►
From YouTube: Kubernetes kops office hours 20200828
Description
Recording of the kops office hours meeting held on 20200828
A
Hello,
everybody
today
is
friday,
august
28th.
I
am
your.
This
is
the
cops
office
hours.
I
am
your
moderator,
facilitator,
justin,
santa
barbara.
I
work
at
google
a
reminder
this
meeting
is
being
recorded,
will
be
put
on
the
internet
on
youtube
and
please
be
mindful
of
our
code
of
conduct,
which
boils
down
to
being
a
good
person.
We
do
have
a
fairly
full
agenda.
I
pasted
the
link
to
the
agenda
in
the
chat
in
zoom
here.
Please
do
feel
free
to
add
your
name
to
the
agenda.
A
I
will
replace
it
in
case.
Anyone
doesn't
doesn't
have
it.
Please
do
feel
free
to
add
your
name
to
the
agenda,
particularly
if
you
want
people
to
correlate
you
when
watching
the
video
currently
you're
back
from
watching
the
video
and
because
we
have
so
much
on
the
agenda.
A
Please
do
add
your
topics
at
the
correct
point,
which
isn't
necessarily
the
end
but
so
like
if
wherever
it
makes
sense
and
we
will
endeavor
to
get
through
all
of
them,
but
if
we
don't
have
them
in
there
in
the
minutes
in
the
meeting
notes,
it
will
be
hard
to
do
so
all
right.
So
with
that
and
then.
B
I
suggest
it
looks
like
some
open
discussion
items
are
going
in
the
action
items
section
so
make
sure
it's
in
the
right
section.
A
Please,
yes,
yes,
we
we
have
a
review
action
items
from
last
time
section.
I
can
also
make
some
adjustments
or
try
to
make
some
adjustments
on
the
fly.
If
I
make
a
mistake,
please
call
me
on
it,
but
I
we
do
have
some
action
items
for
review
from
last
time.
Hackman.
I
believe
you
bravely
volunteered
last
time
to
attempt
a
release
and
you
are
going
to
update
us
on
the
status
of
such
said
release.
C
So,
first
of
all,
sorry,
if
I
didn't
wait
for
everyone
to
lgdm,
as
the
procedure
says,
but
being
an
alpha,
I
don't
think
that's
really
that
of
much
of
a
problem,
so
a
short
update,
short
version
managed
to
do
build
image
promotion,
even
the
github
draft.
It's
ready
with
the
release
note
and
everything
thanks.
C
D
Well,
it's
fair
enough.
Yes,
the
legacy
legacy
buckets
and
legacy.
Yes,
the
legacy
locations.
How
about
that.
C
Okay,
so
those
those
ones
are
well.
Obviously,
I
don't
have
permissions
to
write
there,
but
there
is
still
the
artifact
promotion
that
probably
you
also
have
the
credentials
for
it
being
the
project
owner
or
something
working
at
google.
A
It
it's
actually
because
I've
been
working
on
this
on
the
binary
promoter.
It
is
not
yet
the
non-image
promoter,
it
is
not
yet
there
and
yes,
I
do
have
the
it's
not
yet
automated,
and
I
am,
I
currently
have
permission
to
promote
it
manually.
I
will
lose
that
permission
once
we
get
it
working
in
an
automated
fashion,
but
yes,
I
will.
I
will
do
this.
C
I
noticed
a
few
things:
the
major
ones,
one
there
is
no
tooling
section
in
the
release
document.
So
if
someone
new
starts
it's
like,
where
is
the
cluster
image
promoter?
C
A
It
certainly
wouldn't
have
been
a
deliberate
decision
to
not
support
mac.
It
may
have
been
that
we
that
I
I
guess
this
is
linus-
that
there's
some
reason
why
it's
hard
to
support
the
mac,
but
I
suspect
it's
just
that
he
doesn't
use
a
mac.
C
C
But
after
that
should
be
a
pretty
easy
task
to
to
go
for
them,
and
there
was
one
more
issue
with
image
promoter.
I
don't
think
the
ammo
that's
generated.
It's
actually
correct.
A
That's
I
so
I
it
currently
we
have
it
grouped
by
release,
which
I
think
is
the
right
thing
to
do.
Otherwise,
it'll
become
very
difficult
to
review.
I
think
it
works
if
it
doesn't
work,
it
works.
A
If
you,
if
you
generate
the
manifest
for
the
for
the
non-container
images,
you'll
see
that
there
are
different
files
for
each
release,
which
is
sort
of
like
a
much,
in
my
opinion,
clearer
way
of
doing
things
and
that's
sort
of
so
it's
sort
of
like
a
question
of
how
should
we
use
this,
and
I
think
that's
a
great
issue
to
open
again
in
that
repo
and
say
like
look:
here's
how
we're
using
it
and
like
does
this
make
sense,
type
thing
and
that
sort
of
thing,
okay,
so
lower.
A
For
that
cool
and
on
the
topic
of
the
the
requirements,
one
of
the
things
we
could
do
is
we
could
create
a
subdirectory
with
its
own
go
mod
and
we
could
basically
reference
the
the
tools
as
long
as
they're
go
tools
and
then
run
them
from
there.
So
we
would
have
a
known
version
of
the
tools
as
well
without
polluting
the
main.
The
main.
C
Goal
by
the
way,
there
is
one
tool
written
by
you
with
me
yeah
and
you
have
to
merge
one
of
your
pr's
there,
minus
src.
A
C
Okay-
and
I
don't
know-
I
thought
it
was
in
your
repo-
I
don't
remember
anyway.
The
feeling
was
that
it's
doable
so
with
minimal
effort
and.
C
Because
the
image
promotion
works,
I
already
did
the
change
in
cops
to
use
the
images
from
the
official
repo.
So
for
the
next
release
we
can
skip
pushing
to
cope
dot,
io
copaio
docker.
A
Hub
that
could
be
great
yes,
because,
like
the
the
reason,
these
the
reason
that
these
still
ex
so
we
got
to
get
rid
of
yeah.
The
reason
these
still
exist
is
because
we
haven't
yet
moved
the
canonical
location,
in
particular
from
the
cubot
v2
bucket
that
relies
on
the
binary
promoter,
but
yes
doing
the
image.
One
would
be
great,
so
it's
done.
C
A
C
F
G
Can
find
the
word
for
it
is
now
per
image,
but
it
counts.
Two
two
of
the
each
image
counts
for
two
things,
because
it's
it's
done
against
the
request
against
a
certain
endpoint.
There
is,
I
believe,
a
workaround
for
open
source
projects,
but
you
have
to
actively
get
in
touch
with
them.
I
can
find
out
from
someone
else.
I
know
the
email
address
to
get
in
touch.
G
As
they've
now
clarified
it,
I
I
will
find
a
link
and.
C
A
E
I
think
sorry,
I
I
think
if,
if
we,
if
we're,
extending
the
backwards
support
and
also
if
there
is
probably
a
lot
of
people
that
won't
be
able
to
do
to
move
to
119
and
if
they
have
a
large
cluster
and
they
do
a
running
restart
for
any
reason,
a
security
batch
or
whatever
they
might
actually
get
into
troubles.
For
that.
A
C
A
Thing
there
is
another
sorry,
the
release
artifacts
in
github,
it
sounds
like
was
a
proposal.
You
had.
C
The
list
of
artifacts
in
github
is
quite
big
and,
from
my
point
of
view,
it's
unnecessary
to
link
directly
images
or
even
node
up.
So
my
proposal
would
be
to
just
have
all
the
cops
binaries
with
hashes
plus
an
offline
package
that
someone
can
download
and
contains
everything.
So
it
will
be
much
less
messy.
A
A
Yeah,
sorry
it
should
it
should
work,
because
we
have
special
logic
to
detect
github
in
our
mirror
logic
and
rewrite
the
paths
whose
underscores
that's
how
much
we
wanted
this.
How
much
I
wanted
this
yeah,
then
I
guess
I
messed
it
up.
Okay
or
like
it
wasn't,
it
has
to
be
published,
of
course.
So
it's
it's
sort
of
you
never
know.
If
it's
going
to
work
until
it's
until
it's
up
there.
C
Okay,
anyway,
because,
as
I
did,
the
changes
for
arm
64.,
I
never
looked
at
this
logic
part.
So
I
might
have
broken
it
a
bit,
but
I
think
we
only
need
it
for
node
up
so
shouldn't
be
and
proto
cube.
A
Right,
yes,
I
think
so
I
I
think
it
would
be
nice
if
we
had
a
second
like
in
the
long
term.
It
would
be
nice
if,
if
artifacts.kate
said,
I
o
was
bulletproof
and
reliable
and
we
didn't
have
to
do
this
and
we
could
have
clean
github
releases,
but
that's
why
we
have
these
binaries
and
they
get
to
release
right
now.
It's
a
second
mirror.
C
Okay,
I
will
think
about
it.
A
You
thank
you.
You
have
the
next
item
as
well.
I'm
sorry,
I
want
to
keep
us
moving
along
here,
say
about
moving
images
from
kopio
to
kate's
gcrdia,
which
it
sounds
like
you
yeah.
We
already
discussed
it
yeah.
C
Cluster
members,
so
I
create
you,
said
to
create
an
issue
in
lcd
manager,
and
I
created
it
also,
I
think
at
some
point
we
will
have
to
cut
a
new
version.
There
is
one
fix
for
open
stack
and
there
will
be
also
the
multi-arch,
and
maybe
this
one.
If
someone
manages
to
work
on
it,
if
not,
but
anyway,
we
need
the
three
four
nine
hcd.
A
Right,
yes,
it's
some
version,
I
seem
to
recall
there
are
more
fixes
going
in
every
day,
but
yes,
anyway,
thank
you
for
creating
the
issue.
I
will.
I
have
not
apologize.
I
have
not
yet
had
a
chance
to
look
at
it.
We
should
update
to
the
latest
at
cd.
As
I
recall,
in
upstream
kubernetes,
there
was
some
debate
about
like
whether
we
were
we
were
waiting
for
a
fix
that
just
landed
or
something
like
that
to
do
with
permissions
file.
Permissions.
A
H
Stretch,
sorry
about
that,
I
probably
put
it
in
the
ring
section:
it's
mostly
about
moving
entity
manager
out
of
stretch.
H
It's
no
longer
supported,
so
I
know
we're
using
the
hypercube
image
before
that
is
discontinued.
There's
no
update
on
it.
I
just
created,
I
started
using
debian
base,
which
is
what
kk
uses
and
installed
the
required
mount
and
other
packages
on
there.
So
yeah.
A
A
C
I
also
think
that
if
we
want
we
can
move
to
this
trollers,
it's
pretty
much
the
same
thing
I
did
for
protocube
just
that
people
would
have
mount
the
right
anyway.
They
have
to
mount
the
right
volumes
to
use
it,
but
my
thought
is
that
this
trollers
would
work
for
lcd
manager
also.
A
Can't
remember
they
have
to
make
fs.
Do
we
have
to
make
of
us?
Do
we
have
to
make
make
mkfs
xc4
and
is
it
industrious?
No,
we
mount.
Oh,
the
house,
one
yeah.
C
A
Let's
start
with
what
rodriguez
said
I
propose,
and
then
let's
see
whether
we
should
go
to
distress.
I
think
that
makes
sense.
Okay,
that's.
A
Okay,
thank
you.
Eric
on
the
gce
test,
jobs
or
eric
computer
looks
like.
F
Well,
this
is
just
a
quick
update
from
last
week,
based
on
the
discussion
we
had
there.
We
did.
We
were
having
issues
with
the
service
accounts
that
the
gce
nodes
were
running
as
they
didn't
have
access
to
a
state
store
bucket
or
any
any
storage
that
so
we
were
having
trouble
granting
the
permissions
so
justin
suggested
to
create
that
bucket
inside
the
project
and
manage
to
manage
that
as
part
of
the
lifecycle
of
cubetest.
So
we
got
a
couple
prs
in
actually
got
some
changes.
F
We
actually
got
changes
into
cubetest,
which
was
awesome,
and
we
are
waiting
for
some
final
like
thumbs
up
and
some
tests
to.
Let's
see
if
hopefully
that
works,
if
it
doesn't
then
I'll
put
another
patch
in
that
will
just
set
the
permissions
on
the
bucket.
I
was
trying
to
avoid
doing
that,
but
otherwise
we
should
be.
We
think
we
may
be
able
to
get
this
going
again
for
real,
so
I
don't
need
any
anything
else
to
add
on
that.
That's
all
right!
A
That's
awesome,
thank
you
both.
I
don't
know
if
I
can
do
permissions
on
that,
I
can
do
the
the
lgtms,
but
I
will.
F
A
F
Yeah,
no
we're
it's
we're
not
waiting
on.
It's
not
you
in
this
case
it's
in
test
and
for,
but
I'm
not
sure,
you're
relentless.
I
can
probably.
F
If,
if
he
runs
issues,
okay,
awesome
well,
thank
you
for
doing
that.
A
Okay,
let's
move
into
the
open
discussion
section
first
up
hackman
talking
about
our
friend
calico
v2
and
ncd2.
C
Yeah
kind
of
bumped
into
that
this
week
there
was
a
bug
where,
because
of
some
old
change
there,
it
was
using
an
older
when
you
selected
calico,
when
you
created
a
cluster,
it
was
using.
C
C
C
A
Specifically
yeah,
I
don't
know
if
I
I
don't
know,
if
there's
anyone
in
that
camp,
anyone
that
is
still
doing
so,
I
I
don't
think
it's
unreasonable
at
this
time
to
say
like
we
should
not
backport
it
but
to
say,
like
cups,
119
does
not
support
this.
I
think.
That's
I
don't
know
we
haven't
actually
deprecated
it.
I
have
we
deprecated
calico
v2,
technically.
I
A
I
I
think
peter
suggested
like
if
calico
v2,
as
far
as
I
know,
if
calico
v2
stops
working
with,
say,
kubernetes
one
is
only
supported
after
kubernetes
114
or
something
when
we
drop
kubernetes
114,
we
could
obviously
drop
calico
v2.
C
You
know
it's
just
one
111,
that's
it
the
manifest
stops
there.
So
there
is
a
manifest
from
from
kubernetes
112
that
uses
only
v3.
There
is
no
v2,
for
here.
Usually
running
cops
are
in
calico
itself
in
cops,
so,
but
we
have
a
fixed
calico
manifest
in
our
repo.
So
if
you
want
to
move
to
kubernetes
112,
you
have
to
switch
from
v2
to
v3.
B
Yeah
and
so
we've
deprecated
kubernetes
111
in
119.,
and
so
it
will
be
gone
in
120.
A
I
think
one
of
the
things
we
should
talk
about
is
whether
we
want
to
start
the
120
branch.
I
do
119.
like
cut
the
119
branch.
A
If
we
feel
like
we
can
do
it
in
120,
maybe
that
maybe
that
keeps
lets
us
keep
our
our
deprecation
policy,
but
I
I
normally
have
the
person
arguing
for
deprecation
like
like.
We
should
be
like
careful
and
do
this,
but
in
this
case
I
feel
like
it's
so
so
on
the
edge
that
I
I
don't
know.
If
it's
I
don't
know,
if
it's
doing
anyone
a
service
to
encourage
them
to
keep
running
category
two.
B
C
C
A
C
I
will
let
the
release
note
in
118.
one
okay,
cool
or
119,
but
yeah.
A
Thank
you
thanks.
I
don't
know
if
olay
is
here,
he
has
a
he's.
Not
are
you,
gonna
represent
this
cluster
auto
scaler.
A
C
Why
not
so
he
did
the
pr
it's
a
nice
idea
to
take
care
of
cluster
auto
scaler,
because
it's
also
kubernetes
version
related.
So
it's
not
a
generic
add-on
like
nginx
ingress,
let's
say.
A
I
I
I
I'm
not
opposed
to
the
pr
I'm
opposed
to
the
reasoning.
I
think
we
can
achieve
that
with
cluster
add-ons,
but
but
I'm
opposed
I'm
not
a
sorry,
I'm
not
opposed
to
the
pr
itself.
I
don't
know
if
anyone
else
has
any
views
on
this.
This
pr.
C
A
Yeah,
a
more
like
more
like
more,
like
you
know,
bigger
picture
like
I'm
sure
that
oh
I
will
address
those
review
things,
but
yeah.
A
Yeah
the
the
the
argument,
the
argument
that
I
would
make
there
is
we
have
enough
add-ons
in
cop's
tree
already
that
we
have
to
have
a
migration
path
that
works
well
and
so
having
the
having
the
add-on
in
the
tree
doesn't
cost
us
anything
and
it
it
helps
us
like
figure
out
what
that
manifest,
should
look
like
and
get
people
using
it.
So
I
don't
wanna,
I
don't
wanna
block.
I
don't
wanna
block
entry
add-ons
on
a
hopefully
imminent
cluster
add-on
solution.
C
Okay
and
switch
for
it
with
enable
disable
disable
by
default.
A
Right,
at
least
for
this
beginning,
when
we
introduce
it
yes,
it
sounds
like
we've
been
like
trending
towards
making
it
more
required,
but
I
I
don't
want
to
introduce
it
and
make
it
enabled
by
default.
A
So
I
have
the
next
topic,
which
is
the
discussion,
a
general
discussion
of
cluster
add-on
operators.
I
propose
that
we
defer
that
till
later,
because
there
looks
like
there's
some
sort
of
potentially
better
defined
topic,
so
shall
I
jump
unless
anyone
disagrees,
I'm
going
to
jump
to
mosh
about
gce
support.
I
Yeah
so
there's
an
issue
that
we've
been
tracking
and
twitter
has
been
really
helpful,
with
addressing
issues
that
we've
been
finding,
so
we're
trying
to
set
up
a
production
ready
cluster
on
gce,
that
is
private,
so
with
the
bastion
internal
load,
balancer
and
everything.
I
I
was
just
curious
because
I
noticed
even
in
the
documentation
that
gces
isn't
really
a
first-class
citizen
yet
and
cops.
We
need
to
enable,
like
the
feature
flag
and
everything.
So
I
was
just
curious
if
we
even
have
any
sort
of
plan
around
it
to
promote
it
to
to
be
officially
supported.
F
We
I
I
definitely
would
like
to
see
it
fully
supported
that
was
partially
my
goal
before
coronavirus
hit
and.
I
So,
unfortunately,
as
far
as
like
go
knowledge
goes,
I
don't
have
that
much
to
actually
dive
into
the
code
and
like
find
the
bugs.
I
can
help
with
any
way
I
can.
Testing
is
something
I'm
willing
to
do
so
with
I
mean
well,
we
have
an
account
on
gce
and
we're
willing
to
try
and
help
out
with
anything
we
can
so
at
least
from
that
area.
I
F
Definitely
we
are
super
happy
to
have
more
people
using
it.
I
think
that's
one
of
the
biggest
things,
but
what
I,
when
I
meant
testing
I
was
saying
our
automated
end-to-end
testing
right
now
has
been
broken
for
gc,
so
that
will
hopefully
help
like
the
idea
is
get
that.
A
Eric
you're,
I
think,
you're
breaking
up
at
least
for
me,
judging
by
some
other
faces,
I
think
so
too.
You
might
turn
off
your
video
because
it
sounds
like
bandwidth
or
something
maybe.
F
Sorry
not
sure
what
that
is
much
better:
okay
in
any
event,
yeah,
so
we're
working
on
getting
the
testing
correct
first,
so
that
we
can
create
a
situation
that
looks
like
your
private
networking
so
that
we
can
have
that
captured
in
the
end
to
end
test,
so
that
we
don't
break
so
that
we
get
cops
working
for
gce
and
then
once
we
have
that
one.
You
can
make
sure
that.
I
We
lost
you
again
and
I
guess
my
last
question
about
it
would
be
so.
I
mentioned
an
issue
there
8626,
which
has
been
open
for
a
while
and
we
just
reopened
it.
Actually
it
was
closed.
Do
we
want
to
create
a
new
issue
and
like
centralize,
all
the
open
issues
we
can
see
there
or
do
we
just
want
to
use
this
one
and
continue
moving
forward
like,
but.
F
Maybe
we
can,
we
can
transfer
this
stuff
out
of
that
anything.
That's
like
any
active
action
items
out
of
that
and
make
a
new
issue.
Is
that
so
reasonable.
A
Yeah,
I'm
not
sure
if
anybody
can
hear
me
yeah,
we
can
hear
you,
I
think,
yeah,
it's
reasonable.
I
think
yeah
everyone's
workflows
are
different
and
whatever
yeah,
if
you're.
If
you
have
some
diamonds,
look
at
this,
then
if
that
would
help
you
then
that's
great.
I
also
want
to
make
gcp
work
better
with
cops.
So
obviously,
so
I'm
it's
just
a
matter
of
finding
all
the
time
but,
as
I
recall,
like
the
big
blockers
are
figuring
out
the
things
which
are
harder
to
change.
A
So,
in
other
words,
should
we
do
the
ip
aliases,
which
are
the
adios
equivalent?
Is
the
aws
vpc
cni?
Should
we
do
that
as
the
primary
mechanism,
or
should
we
use
the
routes
thing?
I
think
we
should
use
ip
aliases,
but
that's
like
that's
the
sort
of
thing
which
we
have
to
figure
out,
which
would
be
a
bit
like,
I
think,
even
with
gke.
A
There
is
no
way
to
switch
a
cluster
and
that's
what
we
want
to
figure
out
before
we
make
it
like
not
feature
flagged
anything
that
would
require
you
to
re-build
your
cluster.
We
want
to
decide
and
get
a
good
decision
on
if
you
have
insight
into
whether
we
should
use
what
gk
equals
ib
aliases
or
whether
we
should
use.
A
I
think
what
we're
still
doing
today,
which
is
the
the
custom
routes
that
would
be
very
helpful.
F
Yeah
we,
we
should
definitely
steer
ourselves
towards
going
the
the
alias
range.
The
secondary
ranges
that
sort
of
more
this
more
native,
gke
or
gce
networking
so
yeah
once
we,
I
think,
the
the
the
biggest
the
primary
obstacle
to
getting
this
getting
that
flag
off
is
getting
testing
working
and
getting
like
a
green
test.
F
Once
we
can
do
that,
we
can
start
thinking
about
moving
that
out
of
the
alpha
flag
and
then,
as
soon
as
that
happens,
we
can
we'll
we
can
really
dig
in
on
this
and
get
this
this
networking
stuff
ready
for
you.
It's
a
goal
of
mine
too,
so
we're
in
this
we're
on
it.
A
Okay,
thank
you.
I
I
think
I
know
this
number
well
and
I
have
written
it
down,
but
I
john
do
you
want
to
yeah?
Well,
it
didn't.
B
A
I
I
don't
know
why
I
haven't
taken
a
look
at
the
apollo
dress.
Okay,
I
it's
not
that
I
I
just
have
not
looked
at
it.
I
apologize.
I
don't
there's
no
reason
for
my
not
having
done
so.
I
don't
know
if
anyone
else
has
any.
A
B
B
A
I
can
take
a
look
at
gce
that
would
be
fun
unless
anyone
else
wants
to
okay,
the
likely
suspects.
A
A
This
is
9653.
Yes,
this
is
the
the
this
more
secure
bootstrapping
of
worker
nodes,
using
cloud
assist
or
cloud
specific
functionality
yeah.
I.
B
A
Issue
probably
help,
I
think
doing
it
for
an
issue
just
doing
what
you
described
would
saying
what
you
just
would
probably
help
a
lot,
and
then
we
can,
if
we
do
one
of
them
first,
we
can
link
that
pr
to
that,
so
that
people
have
a
reference
of
what
it
looks
like.
Even
if
the
details
will
be
a
little
bit
different
on
each
cloud.
B
Is
gce
the
interested
party
or
is
there
somebody
else?
Some
other
cloud
want
to
take
it
off.
A
I
think
the
openstack
people
don't
our
time
our
times
aren't
incompatible
from
with
this
one.
So
I
would
guess
google.
B
Okay
and
the
other,
what
I
must
said
is:
what
timing
do
we
want
for
branching
and
cutting
beta
for
119.
A
B
Do
like,
I
think
our
goal
is
to
cut
up
a
beta
soon
after
the
release
of
kubernetes.
So
are
we
close
enough
to
caught
up
that?
We
want
to
follow
that
goal.
A
That's
true:
it's
it's
about
it's
about
the
volume
of
it's
about
it's
about,
having
a
way
to
keep
merging
changes
that
are
riskier
and
we
don't
necessarily
want
to
delay
the
119
so
like,
for
example,
if
we
were
to
introduce
cluster
api
which
like,
if
I
were
to,
if
I
were
to
somehow
get
get
that
into
shape
or
the
better
example
the
cluster
add-ons
pr
right.
This
is
a
like.
A
It's
not
going
to
it's
not
going
to
ship
in
the
119
time
frame
so
to
introduce
it
now
is
probably
just
additional
risk
like
if
we
wanted
to
clear
that
and
merge
it
somewhere,
it's
nice
to
have
the
the
two
branches
so
that
we
can
say.
Yes,
we
can
merge
this
it's
in
a
great
state,
but
we
don't
want
to
do
like
take
a
a
schedule
risk
on
the
119
release.
A
B
Yeah
we
need
some
fix
for
the
yeah
for
the
the
insert.
C
C
B
Let
me
propose
that
we
shoot
to
try
to
branch
sometime
after
the
next
meeting,
all
right,
let's
evaluate
the
next
meeting,
whether
we're
at
a
branch.
It
sounds
like.
C
We're
not
ready
to
branch.
Now,
from
my
point
of
view,
the
arm
64
can
be
announced
also
for
worker
nodes.
For
now,
and
we
can
branch
the
beta,
let's
say
just
before
the
next
meeting.
Multi-Arch
images
can
be
done
easily
at
some
point
and
merged,
but
we
have
to
know
that
at
cd
manager,
it's
anyway
a
blocker,
and
we
would
have
to
do
something
about
it
and
also
don't
forget
about
hcd
manager
and
docker,
because
even
if
our
images
are
on
kubernetes
registry
at
cd
would
still
have
to
be
pulled
from
the
regular
docker.
A
Yeah,
the
right,
I'm
I'm
trying
to
get
that
merged
into
the
ncdadm
kubernetes
six
project,
I'm
having
a
la
protracted
battle
with
the
cla
bot
rodrigo.
Thank
you
for
updating
your
email.
I
don't
think
it's
you
anymore
and
yes,
the
so
that's
that's
one
path.
There
may
be
others.
B
A
And
people
can
think
about
what
additional
features
we
need:
119,
okay,
okay,
which
brings
us
on
to
nicely
onto
peter's
your
topic
around
the
acm
certificate
and
basic
removal
of
basic
growth.
F
So
we
had
a
couple
ideas
for
this
last
week:
one
involved
creating
a
second
listener
on
the
elb
that
does
not
have
the
certificate
on
it,
so
it's
only
layer
four
and
it
and
it
targets
the
same
port.
On
the
instance
same
api
server
authenticated
port.
F
It
turns
out
there's
there's
a
limitation
with
eobs,
where
you
can't
have
an
ssl.
You
can't
have
two
listeners
targeting
the
same
port
using
different
protocols.
F
I'm
not
sure
why
that's
a
restriction,
but
it
is
so
if
we
wanted
to.
If
we
believe
the
dual
listeners
option
is
the
best
way
to
solve
this,
then
I
think
we
would
need
to
be
using
nlbs
and
there
is
a
work
in
progress,
pr
to
add
support
for
it,
but
it's
fairly
out
of
date.
So
it's
going
to
need
some
updates
and
it's
still
a
significant
change.
So
it'll
require
some
review,
but
the
author
said
they're
hoping
to
get
it
done
soon.
F
But
if
we
believe
that
this
is
the
solution,
then
this
I
think
this
should
be
considered
a
blocker
for
119.
B
I'm
thinking
the
in
the
other
pr
targeting
the
internal
dns
name
might
have
to
do.
The
only
other
thing
I
can
think
of
is
we
bring
back
support
for
static
tokens.
A
But
it's
a
yeah,
the
other,
the
other
one
I
was
thinking
of
is
we
have
the?
What
is
it?
We
have?
The
the
health
check
cube
coupe
api
health
check,
so
we
have
that
one.
Maybe
that
could
open
another
port.
A
I
don't
know
that.
Wasn't
the
intent
of
that
of
that
part
of
that
sidecar.
So
I'm
not
wild
about
it,
but
that's
another
option
like
or
by
some
means
open,
a
second
port.
A
All
right:
well,
let's,
let's
I
guess
it's
evaluate
those
options
and
I
agree
that
it
is
very
likely
a
blocker
because
it's
I
think
people
have
used
this
functionality
and
it
is
a
yeah.
It's
a
regression.
It's
a
behavior
that
used
to
work
and
goes.
A
Away,
okay,
anything
we
want
to
add
on
that,
or
should
we
carry
on
and
talk
about
on
the
issue?
Okay,
simone
hacktoberfest.
E
A
That
sounds
cool.
I
don't
think
we're
ever
going
to
regret
that
sort
of
the
investment
in
the
contributor
experience
and
it's
nice
to
have
a
motivating
thing
like
oktoberfest,
like
octoberfest,
starts
in
october.
Right
sorry
does
happen.
E
Okay,
I
believe
so
I
think
he
goes
off
for
a
month
and
the
goal
is
to
get
five
pr's
opening
projects,
so
I
mean
even
if
it's
documentation-
or
I
mean
it's
important
well,
every
part
is
important.
I
could
do
I
mean
I'm
offering
to
do
an
effort
to
look
into
what
it
means
and
say
we
could
do
these
things
to
prepare
for
it.
A
I
think
it's
a
good
idea
to
at
least
look
into
it.
I
think,
in
my
opinion,
I
think,
yeah.
I
think
it's
great.
If
you
want
to
organize
it.
I
think
like
trying
to
corral
people
to
do
these
things
is
is
would
always
be
appreciated,
and
I
I
do
worry
a
little
bit
that
we're
going
to
have
like
you
know
not
enough
review
bandwidth
if
we
have
a
thousand
pr's
that
get
opened,
but
I
maybe
maybe
we
can
see-
I
I
don't
know
who
organizes
who
organizes
oktoberfest.
A
It's
digitalocean,
okay,
yeah.
If
we
could
get,
maybe
we
could
persuade
them
that
they
should
give
credits
for
people
that
want
to
hack
on
do
support
for
cops,
and
these
swag.
E
Everywhere
for
for
whoever
gets
so,
there
is
a
some
kind
of
price
for
for
participating.
E
A
The
other
thing
that
makes
it
particularly
attractive
right
now,
in
my
opinion,
is
with
kubecon
going
virtual.
There
aren't
that
many
like
fun
things
and
I
feel
like
kubecon-
is
also
going
a
little
bit
more
corporate.
So
like
this
sort
of
fun
thing
is
not
as
not
as
does
is
not
the
norm
anymore
and
so
like
this
would
be
complementary
to
kubecon
how
about
that
in
terms
of
audience
and
and
fun.
So
I'm
I'm
particularly
enthusiastic
about
this
sort
of
thing,
but
yeah.
I
don't.
A
I
don't
know
a
lot
of
details,
but
I
I
think
it'd
be
fun
as
long
as
we
can
make
sure
that
doesn't
swamp
our
limited
bandwidth,
and
I
think
that
would
be.
I
think
it's
good,
like
the
we
might
not
have
time
to
talk
about
it,
but
the
google
summer
of
code
program,
I
think,
was-
was
great
in
this
regard,
so
this
could
be
like
a
fun
version
of
that
sounds
good.
Thank
you
awesome!
So
yeah.
Let's
definitely
talk
about
that
next
time,
please
and
okay,
so
we
have
five
minutes
left.
A
Let's
talk
so
the
release
plan
for
the
upcoming
two
weeks.
I
will
do
the
I
will
finalize
the
the
release
of
the
of
the
alpha
three
which
needed
some
like
the
pieces
I
needed
to
do
and
then
it
sounds
like
there's
a
proposal
for
alpha
four.
A
I
don't
know
if
someone
wants
to
volunteer
to
do
that
again
or
someone
wants
to
volunteer
a
big.
No
is
that
you're,
muted
cyprian
that
may
be
deliberate,
you're
swearing.
C
A
Don't
all
talk
at
once,
if
the?
If,
if
someone
is
keen
to
do
it,
then
please
contact
clipboard.
A
Okay,
thank
you
and
I
don't
think
we
need
any
other
releases.
As
far
as
I
know,
if
we
do
please
we
need
they
were
not
copied
from
last
time.
That's
my
mistake,
then,
okay,
so
we
need
a
like.
I
want
to
change
something.
A
Yes,
so
do
you
want?
Let
me
copy,
I
can
I
got
it.
Oh
sorry,
go
ahead,
you
go
ahead.
I
apologize
yeah.
Let
me
talk
a
little
bit
about
the
google
summer
code
and
add-ons
in
the
three
minutes
we
have
left.
Then,
if
that's
okay,
so
yeah,
so
we
samtoshi.
A
Oh,
yes,
the
time
zones
are
incompatible
but
has
done
amazing
work
in
google
summer
of
code
this
summer,
and
so
the
final
pieces
are
to
get
some
of
that
work
integrated
into
the
various
providers
like
a
lot
of
it
really
is
a
good
fit
for
for
cops
in
my
opinion-
and
I
want
to
give
a
big
shout
out
to
john
who's
done
excellent
work,
highlighting
the
places
where
it
might
not
be
the
perfect
fit
for
all
users,
and
I,
I
think
think
we
are
in
a
better
place.
A
Well,
we're
certainly
in
a
better
place.
I
think
we're
actually
in
a
good
place,
like
it
felt
like
on
the
more
recent
there's
still
stuff
to
do,
but
it
felt
like,
in
the
more
recent
reviews,
we've
like
sometimes
she's,
made
changes
to
split
out
our
back
permissions
in
a
good
way.
A
I
think
we're
talking
about
ways
to
basically
like
reduce
the
ability
of
the
operator
further,
possibly
in
a
way
that
is
like
applicable
to
more
than
just
more
than
just
add-on
operators,
but
in
general,
like
the
very
notions
of
kubernetes
security,
I'd,
say.
I
A
Terms
of
like
can
I
restrict
the
images
which
we
pull
or
which
I
run
in
my
cluster,
and
can
I
restrict
the
ability
of
users
to
use
service
accounts
that
happen
to
be
available
in
the
cluster
which
are
not
specific
to
add-ons,
but
are,
I
think,
add-ons
highlights
them?
I
would
ask
people
to
follow
john's
example
and
like
comment
on
the
not
only
on
the
code
but
on
the
structural
issues
as
well
of
the
of
the
of
the
well
there's
a
work
in
progress
pr
for
core
dns.
I
think
you
know
we.
F
A
A
I
mean,
I
think
I
think
the
the
one
I'm
definitely
aware
of
is
like
restricting
the
images
that
can
run
in
a
cluster.
I
don't
know
if
anyone
has
a
solution
for
that
that
they
are
running
today.
A
A
Cool
sorry,
I
was
just
yes,
I
was
just
yes.
I
thought
that
no
it's
fine!
I
was
just
your
pr.
The
cube
cuddle.
Yes,
the
general
authentication.
We've
definitely
done
a
lot
of
churn
on
that
and
like
looking
at
where
we
are
and
whether
whether
we
are
happy
to
proceed
with
it.
A
Okay,
well,
we
are
at
time,
if
there's
nothing
else,.
F
One
more
thing
very
briefly:
this
came
up
a
couple
times
during
this
meeting
about
time
zones.
I'm
wondering.
I
F
It
would
be
reasonable
to
consider
adjusting
or
adding
another
meeting,
that's
more
friendly
to
european
time
zones
if
anyone's
open
to
that.
A
An
additional
meeting
as
it
were
like
an
optional
one,
and
it
looks
like
I
think,
it's
a
great
thing
to
discuss.
Okay,
we
could
do
and
we
could
have
an
issue
and
we
could
try
to
policy.
People
would
show
up
or
we
could
do
a
doodle
poll,
which
sometimes
is
an
indication
of
whether
people
would
would
show
up.
A
I
I
worry
that
we
sort
of
split
people
and
like
people
would
have
to
show
up
to
both
anyway
type
thing,
so
it
doesn't
necessarily
actually
help
it's
sort
of
a
challenge,
but
it
would
be
nice
to
like
be
able
to
introduce
new
people,
there's
also
asia,
there's
europe
and
there's
asia,
and
I
feel
like
we
exclude
both
and
those
are
basically
incompatible
time
zones
with
each
other.
F
Go
ahead
I'll.
E
A
That's
a
good
point
that
country
goes
feedback
that,
yes,
the
this
it's
not
necessarily
particularly
particularly
friendly,
timely
time
hours
for
california,
either
or
west
coast,
either.
A
All
right,
and
so
peter
you're
gonna
open
an
issue.
You
said
okay,
yeah
and
we
can
do
some
sort
of
poll
or
something
it
sounds
like
that
might
be
you
because
it
might
be
surprising
with
everyone
sort
of
disrupted
globally
all
right.
Well,
if
there's
no,
the
final
call
for
items,
and
otherwise
we
will
call
time.