►
From YouTube: SIG Cloud Provider 2021-09-15
Description
- Azure specific question, curious about thoughts around running the Azure Node Manager as a service
related https://github.com/kubernetes-sigs/cloud-provider-azure/issues/800`
- Webhook controller for CCM KEP approved for Alpha.
reach out to andrewsykim or cheftako if you’re interested
- KubeCon talk prep
A
All
right,
hi
folks
today
is
wednesday
september
15th
2021.
This
is
the
cloud
provider
sig
bi-weekly
meeting
a
reminder
that
this
is
a
cncf
project.
So
please
follow
our
code
of
conduct
yeah.
So
I
see
pretty
short
agenda.
I
guess
we'll
go
through
the
some
project
updates
based
on
who's
attending.
A
I
see
yeah.
I
guess
nick
is
first
for
aws.
A
B
A
Okay,
cool
all
right,
I
will
skip
azure
because
I
don't
see
anyone,
google,
I
don't
want
to
give
them.
I'm.
C
Trying
to
think
if
there's
any
thing
that
we
haven't
already
mentioned,
we
got
a
note
ipam
in
and
I
think
you
know
we're
working
on
the
lkg
support.
I
think
that's
it.
A
Yep
ibm
cloud
see:
there's
no
updates.
I
have
no
updates
for
vsphere
either.
I
think
yeah
extraction
migration
just
called
now.
A
A
lot
of
that,
okay
cool
all
right,
let's
jump
straight
into
the
agenda
elmiko.
I
think
you
have
the
the
azure
one.
D
Yeah
I
mean
this
might
be
a
short
question
if
we
don't
have
any
azure
people
here,
but
this
is
a
this
had
come
up
in
discussions
internally
for
us
and
I'm
just
you
know,
I'm
kind
of
curious
if
anyone's
heard
talk
about
the
node
manager
being
run
as
a
service,
specifically
on
like
windows
or
wincy
clients
or
containers.
I
I
don't
know
if
there's
any
discussion
about
that.
A
Yeah,
there's
been
quite
a
lot
of
discussions
around
what
azure
does
around
its
cloud
node
manager.
So
I
can,
I
don't
know
if
I
can
speak
specifically
about
like
using
it
on
windows,
but
I
can
talk
about
like
why
we've
added
that
on
linux-
and
maybe
that
might
help
a
bit.
A
Sure
yeah,
so
I
think
that
largely
the
context
is
around
azure,
being
maybe
more
strict
around
resource
quotas
or
like
api
resource
quotas
and
other
clouds,
and
essentially
like
when
you
move
from
entry
to
other
tree
you're
losing
the
capability
for
the
cubelet.
To
look
up
the
ask
query:
the
metadata
service
for
node
information
and
you
delegate
all
of
that
to
the
cloud
controller
manager
right
and
that
basically
results
in
the
cloud
controller
manager.
A
Doing
more
api
requests
to
to
retrieve
note
state
and
the
azure
folks
had
mentioned
that
you
know
in
in
a
in
a
large
a
lot
of
large
clusters
that
do
a
lot
of
scaling
as
well.
It's
common
for
customers
to
like
run
out
of
quotas
right,
especially
like
not
just
ccm,
but
you
also
have,
like
other
controllers
acting
the
system
that
would
also
eat
up
quota
but,
like
the
ccm
was
just
kind
of
adding
to
that,
and
I
think
for
the
azure
case.
A
Specifically,
they
they
like
adding
more
quota,
is
not
feasible,
like
there's
a
reason
why
the
quota
restrictions
are
there
right
and
so,
like
you
know,
just
telling
customers
or
like
just
saying
like
admiral
quota,
is
not
an
answer
for
azure
and
so
what
they
did
was
they
they
pulled
in
or
they
pulled
out
specific
node
controller
out
of
cloud
controller
manager
and
they
basically
run
it
as
part
of
a
daemon
set,
which
they
call
cloud
node
manager,
and
that
does
some
parts
of
the
node
of
the
node
initialization
running
as
a
daemon
set,
where,
like
every
daemon
set
running
on
a
specific
node,
is
responsible
for
finishing
the
node
registration
for
that
node
by
querying
the
metadata
service.
D
So
I
guess,
like
I'm,
I'm
a
little
confused
because,
like
my
understanding
about
this
cloud,
node
manager
is
that,
like
we
need
to
be
running
it
on
every
node
and
in
azure
there
can
be
some
windows
nodes.
So
I
know
like
the
azure
folks
had
put
time
into
creating
like
services
that
wrapped
the
other
processes
but
like
based
on
what
you're
saying
is
this:
like?
Does
this
clone
cloud
node
manager
not
need
to
be
run
on
every
node,
then.
A
So
my
understanding
is
that
it
does
have
to
run
every
node
and
that's
essentially
like
the
big
trade-off
right,
like
you're,
sacrificing
a
slice
of
compute
on
every
single
kubernetes
node
to
run
this,
like
one-time
node
in
this
initialization,
whereas
in
a
regular
like
a
standard
like
yeah
like
a
more
standard
ccm,
you
would
just
run
it
like
once
in
one
node
that
does
registration
for
every
node,
I
think
it
not
being
able
to
run
on
windows
like
I
think
that
is
maybe
a
oversight
or
some.
Maybe
it's
a
feature
request
right.
D
Okay,
cool-
and
I
think
this
is
very
helpful
and
I'll
I'll
share
the
recording
with
my
colleagues
and
hopefully
they'll.
You
know
this
will
kind
of
answer
some
questions
for
them.
I
I
appreciate
it.
A
E
D
E
You
absolutely
do
and
it's
not
even
a
unique
problem,
so
I
will
point
out
that
you
are
almost
certainly
going
to
hit
the
same
problem.
I
know
we
do
with
credential
provider,
because
the
credential
provider
needs
to
be
run
with
the
cubelet
and
has
to
be
running
on
the
right
version
of
the
binary.
Now
we
don't
do
it
with
demon
set
but
yeah.
This
is.
This
is
not
a
unique
problem.
A
Oh
yeah,
like
I
honestly,
wouldn't
be
surprised
if
the
azure
folks
did
have
a
image
tag
for
like
the
windows
build
somewhere.
D
E
The
the
other
possibility
is,
I
mean
damon
is
one
way
to
do
it,
but
if
you're,
if
it's
something
that
has
to
be
on
every
every
note,
I
mean
we
have
other.
There
are
other
ways
to
do
that.
The
cubelet
itself
obviously
is
not
being
deployed
as
a
daemon
set.
So
you
can
look
at.
There
are
multiple
ways
to
slice.
This.
A
Okay,
walter,
the.
E
Web
hook,
controller
for
yeah,
so
we've
been
hoping
to
get
this
in
last
time
and
we
didn't
quite
squeak
it
in
in
time,
but
we
did
get
it
in
this
time,
so
the
the
web
hook
controller
is
now
in
having
said
that,
I
think
there
is
definitely
opportunity
if
people
are
interested
to
take
up
part
or
all
of
this
problem.
Andrew
and
I've
been
chatting
about
this.
E
If
I
find
time
there
are
parts
of
this,
I
would
like
to
do,
but
that
is
you
know
that
is
me
being
probably
over
ambitious,
given
all
of
the
work
that
needs
to
be
done.
So
if
people
are
interested
in
this,
please
reach
out
to
either
andrew
or
I
and
we
can.
You
know
this
is
a
great
opportunity
to
start
doing
some
design,
work
and
really
getting
you
know
some
contributions
in
the
cloud
provider,
space.
A
Yeah
and
I
think
code
freeze
is
in
a
month
or
so
right
so
yeah.
It
is
like
a
bit
of
a
tight
squeeze
like
writing
a
whole
like
web
hook,
extensions
framework
and
the
interface
in
a
month,
but
yeah,
I
think,
it'd
be
good
to
get
an
early
start
like,
even
if
we
missed
this
release,
at
least
for
the
next
release.
We've
done
a
chunk
of
the
work
and
we
we've
given
some
thought
and
we've
tried
to
actually
build
it.
E
I
would
agree
with
that.
I'd
also
say
the
there
are
multiple
pieces
to
this,
and
some
of
them
are
smaller.
So,
for
instance,
one
of
the
things
that
we
call
out
is
that
the
the
existing
extension
mechanisms
could
be
made
a
lot
more
manageable
with
a
builder
system.
E
So
even
you
know,
people
don't
feel
like
doing
the
whole
web
hook
extensions,
but
wanted
to
work
on
something
like
a
builder.
That
is
certainly
doable
and
would
be
a
great
thing.
So
I'm
just
gonna
say:
there's
a
range
of
work
here,
which
you
know,
depending
on
how
ambitious
you're
feeling.
B
A
Okay,
steve,
I
think
you
have
the
next
one
about
kubecon.
F
Yeah
the
event
itself
is
in
about
a
month,
tech.
Technically
I
I
think
our
plan
is
that
individual
cloud
providers
who
choose
to
take
advantage
of
opportunity
can
either
be
there
in
person
to
deliver
a
lightning
talk,
update
of
the
status
or
submit
a
short
video.
I
think
three
minute
ish
would
be
about
right
that
we
would
play
from
the
stage
with
the
speakers
who
are
going
to
be
there
live
I'd
really
like
to
get
that
done
early
rather
than
the
week
before,
and
I
kind
of
just
slapped
together
a
preliminary
deck
totally
draft.
F
E
F
I
just
shared
the
whole
screen:
is
that
visible
or
should
I
consume?
Okay,
so
just
title
slide
using
the
conference
deck?
Here's
the
agenda
we
kind
of
are
obligated
this
based
to
do
this
based
on
the
abstract
we
provided,
but
we'll
open.
F
F
So
I
don't
think
this
is
controversial,
because
I
was
lazy
and
I
went
back
to
the
old
presentations
and
cut
and
pasted
stuff
that
looked
good
and
wasn't
obsolete
so,
and
I
think
we'll
put
this
slide
on
there
and
not
read
the
whole
thing
to
the
audience,
but
just
give
a
voiceover
of
summarizing
what
it
says
here
then
a
quick
summary
of
why
we're
moving
out
a
tree.
This
is
just
a
list
of
problematic
aspects
of
it
being
entry,
then
the
migration
status
report
and
in
the
abstract.
We
said
that
we'd
point
out.
F
These
things
think
walter.
If
you're
going
to
be
there,
maybe
you'd
be
the
appropriate
person
to
be
doing
this
so
feel
free
to
just
edit
these
slides
rip
them
out
and
replace
them
whatever,
and
then
we'll
have
a
segway
to
these
lightning
talks.
Now
I
know
how
to
embed
like
mp4s
into
powerpoint,
but
if
we
want
to
use
google
slides
or
something
instead,
I
don't
know
how
to
do
that,
but
it's
probably
possible.
F
So
the
intent
is
we'll.
Have
them
queued
up
and
whichever
cloud
providers
want
to
be
on
the
list
and
get
it
done
in
time
will
and
won't
send
a
representative
there
physically
to
do
it
live
as
an
alternative,
just
submit
the
video,
and
we
can
kick
them
off.
F
They
were
supposed
to
cover
efforts,
accomplishments
roadmap
and
I
may
have
left
some
out,
but
this
is
the
list
of
people
who
seem
to
be
showing
up
regularly,
but
I
think
it
you
know,
because
we're
an
open
community.
Anybody
who
wants
to
as
a
cloud
provider,
I
guess-
can-
can
submit
one
so
anyway
that
would
go
here
in
the
deck.
Then
we
get
to
the
futures
and
interesting
topics.
F
The
abstract
called
out
multi-repo
and
testing
and
removing
the
cluster
directory,
but
there's
probably
room
for
more
and
then
we'll
have
a
slide.
That
closes
the
thing
with
the
link
to
when
this
group
meets
and
how
to
join
the
group.
Google
group,
and
probably
the
slack
channel,
would
be
appropriate
so
that
that's
it
for
what
deck
I
had
and,
like
I
say
I'll
I'll
share
this
to
the
group,
but
I
was
just
working
on
it
this
morning,
so
it
hasn't
been
shared.
Yet.
E
Thank
you
steven,
a
couple
of
quick
comments.
The
first
is
even
for
the
folks
who
are
actually
on
site,
including
the
presenters.
I
would
strongly
suggest
that
we
record
anything
that
needs
an
internet
connection,
so
I
I
personally
think
it
would
be
very
nice
if,
even
if
we
did
it
as
an
edited
version,
we
show
how
you
would
go
into
that
solution.
E
So
go
to
cloud
provider,
gcp,
go
to
cloud
provider,
azure,
go
to
cloud
provider,
aws,
go
to
cloud
provider
and
you
know
vmware
and
bring
up
a
cluster
and
show
that
the
cluster
works.
E
F
You
know
it
just
occurred
to
me
that
even
for
people
who
will
be
be
there
now
with
the
inescapable
covet
going
on,
you
never
know
when
you
might
flunk
a
covet
test
just
before
you
were
planning
to
get
on
a
plane.
So
as
a
fallback
plan,
I
think
even
for
people
who
hope
to
be
there,
maybe
having
a
recording
there,
as
the
backup
plan
would
be
a
great
idea.
F
E
I
I
completely
concur.
The
other
thing
I
would
like
to
comment.
Is
I
mean
it
is?
It
is
certainly
great
to
say
that
you
have
a
good
solution
and
I
encourage
everyone
to
talk
about
having
a
good
solution.
E
Please
avoid
comparatives
or
talking
about
other
people's,
and
you
know
this
is
just
basing
being
kind
and
considerate
of
all
your
fellow
contributors.
A
lot
of
people
have
put
an
effort
into
all
the
different
cloud
provider
solutions
and
they
are
all
good
and
you
know
so,
it's
fine
to
say,
hey
I
work
for
azure.
We
have
a
great
solution.
This
is
this.
We
we
we
do
wonderful
things
on
providing
you
the
ability
to
run
windows
workloads
on
kubernetes.
E
That
is
a
fine
message.
Please
avoid
saying
things,
however,
like
we're
the
only
real
solution
for
running
work,
windows,
workloads
on
kubernetes
right
and
I
don't
want
to
be
difficult,
but
just
you
know,
let's
make
this
cordial,
let's
be
considerate
of
others
in
all
of
the
recordings
I
don't
really
want
to
have
to.
You
know,
push
back
on
any
of
the
recordings.
I'd
love
to
just
take
him
straight
out
of
the
you
know.
On
the
first
attempt.
B
We
should
also
be
pretty
clear
about
our
maximum
time
for
each
video
so
that
we
make
sure
we
can
fit
fit
everything
in.
E
F
Okay,
well,
I
think
that's
it
unless
anybody
has
anything
else
and
if
somebody
can
shoot
me
the
alias
for
sharing
this
with
the
entire
group
and
wants
either
in
slack
or
chat
right
now
or
whatever.
D
I
have
kind
of
a
process
question
here
before
we
wrap
up,
although
I
guess
we
still
got
scrub
and
triage
to
go
through
walter
did.
Did
you
happen
to
post
the
recordings
from
the
extraction
meeting
last
week?
Okay,.
E
Oh,
that's
my
bad,
it
was.
It
was
a
personally
hectic
weekend.
I
will
get
on
that,
but
thanks
for
the
reminder,
yeah.
D
C
D
That's
I
mean
that's
very
cool
like
I
know
this
isn't
quite
the
meeting
for
it
or
whatever,
but
we
have
you
know
several
red
hatters
who
I
think
are
very
interested
in
understanding
like
you
know
how
we
can
help
out
with
this
process
and
how
we
can
kind
of
link
up
with
it,
because
you
know
we're
doing
a
lot
of
these
we're
testing
a
lot
of
different.
You
know
cloud
controller
managers
and
we
want
to
get
into
this
more.
So
I
think
you
know
we'd
love
to
be
a
part
of
that
effort.
C
Yeah,
I
think
it's
order
of
like
days
not
weeks
to
get
that
done
so,
hopefully
I'll
make
sure
that
we
broadcast
it
pretty
loud,
so
keep
an
eye
out
for
it.
Awesome.
A
All
right
so
should
we
do
triage.
B
A
Attach
detach
controller
failed
for
aws.
B
A
E
G
Go
up
I
just
want
to
see
in
this
run
network
he's
not
cleaning
out,
which
leads
me.
G
E
E
E
I
mean
technically,
but
I
think
more
than
anything
else,
this
is
about
like
doing
resource
cleanup
at
the
end
of
either
their
test
run
or
cube
down.
A
A
Okay,
I
think
maybe
this
works.
A
Okay,
deal
with
later,
okay
cool,
I
think
that's
all
for
triage.