►
From YouTube: SIG Cluster Lifecycle - Cluster Addons 20200303
A
A
B
B
B
B
A
B
A
Yes,
I
think
Jeff
also
knows
the
person
that's
I
recall,
their
name
is
I,
just
bring
it
up
a
tow.
A
tow,
88
and
yeah
they've
been
doing
a
lot
of
sort
of
contributions,
mostly
I.
Think
in
the
related
declarative
pattern,
repo
I
recall
correctly,
but
yes,
they
they
asked
to
be
a
reviewer,
and
so
we
we
put
in
there
super.
B
B
Yeah
and
I
don't
know
if
this
really
comments
on
be
the
agenda.
Doc,
yeah,
not
sure,
if
of
if
you
all
saw
the
plus
API
proposal
that
came
in
I
know
that
Justin
and
Lee
at
least
were
worth
that
meeting.
Do
you
think
you
could
say
a
couple
of
words
about
this?
Like
was
your
reading
or
the
counted?
Does
it
fit
into
the
for
the
scheme
of
things,
because
then
the
minutes
they
weren't
quite
clear
enough
for
for
me.
C
A
I
need
to
review
it.
I
do
think
it's
important
whatever
we
do.
There
will
be
some
bootstrap
thing
that
has
to
happen.
So
I
was
basically
thing
that
this
is
a
bootstrap
mechanism
that
can
kick
off
operators
or
it
could
also
be
used
to
just
apply
the
thing
itself
I'd.
Rather,
we
kicked
off
operators,
but
it
could
be
used
for
other
purposes
as
well,
but
it
seems
whichever
way
it
goes,
is
more
about
how
we
execute,
and
there
does
need
to
be
this
hook
in
in
foster
care.
C
Yeah
I
mean
I,
definitely
see
the
generic
like
usefulness
of
it
and
the
installation
library
that
we
built.
You
know
it's
pretty
thin
and,
like
I,
think
fairly
understandable.
That
look,
if
like
we
could
get
some
buy-in
from
the
cluster
API
folks
to
be
like
okay.
Well,
we
want
to
run
these
experiments
and
get
some
mileage
on
this
type
of
interface.
Can
we
actually
use
the
thing
that
we've
been
working
on
and
trying
to
get
merged
into
kuba
dam,
so
I
mean
that's,
that's
my
opinion.
C
It's
like
we
should
we've
thought
a
lot
about
the
kinds
of
lifecycle
problems
already
and
thought
about
the
simplest,
most
generic
thing
we
could
build
and
we
went
and
built
it.
So
hey
can
we
use
it
like
in
this
particular
place
and
what
modifications
need
to
be
made
to
support
the
managing
cluster
kind
of
workflow.
D
A
C
Why,
though,
the
Cuban
proposal,
yeah
I,
guess
where
the
communication
lines
like
get
blurred,
is
like
cluster
API
is
a
very
separate
project.
There's
not
a
lot
of
the
same
contributors
on
both
sides
of
coop
idiom
and
cluster
API,
and
then
it's
like
cluster
API
already
has
providers
that
support
Covidien
component
config
so
like
nothing
needs
to
happen
in
cluster
API
in
order
for
it
to
consume
that
work
from
Cuba
diem.
C
But
it
was
a
kuba
diem,
specific
thing,
not
a
cluster
API,
specific
thing,
and
so
now
they're
talking
about
building
the
cluster
API
specific
thing
and
that's
a
really
big
group
of
people.
You
know
who
support
various
initiatives,
so
they
came
up
with
something
pretty
simple
and
it
just
it's
overlapping
work
think
that
if
we
were
to
just
advocate
for
the
same
mechanism
to
be
used,
then
I
don't
think
that
that
would
be
that
controversial
I.
C
Can't
say
a
couple
questions
about
this
proposal:
yeah
I,
the
motivation
for
having
a
hook
that
can
apply
stuff
later.
Is
that
those
API
types
don't
exist
yet
or
we
don't
want
the
operate,
the
controller
to
start
reconciling
those
things
just
yet.
What's
the
motivating
issue
for
the
story?
They
just
want
to
be
able
to
customize
the
cluster
after
it's
created.
Oh
so
it's
a
bootstrap
type
problem.
C
So
even
if
we're
talking
about
operators
right
like
we
still
mean
whatever
the
mechanism
is
to
get
those
operators
into
the
cluster,
and
so
that's
the
problem
space
that
they've
proposed
to
solve
by
just
storing
a
bunch
of
objects.
Inside
of
config
maps,
referencing
the
config
maps
to
decorate
the
cluster
object
and
then
after
the
cluster
is
reported
as
status
created,
then
the
apply
operator
that
they've
been
talking
about
in
the
control,
plane,
cluster
or
the
manager
cluster
then
goes
and
uses
the
coop
config
for
the
created
cluster
to
go
apply
to
that
API
server.
C
C
C
Yeah
I
mean
it's
a
pretty
simple
mechanism
that
I
think
would
become
a
lot
more
usable
and
useful
if
they
use
the
add-on
installer
configuration
API,
since
that's
designed,
you
know
to
make
it
easy
for
people
to
bundle
things
from
different
sources,
potentially
use
the
customized
OCI
packaging
in
the
future
patch.
You
know
and
extend
things
reference
them
actually
remove
things
with
the
declarative
configuration
their
main
use
case
that
they
kind
of
brought
up
was
about
like
CSI
volume
plugin.
C
You
know,
configurations
and
network
policies
and
stuff
like
that,
which
I
I
think
is
like
a
very
attractive
use
case.
For
somebody
to
be
like
hey
I
want
to
apply
some
simple
things.
When
I
create
a
bunch
of
clusters
like
say
I'm,
you
know
some
large
user
and
I
want
to
create
50
clusters.
Then
I
want
to
be
able
to
ensure
that
all
of
the
production
namespaces
don't
talk
to
those
staged
ones
or
something
so
that
that's
helpful.
Thank
you.
I
am
again
misunderstood
the
the
goals
originally.
C
Yeah
yeah
it
basically
NCDC
and
I.
Think
some
other
folks
like
mentioned
that
the
add-ons
working
group
like
was
working
on
things
in
this
area
and
the
word
add-on
seems
to
be
still
controversial.
People
keep
bringing
it
up
in
the
proposal.
Okay,
can
we
call
this
something
else,
but
it's
a
pretty
generic
term,
at
least
in
how
we've
been
talking
about
it
here.
C
Anyway,
if
you
have
thought,
go,
read
the
proposal
and
there's
actually
a
in-flight
PR
as
well
by
sadef
who
picked
up
the
issue
to
work
on
it.
She
has
posted
an
implementation
and
I
think
it's
a
good
good
start
on
things.
I
think
that
the
actually
using
the
cluster
API
and
having
a
mechanism
that's
native
to
the
cluster
API
is
a
good
idea.
C
It's
a
new
idea,
something
that
we
haven't
talked
about
here,
which
is
you
know,
composing
with
the
authentication
and
the
cluster
objects
inside
of
the
manager
cluster
to
actually
maintain
a
fleet
of
clusters
and
the
add-ons
installed
within
them.
So
if
we
could
just
take
the
mechanism
for
the
application
and
actually
swap
it
out,
instead
of
making
it
just
this
generic
strings
loaded
from
config
Maps,
if
we
could
use
the
add-on,
installer
configuration
add
things
to
that
API
and
modify
the
library
so
that
it
fits
fits
all
the
use
cases.
C
C
D
I
just
want
to
go
back
to
the
you
made
a
comment
about
the
word
add-on
people
talking
about
that,
and
they
did
want
to
stress
that
their
motivation
for
well
they're
talking
about
cluster
customization,
are
configuring
and
they're
talking
about
things
that
we
would
not
include
in
what
we've
called
add-on.
So
I
guess
an
example
might
be
a
network
policy.
C
Yeah
I
think
it
gets
a
little
funky
when
you
start
like
talking
about
things
that
require
compute
versus
policies
that
configure
stuff
that
clusters
come
with,
like
nothing
has
to
be
installed
right
for
a
default
kubernetes
cluster
to
have
a
network
policy
be
applied
to
the
API.
You
might
need
an
accompanying
CNI
that
actually
can
enforce
that
Network
policy
yeah.
D
C
C
C
We've
definitely
talked
about
similar
problems
of
like
I
want
to
create
a
thing
right
after
it's
been
installed,
yeah
and
just
like
conversations
I've
had
on
the
side
with
people
and
Chris
is
actually
on
the
call
as
well.
We
had
a
talk
last
week
about
like
the
issue
of
maintaining
api's
and
the
operators
or
controllers
that
consume.
C
Those
api
is
in
the
cluster
being
very
hard
to
tenant
eyes
when
you're
sharing
a
larger
cluster
between
multiple
parties
and
I
think
that
the
granular
bundling
of
C
RDS,
the
operator
itself
and
its
accompanying
are
back
and
the
custom
resource
instances.
The
kind
of
predefined
templates
that
you
might
provide
for
people
to
actually
create
instances
of
those
things
they
can
be
versioned
and
exposed.
C
You
know
in
the
same
repository
but
I
I,
pretty
adamant
about
them
actually
being
referenceable
as
separate
entities
and
that
examples
and
the
way
that
we
interesting
courage,
people
to
install
and
compose
these
things.
It's
like
you
go
from
referencing.
One
thing
right,
which
is
like
give
me
the
add-on
with
all
of
the
like
defaults
things
that
I
think
would
be
useful
for
80%
of
people
to
referencing.
C
You
know
namespace
version
of
the
CR
d
like
those
kinds
of
things
we
need
to
and
be
smarter
about,
or
else
we
end
up
even
worse,
often
before
right,
just
a
leaky
abstraction
for
bundling
things
together
and
I
think
that
a
lot
of
those
kinds
of
problems
like
when
people
like
are
like
hey
I,
need
to
apply
a
bunch
of
yeah
mole
to
a
cluster.
They
haven't
thought
about
the
usability
of
those
things.
B
A
That's
really
what
to
sort
of
ask
you
about
them
was
when
you
talked
about
this.
This
pattern
in
when
the
cluster
comes
up
having
an
operator
which
applies
things
if
they
don't
exist,
as
it
were.
What
is
that?
What
is
the
source
of
that?
Is
it
like
an
image
and
I?
Guess,
like
the
follow-up
question,
would
be
like
what
about
when
it
sort
of
changes
per
cluster
sort
of
thing
like
do
you
imagine
people
pushing
an
image
per
cluster
or
what.
C
A
C
The
reason,
by
the
way
that
this
is
what
we've
been
looking
at
doing
this
because
then,
when
we
decide
later
to
update
to
some
other
future
version,
you
know
to
worry
too
much
about
transitioning
those
existing
resources,
because
the
new
operators
should
start
up
see
what's
there
and
have
some
migration
story
for
whatever
existing
resources.
Are
there.
A
C
Either
just
making
me
realize
that
I
think
one
the
main
like
differences,
that
differentiate
approaches
is
when
you
can
schedule
something
like
into
the
cluster,
and
you
have
compute
right
and
you
can
run
like
code
that
you
ask
the
user
to
run.
You
can
do
things
kind
of
at
this
pre-compiled
stage
right.
So
if
you
consider
kubernetes
a
computer
that
runs
like
a
bunch
of
instructions,
some
of
those
are
policies
that
restrict
the
way
it
behaves.
C
C
Would
you
expect
that
an
operator
that
has
that
kind
of
dynamic
introspection
if
you
were
composing
it
instead
and
the
custom
resource
like
the
custom
resource,
would
predicate
the
operator
what
you'd
have
to
be
installed
before
the
operator
actually
came
up
and
introspected
at
its
environment?
Yeah
I
would
expect
some
sort
of
model
like
that,
where
you
say
like
series
first
make
sure
they're
available
then
see.
Ours
then
start
up
anything.
That's
actually
not
look
at
them.
E
C
Is
it's
like
yeah
users,
like
often
will
want
to
do
the
opposite
thing
from
how
the
person
creating
the
operator
packages
it
right.
So
some
operators
are
like
packaged
as
cluster
level
operators,
and
some
of
them
are
packaged.
You
know
at
a
namespace
or
several
namespace
level
and
I
think
that
that
has
a
lot
to
do
with
just
the
usability
of
our
back
and
the
fact
that
when
we
bundle
things
like,
we
create
our
back
rules
that
are
hard
to
create
that
have
a
purpose,
and
so
the
people
find
like.
C
Oh,
this
is
the
way
that
this
is
supposed
to
work,
not
realizing
that
they
can
change
that,
not
realizing
they
can
decide.
Oh
I'd
like
to
restrict
this
thing's
permissions
or
I'd
like
to
expand
them.
I,
don't
have
to
install
this
per
namespace
if
I
want
to
do
a
platform
level
thing,
but
yeah
I
think
that
what
you're
bringing
up
Prakash
is
a
very
important
component
of
the
conversation.
It's
like.
How
do
we
encourage
people
to
expose
usable,
flexible
permutations
of
our
back
rules
per
add-on
for
things
that
need
those,
and
my
question
for
you?
C
Evan
was
like
when
you
were
talking
about
inspecting
the
environment.
Was
that
also
like
inspecting
the
our
back
rolls
themselves?
It
can
be.
It
varies
for
each
operator
how
much
permission
they
need
and
how
much
they're,
given
what
they're
able
to
check
yeah,
because
you
wouldn't
get
access
for
the
are
but
yeah.
E
C
C
C
C
C
That's
working
on,
like
all
sorts
of
solutions
to
that
problem.
Do
you
join
that
Evan
I
used
to
join
it
a
lot
more,
but
someone
from
our
team
joins
every
time.
Yeah,
nice
yeah
well
from
the
add
on
side
of
things,
yeah,
just
making
sure
that
people
are
are
granularly
packaging,
their
work
and
that
we're
using
a
shared
insulation
mechanism
to
actually
get
the
things
into
the
cluster
are
some
of
my
interests
so
yeah.
C
If
we
could
I'm
happy
to
build,
you
know
the
modifications
to
the
cops
implementation
that
are
necessary
to
help
accomplish
that,
and
then,
if
anyone
has
any
review
comments
for
the
cluster
API
proposal,
I'm
sure
that
we'd
all
appreciate
reading
your
opinions
and
conclusions
and
I'm
gonna
go
over
there
and
and
make
some
suggestions
as
well.
Regarding
the
add-on
installer
configuration
using
that
API.
A
B
E
F
At
least
from
the
multi-tenant
side
of
things,
the
real
issue
comes
from
that
we
have
a
shared
GVK
across
everything,
and
most
people
are
still
doing
there.
There
are
a
lot
of
operators
out
there
that
are
kind
of
coming
from
the
side
of
actually
creating
cluster
scoped
resources
and
then
in
a
multi-tenant
world,
since
everything
lives
in
a
single
ap,
a
single
API
server.
F
We
have
we
run
into
the
issue
where
a
team,
for
example,
has
to
own
a
full
set
of
CR
DS,
and
if
there
are
multiple
operators
in
that
cluster,
one
team
can
technically
break
somebody
else's
implementation
if
they
actually,
like
namespace,
wrote
them
properly
to
end
up
in
this
really
strange
environment.
Where
policy
doesn't
actually
stop
that
per
se
or
protect
you.
You
see.
C
They're
also
some
issues
with
the
way
CDs
work
in
clusters
now
with
conversion
Web
books.
So
you
can
only
have
one
end
point
in
the
entire
cluster
that
can
convert
between
API
versions,
which
means
that
if
you
have
multiple
instances,
they
really
need
to
be
like
at
the
same
version
of
the
controller
or
you
don't
have
multiple
instances.
It's
kind
of
the
best
options,
yeah.
A
Think
maybe
that
we
have
to
we
said
we
don't
have
a
great
solution
for
all
this
yet
and
that
we
may
have
to
restructure
our
packages
into
like
cluster
scope
and
namespace
scoped
and
think
very
carefully
about
what
happens
with
skew
between
those,
because
maybe
we
could
like
forward
a
web
hook
into
a
namespace
with
a
but
like
it
just
gets
really
messy,
and
maybe
we
just
want
to
version
the
global
the
cluster
scoped
package
very
carefully
and
make
sure
that
everything
else
is
backwards
compatible.
But
then
why
don't?
C
What
add-ons
are
they
want
to
include
now
they
have
to
understand
like
how
controllers
work,
how
our
back
works,
how
namespace
scoping
works
have
very
particular
features
to
see
how
these
work
just
to
make
the
decision
of
like
how
I
want
to
install
this
one
particular
controller
in
a
cluster.
It's
very
difficult
for
users
to
understand.
There's
been
our
experience
at
least.
C
B
F
F
I
can
give
you
kind
of
like
the
eye
level.
What
I
ended
up
implementing
real
quickly
was
a
was
an
actual
implementation
of
the
component
config
type
in
controller
runtime,
I'm
gonna
back
that
actually
out
of
the
proposal
and
go
towards
what
you
are
suggesting.
Actually
because
I'd
read
what
your
your
suggestion
incorrectly
about
an
embeddable
type,
which
I
luckily
found
some
interesting
stuff
from
the
component
base
side
of
things
that
unfortunately,
Nick,
unfortunately
dropped
off,
but
there's
a
bunch
of
already
standard
types
that
we
can
load
in.
F
To
do
some
of
this,
like
the
the
path
to
a
config
file,
config
file,
the
leader
election
configurations,
the
resync
timeframes,
so
there's
some
stuff
that
I
can
already
pull
in
here.
Yeah
I,
basically
just
need
to
go
and
do
a
little
a
couple
updates,
based
on
rereading
what
you
had
your
original
feedback.
Yeah.
C
F
We
can
provide
them
embeddable
components
like
what
you
do
is
type
meta
and
things
like
that
from
from
API
machinery.
It
will
allow
them
to
do
that.
I
think
that's
kind
of
what
you're
getting
at
correct,
not
giving
them
allowing
them
to
extend
it,
how
they
need
to,
instead
of
giving
them
a
full
time
or
making
them
write
the
full
time
from
scratch.
C
Yes
and
I
was
also
maybe
thinking
a
base
default,
one
that
somebody
could
use,
even
if
they
didn't
want
to
extend
it,
they
did
compile
all
of
the
things
that
got
it
like
use
as
a
starting
spot.
So,
like
you,
could
embed
that
as
your
base
object
and
then
extended
beyond
that
that's
kind
of
what
I
was
thinking
but
I,
don't
know
if
that
even
makes
sense,
I
think.
F
G
B
B
G
I
tried
to
sort
of
redirect
that
to
the
Cortina
stock,
I
wrote
a
while
ago
and
I
think
that's
where
a
lot
of
the
that's
where
you
got
like
a
lot
of
the
tasks
but
I'm
very
interested
in
feedback
there
and
I.
Don't
have
any
experience
doing
ji-suk
so
I
don't
know
how
to
find
we
need
to
be
or
how
many
videos
we
can
be
so
keep
the
feedback
rollin
if
things
are
not
crisp
enough
or
kind
of
head
in
the
wrong
direction.
Cool.
B
Yes,
so
I
went
over
the
the
other
issue
and
basically
added
all
the
links
that
could
find
so
taking
a
look
at
at
the
code
they're
trying
it
out
and
reading
some
of
the
the
issues
pointed
out.
I
think
that's
going
to
to
be
a
good
start,
because
you
can
always
ask
in
these
meetings
as
well
on
slack,
if,
if
anything
is
unclear
but
yeah
I
think
things
are
going
to
evolve
over
the
next
weeks
and
I.
Think
it's
even
I,
don't
know
eight
weeks
or
something
until
sort
of
code
start.
A
I've
been
thinking
about
should
koukin
not
go
ahead
like
content
that
might
be
well
done
virtually
to
fill
the
gap
as
it
were
and
maybe
like
that's,
live
code
and
operator,
I'd
be
a
good
one
or
like
that's
to
session,
like
you
know
that
sort
of
things,
so
maybe
we
can
pursue
that
as
well.
That
would
be
interesting
or
helpful.