►
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
Okay,
hello,
everyone
today
is
3rd
of
march
2022
and
welcome
to
the
cluster
api
provider
for
azure
office
house
meeting.
This
is
a
kubernetes
six
project,
so
we
abide
by
the
kubernetes
rule
of
content,
which
is
basically
be
kind
to
each
other.
If
you
want
to
speak
up,
please
use
the
base
hang
feature
in
zoom
and
if
you
have
anything
to
discuss,
please
add
them
to
the
agenda
section
in
the
document
before
we
get
started.
Is
there
anybody
here
joining
for
the
first
time
would
like
to
introduce
them?
Sir.
A
I
don't
see
anyone
new
yeah,
okay,
let's,
let's
move
on
to
open
discussion,
so
the
first
psa
is
release.
1.2.0
was
released
this
week
yeah,
so
it
has
some
cool
features,
especially
around
async,
and
manage
clustering
improvements
yeah.
So
thanks.
Everyone
who
contributed
to
this
release
and
please
check
it
out
and
give
us
some
feedback.
A
A
Yeah.
Moving
on
to
the
next
item,
see
review
1.3,
milestone.
B
Yeah
so
kind
of
related
to
the
release.
Now
that
1.2
is
behind
us,
it's
time
to
start
planning
for
1.3,
we
weren't
very
good
last
time
around
for
1.2
at
you
know,
planning
this
in
the
milestone
and
there's
the
holidays
in
the
middle
of
the
really
cycle,
which
I
guess
distracted
us,
but
I
think
this
time
around
we
can
try
to
be
a
little
more
like
intentional
about
what
we
want
to
get
into
the
release.
B
So
for
now
I've
just
added
the
things
that
I
know
people
are
already
working
on.
So
all
these
are
already
assigned
and
are
like
high
priority
things
that
we
want
to
get
done
through
1.3
or
at
least
get
started
for
1.3.
B
I
think
the
big
obvious
missing
thing
right
now
is
testing
cluster
class.
I
don't
know
sham
if
we
have
an
issue
for
that.
I
I
found
one
that
was
like
switch
all
the
templates,
but
I
think
that's
maybe
too
aggressive
for
1.3.
Maybe
we
can
start
with
adding
an
end-to-end
test
and
getting
it
working
so
yeah.
B
If
there's
anything
that
you
think
should
be
in
here
like
please
like
comment
on
the
issue
and
tag
me
or
whatever,
and
I
can
like
edit,
it
doesn't
mean
that
we
can't
do
or
can't
work
on
anything.
That's
not
in
here
like
this
is
just
like
get
people
who
are
lurking
an
idea
of
like
this
is
the
stuff
we're
working
on
right
now,
that's
like
top
of
our
mind
so
yeah.
If
anyone
has
any
feedback.
Also,
please
share.
C
Yeah
pardon
me:
do
we
is
this
date
driven
or
feature
driven?
Are
we
gonna
release
it
when
all
this
is
done,
or
do
we
try
to
hit
a
specific
date
as
well.
B
That's
a
really
really
good
question,
so
I
guess
the
answer
is
we
don't
know?
I
don't
have
an
answer,
but
I
personally
would
prefer
to
see
it
being
date,
driven
where
we
try
to
aim
for
a
specific
date,
and
if
we
don't
get
everything
done,
that's
okay.
We
release
what
we
have
and
then
we
just
move
the
items
over
to
the
next
milestone.
B
I
know
cluster
api.
The
project
is
leaning
more
towards
feature
driven
right
now,
where
they
try
to
get
all
the
stuff
done
before
the
release,
and
if
it's
not
done,
then
the
release
gets
delayed.
I
personally
don't
like
that,
just
because
I
think
it
ends
up
being
like
we
really
delete
delay
the
release
a
lot.
B
When
we
do
that,
because
we
always
tend
to
overestimate
how
much
we
can
get
done
and
we
always
fall
short,
and
that
means
we
end
up
having
like
a
release
that
comes
a
lot
later
than
we
thought
it
would
and
other
goodness,
that's
in
the
release
already
gets
also
delayed,
because
it's
waiting
for
some
other
feature.
So
I
don't
know
what
you
think
matt.
If
you
have
a
preference
for
one
or
the
other,
since
you
brought
it
up,
I.
D
C
A
Like
I,
I
also
prefer
to
be
dead
to
him,
because
it's
like
reduce
the
pressure
on
the
developers
and
also
like
it
avoids
any
delays.
If
some
feature
is
not
shipped.
That
being
said,
we
need
like,
if
there
are
some
blockers
that
come
up,
we
will
wait
for
it
to
like
get
it
merged
before
we
actually
cut
early
so
yeah,
that's
kind
of
a
trade-off
that
we
will
design.
B
Yeah
agreed
yeah
like
if
we
find
out
some
big
bug
like
a
week
before
we're
planning
on
releasing,
and
you
know
we
want
to
get
it
fixed.
I
think
it's
okay
to
say
like
this
is
a
release
blocker,
but
in
general
yeah.
I
agree
that
we
shouldn't
block
the
release
based
on
features,
and
I
think
also
in
general
like
because
we
work
on
open
source
at
such
an
unpredictable
environment
and
track
priorities.
Change
all
the
time
and
also
like
the
world
is
tough
right
now.
B
A
Okay,
is
there
anyone
else
who
wants
to
like
discuss
anything
on
this
topic.
B
I
guess
one
more
thing:
if
we
do
want
to
make
it
date
driven,
we
should
decide
on
a
date.
B
We
don't
have
to
do
this
now,
but
I
think
like
we
should
decide
like
how
long
we
want
each
release
like
how
long
we
want
in
between
releases.
We've
done.
B
A
I
think,
like
one
point
five
months
to
two
months,
just
seems
reasonable.
We
could
like
discuss
the
async
as
well.
A
Okay.
Moving
on
to
the
next
item
map
demo
on
how
we
produce
reference
images.
C
Sure,
well
so
we
kind
of
mumbled
on
slack
about
doing
this.
Actually
ashitosh
was
really
curious
and
and
how
the
sausage
is
made.
So
I
could
go.
C
I
don't
really
have
anything
prepared,
but
I
could
go
ahead
and
show
you,
but
I'm
wondering
if
we
should,
if
he
should
be
here
essentially
or
or
if
people
are
interested
right
now
or
or
we
could
plan
on
doing
it
at
the
next
one
and
then
at
least
there's
a
heads
up
that
I
was
going
to
do
this
and
maybe
ashutosh
could
join
us
or
other
people
who
are
specifically
interested,
but
I'm
happy
to
do
it
now
either
way.
What
do
you
guys
think.
A
A
Oops,
should
I
stop
sharing
this
video.
B
C
Okay
screen:
this
will
stop
other
screen
sharing.
That's
fine.
C
Okay,
so
you
can
see
this
is
how
I
find
the
image
builder
project,
as
I
google
for
it,
because
I'm
bad
at
making
bookmarks
so
how
we
build
the
what
we
call
the
capsi
reference
images
pretty
much
all
the
tooling
and
scripts
that
produce
the
images
is
out
here
in
image
builder
in
the
public,
but
to
actually
run
them.
C
You
need
some
specific
credentials
and
you
probably
also
need
to
be
a
microsoft
employee,
because
essentially
you
run
them
through
azure
devops
pipelines,
which
is
a
public
service
that
you
can
use,
and
it's
pretty
great,
but
the
way
we're
using
it
is
in
a
microsoft,
hosted
tenant
and
it's
not
it's
not
a
job
that
the
general
public
could
get
to.
So
that's
the
only
hitch.
Otherwise
everything
here
is
you
can
go
ahead
and
read
through
the
scripts
and
kind
of
see
what
we're
doing.
So.
C
A
C
These
end
up
these
end
up
getting
run
through
the
pipeline
jobs.
C
And
and
produce
our
images,
so
we
could
look
through
them,
but
they're
not
super
interesting.
For
example,
these
are
like
sub
jobs
that
build
parts
of
the
vhd.
This
is
the
main
one
that
builds
the
vhd.
Everything
in
our
lives
is
yaml,
so
this
is
yaml
and
you
can
see
it
basically
boils
down
to
a
bunch
of
shell
commands
that
do
stuff.
C
So
we
don't
need
to
get
deeply
into
these,
but
if
you
want
to
figure
out
exactly
how
things
are
build
or
more
likely,
you
had
a
problem
trying
to
build
your
version
of
something
or
you.
This
is
where
you
want
to
go
images,
image,
builder
images,
cappy,
packer,
azure,
scripts
or
pipelines.
C
This
is
a
job
that
just
basically
does
a
test,
build
every
night
to
try
and
give
us
an
early
signal.
If
something's
gone
wrong
because
sometimes
things
get
checked
into
image
builder
and
since
we
only
run
these
scripts
when
there's
a
kubernetes
patch
event
like
once
a
month,
it's
really
easy
for
us
to.
You
know:
hey
it's
patch,
tuesday,
oh
boy,
none
of
our
stuff
actually
runs
right
now
because
it
broke
three
weeks
ago
because
something
got
checked
into
image
builder
and
we
weren't
aware
of
it
until
now.
C
C
So
when
we
when
there's
a
kubernetes
patch,
essentially
it's
usually
the
only
time
we
run
this.
We
go
in
here
and
we
run
that
main
job
that
I
pointed
to
briefly
earlier
and
what
the
way
it
looks
here.
Is
it's
just
going
to
ask
you
for
some
variables
if
you've
been
if
you've
done
stuff
in
azure
devops,
this
is
probably
pretty
obvious
to
you.
But
if
you
haven't
this
is
the
ui
and
there's
not
a
whole
lot.
You
need
to
tell
it.
C
C
C
I
don't,
I
think,
we'll
probably
start
building
for
2204,
because
that's
an
lts
release
right.
It
comes
out
another
another
month,
so
that
will
probably
get
added
in
the
mix
and
we
may
stop
producing
1804
images
in
another
year
when
those
go
out
of
support,
but
for
right
now
we're
building
these
two
flavors
of
linux.
C
E
C
That's
true
overwrite
this
we
have
to
do
that.
Sometimes
you
go
here.
Add
variable
hacker
flags,
some
gobbledygook,
but
we
don't
need
to
do
that
anymore,
for
the
windows
builds
right
now,
right,
james,
that's
right,
yeah,
container
d,
1.6,
it's
a
little
simpler
currently
but
yeah.
If
you
need
to
pass
something
special,
that's
the
way
to
do
it.
C
Then
the
job
starts
running.
The
first
stage
is
actually
creating
the
vhd
building
the
image
using
ansible
and
other
tools.
So
this
is
the
one
that
takes
a
lot
of
time,
and
this
is
the
one
that
might
fail,
because
for
some
reason-
and
if
anybody
has
any
insight
into
this,
that
would
be
awesome.
C
The
windows
build
in
this
particular
environment
is
just
kind
of
flaky.
A
lot
of
times.
Ansible
tries
to
contact
the
winrm
service
and
just
fails
in
the
whole
thing.
We
have
to
try
again
it's
about
50
50
and
we've
tried
a
lot
of
times
to
figure
out
what's
going
on
and
we
just
haven't
been
able
to
so.
C
C
C
C
We
want
to
build
a
20.
What
is
it
2019
image,
and
then
we
want
to
build
a
container
d
image
for
that,
then
we
want
to
build
a
container
d
2022
image.
If
it's
newer
than
120
to.
If
it's
124,
we
don't
build
the
old
image.
So
there's
it's
a
little
funky.
Obviously
we
have.
I
have
an
internal
dock
that
wouldn't
help
you,
unfortunately,
but
that's
more
specific
about
how
those
are
built
that
could
be
external
documentation
if
you
wanted,
I'm
not
sure
where
we
would
put
it
but
tldr
as
we're
moving
forward.
C
C
Some
of
them
are
going
to
fail
because,
unfortunately,
windows
is
still
a
little
flaky,
so
we
have
to
run
them
again,
but
once
those
all
arrive,
then
we're
done
with
this
part
of
it
and
then
the
next
stage
is
to
go
to
the
microsoft
partner
center
and
double
check
the
big
offer
that
provides
all
these
make
sure
it's
good
and
then
let
it
publish,
I
don't
know
if
I
should
show
that
or
not
what
do
you
do?
You
think
I
should
show
that
no
david's,
like
no.
F
Yeah
perhaps
we
should
go
through
that
first
before
we
do
it
on
the
fly.
C
C
That
constitutes
the
current
set
of
vhd's
we
offer
for
cappy
and
then
the
changes
that
we're
proposing
to
make,
and
you
just
click
through
them.
They
should
all
show
that
they're,
complete
and
ready
to
be
published,
and
then
you
publish
and
the
publishing
is
a
pretty
big
deal,
because
it's
a
global
thing
it
has
to
be
replicated
to.
You
know:
microsoft's,
multiple
data
centers
to
some
private
data,
centers
and
government
data
centers
and
stuff.
C
C
That's
about
it
so
hopefully
there's
some
questions.
Anybody
have
a
question.
C
We
try
to
put
literally
as
much
as
we
can
out
in
the
public,
but
there's
a
few
go
ahead.
David.
F
D
To
make
the
end-to-end
tests
for
opia
work?
Yes,
but
it's
more
like
a
semi-private
thing.
We
have
an
ongoing
investigation
into
full
automation
and
using
some
of
the
tools
from
the
cab
z
project,
I'll,
make
sure
to
point
out
my
folks,
today's
demo,
which
will
be
enriching,
I
guess
from
for
them
as
well.
D
Eventually,
if
it
is
feasible
for
the
flat
car
project,
we
would
love
to
provide
updated
os
images
with
capzi
capsi,
ready
images,
basically
we're
an
image
builder.
So
it's
not
something
that
we've
built
ourselves,
but
not
not.
Right.
Now,.
C
So
your
best
strategy
is
to
be
on
the
latest
patch
release
and
then
once
you're,
getting
anywhere
close
to
a
production
environment.
Just
stop
using
the
reference
images
please
and
build
your
own,
because
we
don't
guarantee
that
any
particular
cds
or
patches
will
be
in
those
images
they're
really
just
for
our
testing
and
to
make
it
so
that
there's
not
a
really
high
bar
for
people
kicking
the
tires
on
capzi.
C
You
know
you
wouldn't
want
to
have
to
build
your
own
images
just
to
try
the
project
out,
but
beyond
that
we
don't
really
make
any
guarantees,
at
least
at
this
point.
We
can't
support
them,
as
microsoft
would
traditionally
want
to
do.
The
other
thing
I
should
say
is
this
makes
it
look
like.
I
did
a
lot
of
work
here.
I
am
just
totally
riding
on
the
coattails
of
stuff
that
david
and
cecile
wrote
I've
added
to
these
scripts,
but
they
created
this
system
and
I
am
the
maintainer
at
this
point.
C
D
A
Yeah,
so
my
zoom
was
like
acting
all
weird
sorry
about
that.
Thanks
for
the
demo,
my
I
think
it'll
be
super
useful
I'll
need
to
watch
it
again
to
like
fully
understand
it,
but
yeah
thanks
for
the
demo
I'll
share
my
screen.
A
A
There's
one
more
item
regarding
yeah.
B
Okay,
do
you
mind
making
me
co-host
sham
so
I
can
share
screen
or
actually,
unless
matt
you
have
it
since
you're
already
co-host.
G
Yeah
and
so
to
give
some
context,
maybe
I
I'm
wrong
here
and
we
do
have
some
tests
that
use
more
than
one
replica,
but
last
week
I
hit
some
some
back
some
issue
and
I
believe
we
don't
have
any
end-to-end
tests
that
use
more
than
one
replica
for
the
control
plane
or
even
in
the
machine
deployments,
and
I
was
wondering,
if
would
be
interesting,
to
use
more
than
one
to
catch
some
of
the
scenarios
for,
for
instance,
when
dealing
with
managed
identities
on
azure
and
things
like
that.
What
do
you
think.
E
G
E
So
I
think
we
do
have
one
job
that
has
a
three
node
control
plane
and
I
believe
most
of
the
jobs
have
two
worker
nodes,
for
at
least
we
have
one
job
that
has
two
or
more
worker
nodes.
I'd
have
to
go
look,
but
maybe
maybe
we're
not
testing
the
particular
scenario
that
we
ran,
into
which
I
think
we
should
probably
look
at.
E
Yeah,
actually,
I'm
not
sure
I
think
most
of
our
end-to-end
tests
use
the
service
principle
and
not
the
managed
identities,
and
it's
been
on
our
list
to
improve
that
and
switch
over
to
managed
identities.
But
we
haven't
quite
gotten
there,
yet
I'm
not
sure
if
we
have
an
actual
test
to
test
the
manage
identities.
I
don't
know
if
anybody
else
does.
B
There's
no
end-to-end
test
for
it.
It's
just
a
demo
template
the
issue
with
managed
identity
is
that
it
requires
special
permissions
on
the
service
principle
that
creates
the
vms,
because
that
service
principle
needs
to
be
able
to
create
role
assignments
and
then
assign
them
to
the
identities
of
the
vm,
which
requires
like
role
assignment
rights,
permissions
which
are
standard
testing
like
the
the
subscription
that
runs
test
and
prowl
the
cred
credentials
that
run
there.
They
don't
have
those
permissions,
so
we
can't
use
that
to
test
manage
the
identity.
G
D
E
C
E
I
dropped
the
link
in
there,
oh
nice.
It
gives
a
little
bit
about
the
different
you
might
have
seen
this
already,
but
it
gives
a
little
bit
of
about
the
difference
between
those
two
and
I
and
you
know
in
the
dock.
We
recommend
using
user
assigned
just
because
I
think
you
can
maintain
the
light
cycle
longer
and
have
better
control
over
the
the
access
that
that
identity
has.
B
D
B
B
Yes,
so
managed
identity
is
like
you
assign
an
identity
to
your
like
resource,
like
your
virtual
machine,
for
example.
So
your
virtual
machine
has
its
identity
and
either
system
is
fine,
which
means
it's
like
created
for
you
when
you
create
the
vm
and
its
life
cycle
is
tied
to
the
vm.
B
So
that
means
whenever
you
delete
the
vm,
the
identity
also
goes
away,
or
it's
user
assigned,
which
is
more
like
bring
your
own
identity,
so
you
pre-create
it
and
then,
if
you
delete
the
vm,
that
identity
is
still
there
and
that
allows
you
to
like
not
have
to
like
put
credentials
on
your
virtual
machines
and
so
in
the
context
of
capzi.
B
This
is
useful
for
cloud
provider,
because
cloud
provider
azure
requires
credentials
to
run
because
it
needs
to
create
resources,
update
load,
balancers
things
like
that,
and
so
the
traditional
or
not
traditional,
but
like
the
other
way
of
doing
it
is
f
service
principle,
which
is,
we
literally
write
a
file
on
the
virtual
machine
called
azure.json,
which
contains
your
client
id
client
secret,
10
id
subscription
id,
and
that
allows
it
to
interact
with
azure.
But
that's
not
very
secure.
Right
because
then
you
have
plain
text
credentials
on
your
vm.
B
So
the
best
way
to
do
it
is
to
use
a
managed
identity
which
gives
the
vm
an
identity
which
cloud
writer
then
uses
for
its
like
running
its
code
and
making
calls
to
the
azure
apis.
B
E
All
right,
let's
maybe
I'll
just
say
I
think,
next
meeting
I
was
going
to
do
a
demo
of
just
some
of
the
entry
points
into
our
end-to-end
tests
and
the
different
variables
you
can
set
and
maybe
a
workflow
for
developers.
So
if
you're
interested
in
that
type
of
thing
join
us
next
time,.