►
From YouTube: 20190417 kubeadm office hours
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
B
C
C
C
A
It's
done
next
up.
I
am
I,
am
in
a
war
of
Wars
right
now
with
the
release
team
and
that
your
folks,
I've
I,
think
I'm
at
my
wit's
end
with
regards
to
how
we
do
releases
was
instead
of
kubernetes,
we
just
need
to
get
it
out
of
some
Co
maintained
space
that
we
can
actually
make
change
to
and
I,
don't
know
what
the
timeline
is
for
the
working
group
in
fraud
to
actually
own
the
releases
I'm
trying
to
coordinate
that
with
DIMMs
I
know.
A
Dimms
is
trying
really
hard
to
get
this
out
of
out
of
the
hands
of
Google
ownership,
but
the
last
release,
as
we
saw,
was
kind
of
a
little
bit
of
a
snafu,
and
you
know
hannises
original
proposal
called
out
the
the
bifurcation
of
releases.
So
we
could
have
the
ability
to
do
this
so
I'm,
currently
pending
and
poking
them
I
plan
to
PR
the
main
repo
with
regards
to
the
packaging
changes.
C
So
testing
that
I
mean
that
not
testing
from
but
the
KTM
for
a
group
they
are
progressing
very
slow
and
if
you
want
immediate
action,
I
was
thinking
about
like
having
a
sequence.
Lifecycle
maintained.
Temporary
registry
I
mean
repo
for
that
first
and
then
becomes
a
question.
Who
has
the
time
to
do
this?
Whole
thing.
C
A
That's
that's
the
key
to
this
I
think
we
can
absolutely
patch
it
to
get
the
work
done,
but
I
think
we're
still
pending
on
the
ability
to
just
make
those
patches
right.
Now,
it's
a
fertile
infrastructure.
No
one
maintains
that
no
one
owns
it
until
we
actually
can
make
the
patches
to
update
the
infrastructure
itself.
For
this
weird
catch-22.
C
So
some
of
the
people
that
started
complaining
about
the
breakages
of
our
packages,
he
did
some
investigation
and
find
out
I
found
out
that
we
on
each
release.
We
push
all
the
packages
for
the
patch
versions.
I
do
not
believe
him,
but
if
that's
the
case,
I
don't
see
any
problem
with
simply
replacing
the
old
patch
versions.
C
That
was
one
of
the
arguments
by
seek
release
that
they
don't
want
to
modify
the
old
patch
versions.
But
if
this
guy
is
correct,
like
I,
don't
know,
we
should
ask
the
Google
owners
of
this
particular
aspect.
Do
we
know
who
the
latest
Google
order
is?
No,
this
I
know
his
picture
in
slack,
but
I
forget
his
name.
It's
too
easy
start
em
and
eat
something,
or
something
like
that.
C
A
Identified
that
what's
the
timeline
for
the
the
K,
its
infra,
grouped
all
the
releases
I
think
that
should
just
help
to
solve
this
problem.
So
we
actually
had
an
illegitimate
timeline
that
we
can
expect
that
they
would
actually
own
the
release
process
for
115
and
116.
Just
give
me
a
date,
then
then
we
can
start
hashing
this
stuff
I.
A
Ross
I
saw
your
kept
PR
I,
don't
think
we
need
to
kept
other
than
we
should.
The
purpose
of
keps
was
originally
like.
You
have
a
major
feature,
and
then
you
refine
it
over
time.
So
it's
supposed
to
be
a
living
document,
so
we
would
have
something
like
the
original
config
and
then
we
PR
like
we're
going
to
beta
2,
and
then
then
you
update
the
original
cap.
I,
don't
think
we
need
a
separate
cap.
A
Would
rename
it
to
be
Canadian?
Config
call
immediately
see
here
I'm.
Looking
at
all
our
caps,
we
need
to
kind
of
do
a
little
curation
I
would
change
the
configs
from
being
one
beta-1
to
just
be
Canadian
config
and
then
modify
that
with
some
history,
then
updated
to
say,
B
1,
beta
2,
with
the
changes
or
the
Delta
from
V
1
beta
1
to
B
1
beta
2.
D
A
That's
the
intent
behind
caps.
The
original
intent
was
that
you
have
a
major
feature
with
in
this
case.
It's
comedian
config,
then
their
feature
has
is
updated
as
part
of
the
lifecycle
as
it
gets
to
GA.
Then
you
revision
that
every
time
you
make
a
major
modification,
you
do
a
promotion
for
like
an
API
or
something
like
that.
Oh.
C
E
A
E
A
A
D
A
D
A
A
E
A
So
here's
a
quick
question:
are
we
going
to
remove
or
real
able
some
of
those
GCP
upgrade
jobs,
because
it
has
the
tag
clustered
lifecycle
in
it?
I
can
just
remove
the
tag
and
just
call
it
GCP
or
make
a
modification
to
that
test
to
make
it
the
test
say
that,
instead
of
being
just
a
GC
key
owned
test.
C
A
C
A
F
A
A
C
Can
explain
this
one
already
it's
from
today,
so
basically
somebody
is
trying
to
upgrade
kubernetes
in
a
way
that
he
has
immutable
nodes,
node
images,
so
he
bade
him
and
the
Kubrat
are
hard-coded
as
binary,
but
then
he
tries
to
introduce
a
new
node.
That
is,
you
know.
It's
cube,
ADM
114
with
couplet
114,
but
the
existing
cluster
is
113
and
this
node
cannot
join.
B
A
A
Here's
a
general
question
for
the
audience.
We
have
a
particular
who's
out
here.
Well,
while
I
do
some
triage,
we
have
a
bunch
of
security
issues
like
they're,
not
major
security
issues,
they're
just
we
need
somebody
to
work
on
them,
but
Liz
was
our
de
facto
security
person
for
a
while,
and
we
have
no
one
who's
kind
of
taking
up
that
mantle
with
regards
to
you
know
having
PKR
PKR
and
their
job
title.
E
Have
the
the
renewal
story
that
is
incomplete
because
we
are
not
documenting
out
with
a
new
HD
cluster
and
out
to
renew
certificates
that
are
in
the
Cooper
config
file?
Then
we
have
the
kubalek
connection
and
I
think
also
something
else,
but
I
have
to
make
up
my
mind,
try
to
to
take
what
what
I
can't
a
call
and
ask
for
help
well,
where
I
need
it.
A
E
A
Great
people,
what
seems
to
what
to
add
this
feature
to
the
config?
You
know
change
their
certificates
expired
to
him
and
he
picked
that
I'm
alone
could
be
on
Kuwaiti
minutes
later.
What
happens?
I
use
convenient
to
create
the
prettiest
cluster
works.
Well,
if
I
certificate
expired
time,
only
one
year
doesn't
purpose
because
the
Support
Lifecycle
of
clusters,
if
the
time
is
more
than
one
year
the
cluster,
will
not
work.
I
should
renew
this
trinkets
manually.
You
know
it
doesn't
need
any
manual,
it
could
be
automated,
but.
F
A
F
G
Always
renew
Jim
one
second
yeah.
So
in
India
scenario,
it
would
be
good
if
your
certificates
will
be
renew
it
when
a
user
is
upgraded
because
I
hit
myself
the
same
scenario.
So
I
created
one
cluster,
which
was
like
one
point,
six
or
seven,
and
when
I
was
like
gradually
upgrading
upgrading,
upgrading
it
them
and
at
some
point,
I
realized
what
my
certificate
expired
and.
A
F
G
A
A
C
A
C
Neal
attempted
to
change
the
secret
driver
in
docker
for
a
running
question,
which
is
a
horrible
idea.
That's
a
terrible
idea:
holy
cow
yeah.
Yes,
so
by
the
way
for
the
record,
if
you
have
a
system,
here's
the
initial
driver
and
then
you
can
change
multiple
times
between
see
group
and
system
D
without
problem.
But
if
you
start
with
C
Group
FS
as
the
driver,
it
breaks
immediately
after
then
after
we.
If
you
change
the
system,
D
and
I,
basically
I
need
to
document
a
single
sentence
that
this
is
highly
not
recommended.
B
A
Is
there
a
here's,
a
question
for
the
group?
Is
there
any
major
distribution
that
even
uses
secret
purpose
anymore
like
this
is
so
old,
like
the
rl6?
Was
the
version
that
I
think
it's
for?
You
was
the
last
version
I
know
of
and
that's
back
in
the
Naboo
to
Dupree
system
D
systems
to
which
is
also
not
supported
or
thinking
where
well.
A
C
A
It
is
like
that
see,
groups
has
to
be
either
a
full,
a
or
full
be
like
just
the
way
it's
run,
and,
to
be
honest,
if
you
don't
have
a
system
deified
system,
your
the
idea
of
SL
O's
around
secret
mechanism
is
total
filthy
lives,
because
anything
that
that
exists
outside
that
proportional
share
is
not
guaranteed
to
actually
have
a
slice,
because
the
system
scheduler
will
go
off
the
rails.
That's
the
reason
why
it
was
system
deified
back
in
the
day.
I
know
the
whole
I
know
the
horror
that
exists
with
incentive
secret.
E
A
F
A
A
E
A
E
A
G
E
A
Know,
there's
been
a
long-standing
conundrum
of
mine
of
whether
or
not,
and
we
should
talk
about
it,
whether
or
not
we
should
start
to
own.
The
system
D
override
unit
files
directly
inside
of
the
code
of
Canadian,
because
this
is
a
configuration
of
like
the
the
override
right
for
the
command-line
options,
feeding
into
the
cool
it.
C
A
If
it's
inside
of
the
the
couplet
has
config,
if
it's
floating
into
the
couplet
config
and
it's
an
override
parameter,
that's
ideal,
because
then
you
don't
have
to
do
this
system
unify
at
all
and
in
fact
most
parameters
should
be
that
way.
Now
it
is
so
if
it
flows
down
there.
That
seems
like
a
reasonable
fix.
C
E
A
E
F
C
A
A
C
A
A
C
A
I'll
leave
it
open
the
milestone.
Next
I'll
send
it
to
me
because
there's
there's
a
long-standing
history
to
this,
but
going
way
back
because
there's
like
I,
don't
know
what's
the
term
for
if
you
got
burned
once
in
the
past,
you
have
a
hysterical
paranoia.
A
The
ex-googler
folks
avoided
this
like
the
plague
of
having
well-defined
labels,
because
apparently
it
went
to
plaid
on
Bork
so
like
inside
of
Google
itself,
they
have
so
many
different
archaic,
labeling
systems
that,
like
it's,
it's
very
difficult
to
debug.
So
they
went
the
exact
opposite
extreme.
We
like
now
we
can't
have.
We
can't
have
structured
labels
because
they're
not
meant
to
be
that
way.
So.
A
A
D
A
F
G
F
A
C
G
No,
we
were
some
chicks
supposed
to
be
just
calling
you
a
binary
public
binary
faction.
It's
strange.
A
E
E
C
F
E
F
A
E
A
A
D
F
A
A
Really
want
to
get
the
customized
in
place,
so
if
the
user
wants
to
blast
off
there,
but
you
know
we
give
them
the
opportunity
to,
but
then
then
we
don't
have.
It
would
alleviate
a
lot
of
these
problems.
We
have
with
people
trying
to
clone
stuff
through
fake,
because
then
it
would
just
be
a
modification
that
they
could
do
to
any
of
the
manifests
after
initial
creation,
it's.