►
From YouTube: SIG Cluster Lifecycle 2021-06-01
A
A
B
Hey,
I
can't
remember
if
I've
actually
attended
this
one
before
or
not,
but
john
mcginnis
I've
been
been
trying
to
help
out
where
I
can
getting
involved
so
hopefully
I'll
be
around
more
often.
A
C
So
this
is
a
question
mark
for
justine
and
we
discussed
it
sometime
ago
about
the
fact
that
that
chaops
is
starting
to
use
to
experiment
about
the
dawns.
C
I
had
a
look
at
dpr
and
if
I
remember
also
leave
some
comments
but
yeah
the
the
the
main
point
here
is
that
that,
as
a
kubert
mean
team,
we
would
like
to
to
follow
and
to
leverage
on
the
add-on
project.
But
it's
kind
it's
kind
of
difficult,
because
we
are
not
aware
that
if
there
is
a
document
that
define
how
this
integration
should
happen,
so
we
cannot
evaluate.
If
this
can
work
for
kubernetes
mean
or
not,
and
then
we
cannot
what
is
really
important.
C
D
Yeah
I
mean,
I
think,
on
the
add-on
site
itself.
We
have
a
wealth
of
documents.
We
have
almost
too
many
such
that
you
can't
find
the
documents
for
the
documents
there's
like
a
bunch
of
them,
because
it's
been
going
on
for
years
on
the
consumption
of
add-on
side.
It's
trickier,
we
don't.
D
We
have
the
beginnings
of
a
plan,
but
we
don't
have
a
ton
of
information
and,
like
part
of
it
was
we
had
an
initial
version
of
that
pr
and
we
got
some
feedback
from
people
that,
like
they
didn't
like
the
security
model,
for
example,
and
so
we
had
to
sort
of
loop
back
and
change
bits
about
the
security
model,
and
so
we're
sort
of
trying
that
now
and
seeing
how
that
works,
and
if
that
works,
we'll
have
to
you
know
like
update
add-ons
and
then
update
the
consumption
bit.
D
It's
it's
difficult
like
one
of
the
downsides
of
working
in
multiple
projects.
Is
that
we
don't
have
you
know
we
don't
have
a
way
to
make
changes
across
them
in
an
efficient
way.
It
would
be
nice
to
have
such
a
dock.
I
don't
know
that
we
are
yet
in
a
position
to
write
such
a
dock.
C
C
I
I
think
that
the
idea
of
delegating
a
responsibility,
basically
to
the
done
itself
for
for
part
of
of
the
work
of
creating
the
cluster
or
upgrading
the
cluster
or
stuff
like
that,
is
the
right
idea.
C
There
are
many
many
way
to
do
so
and
we
can
discuss
how
to
do
this
securely,
because
yeah
shelling
out
to
docker
is
it's
kind
of
weak,
but
there
are
alternatives
and
stuff
like
that.
What
is
what
is
really
interesting
is
that
if
we
look
for
instances
the
problem
from
the
kubernetes
point
of
view,
for
instance,
we
have
the
kind
of
the
need
to
have
different
type
of
communication
and
make
you
an
example.
C
D
Yeah
that'd
be
that'll,
be
great.
Actually
I
can
try
to
put
together
a
doc.
I
don't
know
where
I
should
live.
I
guess
in
the
cluster
add-ons
project
like
how
to
consume
it,
and
then
we
can
sort
of
like
work
on
that.
I
guess
together
or
like
you
know
like
discuss
it
there.
I
think
the
need
to
produce
the
manifest,
for
this
reason
is
like
for
to
find
the
images
is
why
we
have
to
why
we
currently
exec
docker
in
that
in
that
scenario,
but
yeah.
D
I
certainly
hear
the
the
concerns
and
we
haven't
also
dealt
with
image
remapping
in
add-ons
so
like.
If
it's
a
built-in
manifest
that
that
chaos,
for
example
controls,
then
we
can
obviously
remap
the
the
images.
But
if
it's
in
an
operator
there's
no
current
support
in
add-on
operators,
cluster
add-ons
to
remap
images
for
mirroring
purposes,
so
yeah,
that's
a
that's
a
missing
feature
as
well.
D
C
Yeah,
this
will
be
great
and
also
yeah.
Probably
I
already
commented
in
the
pr
about
these
using
docker
and
docker.
Exec
is
kind
of
tricky
if
I
think,
for
instance,
the
cluster
bi,
where
we
have
machine
that
have
only
container
d,
so
yeah
also
such
kind
of
mechanics
should
should
be
part
of
the
document,
but
but
yeah.
I
I
really
agree
and
praise
this
effort
happy
to
contribute,
if
possible,.
D
Yeah
we
just
did
the
the
docker
exec
was
the
mvp
as
it
were,
of
getting
the
first
thing
working
and
yes,
I'm
hoping
that
we
will
have
well
containery
support,
definitely
but
also
in
general,
being
able
to
run
inside
a
container
is
important,
like
you
know,
in
general,
like
for
cluster
api
or
for
people
that
run
in
a
ci
environment
that
it
happens
to
be
in
a
container.
I
feel
like
this.
This
requirement
is
actually
sort
of
one
of
the
big
weaknesses
of
I
guess
docker
right.
D
It's
that
it
doesn't
compose
right.
You
can't
you
can
run
a
container
everywhere,
except
in
a
container.
So
like
kubernetes
is
the
one
place
you
can't
run,
containers
or
inside
containers.
You
can't
run
containers
as
it
were,
which
is
sort
of
a
bit
of
a
like.
Oh
yeah,
that's
that's!
So
we
and
that's
that's
getting
solved
at
a
technical
level
with
with
things
like
c
groups.
Two,
I
think,
and
some
of
the
rootless
stuff
I
think,
is
gonna
help,
but
it's
not
quite
universal.
D
Yet
so
I'm
thinking
we
can,
I'm
hoping
we
can
find
a
way
to
do
that.
Hopefully,
produce
a
library
that
is
like
broader
than
just
cluster
add-ons
and
and
this
that
we
can
use
everywhere
to
safely
run
a
sandboxed
container
wherever
you
may
need
it,
okay
and,
and
that
will
sort
of
solve
the
nesting
problem
that
has
sort
of
constrained
us
a
lot
for
a
very
long
time.
E
It's
you
know
worth
noting
that
I
didn't
mean
the
ctr
command
line
tool.
I
mentioned
it
in
particular,
because
there's
a
new
command
line
tool
called
nerd
ctl.
That
is
a
container
the
official
project
that
you
can.
It's
got
the
same
cli
interface
as
stalker.
F
E
That's
not
going
to
be
available
normally
on
a
development
machine,
unfortunately,
or
inside
of
the
ci
runner,
and
unless
you
modify
the
container
d
installation
to
have
the
cry
plug-in
so
for
the
use
case
of
like
yeah
executing
a
container
in
a
machine.
That's
running
cops
outside
of
the
cluster.
A
But
this
works,
the
nerd
city
of
command
works
only
with
container
d.
A
D
The
the
thing
I
mean
so,
I
think,
for
running
on
the
the
user's
laptop
as
it
were.
I
I
imagine
we
can
have
a
library
that
can
exec
either
you
know
well
any
or
all
of
these
tools
I
think
for
running
in
a
pod,
I'm
hoping
we
end
up
with
the
ability
to
like
just
just
spawn
a
c
group
or
whatever
a
child
c
group
or
a
child
set
of
namespaces,
and
then
eventually
that
will
be
allowed,
and
so
we
won't
need
docker
or
anything
to
do
that.
D
We
won't
rely
on
piping
that
through
or
another
way
to
look
at
this
would
be.
We
would
run
container
d
in
a
pod
would
be
another
way
to
look
at
it,
which
I
think
is
similar
to
the
rootless
work.
D
And
I
think
that
that's
another
option
as
well-
I
think
you
know
like
I
think
that
that
requires
some
extra
permissions,
but
I
think
it's
a
good
option
and
I
think
you
know
this
is
why
we're
probably
going
to
end
up
with
a
library
that,
like
supports
multiple
of
these
strategies
until
we
have
it
universally
available.
E
Yeah,
I
believe
that
that's
the
compute
model,
typically
so
that
anything
that
the
workload
does
is
observable
through
the
kubernetes
api,
because
if
you
want
like
the
kubelet
to
run
something-
and
you
want
to
take
advantage
of
all
the
off
helpers
and
everything
that's
been
configured
on
the
node
at
a
runtime
level,
then
you
can
use
the
kubernetes
api
without
having
to
worry
about
any
of
the
details.
D
Yes,
it's
I
think
it
becomes
a
question
of
like
what,
if
it's
doing
like
effectively
a
said,
a
single
set
operation.
Do
I
want
to
launch
a
pod
to
do
a
single
set
right
like
that's
getting
a
little
bit,
certainly
for
more
complicated
ones
absolutely,
but
for
what
is
effectively
glorified
string
substitution?
E
I'm
not
sure
why
it
would
be
like
a
performance
optimization,
because
it's
mostly
a
bootstrap
sort
of
thing.
A
D
D
And
so
the
obvious
easiest
thing
to
do
is
to
have
the
operator
be
able
to
generate
the
manifest
whether
it's
running
in
the
cluster
or
whether
it's
running
at
generation.
Time.
E
Another
way
to
think
about
it
is
like
on
a
normal
linux
computer.
You
might
run
your
package
manager
with
pseudo
privileges
and
your
package
manager.
It
just
executes
one
time
and
it
reconciles
the
packages
as
the
privileged
user
and
then,
after
that,
it's
not
running
on
your
system
and
you
can
achieve
a
similar
thing
by
letting
a
temporary
reconcile
loop
run
with
pseudo
privileges
effectively
in
your
cluster,
except
it's
constrained
with
arc
instead
and
then
after
you're
done
reconciling
the
package,
it
goes
away
and
there's
nothing
left.
E
That's
privileged
inside
of
your
cluster,
that's
consuming
cpu
cycles
and
acting
with
permissions
that
are
undesirable.
A
A
And
else
we
can
do
it
on
the
user
host
but
again
the
problem
is
we
don't
know
what
category
type
to
use.
D
Yeah,
I
mean,
I
think
I
think
we
want
to
support
multiple
environments,
which
is
what
I
think
we're
going
to
end
up
with.
So
like.
I
have
this
like
proof
of
concept,
pr
which
only
supports
docker,
exec
or
docker
run.
D
I
can't
remember,
docker
run,
I
think,
like
literally
shelling
out
to
it-
and
I
think
you
know,
a
lot
of
people
were
like
well
what,
if
I
use
container
d
or
what,
if
I'm
running
in
a
pod
or
all
these
things,
I
think
they're
all
legit
legitimate
options,
and
I
I
suspect
we
will
end
up
with
a
library
that
supports
the
various
ways
of
of
running.
D
You
know
a
container
when
you're
in
a
kubernetes
cluster,
when
you're
on
the
laptop
when
you
have
docker
or
container
d
or
cryo
or
whatever
it
is
available
like
these,
are
all
different
options.
C
We
are
solutioning
now,
but
I
think
that
the
point
is
that
we
have
to
make
this
interaction
between
the
installer
and
the
kubernetes
bootstrap
and
their
dawn
component
kind
of
define
it.
So
they
could,
they
don't
implement
or
know
which
service
they
have
to
offer,
and
we,
as
a
consumer,
we
know
how
to
interact
with
potentially
any
add-ons.
D
We
do,
but
only
when
only
when
the
cluster
has
been
created,
and
this
typically
happens
if
we're
talking
about
creating
the
manifest
that
happens
before
the
cluster
is
created.
D
A
D
C
We
have
to
see
two
tourism
on
a
document
or
a
proposal,
but
I
don't
think
so
because
castle
api
is
just
delegating
the
work
to
kubat
mean,
and
so,
if
kuberne
can
manage
these
cluster
bi
commands
as.
A
Well,
just
to
to
summarize,
we
have
investigated
other
options
like
hosting
the
manifest
outside,
because
essentially,
people
have
to
pull
the
container
image
from
somewhere
and
the
same
place
is
not
the
right
place
to
store
the
manifest.
D
The
the
challenge
is
that
most
of
the
manifests
have
some
degree
of
templating
or
some
degree
of
parameter
injection,
perhaps
not
a
lot,
and
perhaps
we
could
try
to
find
a
way
to
not
require
execution
to
do
that.
But
we
have
not
in
general,
found
one
so
far.
A
D
A
I
searched
my
email
box
and
I
didn't
find
any
notifications
from
the
any
of
the
six
or
some
of
the
organizers
see
kubecon
that
we
have
in
various
kubernetes
six.
So
we
didn't
get
any
information
about
the
maintenance
track.
This
time
it
was
not
clear
what
is
what
are
the
deadlines
and
whether
the
process
has
changed.
A
D
Oh
sorry,
I
can
see
we're
both
like
I
mean
I
think
I
think,
there's
a
lot
of
interest
like
because
it's
the
the
great
return
to
in-person
or
in
person
and
remote,
but
everyone's
excited
about
it,
and
I
think
everyone
would
like
to
submit
talks
for
it.
Certainly
on
the
k
up
side.
C
Yeah,
I
I
think
that
what
we
need
to
get
some
news
from
the
cncf,
because
it
really
depends
if
we
can
send
to
project
as
a
sig
or
if
each
project
has
the
right
to
send
its
own
talk.
So
it
really
depends.
Last
time
we
stretched
a
little
bit
the
the
rules
and
they
the
talk,
was
accepted.
C
A
If
my
understanding
from
the
last
time
is
correct,
the
rules
are
that
every
su
project
of
a
sikh
can
submit,
which
means
that
all
of
our
subprojects
are
eligible.
The
problem
is
again
that
we
didn't
get
the
email
to
understand
if
the
rules
have
changed.
So
I
don't
know,
I
just
told
media
to
email
the
cncf.
A
A
Yeah
the
cfp
deadweight
was,
I
think,
a
couple
of
weeks
ago,
but
browsing
the
website.
I
cannot
find
the
information
about
the
maintenance
track.
There's
just
a
mention
that
the
process.
E
C
F
A
Give
it
your
in
the
parallel,
do
you
know
edited
about
the
potential
track?
No.
C
No
yeah,
I
I
don't
have
the
info
also
that
the
the
panel
I'm
not
on
one
of
the
the
chair,
I'm
just
I
helped
to
review
a
couple
of
cfp
and
and
to
make
a
first
selection,
but
this
happened
mostly.
E
Offline,
my
recollection
from
most
of
the
previous
kubecons
is
like
it's
sort
of
halfway
from
cfp
to
the
actual
conference.
That's
when
we,
you
know
kind
of
finalize
the
sake
talks,
because
then
the
pro
the
program
committee
is
like
finalizing
the
schedule
and
knows
how
much
space
to
reserve
and
that
sort
of
thing.
E
But
I
think,
like
the
blockers
up
front,
are
yeah
figuring
out
how
to
distribute
the
you
know:
kind
of
community
talks
like
finding
the
right
sponsors
and
that
sort
of
stuff
those
are
like
the
like
the
big
rocks
to
put
in
the
jar
and
then
yeah
they
kind
of
fill
in
the
rest
of
the
conference
schedule
and
make
sure
that
it
fits
with
all
of
the
sick
stuff.
E
But
maybe
that's
feedback
for
the
conference
team
to
include
some
input
from
the
six
earlier
on
or
something
like
that.
A
A
If
somebody
watches
this
video,
they
can
try
submitting
or
asking
questions
that
that's
all
we
have
for
this.
Any
questions
for
this
topic.
C
Here
yeah:
this
is
a
follow-up
of
discussion
that
we
had
some
time
ago
and
and
basically
the
the
back
thinking
is
that
we
have
a
lot
of
sub
project
and-
and
some
of
them
are,
are
not
showing
up
in
this
meeting
not
regularly
and-
and
this
basically
force
us
and
detect,
and
the
secret
to
collect
information
in
a
kind
of
cool
way
when
it
is
required
by
the
the
project.
C
Governance
for
the
annual
report
started
that
so
I
I
think
that
we
should
some
somehow,
as
a
lead
of
the
sig,
start
soliciting
feedback
with
feedback
from
the
from
the
project
asking
them
to
fulfill
something
which
is
similar
to
the
annual
report.
So
are
you
doing
triage?
Are
you
updating
your
owner
list
and
stuff
like
that?
So
a
quick
question,
and
then
we
we.
We
should
ask
them
to
to
come
here
and
report
periodically.
A
C
C
A
A
What
I
don't
like
is
that
it's
going
to
be
chore
for
the
projects,
another
another
work
item
for
people
and
we
can
experiment,
but
are
you
suggesting
that
we
create
a
template
for
a
report.
A
A
This
is
the
list
of
subprojects.
Quite
frankly,
I
think
that
coaster,
api
as
a
umbrella
project
for
a
number
of
providers
of
different
shape
and
forms,
should
be
the
umbrella
collector
of
the
reports
of
all
those
providers,
which
means
that
if
we
ex,
if
we
adopt
this
model,
we
don't
have
that
very
sub
projects.
A
But
the
report
is
going
to
be
useful.
I
think
one
question
is:
should
we
as
a
kubernetes
project,
should
we
get
this
template
approved
by
steering,
because
steering
was,
though,
was
a
group
that
created
the
sick
update?
So
maybe
a
subproject
update
is
something
that
steering
should
approve
and
we
can
apply
it
to
the
project
as
a
whole.
A
So
what
what
probably
with
with
sequence
lifecycle,
is
that
we
are
more
distributed
way
more
distributed
than
the
other
six
other
six
actually
know.
What's
going
on
with
the
super
projects,
because
it's
like
the
same
leads
participates
in
every
subproject.
C
A
Yes,
we
can
do
that,
but
I
think
we
shouldn't
invent
the
wheel
again
to
do
our
own
thing.
I
think
if
we
are
doing
some
project
updates,
this
should
be
like
a
common
model
that
works
for
the
whole
kubernetes
project.
D
I
think
that's,
I
think
it's
reasonable
to
do
that.
I
think
I
think
one
of
the
nice
things
that
I
I
don't
want
to
lose
is
the
idea
that
we
try
different
things
in
different
sub-projects,
and
so,
if
there's
a,
if
there's
a
model
like
a
heavy
model,
some
some
some
projects
have
very
heavy
models,
sometimes
they're
very
lightweight
models,
and
I
think
partly
that's
the
life
cycle,
but
part
is
their
just
style
and
I
think
historically,
when
steering
or
architecture
or
api
machinery
have
tried
to
dictate
things
and
apply
them
to
all
projects.
D
It
has
basically
failed
and
like
it's
it's
very
great
in
theory
and
utterly
impractical
in
practice,
and
so
I
would
like
to
try
to
keep
the
idea
that
you
know
the
sigs.
That
are
the
subjects
that
are
sort
of
really
actually
doing.
The
work
can
produce
ideas
that
bubble
up
and
we
shouldn't
try
to
impose
too
much
rigidity
on
them.
D
D
I
mean
I'd
suggest
if
we
it's
also,
I
think,
it'd
be
fine
to
give
ever
all
the
all
the
sub
projects,
the
questions,
but
not
necessarily
expect
you
know
complete
answers
right
like
I,
don't
think
we
want
to
be
in
a
position
to
have
to
edit
or
like
fill
in
gaps
so
right
exactly
so,
we
might
as
well
might
as
well
give
the
sub
projects
the
the
questions
and
then
allow
them
to
to
answer
as
as
appropriate
for
their
what
they
have.
A
I
mean
it's
if
we
create
this
set
of
questions.
That
is
my
point.
If
you
create
the
set
of
questions,
is
that
something
that
we
should
get
approval
for,
or
are
we
doing
our
own
thing.
C
No,
the
point
is
that
we
should
not
create.
There
is
a
radius
set
of
question.
We
should
decide
if
to
forward
the
same
set
of
question
or
eventually
to
to
reduce
it
a
little
bit
in
order
to
make
it,
let
me
say
more
digestible
for
the
first
iteration,
but
I
don't
want
to
reinvent
questions.
I
want
to
use
the
same
template
that
we
use
from
there
or
not
and
from
their
own
work.
Well,.
A
C
C
A
The
biggest
challenge
steering
faced
was,
in
my
opinion,
in
my
from
my
observability,
is
that
they
had
difficulties
pinging
individual
groups
to
provide
the
report
in
time.
So
this
is
going
to
be
the
same
problem
here
like
who
is
going
to
communicate
with
all
the
su
projects,
and
I've
done
this
in
the
past.
What
I've
done
is
I
go
to
the
select
channel
and
try
to
ping
maintainers
that
match
our
owner
file,
name
to
a
slack
name.
A
C
Look,
I
I
don't
think
what
I
don't
want
is
is
a
is
a
hard
coded
process
or
a
strict
process,
because
it
does
not
make
sense.
However,
I
I
think
that
that
we
we
should,
if
for
a
sub
project,
we
are
not
able
to
find
the
the
project
owners
and
they
are
not
answering
in
the
channel.
This
is
a
this
is
a
ring
bell
for
for
this
project.
C
Look,
it
will
be
great
if
you
can
find
a
template
that
we
had
for
the
annual
report,
and
maybe
we
copied
this
on
on
a
google
document
and
we
we
make
a
quick
pass,
trying
to
see
if
it's
possible
or
if
it
makes
sense
to
simplify
it
and
and
then
we
start
with
with
with
the
project
in
alphabetical
order.
A
Sure
I
can
do
that.
I
still
I'm
kind
of
hesitant
about
not
notifying
steering
about
this
inventing
our
process
is
kind
of
selfish.
C
A
A
C
Yeah,
thank
you
so
quick
update
from
cluster
api.
We
are
we.
We
have
started
the
the
preparations,
less
consolidation
of
the
project
in
looking
for
having
the
first,
we
want
for
four
prelisa,
probably
in
the
second
week
of
of
of
dixon
this
month,
and
all
the
release
blocking
changes
are
already
measured
as
of
today,
except
one
which
is
already
being
worked
and
reviewed,
and
then
the
test
grid
seems
in
good
shape,
even
if
we
are
still
chasing
some
some
some
flakes.
C
So
things
are
good
so
far,
and
hopefully
we
can
get
our
first.
We
want
four
releases
soon.
C
Yeah
feature
basically
feature
freeze
or
or
or
the
stop
of
breaking
change
happened.
One
month
ago
when,
when
we
consolidated
the
list
of
proposal
for
v1
alpha
4
and
after
that
date,
we
allow
new
changes,
but
they
should
not
be
breaking
the
api
or
the
contract
and
everything
reflected
in
the
release
can
fit.
But
breaking
changes
are,
are,
let
me
say,
blocked.
A
Okay,
moving
to
cube
adm,
I
added
a
couple
of
notifications
here:
v1
beta
3
is
making
good
progress.
We
are
mostly
done
with
the
high
priority
work
for
this
api
release
remaining
items,
as
per
the
cap
update
that
we
made
related
to
this
api
change
are
mostly
best
effort.
The
remaining
items
are
a
best
effort
at
this
point.
Rootless
control
plane
is
making
a
good
progress.
This
is
a
something
that
a
google
contributor
is
helping
us
with.
A
We
have
to
include
them
in
the
packages,
and
so
I
wrote
some
tools
to
actually
parse
and
edit
past
wd
files
and
the
atc
group
file,
which
is
fine
as
long
as
kubernetes
run
this
route.
But
if
we
stop
running
the
kubernetes
binaries,
we
are
going
to
face
the
problem
where
we
have
to
let
users
specify
the
the
groups
and
users
explicitly,
but
that's
maybe
for
the
future.
I
just
wanted
to
mention
that
quebec
is
really
trying
to
be
dystrognostic.
A
We
are
not.
We
don't
want
to
step
into
the
distro
fire.
It
has
been
a
big
mess.
We
are
avoiding
it
yeah
any
questions
or
comments
for
comedian.
D
Just
on
that
last
note,
chaos
has
the
same
thing
and
we
we
also
edit
the
password
and
groups
files
that
directly.
If
I
recall
correctly,
oh
so,
you
already
have
the
same
tools
that
we
wrote,
I'm
pretty
sure
I
was
just.
I
was
just
trying
to
check,
but
yes,
I
we
certainly
came
to
that
conclusion.
That
shelling
out
was
generally
a
bad
idea
or
was
just
like
a
harder
thing
to
do
than
than
managing
the
tasks
directly.
I
would
try
to
find
it
and
paste
it.
A
I
I
spent
some
time
writing
this,
I
would
assume
will
probably
is.
Your
version
is
probably
well
written
done
by
because
I
was
working
on
five
different
things
at
once,
but
yeah
I
we
already
have
this.
I
actually
I
asked
the
contributor
to
review
my
code
and
hopefully
we
can
get
it
merged,
but.
D
Actually,
I
take
it
back,
we
actually
call
user
ad
there.
So
we
we
don't.
We
don't
have
different
ones,
we
do
we,
we
call
exec
there,
I
think
elsewhere.
We
are
these
pars,
the
groups
file,
but
the
code
is
here.
A
A
Yeah,
it's
a
busy
box.
You
know
it's,
it's
not
the
only
offender,
for
instance
the
file
with
this
atc
watching
devs,
which
contains
the
collection
of
constants
definitions
around
linux,
user
limits.
For
instance,
the
system
range
starts
from
100
to
1000.
A
This
file
is
completely
missing
on
some
distance,
and
so
the
specifications
around
linux
are
explicitly
saying
that
some
of
these
files
must
exist
for
a
distribution
to
say
that
it's
somehow
related
to
unix
but
yeah.
It's
a
it's
a
mess,
so
we
wrote
our
own
tools,
I'm
hoping
that
we
can
merge
this
and
get
something
for
the
alpha.
A
All
right
justice
for
cops.
D
Yes,
so
we
are
sort
of
in
a
new
feature,
type
phase
in
our
like
product
cycle,
and
so
people
working
various
different
things.
We
are.
We
got
our
first
like
the
add-on
support,
merge
behind
a
feature
flag.
So
we
are
experimenting
with
that.
Hopefully
getting
to
the
point
where
we
can
write
a
design
dock
when
we
have
more
of
a
design,
there
is
some
work
going
on
to
enable
ipv6
in
on
aws.
D
I
think
it's
only
for
nodes
is
what
we're
talking
about
for
now,
but
I
think
that's
a
first
step
but
yeah
getting
that
and
then
also
we
are
having
to
enable
well
feeling
that
we
should
enable
working
towards
enabling
csi
by
default.
There
is
a
planned
deprecation
of
the
entry
storage
coming
soon,
so
we
are
reluctantly
working
towards
doing
so,
but
we
don't
be
the
first
ones
to
do
it,
but
we
will.
We
will
we're
at
least
we're
going
to
make
it
possible.
D
I
don't
know
if
kuberium
currently
uses
csi
on
hs,
for
example,
yeah.
A
We
decided
a
bit
from
either
civic.
We
don't
have
to
do
anything
on
the
cubed
website.
A
Based
on
the
reports
that
somebody
joined
here,
the
sigmatic
and
said
we
are
doing
this
change
to
csi
from
biology.
We
don't
have
to
do
anything.
We
cubed
him.
D
That's
possibly
true,
like
I
mean
chaos
is
very
you
know,
holistic
and
tries
to
manage
everything
and
so
guides
users
through
it
when,
when
the
entry
migration,
when
the
entry
storage
is,
is
fully
deprecated,
then
yes,
if
users
install
the
csi,
then
everything
should
just
work.
The
we
would.
We
historically
have
found
that
like
leaving
it
to
the
last
minute,
has
surfaced
a
lot
of
last-minute
issues
at
the
last
minute
and
that's
not
good,
and
so
we
try.
D
We
want
to
make
it
possible
to
enable
the
csi
easily
before
the
version
where
there's
no
going
back
type
thing,
so
we
wanted
to
csi
would
be
an
add-on
that
we
would
have
to
install,
and
so
we
want
to
support
that
add-on
in
a
managed
configuration
and
then
we
would
also
turn
off
explicitly
turn
off
the
entry
storage.
D
A
D
D
You
know
an
upgrade
test
where
we
run
an
older
version
of
k,
ops
and
kubernetes,
and
upgrade
to
a
newer,
newer
version
of
chaos
and
kubernetes
that
is
not
using
or
is
using
csi
and
is
not
using
the
entry
storage
so
sort
of
like
a
real
world
scenario
and
hopefully
get
some
signal
on
that,
because
there
are
some
tests
in
csi,
but
they
are,
I
think,
for
example,
like
one
version
of
kubernetes
like
they
just
test,
they
just
flip
it
as
it
were.
A
Are
you
communicating
this
test
idea
with
six
storage
because
I
you
know
normally,
I
expect
six,
some
of
these
cars
owning
six
to
communicate
with
deployers
and
test
frameworks.
How
they're
going
to
test
upgradeability,
especially
around
the
introduction
of
complicated
new
features
like
survise
tokens
bound
to
volume-
and
you
know
deprecation
of
csi
things
like
that.
D
A
D
Historically,
the
sigs
have
not
the
non-user
facing
sigs
have
not
necessarily
sought
that
signal.
I
agree
with
you
that
it
would
be
nice.
We
could
also
yeah
we
could
try
to
like.
D
I,
I
don't
know
what
the
impact
of
the
production
readiness
review
is,
or
whether
that's
a
sig
or
whatever.
That
is
whether
it's
going
to
raise
the
bar
as
it
were,
on
the
requirements
for
this.
A
I
think
it's
a
super
project
and
I
have
not
seen
the
csi
deprecation
kept,
but
I'm
hoping
that
they
filled
the
questionnaire
for
the
pr,
because
that's
that's
the
biggest
question
like
how
do
you
upgrade
the
cluster?
If
you
now
have
to
do
this,
like
it's.
D
Interesting,
I
mean
they
certainly
have
have
a
mechanism
to
to
do
that
in
theory.
I
just
don't
know
how
much
it
has
been
battle
tested
right
and
like
the
goal.
The
goal
of
the
goal
of
enabling
csi
in
advance
is
that
users
could
opt
into
battle
testing.
I
don't
expect
many
to
do
so,
but
also
we
can
like
start
to
get
into
some
ed
testing
and
start
to
like
hit
real
world
scenarios
and
start
to
like
try
out
you
know.
Well,
we
don't
support
alpine.
D
I
don't
think
but
like
try
out
like
centos
or
whatever
it
is
and
see
if
it
works
there.
A
Yeah,
that's!
This
is
very
important
for
bristol.
Do
you
have
any
plus
for
around
this
csi
change?
I
thought
you
have
an
issue
in
questor
api.
C
A
I
mean
it's
up
to
the
providers.
I
think
it's
not
core
question
api.
It's
up
to
the
providers
to
decide
what
they're
going
to
do.
A
All
right
any
questions
for
cops
before
we
end.