►
From YouTube: Network Policy API Bi-Weekly Meeting for 20220523
Description
Network Policy API Bi-Weekly Meeting for 20220523
A
Awesome,
hey
everyone
today
is:
may
23rd
2022..
This
is
a
meeting
of
the
sig
network
policy,
api
subgroup
district
network.
This
is
a
cncf
certified.
B
A
A
I
can
share
my
screen
when
I
talk
about
this
and
so
not
too
much
happened,
but
the
updates
should
be
good
to
go
there,
barring
anything,
I
missed
so
that
api
that
pr
is
just
looking
for
reviews.
I
also
updated
the
started
updating
the
cap
and
response
to
these
api
changes.
Specifically,
I
only
updated
the
sample
yamls.
A
So
folks
could
have
a
look
at
kind
of
what
the
api
changes
have
done
in
terms
of
readability
on.
My
to-do
list
is
to
make
more
sample
yammels.
These
were
just
for
the
use
cases
we
specified
originally
in
the
cap,
so
it
won't
hurt
to
have
more
so
yeah.
Otherwise
I
don't
have
too
much
more
to
talk
about
today.
Do
folks
have
other
things
to
bring
up
discuss
over
here.
B
So
I
was
going
to
bring
up.
I
mentioned
this
to
you
on
slack,
so
I'm
probably
going
to
start
a
project
to
try
to
implement
admin
network
policy
in
evpf
in
a
way
that
should
be
pluggable
into
or
ideally
will
be
pluggable
into
any
network
plug-in
so
that
we
can
just
put
this
out
there
and
everybody
can
start
trying
out
admin
network
policy
right
away.
B
Catch
being
that
I
realized
pass
actually
or
or
rather
allow
actually
makes
things
complicated,
because
I've
been
thinking
that
that
there
were
only
two
possibilities
either
either
it
allows
the
traffic
through
or
it
doesn't.
But
in
fact
there
are
three
possibilities:
it
either
forcibly
allows
it
drops
it
or
passes
it
to
network
policy.
B
B
It
has
to
happen
in
the
right
place
because,
because
policy
has
been
after
service
proxy
right,
if
we
didn't
have
to
deal
with
the
three-way
verdict,
you
could
do
it
all
on
ingress
into
the
the
v
device
right,
but
because
you
have
to
deal
with
forcible,
allow
you
you
can't
do
that
because
the
network,
you
know
the
regular
level
network
policy-
might
have
already
rejected
it
at
that
point.
So
you
need
to
get
part
of
it
in
before
the
plug-in.
A
B
Probably
both
I
mean,
I
guess
you
know
cygnet
I'll
I'll
mention
it,
but
then
I
guess
after
that
it
would
mostly
be
with
this
group
great
and
and
if,
if
people
are
interested
in
helping
like
we're,
not
really
at
the
point
where
we've
started
so.
B
Help
yet,
but
but
if
people
do
want
to
help,
then
then
that
will
be
cool.
I
don't
know
exactly
where
it's
it's
going
to
happen
quite
yet
I
guess
maybe
we
could
put
it
in
the
the
the.
D
So
dan
quick
question,
so
is
it
going
to
be
part
of
a
cni
binary
or
like
like
how
does
it
get
deployed
on
accumulated.
B
So
yeah,
this
is
what
I
was
just
saying
about
running
into
a
problem
with
the
three-way
verdict.
I
had
thought
that
that
we
could
provide
it
as
two
different
ways,
one
as
an
iptables
rule
that
you
can
call
because
iptables
actually
lets
you
call
out
to
an
ebpf
program.
So
you
could
just
have
the
network
plugin
insert
a
rule
in
the
right
place
to
call
out
this
ebpf
program
and
do
the
right
thing
and
that's
still
possible.
We'll
just
have
to
have
two
ebpf
programs,
one
that
returns
true.
B
If
it
should
be
forcibly
accepted,
one
that
returns
true
if
it
should
be
forcibly
dropped
and
then,
if
they
both
return
false
you
let
it
go
through
network
policy
and
then
for
for
plugins,
where
packets
don't
go
through
network,
follow
or
don't
go
through
ip
tables.
B
I
have
to
figure
out
a
new
approach
to
deal
with
the
the
force
exam,
but
the
idea
is
that
it
would
be
something
that
would
not
be
difficult
to
install
on
top
of
your
your
network
plug-in
it
would
not.
I
actually
had
been
thinking
before
that.
I
could
do
it
as
a
chained,
cni
plug-in,
and
I
don't
know
if
that
is
still
gonna
work.
That's.
B
The
problem
being
that
just
attaching
to
the
pair
is
not
enough
yeah,
it
needs
to
go
somewhere
else,
so
it's
possible
that
we
won't
be
able
to
do
this
entirely
independent
and
it
will
be
more
just
you
know.
We
provide
this
90
of
an
implementation
which
c
cni
authors
can
then
do
the
remaining
10
percent,
and
you
know-
and
presumably
some
of
them
will
eventually
be
like
no.
I
want
to
implement
this
all
in
ip
tables,
rules
or
obs
photos
or
whatever,
and
that's
fine.
D
B
A
Yeah
and
it's
day
one
it's
ideation
stage,
so
I
think
there's
still
a
long
way
to
go.
It's
a
cool
idea,
though,
and
I
think
it
would
help
spread
awareness
for
amp.
You
know
as
well,
which
is
exciting
for
me.
D
A
A
Cool
yeah,
so
next
steps,
please
please
just
go.
Look
at
the
api,
give
it
a
review,
we're
coming
down
to
the
to
the
home
run
of
merging,
at
least
the
first
iteration
to
where
we
can
start
moving
forward
with
it,
so
that's
kind
of
where
we're
at
otherwise.
I
don't
think
there's
any
other
action
items.
Updating
the
cap
is
one
I've
started
it
like,
I
said,
but
if
folks
want
to
help
out,
they
want
to
contribute
a
little
bit
here,
feel
free
to
reach
out
to
me,
I'm
happy
to
pass
that
baton.
C
Yeah
I'll
definitely
take
a
look
at
the
the
api
changes.
Pr
and
you're
you're
saying
that
that
one
was
supposed
to
be
updating
the
cap,
but
only
the
api
changes
right,
so
we
probably
needed
something
else
to
you
know
maybe
change
narratives
in
the
p
cap
so
that
it
corresponds
to
the
api
types
a
little
bit
more.
E
C
Yeah
yeah
sure
I'll
first
take
a
look
and
see
if
I
have
time
to
add
to
it
as
well.
I
think
I
should
have
some
time
this
week
to
do
that.
So
you
can.
You
can
maybe
assign
me
on
that
yeah
and,
on
the
other
hand,
I'm
still
struggling
to
find
myself
get
past
that
that
check,
because
you're
trying
to
assign
me
the
thing.
B
C
I
I
figured
it
might
be
because
I'm
already
a
member,
but
the
thing
is,
I
might
have
not
opened
apr
in
that
specific
repo
which
is
merged.
So
essentially
I
happen
to
quote-unquote
and
contributed
to
the
repo
even.
C
Opened
a
couple
of
pr's
for
the
user
stories,
but
essentially
you
know
at
the
end
of
the
day
it
got
superseded
by
you
know
a
huge
p
pr,
so
I
haven't
really
been
merged
any
epr's
to
that
project.
Yet
that's
probably
why
I
cannot
be
a
administrator.
D
A
A
I
don't
know
if
he
wants
to
be
an
owner
of
this
anymore,
but
it
might
make
sense
to
take
him
off.
Put
you
on.
C
Honestly,
I
don't
think
he
I
think
I
talked
to
him
honestly.
I
don't
think
you
would
have
time
to
contribute
to
this
anymore.
So,
okay,.
E
A
A
B
A
Cool
and
so
yang,
do
you
want
to
update
your
pr
to
also
remove
average
check
and
just
tag
him
and
ask
him
if
this
is
all
right?
I
mean
I
obviously
don't
want
to
just
rip
him
out,
but
oh.
E
Move
to
emeritus
so
at
least
it
stays
there
and
people
doesn't
be
like
properly
remove
it.
I
can.
I
can
help
you
on
that
as
well.
Folks,
that's
fine.
A
Yeah
and
that
kind
of
leads
me
to
another
kind
of
bureaucracy.
Point
ricardo
abhishek
actually
owns
the
issue
for
this.
For
the
cap
and
the
I
guess,
the
admin,
the
api
pr
is
there
a
way
to
transfer
ownership
of
that
issue,
or
should
I
like
ask
him
to
do
something
like
that,
because
it's
just
it's
kind
of
tricky,
because
I
can't
update
the
actual
issue
with
like
the
pr
for
the
api,
etc,
etc.
E
A
E
If
you
need
to
edit
something
the
issue
you
can't
just
the
owner
of
the
issue
and
the
owner
of
the
repo
you
can,
you
can
retitle
only
and
and
if
he
gives
you
access
to
his
own
repo,
you
can
change
stuff,
but
you
cannot.
You
cannot
change
the
issue.
Description.
A
Okay
sounds
good,
it's
all
good.
It
hasn't
had.
A
I
just
haven't
been
able
to
update
the
issue
with
like
up-to-date
information
and.
C
Finally,
I
think
a
question
regarding
the
api
itself.
I
know
it's
been
a
while,
but
I
don't
remember
what
was
the
final
decision
on
whether
we
wanted
to
have
a
ip
block
for
egress?
For
for
this
particular
first
version,
did
we
agree
on
not
having
that
and
still
making
the
acmp
cluster
in
cluster
scoped?
A
So
the
final
kind
of
idea,
I
think,
yeah
tim
kind
of
put
a
comment
we
basically
as
of
today,
we're
going
to
leave
it,
as
is.
B
A
And
you
know
quite
a
while
open
but
yeah
we're
tracking
that
in
issue
28,
which
is
also
mentioned
on
the
kep
pr
as
well
or
sorry,
on
the
api.
Pr
as
well
gotcha,
so
we'll
keep
keep
tracking
it
there,
because
we
don't
want
to
close
that
discussion
for
sure.
A
Great
is
there
anything
else
folks
would
like
to
discuss
today.
A
Going
once
going
twice
sold,
I'm
really
hoping
to
by
our
next
meeting
to
have
this
merged
if
there's
no
further
discussion,
so
any
help
in
that
would
be
awesome,
but
yeah!
That's
where
we're
at
thanks
for
stopping
by
today,
thanks
for
having
a
quick
meeting
and
appreciate
all
y'all's
help
per
usual,
so
have
a
good
one!
We'll
talk
to
you
later.