►
Description
Kubernetes Data Protection WG Bi-weekly Meeting - 24 August 2022
Meeting Notes/Agenda: -
Find out more about the DP WG here: https://github.com/kubernetes/community/tree/master/wg-data-protection
Moderator: Xing Yang (VMware)
A
A
So
today
we're
going
to
go
over
cpt
update,
so
yvonne
will
give
us
an
update,
and
I
just
want
to
give
a
quick
update
of
cozy
status
that
shouldn't
take
that
long,
so
yvonne
you
can
take
it
over.
You
want
to
share
anything.
Let
me
kill
you.
B
Yeah
yeah,
can
you
give
me
zoom
permissions
to
sure.
B
Let
me
try
so.
B
Okay,
can
you
all
see
my
web
browser?
Yes,
okay,
cool,
yeah,
hi
everybody.
So
two
weeks
ago
we
talked
about
like
the
suggested,
like
implementation
of
the
aggregated
api
server
in
order
to
support
like
the
change
block
records,
some
large
amount
of
them
coming
back
from
the
back
end
storage
provider.
B
So
just
a
quick
recap,
like
so
far
like
we
talked
about
like
a
deployment
model
where
we
have
like
a
common.
So
looking
at
referring
to
the
same
slide
here
like
we
have
a
common
external,
like
pot
likely
like
a
deployment
workload
that
runs
and
serves
the
aggregated
api
server
and
the
aggregated
api
server
will
own
like
a
custom
resource
type
called
volume
snapshot
delta,
and
that
is
like
the
ex
I
guess
like
the
the
user
or
the
backup
software
facing
interface.
B
And
then
the
second
component
in
our
proposal
involves
like
embedding
like
a
cbt
site
car
into
the
storage
providers,
csi
driver
and
this
site
car
primarily
like
has
two
functions,
the
first
being
that
as
the
csi
comes
up
during
his
bootstrap
like
the
cb,
the
site
car.
Would
you
know,
register
or
broadcast
itself
via,
like
a
drive?
B
A
new
like
driver
discovery,
cr
and
in
it
like
it,
will
have
information
about,
like
the
name
of
the
driver
and,
more
importantly,
the
information
on
how
to
for
how
the
aggregated
api
server
would
connect
to
the
csi
driver.
B
And
so
the
implication
here
is
that,
like
there
will
be
a
service
resource
likely
of
type
like
cluster
ip
sitting
in
front
of
the
csi
driver,
and
then
the
sidecar
would
say:
okay,
I'm
driver,
you
know
food.bar,
and
you
know
to
find
me.
You
know
you
have
to
talk
to
this
this
service
here
and
then
the
aggregated
api
server
would
send
like
all
the
cbt
requests
to
that
service
and
which
proxy
it
to
the
csi
driver
and
then
from
there
the
site
car
would
upon
receiving
the
cpt
request.
B
It
will
make
like
you
know,
a
csi
grpc
call
to
the
storage
provider,
csi
plugin
between
the
same
csi
driver
and
then
this
is
where,
like
the
plugin,
would
no
how
to
talk
to
the
the
real
electron
back-end
like
cbt,
endpoint
and
fetch
me
all
the
chain
block
records
between
the
space
and
this
target
volume
based
on
the
volume
handles
so
and
before
I
go
into
like
what
we
laugh
where
we
last
left
off
like
is.
Are
there
any
questions
around
like
this
approach
so
far,.
B
Okay,
yeah,
if
anything
comes
up,
just
feel
free
to
interrupt.
You
know.
B
We
appreciate
to
hear
some
thoughts
and
feedback
from
folks
and
so
last
sorry,
last
during
last
meeting
like
the
we
left
off
with
like
the
what
the
the
challenge
that
we
encounter
during
like
our
prototype
coding
effort,
the
and
the
challenge
is
that,
like
we,
don't
have
like
a
reliable,
a
consistent
and
reliable
way
to
persist
like
all
these
like
custom
resources
into
the
kubernetes
scd,
the
you
know
like,
as
you
all
know,
like
you
know,
not
all
kubernetes
distribution
like
I'm
exposed
to
that
yeah
like
a
cd
endpoint
and
because
we
are
implementing
an
aggregated
api
server.
B
We
can
no
longer
tell
like
the
kubernetes
api
server
that
hey
please
go
and
persist
all
these
custom
resources
that
the
user
created
into
the
kubernetes
of
scdu.
You
know
the
the
moment
again,
our
aggregated
api
service
try
to
send
such
a
kind
of
persistent
request
back
to
the
kubernetes
api
server.
B
B
So
in
our
prototype,
what
we
did
was
we
spin
up
like
independent
instance
of
scd,
just
to
unblock
ourselves.
B
So,
like
things,
you
know
like
the
volume,
central
delta
and
the
driver
discovery,
they
all
get
persisted
into
that
prototype
scd
instance,
and
two
weeks
ago
we
talked
about
how
like
persisting
this
driver
discovery
type
is
pretty
straightforward.
You
know
it
could
just
be
a
crd
controller.
You
know
like
whether
that
controller
run
as
a
sidecar
is,
as
part
of
our
you
know,
cbt's
common
server
or
common
service
workload
or
one
independently
somewhere
else.
B
You
know
it's
not
that
big
of
a
discussion
topic
at
least
not
from
last
week,
seems
to
be
a
very
straightforward
implementation.
The
challenge
is
like
volume,
international
delta.
So,
like
it's
like,
you
know
there
were
discussions
around
like
do
we
split
the
responsibility
between
an
aggregated
api
server
and
some
sort
of
controller.
B
You
know,
and
if
we
do
that
it
seems
you
know
potentially
hard
to
reason
about
like
which
component
is
responsible
for
which
functionalities
of
the
custom
resources-
and
there
was
some
discussion
on
slack-
you
know
like
around
how
it's
not
uncommon,
to
have
like
multiple
watches
watch
the
same
custom
resource.
B
But
then
again
you
know
and-
and
I
think
like
so
dave
carl
and
I
had
we
had
a
chance
to
like
you-
know,
talk
over
this
and
chat
more
and
then
like
hoping
to
share
some
of
our
like
discovery
and
I'm
learning
with
you
all.
I
think.
Right
now
we
are
leaning
towards
like
not
persisting
the
volume
snapshot
delta
at
all.
B
So
what
we
meant
is
like,
if
we
look
at
this
next
slide
here,
so
starting
with
the
backup
software
like
it
can
use
like
client,
go
to
say
to
create
like
a
volume,
snapshot,
delta,
custom
resource
and
then
and
then
this
will
be
post,
send
as
a
post
request
over
to
our
aggregator
api
server.
B
And
you
know
the
main.
The
key
thing
here
is
like
the
aqua
api
server
would
just
not
bother
to
persist
this
resource
at
all.
You've
got
a
post
request
and
inside
the
post
request
it
has
a
body
of
payload
which
contain
all
the
parameters
that
we
need
and
then
the
aggregated
api
server
would
be
able
to
retrieve
the
volume
snapshot
object
you
know,
and
then,
and
obviously
what
goes
down
to
the
volume
structure.
Content
objects
to
retrieve
things
like
the
volume
handles,
and
then
it
will
also
be
able
to
retrieve
the
driver,
discovery
or
resources.
B
So
we
know
where
to
send
like
all
this,
like
parameters
to
the
csi
driver
and
then
of
course,
like
you
know,
like
the
the
the
main
thing
here
is
that
like
because
we
are
not
possessing
the
volume
snapshot,
delta
resource
is
all
like
yeah,
so,
like
user
won't
be
able
to
do
something
like
keep
cuddle
create
and
then
they
will
be
able
to
do
something
like
you've
got
to
create,
but
they
won't
be
able
to
do
something.
Like
you
kind
of
get.
You
know
the
aggregator
api
server
always
said.
B
Like
that's,
you
know
it's
not
supported.
All
resources
are
not
found
at
first.
It
feels
like
a
bit
ill.
You
know
weird,
you
know
ugly,
but
having
like
dug
deeper
into
some
of
the
kubernetes
core
resources.
Apparently
this
is
not
an
uncommon
pattern.
B
You
know
one
example
that
which
that
I
found
was
really
like
something
related
to
our
back,
so
obviously,
subject,
access
review
and,
as
a
matter
of
fact,
everything
under
the
authorization
like
api
group,
but
all
of
them
has
a
great
rest
method,
but
they
do
not
persist
anything
at
all.
B
So
you
know
like
so
user
would
do
something
like
you
kind
of
create
and
then
the
requests
would
be
you
know,
intercepted
will
be
handled
by
api
server,
kubernetes
server
and
it
just
does
a
bunch
of
things
like
just
really
like
rbac,
validations
and
authorizations
and
then
send
like
the
result
back
to
the
users
and
without
persisting
anything
so
I
try
to
run.
I
try
playing
with
this
example,
specifically
on
my
terminal
using
cube,
cuddle
and
yeah.
B
If
I
do
like
cubado
create
something
like
you
know,
test
you
know
sar,
subject
access
review,
it
creates
it
do
a
lot
of
processing
and
come
back
with
a
lot
of
response
payload.
But
when
I
try
to
do
the
cue
cutter
get
again
against
the
same
resource
name,
it
will
just
fail
and
say
no.
This
is
not
supported
and
rightly
so,
like.
B
If
we
look
at
this
some
rest
structure
or
mapper
of
subject
access
review
like
it
doesn't
support
it,
support
nothing
but
create,
and
then
it's
the
same
with,
like
all
the
other
yeah
like
subject,
rules
review,
subject
as
a
review,
so
it
turns
out
it's
pretty
common,
at
least
like
in
in
this
in
this
particular
package.
Here
is
a
commonly
it's
a
common
approach,
so
it's
not
as
weird
as
we
thought
it
would
be
to
begin
with,
for
not
with
not
persisting
the
custom
resource.
A
So,
but
that
okay
does
this
satisfy
the
use
case
for
the
backup
software
software?
You
just
did
your
post
and.
A
B
Yeah,
I
think,
like
and
again
like
you
know,
especially
focus
on
the
call,
especially
if
you
you'll
be
responsible
for
the
backup
software
site.
I
would
love
to
hear
from
you.
I
think,
really
it's
just
on
their
site.
It
just
goes
down
to,
like
you
know,
in
your
client,
joe
or
client.
You
just
create,
like
it's
literally
called,
like
a
create
method
to
create
the
this
object
and
then
wait
for
the
payload
to
come
back.
Shunt,
changing
your
ratio,
hand
or
something
you
have
questions.
C
Yeah,
I
I
have
a
good
question
sure
yeah,
the
one
thing
that
bothers
me
a
little
bit
is:
it
will
make
the
backup
software's
item
potency
nearly
impossible
only
without
only
with
api
server.
The
main
reason
is
that
when
you
imagine
you're
doing
pagination
right,
let's
say
you
have
like
a
millions
of
blocks
changed.
C
You
need
to
literally
the
backup
software
need
to
literally
remember
where
they,
where
they
were
last
time,
people
calling
the
api
for
the
next
batch
of
blocks.
If
it
crashes,
then
it
cannot
easily
recover
this
information
from
api
server,
but
instead
they
need
to
maintain
this
information
somewhere
else.
B
C
B
Yes,
I
think,
like
I
think,
even
in
the
previous
design,
like
we
didn't
account
for
like.
B
Persisting
like
those
like
pagination
data,
so
yeah,
I
think,
like
I
think
like
again.
I
I
think
you
can.
Your
point
is
is
is
is
valid.
You
know
like
yeah.
If
so
they
can
the
backup
software
becomes
responsible
in
knowing
when
you
know,
if
there's
an
interruption
where
to
resume,
I
think,
like
it's
a
bit
of
a
trade-off
there.
I
again
just
went
away
like
how
you
know
much
of
this
is
you
know
you
know
like
it's
acceptable,
how
much
of
it
is
a
blocker.
B
It's
like
you
know
the
I'm
just
trying
to
think
here
yeah.
I.
B
Even
if
it
does
this
there's
a
lot
of
like
there
are
a
bit
of
like
you,
know,
authentication
and
authorization
shenanigans
that
we
have
to
jump
through
right.
Like
say,
if
you
have
like
a
a
part
like
this,
there's
no
direct
way
for
you
to
write
into
the
lcd
to
get
kubernetes
at
cd
endpoint,
because
it
may
not
be
discoverable.
C
But
this
cbt
aggregate
abr:
how
did
you
get
from
xcd
anyways,
so
everybody
can
do
a
gate?
I
suspect
you
cannot
can
also
do
a
put
right.
B
So,
okay,
here,
no
not
quite
so,
it
can't
get
like.
So
if
we
are
talking
about
getting
like
an
other
resource
kind,
so,
for
example,
in
this
type
in
this
life,
we're
talking
about
get
like
a
driver
discovery
right.
If
that
is
handled
by
a
different
crd
controller,
then
the
client
would
it
means
like
say
if
this
is
implemented
using,
for
example,
if
we
go
back
to
here
right
in
this
diagram,
I
show
like
a
a
different
site
car,
which
is
a
crd
controller.
B
That
knows
how
to
like
that
owns,
like
the
driver,
discovery
or
crd,
so
because
this
is
not
an
aggregated
api
server
implementation.
This
is
just
a
normal
crd
controller
like
it
can.
It
can
still
like
you
know,
like
tell
the
kubernetes.
You
know
api
server
to
persist
that,
because
you
know
I
mean
like
this
is
the
difference
between
like
the
aggregate
api
server
and
the
crd
controller,
a
controller
like
can
still
like
tell
the
kubernetes
this
api
server.
Please
persist.
C
B
If
you
get
api
surveys
that
you
completely
like
override
and
and
hijacks,
you
know
like
that
that
the
endpoint
that
that
kind,
the
the
type
that
we're
talking
about.
C
I
talk
to
api
server
directly
and
create
a
resource
whether
the
controller
kicks
in
or
not
it.
It's
not.
It's
not
impacting
my
flow,
I,
as
a
user,
that's
correct
anyway,
yeah
yeah
anyway,
I'm
I'm
not
trying
to
you
know,
I'm
not
disagreeing
with
you
you're,
just
saying
that
the
just
for
you
at
your
point.
I
feel
a
little
bit
weird
that
some
software
running
in
kubernetes
will
rely
on
something
else
that
is
persisted
to
to
maintain
its
item
potency,
because
the
the
resource
itself
is
not
in
the
api
server.
B
Yeah
yeah,
I
think,
like
I
want
to
clarify
two
things
there
like
it
is
eden
potent
in
a
sense
like
as
long
as
we
send
back
the
same
base
and
target
and
like
so
as
long
as
the
parameters
are
the
same.
B
A
B
Feel
like
even
with
like
even
with
like
persisting
it,
I
mean
sorry
even
without
like,
even
even
if
we
possess,
like
the
volume
snapshot,
delta
somewhere.
A
B
Trying
to
envision
like
we
actually
save
like
the
pagination
data,
like
into
the
resource
you
know
like
if
we
do
say
if
we
like,
if
we
save
it,
and
then
we
say
okay,
my
status
is
like
maybe
the
last
time
I
did
this
was
this
like.
I
just
wonder
if
we
would
actually
do
something
like
that.
You
know,
like
that's
exactly.
B
I
think
like
would
we
do
that,
though,
like
what,
if
like
it,
would
stay
like
that
forever,
though,
like?
How
do
you
re-trigger
this,
like?
Do
you
delete
it
restart,
I
think,
there's
just
yeah.
I
think
that
they're
more
to
be
retriggered,
meaning
what
so?
Okay.
So
let's
say,
if
I
finish
right,
this
is
this-
is
the
la
this
is
the
end
of
it
there's
no
more
blocks,
so
this
object
will
stay
like
this
inside
scd
or
whatever
storage
like
indefinitely
right.
C
B
But
the
offset
say
okay,
so
if
the
okay
say,
if
you
offset
zero
and
then
that's
it
and
then
it
comes
back
and
then
you
say
they
aggregated
api
server
and
said:
that's
it.
This
is
all
the
entries
and
that's
it
no
more,
and
this
is
what
get
persisted
inside
scd
right.
It
will
still
always
stay
as
offset
zero.
B
C
C
B
Yeah,
let's
try
to
think
because,
like
yeah,
you
know
we
might
just
end.
We
might
just
end
up
with
something
like
say
if,
if
somehow
like,
if
the
last
call
finished
with
something
like
that
right
and
then
it
would
always
you
know,
and
then
they
said
just
one
call
and
then
we
are
done
and
this
this
would
always
stay
the
same.
This
will
always
stay
the
same.
All
like
you
know,
so
I
think
there's
just
not.
I
think
there
needs
to
be
some
way
to
to
indicate
that
hey.
I
want
to
restart
this.
B
No,
no,
no
worries
at
all.
I
think
like
yeah,
I
think,
like
the
trade-off,
would
be
that
we
need
to
find
somewhere
to
possess
with
which
so
far
like
it
seems
to
be
a
very
like
difficult
like
implementation,
and
at
least
like
you
know,
because
we
can't
like
reliably
say
we
want,
unless
we
want
to
grow
our
own,
like
storage
part
which
may
not,
which
sounds
like
a
bad
idea
like
with
what
we
did
with
the
prototype.
B
We
create
our
own
like
a
cd
or
whatever
storage.
We
want
to
choose
so.
C
Any
another
question
is
the
whole.
I'm
just
curious:
if
we're
not
persistent
this,
what
would
be
the
release?
Look
like.
C
Let
me
just
try
to
explain
what
I
was
thinking
so
the
the
end,
users
suppose
expected
to
use
client
go
basically
some
go
library
right,
yeah
to
communicate
with
the
aggregate
api
server.
There's
no
api
per
se
right,
so
volume
snapshot
delta
is
not
persistent,
but
it's
an
api
like
a
crd,
but
not
necessarily
a
crd
right
now
the
client
go
and
the
volume
snapshot
data
they
are
combined
together,
so
they
have
to
be
released.
At
the
same
time
is
my
understanding,
correct.
C
The
client
go
library,
yes,
yes
right
now.
The
question
is
my
question
is
how
I,
as
a
so
I
need
to
manage.
I
has
a
backup
software.
I
need
to
manage
my
binary
so
that
it
links
to
the
right
client
goal
version
and
then,
from
there
I
decide
which
api
version
to
use
is.
That
sounds
like
weird
to
me.
How
help
me
understand
that
please.
B
There's
no
different
from
how
you
would
do
it
with
a
crv
os.
As
far
if
I
understand
you
correctly,
so
I
think
like
we,
we
agreed
that
behind,
like
the
so,
for
example,
behind
this
api,
which
is
constructed
and
built
by
the
api
server,
there
will
still
be
like
a
go
type.
You
know
that
says
volume
central
delta
there
would
still
be
like
the
whole,
like
client
go
being
generated.
You
know
b1
alpha
one.
B
Yeah
yeah
yeah-
and
this
is
the
one
thing
about
like
the
the
you
know,
like
the
entire
kubernetes
api
paradigms
right
at
the
end
like
there
needs
to
be.
Like
a
you
know,
a
group
version
kind,
like
you
know,
an
a
type.
You
know
that
has
a
group
name,
a
version
name
and,
and
you
know
a
kind
type
and
then
that
maps
to
like
you,
know
the
the
yeah.
B
It's
not
like
some
random
unstructured
thing
that
we
can
do
like
kubernetes
always
requires
some
kind
of
resource
type
at
the
at
the
handling,
as
well
as
the
storage
level.
Does
that.
B
So
shane
you
do
you
have
any
thoughts
on
this.
How
do
you
feel
about
it.
A
B
Yeah
yeah,
so
it
would
be.
I
mean
like,
as
far
as
like
the
aggregated
api
server
itself
is
concerned.
It's
almost
like
a
pass-through
like
you
know,
it's
like
you,
give
me
a
request,
and
then
I
I
just
like
send
it
to
like
the
csi
driver
and
whatever
the
csi
driver,
give
me
I'll,
send
it
back
to
the
backup
software.
So
if
the
same
base
and
same
target,
you
know
whatever
the
response
comes
back
from
you
know,
the
csi
driver
side
would
just
be
sent
back
to
the
backup
software.
B
It
did
for
some
reason
if
that
changed
by
this,
on
the
on
the
far
deep
back
end,
then
the
back
end,
so
the
backup
software
we
just
see
what
comes
back.
B
The
only
thing
extra
that
this
the
aggregated
api
server
would
do
is
to
find
the
volumes
that
the
volume
handle
from
the
volume
snapshot,
resources
based
on
the
base
and
target
parameters,
and
then,
of
course,
like
the
driver
discovery
resource
to
find
which
way
the
csi
driver
endpoint
is,
but
otherwise.
A
Yes,
it's
actually
so
actually
I
like
create
snapshot
when
you
make
the
same
call
for
the
second
time,
it's
actually
supposed
to
give
you
the
same
same
thing.
A
So
so
maybe
this
is
similar
to
that,
so
the
post
is
actually
kind
of
like
a
get
now,
if
you
call
it
for
a
second
time,
it
doesn't
make
sense
for
that
to
change
it's
the
same
snapshot
handle
you
give
the
same
input.
You
should.
B
B
B
Yeah
yeah,
so
you
know
yeah
like
interesting
that
you
brought
up
like
the
gaps,
I
guess
feeling
to
it.
So
we
had
some
also
like
on
our
because.
A
B
A
Suppose
you
create
10
volumes
in
the
back
end,
you
should,
it
should
just
result
in
one
volume,
so
it's
almost
like
a
gap
when
you
call
it
the
second
time.
B
Yeah
yeah,
so
so,
like
so
you're
saying
like
yeah.
So
with
the
volume
snapshots,
the
first
requests
the
first
time
ever
like
it
would
be
a
post
and
then
subsequent
ones
become
get
no.
A
D
A
D
C
A
Case
this
one,
because
this
is
not
supposed
to
change
this-
is
like
it's
not
like
you're,
creating
the
volume
it's
being
created.
You
know,
there's
something
like
that.
This
is
just
the
snapshot
is
already
cut.
The
two
snapshots
they're
already
there
you're
getting
the
the
diffs,
and
then
they
they're
not
supposed
to
change.
It's
not
like
when
you
call
it
the
second
time
you
should
change.
You
should
not.
B
Yeah
yeah,
so
you
know
during
like
the
the
engineering
call
with
dave
and
call
like
we
have
something
like
debate
about
shouldn't
it
be
opposed.
Should
you
be
at
least
should
be
again,
you
know
like
so
one.
You
know
if,
if
we
in
general,
if
we
agree
with
like
the
general
direction
of
not
so
I
think
the
key
to
before
we
go
into
that,
I
think
the
first.
B
The
key
thing
here
is
like
if
we
can
all
agree
with
like
not
persisting,
the
volume
snapshot,
delta
and
then
just
so.
The
first
point
is
not
persisting
yet
and
then
the
second
point
is
definitely
being
like.
It
will
be
eaten
protein
and
then
the
third
point
being
like
I'm
the
controller.
B
We
have
to
do
more
work
with
managing
the
pagination
and
and
stuff
like
that.
So
if
we
can
agree
on
all
these
three
points
stan,
I
feel
like
we
have
a
way
forward
for
the
for
for
the
cab.
So.
A
B
Yeah,
so
let's,
okay,
let's
get
into
that,
let
me
just
write
something
down.
First,
I.
A
Was
thinking
this
is
a
little
different
from
when
you
say,
create
snapshot,
because
you
are
actually
creating
a
new
object.
This
one
is
not
really.
B
A
B
Yeah
and
also
like
an
object
like
a
uid
and
then
sorry.
B
Yeah,
so
I
think
like
we
talk
about
like
so
this
is
more
or
less
the
same
deal,
but
we
changed
the
pose
to
a
list
just
just
for,
like
the
sake
of
discussion
and
exploration,
so
with
lit.
So
if
we,
whether
it
is
so,
we
can
okay,
if
we
want,
we
can't
do
a
get.
So
if
we
do
it
get
like
on
call.
B
So
yeah,
instead
of
saying
like
hey,
create
this
volume
snapshot,
delta
requests
or
custom
resource
we
can
so,
I
feel,
like
you
know
so,
with
this
some
the
approach
this
this
one,
you
said
like
hey
telling
kubernetes,
like
you,
know,
get
me
all
the
and
to
change
block
records
related
to
correspond
to
this
test
delta
volume.
B
Central
data
like
what,
if
we
kind
of
explored
the
different
avenue
and
say
hey,
just
ask
like
kubernetes,
specifically
our
custom,
api
server
and
say:
hey,
get
me
a
list
of
change
block
records
with
the
bass
related
to
this
bass
and
target
the.
So
I
think
like
yeah,
we
ex
so
you
know
it's
just
I
feel
like
at
the
end,
it
feels
like
they
achieved
the
same
goals
that
we
talked
about
these
three
key
points
here.
B
B
So
I
think
this
technically
we
shouldn't
like
post,
like
a
body
payload
insectic
request,
so
we
may
have
to
rely
on
something
like
a
query
parameters
that
got
attached
to
the
the
uri
and
then
or
we
can
try
to
realize
something
like
we
can
try
to
like
you
use
something
like
car
fuel
selectors.
I
don't
know
how
many
of
us
are
familiar
with
that
which
is
different
from
label
selectors
and
but
there's
like
just
some
from
what
we've
explored
some
limitation
there.
B
So
I
don't
know
if,
like
folks,
have
like
opinions
about
whether
we
should
post
like
a
body
payload
or
we
should
try
to
send
a
list
but
get
like
and
knowing
that
we
have
to
we.
So
we
no
longer
have
something
like
this
this.
B
This
kind
of
this,
this
volume
snapshot
delta,
like
we
just
kind
of
like
just
almost
remove,
remove
it
completely,
and
then
we
just
say:
hey
chain
list
me
a
list
of
change
block
like
records
or
whatever
we
want
to
call
it,
and
then
we
have
to
find
we
have
to
pass
it
in
with
as
a
query,
parameter
and
then
maybe
to.
B
Let
me
just
quickly
update
this
and
then
the
the
record
just
becomes
something
like
you
know.
It's
like
a
list
of
all
these
things
and
and
come
on
this
that,
like
it's
pretty
much
like
serve
the
same
purpose,
return
the
same
except
it's
like
all.
B
These
three
key
points,
it's
just
now
as
a
matter
of
semantic,
do
we
care
about
a
post
with
a
page
based
on
payload,
or
do
we
want
a
list,
but
with
something
like
query
parameters
and
and
if
you
want
to
invest
time
into
seeing
how
few
selectors
would
work
with
this
kind
of,
I
guess,
like
virtual
resources,
that
don't
get
persisted
and
stuff
like
that.
D
Yeah
one
just
a
little
more
coloring
on
that,
so
you
know
we
had
looked
a
lot
at
least
versus
post
and
the
list.
If
you
look
at
the
api
machinery
and
look
at
the
list
options
right,
it
actually
has
interesting
stuff
about.
You
know
how
to
for
the
pagination
rather
limit
and
continue
define,
but
that
field
selector
thing
got
us
at
the
end,
because
the
semantics
are
very
unclear
on
that.
B
Yeah
by
default,
I
feel
selectives
have
like
it's
very
limited
in
terms
of
what
you
can
support
in
name
and
name
spaces,
and
they
start
the
core
types.
Obviously
I
mean
if
we
want
to.
D
It
yeah
yeah
and
I
think
the
end
result
was
you
know
we
prefer
not
to
break
out
to
raw
rest
api
and
we
want.
We
want
to
be
able
to
do
this
through
cube
titles
through
standard
stuff.
If
we
go
the
list
route
right,
it
would
be
very
difficult
to
specify
these
field
selectors
these
these
query
parameters
as
field
selectors.
It's
not
clear.
It's
going
to
be
supported,
so
we'd
rather
stay
with
the
existing
machinery.
That
was
our
decision
criteria.
A
B
You,
if
we
switch
over
to
list
or
get
then
we
can
do
keep
cuddle,
get
change
block
records,
for
example,
but
now
we
have
to
it
won't
work
directly
because
we
won't
have
kubekato
won't
allow
us
to
it
will
have
to
be
at
the
client
go
level
like
you
kind
of
with
cue
cutter.
We
can't
do
like
something
like
you
know
the
query
parameters
or,
like
you
know,
with
field
selectors
like
we
have
to
get
it
find
out.
A
I
was
just
asking
because
the
car
was
saying
we
want
to
be
able
to
use
the
cube
color.
So
if
we
use
posts,
what
can
we
do?
We
can
just
do
a
crate
right.
B
Okay,
let
me
show
you:
I
want
to
give
everyone
a
chance
to
subs
see
what
it
looks
like.
Let
me
just
try
to
sorry
sean
chan
give
me
one
minute,
so
you
should
be
able
to
see
my
terminal
now.
A
B
Okay,
so
you
see
like
yeah,
so
if
I
use
keep
cuddle
so
going
back
to
the
crate,
so
again,
parker
site
create
will
get
for
now.
So
this
is
subject
access
review
which
we'll
talk
about
right.
So
I
can
do
a
create
here
and
then
you
know
like
it
would
send
back
like
all
this
payload
from
the
at
the
bottom
of
the
screen
and
all
this
payload
from
like
the
kubernetes
api
server.
B
So
essentially
we
say:
hey,
go
and
get
this
thing
I
mean
so
I
go
and
create
these
things,
and
then
you
say:
okay,
I
did
what
I
and
then
going
back
to
the
code
path
that
I
showed
earlier
like
it
did
all
this
object
authorization
and
then
it
sent
back
the
status
and
in
our
case
the
status
would
just
be
all
the
change
block
records.
So
if
I
try
to
get
it
and
then
you
know
it
would
just
say
hey,
this
is
not
allowed.
B
You
know
rightly
so
right
because
earlier
we
saw
in
the
code
that
it
only
support
create
and
then
they
create,
just
like
you
know
it
just
essentially
posts,
like
I'm
sorry,
just
scrolling
or
scrolling
up
here.
It
posts
like
all
this
like
somewhere
in
up
here
somewhere
in
this
giant
chunk
of
things.
It
show
it
posts
like
a
json
body
to
the
api
server.
So
that's
kind
of
the
the
the
user
experience
that
like
we
are
going
after.
So
whether
so.
B
I
guess
I
hope
that
clarifies
like
shings
your
comments
about,
like
you,
cuddle,
get
your
kind
of
create
a
little
bit
like,
of
course,
on
the
backup
server
side.
It
would
be
this
equivalent
of
client
go
or
client.interface.whatever
create.
You
know
those
sort
of
things.
A
Okay,
shenzhen,
do
you
have
any
comments
or
just.
A
Okay,
okay,
maybe
I
think
it's
fine,
maybe
just
can
I
post
as
the
most
method,
but
then
just
write
down
the
list
as
an
alternative
that
we
discussed.
B
Sure,
like
with
the
list
of
alternatives,
okay,
so
that
sounds
good.
I
think
what
I
okay
so
great.
I
think
we
have
a
path
forward
for
the
cap.
I
can
go
ahead
and
update
it,
and
then
I
guess,
like
shin,
we
will
have
to
go
through
the
cab
review
for
one.
A
B
Yep,
okay,
sure
that
sounds
good.
Let's
see,
okay
cool!
I
think
that's
all
from
me
if,
like
yeah
after
this,
like,
if
folks
have
any
questions
about
this
feel
free
to
ping
me
on
the
kubernetes,
I'm
slack
thanks.
Everybody.
A
So
yeah,
so
thanks
yvonne
now
going
back,
I
just
want
to
give
a
quick
update
of
cozy,
so
cozy
finally
made
it
to
alpha
in
1.25
release
and
there's
a
vlog
that's
going
to
come
out.
I
think
it's
on
the
september,
2nd,
that's
the
publish
date!
So
take
a
look
of
this
one.
If
you're
interested.
A
And
then
we
move
this,
this
open
issue
from
phone
to
the
next
meeting.
Is
there
anything
else
you
guys
want
to
talk
about?