►
From YouTube: Kubernetes SIG network meeting, 2019-11-14
Description
Kubernetes SIG network meeting 2019-11-14
D
Are
we
live
here?
I
love
that
idea,
especially
the
PR
backlog.
We
the
project
overall
accumulates
about
what
is
it
a
hundred
PR
is
into
our
backlog,
every
new
release,
so
every
like
consistently
every
release.
We
just
go
up
by
about
a
hundred
years,
so
we
should
try
to
make
me
burn
through
those
that'd.
Be
wonderful,
wonderful
thing
to
start
triaging
Dan.
Are
you
volunteering.
B
A
D
B
D
B
Alright,
so
this
should
be
signo
to
only
correct.
Yes,
I'll
come
back
to
this
one
and
pull
other
SIG's
off
of
it
and
remove
the
triage.
That's
every
everything
they
could
think
of
yeah.
Okay,
all
right
external
traffic
policy,
local,
doesn't
work
when
the
firewall
is
running
firewall,
firewall
D
is
running,
I
I,
don't
think
anyone
has
looked
at
this
yet.
B
B
D
D
G
Yeah,
so
we
also
we
pass
annotations
down
to
the
runtimes
and
it's
sort
of
up
to
the
runtime
itself
to
figure
out
what
to
do
with
that.
So
it's
like
this
could
be
hooked
up
to
C
and
I,
but
you'd
have
to
standardize
like
Tim
said
that
prefix
or
something
like
that,
like
the
pieces,
are
mostly
there.
But
it's
more
of
a
political
question,
not
a
technical
question.
How
far
we
want
to
go
in
kind
of
having
a
pass
through
essentially
into
the
network.
Plugins.
G
To
this
one
yeah
I'm
not
sure
what
you
just
said
but
tightened
it
up
sure
I'm
not
sure
how
much
that's
gonna
help,
though,
because
it's
more
about,
like
you
know,
if
somebody
wants
to
try
to
propose
standardizing
this
stuff,
you
know
I,
guess
they
could
bring
it
to
the
sig
and
talk
about
it,
but
I
feel
like
we've
talked
about
it
before,
and
we've
kind
of
punted
it
outside
of
cube.
Well,.
G
H
G
H
G
C
J
K
B
G
G
K
D
I
A
B
M
E
F
B
J
D
M
B
B
C
A
A
F
Sure
I
think
I
wrote
it
so
I'm
trying
to
remember.
Thank
you
what
I
said
yeah.
So
my
biggest
question
is,
if
there's
a
node
that
has
one
v4
internal
IP
in
one
v6
internal
IP.
What
is
the
mechanism
that
we're
using
to
let
a
user
pick
which
one
is
preferred
for
you
know
generic
couplet
couplet
actions
like
giving
vlogs
or
download
API
things
like
that?
Should
it
just
be
the
first
IP
that
the
cloud
provider
sets
or
do
we
want
some
other
way
to
for
you
to
specify
which
one
I'm.
C
So
so
I
responded
to
this
with
right.
Now
we
always
take
the
first
ipv4
IP,
either
that
the
cloud
provider
returns
or
that
we
find
on
a
network
interface,
and
it
turns
out
it's
pretty
simple.
If
you
just
change
cubelet
to
allow
you
to
say,
node,
IP,
:,
:,
meaning
the
unspecified
ipv6
address,
then
we
can
have
it
pick
the
default.
The
first
cloud
ipv6
address
where
you
first
ipv6
address,
found
on
an
interface
and
it's
a
pretty
small
patch
and
seemed
like
maybe.
G
G
Mean
part
of
what
dancing
is
that?
Just
because
you
have
a
node
with
v4
addresses
does
not
mean
that
you
to
necessarily
run
v4.
It
may
be
the
case
that
you
want
to
run
v6
single
stack
in
a
setup
where
a
nodes
have
both
v4
and
v6
connectivity,
but
you
effectively
want
to
ignore
v4
connectivity
and
that
currently
doesn't
work.
C
And
that's
what
got
me
started
working
on
this,
although
it
does
help
with
the
case
of
somebody
who
has
a
dual
stack
cluster
or
wants
to
prefer
the
ipv6
addresses
as
well.
Yep
I'm,
probably
going
to
file
a
PR
with
the
patch
linked
from
there
soon.
So,
if
people
can
be
watching
out
for
that,
we
can
discuss
it
there
or
if
people
have
comments
now
or
to
think
it's
terrible
and
want
to
stop
me
before
I
file.
It
I.
L
L
The
publish
publish
address
of
API
servers,
still
single
stack,
I
know
it's
somehow
not
exactly
the
topic
of
transfer
for,
but
it
is
related.
So
in
a
lot
of
ways,
we've
never
we've
never
sat
down
and
said:
look
the
cluster
has
an
infrastructure
bank
owned
communication,
that's
happening
somewhere
between
API
server,
nodes,
nodes,
an
API
server
right
and
the
way
everything
is
configured
right.
Now
it's
discretely
configured.
L
You
can
configure
this
one
way
and
then
the
other
thing
is
one
another
way
and
so
on,
and
even
our
dogs
doesn't
talk
about
these
things
explicitly
like
hey.
The
infrastructure
connections
needed
by
your
cluster
is
gonna,
be
explicitly
described
as
whatever
in
node
object
or
whatever
an
API
server
configuration.
We
don't
do
that,
so
my
vote
is
I
think
we
should
do
what
you
then
wants
to
do
alright
and
then
we
need
to
take
a
take
some
and
think
about
this
entire
infrastructure
connection
or
whatever
we're
gonna
call
it
it.
L
Just
some
sick
total
users
yeah
well,
the
thing
would
be
configured
that
way,
no
matter
how
good
and
then
you'd
have
control
over,
you
will
have
control
over
IPS
or
whatever
published,
IPS
or
families
and
so
on.
So
that's
that's
my
goal,
but
that
will
of
course,
I'm
thinking
not
something
I
have
from
top
of
my
head
right
now.
F
C
L
L
N
Can
you
hear
me
I?
Can
yes
now
the
thinnest?
We
have
this
issue
with
with
Quran
and
a
twist
I.
Don't
remember
this.
The
problem
is
just
not
with
the
when
you
bind
and
go
binds
for
a
bill
for,
and
the
other
problem
is
with
the
DNS
go.
Ron
yeah
falls
back
to
IP
before
for
all
the
miserable
addresses.
So
that's
the
problem
here
is
is
that
it's
just
not
a
matter
of
changing
changes.
N
N
L
F
E
So
the
captive
dealer
for
the
camp
is
out
I,
think
Korra
okay
to
test
today.
I
just
want
to
bring
it
up
and
if
you
want
to
discuss
the
details
here,
but
if
he
is
hoping
we
can
start
the
discussion
on
the
PR
and
get
to
some
sort
of
approval.
So
I
did
leave
the
implementation
section
a
little
bit
open
because
it's
still
not
marked
as
implementable
I
just
wanted
to
see.
E
If
you
have
consists
in
the
direction
and
then
get
that
very
straight
and
I
can
follow
up
for
the
actual
implementation
section,
because
just
adding
three
flags
and
then
the
question
is
since
we're
just
adding
Flags.
So
we
have
to
go
through
an
alpha
which
a
gate
or
something
or
can
we
just
and
the
flags
right
because
often.
E
A
Q
As
everybody
knows,
and
probably
doesn't
like
to
admit,
it's
code
for
you
today
for
117,
so
I
thought
I
would
just
go
through
the
four
PRS
we
put
forth
for
117
and
make
a
decision
on
if
we
want
to
go
for
any
and
get
emerged
or
if
we
want
to
just
let
them
lapse
and
I'll.
Let
the
release
team
know
so
I'll,
just
pop
the
hood.
This
shouldn't
take
too
long
I.
Q
Q
It
looks
like
it
needs
a
rebase
and
hasn't
been
touched
since
October
13th,
where
Antonio
was
calling
out,
can
we
take
a
look
I,
don't
know
this
is
probably
the
biggest
of
the
PRS
that
we
have
do
you
think
we
want
to
go
for
getting
this
through
I,
don't
is
Valerie
on
the
call,
so
I
think
I
could
follow
up
with
Valerie
and
see
if
this
is
actually
ready.
Xin
I
think
we
need
a
rebase
on
the
meta
proxy
abut.
Do
you
think
we
should
try
and
get
this
through?
D
L
L
Q
O
Q
Q
Q
Anish
has
responded
to
that.
It
has
an
LG
TM.
It's
looking
for
approval
and
I
think
this
souls
Etsy
hosts
and
down
what
API
to
grab
to
publish
a
list
of
IP
addresses
my
pod
IPS.
So
this
will
give
you
if
you
require
either
down
with
API
for
status
pot,
ip's
you'll
get
a
list
of
IP
addresses
and
we'll
also
go
and
throw
the
the
address
in
there
in
Etsy
host
in
the
pod.
Q
D
O
Q
Q
Q
Q
Q
Q
L
L
D
Q
D
C
C
D
C
N
D
N
D
C
L
L
D
C
D
D
D
D
A
C
I
just
figured
there
should
be
something
on
the
agenda
in
case
there
was
anything
that
we
wanted
to
discuss
before
cute
gun.
It's
I
mean.
Usually
we
do
a
bunch,
but
I
don't
know
if
it's
too
late
to
plan
that
at
this
point
or
if
people
are
busy
with
other
things,
I
know
I
have
more
and
more
non
cute
cotton
sorts
of
meeting
things
going
on
yeah.
D
C
N
L
D
Yeah
my
calendars
filled
mostly
with
customer
meetings
and
stuff,
but
I
Thursday.
Basically,
Thursday
I
have
thing
fixed
on
the
calendar,
except
for
signet
intro
deep-dive,
something
about
ingress
following
up
on
that
proposal
and
then
nothing
so
anybody's
gonna
be
around
Thursday.
Maybe
we
could
do
that.
D
D
I
know
the
San
Diego
commit
dissenters
like
a
mile
across
so
like,
instead
of
picking
a
room
at
random.
Let's
say
wherever
this
Signet
deep
dive
meeting
was
whatever
room
is
assigned
for
that.
That's
where
we
meet
two
o'clock
Thursday.
Yes,
all
right
sounds
good.
No
agenda,
we're
just
gonna
talk,
I.
B
Think
that
transitions
into
my
thing
pretty
easily,
which
is
what
is
it
12
25
to
125
ingress
next-gen
discussion
for
anyone
who's
interested?
So
that's
a
Tuesday
I
had
the
googles
community
lounge
I
think
is
what
it's
called
I
don't
know,
but
I
sent
an
email
out
it's
in
slack
and
it's
on
the
agenda
so.
N
B
Know
it's
only
metal
products
here,
but
now
that
we
made
a
change
in
this
1.17
release
where,
instead
of
just
an
IP
address
type
for
endpoint
slices,
we
have
5
GB
for
and
ipv6
address
types,
and
so
it's
actually
it's
really
easy
to
integrate
with
meta
proxy
err
and
COO
proxy
in
general
yeah.
So
there's
1,
PR
I
think
locky
just
linked
it
in
chat
that
implements
it.
Okay,.