►
Description
[SIG-Network] Ingress NGINX Bi-Weekly Meeting for 20200329
A
Hello,
everyone-
this
is
the
ingress
engine
x,
sub
project
for
networking.
Sorry
today
is
march
29th
and
we're
going
to
go
ahead
and
get
started.
Remember
that
this
is
a
cncf
sanctioned
meeting,
and
that
means
it
is
subject
to
the
code
of
conduct,
which
means
be
awesome
to
each
other,
be
kind.
If
you
have
any
issues,
please
report
those
to
myself
or
to
the
cncf.
A
With
that
we'll
go
ahead
and
get
started,
we're
gonna,
it's
gonna,
be
a
little
light
today.
As
far
as
attendance
is
concerned,
some
folks
are
not
available,
so
we're
gonna
go
ahead
and
go
through
some
of
the
issues
that
noah
so
nicely
put
together
for
us
work
through
some
of
the
triage,
but
probably
going
to
cut
a
little
short
today,
so
that
aditha
and
myself
can
work
through
some
of
the
end
in
testing.
A
A
We,
when
we
start
looking
at
the
the
follow-up
and
triage
issues,
the
lib
xml
vulnerability,
there's
an
ssl
vulnerability,
ssl
and
open
ssl
vulnerability.
I
think
there
was
a
new
one
from
zlib
that
just
came
out
that
just
got
patched
so
fortunately,
all
of
those
are
patched
they're,
just
not
passing
it
and
testing.
So
that's!
A
I
know
those
are
there,
so
that's
always
fun.
I
don't
carol.
This
might
be
helpful
from
just
a
see
what
nginx
is
thinking
about
with
this
issue
from
the
ingress
class
perspective,
I
don't
know
how
they've
implemented
it,
but
it
looks
like
from
backwards
compatibility.
A
The
annotation
should
take
priority
and
I
guess
we
flipped
it.
That
might
have
just
been
a
miscommunication,
so
I
was
just
wondering
if
we
could
have
that
conversation,
maybe
not
now,
but
have
that
conversation
with
damian
and
team
we've
got
the
hack
md
through
there.
We
probably
just
need
to
get
someone
assigned
to
it,
but
we
continue
to
have
that
discussion.
Could
you
have
him?
Maybe
review
that
doc
for
us
and
see
you
and
put
his.
A
If
I
don't
do
it
now,
I'll
probably
won't
get
done
there,
you
go
that'd,
be
great
thankful.
Thank
you.
That'll
be
helpful
to
get
their
opinions
here
on
it.
So
is
that
the
reload
question,
I
don't
remember
this
one.
A
B
Just
fyi,
I
don't
think
you're
sharing
your
right
screen.
We
can
see
like
some
iptable
comments.
A
So
I
was
I'm
I'm
studying
for
clustered
on
thursdays.
I'm
making
sure
that
I
had
my
ip
tables
rules
down.
Let
me
go
ahead
and
switch
my
screen.
Thank
you.
I
had
my
I
have.
I
have
too
many
screens.
A
A
Think
right
now
we
might
have
pressing
matters
in
this
one.
I
think
that
was
the
same
distinction
we
had
last
week
between
the
ingress
class,
api
gateway
and
now
all
of
the
cds,
with
the
base
images.
This
is
probably
from
a
feature
perspective.
This
might
be
pretty
low
down
on
the
list.
A
Can
you
guys
see
it?
Can
you
guys
see
the
right
screen
now?
You
should
be
seeing
today's
meeting.
Okay
awesome!
Thank
you
so
that
one
I
think
this
is
the
conversation
we
were
having
in
slack
earlier,
as
well
as
the
keep
a
life
support
for
auth
requests.
I
just
need
to
schedule
time
for
it
again
new
feature.
A
We've
got
the
the
same
same
kind
of
thing,
so
I
hate
I
hate
to
block
these,
but
I
I
think
right
now,
vulnerabilities
in
the
current
version
take
precedence
over
a
new
version
and
I
don't
think
anyone
would
disagree
and
if
they
would,
I
hope
they
would
join
this
and
challenge
that
that
thoughts.
B
A
A
Ariza
you
want
to
talk
about
this.
One.
B
I'm
mostly
looking
for
some
preliminary
feedback,
no
one's,
taking
a
look
at
it,
just
hoping
to
get
someone's
attention,
but
may
not
be
the
best
of
times
right
now,
but
essentially
there's.
There
was
an
issue
that
was
raised
where,
if
you
had
an
upstream
that
was
used
in
both
secondary
and
the
non-canary
ingress,
the
upstream
was
only
available
through
the
canary.
B
Yes,
so
the
pr
is
basically
creating
two
objects
now
internally,
one
for
the
canary
and
one
for
non-canary,
so
you
can
have
like
a
separation
and
then
only
the
canary
ones
can
merge
with
the
others
to
form
the
traffic
splitting
policy.
B
B
That's
okay.
I
posted
this
on
slack
also
and
I'll
see
if
I
can
type
ricardo
or
someone
else
to
just
give
me
like
a
thumbs
up.
A
Yeah-
and
I
know
ricardo
just
had
a
big,
a
huge
change
that
he
pushed
into
cube
networking,
and
that
was
mostly
what
he
was
focusing
on,
so
he
might
time
might
have
freed
up
for
him
now.
Besides
the
the
fact
that
he's
not
on
his
day
job's
taking
up
so
he
he
might
have
some
time
opening
up
with
that,
let's
go
ahead
and
look
at
some
of
the
older
ones.
Well,
that
one's
looking
up
from
ricardo,
please
clarify
you
want
to
do
this
or
not,
which
one
is
this
one?
A
B
A
Unfortunately,
I
think
I
feel
like
hunting
this
one
down
the
road
as
well.
I
know
the
documentation,
both
from
the
ingress
class
and
stuff
like
this
little
older
things
need
to
be
updated.
B
You
can
assign
it
to
me
I'll.
Take
a
look
once
I
get
something:
okay,.
A
Alrighty,
it's
some
of
the
older
stuff.
That's
already
signed
out
to
me
that
one's
a
much
bigger
issue
that
I'll
go
from
there
see
if
there's
anything.
I
know
I
saw
that
I
think
we
were
up
to
like
last
time
I
saw
it
was
like
270,
so
I
was
gonna
go
ahead
and
walk
through
about
ten
five
ten
minutes
of
issue
triage
sound
good
folks,
yep
all
righty
support
extra
invoice,
job
resources
and
help
chart.
That
sounds
like
a
good
first
issue.
B
A
A
A
A
A
You
know
I
just
wrote
it,
you
think
I
would
would
have
remembered
it.
A
Looks
like
it's
been
there
for
a
minute,
oh
and
it's
got
all
those
I'll
go
ahead
and
I'll
sign
it
to
myself
and
look
at
this
one,
because
if
they've
got
they
got
prs
and
they've
got.
A
A
B
A
A
All
right
folks,
I
I
think
we're
gonna
go
ahead
and
drop
and
call
this
one
early.
Instead
of
watching
me
triage.
I
should
use
myself.
We've
got
a
couple
already
and
aditha
and
I
are
gonna
look
at
the
end:
intestines
try
to
figure
out
why
we
can't
get
alpine
upgraded
to
314,
four
or
five
or
even
get
315
running.
So
thanks
for
joining
thanks
for
listening
and
we'll
talk
to
you
all
in
a
couple
weeks,.