►
From YouTube: Kubernetes SIG Network Bi-Weekly Meeting 20200331
Description
Kubernetes SIG Network Bi-Weekly Meeting 20200331
A
This
is
the
kubernetes
sig
network
meeting
for
march
31st
2022..
I
forgot
to
ask
richard
or
tim:
do
you
have
any
triage
lined
up?
I
have
it
up
if
we
want
to
look
at
it.
B
Where
you
can
see
that,
yes,
all
right,
so
we
have
a
short
list
today,
went
through
them
before
thanks
everyone
who
joins
in
that
process.
B
It
sounds
like
starting
up
cube
proxy
on
windows
is
exceedingly
slow,
something
something
half
a
minute
per
service
uh-huh
I
had
dizzy
dan's
eyes
rolling.
I
had
the
same
reaction.
I
I
have
no
context
or
expertise
here
is
anybody
who
has
the
windows
side
of
things
on
mind
wants
to
sign
this.
B
B
D
B
This
one
cube
proxy
crash
lube
looks
like
it's
a
crash
in
ipvs
mode,
antonio,
it
wasn't
clear.
Are
you
saying
that
the
getting
rid
of
the
port
opener
code
fixes
the
bug
or
that
it
costs
yeah.
F
F
B
I
mean
I
I
can
approve
it,
I
just
don't.
It
wasn't
clear
to
me
that
this
is
the
fix
to
this
problem
yeah.
It
is.
F
B
Okay,
cool
well,
thankfully,
that
is
gone
all
right,
I'll
I'll
click
through
on
that,
after
listening
on,
udp
drops
everything
except
the
first
packet
antonio's
already
on
it.
B
G
B
E
E
So
if
it's
truly
one
way,
then
then
there
is
no,
I
mean
yeah
and
then
the
and
the
layer
will
have
to
flood
the
packet.
F
E
I
may
test
that's
just
one
way:
actually
that's
to
to
do
the
campaign,
but
I'll
have
to
check
how
many
packets
I
send.
Maybe
I
send
one.
F
B
E
E
H
H
If
something
wrong
with
with
my
system
or
if,
okay,
how
can
it
work?
Because
I
have
traffic
entering
on
one
node,
and
that
is
fine.
I
can
set
whatever
I
want,
but
the
port
is
on
another
node
and
if
I
set
drops
from
that
node
it
will
not
be
forwarded
to
the
pod.
Not
even
the
sin
for
tcp.
F
H
B
B
Why
we?
We
might,
we
might
turn
on
the
state
we
match
on
new
when
we
send
it
to
cube
services.
But
if
there's
no,
no
sorry,
that's
external
services
right
here
right,
but
there's
nothing
in
cube
services
that
says
allow,
and,
at
the
end
of
the
day,
the
forward
policy
is
dropped,
so
it
falls
out
the
bottom
and
gets
dropped.
B
F
B
B
F
F
I
F
B
B
G
H
D-Net
is
where
the
packets
enter,
but
I
have
problems
where
the
packets
end
up
in
the
node
that
doesn't
do
the
dna.
It
just
receives
something
because
it's
the
same
thing
but
more
clear,
because
you
have
no
traversing
in
dna
tables
at
all.
You
just
get
the
packet
that
should
be
routed
to
a
to
a
pod,
but
you.
B
I
think
that
is
the
real
answer
is
like
turning
it
onto
setting
it
to
drop
means.
You
have
to
add
rules
for
every
pod
in
the
allow
chain
right
see
what
docker
did
in
that
like
it's,
it's
a
problem,
okay
anyway,
this
is
on
antonio.
This
is
this
issue.
Let
me
know
if
you
want
cover
on
it
next,
so
we've
got
two
issues
that
are
opened
that
are
discussing
this
destination
versus
source
model
and
how
we
route
stuff.
B
So
in
the
last
days
of
code
freeze
between
dan
and
andrew,
and
I
we
basically
rewrote
that
entire
section
of
logic
in
cube
proxy,
I
think
at
least
in
the
in
the
ip
tables
mode
I
haven't
confirmed
in
ipvs
mode.
I
think
we've
now
implemented
the
destination
model.
Is
that
right?
Dan?
B
I
B
This
one
was
this
is
about
sctp,
so
we
need
to
figure
out
whether
we
should
be
flushing
that,
but
I
think
we
can
also
close
this
one.
I
B
Not
a
bug
right
well,
actually,
it'll
work
now,
because
it'll
jump
to
the
external
chain.
No,
because
he's
talking
about
ascending
to
a
node
port
on
another
node,
oh
okay,
I
missed
that
part
all
right,
so
I'll
revisit
this
one
and
see
if
we
can
close
it
and
there
was
another
one.
I
No,
no,
I
mean
it.
We
already
have
testing
of
that.
It's
just
that
then,
okay,
he
was
suggesting
the
existing
behavior
was
wrong
and
we
were
deciding
no.
It
is
not.
B
Right
and
sorry
there's
this
one
also
which
isn't
for
triage,
but
can
we
close
this
now.
I
Or,
should
we
write
a
doc
on
this
scroll
down
to
the
bottom
there?
Oh
actually,
I
do
still
have
to
update
the
docs.
I
started
updating
the
the
api
docs
and
was
so
I'll
submit
a
pr.
B
Okay,
so
this
is
the
follow-up.
Here
is
docs
awesome
cool.
That's
all
the
issues
that
we
had
for
triage.
B
If
it's
cool,
let
me
stop
share
and
if
it's
okay,
I
would
like
to
run
through
the
kepboard
and
see
what
we
can
move
between
columns,
because
that's
kind
of
a
celebration.
F
B
What
is
the
logic
for
why
we
copy
them
to
each
other
or
no
well?
Why
why
it
fails?
I
mean
where
is
the
program
I
the
problem?
The
problem
is
deep
down
in
cubelet,
which
reads
from
the
api
server
an
object
that
has
host
ips
set
and
then
it
rebuilds
status
and
doesn't
set
host
ips,
and
so
it
starts
throwing
errors
that
the
object
in
the
cache
doesn't
match
the
object
that
it's
trying
to
write
and
and.
F
B
This
is
this
a
debug
yeah.
This
is
why
the
the
host
ips
downward
api
bug
that
one
got
or
that
pr
got
reverted,
because
it
was
a
huge
blow
up.
F
B
Okay,
well,
let's
let's
look
at
this,
then,
let's
start
from
the
current,
so
did
anything
graduate
and
get
the
gate
removed.
I
don't
think
so
right,
nothing
24.
great
things
that
move
from
beta
to
ga
anything
service,
type,
load,
balancer
class
andrew
did
that
move
is
andrew
here.
K
B
B
Oh,
I
already
moved
this
one
I
started
doing
this
this
morning
and
then
I
thought,
oh,
I
should
do
it
on
the
call.
Antonio's
pr
to
reserve
static
ranges
for
or
reserve
ips
for
static
allocations
went
alpha.
Yay
network
policy
status
also
got
merged
right
ricardo.
B
Yes,
right
all
right,
congratulations!
Yeah
thanks,
that's
fun
and
and
proxy
terminating
endpoints.
It
was
already
alpha.
We
left
it
alpha
right,
andrew,
but
now
it
applies
to
both
internal
and
external.
B
And
didn't
touch
this
mixed
protocol.
L
I
just
looked
at
that
one,
that's
on
me.
Apparently
there
was
up
here
I
needed
to
put
in.
I
just
have
to
go
figure
out
what
it
is.
I
guess
I
was
focused
on
docs
and
I
wasn't
focused
on
even
though
there's
no
code
changes,
I
guess
we
have
to
go
change
it
somewhere
to
say
data
instead
of
alpha,
so
they
don't.
B
B
It
happens,
grpc
did
did
that
move
forward
is
bowie.
J
B
All
right
and
things
that
moved
into
alpha
this
cycle
admin
network
policy.
Well
that's
out
of
tree,
so
that
got
postponed
yeah.
The.
G
Tag
got
dropped
from
that
issue.
I
I
commented
on
the
issue
and
they
still
dropped
it,
but
I
think
that
makes
sense
right.
It's
not.
G
Dan
has
been
helping
and
casey
gave
a
good
review,
so
we
got
some
reviews,
we're
eagerly
awaiting
your
point
of
view.
B
Oh
boy,
all
right
what
else
node
ipam
to
support
multiple
cluster
sizers,
so
the
api
part
of
this
went
in,
but
not
the
implementation,
part
of
it
and
ordinarily.
We
wouldn't
do
that,
but
antonio
suggested,
and
he
was
right.
We
can
build
the
external
implementation
for
this
and
prove
that
out
with
the
api
built
in,
so
I'm
going
to
move
that
into
alpha,
because
it
is
congratulations
to
the
folks
who
worked
on
that.
B
I
F
B
I'll
I'll
do
it
if
I
have
to,
but
I
can
also
shake
the
tree
from
the
other
side.
I
mean
you,
can
you
can
you
can
shake
dave,
edes
right
and
I
can
just.
I
I
tried,
I
think
everyone
was
busy
so
I'll.
B
I
B
Let's
handshake
pinky
swear
that
this
one
goes
in
25.
M
Yeah,
I
I
have
just
added
a
comment
that
the
metadata.name
thing
that
we
added
for
namespace
selector.
There
is
no
featured
date
on
that.
So
probably
you
can
just
move
away.
M
A
There's
a
there's,
nothing
else
on
the
agenda
unless
bridget
wanted
to
move
her
item
back
to
this
week,.
L
L
Basically,
I
want
to
make
sure-
and
I
know
it's
not
getting
obvious-
it's
not
getting
into
this
kubernetes
release,
but
I
want
to
make
sure
that
everyone
gets
the
chance
to
comment
on
this,
just
because
this
is
one
from
the
cloud
provider
meeting
that
they
were
like
signatures
to
weigh
in
on
this
yeah,
and
I'm
not
sure
if
everybody
has
gotten
a
chance
to
look
at
it
yet
so.
L
So
this
is
the
one
that,
after
we
discussed
it
in
cloud
provider,
then
the
question
was
like:
oh
should
we
be
talking
about
this?
You
know
like
this.
Is
I
think
andrew
psycham
said.
Maybe
we
should
discuss
this
insig
network
if
it
touches
any
of
the
things
that
they're
discussing
and
if
we
think
it
does
not,
then
that's
fine,
but
I
wanted
to
make
sure
we
had
a
chance
to
weigh
in
on
it
this
route
controller,
updating
routes
with
when
the
node
ips
change.
B
B
I
had
one
question
I
wanted
to
ask
the
group
see
if
anybody
knows
the
answer
to,
because
I
raised
this
in
one
of
the
code
reviews,
but
I
could
not,
for
the
life
of
me
find
an
answer
on
the
internet.
B
B
I
B
B
B
B
I
Yeah,
I
did
everything
except
the
writing
functions
to
parse
the
the
regular
expressions
thing,
because,
like
each
time,
I
thought
about
it.
You
know,
if
we're
going
to
do
this,
like
it's
not
at
all
specific
to
the
unit
test.
We
just
want
to
have
like
a
general
like
you
know,
we
would
want
to
be
doing
this
everywhere.
Right.
I
B
It
more
I've
got
it
open
here.
I've
got
a
bunch
of
meetings
today
and
tomorrow,
but
I'll
get
back
to
it
next
week.