
or
finalizer,
but
I
don't.
I
don't
think
like
the
bug.
Is
that
subtle
or
like
the
behavior
is
not
that
subtle?
It's
just
like
we
didn't
have
finalizers
unbelievable.
We
just
needed
a
way
to
keep
that
in
memory.
E
No,
no,
I
I
grant
that,
but
I
mean
you
know
like
the
the
problems
that
I'm
just
trying
to
anticipate
the
problems
that
may
occur
if
something
goes,
if
there
is
still
a
value
to
having
this
cash
that
we
haven't.
Thought
of
you
know
things
like
this.
I
mean
the
obvious
one
is
okay:
the
service
didn't
get
cleaned
up
properly,
but
the
more
subtle
ones
may
be.
B
Yeah,
I
get
your
point
and
like
it's
gonna
require
a
larger
refactor
of
the
code
and
that
could
create
more
subtle,
bugs,
I
think,
also
just
thinking
about
it
more.
If
we
did
the
refactor,
it
would
also
make
it
much
harder
to
back
pork.
So
maybe
we
maybe
we
should
just
do
the
the
simple
but
ugly
fix
that's
more
back
portable
and
then
in
125.
E
Well,
the
other
thing
is,
I
think:
if
we
go
that
route,
I
think
we
should
commit
to
doing
the
the
refactor
early
so
that
we
have
a
lot
of
bake
time.
E
B
A
A
A
Yeah,
I'm
gonna
have
a
pr
as
well.
That's
gonna
need
review
and
I'm
hoping
to
have
it
probably
thursday
or
friday
this
week,
which
is
for
the.
E
You're
also
welcome
to
send
me
an
early
copy
if
you
want
nick-
and
I
I
am
having
a
bunch
of
time
reviewing
this
so
just
as
soon
as
you
got
something.
Let
me
know.
A
It
might
not
work
for
everything,
though
so
yeah
I
I'll
definitely
reach
out
either.
Maybe
tomorrow
morning
set
something
up.
A
E
A
Cool
anything
else.
A
All
right,
let's
get
into
them
so
andrew
at
cubelet,
credential
provider,
tess.
B
Yeah,
I
think
this
one
might
be
a
bit
contentious
like.
I
think
I
can
see
definitely
arguments
for
why
we
wouldn't
want
this,
but
I
made
some
decent
progress
on
the
adding
some
node
e2e
tests
for
the
crunchwriter
plugin
and,
like
ideally,
I
started
with
trying
to
figure
out
a
way
to
like
incorporate
the
existing
gcp
plug-in,
like
the
external
gcp
plug-in
into
pre-submit.
Somehow
and
like
a
dt,
did
a
bunch
of
work
as
well
on,
like
configuring,
proud
jobs
and
I
think
for
for
ga.
B
We
definitely
want,
like
our
edw,
proud
jobs
to
be
using
the
actual
gcp
creature
provider
plugin.
B
But
for
beta
I
took
a
shortcut
where
I
basically
took
like
a
bare
bones:
implementation
of
the
gcp
plugin,
and
I
put
it
into
the
the
gce
cluster
directory
and
then
I
updated
like
the
remote
node
e3
runner
to
like
compile
that
binary
and
then
configure
the
cubic
credit
provider.
So
we
can
run
a
test
for
putting
a
private
image
with
the
cubelet
credential
providers.
B
Disabled
and
basically
like
the
the
bare
bones
plug-in
that
we're
gonna
keep
inside
the
clutch
directory
is
only
for
testing
and
also
what's
nice
is
that
you
can
actually
build
the
whole
plugin
only
using
like
the
standard,
http
client
so
like
in
the
future.
When
we
remove
the
cloud
providers,
it's
not
going
to
be
an
issue
because
it's
like
importing
some
like
third-party
sdk
or
something
like
that.
B
So
like
the
good
news,
is
like
the
tests
passed
and
it
works
with,
like
with
the
disabled
keyboard,
creative
fighters
feature
gate
enabled
as
well,
but
yeah
like
it's
questionable.
If
you
want
it,
it
kind
of
feels
like
two
steps:
four
one
step
back,
because
we're
copying
an
entry
plug-in
in
in
the
main
kk
repo.
A
Yeah,
well,
I
definitely
like
that.
You
implemented
it
without
using
the
gcp
sdk,
which
is
impressive.
B
B
And
yeah
right
there,
if
you
scroll
up
a
bit
where
the
cubelet
flags
are
plumbed
in
right,
so
yeah
like
yeah,
like
we're
explicitly
setting
and
like
this,
is
actually
for
all
the
node
tests,
which
maybe
we
need
to
get
that.
But
this
is
effectively
disabling,
like
the
aws
azure
gcp
plugins
in
the
cubelet,
to
really
make
sure
that
we're
not
accidentally
offing
through
the
other
mechanism.
E
Right
so
I
have
a
sort
of
my
one
comment
I
will
make,
which
is
sort
of
related.
I
was
chatting
with
stephen
augustus
a
few
days
ago
and
I
have
already
promised
that
I
would
send
a
a
short,
probably
like
a
two-pager
detailing
what
needs
to
happen
for
cloud
provider
and
testing
and
release.
E
E
But
my
general
feeling
is
this
is
not
making.
This
is
not
materially
moving
us
in
in
a
is
not
adding
to
the
problem
we
already
have.
We
are
going
to
have
to
solve
the
the
extraction
problem
for
testing
and
I
don't
think
this
is
really
noticeably
making
that
any
more
difficult
and,
in
the
meantime,
it's
giving
us
test
coverage.
We
need.
A
Yeah,
I
agree
with
that.
I
think
that
we're
testing
the
pieces
that
we
want
to
be
testing
with
this
change
sure
we
have
a
kind
of
ugly.
You
know
cloud
provider
more
additional
cloud
provider
code
but
but,
like
walter
said,
we're
testing
what
we
actually
want
to
be
testing
with
this.
So
you
know
whatever.
B
Okay
sounds
good,
so
yeah,
please
review
it
and
I
think,
with
this
gr
merged.
I
think
we're
also
good
to
go
beta
on
this
feature,
because
we
also,
I
think
the
other
requirement
was
like.
We
have
at
least
two
implementations
out
there,
which
I
think
we
do
and
then
yeah
we're
going
into
ga
we'll
have
a
requirement.
B
I
guess,
like
the
the
g
criteria,
would
basically
be
we
can
set
the
cubelet
credential
provider
or
disable
cubelet
feature
gate
in
basically
like
all
the
proud
jobs
which
would
necessitate
like
walter's
effort
around,
like
fixing
that
circular
dependency
around
how
we
test
with
the
gcp
provider
and
whatnot.
So
I
think
it
will
be
a
good
forcing
function
for
ga.
B
C
C
A
I
can
make
this
bold
and.