►
From YouTube: SIG Cluster Lifecycle - Cluster Addons 20201110
A
B
Justice
yeah,
I
mean
I
thought
it
looked
good.
I
think
it
was
I
I
wouldn't
even
call
it
like
blocking
feedback.
I
just
I
just
thought
he
wanted
to
do
another
round
of
of
comments
on
it
and
then,
but
I
think
it's
I
think
it's
in
good
shape
to
her
merge.
B
B
Have
a
look
over
it
and
then
why
don't
we
follow
up
with
him
and
then
see
if,
if
he
wants
to
add
any
comments,
and
if
not
I
I
propose,
we
just
merge
it,
as
this
will
do.
A
Yeah
and
then
we
have
plus
add-ons
issue
88
from
christian
christian.
Do
you
want
to
talk
a
little
bit.
A
C
Welcome
yeah
thanks
first
time
here
so
bear
with
me
if
I
screw
anything
up,
but
so
I
guess
I'll
start
by
saying
I
have
a
like
a
need
to
like
forward
some
like
dns
zone
or
like
a
set
of
dns
zones
to
like
some
upstream
resolvers
and
like
I.
I
want
to
do
this
through,
like
some
sort
of
custom
controller
and
what
I
think
is
like
it.
C
This
feels
like
it
might
fit
within
the
the
core
dns
operator,
having
some
way
to
specify
some
set
of
data
zones
that
forward
to
some
set
of
upstream
resolvers
without
actually
modifying
the
the
core
file,
and
I
I
think,
like
I,
I
want
to
like
get
away
from
directly
modifying
the
core
file,
because
I
imagine
that,
like
there's,
there's
just
like
complexity
and
then
like
I,
I
don't
think
like.
C
I
want
to
have
like
my
controller
like
take
like
ownership
of
this,
of
the
the
core
file,
like
other
people,
might
want
to
modify
and
like
that
just
feels
like
it
might
still
fit
within
like
the
purview
of
like
core
dns
operator,
and
this
I'm
I'm
hoping
like
this
feels
like
something.
C
That's
just
like
more
generally
applicable
to
like
other,
like
use
cases
like
I
I
feel
like
I
imagine
like
up
forwarding
to
upstream
reservoirs,
just
feels
like
a
a
thing
like
many
people
might
need
to
do
so.
I
I
guess
what
I'm
looking
for
is
just
feedback
on.
If,
if
that
feels
like
the
right
place
to
do
this.
D
D
D
So
now,
if
you
bring
something
and
slap
in
some
zone
into
a
private
dns,
I
am
not
sure
whether
it
makes
sense
or
the
zones
you
are
talking
about.
Are
they
public
zones?
Are
they
private
zones,
yeah,
they're,
they're,
private,
okay,.
D
C
Yeah
that
I
guess
the
intention
is
that,
like
the
the
dns
that
we
want
to
add
is
just
like,
like
in
cluster
like
somewhere,
like,
I
guess
how
cluster
local
might
work,
it's
just.
We
want
something:
that's
like
not
cluster
local
and
it
works
based
off
some
other.
Like
heuristics.
I
guess.
D
C
Yeah,
the
core
file
that
I
I'm
talking
about
is
like
the
the
configuration
for
the
like
the
core
dns
that
you
deploy
in
in
a
cluster.
Is
that
what
you
mean.
D
Yeah
configurations
are
different
from
the
zone
records
right,
so
I
can
have
one
configuration
which
is
just
saying
this
is
the
configuration
of
the
dns
that
is
deployed
in
terms
of
what
the
function
it
does,
but
the
record
in
themselves
are
added
based
on
what
the
local
network
is.
That
is
the
local
zone
right.
D
C
So
I
I
guess
the
way
I
say
is
like
the
I
I
want
to
just
add
an
entire
zone
like
cluster.local
and
and
forward
everything
all
dns
requests
for
that
zone
to
another
dns
server
like
that's
running
on
kubernetes,
so
that
I
can
handle
that
in
my
my
own
way.
My
in
my
controller.
B
I
think,
if
I
may,
I
think
perhaps
I
think
you
raise
a
good
point,
which
is
this
core
dns
both
my
coordinates
configures,
the
internal
dns
infrastructure
inside
the
cluster,
but
it
also
like
binds
some
subdomains
to
kubernetes
records
and
so
we'll
effectively
configure
the
records
themselves,
but
it
can
also
do
like
mapping,
so
it
can
do
delegations,
as
is
described
here
in
in
christian's
issue.
B
B
I
think
it
is
something
we
should
raise
with
the
core
dns
folk,
because
I
think
one
of
the
problems
of
one
of
the
challenges
of
core
dns
is
that
the
core
file
is
not
a
crd
or
a
set
of
crds
and
so
like
in
christian's
use
case.
B
We
we
want
to
I'd
like
to
hear
exactly
why,
but
I
can
sort
of
imagine
I
know
of
a
couple
of
scenarios,
so
I
can
imagine,
but
you
know
you
sort
of
want
to
keep
most
of
the
configuration
standard
kubernetes,
but
then
carve
out
a
couple
of
dns
zones
for
forwarding
to
another
dns
server.
The
two
reasons
that
I
know
of
are
multi-cluster
and
some
sort
of
private
dns
record,
so
I'm
interested
to
hear
which
one
it
is,
but
that
doesn't
really
match
with
like
the
monolithic
core
files.
B
So
I
think
I
think
this
is
a
good
proposal.
I
really
think
we
should
also
run
it
by
coordinates
and
say
that
accordion
s
folk
and
say
like
look,
do
you
intend
to
expose
more
more
krm
granular
configuration,
or
should
we
basically
build
that
ourselves
in
an
operator
layer
on
top.
C
D
If
cluster
number
one
has
some
records
in
the
zone
and
you
want
additional
zones
to
be
recognized
there,
you
can
add
another
zone,
not
a
problem,
but
then
whether
the
authority,
that
private
dns
is
willing
to
give,
because
somebody
may
add
some
records
so
you'll
you
can
have
a
non-authority,
probably
access
that
is
possible.
D
So
that
is
one
second.
If
it
is
any
way
being
resolved
by
the
proxies
then
forwarding
to
the
right
cluster.
So
is
it
a
sub
cluster?
Then
the
question
comes
what
you
are
doing
so
some
of
these,
I
think
some
of
the
dns
experts
are
then
info
blogs
or
core
dns
who
wrote.
I
think
we
should
refer
to
them
to
get
a
clarity
on
this,
because
this
involves
a
bit
of
a
security
risk,
which
is
what
I
would
like
to
avoid
from
my
thinking.
B
I
mean
I,
I
agree
that
we
should
like.
I
don't
think
this.
This
is
functionality
which
is
not
available
today
in
the
core
file.
So
I
think,
like,
as
you
say,
percussion
it's
a
good
idea
to
loop
in
core
dns
and
say:
look:
are
we
okay
with
these
problems?
I
feel
like
one
of
the
advantages
of
splitting
off
different
crds.
B
Is
that
you
can
you
can
better
use
our
back,
for
example,
to
say
like
well,
these
users
are
allowed
to
set
up
dns
zones
and
these
users
are
not,
and
these
users
are
allowed
to
configure
this
other
thing
right,
so
it
can
be
more
granular
than
just
saying
than
just
saying
like
you
can
change
the
core
file
or
you
can't,
because
there
are
things
you
can
do
with
your
bad
ideas
and
we
might
not
want
to
allow
everyone
to
do
so.
B
I
think
I
I
think
this
makes
sense,
and
I
think
christian
I
don't
know
if
you're,
if
you're,
if
you're
able
to
like
basically
open
a
similar
issue
pointing
to
this
in
the
core
dns
repository.
I
think,
from
our
point
of
view,
it
would
be
fine
to
build
this
in
an
operator
as
a
sort
of
either
if
cordinus
has
no
interest
in
doing
so
or
if
they
would
like
us
to
sort
of
prototype
it
and
eventually,
with
their
view,
eventually
having
a
more
kubernetes
native
dns
core
file.
B
C
Yeah,
I
think
that
makes
sense
and
yeah.
I
think
that
that
feedback
is
good,
so
just
make
sure
I
understand
you
you're
talking
about
just
like
the
the
normal
like
core
os
chord
or
is
it
where
it
was
coordinates.
C
Yeah
yeah,
okay,
I'm
getting
my
companies
mixed
up
so
just
open
like
get
a
bishop
they're
pointing
to
the
operator.
B
To
your
issue,
yes,
I
think
that
makes
a
ton
of
sense
like
say:
look.
I
have
this
sort
of
use
case
inside
of
kubernetes
and
in
general,
in
kubernetes,
like
the
core
file
is
harder
to
manage
in
a
in
a
kubernetes
native
way,
and
how
would
you
feel
about
us
doing
this?
Do
you
do
you
care?
Do
you
want
to
do
something
differently?
That
sort
of
thing.
B
But
I
like
this
idea.
A
lot
like
managing
the
core
file
is
is
always
tricky
because
none
of
the
available
kubernetes
technologies
work
brilliantly
with
non
krm
objects,
like
you
know,
like
you
get
into
home,
complicated,
helm
templates
or,
like
customize
sort
of
struggles
a
little
bit.
You
know
it's,
it
would
be
nice
to
have
a
more
care.
A
more
community's
native
expression
of
these
things.
C
E
Hey
this
is
joji,
so
I
had
a
question
if
everything
else
is
done,.
E
You
please
ask
yeah,
so
my
question
was
actually
about
cube
adm.
So
I'm
not
sure
if
this
is
the
right
stake
for
it,
but
I
saw
there
were
a
couple
of
issues
which
basically
covers
the
idea
that
using
cube
idm,
you
can
have
some
add-ons
to
bootstrap
the
cluster,
for
example
the
cni
right
I
mean
or
any
any
similar
infrastructure
that
I
would
like
to
have
when
I
boot
up
a
cluster,
so
I
saw
some
issues
there
that
has
been
raised.
I
think
some
of
them
were
like
partly
worked
on
and
not
resolved.
E
So
it's
just
wondering
what
is
the
direction?
Is
there
any
any
room
for
you
know
pursuing
that
path,
because
I
do
have
a
requirement
to
you
know
to
be
able
to
install
some
things
by
default.
When
I
bring
up
a
cluster-
and
you
know
if
I
can
bootstrap
that
using
kubernetes,
that
would
be
great.
E
So
I
wanted
to
get
a
general
sense.
You
know
I'm
quite
willing
to
contribute,
but
I
saw
somebody
already
worked
on
it,
so
I
was
wondering
if
there
was
any
reason
not
to
pursue
it,
or
is
this
not
the
right
sake,
etc.
So
any
any
general
direction
will
really
be
helpful.
B
It's
a
pity
lease
not
here
today,
because
lee
is
probably
more
up
to
date
on
this,
I
think
in
general.
You
know
we
are
trying
to
build
the
add-ons
and
get
them
integrated
into
the
various
tools.
I
work
primarily
on
cops
or
chaops,
and
so
I
can
speak
more
about
what
we're
doing
there
we're
not
integrated
yet
into
kops
either.
B
I
think
kubaydm
is
also
not
integrated
yet
in
their
ongoing
discussions
about
like
exactly
how
we
should
go
about
doing
that.
I
feel
like
it
seems
likely
that
chaos
is
going
to
go
first
and
we
can
probably
use
that
as
a
little
needle
to
poke
kubati
m
into
faster
action,
but
a
friendly
competition
never
hurt
anyone.
So,
but
yes,
I
think
the
answer
is
from
my
point
of
view.
B
We
have
to
demonstrate
value,
and
so
that
means
building
the
operators
that
work
and
demonstrating
that
they
can
fit
into
things.
So
I'm
going
to
try
to
demonstrate
that
it
can
fit
into
k
ups
and
hopefully
that
will
be
enough
to
persuade
kubernetem
to
like
be
more
oh,
to
make
the
next
take
the
next
steps
I
feel
like
it
is.
We
haven't
demonstrated
that
value,
so
it's
not
unreasonable
of
them
not
to
have
done
it
yet.
But
if
you
want
to
help
demonstrate
that
value,
that
would
be
wonderful.
B
We
if
there
are
particular
cni
plug-ins
you
want,
it
would
be
wonderful
to
try
and
we
don't
have
an
operator
for
it
already
it'd
be
wonderful
to
try
if
you
were
willing
to
try
building
one
using
the
the
cluster
add-on
sort
of
approach
and
contributing
it
and
giving
us
any
feedback
about
what
you
experience
doing
so,
depending
on
exactly
how
the
cubanium
works.
Yeah
I
mean
you
can
always
I
I
I
think
you
can
turn
off
or
you
don't
you
just
don't
enable
ci
in
kubernetes
by
default.
B
So
you
would,
you
would
essentially
manually
apply
that
operator
afterwards
and
then
the
in
the
integration
would
be
some
sort
of
automatic
single
step
application,
but
you
can
develop
and
prototype
where
you
use
kubernetem
to
create
your
cluster,
and
then
you
apply
your
operator
to
it.
I
don't
know
which,
which
cni
are
you
where.
E
Cni
is
your
favorite,
nothing
in
particular
at
the
moment,
because
my
interest
is
mostly
bootstrapping
at
cluster,
so
the
user
might
specify
a
particular
cni.
You
know-
or
I
might
have
like
a
list
of
cns-
that
I
want
to
deploy
like
give
them
a
choice
right.
So
right
now,
like
you
said
the
workflow
is
I
create
the
cluster
using
qberium?
It
comes
with
a
code
dns
right
and
then
I
need
to
apply
the
cni
manually.
So
what
I
wanted
to
do
is
actually
I
wanted
to
create
the
cluster
and
forget
it
right.
E
E
So
if
I
can
do
that,
you
know
so
to
do
that,
I
would
have
to
bootstrap
it
into
the
equivarium
and
I
looked
at
cubed
m
code
and
it
is
kind
of
hardcoded,
so
there
is
no
way
unless
I
change
keyboard
and
source
itself.
There's
no
way
for
me
to
do
it
right
now
and
that's
when
I
started
looking
at
the
issues,
and
I
saw
somebody
had
already
made
some
proposals
in
some
work
and
it
did
not
been.
D
D
E
Yeah,
sorry,
sorry,
I'm
sorry
to
interrupt,
but
I
think
you're
right
when
you,
when
you
install
kubernetes,
you
have
to
say
you're
going
to
use
a
cni
and
only
then
I
think
you
can
actually
apply.
Then.
D
Not
only
that
in
the
op
directory
where
there
is
a
cni
drivers
default,
calico
is
the
one,
and
if
you
follow
the
calico
cni
implementation,
then
that
is
quite
different
than
what
the
normal
qvdm
does.
So
there
is
some
scope
for
improvement,
and
definitely
I
think
your
observation
is
correct
and
you
should,
I
think,
propose
something
if
you
have
any
ideas.
E
So
yeah
I
mean
so
the
manual
workflow
works
works
great
I
haven't
at
least
I
haven't
done
any
into
any
issues.
It's
just
that
I
wanted
to.
I
don't
want
to
have
like
I
said
I
don't
want
to
have
the
cluster
credentials,
because
I'm
potentially
creating
multiple
clusters
and
I
don't
want
to
have
access
to
the
config
after
I
create
it.
That's
basically
the
problem
I'm
trying
to
solve
so.
D
Yeah,
so
no
no
so
credentials
credentials
are
just
you
copied
right.
You
just
have
the
cube.
There
is
a
file
which
is
copied
into
specific
place.
That's
it
so
the
credentials
they
are
different
for
different
clusters.
E
No,
that's
not
what
I'm
talking
about
sorry.
So
the
way
the
way
at
least
the
workflow
that
I
am
familiar
with
you
use
cube
adm
to
deploy
the
cluster.
It
comes
comes
up
with
you
know
certain.
So,
for
example,
it
comes
with
core
dns
right
and
then
I
have
to
deploy
the
the
cni
myself.
Typically,
it's
applied
as
a
yaml,
which
is
basically
a
set
of
kubernetes
resources.
E
Deploy
that
I
need
to
have
admin
admin
credentials,
which
is
what
I
don't
want
to
hold
on
to,
because
I
may
be
creating
clusters
on
behalf
of
somebody
else
right,
and
I
just
want
to
create
the
cluster
with
a
certain
specification
and
be
done
with
it.
I
don't
want
to
do
anything
with
the
cluster
after
that.
So
that's
that's.
Basically
my
use
case.
D
D
E
Absolutely
yeah,
so
I
will
I
will.
I
will
do
that.
So
I
was
just
trying
to
look
back
to
something
justin
was
saying
earlier,
so
you
mentioned
chaops
and
you
suggested
that
I
try
something.
Can
you
can
you
just
repeat
that
part
and
fully
capture
it?
Sorry.
B
Yeah
I
mean
I
was,
I
think
I
was
saying
if
you
wanted
to
try
creating
a
cni.
I
if
you
had
a
cni
that
was
your
favorite
as
it
were
or,
like
you
know,
it
would
be
super
helpful
to
stepping
back.
B
I
think
the
the
thing
that
we're
missing
in
cluster
add-ons
is:
we
have
to
show
there
are
these
great
set
of
add-ons
the
add-on
operators
that
work
to
install
all
the
pieces,
and
then
the
tooling
will
be
like
well,
it's
so
much
easier
to
use
those
existing
add-ons
and
so
like
kops
will
do
that
and
kuba
dm
will
presumably
do
that
as
well.
I
I
so
if
you
wanted
to
create
like
the
value
in
the
in
this
wealth
of
add-on
operators,
like
you
know,
could
you
mention
the
cni
cni
providers?
B
If
you
wanted
to
create
an
operator
for
one
of
those
or
like
that,
you
like,
then
that
would
be
a
wonderful
way
to
to
do
it,
and
that
would
be
a
great
contribution.
E
Okay,
so
let
me
let
me
look
at
that
and
let
me
try
to
come
up
with
a
proposal,
so
so
the
way
to
make
a
proposal
is
to
open
an
issue.
B
That's
a
great
way
to
start.
Yes,
if,
if
you're
going
to
contribute
an
operator,
you
probably
don't
even
need
to
do
an
issue
unless
there's
some
surprising
behavior
in
that
operator,
but
I
would
be
surprised
to
be
honest:
maybe
there
is,
but
starting
with
a
pr
for
a
new
operator
is
absolutely
fine.
Okay
for
things
like
how
do
we
do?
How
do
we
tackle
certain
things?
I
think
an
issue
is
a
great
place
to
start.
B
Sometimes
in
kubernetes
we
ask
for
a
cap
which
is
like
a
design
of
a
more
formal
design
proposal.
Yeah,
I
guess
that's
if
it,
but
an
issue
is
always,
is
much
easier
and
worst
case
the
thing
in
the
issue,
the
discussion.
The
issue
can
inform
the
cap
and
help
people
understand
the
background
for
a
cap.
So
and
often
we
can
avoid
doing
a
cap
if
it's
just
a,
if
there's
general
consensus,
and
it's
not
that
not
that.
D
B
I
think
one
thing
I've
learned
about
cni
providers
is
that
everyone
has
a
different
favorite
cni
provider,
so.
B
You're
allowed
you're
everyone's
allowed
to
have
their
own
favorite,
and
everyone
should
write
the
operator
for
their
favorite,
but
try
to
persuade
other
people
of
the
merits
of
their
particular
ci
provider.
Is
it's
just
it's
an
uphill
battle?
That's
what
I'm
yeah
exactly
exactly.
E
Yeah,
so
the
other
thing
I
had
was
so
the
operator
model
actually
is
not
going
to
work.
For
me,
my
goal
is
to
actually
be
able
to
deploy
the
operator
automatically
right.
So
let's
say
I
have
the
I
have
the
operator
for
the
cni
which
actually
most
cni
providers
themselves
will
define,
but
I'm
really
only
talking
about
you
know
automating
that
apply
apply
the
operator,
that's
basically
what
I'm
trying
to
automate
so
the
way
at
least
I'm
imagining
is.
This
will
be
some
way
to
specify.
E
When
you
run
updatium,
you
have
an
option
to
either
apply
add-ons
or
not
it's
just
that
the
list
of
add-ons
that
you
can
add
is
kind
of
fixed.
There
is
no
way
to
say
in
addition
to
what
you
do.
I
want
to
have
the
cni
operator.
Maybe
I
want
this
monitoring
operator,
etcetera,
etcetera.
So
these
are
like
cluster
infrastructure
that
I
would
like
to
think
of
like
more
like
core
dns.
We
do
deploy
core
dns,
but
pretty
much
nothing
else.
E
That's
where
I
was
thinking
this
would
belong.
So,
like
I
mean
cordinas,
it
said
people
have
operators
on
top
of
the
containers
like
auto,
scalers
and
stuff,
like
that
right
so
similar.
To
that
I
should
be
able
to
say
I
want
to
add
this
custom
add-on.
You
know
so.
B
I
mean
I
think,
to
that
point.
I
think
one
of
the
things
in
chaos
that
we've
had
for
a
while
not
having
cluster
add-ons
is
just
the
ability
to
specify
a
manifest
that
can
be
downloaded
and
automatically
managed.
B
I
don't
know
if
kubernetes
has
that
I
would
maybe
they
do,
but
it
would
be
nice
if
they
did
it's
not
it's
a
nice
feature
that
is
like
generally
useful
right
for
people
that
want
to
do
like
just
a
little
bit
more
and
as
you
say,
you
could
use
that
to
install
your
operator.
One
of
the
the
more
challenging
operators
to
integrate
are
the
ones
where
kubernetes
or
mccabe's
has
sort
of
already
done
an
integration
and
you
sort
of
have
to
like
disable
the
built-in
ones
or
like
transition.
B
That's
that's
harder,
but
I,
as
I
understand
that
kubernetes
does
not
currently
install
cni,
so
fingers
crossed.
It
will
be
a
little
bit
easier.
It
will
be
more
like
just
installing
a
a
man
of
an
arbitrary
manifest,
which
is
a
nice
feature
for
anyone
right.
A
lot
of
people
want
to
sell
their
applications,
for
example,
or
yeah
install
like
weave
flux
or
something
like
that.
B
Or
I
should
we
we,
we
are
half
of
it.
The
cube
edm
folker.
Also
they
meet
wednesdays
around
this
time.
Okay,
but
yes,
but
demonstrating
the
value
and
creating
value,
I
think
is,
is
half
of
it,
and
then
we
can
try
to
persuade
kubereum
to
support
arbitrary
manifests.
I
think
that's
a
a
good
first
step
and
then
to
support
add-ons.
B
Okay,
all
right,
but
lee
is
lee,
is
normally
here
and
I
don't
know
if
you
saw
by
the
way,
daniel
posted
in
chat
some
some
interesting
links,
yeah.