►
From YouTube: Kubernetes Kops Office Hours 20181207
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
Hello:
everyone:
it
is
Friday
December
7th.
This
is
cops
office
hours.
I,
am
your
facilitator.
Justin
Santa
Barbara
I
work
at
Google
the
agenda.
We
have
an
agenda,
I've
put
it
in
the
chat
it's
in
the
calendar.
If
anyone
wants
to
follow
along
with
it
is
watching
this
recording
on
YouTube,
which
hopefully
will
happen,
and
please
do
put
things
into
the
agenda
and
put
your
if
you
want
to
discuss
them.
A
Please
put
your
name
at
the
top,
so
that
we
know
who
you
are
when
we
look
at
figure
out
who
you
are
in
terms
of
names
and
stuff
and
otherwise
I
suggest.
We
dig
right
in
the
first
item
on
the
agenda
is
from
John
Lee.
Wait
do
not
see
here
unless
you
are
using
an
alias
which
is
fine,
but
I.
I
I
have
to
review
your
PRS
I.
Think
I
got
through
two
of
them
and
I'm
gonna
do
the
other
two
PRS
on
image.
Builder
image
builder
is
the
they
are
not
unloved.
A
They
are
just
they're
just
further
down
the
list,
but
anyway,
I'm
working
I
am
working
for
them.
Image
builder
is
this
thing
which
produces
the
cloud
images
which
we
use
on
AWS
in
particular,
that
you
can
always
use
a
normal
sort
of
stock
image
as
well,
but
they
have
some
nice
like
pre-loading
of
docker,
for
example.
So,
yes,
I
did
not
succeed
in
getting
to
all
of
them
before
the
meeting
but
I
before
this
meeting,
but
I
made
it
halfway
through
I
guess.
A
If
John
shows
up,
we
will
see
if
there's
anything
else
that
needed
to
cover
in
otherwise
I
suggest
we
keep
going,
which
is
the
next
item
on
the
agenda
is
Aaron,
who
raised
a
very
good
point
that
at
cd32
changed
or
introduced
a
breaking
change.
That
requires
peer
certs
to
have
the
fully
qualified
domain
name
or
IP
address
in
there,
and
we
did
a
lot
more
validation
of
the
client
certs.
It
wasn't
exactly
clear
why
they
introduced
it.
A
What
problem
they
were
trying
to
solve,
I
asked
them
to
clarify
and
they
intend
to
clarify,
but
we
have
worked
around
it
for
now
in
cups
111,
which
is-
and
we
do
that
by
setting
up
the
the
names
that
we're
going
to
use
into
the
public.
In
the
names
were
going
to
use,
we
probably
should
be
using
a
separate
CA
for
the
clients
entirely.
A
I
do
suspect,
that's
actually
the
right
fix,
rather
than
the
one
they
rolled
out,
but
once
we
find
out
what
they
were
trying
to
do,
then
we
can
figure
out
that,
but
it
should
be.
It
should
be
fixed.
So
you
should
go
to
reviews.
That's
a
good
three,
two
and
I
think
I.
Think
exit
III
2
is
going
to
be
recommended.
What
something
to
be
recommended
at
some
stage
in
the
future.
I'm,
not
sure
when
it's
going
to
be
recommend.
B
So
Justin
this
is
Erin
just
wanted
to
call
out
and
say
thank
you
so
much
for
checking
that
get
it
done.
So
you've
already
checked
off
latched
item
Thanks.
A
Awesome
thanks
Erin
and
thank
you
so
much
for
calling
attention
to
yeah.
We
just
like
I
I,
don't
know,
I
wasn't
aware
of
it
and
I,
don't
know
why
they
changed
it,
and
hopefully
we
can
figure
it
out
with
it
with
that
team
and
forget
CD
team
and
come
to
a
better
solution
for
everyone,
because
it's
a
little
it's
a
little
odd
and
it's
not
clear
why
it's
happening
exactly
for
people
that
don't
know
I
guess
there
was
a
criminal's
CVE,
so
everyone
should
have
updated
to
the
latest
one
ten
or
one
nine
version.
A
Well,
the
latest
version
of
communities
that
you're
running
at
theme.
It
was
back
ported
to
I,
believe
one
nine
110,
111
112
I
think
it
went
alone.
Nine
one
turn
it
up.
That's
harsh
yeah,
110,
111,
112
and
I
think
113
zero
added
in
it
already
because
of
the
timing.
But
so
yes,
so
you
do
have
to
go
to
110.
A
We
are
less
affected
on
cops
because
we
why
defaults
have
always
used
I,
don't
know
you
have
a
choice,
but
anyway
we've
we've
we've
turned
on
anonymous,
so
we
turned
off
anonymous
access
to
the
API
server,
so
it
only.
It
only
affects
you
if
you
are
able
to
authenticate
to
the
API
server,
but
there
is
still
a
attack
whereby
you
can
sort
of
privilege
escalate.
So
a
any
user
can
do
the
attack
and
try
to
escalate
higher
privileges.
A
I'm,
not
sure
it's
our
only
such
thing
in
cops
and
I
think
that
gets
under
like
one
of
the
one
of
the
roadmap
items
we
have,
which
is
like
in
general,
like
certainly
in
the
early
days,
kubernetes
100
was
not
safe
for
multi,
a
mixture
of
users
with
different
privileges,
privileges
we
are
closer
to
that.
We
aren't
necessarily
there
in
cops
I,
don't
think
we're
necessarily
recruitment
IDs
either,
but
I
put
on
the
roadmap
that
we
should
try
to.
A
A
So
it's
it's
an
important
fix
and
it's
going
into
111
six,
which
I
think
is
certainly
landing
before
the
end
of
the
year.
So
if
we
do
111
cops
111
zero
at
that
time,
that
will
be
sort
of
in
keeping
with
our
wait
until
it's
really
ready
type
thing.
But
it
is
a
weird
situation
because,
like
we
are
well
behind
at
this
point,
which
again
brings
us
on
to
a
future
topic
but
I'm,
have
anyone
had
any
comments
or
thoughts
about
either
one
of
those
two
things
I.
A
A
So,
like
that's
the
real
annoying
thing
I
had
we
just
had
112,
we
could
be
like
yes,
we
might
have.
We
haven't
had
one
felt
because
they
just
go
to
112.
It
would
be
very
weird
to
have
112
released
before
111,
but
I,
guess
that
is
the
natural
implication
of
our
of
our
of
our
strategy
that
that,
if
112
is
more
stable
than
111,
which
we
would
hope
it
would
be
that
we
might
never
release
a
111
release.
For
example,
oh
I'll.
D
A
Talk
we
test
it
right,
so
we
eat
eat
test
it.
But
yes,
it's
certainly
the
branch
that
we
have
cut
the
111
branch
we
have
released.
The
beta
I
think
anything
that
we
go
from
now
on.
The
plan
is
that
it
would
be
cherry
picked
into
the
111
branch,
so
we
are
effectively
master
should
be
112,
so
if
you're
building
from
master
that
should
become
cops,
112
I,
don't
know
whether
it's
ready
yet,
but
we
can
talk
in
a
minute
about
whether
we
go
with
all
the
all
the
alphas
right
now.
C
There
any
reason
to
either
cut
another
beta
or
this
is
this
is
weird
we
haven't
done
this
one
before,
but
maybe
cut
an
RC.
That's
like
you
know,
with
a
note
on
it
that
says
we
don't
recommend
upgrading
to
112
with
this
year
or
111
kubernetes
111.
We,
you
know
this
is
cops
111,
but
we
don't
recommend
111
kubernetes.
Quite
yet
I
don't
know
just
trying
to
make
sure
there's
proper
visibility
out
there.
That's
all!
That's.
A
C
E
Just
and
this
is
sort
of
related
and
I've
got
it
later
on
the
list,
but
what's
the
what's
the
status
of
being
able
to
upgrade
a
CD
with
you
know,
calico
and
getting
from
the
V
twos
on
up
without
CD
manager.
I
have.
A
To
the
doc,
so
we
have
we,
we
have
a
path
to
go
from
that
to
from
the
calico
to
let
CD
three
with
with
flannel
canal
or
kokyo
and
I
think,
probably
all
of
them
basically
other
than
other
than
calico
I.
Don't
know
to
what
extent
calico
Inc
is
pushing
calico
networking
versus
canal
versus,
like
flannel
I,
need
to
figure
that
out
I'm,
hoping
that
putting
out
the
doc
and
pinging
them
will
encourage
them
to
make
their
position
more
clear,
because
it
is
frustrating
right.
It's
it.
A
There
isn't
a
great
path
as
far
as
I
can
tell
to
go
from
calico
to
with
ed
CD
to
calico
3
.,
which
is
a
little
bit
frustrating
for
us,
because
we
would
like
to
let
users
do
that.
So
we
can.
We
can
find
out
whether
they're
the
reason
is
I,
don't
know
wait.
There
is
a
path
for
words
which
is
like
to
adopt
canal,
which
is
still
like
calico
network
policy
and
final
I
guess.
The
question
is
like
what
is
calico?
What
does
calicoes
goal
here
right?
F
A
E
A
Better,
the
devil,
you
know
right,
I,
think
the
so
I'm
gonna
I
will
write
up
the
doc,
which
is
like
series
how
to
get
off
of
calico,
because
no
one
shoes,
calico
and
then
we'll
see
what
calico
says
right,
hopefully
calico
says.
Actually
you
can
just
do
this
to
get
on
to
calico,
okay,
Tyco
v3
I've
been
promising
that
for
why
I'm
sorry
haven't
done
it
yet.
What's.
A
Okay,
that's
cool
because
I
was
actually
the
last
item
on
the
agenda
before
the
rodent
or
other
than
the
roadmap,
and
the
roadmap
could
be
a
bigger
one.
I'm
gonna
move
that
up
and
even
just
to
the
everyone
keeps
track.
That's
fun
went
along
and
then
I
don't
know.
If
there's
any
other
items
were
going
to
talk
about
otherwise
I
thought
this
would
be
a
great
time
to
talk
about
the
road
map,
even
we're
about
to
go
into
coupe,
con
and
sort
of
in
limbo,
on
the
111
release.
A
So
I
don't
know
if
anyone
has
anything
else
or
whether
we
should
dive
into
the
roadmap
and
I
can
talk
about.
Some
of
the
things
I
would
like
to
work
on
over
the
next
year
like
the
last
year
is
mostly
been
s,
CD
migration
for
me
personally,
which
is
frustrating,
but
there
we
go.
Hopefully,
once
we
get
past
that
we
can
actually
do
fun
stuff.
A
The
list
I
had
was
CRD
support,
so
I,
don't
know
if
Jason
is
here,
but
Jason
pointed
out
that,
like
our
top
server
was
sort
of
in
limbo,
were
worse
and
I.
Think
he's
right.
The
there's
been
a
general
move
in
the
kubernetes
api
machinery,
team,
I,
guess
to
favor
CR
DS
over
aggregated
API
servers,
and
so
we,
the
goal,
is
to
make
CR
DS,
basically
totally
first-class
citizens
and
on
a
par
with
an
active
API
server.
A
There's
still
use
cases
for
a
great
API
servers
like
if
you
want
to
map
something
that
is
not
actually
backed
by
a
TD
so
metric
server,
for
example,
we're
sort
of
virtual
virtual
API
server.
But
if
we
are
doing
objects
we
probably
should
be
doing
C
RDS
and
they
are
much
easier
to
work
with
a
lot
of
the
generated
code
and
complicated
breaking
code
might
go
away,
which
would
be
great,
there's
one
gotcha,
which
is
so.
A
We
move
to
CR
DS,
the
that
will.
Let
us
actually
use
kubernetes.
Well,
it's
very
easy
to
have
use
kubernetes
as
a
backing
store
instead
of
s3
and
then
also
move
to
stores
start
to
support
in
a
controller
model
where
cups
runs
against
a
kubernetes
api
server
and
on
a
current
is
api
server.
Rather
than
having
the
logic
run.
When
you
run
cops
update
the
the
gotcha
is
that
we
probably
need
to
rename
our
api
group
from
cops
to
something
like
cops,
stop
gates
the
I/o,
which
is
annoying.
A
We
could
probably
try
to
change
the
rules,
but
their
rule
change
wouldn't
make
it
until
crewmates
114.
So
it's
not
too
bad,
because
I
think
what
we
can
do
is
we
can
do
some
like
string
manipulation
except
the
old
format
and
the
new
format.
All
that
will
change
is
when
you,
when
you
get
it,
you'll
just
see
it
and
if
you're
using
series-
and
you
get
it
you'll
you'll
see
it
in
a
new
format.
Cops
are
kids
that
io
/,
maybe
one
out
for
one
and
I.
Don't
have
any
points
on
that.
A
A
Lets
us
effectively
have
a
substandard
eyes
thing,
which
looks
a
little
bit
like
instance,
groups.
They
call
them
machine
deployments
or
cops
instance.
Groups
are
in
clustered
by
they're
called
machine
deployments
that
should
it
should
be
fairly
straightforward
to
support
nodes,
as
opposed
to
masters,
it's
a
little
bit
more
up
in
the
air
as
to
whether
or
not
how
we
would
see
exactly
support
masters.
A
There's
a
lot
of
sort
of
chicken
and
egg
type
bootstrapping
issues,
but
we
can
certainly
get
it
working
for
exposing
instance
groups
via
machine
deployments,
and
that
will
give
us
much
better
integration
with
autoscaler
in
theory
like
up
I,
won't,
say
a
better
rolling
update,
but
at
least
a
consistent
rolling
update
across
all
the
all
the
cloud
providers
out
there.
So,
in
other
words,
if
gke
moves
to
the
machine
deployment
as
well,
we
would
expect
the
rolling
update
logic
would
be
the
same
as
on
cops
if
we're
both
using
machine
deployments.
A
A
A
A
You
always
have
the
option
to
use
the
raw
CLI
tools,
so
it
should
be
a
better
combination
by
having
the
power
user
functionality
underneath,
but
then
99%
of
the
time
it
just
works
automatically,
and
you
know
you're,
you
don't
have
to
touch
it,
but
should
you
have
to
break
glass?
You
have
the
CLI
tool
there
and
it's
the
standard
COI
tool-
and
this
is
a-
is
a
sink
Buster
lifecycle,
kubernetes
SIG's
project,
so
it
should
be
used
across
all
the
tools.
A
So
a
bit
like
cluster
API,
everyone
will
all
the
tools
should
have
the
same
experience,
so
that
will
be
good
and
then
I
touch
DC's
for
next
I
think
we
should
do
or
I
have
I
want
to
do.
Gc
eSport,
it
is
a
good
one
or
I.
Think
I
think
we
are
we're
very
close.
The
only
back
blocker
was
other.
We
support
IP
aliases,
which
is
sort
of
a
networking
mode
sort
of
similar
to
the
ws.
A
Is
the
PC
CNI
driver
roughly
and
I
think
we
should
get
that
in
and
then
we
can
sort
of
mark
cops
juicy
sport
like
I
state,
which
I
think
will
be
great
and
then
three
I
feel
like
I'm
doing
I'm
unlucky
I,
don't
anyone
else
wants
to
say
anything
yet
bundle
support
this
solves
the
we
have.
This
thing
called
the
bundle
which
is
basically
a
another
like
non
cop,
specific
specification
of
the
the
the
configuration
of
our
components.
A
A
It
also
means
that
all
the
tuning
that
is
out
there
in
the
cluster
management
life
cycle
should,
in
the
custom
management
world,
should
have
the
same
or
can
use
the
same
bundle,
which
means
that
there
shouldn't
be
a
massive
difference
between
like
how
calico
works
on
cops
versus
how
the
catechol
works
on
cube,
idiom
versus
how
calico
works
on
Qi
ke
versus
AWS
versus
other.
So
it's
sort
of
a
like
standardization
approach.
A
Bundle
itself
is
just
a
format,
but
I
do
hope
that
when
we,
when
we
start
building
out
support
for
it,
that
everyone
will
adopt
it
and
then
something
I've
personally
been
working
on
which
I
am
now
able
to
talk
about
which
is
add-on
operators.
So
we've
talked
a
lot
about
how
add-ons
should
work
the
add-on
we
have
so
much
Navi
in.
A
We
have
a
very
basic
operator,
I
would
say
in
protic
uke,
and
this
is
about
making
it
a
real
operator,
so
that
you'll
be
able
to
see,
for
example,
the
status
of
calico
or
coup
DNS
or
any
of
the
add-ons
that
we
run
today,
they'll
be
exposed
to
CR,
DS
and
you'll
be
able
to
see
sort
of
the
health
and
status
of
them,
the
versions.
In
theory,
you
can
drive
and
we'll
be
able
to
drive,
updates
in
a
more
reliable
way.
So
sometimes
we've
been
a
little
bit
cross.
A
Our
fingers
about
updates-
and
this
will
mean
that
we
can
like
do
an
out-
have
opportunities
to
verify.
The
update
is
working
as
we
expect
putting
extra
logic
like
to
make
to
do
like
migrations.
If
we
have
to
so.
If
calico,
for
example,
steps
up
and
says
here's
the
script,
you
have
to
run
to
move
from
calico
V
2
to
calico
V
3.
We
can
actually
run
that
script
via
an
add-on
operator
automatically.
A
So
we
act
we
haven't
had
anywhere
to
do
that
to
date
and
that
that
is
what
the
operator
idea
would
set
us
to.
So
that's
something
I'm
gonna
be
working
on
and
hopefully
will
seem
lots
more
of
that
and
then
the
two
other
items
I
had
is.
We
should
I
think
we
should
try
to
be
more
secure.
I,
think
we
dodged
a
bullet
on
the
recent
CVE
in
that,
like
our
cops
configuration
was
more
secure
than
others.
A
We
should
try
to
push
people
towards
secure
configurations
as
much
as
we
can
and
and
everyone
else
and
overnights
tried
a
lot
and
I
appreciate
everyone's
efforts
and
but
yeah
we
should
definitely
I
think
we
can
I
think
we're
close
to
being
able
to
achieve
that.
So
I
think
that
would
be
a
big
one
to
do.
Do.
A
It's
actually
a
really
interesting
list
like
you
can
so
like
they
have
an
honest
or
being
set
to
false,
which
we
pass,
but
most
other
people
would
fail
and
they
have
a
lot
of
ones
where
I
think
we
know
that
we
need
to
do
better
like
client,
it's
like
to
blow
10th
occasion,
which
I
think
is
actually
fixed
now
I'm
on
eleven.
Thank
you
to
ever.
Did
that
I
think
there
are
the
interesting
ones
like
there
are
a
bunch
of
ones
which
are.
A
Very
questionable
much
more
debatable
like,
for
example,
always
poor
image
was
the
one
I
liked
brought
up
as
a
topic
for
discussion
always
play
images,
because
it's
a
fairly
niche
attack,
but
that
it
exposes-
and
it
has
a
pretty
big
cost
in
terms
of
the
consequences
of
it-
makes
your
docker
registry
or
your
container
registry,
much
more
important
that
be
a
hundred
percent
available.
So
definitely
trade
off
on
that
one.
It's
not
a
pure
win,
but
I
think
it's
a
great
list
to
work
from
and
to
think
about.
A
A
Think,
if
any
wants
to
do
this,
like
pick
one
of
them
at
a
time
because
it
is,
it
is
tricky
to
do
the
trade-off
analysis,
but
I
think
I
think
we
can
be
as
secure
as
any
other
kubernetes
cluster,
which
I
think
is
a
good,
a
good
good
thing
to
aim
for
and
ideally
as
secure
as
it
as
possible
to
be,
and
then
the
final
thing
I
had
was
about
what
we
definitely
want
to
be
have
more
automated
releases
and
more
timely
releases
and
I
works.
A
It
seems
like
a
great
time
to
do
112
alpha-1.
The
question
is
that
I
think
we
reprieve
eeeh,
see,
discussed
and
said:
I
perceive
done
already,
I.
Think
the
question
is:
do
we
do
130
now
for
what,
at
the
same
time
and
even
more
crazy,
do
we
do
140
now
for
one
at
the
same
time,
and
will
that
just
call
us
even
more
confusion
for
people
or
whether
it
actually
had
people
like
test
with
the
right
version?
D
A
A
A
A
D
A
It
should
be,
it
should
be
fully
automated
I
need
I
think
they
were
the
TLS
to
has
to
go,
go
in
and
calico
is
an
issue
figuring
that
out,
because
we
don't
want
calico
3
talking
to
SUV
I,
guess
from
that
point
either
I
guess
psyllium
is
gonna,
have
the
same
problem,
which
is
gonna,
be
interesting,
I,
don't
know
what
silly
am
I
gonna
do.
Come
130
psyllium,
also
to
extract
to
Etsy,
V
I,
think
they're.
A
They
are
aware
of
the
issue
and
then
the
issue
about
rolling
updates
which,
where
sometimes,
if
you,
if
you
yeah,
sometimes
a
rolling
update,
will
need
to
be
kicked
off
again.
I
might
be
that
as
a
release,
not
to
be
honest,
I'll
see
if
it's
possible
to
fix,
but
it's
a
little
I
think
the
only
way
to
fix
it
involves
making
sure
that
your
Cup's
CLI
tool
is
able
to
reach
into
your
clusters,
which
I'm
not
sure,
is
a
great
idea
to
require.
A
But
I
don't
know,
have
a
look
at
it
and
see,
but
those
those
are
the
three
items.
A
single
node,
not
running
calico,
not
running
a
CD
TLS
should
upgrade
without
any
problem
at
all,
Thank
You,
Joseph
and
any
any
bugs
on
that.
Let
me
know,
and
it
certainly
any
any
yeah
and
I
TLS
is
the
big
one
right
because
I
imagine
all
the
people
out
there
are
running
with
ICD
TLS
and
that
one
needs
to
be
nice
to
be
supported.
A
D
C
Yeah
I
have
some
similar
stuff
like
that.
I
haven't
gotten
time
to
think
about
it,
but
that's
what
I'm
dedicating
my
next
week
to
is
really
thinking
through
a
lot
of
that
stuff,
but
I
yeah
I
want
to
we.
We
need
to
do
more
cost
tags
for
my
team.
We
tag
most
things,
but
that's
not
every
little
thing
that
I
wanted
to
and
I
would
love
I
think
we
already
talked
about
the
release
process.
C
You
know
just
so
that
it's
not
always
on
Justin
to
every
Friday,
every
other
Friday
panic
to
start
pulling
this
stuff
together.
Just
so
it's
not
all
on
their
shoulders.
You
know
some
of
that
stuff
and
yeah.
Some
of
the
security
stuff
I
think,
would
be
really
great.
That
I
see
seeing
this
week
what
happened
and
seeing
that
unknown
some
cloud
providers-
I
won't
mention
didn't
patch
it
even
until
Tuesday.
A
Great
yeah,
I
think
there's
a
sage
key
shouldn't
be
too
hard.
I
think
we
can
I
think
that
I
don't
think
we
use
this
stage.
Key
I
think
we
just
set
it
up,
because
most
people
want
it
so
just
into
mind
away.
So
there
was
even
a
dig
into
it:
yeah
I
think
there
might
be
an
open
PR
to
have
a
look
before
you
code.
It
do
a
search
on
that
and
then
but
yeah
tagging
is
techne
is
always
tricky.
I
think
one
of
the
nice
things
about
cluster
API
might
be.
A
It
might
be
possible
to
get
away
from
a
lot
of
the
tagging.
We've
been
doing
to
date
if
you're
willing
to
have
a
management
cluster,
so
if
you're
willing
to
so.
If
we
go
to
this
this
idea,
what
we've
been
calling
cups
server,
but
is
you
know
the
idea
that
you
have
these
objects
represented
in
a
kubernetes
cluster
somewhere?
So
it's
not
going
to
be
every
configuration,
but
if
you
do
that,
we
we
are
able
to
find
objects.
We're
able
to
write
back
the
the
IDS
of
objects
rather
than
finding
them
by
tags.
A
D
G
So
actually,
my
wish
is
to
have
this
kind
of
controller
mode
for
Cox
cuz
like
I,
find
that
scary,
so
I
try
to
implement
it
kind
of
my
way,
but
it
works
but
I'm
not
so
confident
of
running
it
all
the
time
or
anything
but
but
yeah.
So
with
the
previous
project,
I
worked
on,
we
used
to
have
this
little
parade
or
were
things
will
not
hold
operator
back
then?
So
it
would
update
the
class
Tyrian
in
wooden.
G
G
G
Things
would
just
go
I
understand
the
cops
works
a
little
bit
differently,
but
you
shouldn't
be
dead,
then
complicated
to
do
when
you
mean
yeah,
but
I
would
love
to.
So,
let's
put
it
this
way.
I
broke
a
cluster
with
a
wrong
environment.
Variable
you
know,
and
I
don't
want
to
do
this
again
and
pretty
for
everyone.
You
hear
this
laughing
I.
A
Am
definitely
yes,
that's
that's
the
challenge
right.
It's
when
everything
works,
it's
great,
but
if,
if
something
goes
wrong,
what
do
we
do
and
I
guess
I
guess
that
one
cups
is
nice
and
that
we
have
the
CLI
tool?
Is
our
fallback
I'm
very
scared
by
the
idea
of
just
just
doing
it
inside
the
cluster
that
that
seems
very
brave,
but
okay,
we
definitely
have
it.
We
have
it.
We
have
a
something
we
haven't
really
dealt
with,
because
it's
in
the
CLI
tool
is
the
fact
that
there
will
be
no
sanity
check
anymore.
A
I
guess,
like
kubernetes
itself,
doesn't
have
a
sanity
check.
It's
not
like.
You
approve
like
creating
a
load
balancer
before
it
goes,
and
does
it
so
we,
but
it
would
certainly
be
a.
We
want
to
make
sure
that
CD
manager
is
doing
those
backups
first
before
we
start
like
letting
you
just
go
for
crazy
on
deleting
things
in
an
automated
way.
A
G
A
Think
you
raised
heritage
of
captrick
I
think
it
would
be
a
great
success
if
we
ensured
that
cops
was
a
very
thin
wrapper
around
like
things
that
are
generally
maintained
and
standard
and
I.
Think
a
lot
of
the
things
that
we've
done
in
cops
are
I
would
say,
Best
of
Breed,
I'm,
sure
other
people
would
say,
but
the
Romans
are
Best
of
Breed,
but
you
know
like
at
least
as
good
as
the
other
ones,
and
so
I
think
we
have
a
lot
to
contribute
to
those
projects.
So
I
think
that
would
be
a
great
success.
A
A
So
they
have
a
commander's
cluster
run
the
controller
on
that
run,
the
CR
DS
against
in
that
controller,
and
then
you
assume
that
one's
always
available
or
like
you
know
you
have
another.
Something
else
manages
that
one
and
then,
and
then
it's
easy
to
upgrade
your
cluster
and
you
always
have
that
control
plane
available
or
their
management
plane
available.
So
you
could
use
jke
or
eks
or
a
cop's
cluster.
The
increase
in
the
CLI
tool
to
to
do
that.
A
I
think
one
of
the
things
I'm
trying
to
experiment
with
is
to
what
extent
can
we
get
something
like
that
with
the
cluster
API
and
I'm
going
to
have
today
when
you're
running
a
single
when
you're
just
creating
your
first
cluster
like?
Can
we
make
that
more
similar
and
like
copses,
has
we've
started
using
an
abstraction
that,
like
makes
the
Koopa
net,
makes
the
s3
bucket
look
like
a
normal
client
set
a
normal
crew,
Benes,
API
and
I?
A
Don't
know
whether
we
can
we
can
actually
make
like
one
of
the
ideas
could
be
to
bring
up
a
local
API
server
like
an
ephemeral,
API
server,
but
we
just
can't
be
everything
from
the
s3
bucket
into
that,
and
then
it
is.
It
is
committees,
and
you
always
have
the
controlling
when
you're
running
the
you
always
have
the
management
cluster
when
you're
running
cops,
but
it
disappears
immediately
afterwards,
for
example.
A
A
Yes,
I
think
there
is
a
pause
by
the
way
I
think
there
is
I
posed
in
there.
That
is
a
little
conservative.
So
if
you
would
like,
like
I,
think
you
can
set
your
node
intervals
a
little
shorter,
but
yes,
it
would
be
great
to
get
that
the
drain
at
least
takes
a
little
while
so
there's
there
vib
the
like,
like
a
deployment
I,
don't
know
what
it's
called
the
batch
batch
rolls
right.
That
would
be
great
and
I.
A
Think
Serge,
someone,
I,
guess
I
think
gamble
implemented
it,
but
we
have
emerged
it
because
of
the
intention
to
do
cluster
clever,
like
Serge
use.
If
you
allow
the
cluster
to
grow
before
it
or
that
group
to
grow
before
you
shut
them
down,
then
you
can
do
many
more
at
once
like
in
theory,
you
could
just
double
the
size
and
terminate
them
all
or
termina
half
of
them,
and
and
then
it
would
be
near
instant
or
it
would
be
much
much
faster.
It
becomes
sometime.
A
Yeah
I
don't
know
if
there's
anything
else.
Otherwise,
that's
what
we
have
on
our
agenda
for
the
day
so
I'll
do
it
my
going
going
going
going
going
all
right.
Thank
you.
Everyone
I
have
a
wonderful
rest
of
the
year
and
see
some
of
you
could
comment.
I
think
we
are
still
scheduled
to
have
one
of
these
in
two
weeks,
but
that
seems
very
alert.
Oh
no,
that's
actually
find
this.
Maybe
I
should
be
fine,
but
we
will
see
I,
don't
expected
me
vas
get
in
it.