►
From YouTube: SIG Cluster Lifecycle 2022-09-06
A
A
So
the
tldr
of
this
is
that
we
at
some
point
I
think
three
years
ago
or
something
like
that.
We
were
discussing
the
like:
enhancing
the
cuba
dm
experience
to
have
like
a
kubernetes
operator
of
something
that
manages
day.
Two
operations
and
fabricio
created
a
prototype
for
this
and
it
used
to
live
in
the
cuban
repository.
A
But
we
didn't
agree
on
the
design,
especially
tim
sinclair,
had
some
comments
and
I'm
going
to
elaborate
more
later,
but
eventually
fabricio
didn't
have
the
time
to
complete
this
prototype
and
basically
the
work
installed
and
we
removed
the
operator
code
from
the
kubernetes.
A
And
now
this
is
paco.
Who
is
a
cuban
contributor?
A
very
active
one,
paco
is,
has
decided
to
take
the
richest
prototype
and
potentially
take
over
the
work,
and
he
wanted
some
feedback.
So
he
posted
this
like
a
discussion
topic
on
the
seed
mailing
list
and
we
went
somewhere
back
and
forth.
A
Basically,
what
this
operator
is
doing
like
what
can
be
used
for
and
some
quest
api
topics
also
emerged
like
can
this
be
used
with
quest
api,
and
we
also
brought
people
like
fabricio
and
stefan
from
the
coastal
repair
project,
to
comment.
A
Yeah,
so
something
that
tim
sinclair
commented
on
was
like
hobrich's
original
design
was
using
custom
resources,
but
it
was
imperative,
so
you
create
like
with
cubecaro
we
created
like
an
operation
object
and
from
there
the
controller
takes
over
the
operation,
object
and
executes
on
the
operation.
For
example,
cluster
upgrade
can
be
an
operation,
so
you
just
feed
like
the
desired
version
in
this
operation.
A
Object
and
the
operator
will
take
it
and
go
over
all
the
cubanium
nodes
and
you
know
upgrade
components:
the
kubelet,
the
kubernetes
binary
and
for
container
images
for
the
control
plane.
A
A
Personally
think
the
spec
is
going
to
be
very
complex
for
a
number
of
reasons,
but
for
which
you
can
hopefully
join.
We
can
have
a
bit
of
a
discussion
about
it,
but
what
we
why
we
bring
we
are
bringing
this
to
the
siege
meeting
is
like
basically
for
more
people
to
comment.
The
first
topic
is
the
imperative
versus
declarative
pattern.
C
My
my
experience
is,
you
can
always
turn
declarative
into
imperative.
It's
quite
difficult
to
go
the
other
way
around.
So
if
we
had
a
declarative,
I
don't
see
why
we
would
not
do
declarative
right.
What's
the
case
to
make
things
imperative,
I
guess.
A
I
think
that
it
gets
really
sketchy
around
topics
such
as
certification,
because
that
was
one
of
the
operations
we
wanted
to
support.
So
if
you
want
to
rotate
certificates
like
what
do
you
store
in
the
spec
potentially
date,
maybe
certificates
expire?
This
is
the
creation
date
of
the
certificates
and
you
changing.
The
date
would
potentially
do
some
sort
of
rotation.
C
Yeah,
I
would
probably
store
my
intent
is
that
the
certificate
has
at
least
two
years
left,
so
I
would
probably
store
something
like
that
right,
like
that.
That
tends
to
be
the
thing
where
like
when
I
want
to
reboot
a
machine.
My
intent
is
that
it's
running
like
a
particular
kernel
version
or
something
like
something
of
that
nature
right.
So
a
lot
of
these
one-off
imperative
style
operations
may
look
like
backups.
C
I
intend
to
have
a
backup
that
is
no
more
than
an
hour
old
or
something
like
that
right.
A
lot
of
these
imperative
operations
actually
are
often
can
be
recast
as
a
deeper
intent
that
is
actually
even
more
like
fundamental
need,
fundamental
desire
than
the
I
want
to.
I
want
to
reboot
the
machine.
Why
do
you
want
to
remove
the
machine?
I
want
to
rotate
the
certificate.
Why
do
you
want
to
rotate
the
specification
I
want
to
back
up
the
disk?
Why
do
you
want
to
rotate?
A
A
So
that's
like
how
do
we
reconfigure
all
the
api
servers
like
a
particular
particular
field
for
the
api
server
container
image
to
be
changed
like
how
much
do
we
expose
like
the
reconfiguration
topic
becomes
like
the
spec
explodes
pretty.
C
C
Yeah,
I
mean
that's
actually
my
I
wouldn't
say
concern
because
I
think
it's
a.
I
think
it's
a
good
thing
to
do,
but
my
my
quibble
here
would
be
like:
where
do
we
draw
the
boundaries,
for
example
like
k-ops?
C
I
think
we
install
like
eb
tables
or
something
or
we
try
to
make
sure
that's
installed
and
like
is
package
management
out
of
scope.
Is
our
cis
cuddles
out
of
scope
like?
Where
do
we
draw
the
line?
And
personally,
I
would
be
fine
with
saying
nothing
is
out
of
scope
like
it's.
We
we
should
actually
like
if
assist
cuddle.
Is
that
important?
C
We
should
be
able
to
configure
it
and
the
the
scope
is
defined
by
what
is
needed
not
by
like
you
know,
the
project
boundary
is
this,
so,
if
the,
if,
if
to
go
from
a
stock,
debian
installation
or
stock,
ubuntu
installation
or
stock
right
on
installation,
we
have
to
do
these.
C
This
set
of
operations,
then
that
that
set
of
operations
is
in
scope
in
my
mind,
but
that
is
where
I
think
we
need
to
be
a
little
careful
when
we're
approving
the
project,
because
that
is
a
a
bigger
scope
right
it
is,
it
is
the
equivalent
of
like,
like
chaos,
has
I
think
it's
called
node
node
up.
I
kind
of
remember
I'm
confused
because
I
was
talking
about
like
anyway.
It
has
a
binary
which
does
this
and
we
didn't
do
the
best
job
of
it.
C
It
like
has
too
much
logic
on
the
on
this
on
the
server
side,
but
you
know
it
does
a
bunch
of
things
it
does
it.
I
don't
know
if
I
can
run
commands,
I
think
you
can
probably
run
commands
and
it
can.
It
can
install
packages
and
and
make
sure
that
restart
systemd
processes
and
all
this
sort
of
stuff
and
add
users.
C
So
there's
a
lot
of
things
that
are
going
to
be
in
scope
that
we
may
want
to
be
careful
of,
but
I
I
think
it's
a
good
direction.
I'd
love
to
like
get
chaops
using
more
standardized
things
and-
and
I
think
it's
better
than
us
all
re-implementing
it,
but
that
is
my.
C
This
is
a
this
is
potentially
a
very
wide-ranging
project.
A
Yeah,
actually,
we,
I
don't
think
we
ever
discussed
any
configuration
of
the
host
operating
system
on
the
nodes.
We,
like
mostly
discussed
clearly
like
cuba,
dm
topics
such
as
very,
very
specific,
uberian,
rotational
certification
configuration
of
how
the
static
ports
are
managed,
but
you
know
if
we
eventually
end
up
with
something
that
also
manages
the
hospice.
I
can
see
this.
This
particular
operation
can
also
be
used
by
chaos,
but
then
should
it
really
be
called
like
a
the
cube
adm
operator.
If
we.
C
I
don't,
I
don't
really
care
what
we
call
it
like
yeah,
it's,
yes,
it's
it's.
Certainly
the
the
question
is
like
what
is
the?
What
is
the
eventual
scope
here,
because
I
mean
the
reason
that
chaops
got
involved
in
this
is
because,
like
a
new
version
would
require
like
eb
tables
or
whatever
it
is
right,
and
so
we
wanted
to
make
sure
that,
in
order
to
work
out
of
the
box,
rather
than
tell
users
hey
in
this
version,
you
have
to
install
eb
tables,
we
would
install
db
tables
for
you
right
and.
C
Particularly
when
you're
doing
like
an
auto
scaling
group
or
something
like
that,
it
it's
harder
to,
I
I'm
not
entirely
sure
what
the
how
how
it
would
work
today,
like
a
user,
would
presume
to
create
a
user
data
script
on
aws
and
like
be
responsible
for
installing
the
prerequisites
and
then
would
run
cube.
Adm
is
that
is
that
sort
of
how
it
works
today,.
A
A
Yeah
package
management
is
also
interesting.
We
could
go
wild
and
basically
allow
the
user
to
install
packages
like,
but
it's
gonna
be
interesting.
How
do
we
maintain
this
list
of
unknown
packages?
And
it's
I
don't
know,
but
it
depends
also
on
the
host
package
management
manager.
C
Yeah,
the
big
one:
that's
we
used
to
have
a
lot
more
of
these
now,
it's
mostly
just
container
d
and
we
actually
in
chaos,
have
switched
to
not
using
the
package
manager
because
you
sort
of
have
to
take
the
upstream.
You
have
to
take
a
more
recent
container
d,
so
we
we
use
the
tar
file
now
instead,
and
that
also
has
the
nice
advantage
of
being
distro
independent.
So
we
we
do
both
but
yeah
there
it's
anyway.
I
I
I'm
not
I'm
not
opposed
to
this.
C
I
do
think
we
should
try
to
make
sure
that
that
we
we
try
to
understand,
like
you
know,
do
people
want
to
if
we
approve
the
project,
but
the
the
maintainers
are
like.
We
just
want
to
do
just
kubereum
that
they
should
make
a
very
clear
statement
about
that
right
and
if
they
are
open
to
doing
other
things,
then
that
that's
great,
and
they
should
make
a
statement
about
that.
C
But
I
I
don't
think
we
want
to
be
sort
of
in
a
confused
state
right
where
we
have
some
contributors
wanting
to
push
it
in
one
direction.
Another
is
not
right.
C
A
A
I
I
see
this
like.
If
we
go
with
the
operator,
I
think
we
should
first,
first
and
foremost
agree
on
the
design
which
is:
do
we
go
fully
the
clarity
fully
imperative
or
like
a
hybrid,
something
that
we've
discussed
would
forbid
sure
a
bit?
Is
it
like,
like
a
good
idea
to.
A
A
So
I
think
the
first
thing
we
needed
is
the
design
direction,
which
is.
Should
we
just
say:
okay,
imperative
is
not
like
something
that
we
see
in
kubernetes.
That
often
so,
should
we
just
tell
them
hey
if
you,
if
you
want
to
seek
adoption
like
under
kubernetes,
six
or
sequels
lifecycle
for
this
project,
it
has
to
be
declared.
A
I
would
say
yes,
but
I
can
see
that
this
the
spec
will
see
a
lot
of
iterations
until
we
especially
around
the
cuban
dna
configuration
or
for
potentially
package
management,
topical
host
operating
system
management,
it
will
see
a
warfare
iteration,
so
maybe
we
can
start
small
with
multiple
versions,
but
it
has
to
be
declared.
So
I
think
if
we
can
agree
on
this,
for
example,
in
this
meeting,
we
can
get
something
going.
B
B
Sorry
for
being
late
yeah,
I
I
so
some
time
ago
we
discussed
around
the
operator.
The
idea
was
to
have
the
operator
as
a
component
in
charge
for
mutability
in
cluster
api
and
in
in
the
entire
c-cluster
life
cycle.
Let
me
say
a
system,
I'm
not
sure
this
is
today
the
case.
B
B
Because
yeah,
it
could
be
a
complement
of
kubernetes
or
it
could
be
something
that
has
a
relation
with
cluster
api
because
but
I
I
don't
have
an
answer
now
why
this
is
important
to
understand.
For
me,
it
is
because
if
the
operator
is
going
to
go
down,
the
declarative
part
at
the
end
is
going
to
model
machines,
nodes,
kubernetes
configuration,
and
this
will
be
an
overlap
of
what
we
have
to
in
already
in
cluster
api.
B
B
I
I
don't
know
if
I
make
it
clear.
If
I
look
at
this
from
a
user
perspective,
how
many
api
are
there
to
the
to
declare
my
cluster,
the
operator,
one,
the
caster
api
one?
Why
and
if
I'm
a
user-
and
I
want
to
use
both-
is
it
possible
or
not
this
kind
of
funds?
Where
are.
B
D
Oh
thanks
yeah.
I
I
agree
with
with
you
know,
with
everything
for
pizza
that
you're
saying
I
I
I
feel
like,
as
I
think,
back
to
the
sort
of
the
history
of
kube,
adm
and
cluster
api.
D
They
kuvinium
started
earlier
and
kubitium
was
was
in
a
position
to
or
the
project
needed,
to
solve
some
problems
around
upgrades
that
cluster
api.
I
think
at
the
time
wasn't
in
a
you
know,
in
a
position
just
to
solve
right
away,
so
there
were,
I
think,
I
feel
like
they
evolved
to
solve
similar
problems.
D
You
know
kind
of
at
the
same
time
and
then
cluster
api
of
course
uses
kubernetes,
but
not
every
feature,
and
that-
and
I
think
that's
that's-
why
maybe
at
this
point?
It's
it's
not
it's
not
clear
right.
So
it
is
that's
just
that's
just
the
way
the
the
two
projects
evolved
and
but
yes,
it
would
be.
D
It
would
be
very
would
be
very
good
for
I
think
that
the
community
of
of
users
for
us
to
have
the
the
consistent
story,
especially
with
something
like
clustering,
guy,
evolving
cluster
class
and
and
and
gaining
the
ability
to
do
declarative
updates
and
yeah.
A
I
I
also
agree
with
so
richard
daniel.
Eventually
it
feels
like
a
certificate
rotation
like
the
configuration
and
everything
should
be
features
in
costa
rica.
A
A
What
what
I
don't
know
for
sure-
and
this
is
even
if
we
survey
the
users-
I'm
not
sure
how
many
responses
we're
going
to
get,
but
I'm
not
sure
how
many
users
of
cube
adm
want
this
operator
story,
but
they
don't
want
to
use
quest
api.
So
that's
like
a
what
is
the
venn
diagram
of
this
because
question
api,
obviously
is
great,
but
it
has
a
learning
curve.
A
I
don't
think
that
all
the
we
we
have
seen
full
adoption
of,
for
example,
paco
works
for
this
huge
cloud
provider
in
china,
but
they
have
not
invested
in
question
api,
yet
they
use
purple
scuba
dm.
So
they
want
to
create
this
operator,
and
I
wonder
how
many
users
we
have
like
that?
What
is
preventing
them
from
migrating
to
western.
B
A
If
we
potentially
enhance
the
cost
api
story
to
support
this
rotation
and
all
the
other
features
that
they
may
want,
we
can
say:
hey
if
you
want
this,
you
know
day
two
operation
management
that
is
like
next
level
just
go
and
invest
in
question
and
that
I
think
this
this,
I
would
say,
is
probably
the
story
we
want
to
tell
people,
because
I
also
like
I
said
I
agree
with
this
overlap.
A
The
overlap
will
create
extra
work
for
us
and
we
may
have
a
contributor
right
now,
but
this
contributor,
in
a
couple
of
years,
may
not
be
able
to
maintain
the
operator
anymore
like
who
is
going
to
meet
an
operator
he's
obviously
a
investment
of
time,
and
I
think
that
we
should
probably
just
go
with
the
coastal
contigration.
B
B
A
Yeah,
it's
certainly
how
do
I
say
like
difficult
to
predict
at
this
time
it's
difficult
to
establish
the
right
place
for
this
request
from
the
users.
I'm
pretty
sure
that
humanitarian
users
want
something
that
will
you
know
upgrade
their
customers
rotate
their
certificates.
A
B
I
I
don't
remember
from
one
or
two
years
ago,
probably
three
when
we
did
the
the
survey,
but
in
three
years
two
year
and
a
half,
it
is
the
first
person
that
is
showing
up
with
a
concrete
interest
in
making
this
happen
so
yeah.
I
agree
in
an
ideal
world.
If
this
is
a
viable,
everyone
will
use
it,
but
as
a
community
we
as
a
first
point,
we
need
people,
a
group
of
people
or
a
comp
or
a
group
of
company
even
better,
committed
to
making
this
happen.
A
Yes,
and
currently
we
don't
have
that
just
one
person
I
can
see
potentially
the
number
of
contributors
jumping
to
a
few
more
if
they
see
interest,
if
this
could
be
cubic
potential
cubic
dm
operator
repository
exists,
even
in
imperative
form.
The
way
it
is
today
I
can
see,
contributed,
jumping
and
contributing,
but
it
kind
of
overlaps
with
the
overall
cube,
adm
cluster
api
picture
and
the
whole.
A
Project
level
diagram
that
we
have
so
yeah.
I
think
we
should
just
tell
paco
the
potential
other
activities
that
they
can
always
put
it
in
a
repository
outside
of
the.
C
Yeah,
I
think
that's
fine,
I
think
also
like,
I
think
it's
short-term
harsh
feedback,
but
like
we
can
ask
them,
why
not
cluster
api
and
cube
adm
and
why?
Why
do
they
want
to
do
this?
And
why
don't
they
want
to
use
cluster
api
because
that
is
like
if
they
can't
articulate
that
clearly
for
other
contributors,
they
will
never
get
that
critical
mass
and-
and
this
will
like
fizzle
right
and
there
may
be
good
reasons
there
may
not,
and
we
can
sort
of
help
them
work
through
that
type
thing.
C
So
I
think
it's
not
it's
not.
It
doesn't
have
to
be
confrontational,
like
you
know,
when
using
cluster
api,
like
it's
the
best
thing
ever,
but
it
can
be
like
you
know,
you
have
to
articulate
clearly
like
why
people
will
want
to
contribute
to
this
and
not
use
cluster
api.
B
B
Because,
as
I
said,
it
could
make
sense
as
a
kubernetes
tension
if
it
does
not
overlap
with
cluster
api,
because
this
part
of
the
story
in
class
api
is
not
yet
figured
out.
Motability
in
cast
api
is
still
a
big
question
mark
everyone
will
like
it,
but
most
of
us
are
scared
about
the
complexity
that
it
will
bring
into
the
project
and
so
how
to
get
there
if
and
how
to
get.
There
is
still
really
open
to
discussion.
A
Look
up
more
technical
questions
for
a
couple.
I
guess
so
we
have
the
kubernetes
bootstrap
provider
and
control
pane.
So
if
we
are
about
to
add
this,
some
of
these
operator
features
in
cluster
api,
like
I
think
the
abstraction
to
support
any
control,
plane
or
bootstrap
provider
will
be
super
complex.
So
perhaps
it's
it's
gonna
be
something
that
should
live
like
a
cubed
and
specific
controller
again
linking
to
the
existing
cubed
m
modules
in
capi.
I
guess.
A
B
B
B
B
B
A
Yeah,
definitely
in
person
and
basically
opening
the
room
of
people
swapping
microphones.
Everybody
provides
feedback
like
hearing
more
what
more
people
want.
I'm
surprised
that
this,
the
mailing
list
discussion,
didn't
get
a
lot
of
traction.
A
But
also
with
the
capi
modules,
which
is,
I
don't
know
it's,
it
becomes
like
a
really
puzzling
design,
but
if
it's
declarative
like
who
manages
the
spec
status
that
potentially
this
operator
against
the
controller
of
the
operator
but
like
who,
who
is
the
manager,
I
think
this
is
from
my
point
of
view.
Perhaps
this
idea
was
something
that
works
for
both
projects.
Like
you
say,
hey
yeah,
I
don't
want
to
use
question
api.
A
A
It
almost
feels
like
the
operator
if
it's
fully
imperative
working
on
the
machines
executing
kubernetes
and
binary
commands
cli
also
performing
certificate
rotation
using
the
same
cli
upgrades
it
can
it
can
go
without
consuming
the
library,
the
kubernetes
library,
so
as
it
is
today,
it
almost
feels
like
it's
not
a
prerequisite
directly.
B
B
Yeah,
I
think
that
shelling
out
is
a
weak
interface
or
building
stuff,
because
then
you
have
to
deal
with
different
version
of
your
binary,
but
yeah
it
could
be
a
design
choice.
I
don't
there
are
pro
and.
A
If
we
have
it,
it
opens
to
a
lot
of
possibilities,
but
it's
so
complicated.
It's
another
like
a
completely
different
story
that
is
so
complicated
for
us
to
figure
out.
A
C
I
I'm
planning
on
going.
I
think
we
are
confirming
our
travel
budgets,
but
I
will
probably
go
personal
account
if
google
says
they
won't
pay.
B
B
Find
have
some
place
some
time
to
discuss
and
put
this
topic
in
the
agenda.
C
I
think
that'd
be
great.
Are
you
saying,
like
a
formal
time
or
like
a
like
a
lunch
type
thing
and
lunch
and
breakout
type
thing.
B
Or
the
day
after,
because
there
is
a
day
in
between
the
contributor
summit
and
the
beginning
of
the
conference,
if
I'm
not
wrong,
where
basically
the
conference
is
is
running,
for
you
know
the
the
related
events,
maybe
we
can
get
a
room
or
some
place
to
to
met
and
this
day,
so
we
because.
B
D
B
A
Yes,
I'm
not
going
to
detroit,
but
I
agree
just
basically
trying
to
get
a
room
full
of
people
on
such
a
topic.
I
think,
is
going
to
be
very
beneficial
instead
of
us
trying
to
make
a
decision
here.
B
I
think
that
for
the
time
being,
without
a
clear
commitment
of
many
people
and
companies,
it
is
fine
to
be
a
personal
project
and
it
is
also
fine
to
experiment
to
let
the
the
contributor
to
experiment
around
it
and
whenever
he
feels
comfortable,
he
should
he.
He
can
basically
open
a
announcement
proposal
that
and
people
and
make
its
own
case.
A
All
right:
do
you
think
that
you
will
be
able
to
reach
together
more
people
and
how?
How
are
we
going
to
announce
it
to
them?.
B
I
why
not
starting
with
a
simple
email
in
in
the
mailing
list
and
trying
to
figure
it
out.
If
this
is
this
already
started,
and
how
much
transfer
or
the
interest
we
got
in
the
end
resume.
A
A
B
A
I
can
comment
today
tomorrow
to
taco
that
just
you
know
this,
this
small
discussion
and
well
everybody
sees
this
email
that
arrives,
so
we
can
also
other
comment
to
the
same
thread.
Saying
hey
we're
going
to
discuss
the
cube
if
you
want
to
join
like
here
is
the
room.
You
can
also
have
a
brief
mention
about
it
in
the
copy
meeting
later
today
saying
we're
going
to
book
time
for
this.
B
B
If
I
remember
he's
in
china,
if
he's
willing
to
do
a
meeting
in
in
in
a
in
a
time
frame,
that
is
this
fits
for
you
and
for
us
in
europe,
we
can
have.
We
can
discuss
this
by
person
and
maybe
start
clarifying
some
point.
A
Yes,
but
it
feels
like
our
decisions
after
these
two
discussions
in
the
two
separate
videos
are
pretty
clear
and
we
are
pretty
much
rotating
the
discussion
with
the
same
people.
What
we
need
is,
I
think,
more
people
to
provide
their
feedback,
so
I
think
cubecond.
Your
idea
is
really
good,
just
say,
maybe
lunchtime,
maybe
the
continuous
summit
that
if
somebody
wants
to
join
just
let's
cover
this
question,
nobody
joins.
A
I
guess
this
means
that
we
don't
have
enough
interest
in
person
in
capcom
at
least
or
maybe
paco
will
be
there.
I
don't
know
he
can
also
like
host
the
discussion.
But,
yes,
I
think.
A
I
think
the
actual
information
just
email
later
today
or
tomorrow
that.
A
B
A
Yeah
yeah,
it's
obviously
not
clear
to
us
how
it
will
fit
without
more
discussion
in
terms
of
contributors.
I
think
it
may
have
hundreds
of
users,
but
only
a
single
contributor.
A
This
is
basically
the
ratio
I'm
seeing
in
cuba
dm
land,
at
least
if
we
saw
a
few
contributors,
but
we
have
so
many
users
and
I'm
not
convinced
if
we
open
up
the
project
to
on
a
sig
level
that
we
are
going
to
get
an
interaction
from
like
how
I
say
key
maintainers,
because
it's
you
know
sending
small
bug.
A
Fixes
is
one
thing
but
maintaining
the
project
is
it's
a
completely
different
story,
and
for
that,
like
you
mentioned
earlier,
we
need
actual
company
involvement,
which
is
how
things
work
in
cloud
native
land.
A
If,
from
what
I've
seen
that
people
don't
read
email,
they
don't
read
slack
so
maybe
in
person
is
ultimately
better.
A
But
yes,
this
this
the
operator
and
specifically
the
stories
around
certification
and
in
a
musical
way
and
also
upgrades
also
in
a
mutual
way.
I
think
this
definitely
has
a
wharf,
we'll
have
a
lot
of
users,
but
again
it's
it's
not
clear.
If
capital
wants
to
allow
this
so.