►
Description
[SIG-Network] Ingress NGINX Bi-Weekly Meeting for 20220412
A
Okay,
so
good
morning,
good
afternoon-
and
I
think
that's
almost
good
evening
from
some
of
you-
this
is
signet
working
resin
gynex
community
meeting
today
is
april.
12
2022,
my
name
is
ricardo.
I'm
gonna
be
your
host
for
this
meeting.
A
I
kindly
remind
you
that
this
is
a
community
meeting
at
kubernetes
community
meeting
and
we
are
under
the
code
of
conduct,
kubernetes
community
conduct
code
of
conduct,
so
please
be
excellent
with
each
other
and
any
violation
should
be
reported
to
the
sig
network
chairs
or
to
call
to
the
conduct
at
kubernetes.io
and
let's
get
started.
A
A
I
don't
want
to
get
fired
because
of
you
folks
hold
on
so
yeah.
I
think
this
is
the
right
one
cool.
So
okay,
so
we
do
have
a
good
agenda.
Today.
I
have
just
added
as
a
last
minute
something
about
the
ch
root
and
other
improvements
about
all
of
the
security
improvements
that
actually
we
are
looking
into
and
then
we
can.
A
A
So,
as
you
all
know,
we've
been
receiving
some
reports
lately
on
people
trying
to
explore
annotations
and
and
some
ingress
path
feuds
to
bypass
and
to
ex
escape
from
the
template
in
a
way
of
adding
some
some
comments
to
to
inginax
conf
that
allows
attackers
to,
let's
say,
try
to
gather
some
information
being
those
informations.
A
The
service
account
token
that
can
be
used
to
to
carry
any
ingress
or
certificate
on
on
the
cluster
or
trying
to
check
like
enjoy
next
conf
file,
or
anything
that
you
can
do
adding
configurations
directly
into
nginx
conf
right.
So
we
did
some
improvements
in
in
in
the
software,
in
a
sense
of
trying
to
avoid
people
adding
adding
nasty
stuff
into
into
annotations.
A
But
this
is
not
enough
right,
so
we
started
to
discuss
how
we
could
split
in
gynex
the
control
plane
and
the
data
plane,
because
it's
pretty
risky
for
the
user.
You
have
something
that's
exposed
in
the
internet,
a
proxy
server
and
that
same
proxy
server
got
access
to
all
of
your
service.
All
of
your
kubernetes
objects
right.
So
from
the
security
perspective,
this
is
not
good.
A
What
happens
is
that
splitting
control
plane
in
data
plane
is
not
a
one
day
or
a
one
month
thing
that
can
be
done
right,
so
it
takes
a
lot
of
time.
It
takes
some
study
on
how
this
can
be
done
using
grpc
and
and
checking
how
the
things
works
internally
in
in
english
before
changing,
and
we
needed
to
make
that
move
fast
right
at
least
trying
to
protect
a
bit
more
our
users.
A
So,
based
on
that,
I've
shown
you
before
this-
I
guess
like
one
month
ago,
but
this
is
now
merged
and
ready,
which
was
an
effort
actually
to
to
jail
the
enginex
process
inside
the
ingress
controller
process
right,
so
they
still
run
on
the
same
container,
but
the
the
nginx
process
cannot
access
any
more
things
outside
of
the
container,
mainly
the
volumes
and
the
files.
A
So
if
someone
can
escape
in
internally,
they
can
still
gather
like
nginx.com
information
and
some
other
things
that
can
still
be
dangerous,
but
not
the
kubernetes
service
account
or
or
other
things
from
the
main
container
right
and
my
plan
for
this
is
actually
releasing
these
as
part
of
view
1.2.
A
But
this
is
not
right
now.
This
is
not
enabled
by
default
right,
so
I'm
going
to
write
some
documents
on
that
and
some
announcement
on
that
and
why
this
is
not
enabled
by
default,
because
there
is
a
a
really
small
change,
but
this
small
change
actually
can
be
something
still
not
allowed
in
in
kubernetes
cluster,
like
pod
security
policies
or
prosecuted
emissions,
which
is
this
small
thing
here.
A
Where
is
it
I'm
missing
that
thing?
Yeah
anyway?
There
is
a
permission
that
we
need
to
add.
I
just
don't
remember:
where
is
it
that
mainly
we
need
to
add
capability
ch
root
right,
so
we
do
already
have
a
capability
called.
How
can
I
say-
oh
I
forgot
to
add-
actually
here
amazing-
well
done
ricardo,
so
we
already
do
have
the
capability
of
net
bind
in
a
sense
of
allowing
the
the
nginx
process
to
bind
into
port
80
and
443
right.
A
So
it's
somewhere
here,
I
can't
remember,
but
we
don't
have
the
same
capability
on
on
ch
route,
so
this
may
break
both
security
policies
and
what
security
admissions
right
now
right.
So
I
want
at
least
first
to
announce
people
to
people
saying
hey.
This
is
going
to
be
the
four
in
one
version,
1.2.5
or
1.3,
but
we
are
giving
you
some
time
to
change
this
before
just
updating
right.
So
please
reach
our
cluster
admin,
reach.
A
Whoever
makes
the
security
policies
in
your
cluster
and
make
sure
that
those
person
they
understand
that
you
need
the
ch
root
in
a
sense
of
getting
some
more
protection
in
in
your
cluster
in
your
ingredients.
Okay.
So
this
is
the
first
thing
and
the
second
one
that
I
want
to
deliver
in
version
1.2
better
and
this
one
is
going
to
be
enabled
by
default
but
can
be
disabled.
A
It's
this
pull
request
that
I
have
merged
and
gentile
helped
me
reviewing
this
this
week,
which
is
this
deep
inspector,
so
why
this
is
required.
We
figured
out
that
some
things
in
kubernetes
api.
They
don't
have
the
proper
validation
that
we
do
expect
right.
A
So
this
one
actually
is
a
is
what
I
call
a
deep
inspector
and
it's
it's
actually
what
it
says.
It
is
right,
so
every
object
that
ships
to
be
reconciled
by
by
the
store
or
that
that
gets
into
kubernetes
into
ingress
using
admission.
So
we
are
gonna.
Have
this
process
in
both
of
places
right.
It's
gonna
pass
through
a
deep
inspect
process
which
basically
it's
gonna,
go
through.
A
The
whole
object
like
I'm
gonna,
enter
into
the
rules
and
the
rules
tls
and
this,
but
not
on
the
secret
and
other
things
that
are
like
right
now:
basic
object
parts
and
I'm
gonna
check
if
they
are,
if
they
are
part
of
some,
some
rejects
right.
So
if
they
are
trying
to
use
the
alias
field
or
if
they
are
trying
to
use
the
root
of
the
if
they
are
trying
to
use
a
bailou
or
something
or
even
if
they
are
trying
to
get
etc.
First
of
the
dnginex
controller
or
varun
secrets.
A
So
any
of
those
fields
right
now
that
contains
any
of
those
strings.
It's
going
to
be
denied
to
be
reconciled,
and
it's
not
going
to
be
part
of
the
inginx
configuration
right
and
the
idea
here
is
actually
that
we
grow
these
rules
in
a
sense
of
okay.
We
figured
out.
There
is
some
dangerous
string
that
can
be
denied
like
some
dangerous
directive
in
kubernetes,
and
then
we
are
gonna,
keep
doing
this
and-
and
this
is
enabled
by
default,
but
why
this
can
be
disabled,
because
I'm
not
sure
yet.
A
What's
the
performance
issue
that
that
this
may
get
right
so
those
rejects,
they
are
pre-comp
pilot
in
a
sense
of
being
faster
than
on
the
runtime.
So
they
are
just
like
pointers.
They
are
really.
They
should
be
really
fast.
But
yet,
if
you
have
like
five
thousand
objects
or
something
like
that,
you
you
have
all
of
those
five
thousand
objects
being
sent
to
this
deep
inspector.
When
the
ingredient
giant
exit
it
it
starts,
it
first
starts
and
every
time
someone's
try
to
insert
a
new
object.
A
This
new
object
is
it's
gonna
pass
through
this
deep
inspector
right.
So
those
are
the
two
main
changes
for
one
version.
Two
and-
and
I
wanna
release
a
better
in
this
case,
because
I
want
actually
people
to
test
do
to
all
of
the
announcements
that
we
are
gonna.
Do
I
want
people
to
test
and
to
have
some
time
to
test
before
we
do
a
ga
release,
and,
and
maybe
we
then
with
their
feedback,
we
can
just
release
like
with
ch
root,
enabled
by
default
or
not
right,
but
this
is
the
idea.
A
So
my
action
item
right
now
is
actually
to
write
the
what's
the
name
of
the
the
documentation
actually
an
announcement
on
that
right,
I'm
not
sure
if
it's
gonna
be
a
kubernetes
blog
post
or
if
it's
just
gonna
be
something
that
we
can
add
in
our
own
documentation.
I
mean
I,
I
really
don't
care
where
this
thing
is
gonna,
be
I
just
care
about,
like
we
making
sure
that
people
know
about
that
right.
A
So
we're
announcing
this,
we
asking
we
putting
this
in
twitter,
we're
putting
this
in
our
channel,
we're
really
saying
folks.
We
need
your
feedback
on
this
thing
before
we
release
ga
right
and
my
time
window,
for
that
is
actually
releasing
this
better.
I
will
start
working
on
this
better,
probably
today,
if
I
have
some
time
and
releasing
this
better
and
then
asking
for
folks
to
and
actually
making
the
ga
release,
probably
on
the
weekend
or
probably
on
sunday
or
monday
right.
Any
questions
on
that.
B
Cool
amazing,
nice.
I
have
just
one
one
remark
on
that.
You
mentioned
that
you
want
to
work
on
documentation
and
I
think
we
should
also
make
sure
to
add
something
on
the
developer
documentations.
B
I
think
we
have
something
describing
describing
the
code
elements,
and
maybe
we
should
add
there
something
as
well
about
this
major
change:
okay,
yeah.
A
Yeah,
probably
probably
I
need
to
write
here
about
the
ch
route
yeah.
I
mean
at
least
writing
how
this
works
and
why,
as
an
example,
we
added
because
yeah
there
are
some
things
that
happened
under
the
hood
that
I
forgot
to
to
to
tell
you
like
in
this
case.
I
can
actually
go
through
it
really
fast,
but
I
I
have
added
a
cs
log
here
right,
so
our
ingress
right
now
it
does
have
actually
a
syslog
server
as
well.
A
It
behaves
as
a
syslog
server
and
this-
and
this
happens
because
there
is
no
easy
way
of
shipping
the
logs
from
engine
x
to
external
things
right.
This
is
something
that
I
actually
asked
it
for
f5
folks
in
in
some
channel
thread
like
hey.
A
That
should
be
a
way
of
shipping
the
logs
to
a
standard
output.
I
know
that
this
is
not
a
cool
thing
to
do,
or
maybe
there
is
some
problems,
but
because
we
cannot
ship
the
locks
to
standard
output
directly
and
there
are
some
gaps
and
timing
gaps
between
engine
x-generating,
the
logs
and
material
reading,
the
locks,
the
easier
the
easiest
way
of
doing
that
actually
was
creating
that
log
cheaper,
which
is
I'm
not
sure
where
this
logger
one
yeah.
A
So
we
now
we
do
have
a
a
a
syslog
running
here
and
what
this
is
like
does
is
actually
it
just
takes
the
the
log
messages
that
come
from
nginx
jload
and
it
prints
on
the
screen
to
be
part
of
the
the
standard
output
right
so
so
yeah.
I
need
to
write
all
of
these
things,
I'm
just
trying
to
remember,
and
now
I
am
instead
of
that.
I
don't
know
where
this
is
here.
It
is
yeah.
C
True,
so
do
we
have
it
nginx
writing
to
the
syslog
server
directly.
A
D
C
Yeah
for
sure
yeah
I
mean
that
all
looks
good.
The
the
other
part,
with
the
validation
check
that
that
validation
is,
that
being
just
run
against
the
attributes
that
are
being
defined
by
the
api,
or
is
it
running
against
the
nginx
config
itself.
D
A
Ingredients
in
gynex
and
and
my
plan,
actually
I
made
in
a
way
that
right
now
it
runs
only
against
ingress.
But
if
you
figure
out
that
we
need
to
validate,
let's
say
some
service
pointing
to
local
hosts
or
some
weird
address,
or
something
like
that.
We
do
have
some
counter
measures
on
that
in
some
other
parts
of
the
code,
because
that's
a
best
cv
from
actually
from
endpoints
api
and
not
not
from
ingress.
A
A
Nice
and
any
other
question
on
that,
so
no,
I
will
write
the
the
announcement
and,
if
I
forgot
about
writing
the
dev,
I
I
will
you
can
you
can.
You
can
actually
tell
me
because,
with
those
things
delivered
actually
we'll
have
some
more
time
to
work
on
on
all
of
the
pr's
and
all
of
the
things
they
are
missing
on
all
of
the
follow-ups
right.
So
I
was
just
really
mad
about
like
getting
this
thing
done.
A
Okay,
yeah!
I
can
imagine
yeah
yeah,
okay,
okay,
so
let
me
close
this
down.
We
can
probably
move
forward
to
issue
triage,
so
we
okay,
there
is
another
one.
We
should
add
an
additional
reviewer
approver,
so
that
okay,
I'm
discussing
this
with
james
and
alvin.
Actually
I
proposed
this
to
them
all
right.
So
that's
I,
I
think
that's
clear
for
all
of
you
that
that
jintao
is
making
a
really
good
job
and
also
as
we
have
this
like
he
he's
in
china
and
we
are
liking
at
least
me
and
and
james.
A
We
are
in
america,
so
I'm
just
discussing
with
them,
but
this
is
getting.
We
are
actually
working
on
that
right.
So
I'm
just
waiting
for
a
plus
one
of
them
to
add
jintao
as
an
approver
or,
if
not,
if
they
say
no,
maybe
providing
this
feedback
on.
Why
yes
or
why
not?
And
how
can
we
solve
this,
but
from
my
side
it's
just
like
okay,
they,
he
may
have
the
approval
role
here.
Okay,
all
right!
So
let's
go
through
all
of
those
things
here.
A
A
Okay.
This
is
an
old
one.
A
No
problem:
where
is
the
side
car
blah
blah
blah
blah?
Okay,.
D
A
A
I'm
muted
sorry,
multiple
inverse
control
how
to
configure
this
mission,
control
and
validation
web
hook,
I'm
deploying
music
controller
each
into
their
own
name,
space,
blah
blah
blah
blah
blah
blah
blah.
You
can't
actually-
and
this
is
like
I'm-
I'm
not
sure.
A
Yeah,
so
there
is
a
way
actually
of
doing
this,
which
is
you
can
create
an
admission.
You
can
create
an
admission
web
who
can
say
that
you
put
a
label
selector
in
that
admission,
if
I
remember
correctly
right,
so
let
me
see
mission
configuration.
A
Let
me
see
if
the
api
is
here:
the
fall,
blah
blah
blah
blah
blah
blah.
I
don't
remember
where
this
thing
is.
A
A
In
our
case,
you
we
do
have
the
default,
but
you
can
you
can
change
your
admission
and
your
mutation
to
actually
use
to
select
by
a
label
right,
so
you
can
select
by
a
label
and
and
because
ingress
class
actually
is
not
a
label
right
now
it
doesn't
work,
but
they
can
use,
they
can
add
their
own
labels.
So
let
me
add
this
here
and.
A
Okay,
next,
one
zero,
don't
time
upgrade
yeah
cool.
I
wish
this
in
my
life.
Docs
are
mentioning
that
by
default
during
private,
there
is
a
service
interruption
called
business.
A
D
A
A
I
keep
breaking
things
here.
Even
the
docs
okay
proxy
sell
cell
verified
should
be
owned
by
default.
A
A
A
Yeah
yeah,
apparently
even
even
jynx,
doesn't
just
doesn't
do
this
process
sell
verification
by
default
right
so.
A
Okay,
so
I
think
that
in
this
one
I
would
like
actually
so
there
is
a
proposal
here
which
says
here:
if
you
don't
enable
that
use
blah
blah
blah
to
see
the
upstream
valve.
So
is
this
something
actually
supported
in
our
configurations?
A
A
Yeah
there
is
like
this
server
proxy
ssl
verify,
and-
and
this
is
something
let's
see-
proxy
ssl.
A
In
the
annotation
yeah,
so
yes,
this
can
be
done
and
the
default
is
off
right.
So
if
someone
can
take
a
look
into
this,
let's
let
me
see
proxy
ssl
verify.
A
A
A
A
How
much
time?
Okay,
that's
30,
split
large
configuration
yeah!
I
want
to
do
this.
I
just
don't
have
time
right
now,
but
this
is
frozen
right
and
this
is
a
sign
it
will
assign
this
one
to
me-
and
I
mean
that's
not
a
high
priority
right
now,
but
but
this
can
be
done.
Actually,
I
think
not
not
for
the
I
wouldn't
say
for
performance
side,
but
at
least
like
to
making
it
easier
to
find
things
inside
the
configuration
so
yeah,
it's
gonna,
be
it's
go
ahead.
Oh.
A
C
Yeah,
I
mean
that's,
not
gonna
change
the
performance
at
all,
but
yeah.
If
it
does
make
sense
to
do
it
for
readability
issues,
but
yeah
I
mean
you
could
have
it
one
file
or
a
hundred.
It's
all
the
same
amount
of
memory.
It
takes
to
read
right.
D
A
Open
and
and
and
deal
with
the
whole
bytes
byte
array
before
rendering.
So
maybe
this
can
be
something
we
can
do,
and
I
want
to
take
a
look
into
this.
I
mean
I'm
curious,
not
not
for
the
performance
but
at
least
like
helping
figuring
out
the
bug
in
another
theme.
So
that's
that's
just
assign
it,
but
that's
not
high
priority
right
now.
Okay,.
C
A
A
Okay,
should
I
close
the
things
that
I
that
I
said
that
I
will
take
take
care
idiot
me
hold
on
okay,
okay.
I
will
leave
those
two
to
take
care
after
the
meeting,
okay,
so
next
one
ingress
class
issues,
so
I've
seen
that
you
did
some
pr
that
and
tim
hawking
and
other
folks
that
are
under
that.
So
that's
cool.
A
I
will
take
a
look
into
that
as
well,
so
and
congrats
on
getting
that
that
documentation
actually
done
and
and
it's
gonna
be
really
helpful,
not
just
for
us,
but
for
all
the
ingress
implementations
as
well,
because
now
we
do
have
actually
the
rules
of
the
game
right
and
we
can.
We
can
play
over
those
rules.
Yeah.
B
Yeah,
my
question
would
be
so
regarding
the
migration,
I
have
the
impression
that
we
we
might
need
to
to
have
more
accurate
dogs
there,
but
I'm
not
really
sure-
and
the
second
thing
is
this:
this
pre
precedence
thing
so
that
if,
if
the
annotation
is
still
there,
we
have
to
to
honor
it
and,
as
far
as
I
know,
it's
not
implemented
that
way.
Right
now,.
A
Actually
so
I
was
waiting
actually
for
that
team
to
be
defined
to
start
working
on
on
that
ingress
class.
So
this
thing
is
actually
my
my
next
big
delivery
right.
It's
not
going
to
be
that
big.
It's
just
like
a
matter
of
changing
the
order
of
the
things
and
saying
that
we
respect
one
or
other
unduplicating
things.
A
The
thing
is
that
actually
we
need
to
write
that
a
good
documentation
on
how
that
we
work
on
in
gynex
and
ingressing
ginex
right.
So
we
don't.
We
don't
have
that
mayhem
when
we
decided
to
remove
the
deprecated
annotation
again
and
saying
hey
folks,
so
we
are
actually
doing
a
best
effort
to
support
any
class
right
well.
A
This
is
how
this
is
going
to
work,
so
we
can
even
like
add
a
configuration
saying,
should
I
work
on
the
world
way
or
on
the
new
way
right
on
on
the
flags
and
then
maybe
turning
that
on
the
old
way
again
and
removing
the
same
way
they
do
in
kubernetes,
future
flagging
and
and
other
things
right.
So
this
is.
A
E
Ricardo,
what,
if
are
you
talking
about
removing
the
annotation
in
sometime
in
the
near
future,.
A
I'm
actually
talking
about
rolling
back
that
long,
because
that
annotation
was
deprecated,
but
there
is
no
annotation
deprecation
actually
and
the
documentation
wasn't
clear.
The
api
documentation
wasn't
clear,
actually
that
that
the
annotation
was
deprecated,
but
that
should
be
still
be
respected.
Right.
A
A
E
A
Okay,
so
I
plan
I
plan
1.2
doing
the
dch
roofing
and
1.3
fixing
the
the
class
and
making
the
sage
root
default,
the
default
by
the
four
by
yeah
on
by
default.
Sorry,
okay,.
A
Yeah
yeah
yeah,
yeah,
yeah
yeah,
so
yeah
this
may
this
may
happen.
So
the
idea
is
actually
that
we
can.
We
can
actually
support
as
well
the
namespace
namespace
scoping
the
controller
again
because
right
now
we
have
to
have
failures
on
that
right.
A
Yeah,
I
will,
I
will
send
the
pr
and
and
and
the
tests-
and
we
can
take
a
look
into
the
test
and
maybe
write
some
scenarios
on
the
overlap
thing
to
see
how
this
behaves:
okay,
okay,
okay,
any
anything
else
on
this
noaa
and
the
ingress
class.
B
I
I
don't
think
so
so
for
me,
it's
important
to
get
the
pr
merged
first
and
then
there's
there's
another
bulk
documentation
that
should
go
into
the
kubernetes
website,
explaining
in
more
detail
how
how
it
works.
The
the
the
third
manager
folks
did
a
good
job
to
prepare
everything.
B
I
I
guess
I
I
linked
the
original
pr
in
in
this
in
this
mmd
file
somewhere
in
the
status
quo
section
and
that's
a
follow-up
for
me
and
then
just
let
me
know
if
you
need
some
some
some
support
with
with
your
work,
ricardo
and
also
if,
if
we
need
some
more
detailed
migration
docs
or
what,
but
I
think
we
can,
we
can
talk
about
that
later.
On.
A
Okay
sounds
good,
and,
and
just
to
be
sure,
you
know
that
we
are
on
cold
freeze
right
now
right.
So
this
is
why
they
are
not
getting
marriage
yet.
B
A
It's
okay,
okay,
cool,
okay!
Next
thing,
okay
long
is
gonna.
Take
okay,
I'm
gonna!
Just
close
this
one!
Thank
you
regardless,
okay!
So
next
one,
let's
see
english
api.
We
worked
in
this
class.
A
First
of
all,
let
me
okay,
you
need
you
need
to
rebase
this
okay
editor,
but
I'm
releasing
the
ci
here,
for
you.
D
A
A
What's
this
one
okay,
this
is,
I
remember
this
one.
A
E
A
Okay,
okay,
yeah,
but
I
mean
I
I
can
take
a
look
into
this
thing
I
just
need
to.
I
just
need
yeah.
I
just
need
more
time
on
this
as
well,
because
if
they
do
have
actually
some
good
scenario
on
that
and
if
they
are
willing
actually
to
test,
we
can
do
some
profiling
on
the
code
and
see
what's
taking
that
a
month
of
memory.
If
this
is
in
china,
it's
taking
high
memory
consumption
or
if
this,
the
ingress
controller,
taking
some
high
memory
consumption
on.
How
can
we
improve
this.
A
E
E
A
We
need
we
would
need
actually
some
tests,
some
end-to-end
test
that
tries
to
insert
a
lot
of
ingress
a
lot
of
really
a
huge
amount
of
random
objects
and
see.
E
A
Much
time
it
takes
and
measure
the
memory
so
yeah,
it's
it's
going
to
be
a
hard
one.
A
Anyway,
we
got
some
pr
magic
from
steve,
not
from
steve
but
from
some
other
person
that
forked
steve
pr
and
they
say
that
this
may
help
them
solve.
Actually
the
reload,
not
not
the
memory
but
at
least
like
the
reload
thing,
yeah
yeah.
So
this
is
merged,
and
this
is
going
to
be
released
on
on
the
next,
the
next
1.2,
okay,
yeah,
sure
and
okay.
Anything
else,
folks
that
you
want
to
take
look
a
look
right
now,
other
than
that.
A
Twice
and
three:
okay,
so
thank
you
all
for
attending
this
meeting
again
and
let's
see
how
the
things
goes,
they
think
the
things
they
move
on
the
next
weeks
and
yeah
so
take
care
of
oh
by
the
way
I
have
one
important
thing
is:
is
someone
going
to
kubecon
that
needs
that
needs
actually
that
if
someone
is
going
to
kill
con
and
once
you
attend
the
contributor
summit
and
need
the,
I
mean
the
sponsorship
for
the
contributor
summit
because
you
may
be
a
member
or
you
need
a
sponsorship
right.
A
Just
let
me
know-
and
I
can
I
can
provide
that
thing
from
the
ingredients
side.
Okay,
just
ping
me
on
on
slack,
and
I
can
do
that
for
you,
okay,
so
the
the
there's
not
going
to
be
a
contributor
summit
virtual
this
time
long,
that's
just
going
to
be
in
person
right
so
that,
but
if,
if
you
want,
if
you
want
to
attend
the
cube,
convert
wow,
not
the
contributor
summit,
but
if
you
want
to
attend
the
virtual
one
in
in
and
and
you
need
some
sponsorship.
A
Let
me
know
as
well
on
on
my
my
dms
and
I
I
can
speak
with
cncf
on
that.
I
I
I
will
talk
with
them
and
make
it
happen
any
one
of
you
that
want
to
attend
and
like
hey,
I
want
to
attend,
but
my
company,
it's
not
going
to
pay
me
or
I
can't
afford
it.
Just
let
me
know
when
I
I
can
take
care
of
that.
Okay,
okay,
okay,.
C
C
Have
some
some
people
in
attendance?
Sadly,
I
will
not
be
able
to
make
the
trip
which
I
would
love
to,
but
they
don't
want
to
send
me
all
the
way
from
seattle.
But
if
it
wouldn't
mind
we,
I
know
our
devrel
person
will
be
on
site
as
well
as
one
of
the
technical
folks
from
our
team,
so
I'll
ping
them
and
see
if
they
have
any
interest.
A
E
A
Yeah
sure,
okay,
folks
see
ya,
have
a
nice
week
and
anything
you.