►
From YouTube: 20200323 - Cluster API Provider AWS Office Hours
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
B
A
That
the
kubernetes
guidelines
are
in
effect
here,
so
in
general,
please
be
excellent
to
one
another,
all
right
so,
first
off,
if
you
have
any
topics
that
you
want
to
bring
up,
please
go
ahead
and
add
them
to
the
agenda
and
feel
free
to
add
yourself
to
the
attending
list.
If
I
can
find
the
chat
window,
I
can
go
ahead
and.
A
Alright,
so
the
first
PSA
that
we
had
today
last
week,
we
released
version
0.1,
mostly
a
bug,
fix
release,
but
it
did
add
a
minor
new
feature
that
loosened
the
way
that
we're
doing
the
image
lookups.
So
if
somebody
is
building
their
own
image
with
the
image
builder,
others
more
flexibility
and
how
they
named
the
image
for
us
to
be
able
to
look
it
up,
it's
completely
backwards
compatible.
So
there
should
not
be
any
issues
with
the
existing
images
or
compatibility
of
images
with
older
versions.
At
this
time,.
A
C
Is
this
is
my
ok
great
go
ahead?
Matt
yeah,
hey
guys,
my
name
is
Matt
I've
been
kind
of
working
on
the
side
on
a
merge
request
for
a
capability
in
the
way
credentials
and
roles
are
assumed
in
AWS
and
part
of
this
came
out
of
in
specific
environments
where
roles
need
to
be
assumed,
rather
than
specified
in
a
credentials
file
so
just
kind
of
from
a
high
level.
C
C
So
this
is
my
first
SiGe
meeting
so
I'll
just
kind
of
get
the
lay
of
the
land
and
wanted
to
maybe
bounce
some
ideas
on
what
the
best
way
to
do.
That
is
right.
Now,
I
kind
of
just
created
a
config
file
and
specify
like
in
create
great
config
map
from
file
and
read
it
that
way
in
the
customize.
But
if
there's
any
better
ways
or
any
alternatives
that
might
be
easier
for
the
documentation
or
the
installation
guide.
I'm
happy
to
take
suggestions
also.
C
Jason
and
thinking
that
I
have
a
question,
so
let's
say
I
don't
have
a
config
file.
What
happens
with
the
everything
that's
generated
and
the
config
map
generator.
Does
it
blow
up
or
does
it
just
work
and
deploy,
because
I
know
that
the
deployment
also
is
specifying
the
volume
amount
from
the
config
map?
So
what
happens
if
it's
not
there,
so
when
I
tested
it,
it
it'll
just
create
a
config
map
with
a
like
default
it'll,
be
a
blank
file.
There'd
be
nothing
in
it.
It's
not
optimal.
A
D
B
D
D
Yeah,
so
we
would
need
to
change
cluster
AWS
ADM
as
well
too,
and
then
we
can
get
with.
We
can
have
a
single
way
to
configure
credentials
by
file
yeah,
not
sure
what
that
would
be
an
API
change,
but
then
I
also
see
majority
users
are
just
going
through
two
workflow
as
well,
and
it
might
not,
they
might
not
even
notice.
D
C
I
am
going
to
guess
that
99%
of
production
deployments
or
ideally
a
hundred
percent
of
production
employments,
are
not
going
to
use
credentials
for
this
for
any
real
cap
deployment.
So
maybe
we
treat
the
credentials
based
deployment
option
as
a
one-off,
even
though
it's
still
probably
going
to
be
fairly
frequently
used
by
those
of
us
working
on
kappa
and
development.
But
maybe
if
we
make
the
production
deployment
case,
the
primary
one
and
have
an
alternative
for
you
want
to
use
credentials
and
just
make
sure
it's
super
easy
to
support
both.
C
C
D
A
And
just
add
one
other
thing
is
we
probably
don't
necessarily
want
to
break
the
existing
workflows
during
kind
of
a
patch
release?
So,
while
we
keep
in
mind,
you
know
future
direction
and
we
may
want
to
look
at
breaking
changes
for
the
future.
We
will
probably
want
to
maintain
some
level
of
backwards
compatibility
still,
at
least
until
we
get
to
the
next
breaking
release.
D
C
I
just
wanted
to
bring
this
up.
I
know
we
don't
necessarily
have
a
full
crew
here,
but
I
was
thinking
about
this
the
other
day,
since
it's
become
a
bit
of
a
large
thorn
in
our
side
where,
if
cloud
in
it
fails
or
the
cube
idiom
joined
fails,
we
have
no
way
to
know
it
may
succeed
part
way
it
may
fail
entirely,
and
so
my
original
thinking
with
trying
to
do
this
was
that
we
could
use
AWS
session
manager
or
whatever
its
official
name,
is
to
hop
into
the
VM
and
I.
A
C
Another
thought
is-
and
this
is
a
security
question
for
probably
for
nadir
and
anybody
else
who
knows
AWS
I
am
like
how
fine-grained
it
can
be,
but
so
one
option
is:
if
cloud
an
it
succeeds,
the
VM
itself
could
add
a
tag
or
some
other
metadata
to
the
ec2
VM
itself,
assuming
it
only
has
permission
to
modify
its
own
VM
and
we
would
have
to
work
through
the
security
aspects
as
as
like
can
we
like
when,
when
should
it
do
the
metadata
updates?
Should
it
do
it
on
failure
and
success?
C
D
There,
yes,
so
if
you
look
at
say
you
would
there's
a
way
of
sending
a
notification
said
to
recommended
ways
to
use
something
like
SNS
or
a
beverage
today
is
by
the
way
to
go.
So
we
set
up
a
capital,
would
create
a
queue
subscribe
to
a
topic,
and
then
the
machine
would
publish
a
message
on
to
that
topic.
D
D
C
A
C
C
D
A
C
Yeah
I
mean
I,
think
the
the
more
information
we
can
provide
the
better
but
the
like
MVP
use
case
or
flow
would
basically
be
cloud
and
if
doesn't
get
all
the
way
done
for
whatever
reason.
So
we
mark
the
machine
is
not
fully
bootstrapped
and
then
I
don't
know.
If
the
machine
health
check
code
is
only
looking
at
nodes
or
if
it
can
handle
machines
without
nodes.
I,
don't
remember
off
the
top
of
my
head,
but
either
way
we
get
the
Machine
health
checker.
C
To
basically
say:
oh,
if
a
machine
failed
bootstrapping,
then
we
shoot
it
in
the
head
or
what
whatever
and
we
figure
out,
how
to
work
with
cubm
control
plane
as
well,
but
I
think
something
like
that.
Would
really
help
make
sure
that
we
don't
have
like
these
half
running
control,
plane
machines,
that
sort
of
our
control
planes,
but
aren't
really
and
whatever
else
goes
wrong.
So.
C
I
mean
that
at
least
covers
machine
sets
and
machine
deployments,
but
it
doesn't
cover
individual
machines
and
it
doesn't
cover
control,
plane
machines,
but
we
can
find
a
way
to
work
with
that
to
I.
Think
we're
gonna
have
to
write
some
code
in
kcp
for
that,
so
that
was
all
I
had
I
just
wanted
to
bring
this
up
and
if
anybody's
got
ideas,
I
linked
the
overall
cluster
API
issue,
because
I
think
we're
gonna
need
some
contract
changes
to
cluster
itself,
potentially
I
mean
it
could
be.
C
Like
Jason
said
we
just
set
the
failure,
reason
and
failure
message
and
that's
sufficient
or
we
could
we
could
decide.
We
want
to
have
an
additional
detail
that
says:
bootstrapping
failed
and
and
then
it
would
be
an
API
change.
So
25:54
is
the
close
to
API
one
that
talks
about
possible
contract
changes
and
then
the
other
tab
is
a
cap,
a
specific
one.
That
jason
has
there
972
that
I
think
we
can
use
to
rally
around.
How
do
we
want
to
implement
this
specifically
for
a
Kappa.
E
F
There
yeah
this.
This
may
not
be
the
right
time
for
this
question,
but
I
can
ask
it
later
I.
Just
is
there
a
they?
Are
there
like
basic
smoke,
API
calls
and
things
that
are
made
before
all
the
machinery
of
spinning
a
machine
comes
up
yes
kind
of
like
a
maybe
a
naive
question,
but
you
know
like
sometimes
there's
stupid
things
that
can
go
wrong.
That
no
may
not
have
anything
to
do
with.
You
know
deep
intro.
A
A
You
know,
there's
there's
probably
some
things
that
we
could
do
around
validating
configuration
and
things
like
that,
but
that
gets
us
into
very
specific
versions
of
cube
ATM
that
we're
trying
to
run
against,
and
you
know,
potential
issues
there
with
both
support
and
maintenance
of.
You
know
those
types
of
tracks:
okay,.
F
B
It's
been
a
minute
thanks
for
reviewing
that
security
groups.
Pienaar
I'm
gonna
be
submitting
another
one
for
subnet
yeah,
be
pcs
and
subnets.
I
think
and
I've
also
I'm,
also
very
interested
in
the
issue.
Around
multi
AWS
accounts
at
some
point.
I
wanted
to
catch
up
with
you
guys
about
that,
but
there's
a
pretty
detailed
comment
and
I
think
I
think
that
that
I
think
the
summary
is
I'm
gonna
provide
a
proposal
about
our
the
implementation.
I
could
take
and
want
to
square
that,
with
the
other
people's
thoughts
around
it.
I.
A
Authentication,
so
we'll
definitely
want
to
make
sure
to
take
some
of
those
into
account
so
that
when
we
look
at
like
role
assumption
or
you
know
the
use
of
like
kiem
to
proxy,
you
know
authentication,
requests
and
things
like
that
that
we
continue
to
support
those
use
cases
as
well,
but
glad
to
have
you
on
board.
We've
appreciated
the
contributions
you've
had
so
far
and
look
forward
to
continuing
it
in
the
future.
Thank
you.
A
C
I'm
fine
with
additive
optional
things
as
long
as
they're
truly
optional,
and
they
don't
cause
breaking
changes.
If
you
submit
an
older,
older
copy
that
doesn't
have
the
fields
and
the
controllers
break
and
whatnot
I
think
it's
it's
fine
to
iterate
on
in
alpha
3
I
mean
otherwise.
This
is
going
to
have
to
wait
for
alpha
4
and
I.
Don't
know
that,
there's
a
real
reason
to
lead
right.
A
A
A
A
A
A
A
A
We
potentially
have
the
ability
to
automate
the
creation
of
subnets
across
availability
zones
and
make
that
experience
around
standing
up
AJ
clusters
a
little
bit
better
I
am
I,
know
Ben
has
been
working
on
it.
I
don't
think
he
is
on
the
call
today,
but
we've
been
talking
potentially
about
a
way
to
do
this
backwards
in
a
backwards
compatible
way,
but
I,
don't
think,
we've
actually
settled
on
what
that
looks
like
yet
so
I
think
we
may
have
to
defer
on
assigning
a
milestone
until
we
have
a
better
idea.
What
that
looks
like.
C
A
A
From
what
I
could
tell
it
looked
like
it
was
related
to
missing
a
step
for
deploying
bi
m
roles
and
profiles
needed,
and
we
did
file
an
issue
with
upstream
cluster
API
for
improving
the
documentation
around
around
making
it
more
clear,
but
we
haven't
gotten
any
feedback
yet
on
that.
So
let
me
go
ahead
and
what's
the
priority
for
C
awaiting
more
evidence
and
for
now
I'll
go
ahead
and
put
this
in
next
until
we
get
further
feedback,
I,
don't
I,
don't
necessarily
believe
this
is
an
issue
beyond
that
documentation.