►
From YouTube: Kubernetes WG IoT Edge 20200520
Description
May 20 2020 meeting of the Kubernetes IoT Edge Working Group - discussion of best practices for kernel tuning for edge, Eclipse Hono, K8s distributions for edge
A
So
welcome
everybody
to
the
meeting.
I
think
we
had
one
item
that
a
group
member
wanted
to
discuss.
Do
you
want
to
just
take
over
and
get
into
it.
B
Yeah,
okay,
then
I
will
take
it
over
right
now,
so
I
thought
it
would
be
a
nice
idea
if
we
work
towards
from
the
white
people
that
this
group
has
been
published,
published
during
the
summer
periods
last
year.
So
it
would
be
nice
if
we
start
to
at
least
work
on
a
set
of
best
practices
for
how
to
tune
a
kernel
for
edge
device
right
now.
Basically,
the
problem
is
either
we
are
focusing
on
security
or
we
are
focusing
on
throughput.
B
So
the
combination
of
both
has
not
been
addressed
somehow
and
at
some
point
they
would
like
to
start
working
in
this
direction
to
basically
make
a
or
write
a
set
of
best
practices
that
we
can
basically
embed
in
any
embedded
device
independent
if
it's
just
a
sensor
or
if
it's
embedded
device
that
does
some
steering
of
of
a
human
related.
I
would
say
entity
the
entity
could
be,
for
example,
metro
station
or
for
or
a
tesla
car
and
yeah.
I
think
this
would
be
a
nice
idea
somehow.
A
Okay,
what
sorts
of
open
source
projects
are
already
out
there
that
touch
on
this?
I
think
there
are
projects
that
involve
building
customized
kernels
and
then
is
the
bolina
os
something
along
these
lines
of
an
implementation
of
one.
B
What
I
also
basically
started
to
work
towards
from
the
research
direction.
I
found
out
that
there
is
already
this
cis
benchmark
tool
that
has
a
special
section,
for
I
think,
red
hat
kernels.
B
B
But
I
have
not
made
a
concrete,
deep
dive
research
I
just
made,
I
would
say
one
to
two
hours,
so
I
think
there
could
be
some
plenty
of
resource
resources
and
ideas
still
out
there.
C
C
A
Okay,
I
just
put
a
link
in
the
chat
and
in
the
notes
for
this
thing:
I've.
I
don't
have
any
personal
experience.
Well,
I
guess
I
do
it
a
little
bit.
I
I
did
put
this
thing
on
my
pi
because
it
came
along
with
a
home
automation
system
that
would
happen
to
be
running
on
this
balina
os,
but
it
is
described
as
a
customized
os
intended
for
embedded
devices
but
capable
of
running
containers.
A
So
it
would
seem
to
have
a
good
intersection
of
this
embedded
use
case
potentially
with
kubernetes.
It
just
says
it
runs
containers,
so
that
doesn't
mean
that
it,
you
know,
would
host
running
kubernetes
clusters
on
this
os,
but
it
would
seem
like
it
might
be
in
a
position
to
interact
well.
A
D
I
do
have
some
some
familiarity
with
it
and
I,
I
think,
you're
correct.
There
are
some
some
operating
system
level
things
that
you
can
that
you
can
update
and
manage.
There's
another
thing
that
I
wanted
to
to
mention.
D
I
don't
think
it's
been
discussed
here
yet,
but
there's
a
an
eclipse
project
called
eclipse
hawk
bit
that
is
designed
for
delivering
whatever
artifact
you
want
out
to
any
environment,
so
you
know
perhaps
updating
a
driver
on
something
like
an
iot
gateway
and
having
the
the
ability
to
verify
that
the
the
new
artifact
is
you
know,
is
intact
and
all
of
that
stuff.
The
implementation,
though,
on
on
actually
updating
the
the
driver-
or
in
this
case
it
could
be.
D
You
know
what
kernel
module
that
actually
is,
is
up
to
you,
though.
So
it's
a
great
pathway,
but
you
would
have
to
have
an
os
with
the
components
in
you
know
in
order
to
know
what
you
wanted
to
update
and
what
you
wanted
to
protect
against
updating
and
so
on.
So
that's
a
pathway,
but
it's
not
a
fully
integrated
os
management
or
anything.
A
Yeah,
I
guess
that's
an
interesting
thing
to
consider:
it's
just
not
tuning
the
kernel
or
getting
a
kernel,
but
realistically
you,
even
if,
as
these
kernels
get
small,
they
have
security
issues
discovered
and
the
ultimately
many
people
find
that
the
day
two
plus
management
is
the
big
part
in
the
big
cost
of
the
decision.
Compared
to
just
the
initial
choice
of
what
you
put
out
there.
I
think.
D
There's
another
part
of
this
that
that
I
think
would
be
worth
discussing
here
since
the
topic
is
open
and
thanks
to
bernard
for
for
bringing
you
know
bringing
all
of
this
up.
I
think
it's
really
actually
important.
Let's
say
you
do
have
an
os
version
that
you
trust,
that
is
a
minimized
kernel
and
it's
and
it's
locked
down,
you
put
it
out
there
and
you
do
need
to
make
an
update
to
it.
D
If
you
were
doing
any
form
of
attestation
like
you
know,
you
had
a
secure
boot
and
a
signal
around
that
after
you
make
an
update,
do
you
also
have
the
ability
to
update
your
expected
results
from
aveena
from
attestation,
so
it's
kind
of
like
what's
yours?
What's
your
trusted
channel
for
delivering
some
update
and
verifying
that
that
that
update
got
through
without
sneaking
in
some
back
doors
and
things
like
that
right?
D
So
I
think
it's
a
it's
a
really
challenging
topic,
because
usually
the
os
is
what
we
trust
as
being
the
the
thing
on
top
of
which
all
of
our
other
stuff
can,
you
know,
can
ride
and
communicate,
and
so
basically,
how
do
you
change
the
guard
and
and
verify
that
the
new
guard
isn't
corrupt.
A
A
Okay,
maybe
you
can
put
a
link
to
that
in
the
chat
or
I
can't
I'll.
A
A
It
might
be
interesting
as
a
future
talk
to
just
put
some
of
the
if
somebody
is
already
looking
at
these
as
a
project
to
have
a
presentation
comparing
them
in
a
table
or
something
of
you
know
what
there's
all
kinds
of
issues
here
of
security
aspects,
including
updates,
what
what
size
they
are,
whether
assuming
these
are
linux
kernels,
whether
it's
at
all
plausible
that
you'd
run
kubernetes,
run
kubernetes
notes
on
it.
There's
there's
likely
to
be
such
a
thing
as
reducing
it.
So
much
that
that
isn't
practical.
A
Choice
I
see
yen
of
future
way
is
on
the
call
and
maybe
with
cubets
you've
encountered
some
calls
for
customized
kernels.
Do
you
have
any
knowledge
of
something
like
that?.
D
I
guess
it's
possible
too,
that
we
could
we
could
discuss
updating
by
having
having
a
specialized
kernel
and
then
updating
it
as
part
of
a
discussion
that
that
we're
doing
over
it
over
at
eclipse,
which
is
we're
gathering
requirements
for
what
what
is
like
a
universal
super
set
of
commands
that
you
would
need
to
execute
to
manage
remote
gateways
and
dan.
I
see
you're
shaking
your
head.
D
Yes
like
this
would
be
that
actually
I
hadn't
thought
about
it,
but
that
might
actually
be
a
good
set
of
commands
to
include
in
that
list.
So
obviously
we
don't
have
anything
to
share
yet,
but
when
that
is
is
completed,
we
could
definitely
share
it
over
here
or
we
could
have
a
discussion
over
here
as
the
list
progresses.
D
But
the
basic
idea
is,
you
need
to
do
things
that
are
common
to
whatever
the
underlying
hardware
might
be,
and
those
things
are
everything
from
you
know
remotely
removing
rebooting
the
box
to
being
able
to
update
some
part
of
the
user
space
file
system
like
binary.
D
So
you
know,
I
guess
I
hadn't
thought
of
it,
but
all
the
way
down
to
updating
the
the
you
know
the
changing
the
kernel
itself
and
if
there
were
a
common
set
of
commands,
then
how
you
implement
them
would
determine
kind
of
the
quality
level
of
your
product.
But
if
you
implemented,
you
know,
all
of
them
were
all
of
like
the
main
ones
you
would
be.
D
You
know
you
would
have
an
attractive
edge
os,
but
or
or
the
set
of
binaries
that
come
with
a
regular
os,
like
maybe
like
fedora
iot
right
with
a
couple
of
binaries
in
it
for
doing
some
of
these
special
things.
But
it's
just
a
discussion.
That's
begun,
it
is.
We
don't
have
anything
there.
It's
just
making
me
realize
that
this
is
like
the
third
time
in
a
month
that
people
have
wanted
to
talk
about
doing,
managing
the
the
os
environment
at
the
edge.
A
Yeah,
I
think,
there's
a
unique
aspect
that
comes
into
the
edge
that
I've
heard
discussed,
and
that
is
that
these
are
remote
so
that
you
need
a
scenario
you
need
to
cover
these
scenarios.
Where
you
trigger
an
update
and
something
goes
wrong
midway.
You
know
it
could
be
loss
of
power
or
maybe
a
bad
update
and
end
up
with
something
where
you
either
get
all
the
update
or
none.
A
The
the
the
ugly
scenario
is
a
partial,
and
then
you
end
up
with
something
out
at
the
edge
that
people
can't
go
out
to
repair
that
isn't
workable.
So
it's
stuck
in
a
halfway
position
where
it
isn't
the
new
desired
version
and
it
unfortunately
isn't
even
the
old
one-
and
you
know
it's
a
challenge
that
maybe
is
isn't
something
you
traditionally
would
face
in
a
commercial
data
center,
where
you'd
have
a
fallback
of
a
person
physically
walking
to
a
box
to
recover
it.
D
Yeah,
it's
a
shame.
We
don't
have
anyone
from
wind
river
here
on
the
call
today,
so
I
guess
I
can
cover
what
they
would
probably
say
so
from
that
or
you
know
to
address
that
particular
scenario.
Just
you're
describing
steve.
D
There
are
hardware
configurations
that
have
been
historically
used
for
things
like
remote
oil
pump,
where
the
the
pump
controller
right
is
is
running,
embedded
linux
and
you
really
talk
to
it
over
scada
and
stuff.
D
What's
usually
done
is
that
in
the
box
there
are
two
complete
sets
of
of
hardware
and
or
one
set
of
hardware
and
two
complete
operating
system
loaded
disks,
and
you
try
to
do
an
update
to
the
one.
That's
the
current
backup,
if
you're
going
to
change
the
os
and-
and
sometimes
that
means
you
know,
you're,
basically
just
using
an
image
to
wipe
out
the
os
and
the
software
that
runs
on
it
right.
So
it's
basically
just
a
disk
disk
image
and
you
try
to
update
the
backup
and
then
flip
to
it.
D
And
if
you
have
any
problems-
and
it
doesn't
give
you
all
of
the
signals
that
it's
booted
properly
and
has
all
of
the
you
know
the
new
information
you
just
stay
on
the
one
you
are
you
are
currently
using
and
you
try
to
update
it
again
and
if
it
does
work
you
flip
to
it,
and
then
you
make
a
best
attempt
to
update
the
the
other
one.
That's
now
become
the
backup
so
that
that
one's
updated
as
well
or
you
keep
it
on
the
old
version
temporarily.
D
A
Yeah,
I
think
the
techniques
I've
seen
used
before
are
things
where
you
would
start
up
a
process.
That's
going
to
reboot
the
machine
in,
say,
10
minutes.
The
10
minutes
is
just
some
figure.
You
choose
to
estimate,
you
know
how
long
before
this
update
should
be
complete
and
you
start
changing
things
in
memory
only
so
that
if
you
take
a
reboot,
it
ends
up
rebooting
back
into
the
old
configuration.
A
It
does
mean
that
you
have
storage
capable
of
holding
double
the
size
of
the
os
at
least
temp.
You
know
temporarily
to
pull
this
off
because
you're
going
to
have
to
have
a
new
and
an
old
version
stored
in
your
persistent
storage,
and
I
believe
they
use
this
potentially
even
for
firmware
updates,
so
that
you
know
things
that
would
get
put
into
the
bias
updates
on
computer
itself
or
peripherals
could
go
through
this.
You
flip
it
over
and
verify
that
it's
viable,
and
then
you
have
this
watchdog
running.
A
I
I
think
that
maybe
that
baleno
os
has
some
of
these
features
built
in
just
like.
I
say
I've
encountered
it,
but
I
haven't
dug
deeply
into
it,
but
I
recollect
reading
a
little
bit
about
that
I'll
see
if
I
can
find
that,
but
I'm
probably
not
going
to
find
the
link
to
that
during
this
call.
But
I
I
think
I
threw
it
in
my
massive
bookmark
list
somewhere.
D
Well,
bernhard,
are
there
any?
Are
there
any
particular
parts
of
the
kernel
that
that
you
envision
being
trimmed
cut
out
locked
up
that
you
think
are
not
a
good
fit
for
the
edge
environment
that
could,
as
you
brought
this
up,
you
were.
You
were
talking
about
tuning
the
kernel.
B
B
D
I
can
tell
you
what
what
you,
what
you
probably
should
not
exclude.
I
I've
run
into
this
several
times
with,
like
fpga
boards,
for
the
you
know,
for
for
edge
environments
like
dev
kits
and
stuff,
where
the
the
linux
os
has
been
trimmed
down.
D
I
think
it's
usually
trimmed
down
for
purposes
of
size
minimization,
but
I
get
in
and
some
things
are
locked
up
real
nice
and
I
feel
like
oh
it's,
it's
got
some
good
security
and
then
I
go
and
I
try
to
run
linux
kernel
containers
on
it
and
some
some
module
is
missing,
especially
you
know
some
mappings
for
doing
storage
management
and
and
these
types
of
things
tend
to
be
missing,
and
then
that
means
that
the
stuff
that
operates
in
the
cloud
just
doesn't
doesn't
work
on
the
board
at
all
right.
D
It's
capable
of
running
my
c
binaries,
and
maybe
I
can
get
python
on
there,
but
so
that
is
something
I
have
encountered
on
edge
boards.
It's
that
they're
they're
not
even
suitable,
for
you
know
for
for
any
of
the
stuff
that
we're
talking
about
kubernetes
related
and
I
think
they
do
it
not
just
for
size.
D
But
also
because
they
have
like
a
an
onboard
flash
storage,
and
so
they
don't
want
any
of
the
usual
subsystem
stuff
for
for
doing
storage,
but
it
turns
out
that
those
layers
are
needed
by
all
of
the
kind
of
larger
scale
computing.
D
So
as
you
look
into
it,
just
a
note
to
keep
in
mind
as
I've
run
into
this
about
three
four
times,
and
I
always
talk
to
the
board
maker
and
they
always
say
well
that
image
is
a
perfect
fit
for
the
amount
of
space
we
had
and
that
type
of
thing
is
like
well
yeah.
But
if
you
can't
do
what
you
want
with
it
right,
then
that's
a.
B
Problem,
I
mean
I've
done
this
at
some
point
recently
where
I
just
worked
from
the
throughput
perspective,
and
from
that
perspective
I
had
to
tweak
around
the
kernel
pages
and
so
on,
and
then
I
started
to
rethink
okay.
If
I'm
now
increasing
the
swappiness
and
these
parameters
around
the
kernel
pages,
then
they
usually
end
up
in
okay.
B
The
operating
system
now
tries
to
at
least
just
dump
the
stored
data
somewhere
and
that's
it,
but
this
is
a
nightmare
in
terms
of
if
I
look
at
it
from
a
security
perspective
and
if,
if
and
if
I
think,
okay
now,
this
runs
on
a
mission
critical
system-
I
definitely
don't
want
to
do
that.
So
this
was
my
initial
motivation
for
this
question
and
then
I
thought
hey.
This
would
be
cool
or
a
good
idea
for
this
group.
B
A
A
Okay,
maybe
we've
talked
this
one
out.
Anybody
else
have
anything
they
wanted
to
bring
out.
We
had
a
kind
of
light
agenda
today
going
into
this,
but
we've
got
10
people
here.
So
I'm
sure
some
people
have
things
that
they've
been
wondering
about.
In
the
last.
E
D
D
Sure
well,
we've
had
a
very
good
amount
of
interest
already
so
cool
yeah.
I
I
don't
want
to
always
run
my
mouth
constantly
in
the
meeting,
but
if
no
one
else
has
a
topic,
then
absolutely
so.
We've
got
an
effort
over
at
the
the
eclipse
edge
native
working
group,
and
this
was
like-
I
guess
at
this
point
you
could
say
it's
like
a
sister
organization
to
this
this
this
group
here
and
so
we've
got
the
eclipse
honor
project
and
eclipse
hanno,
ditto
and
hawk
bit.
D
Are
our
three
focus
projects
for
red
hat
and
bosh
and
different
companies
that
have
built
these
things
and
then,
of
course
you
know,
I'm
always
talking
about
eclipse.
Iowa
fog,
which
is
you
know,
that's
the
the
the
edge
edge
focus
right
native,
focused
project
and
the
worlds
are
colliding
as
you
might
expect,
because
the
hana
was
really
designed
to
be
the
management
and
authenticated
data
streams,
layer
and
whatever
you
put
over
those
streams.
D
You
know
it's
all
good
and
it's
really
great
for
grabbing
stuff
from
iot
devices
and
so
on,
and
then
naturally,
people
are
asking
well.
Could
I
maybe
distribute
some
containerized
workloads
to
the
edge
and
still
use
this
infrastructure
for
my
data
streams
that
either
result
or
mix
it
with
those
data
streams?
D
And
so
we
started
talking
about
the
integration
of
these
of
these
projects,
and
it's
been
very
interesting
because
some
of
the
topics
that
it's
brought
up
are
what
infrastructure
is
the
universal
carrier
right,
because
the
io
fog
traffic
for
management
has
one
plane
and
then
another
plane
for
the
for
the
actual
application
data?
D
Well,
the
application
data
plane
can
can
stay
at
the
edge
if
you
want
or
wherever,
but
but
for
that
control,
plane
piece
it
normally
just
assumes
you've
got
some
connectivity
going
on
and
we're
talking
about,
merging
the
project
such
that
the
connectivity
that
that
io
fog,
edge
edgenodes
would
use
to
talk
back
to
the
the
control
plane
would
be
over
the
hono
infrastructure,
so,
in
other
words,
managed
by
some
infrastructure.
D
That's
been
stood
up
to
to
authorize
data
flows
and
and
know
what's
going
where
so
that'll
be
some
some
cool
stuff.
Of
course,
the
the
the
honor
components
are
all
ready
to
be
spun
up
with
with
kubernetes.
Very
very
easily
this
you,
you
know,
push
button
deployment
and
then
you've
got
all
of
this
stuff.
The
only
piece
that
we
haven't
figured
out,
yet
a
hundred
percent
is
making
it
really
easy
to
kind
of
get
all
of
your
edge
hardware
flash
with
the
right
stuff
to
to
bring
it
up.
D
We've
got
tools
such
as
like
io
folks
ctl
for
for
doing
it
easily,
but
with
this
integration
we're
thinking,
maybe
we
could
also
define
an
easy
way
for
for
you
to
have
edge
boxes
that
are
off
the
shelf
appliances
that
have
some
easy
way
to
get
configured
in.
D
But
when
you
bring
in
then
the
other
components
in
addition
to
io
fog
and
hano,
but
like
add
in
hawk
bit
and
ditto,
you
get
these
great
layers
for
dittos
for
digital
twins
and
then
and
hawk
bed,
as
I
mentioned
earlier,
is
for
artifacts
and
how
to
make
updates
to
things
such
as
you
know,
firmware
and
on
a
constrained
device
and
so
on.
D
You
bring
these
together
and
what
we're
starting
to
amass
is
a
is
a
modular
but
complete
picture,
a
more
complete
picture
and,
as
we've
discussed
before
you
know,
ifog
has
some
plugins
to
let
you
manage
your
edge
workloads
using
kubernetes
and
we've
got
a
long
way
to
go
to
make
it.
You
know
ideal
but
and
more
crd,
oriented
and
stuff,
but
we're
working
on
it
as
we
can,
and
so
we've
had
some
discussions
now.
I
think
in
both
both
meetings,
we've
gone
the
one
one
and
a
half
hours,
plus
right.
D
We've
done
that
a
couple
of
times
and
there's
a
lot
of
folks
showing
up
to
ask
for
particular
things
that
they
want
to
see
out
of
this
set
of
integrations.
So
everyone
is
welcome
to
to
come
to
the
the
meetings
and
hear
what
you
know
what
this
this
integration
is
looking
like
and
also
you
know,
bring
in
requirements
or
desired
features
and
things
as
we
as
we
get.
This
is.
A
So
when
are
these
meetings,
can
you
post
a
link
or
give
me
enough
description,
I'll
type
it
into
google
right
now
and
I'll
find
it
and
post
the
link
yeah.
H
I
will
I
will
put
the
link
in
the
in
the
chat.
Okay,
great
just
give
me
two
minutes
all
right.
A
H
I
will,
I
will
add
them.
I
would
like
to
link
to
the
notes
as
well.
H
And
I
must
say,
I
must
say,
you've
been
modest
because
both
meetings
were
over
two
hours
and
they've
been
recorded.
So
if
anyone
on
the
call
is
curious
about
yeah
getting
into
that
stuff,
those
recordings
are
publicly
available.
So
I
will,
I
will
make
sure
to
add
that
to
the
notes
as
well.
E
Yes,
so
we've
been
talking
for
a
while,
because-
and
I
think
on
the
last
meeting-
we
also
said
that
we
will
at
some
point
present
here
a
packages
project
for
from
the
iot
and
and
that's
like
a
complete
stack
called
stack
for
for
doing.
Let's
say
you
know
traditional
iot
in
so
it's
a
whole
nother
hulk
hog
bit
so
honor
for
connectivity,
data
for
digital,
twin
and
hog
bit
for
device
management
and
and
when
we
first
started
talking
about
edge.
A
So
kilton
going
back
to
a
comment
you
said
about
using
hano
for
distributing
container
images
to
the
edge.
Would
this
be
an
alternate
to
just
using
the
standard
workflow
of
talking
to
a
docker
image
registry,
or
would
this
be
a
transport
for
using
a
docker
image
registry
that
you
would
locate
at
the
edge
so.
D
You
can
use
hana
has
protocol
adapters
that
allow
you
to
pass
whatever
traffic
you
want,
and
so,
if
you've
got
it
set
up
properly,
I
don't
see
any
reason
why
you
could
not
use
the
the
honor
infrastructure
for
the
pulling
of
the
of
the
images
and
and
dan
correct
me.
If
I'm
wrong
there,
I
think
that's
possible
right.
E
I
think
it's
so
the
whole
whole
thing
would
be
worked
differently,
so
you
would
basically
have
a
management
software
send
a
com,
or
you
know,
just
use
honor
to
send
a
command
between
the
from
the
management
software
to
the
edge
node
to
to
update,
I
think
that's
at
least
how
hog
bit
is
doing
and
with
the
url
and
that
url
can
be
http
repository
can
be
docker
registry
or
something
else
it
will
just
say.
You
know
you
should
update
yourselves,
go
here
and
and
grab
your
latest
image
and
it
can
work
for
firmware.
E
It
can
work
for
docker
containers.
It
can
work
for
for
for
any
other
updates.
So
so
it's
a
it's
a
it's
a
general
system
to
to
provide
these
triggers
for
things
to
update
and
and
and
and
basically,
agents
of
where
to
go
and
and
basically.
A
E
Can
use
the
second
as
well,
but
I
would
expect
most
most
most
people
would
download
these
things
from
the
existing
repositories.
We
would
not.
D
And
then
steve
the
the
part,
the
part
for
managing
the
what
containers
your
container
images
are
pulling
and
running
them.
That's
that's
the
io
fog
part
and,
and
it
can
be
set
to
draw
from
n
number
of
registries
that
you've
authorized,
which
you
could
then
switch
over
to
registries
at
the
edge
or
you
know,
pulled
from
docker
hub
plus
private
registries,
but
the
the
part
that
that
we've
talked
about
previously
and
and
I've
gotten
to
do
just
a
little
bit
of
work
with
the
folks
from
the
harbor
team.
D
What
we've
been
talking
about
is
is
being
able
to
extend
a
harbor
such
that
it's
you're
able
to
pull
down
a
single
image
down
into
like
a
an
edge
harbor
instance
and
verify
that
that
image
is
good
and
then
distribute
it.
Laterally
such
that
you
have
one
pull,
and
if
I
had
the
ability
to
clone
people-
or
I
myself,
could
you
know
stop
sleeping,
I
would
I
would
we
would
be
able
to
implement
the
the
the
harbor
vision
for
the
edge
that
we've
discussed
and,
as
of
last,
you
know.
Kubecon.
D
North
america
did
some
some
deep
diving
with
folks
and
even
connected
with
some
folks
on
the
harbor
team.
To
start
talking
about
branching
out
and
integrating.
You
know:
io
fog,
hooks
and
stuff.
But
then
just
you
know,
we've
things
have
slowed
down
and
other
things
have
taken
priority.
But
if
anyone
wants
to
join
that
work
we
could
certainly
use
the
contribution.
A
Remember,
yeah:
I
think
that
you
know
we
had
concluded
that
this
is
a
bigger
issue
than
just
container
images.
You
know
the
whole
when
you're
at
the
edge-
and
you
can't
have
deterministic
connectivity
to
some
central
you
want
to
you,
want
to
end
up
being
able
to
cache
that
so
that
you
have
it
locally.
You
know:
scenarios
where
you
take
a
power
outage,
come
back
and
you're
no
longer
connected
to
your
central
repository.
A
Maybe
you
can
put
a
centralized
catalog
on
the
air
that
does
lazy,
opportunistic
replications
out
to
edge
repositories
that
are
one
could
view,
potentially
as
caches
of
what's
in
the
central,
that's
a
good
architecture,
and
when
you
think
about
it,
the
second
move
or
the
third
move
on
the
chessboard
when
you're
doing
that,
is
that
these
migrations
of
large
blobs,
like
container
images,
might
suck
up
precious
bandwidth.
D
And
maybe
you
even
have
a
nice
contract
with
your
with
your
backhaul
provider
that
during
non-peak
traffic
hours
you
get
a
you
know.
You
have
a
lower
rate
and
if
you
can
keep
all
of
your
800
megabyte
polls
to
happen
after
midnight,
then
you
know
then
great,
and
in
that
scenario
right
you
do
your
updates
overnight
and
operate
during
the
day
when
everyone
else
is.
A
Yeah,
it's
it's
almost
like
the
way
the
world
is
going
with
multiple
sources
of
networking
and
sd-wan.
I
could
even
dream
of
a
world.
If
somebody
had
the
time
to
build
this,
I
think
they
might
be
able
to
find
users
for
it
of
opportunistically
grabbing
bandwidth
from
an
auction
marketplace
to
go
move
this
kind
of
stuff.
H
H
Critical,
whatever
solution
you
have
to
take
that
aspect
of
the
equation
into
account.
I
was
in
defense,
while
at
nato
headquarters,
and
we
were
running
into
that
problem
all
the
time,
because
we
have
distinct
networks
for
secure
stuff
versus
internet
connected
stuff
and
whatever
solution
you
have
should
be
deployable
in
those
environments,
because
otherwise
you
are
cutting
yourself
from
a
big
chunk
of
the
potential
market
there
for
sure.
A
Well,
it'd
be
interesting
to
make
your
architecture
generic
enough,
that
you
could
use
intermittent
connectivity,
but
one
form
of
connectivity
might
be
fedexing
a
usb
flash
drive
to
a
location,
or
something
like
that.
You
know
that
somebody
made
the
comment
that
the
bandwidth
of
a
ups
truck
filled
with
disks
is
massively
higher.
H
Yeah
in
one
way
because
well
I
can,
I
can
certainly
imagine
for
a
gap
environment
that
you
have
some
kind
of
local
update
server
that
you
to
which
you
bring
on
this.
You
know
new
updates
and
frameworks
over
the
sneaker
net,
for
example,.
A
Well,
there's
commercial
products
out
there,
like,
I
think
the
amazon
is
at
snowball
physically,
delivers
a
server
with
massive
storage
to
your
location.
I
think
it
was
originally
designed
to
allow
people
retiring,
big,
physical
on-prem
data
centers
to
amazon's
cloud,
and
they
would
ship
you
this
snowball
appliance
that
would
suck
everything
up
into
the
appliance.
And
then
you
physically
move
the
appliance,
and
it
turns
out
that
you
know
compared
to
you
know,
maybe
if
your
connectivity
available
at
the
location
was
gigabit
per
second,
that
can
be
dwarfed
by
physically
moving
things.
So
it
isn't.
H
Yeah
yeah,
certainly
a
multi-pronged
approach,
makes
sense.
There.
A
H
Well,
some
of
our
members
experimented
with
that.
We
have
a
startup
called
daloxi,
for
example,
that
they
are
leveraging.
Essentially,
I
truly
laura
or
dash
seven
depending
on
the
environments,
and
they
are
software
stacks
for
both.
So
I'm
not
saying
they
have
out
of
out-of-the-box
features
like
you
are
describing
and
their
product
is
very
niche.
They
are
targeting.
You
know
they
are
physical
devices.
You
install
on
valves
in
industrial
plants
to
ensure
that
they
are
the
right
position.
H
Okay,
so
it's
really
really
a
niche
market,
but
a
real
good
one
for
them,
but
at
the
technical
technology
level
at
that,
in
any
case
they
are,
they
are
having.
Certainly,
that
kind
of
evaluation
and
multi-pronged
networking
support
in
in
whatever
you
do.
H
And,
in
any
case
I
put
I
put
on
in
the
in
the
minutes
a
whole
bunch
of
links
to
to
the
discussions
that
kilton
was
referring
to
before,
as
well
as
there's
a
link.
If
you
use
google
calendar,
you
can
click
to
just
get
the
invite
to
our
working
group
meetings
and
if
you
use
something
else,
there's
another
link,
so
you
can
import
as
a
as
an
ical
in
whatever
tool
you
use.
So
with
that,
you
should
be
good
to
get
the
invite
and
those
those
meetings
are
public.
H
B
C
H
This
one
is
on
27th
and
yeah:
that's
a
bi-weekly
cadence
and
if,
at
some
point
you
wish
to
share
some
something
with
the
community
you're
more
than
welcome
to
so
we
work
exactly
like
this
working
group
is
doing.
We
have
a
you
know
a
permanent
record
in
a
single
document
of
the
minutes
and
agenda.
So
if
you
want
to
put
yourself
on
the
agenda
you're
more
than
welcome
to.
H
I
mean
to
us,
though,
those
efforts
are
really
complementary
in
the
sense
that
we
certainly
have
a
keen
interest
in
whatever
is
happening
on
the
kubernetes
side
of
things
and
many
non-communities
efforts
are
ongoing
as
well.
So
it's
it's
all
good.
A
A
On
the
kubernetes
front,
the
kubecon
europe
event
got
is
being
converted
to
online
they've,
given
a
block
of,
I
think
about
three
days
where
the
sessions
will
occur
and
we
had
a
deadline
to
confirm
that
we
were
ready
to
do
our
originally
accepted
session,
which
I
did
so
cindy's
not
on
the
call
today.
But
I
think
cindy
and
I
were
the
speakers
and
I
think
we
still
talked
at
our
last
meeting
about
a
plan
to
maybe
supplement
that
with
the
equivalent
of
the
session.
A
You
know
at
the
physical
events,
we've
always
tried
to
do
a
face-to-face
and
maybe
had
some
hallway
discussions
like
the
one
kilton
was
talking
about
last
time
and
I'd
like
to
have
a
venue,
concurrent
with
the
kubecon
europe
event,
to
try
to
duplicate
some
of
those
things
too,
and
maybe
have
some
special
interest
sessions
that
go
on.
So
the
event
is
still
off
in
august,
but
so
we
have
some
time,
but
I'd
encourage
any
members
of
this
group
who
have
things
they
want
to
put
together
as
a
focus
group
on
a
particular
topic.
A
A
I'm
not
sure
how
they're
going
to
run
it
online.
You
know
there's
a
lot
of
these
former
physical
conferences
that
are
using
different
models
of
how
they
go
online,
whether
they
do
it
with
a
bunch
of
concurrent
sessions
you
have
to
choose
from
or
whether
they
use
the
whole
24-hour
window.
A
Since
you
know
being
online,
they
don't
have
some
of
the
constraints
that
you
would
in
a
physical
conference
and
the
schedule
isn't
out
yet
so
I
don't
know
what
their
intent
is,
but
I
did
notice
that
the
linux
foundation
has
this
open
source
summit
conference
that
is
coming
up
in
june.
I
was
going
to
enroll
in
that
and
just
take
a
look
at
how
that
works
or
doesn't
work
so
that
we
can
use
it
as
a
lesson
to
maybe
make
our
sessions
better
for
the
upcoming
kubecon
event.
H
And
incidentally,
I
was
on
the
program
committee
for
that
conference
at
least
the
iot
iot
and
edge
part
of
it
and
well
there's
a
wealth
of
edge
content
that
has
been
submitted.
Not
all
of
it
has
been
accepted,
but
yeah.
If
you
have
an
interest
in
edge,
I
mean
content-wise.
There
will
be
some
good
stuff
there
for
sure
yeah.
A
I
found
about
eight
sessions
that
I
was
interested.
Maybe
they
weren't
entirely
iot
edge,
but
I
found
plenty
of
interesting
sessions
at
that
conference,
so
I
was
intending
to
try
to
catch
them.
A
The
nice
thing
is,
I
think,
it's
much
cheaper
than
the
physical
one.
I
think
they
won't
they're
asking
for
fifty
dollars
and
normally
they're
the
registration
cost
for
a
physical
one
is
much
higher
than
that.
H
A
I
you
know
I
I've
looked
at
k3s
played
around
with
it
yeah
I,
the
thing
is
real.
I've
encountered
plenty
of
people
using
it.
So
it's
not
my
role,
I
think
it's
cncf
steering
committee,
I
think,
approves
adoption,
but
the
criteria
is
often
that
they're
going
to
look
at
having
serious
adoption.
You
know
something:
that's
one
vendor
trying
to
push
something
over
to
the
foundation,
but
they
don't
have
users
or
external
contributors.
A
That's
usually
not
viewed
favorably
but
k3s
to
me,
looks
like
they've
got
the
outside
contributors
and
that
maybe
it's
a
healthy
project
and
would
merit
adoption.
A
I
I
think
if
rancher
decides
to
go
that
direction
it,
it
seems
viable
that
it
would
go
in
there
by
the
way
rancher.
Maybe
you
were
in
the
same
call
where
you
said
you
heard
that
it
got
announced
and
rancher
did
have
an
online
presentation
on
k3s
about
a
week
or
10
days
ago,
and
it
was
a
pretty
good
presentation.
A
Let
me
see
I
might
be
able
to
post
a
link
to
the
youtube
recording
of
that,
but
it
went
into
the
recently
added
features,
as
well
as
some
road
map
issues
about
what
they
intended
to
change,
and
I
thought
that
presentation
was
good.
Let's
see,
I
might
not
quite
have
this
down
and
by
the
way
for
people
there
may
be
people
on
this
call
who
don't
even
know
what
k3s
is,
but
it's
kind
of
a
lightweight
kubernetes
geared
to
running
smaller
clusters.
A
And
I
think
my
recollection
of
what
rancher
said
in
that
presentation,
but
you
should
watch
the
original
to
confirm
that
I'm
right
is
that
they're
no
longer
going
to
drop
the
kubernetes
beta
features
they're
going
to
drop
the
cloud
providers
so
that,
but
that's
that's
kind
of
a
that's
happening
in
the
general
kubernetes
project
as
well.
A
So
kubernetes
used
to
have
these
things
called
cloud
providers
which
were
blocks
of
code
embedded
in
it
to
support
running
on
amazon
cloud,
google
cloud
vmware
on-prem
and
they
were
built
into
kubernetes
itself
and
they're
being
moved
out
as
external
plug-ins,
so
k3s
boots
those
and
they
boot
out
most
of
the
entry
storage
plugins
and
once
again
the
world
in
kubernetes
is
moving
to
csi
anyway.
So
even
the
standard
kubernetes
distributions
are
going
to
have
these
happen.
H
Yeah
absolutely-
and
you
know
to
me-
I
didn't
have
a
particular
opinion
because,
honestly
I
haven't
been
using
it
or
testing
it.
I
know
I
knew
that
it
had
some
some
traction
for
sure.
H
A
Yeah,
I
think,
to
some
extent
some
of
these
other
ones
and
it
isn't
just
k3s
but
canonical
or
ubuntu,
has
their
micro
k8s
and
it's
sort
of
a
similar
idea
of
you
know
coming
up
with
a
lighter
weight
kubernetes,
because
when
you
move
to
edge
you,
you
might
have
physical
resource
constraints
and
you
might
likely
be
running
smaller
clusters
compared
to
the
original
targeted
use
case
of
kubernetes,
which
I
think
were
cloud
data
centers.
A
So
in
some
cases
I
think
these
customized
distributions
made
decisions
that
even
the
kubernetes
project
itself
is
sort
of
adopting
some
of
these,
like
moving
the
cloud
providers
out
of
tree
and
the
storage
plug-ins
out
of
tree
was
a
recognition
that
kubernetes
maybe
had
become
too
monolithic
and.
A
So
as
a
principle,
I
think
it's
good
to
allow
variety
in
the
ecosystem
and
there's
plenty
of
variety.
I
think,
a
year
ago
there
were
already
60
some
certified
kubernetes
distribution,
so
there
there
is
room
for
this
variety
and
it's
a
good
way
for
people
to
explore
tuning
the
parameters
and
then
let
the
users
decide.
D
Maybe
maybe
constantinos
you've
just
posted
in
the
chat
that
that
that
you're,
maybe
you
want
to
get
perspective
on
the
the
driving
force
behind
microgates,
then
and
sure
it's
one
of
the
variety.
C
I
agree
with
everything
that
you
guys
just
said.
There
are
certain
things
that
would
bet
better
match
the
edge
case
in
respect
to
kubernetes
and.
D
E
C
C
H
C
So
very
interesting
question:
I
can
tell
you
what
microgates
is
and
in
some
points
how
it
differs
from
k3s.
So
with
migrates
we
don't
drop
anything
it's
the
upstream
binaries
and
now
we're
trying
to
to
add
the
dq
light
there.
But
it's
it's
all
the
features.
Every
everything
from
upstream
gets
into
microgates.
C
C
These
are
helpers,
I
think,
in
the
same
sense
as
the
mini
cube
addons
that
make
the
developers
life
easier
and
I'm
saying
here
the
developer's
life,
because
we
have
three
target
groups
with
microgates:
it's
the
developer,
cicd
and
an
iot
devices,
the
footprint
of
micro
gates,
the
footprint
not
the
footprint,
the
the
package
of
micro
gates
is
20,
is
200
megabytes
and
we
have
releases
from
110
to
118
and
we
also
have
three
releases
like
now.
We
have
119.
C
So
you
can
grab
any
of
those
in
your
ci
cd
or
in
your
environment
and
test
out
what
you
have
and
how
else
do
we
another
technical
thing
is
that
we
don't
contrary
to
what
k3s
is
doing
the
the
binaries
that
microcase
has
are
completely
separate.
C
C
What
else
I
told
you
about
the
snaps
you
get
automatic
updates
like
the
same
day,
the
the
upstream
kubernetes
release
is
now
118.3.
You
will
get
within
within
the
same
day
the
new
version
running
in
your
system,
and
we
also
make
sure
that
this
upgrade
happens
transparently.
Like
you,
don't
see
the
the
chains,
perhaps
you
will
not
disable
it,
but
that's
it.
A
Well,
one
thing:
I'd
like
correct
to
recommend
you:
you
had
that
great
demo
of
micro
cates
at
the
meeting
earlier
this
year,
so
I
just
posted
a
link
to
that
in
the
chat,
but.
A
I
I
think,
maybe
you
know
at
this
point
things
move
so
that
what
was
that
february,
so
the
more
recent
version
might
have
improvements
since
then,
but
I
thought
that
was
a
great
quick
overview
of
you
know
what
it
can
do
and
what's
in
there.
H
A
So
it
looks
like
it's
1003,
so
our
hour
is
up.
Maybe
you
know,
like
I
said
I,
I
had
a
personal
interest
in
kubernetes
hosting
of
home
automation
that
we
didn't
get
to,
but
maybe
we
can
roll
that
into
the
meeting
in
the
apec
thing
and
as
usual,
if
other
people
want
to
put
topics
on
the
agenda,
please
do
it.
It
allows
people
to
prepare
and
if,
if
I
can
get
some
lead
time
like
a
week
or
so
I
can
often
go
out
and
recruit
speakers.