►
From YouTube: Kubernetes Federation WG sync 20180808
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
B
So
I
also
have
another
topic,
because
I
just
supposed
to
email
in
the
Middle,
East
and
I
want
to
discuss
more
about
the
Pro
Mode
and
the
Porsche
mode
and
because
I
haven't
asked
Randy
the
veteran
wait,
who
is
now
using
the
push
mode
and
it
can
work
well
if
the
Federation
control
and
xavius
every
member
clusters.
But
for
some
cases
the
member
cluster
may
only
have
outbound
network
and
may
have
no
impound
network.
B
C
C
The
use
cases
that
customers
are
reported
thus
far
has
been
more
about
not
wanting
a
single
point
of
failure
and
not
wanting
to
grant
effectively
cluster
admin
access
to
a
federation
reconciler
so
having
a
local
reconciler.
Something
like
what
help
me
out
on.
What's
the
box
solution
totally,
you
me.
D
B
C
From
I
could
get
repo
or
something
see
ya
all
clusters.
However,
the
idea
that
this
is
something
that's
a
priority,
I
think
is
I
mean
we
don't
the
idea
that
Federation
is
a
thing
that
is
like
widely
used
and
we
can
easily
prioritize
future
development.
I,
don't
think
that's
the
case.
So
until
we
have
users
who
actually
are
the
coin
Federation
or
like
actually
have
an
interest
in
evolving,
it
not
sure
like
going
off
and
implementing
yet
another
mode
of
Federation.
C
E
Be
happy
to
have
I'd
be
happy
to
have
somebody
do
some
prototyping
around
this,
but
I
am
we
don't
have
development
bandwidth
to
participate
in
it
at
right?
At
this
point
beyond
you
know,
getting
guidance
and
stuff
like
that,
but
I'd
be
really
happy
to
talk
about
it
with
anybody
that
wants
to
explore
the
problem.
Space
and
I
would
definitely
welcome
anybody
that
wants
to
prototype
another
reconciler
or
mode
of
propagation
by
that
I'm
totally
open
to
people
doing
it,
but
we
just
we
don't-
have
development
resources
to
give
to
it
at
Red
Hat.
B
Yeah
pause,
a
decent
check
for
the
coop
applier
and
iphone
that
currently
to
make
sure
that
all
the
clusters
will
have
same
resources
because
they
will
pull
the
same
young
template
from
github.
So
this
will
not
meet
the
requirement
that
if
a
customer
want
to
customize
the
resources
in
their
own
custom,
so
with
could
become
the
chrism
copies
of
same
resources,
but
cannot
customize
your
sauce
in
different
customers.
B
C
Humic
wire
is
simply
the
mechanism
to
apply
configuration
to
a
cluster
yeah
right
so
and
if
you
look
at,
if
you
go
back
and
read
the
documentation
like
there's
a
documentation
trail
for
federation,
v2,
we've
talking
a
model
and
there's
I
mean
the
graph
I
grabbed
the
graphic
on
the
Federation.
V2
read
me
where,
as
diagram
everything
it
talks
about
like
a
pole
reconciler.
C
But
what
feeds
that
on
the
Federation
control
plane
is
a
yellow
generator
so,
where
the
push
reconciler
actually
computes
the
desired
state
for
a
cluster,
then
pushes
it
the
cluster,
the
yellow
generator
would
looking
at
state
of
the
federation.
Control
plane
would
compute
the
amal
required
for
a
given
cluster,
write
it
to
a
git
repo
and
then
cube.
Applier
would
pick
up
that
configuration
and
basically
there'd,
be
a
repo
per
cluster.
So
essentially
it's
like
it's
generating
the
configuration
or
cluster
the
cube.
E
Repository
structure,
like
you
know,
and
cluster
by
cluster
basis
or
or
whether
configuration
should
be
and
format
cube,
applied
respects,
and
then
you
can
run
cube,
apply
on
each
of
the
target
clusters
to
pull
from
the
corrected
repo.
As
when
probably
tens
of
approaches,
you
could
take
to
your
degree,
you
can
apply
or
something
like
it.
B
B
C
So
that
is
configuration
done
at
the
cluster
level
like
as
far
as
I
know.
Key
requires
configured
with
the
repo
and
the
location
in
that
repo,
and
so
setting
up
the
Federation
and
a
full
model
would
be
considering
Cuba
player
or
whatever
alternate
cluster
local
configuration
of
application
mechanism
on
I
do
use
new
player
just
want
sure
you
can
build
your
own
yeah.
E
Yeah
I
would
be
really
happy
to
talk
about
like
a
proof
of
concept
that
we
could
do
with
Cuba
player,
or
somebody
else
has
a
tool
that
they're
really
familiar
with
that
might
be
easier
to
get
started
with
than
learning
something
since
I
had
never
used
Cuba
player.
Yet
personally,
I'd
be
really
happy
to
set
up
a
time
to
talk
about
that.
If
someone
once
spike
and
we
can
whiteboard,
you
know
how
it
would
work
and
take
a
look
at
level
of
effort
to
to
prove
it
out.
B
C
C
E
Set
up
a
time
where
you
and
I
can
talk
about
Kibo
fire
and
like
just
draw
some
pictures
on
the
whiteboard
for
what
we
think
in
integration
with
Federation
putting
content
into
git
repos
that
cube
acquire
consumes,
and
if
we
can
come
up
with
something
that
makes
sense
to
us.
Both
like
anybody's
welcome
to
tackle
on
that
to
prove
that
out.
E
A
A
B
C
C
B
Yeah
because
my
Yosuke
see
that
some
customers
want
to
isolate
their
member
clusters
and
they
want
to
make
sure
that
the
member
cluster
will
not
have
security
issues.
So
that's
why
they
want
to
make
sure
a
gang
member
clusters.
I'm
gonna,
have
outbound
Network
and
on
how
in
boner
logs,
so
just
go
call
the
others.
B
C
D
B
Suppose
we
have
a
two
clusters:
wines
in
North,
America,
Anna
and
another
is
in
Asia,
and
we
also
have
a
fetish
in
Contra
plan,
which
is
also
located
in
Asia
and
then
the
federation
cluster.
The
federation
condor
plan
is
not
able
to
upset
abs
are
in
north
america
and
asia,
and
only
the
people
who
is
rotating
north
america
is
able
to
access
a
PS
over
there.
I.
C
Mean
there
are
good
reasons
to
use
a
whole
model
I'm,
not
entirely
sure
this
is
one
given
that
I
mean
you're
implicitly
trusting
the
Federation's
control
plans
to
generate
appropriate
configuration.
Both
cases
like
free
network,
tunneling
or
VPN
is
not
exactly
rocket
science
being
able
to
provide
the
Federation
role-playing.
The
ability
to
login
to
the
North
American
server
would
seem
weight
in
part,
because
in
that
case
you
could
do
that.
Yes,
a
little
bit
of
you
know
an
operator
to
go
and
configure
that
and
then
you're
done
going
out
to
write
software.
C
You
don't
have
to
maintain
it,
not
suggesting
that
pole
isn't
useful
and
if
you
insist
on
writing
it,
I
mean
certainly
nobody's
gonna.
Stop
you
and
many
people
will
be
very
glad
of
it.
But
I
would
question
whether
the
case
you're
talking
about
really
justified
software
development
that
are
dissing
figuration.
A
Well,
as
a
reply
to
that
mail
chain,
there
was
one
interesting
news
case:
another
user
posted
that
was
about
two
different
clusters
and
each
of
the
cluster
being
behind
the
specific
VPN
network
and
users
within
a
VPN
can
access
that
particular
cluster.
So
it
was
something
like
one.
Vpn
network
cannot
reach
to
another.
We
can
network
or
from
some
network
it
can
or
one
way
or
the
IDA
base.
It
could
be
like
that,
so
the
clusters
are
behind
a
firewall
and
the
users
are
also
behind
the
same
fire-god.
Something
like
that.
C
E
A
But
as
we
have
talked
about
earlier,
I
can
pull
it.
Shishun
has
one
benefit
where
the
reconciler
or
the
full
control
of
each
other.
It's
per
cluster
would
have
access
based
on
that
class
and
it
can
be
controlled
within
that
cluster,
whereas
in
Federation
control
plane
we
basically
need
to
have
admin
level
kind
of
access
to
all
the
clusters
right
now,
so
that
might
be
the
only
benefit
that
I
see.
In
that
case,.
C
A
A
Before
that,
like
I,
remember,
Gwang
yeah,
you
raised
a
point
about
the
reviews
against
the
PRS,
so
I
would
I
would
just
term
if
there
are
other
folks.
Also
on
this
call,
I
would
just
put
in
a
little
bit
of
a
background
that
when
we
started
this
development,
Red
Hat
took
the
ownership
of
the
sync
reconciler,
which
basically
the
end
result
of
which
is
that
using
configuration
alone,
you
can
read
rate
as
a
condition
of
any
type.
A
So
I
I
am
updating.
This
is
because
we
I
see
some
parts
which
are
unreviewed,
which
probably
did
not
get
attention.
That
probably
is
because
maybe
of
this
agreement
and
the
new
one,
if
four
new
contributors
are
coming
in,
we
maybe
need
to
reach
an
agreement
about
the
review
time
given
by
the
reviewers.
E
A
Okay,
I
repeat
that,
so
what
I
was
trying
to
point
out
is
in
the
last
couple
of
weeks.
I
have
noticed
that
there
are
a
couple
of
PRS
which
remained
under
viewed
for
say
a
couple
of
days
or
almost
a
week,
sometimes
so
what
I
did
give
in
a
precursor
to
rest
of
the
folks
in
the
making
that,
while
we
started
this
development,
we
also
we
reddit
and
huawei's,
had
sort
of
an
agreement.
What
portions
of
the
14
own
and
we'll
try
to
review
each
other's
work.
A
But
that
was
not
a
commitment
kind
of
a
thing.
So
that
worked
well.
That
works
fine
for
us
so
far,
but
now
I
see
that
there
are
new
contributors
who
have
joined
in
and
probably
we
might
have
new
more
new
contributors.
So
what
should
be
our
mode
of
reviewing
the
PR
or
the
commitment
or
on
the
review
of
the
PRS
is
what
I
wanted
to
know.
I.
E
I'm
not
sure
that
I'm
ready
to
have
a
discussion
about
commitment,
but
I
can
definitely
say
that
my
I
didn't
recommend
to
everybody
working
on
this
project
to
take
a
pass
to
reviews.
If,
if
we
feel
like
there
are
polls
that
are
scale
are
the
ones
that
you
can
point
to
or
fun
that
you
feel
needed,
review
right
away.
I
see
that
we've
got
this
ete
job,
that's
still
open,
I
didn't
yeah.
A
E
A
A
A
Actually
not
really
this
because
this
point
was
actually
raised
by
Guang
Jia
last
time
he
has
been
raising
couple
of
PRS
recently
and
he
mentioned
that
he
is
not
getting
enough
attention
so
her
that
so
you
I
also
wanted
to
focus
this
on
the
new.
We
are
submitters
I
guess
we
will
take
a
pass
says
and
when
they
come
in,
that
seems
fine
to
me.
Yeah.
E
I
think
if
we
need
to
take
a
pass
through
polls,
let's
take
a
pass.
Their
polls
and
let's
devote
attention
to
polls,
I
mean
if
you
feel
like
you
need
a
review
for
me.
My
my
email
addresses
in
my
github
account.
I
didn't
receive
a
huge
number
of
notifications
from
github
and
I
haven't
really
found
an
effective
way
to
filter
them,
even
with
even
using
the
mechanisms
that
get
github
gives
you
to
do
that.
So,
if
you
ever
need
a
review
for
me,
feel
free
to
reach
out
to
me
on
slack
or
via
email,
cool.
A
A
Okay,
let's,
let's
move
ahead
quickly
and
we
can
talk
about
the
read
or
the
query
organization.
Query
document
down:
oh
yeah,
okay,
yeah
yeah!
Before
that,
the
internal
discuss.
Should
we
discuss
about
that
status
like
federated
status
like
how
we
are
going
to
tackle
that
or
is
there
any
further
use
in
implementing
it
or
it
doesn't
bother
right
now.
C
No
actually
sure
the
status
is
off
this
week,
but
at
least
she's
on
yeah
she's
working
on
him.
One
of
the
things
that
occurred
to
me
in
talking
with
her
about
what
she's
doing
I
think
there's
a
possibility
of
using
status
to
drive,
scheduling
and
getting
sort
of
user
visibility
for
free,
and
this
would
reduce
coccidia
the
scheduling
because
they
wouldn't
have
to
watch
member
clusters.
They
could
just
watch
Federation,
Federation,
so
I'm,
assuming
like
her
pond
and
shark
she's
sort
of
understand
what
I'm
talking
about
yeah.
A
Yeah,
that's
what
actually
she
was
referring
to.
We
have
been
having
some
talks
about
how
to
I
mean
how
the
status
API
should
look
or
there
should
it
be
a
what
should
I
fetch
kind
of
stuff
and
I
find.
There
is
a
little
bit
of
overlap
in
this
read
query
petition,
big
query,
behavior
also
a
feature
called
it
so
yeah.
We
can
maybe
talk
about
that
when
we
come
to
it.
While
discussing
this
document,
also
yeah.
C
I
mean
the
for
me.
The
sort
of
broad
strokes
are
that
I
would
expect.
Data
for
like
ruffles
is
bad
and
deployment.
She
contain
all
the
information
needed
to
drive
schedule
and
I
would
expect
user
like
requirements
for
status,
to
be
subset
of
that.
It's
not
exactly
the
same
thing:
how
like
ready,
replicated
replicas
but
because
what
turn
to
drive
the
scheduler.
A
C
A
C
B
Okay,
let
me
share
my
desktop
so
that
you
can
see
my
screen,
so
I
just
ran
out
so
drop
document
about
how
I
want
to
do
the
traditional
read
for
tradition
me
too.
So
currently,
when
you
first
take
care
of
the
use
kid
here
and
yeah
I,
think
being
last
monthly
cool
clown
acts
that
they
announced
that
the
uncrowned
cheeky
and
they
also
did
a
demo
for
how
to
use
G
key
to
manage
mod
cluster
and
in
the
denim
T
added
a
local
I'd,
say:
Adira
Amram
G
key
to
they're
cheeky
clutter.
B
A
And
summary
I'll
interrupt
you
and
for
the
benefit
of
others,
I
actually,
who
did
not
see
the
video
I
did
have
a
look
at
that
video.
So
the
feature
is
the
feature
is
that
if
you
have
DK
dashboard
there,
you
can
add
an
on-prem
flasher
like
if
you
have
a
be
installed
cluster
somewhere,
you
can
add
it
to
your
dashboard
and
get
information
Yeah.
B
Right
exactly
work
is
good
yeah,
so
my
use
case
is
as
follows.
So
the
first
kid
it
had
as
a
cluster
at
me,
I
wanta
I,
would
like
to
view
a
summary
of
the
harderberg
classes
such
as
these
servers
is
storage
across
different
clusters
and
sang
the
kids
eat,
and
I
would
like
to
check
all
the
cluster
Staters
to
see
if
they
are
healthy
or
not,
and
I
want
to
check
if
own
knows
how
the
annuity
crossed
multi
clusters
and
I
also
want
like
to
check
out
the
workload
cross.
B
So
this
is
the
first
use
case
and
the
second
like
that,
as
a
cluster
operator,
I
want
to
check
the
capacity
and
the
resource
usage
in
you
know
specified
cluster,
because
the
cluster
or
operator
may
only
to
manage
some
specified
clusters.
They
may
not
able
to
manage
all
the
clusters,
so
I
want
to
make
sure
that
I
can
use
some
kind
of
a
our
back
to
limit
the
access
control
for
the
specified
clusters
as
the
segment
that
I
want
to
check.
B
Yeah
and
the
currently,
the
current
state
Racine
Federation,
be
true
that
we
can
only
we
can
accelerate
the
resources
which
is
a
which
is
deployed
by
the
felling
control
plan
such
as
we
can
carry
the
producing
deployment
evaluation,
config
map,
the
Federation
jobs,
etc.
But
we
cannot
carried
the
resources
which
is
not
deployed
by
the
Federation
control
plans
such
as.
A
A
Correct
you
here
also
actually
now
I
haven't
given
the
comments
so
currently
in
tradition,
v2.
We
cannot
really
get
anything
about
the
deployed
workload.
So
that's
what
we
were
talking
about
the
status
there.
We
can
get
some
information
about
what
the
application
of
the
book
load
has
happened.
Probably
it
failed
in
one
cluster,
but
we
do
not
have
a
direct
information
about
it.
B
C
C
The
Federation
and
I
say
that
only
because
Federation,
at
least
in
the
kubernetes
context
in
in
my
mind,
is
about
managing
configuration
across
multiple
partners,
and
that
can
mean
that
you
get
some
visibility
into
those
clusters,
but
it
isn't
necessarily
like
you
can
get
visibility
into
multiple
clusters
without
managing
the
configuration,
and
so
when
we
talked
about
this
is
hospice,
and
some
suggestion
that
maybe
there
could
be
separate
feature
like
I
want
to
be
able
to
look
at
my
clusters
and
drill
down
and
do
stuff
I.
Don't
necessarily
need
to
use
Federation
to
do
that.
B
And
also
you
may
need
ads
in
the
federal
inquiry.
I'm
Nana
wanted
to
address
this
use
case,
because
the
others
can
always
securement
Federation
kind
of
plan
that
you're
directly
deploy
resources
to
remember
clusters.
So
with
this
case,
we
were
not
able
to
gather
resources
from
different
control
plants.
So
we
need
to.
We
need
to
enable
the
Federation
control
and
to
get
that
carnival
resources
which
is
not
deployed
by
the
yeah.
A
So
I
think
that
is
what
does
Maru
talking
about
like
if
you
you
segregate
both
of
these.
If
you
separate
these
two
as
two
different
features,
then
one
feature
is
that
you
can
get
all
the
information
about
all
the
resources
and
photos
or
whatever
information
that
you
probably
want,
and
a
root
read-only
mode
from
clusters.
That
is
one
feature
separate
and
the
status
that
we
were
talking
about
is
the
status
of
for
only
those
resources
which
are
actually
deployed
through
Federation,
and
that
status
is
part
of
rotation.
B
D
A
C
B
C
A
B
Okay,
so
you
scurvy
that
we
want
to
enable
the
other
query:
communities
resources
from
all
subsets
of
current
age
clusters.
So
this
is
the
mirror
you
coming
up.
I
think
that
we
already
mentioned
it
in
the
use
case
here
and
obviously
autos
Scobie-
that
I
don't
want
to
cover
the
are
back
here,
because
I
think
that
we
we
are
planning
to
how
our
Federation
are
back.
I,
think
that's,
and
maybe
we
can
address
it
in
that
product,
that
I'm,
so
security.
C
Considerations
are
considerable
and
I,
don't
think
I
mean
I'm,
not
saying
we
have
to
detail
it
here,
but
we've
had
many
different
discussions
about
how
to
allow
access
to
member
clusters
know
if
I'm
gonna
find
an
administrator
and
I
have
you
know
certain
permission.
There's
some
question
as
to
whether
you
know
in
the
example
that
you're
giving
and
in
the
design
proposal,
where
there's
a
query,
API,
essentially
like
there's
two
ways
of
enabling
that
you
can
either
impersonate
the
user.
C
Who
is
making
the
query
like
make
the
query
with
their
credentials
on
their
behalf
into
those
clusters.
You
can
just
have
global
access
and
just
well.
They
have
access
the
query
API
they
can
access
anything.
But
that
requires
a
lot
more
consideration.
I
think
like
when
you
talk
about
security,
cluster
security,
that's
like
a
pretty
sensitive
topic
and
it's
not
just
a
problem
solved
by
our
back,
because
I
mean
here
effectively
proposing
to
act
as
the
intermediary
for
the
user,
and
that
has
involved.
C
B
I'm,
sorry
Maura,
so
the
camp
is
posting.
Your
comments
in
the
yeah.
A
A
What
I
was
saying
is
that
I
was
expecting,
maybe
more
I
think
you
probably
have
to
put
an
alternative
to
this
and
I
thought
that
last
meeting
we
had
a
chat.
Meru
and
Paul
probably
had
some
discussions
about
the
see
him
earlier
internally
and
they
mentioned
that
they
might
actually
come
up
with
some
suggestions
for
the
same,
so
I
would
suggest
to
sync
up
to
with
fall
or
Meru
offline
and
we
take
their
inputs
and
then
incorporate
whatever
the
solutions
are
there
in
the
document.
Then
it
would
be
good
that
we
review
it.
A
A
C
It
includes
like
access
to
on-premise
areas
or
at
least
off
chiki
chiki
clusters
they're
using
a
user
interface.
That
was
pretty
sure
like
reasonably
confident
that
they're
not
using
a
kubernetes
api
to
do
it
so
pointing
them
to
them
as
prior
art
and
saying
well,
they're
doing
this
and
there
we
have
to
do
that.
I,
don't
see
the
line
of
causation
that
suggests
this
solution.
C
C
A
I
think
we'll
do
that
and
I
may
be
posting.
Whatever
conclusion
we
had
about
this
personally
yeah
in
case
he
has
missed
what
we
yeah.
C
So
my
sort
of
perception
of
this
is
that
you're
proposing
implementation
without
really
good
foundational
justification
right,
oh
okay,
why
of
this
design
is
really
unclear,
and
so
the
suggestion
from
irfon
was
that
you
know
we
follow
up.
You
need
Paul
offline.
Maybe
try
to
hammer
out
like
some
of
those
details
that
appear
to
be
unclear
to
me
and
then
have
more
of
a
detailed
review
of
the
group
like
I,
think
I'm,
not
saying
what
you're
proposing
you
know.