►
From YouTube: kubeadm office hours 2019-08-14
A
A
B
You
hear
me:
yes,
I
mean
hi
everybody,
so
click
update
on
the
customized
work,
the
DPR
that
the
Korra
changes
in
could
be
meaningful
and
customized.
Oporto,
smelted
and
I
started
to
work
on
the
second
PR.
They
implemented
a
you
exchange,
a
focus,
but
what
mean,
and
also
the
armor
for
implementing
end-to-end
test
for
customizing
combat
mean
they.
B
B
A
A
C
Don't
know
if
it's
possible
to
like
solicit
feedback
potentially
early
on
this,
but
I
do
know
that
there
are
some
key
customers
or
people
powered
users
of
committee
M.
That
would
have
asked
for
this
feature
for
a
long
time.
I
believe
Seth
I've
read
his
exact
handle
on
github,
but
he
has
been
a
power
user,
COO
radium
for
a
long
time.
C
He
originally
worked
at
IBM
that
he
worked
at
uber
and
now
he's
doing
some
s,
re
role
somewhere
that
still
uses
cube
idiom
but
he'd
be
a
concrete
example
of,
like
you
know,
banging
on
it
now
early
on,
because
they
they've
requested
this
for
a
number
of
times
over
the
years
to
maybe
get
feedback
a
little
bit
early,
you're
talking
about
Steve
Harris
I.
Am
you.
A
D
B
B
They
are
still
in
draft
and
they
call
that
the
two
documents
is
to
collect,
pulled
a
requirement
from
the
köppen
min
side
in
order
to
start
a
discussion
with
the
ATC
at
the
mean
field
for
defining
the
interface
that
ethnicity,
admin
should
implement
and
offer
to
could
mean
and
the
same
with
their
don
t.
So
my
request
here
is,
and
please
take
a
look
at
the
document
and
I
will
leave
the
document.
A
A
C
Of
the
questions
I
have,
though,
is
like
I.
Don't
want
to
force
this
if
it's
not
ready
right
like
and
if,
if
people
are
done,
the
backside
to
be
able
to
support
at
CDA
DM
and
to
have
all
the
eyes
dotted
and
t's
crossed
I.
Don't
want
us
to
be
yet
another
effort
that
we
kind
of
start
to
tread
into
and
then
all
of
a
sudden
we
own
right
I,
want
to
make
sure
that
there's
people
that
are
you
know
if
we
file
issues,
they
address
them
in
a
timely
manner,
and
then
we
are.
C
We
are
getting
what
we
want
out
of
the
sub-project
and
they
are
also
listening
and
being
considering
us,
like
you,
know,
first
class,
our
users
right
of
the
tool
so
I
just
want
to
make
sure
the
contract
is
clear
because
it's
often
this
weird
case
sometimes
we're
in
the
kubernetes
landscape.
If
you
kind
of
go
into
someone
else's
turf,
either
one
you
end
up,
owning
it
and
maintaining
it
or
two
you
get
into
these
weird
conflicts
and
then
have
to
maintain
some
roundabout
way
so
of
making
that
integration
work
right.
C
B
Agree
we
put
out
a
weekly
dopamine
with
the
site's
brought
to
the
document,
because
in
the
office
hour
of
the
two
sub
projects,
there
was
some
discussion,
so
they
started
some
discussion
and
of
course
they
are
not
expert
of
the
quasi
details
to
me.
So
this
documentary
the
primary
course
this
document
is
to
share
knowledge
and
to
address
the
discussion,
but
I
agree
the
timing
and
the
contractor
for
making
this
happening.
In
reality,
it
is
not
now
it
should
be
defined
and.
A
Personally
think
that
the
main
purpose
of
these
documents
is
to
educate
the
owners
of
the
sub
projects
of
how
we
see
the
integration
with
Cuba
diem,
how
qadian
bootstraps,
because
some
of
the
owners
do
not
know
exactly
the
details.
What
are
the
phases
of
cube
ADM?
So
it's
brainstorming,
slash,
educational
and
it's
very
early
for
both
projects
to
be
honest,
but
we
certainly
do
not
want
to
own
all
the
work
there.
It
just
is
just
the
conceptual
work
at
this
point.
No.
A
I'm
not
a
concern
I
have
is
that
in
these
documents
we
have
been
kind
of
selfish
in
terms
of
the
integration
between
the
bootstrapper
and
the
so
project
tools,
but
the
reality
is
that
we
have
to
keep
in
mind
that
projects
like
cops
I
also
want
to
be
a
consumer
cops
once
also
be
a
consumer
of
cube
ATM.
So
they're
like
a
lot
of
questions
related
to
the
ecosystem.
I,
don't
think
we
should
be
selfish
in
terms
of
defining
how
these
tools
should
be
consumed.
B
F
A
F
A
F
A
Alright,
so
the
next
item
is
a
c2
look
at
the
security
out
it
for
those
that
do
not
know
the
CSE
F
sponsored
the
security
audit
and
a
team
of
people
basically
went
through
the
kubernetes
codebase
as
much
as
they
can
and
they
found
some
problem
areas.
They
also
created
different
coastal
scenarios.
They
set
up
vagrant
things
like
that,
so
the
whole
list
is
here
at
the
bottom.
A
If
you
want
to
look
at
hot,
the
whole
list
of
items-
and
some
of
them
are
like
already
being
worked
on
being
closed,
some
of
them
are
more
sketchy,
but
in
terms
of
this
meeting
we
only
found
three
that
effect
cube
ATM.
Thankfully,
the
group
and
if
you'd,
keep
ATM
as
one
of
the
tools
so
I
wanted
us
to
quickly
discuss
these
items
in
the
meeting.
A
A
One
of
them
is
that
we
use
this
a
WK
scripting
magic
English.
It
and
it's
replaceable:
we
can
replace
this
with
some
gold
code.
I
think
it's
fine,
the
second,
so
this
is
the
day
that
the
part,
this
part
is
called
dangerous
and
mounting,
because
there's
a
there's,
a
wild
card
exploit
that
Linux.
Some
Linux
commands
consider
wild
cards
as
a
feature,
but
the
security
people
think
that
they
are
very
dangerous.
So
if
we
move
to
go
like
we
can
avoid
things
like
that,
we
can
avoid
command
injections.
A
The
second
is
basically
the
security
folks
do
not
agree
that
we
ignore
certain
arrows
in
the
reset
process
like
we
tried
to
stop
the
couplet,
but
if
we
cannot
stop
it,
tell
the
user
to
manually
try
to
disable
it
to
stop.
It
I
personally
think
that,
overall,
the
philosophy
of
research
should
be
that
it's
the
best
effort
command
and
if
something
does
not
succeed,
we
should
not
walk
and
exit
early.
The
reset
process
we
can
try
to
clean
as
much
as
possible,
show
warnings
where
we
can
and
yeah
really
best
effort.
They
yeah.
A
I,
don't
think
we
have
that
baby,
but
I
think
we
have
a
actually
I
think
there
is
a.
There
is
a
book
that
I
need
to
investigate.
We
have
infinite
advice
for
one
of
the
config
maps,
so
if
you
don't
have
internet
I
think
it
tries
to
connect
through
the
person
when
definitely
so
that's
another
problem,
but
I
I
was
hoping
that
we
can
agree
that
it's
a
best
effort
really.
Maybe
we
can
only
try
some
places
but
not
indefinitely
and
not
exit
early.
A
G
D
B
C
One
thing
that
we
don't
do
and
we
we've
documented
some
fundamental
tenants-
and
this
should
be
like
one
of
those
fundamental
tenants
about
the
behavior-
the
expectations
around
the
behavior
of
the
CLI,
like
we
always
Trump
up
that
Kure
DM
is
a
composable
unit,
for
you
know
MVP
of
bootstrapping
cluster,
and
we
should
make
you
know
some
high-level
statements
about
the
behavior
of
our
CLI
and
I
think
best
effort
finding
out
a
way
to
wordsmith.
That
properly
is
probably
a
good
idea
and
that
could
go
on
the
opening
page
right.
C
C
A
H
H
A
I
I
D
A
B
A
A
There
are
a
number
of
omission
problems,
so
he
modified
the
comments
here
and
then
these
permissions
from
seven
five,
five,
seven
hundred
and
sixty
six
hundred
forty
four
to
six
hundreds
rosti
also
commented
I
think
in
the
PR
that
he
does
not
find
any
other
problems.
So
this
one
is
not
already
closed.
I
guess
we
can.
Does
anybody
have
comments
on
this.
A
A
A
A
J
G
I
A
A
A
I
D
B
In
my
opinion,
who
they
are
asking
us
to
check
the
control
plane
so
checking
the
control
plane.
In
my
opinion,
we
need
an
announcer
from
the
API
server
and
probably
so,
if
there's
not
a
case
every
chance
for
him,
I,
don't
think
we
have
to
check
pull
the
AP
all
the
MSA
API
server
port,
because
it
is
a
hands-free.
A
Yes,
maybe
we
can
run
liveness
projects,
the
Arellano
co-host,
the
HTTP.
There
are
not
events,
they
don't
require
certificates.
We
can
just
create
a
client's
as
part
of
a
Wi-Fi.
Sorry,
as
a
part
of
a
pre-flight
check,
we
can
have
a
client
that
probes
the
ports
for
they're,
insecure
ports,
insecure
ports,
for
these
components,
and
basically
we
can
get
a
response
that
they
are
healthy.
So
we
can
simulate
the
liveness
probe
in
the
pre-flight
check.
A
D
Yeah,
but
in
order
to
have
a
service,
you
only
need
to
like
single
instance
of
API
server,
a
single
instance
of
schedulers
and
lists
of
control
manager
and
water.
So
you
don't
need
actually
all
the
instances
to
be
actually
active,
but
you
need
only
one
of
them
like
one
instance
and
of
each
kind
to
be
operating
at
this
point
of
time.
But.
I
B
A
B
A
H
And
this
is
more
of
a
question:
we
use
cout
atom
in
our
project
of
ours
and
we
depend
very
much
on
being
able
to
parse
out
the
cube,
Adam
config
and
apply
some
defaults
on
top
of
it.
That,
like
comes
to
queue
from
a
security
standpoint
and
with
the
latest
move
in
communities
with
the
go
modules
we
we
can't
pull
in
anything
from
cou
bottom
anymore,
and
so
you
know
long
term.
H
H
It's
something
with
the
way
that
they're,
actually
tagging
the
go
modules
for
so,
if
you
do
a
go,
get
against
the
main
kubernetes
repository,
it's
got
a
bunch
of
V
0,
dot,
0,
dot,
0
I'm,
not
sure
I,
quite
understand
how
it's
working
to
be
honest
with
you,
but
all
of
the
kubernetes
components.
If
you
go
to
the
bottom
here,
they
all
have
p
0
and
do
a
bunch
of
replacements
see
right
there,
and
that
just
seems
to
not
one
not
work.
A
H
Brought
it
up
in
the
cluster
lifecycle
awhile
back
and
there
was
a
ticket.
The
suggestion
was
that
we
need
to
move
cubot
I'm
out
of
tree,
and
there
was
the
ticket
brought
up
by
dims.
I
just
know
him
by
his
github
handle
I.
Don't
have
it
in
front
of
me,
but
it
it
was
all
around
move
at
it.
Moving
through
bottom
out
of
tree,
so
I
didn't
create
a
ticket
specifically
around
what
we
saw
because
of
the
recommendation
to
move
to
bottom
out
a
tree
would
fix
it.
So.
C
C
A
D
A
Instance,
importing
community
/
pkg
something
and
if
it
exhibits
the
same
problem,
then
this
is
clearly
a
repository.
/
go
mojo
problem
and
folks
should
have
a
look
at
it
in
terms
of
cube
ADM
moving
out.
They
pretty
much
deems
probably
had
the
impression
that
the
units
of
general,
yes
important
KK,
is
not
recommended,
but
we
still
like
in
the
code
organization,
so
project
of
seeker
he
texture.
A
A
E
A
Okay,
I
really
wonder
about
the
future
of
the
system:
validators
repose.
Sorry,
it's
not
clear
if
this
needs
refactoring
core,
if
cube
ADM
is
going
to
continue
using
it,
but
it
feels
to
me,
like
the
creation,
is
appropriate
to
this
point
and
once
we
start
sharing
the
repository
with
the
lot
integration
tests,
we
might
decide
like
a
maybe
we
should
stop
doing
this.
Validator
sinka,
video
but
I
think
it's
still
a
step
in
the
right
direction.
Yeah.
E
A
A
So
the
doctor,
which
is
working,
progress,
I
plan
to
add
some
gigantic
diagrams
here.
Okay,
so
you
can
have
a
look
at
how
we
think
the
other
line.
Storage
should
be
integrated,
or
at
least
the
requirements
from
the
standpoint
of
Cabiria,
something
else.
What
here
do
you
is
like
the
other
installer
a
final
name,
or
is
it
a
proof
of
concept.
B
We
started
this
document
to
collect,
let
me
say
to
breast
storm
and
then
collect
on
the
formation
that
we
have
on
out
today.
Cubed
million
works
in
with
regards
to
our
thoughts
and
also
with
regard
to
the
CCD,
had
me
in
another
document
and
so
collecting
this
information
and
sharing
this
information
is
the
basic
is
the
basic
for
designing
the
integration.
So
probably
you
as
soon
as
we
agree
on
the
content
on
this
document
writing
a
cap
will
be
much
more
easier
and
linear.
A
A
B
A
B
A
Know
sometimes,
some
users
simply
not
happy
with
how
the
earth
is
turning
around.
We
are
just
project
managers.
We
cannot
really
make
everybody
happy
they.
If
they
have
problems,
they
should
walk
tickets.
The
repository
tracker
is
open
and
we
can
discuss
it
on
the
ticket.
You
know,
instead
of
trying
to
contact
people
individually.
That's
my
opinion
agreed.
A
K
K
One
of
the
things
that
I've
noticed
we
set
for
news
with
cube
a
DM
is
that
the
validation
fails
whenever
you're
using
set
bundles.
So
during
the
pre-flight
check,
one
of
the
things
now
is
the
validation
and
I
just
wanted
to
find
out.
If
there's
any
plans
to
actually
implement
anything
to
validate
for
set
upon
news,
I.
A
K
So
yes,
we,
we
have
a
set
bond.
Oh
so,
basically,
it's
an
external
CA
with
CA
said
that
the
CAE
created
and
just
when
you
run
a
cube
medium
in
needs
with
all
other
certificates
generated
when
it
gets
to
the
point
where
it
validates
the
the
cube
admin.com
versus
the
one
that
cube
a
DM
generates.
That
is
the
PM
file.
It
just
errors
off.
So
then
you
get
an
error
saying
that
co2e
certificates
are
not
equal
to
each
other
and
then,
when
I
looked
into
where
that
call
was
happening.
K
What
I
realize
is
that
what
is
being
done
with
this
certificate
generated
by
cube
ATM
is
that
is
checking
the
for
little
faucets.
Only
the
four
sets
inside
of
this
certificate
notes
PM
fart
certificate
to
the
sense
bar
that
is
created.
So
as
a
result
of
that,
if
you
had
a
change
set,
it
would
automatically
filter
an
invalidation.
B
Interested
if
the
issue,
we
will
explain
how
to
reproduce
this.
This
problem
I
because,
let
me
say,
supporting
the
CAA
with
Massey.
A
bundle
is
also
an
enabler
for
getting
to
the
point
where
we
support
CAE
rotation,
yeah,
so
I'm,
technically
interesting
in
understanding,
better
the
program
and
being
able
to
reproduce
and
to
fix
it.
K
A
K
A
A
A
C
C
If
you
really
want
to
do
see
a
rotation,
you
need
to
really
think
that
through
and
potentially
this
could
be
a
state
space
for
an
operator
like
when
we
actually
create
the
cuvette
diem
operator,
which
we
know
is
going
to
come,
is
that
potentially
we
could
do
this
type
of
behavior
in
an
operator,
but
I
would
recommend
it
being
done
there
more
than
where
else
and
they
built
an
operator
for
OpenShift.
That
does
exactly
that
from
the
update,
foresee
a
rotation,
but
it's
it.
It's
it's
funny.