►
From YouTube: SIG Cluster Lifecycle - Cluster Addons 20190625
A
B
A
C
C
A
A
Yeah
so
I
don't
know
if
I
mentioned
this
last
time,
but
my
idea
was
that
now
that
we've
got
like
a
basic
operator
merged
that
almost
going
to
sit
down
and
write
a
little
bit
of
documentation,
just
explain
the
general
approach
and
discuss
what
this
operator
does
and
then
I
mean
I
would
give
it
to
you
all
to
to
review
it.
But
then
I
would
love
to
you
to
reach
out
to
cluster
lifecycle.
A
Mailing
list
saying
okay
here
is
our
first
milestone
reached,
give
us
some
feedback
or
all,
because
we
had
so
much
people
in
the
in
the
first
meeting
that
we
did,
that
our
start
reaching
out
to
them
against
it.
You
all
had
news
cases.
Why
don't
you
get
started
and
that's
how
you
can
that
was
my
idea.
I.
C
Think
that
sounds
great
I
propose
mm-hmm.
Excuse
me
when
we
get
to
the
docks
that
we
merge
it
ASAP
and
that
people
send
PRS
to
fix
it.
That
seems
to
work
better
than
the
endless
comments,
and
you
must
like
copy
and
paste
the
suggestion
fix
into
your.
That
seems
to
be
PR,
so
maybe
one
round,
and
then
we
merge
it
and
let
people
fix
yes.
C
I,
don't
know
that
the
cap
yet
differs
that
much.
The
cap
was
very
like
exploratory
and
we
have
an
exploratory
thing
that
more
or
less
follows
the
same
ideas.
But
I
certainly
think
we
will
want
to
update
that
cap
as
we
hopefully
like,
build
more
stuff
in
there
and
discover
more
things
that
we
like
or
don't
like.
Like.
D
D
B
C
So,
like
so
cou
builder
stops
at
like
the
reconcile
function
and
so
the
the
framework
that
we
are,
the
library
that
we
non-color
framework,
a
library
that
we're
using
lets,
you
basically
load
a
yeah
more
manifest
apply,
some
transforms
to
it
and
then
coop
couple
apply.
Soon-To-Be
server
side
apply
that
manifest,
so
it
essentially
provides
an
implementation
of
that
reconcile
and
the
hotel
function.
The
way
we
did.
That,
though,
was
to
have
a
type
where
we
basically
had
like
a
more
opinionated
implementation.
C
D
C
Yes,
you
think
that,
like
maybe
the
so
we
are
transforming
kubernetes
yamo.
How
could
we
do
ansible
if
we
do
terraform?
Could
we
do
like
other
things?
And
I'm
sorry
I
don't
know
the
answer
boys
so
I,
don't
know
if
character
form
is
not
strictly
speaking,
yeah
more
so
that
might
be
a
bit
of
a
pain
but
maybe
see
we
could
do
other
things.
These.
E
C
C
D
E
E
E
D
E
D
E
D
Can
if
we
can
support
an
ecosystem
where
people
build
their
operator
backends
in
whatever
configuration
language
they
want,
but
that
could
be
a
really
good
thing.
I
have
a
hard
time,
imagining
at
the
moment
that
we
would
be
able
to
do
anything
more
than
kind
of
the
proposed
customized
for
the
installation
portion
at
the
moment.
D
Unless
we
can
figure
out
how
to
get
people
to
you
know,
we
might
have
to
it's
hard
to
think
of
like
a
generic
packaging
format
that
isn't
this
complicated.
You
know
and,
as
maybe
you
know-
comes
with,
like
security
trade-offs
as
something
like
whatever
wait.
What
is
it
called
the
the
thing
that
we
build
around
helm
beyond
OCI
yeah,
see.
C
D
C
All
of
this
space
there's
so
many
opportunities,
so
I
feel
like
we
should
do
small
steps
that
when
we
need
that
type
thing,
yeah
I
was
more
to
see.
I
got
excited
by
the
idea
of
like
what.
If
we
can
do,
ansible
yes,
wait
until
we
need
to
do
ad
sabor
and
work.
Someone
wants
to
end
simple,
then
they
can
contribute
it.
But
yes,
so.
D
The
only
reason
I
brought
that
up
is
because
it's
one
of
the
things
that
operator
framework
supports,
so
you
can
already
generate
operators
from
ansible
playbooks
and
it's
apparently
you're
supposed
to
be
able
to
get
pretty
sophisticated,
behavior
I.
Imagine
probably
just
using
the
kubernetes
ansible
libraries,
and
then
you
could
even
tie
in
other
stuff
there,
like
ec2
VMs
or
something
no
kind
of
me,
an
operator
that
controls
GCP
resources
along
with
kubernetes
stuff.
At
the
same
time,
in
written
in
llamo,
mostly.
D
C
We
have
an
answer
right
now
and
I
am
wary
of
broadening
that
without
her,
if,
unless
there's
some
reason
to
and
I'm
open
to
any
suggestions
as
to
why
we
should
do
that,
but
otherwise
it's
easy
to
like
I
think
we
found
out
that,
like
kubernetes
sakes
is
a
different
org
from
kubernetes
and
you
can
apply
to
them
separately
and
I
was
like.
Why
is
that
the
case?
So
there's
there's
enough
before
we
even
bring
in
other
other
orgs
yeah.
C
F
C
Which,
I
think
is,
I
think,
is
good
I
think
you
know
I
think
there's.
There
is
so
much
in
this
space
that
if
everyone
picks
something
they
want
to
work
on
and
does
small
things
that
advance
us
in
that
direction
in
their
direction,
then
we
will
find
what,
where
these
things
fit
in
right.
So
if
someone
from
better
framework
wants
to
work
on
like
how
that
would
how
that
would
look,
then
that's
wonderful
right.
C
But
yes,
if
someone
wants
to
build
a
an
operator
that
or
an
implementation
of
managing
add-ons
that
uses
a
completely
different
language
in
another
repo
that
is
absolutely
fine
like
that
is
hopefully
they
will
follow
the
same
patterns
and
we
can
all
work
together
on
the
patterns
which
I
think
are
more
important
than
the
language
but
yeah
I
feel
like.
We
should
probably
build
our
primary.
D
C
C
Yes,
it
would
be,
it
might
not
be
released,
but
we
AB
C
could
have
it
in
the
master
branch.
I.
Think
the
one
which
the
one
which
I've
been
eyeing
is
the
node
local
DNS
agent,
yep
cuz
I.
Don't
think
anyone
yet
installs
it
and
it's
pretty
useful
and
it's
a
little
non-trivial
and
that
it's
a
daemon
said
has
like
some
IP
table
stuff
going
on,
but
it
doesn't,
it
also
doesn't
have
any
it
doesn't
have
any
external
like
it
doesn't
have
any
AWS
firewall
rules,
for
example,
yeah.
C
F
C
D
D
The
it
doesn't
like
I
I
think
there's
like
an
option
called
request
once
or
something
like
that
that
doesn't
get
parsed
Musil
and
then
that
ends
up
like
amplifying.
If
you
can't
use
that
as
a
mitigation,
I
think.
C
I
think
that
would
be
a
great
one
in
terms
of
like
a
nice
carats
for
a
cuvette
DM
and
for
cops
I,
think
that
would
be
a
good
one
and
it's
it's
it's
additive,
so
I
think
it
would.
It
would
be
good
from
that.
It's
currently
additive.
So
if
we're
fast
enough,
we
can
get
it
in
there
before
cops
and
coop
idiot
managed
yeah.
F
D
Yeah
I
would
say:
that's
a
I
I
haven't
heard
of
anybody
taking
interest
in
bolting
that
into
Covidien
at
the
moment
when
it
was
brought
up.
Tim
pinged
me
I
think
because
of
the
work
on
add-ons
and
nobody
else
seemed
to
chime
in
so
we
will
probably
be
the
people
to
do
that,
which
hopefully
people
will
then
it'll
make
them
go.
Try
this
stuff
right,
I,
think.
C
That'll
be
great
cuz.
Also,
then,
we'll
like
start
to
see,
you
know
what
is
the
pushback
on
operators
as
a
whole
like
if
he
is
point
about
like
I,
want
to
run
it
once
and
then
you
know
not
have
an
ongoing
process
for
the
Raspberry
Pi
scenario
or
just
security
or
whatever.
It
is
like.
Those
sort
of
things,
I
think
are
gonna,
be
great
feedback,
which
we
won't
really
get
until
we
actually
integrated
with
it
with
tools.
So
yeah.
D
C
D
C
D
I'm,
just
kind
of
trying
to
associate
my
curiosity
with
regard
to
like
how
how
much
like
implementation
like
buying
and
gusto
we're
feeling
as
like,
participating
members
of
installer
maintenance
right.
So
it's
like
if,
like
khubaib
a.m.
cops
and
ETS
cuddle,
can
sit
in
a
room
and
say
hey
like
if
we
put
together
a
POC
that
seems
reasonable.
We
could
sure
in
you
know
some
of
the
support
for
the
tooling
in
the
next
four
months.
D
C
Think
that's
right
and
I.
Think,
like
you
know,
like
we've,
we've
spoken
to
people
and
they're
here
to
say-
and
everyone
is
I
guess
enthusiastic
in
theory
with
some
caveats
and
I
feel
like
until
you
actually
give
them
something,
and
you
never
really
know
like
what
you
never
really
can
predict
all
the
problems.
So
they're
gonna
grow
up
and
we
know
there
will
be
some
and
I
think
yeah
I
think
I.
Think
it's
a
great
goal
to
I.
C
Don't
think
it
will
happen
next,
two
weeks
but
I
think
to
work
towards
the
idea
that
we
have
a
node
local
DNS
agent.
That's
a
proposal
that
we
could
say
like
a
cops:
hey,
eks,
cuddle,
hey,
cube
spray,
hey
you
baby
em
like
try
this
for
node
local
DNS
agent
and
say
see
what
you
think.
Let
us
know
why
it
doesn't.
Work
like
Illya
will
probably
say,
like
I
need
one
shot:
motor
CLI
mode.
We
can
see
mm-hmm.
C
But
actually
I
think
that's
a
good
I
think
that's
a
good
thing
to
aim
towards
so
like.
If
we
think
about
when
we're
building
things
are
we
building
things
to
help
us
get
there
right?
So
like
is
my
generator
helping
it's
helping,
but
maybe
I
could
just
bypass
it,
but
I
don't
know
I
could
just
build
it
manually
as
again,
but
I
feel
like.
So
it's
it's
a
question
mark
for
me,
but
yeah
like
can
we
get?
Are
we
building
things
to
get
us
closer
to
that?
To
that
goal?
Yeah.
D
C
D
C
D
A
oh,
no
I,
I
have
a
I,
have
a
lot
of
strong.
You
know
opinions
about
what's
objectively
wrong
with
with
the
current
helm
ecosystem
and
a
lot
of
that's
being
fixed,
but
in
general
the
project
is
has
like
it's
just
very
good
for
users,
cool,
so
yeah.
If
we
can
do
things
that
feel
like
helm
for
people,
then
that
is
good
and
I.
Think
you
raise.
C
D
C
Can
get
there
like
if
they
structure
things
in
a
certain
way
that
follow
a
common
path?
I
think
this
is
like
the
COO
boater
patentee
we're
talking
about
like
and
they
for
people
whose
use
cases
are
covered
by
coop
builder.
Can
we
give
them
an
operator
way?
They
don't
even
have
to
do
anything
or
it
wants
to
compile
anything,
and
but
they
still
have
a
grow
up
ramp
where
they
or
an
off
ramp,
so
that
when
they
do
have
the
complicated
use
case,
they
are
not.
They.
B
C
C
C
Yeah,
the
I
I
would
hope
the
migration
path
would
be
when
you
grow
up
you,
when
you
grow
up
ass,
that
that's
when
you
you
have
to
generate,
you
generate
it,
and
you
get
ideally
to
the
same
point
that
you
generate
and
you
get
to
the
same
point.
This
is
very
hypothetical.
You
get
to
the
same
point
as
the
generic
operator
that
you
were
using
before
and
then.
D
C
D
Works
great
right
to
Jessica's
question
about
like
what
do
you?
What
do
you
do
so
that
they
don't
get
stuck
like
for?
For
me,
that's
always
been
make
sure.
It's
really
well
documented
and
right
tools
so
that
people
can
run
commands
to
make
things
happen
so
that
they
don't
have
to
be
educated
in,
go
modules
and
get
and
like
the
details
of
could
builder
yeah.
D
B
So,
just
a
general
threat
of
having
tools
be
able
to
commonly
use
these
add-on
operators.
I
I,
guess
something.
That's
on
my
mind
and
you
know
how
we've
done
things
is
an
open
ship.
This
it's
great
if
you
can
install
the
operator,
but
how
do
you
get
the
feedback
back
out
of
the
operator
to
know
what
it's
done
and
is
it
happy
operand?
That's
controlling
actually
happy
and
all
of
those
things.
B
D
A
bit
of
a
thought
experiment,
which
is
maybe
we
shouldn't
be
exposing
like
by
proxy
the
status
field
of
everything
that's
handled
via
the
operator,
because,
if
that
gives
you
like
read
access
to
the
CRD,
it's
technically
giving
you
read
access
to
everything
that
it
controls,
which
somebody
might
not
want
because,
like
so
it's
making
a
are
back
tunnel.
What?
If
we
had
like
a
coop
CTL
plugin
I
can
did
it
client-side.
D
D
B
Are
for
their
configuration
and
they
can
have
detailed,
very
detailed
status
on
those
things,
but
then
we
have
a
higher
level
abstraction
that
we
call
a
cluster
operator
resource
and
that's
a
common
resource
that
for
every
one
of
our
operators
that
we
put
down
on
the
cluster.
It
creates
an
instance
of
this
and
it's
a
very
simple
contract.
That
just
says
am
I
available?
Am
I
degraded
what
version
level
am
I
on
really
high
level
stuff
that
can
give
higher
order,
tooling
the
ability
to
the
coordinating
rollout
of
those
things?
B
C
Like
that,
because
it's
so
I
like
that,
a
lot
I
think
we
should
have
standard
fields,
I
think,
there's
a
two
alternatives
that
I'm
aware
of
our
to
do
what
you
described.
We
have
a
new
CR
or
to
do
sort
of
duck
typing.
Where
you
say
all
the
CRS
should
implement
their
standard
set
of
fields,
I
like
what
you
did,
because
it
supports
discovery.
C
It
makes
discovery
easier
right.
You
can
just
look
for
all
that
yeah
I
feel,
like
I
think
we
should
write
a
book
about
like
kubernetes
design
patterns
like
the
design
patterns
Gang
of
Four
book,
that
we
update
for
the
modern
era,
the
cloud
native
era,
but
yeah
I-
think
we
those
either
one
of
those
patterns,
seem
reasonable
to
me.
C
I
feel,
like
the
devil,
is
gonna,
be
in
the
details
in
terms
of
like
what
Lee
was
talking
about
in
terms
of
like
which
is
better
in
terms
of
our
back
in
terms
of
discovery
and
all
these
things
I
honestly
I'm,
easy,
either
way.
I
think
we
can
probably
figure
it
out
together.
I
like
I,
like
the
idea
of
exposing
as
a
consistent
resource.
C
D
But
so
I
guess
just
the
what
I
was
talking
about
with
the
whole.
Our
back
tunneling
thing
is
the
more
detailed
statuses
of
all
of
the
sub
objects,
which
is,
it
seems
like
that,
would
be
like
porting
the
status
fields
and
then
proxying
and
like
duplicating
them
into
the
custom
resource
of
the
Opera,
seems
to
me
like
something
you
would
not
maybe
want
to
do,
but
instead,
maybe
just
having
a
list
of
this
could
also
be
a
standard
field
like
a
list
of
fully
qualified
API
names.
C
Also
think
we
should
have
that
tooling.
That
is
aware
of
ona
refs
on
the
aggregation
hierarchy.
I
guess
you'd
call
it
I'm
I'm,
not
yet
convinced
that
the,
unless
we
do
something
crazy,
that
there
is
a
massive
security
risk
from
exposing
those
things,
because
you're
still
gonna
have
our
mic
permissions
on
your,
whether
it's
under
the
C
RDS
or
on
the
surround
the
CRS,
I
guess
or
on
the.
What
do
you
call
it
Jessica
operator
or
something
the.
D
D
C
D
D
It's
reasonable
to
say
that
the
that
the
CR
should
be
updated
with
status
about
kind
of
what's
happening
as
a
whole,
and
there
may
even
it
may
even
be
useful
right.
So
then,
like
have
more
qualified
error
messages
bubble
up
there
like
if
you
are
adding
context,
but
as
far
as
like
I
want
to
know
specific
status
fields
of
everything
that
it's
doing
copying.
Those
things
in
is
an
efficiency
thing
and
a
security
issue
in
my
opinion,
so
that
kind
of
detailed
status,
reporting,
I
believe,
should
probably
be
on
the
client
I.
C
I
think
you're,
making
a
that's
a
good
I,
think
that's
a
good
argument.
I
think
that's
theirs.
Consider
me
considerably
more
convinced,
I
think
I,
guess
what
we
wanted,
balance
against,
that
it
is
like.
Does
anyone
actually
want
is
ever
gonna
consume,
so
I
think
that's
something
we
have
some
prototypes
that
do
do
that
mirroring?
C
Is
that
a
value
to
anyone
or
is
or
the
high
level
tool
are
the
high
level
higher
level
tools
just
gonna
consume
the
overall
status?
If
there's
no
value
and
the
potential
security
risk,
and
we
can
address
like
the
use
case
of
convenience
through
like
better
tooling
then
and
I
feel
like
you,
your
your
pace
is
solid.
If
there
is
a
use
case,
then
we
should
think
about
like,
but
honestly
I
don't
know
whether
any
higher
level
tooling
would
require
more
granular
permissions.
It
feels
like
a
like
a
layering
violation.
I,
don't
know
just
give.
B
I
mean
the
point
where
we
need
that
level
of
granular
information
is
usually
not
from
the
automated
tooling.
It
then,
is
usually
at
the
point
of
a
support
case,
great
right
and
then
you're.
Dealing
with
an
administrator
has
the
access
to
be
able
to
run
a
tool
that
can
go
grab
gather
everything
of
these
to
be
gathered,
unlikely.
D
Yeah
and
I
believe
om
the
UI
that
they
have
built.
Does
this
for
a
kind
of
starting
set
of
common
types?
If
I'm
not
mistaken,
it
goes
and
follows
the
the
own
ahrefs
and
then
shows
you
like
a
user
interface
of
all
of
the
objects
that
are
in
that
are
managed
and
what
their
states
are,
and
so
that
yeah.