►
From YouTube: 20191007 - Cluster API Provider AWS Office Hours
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
Hello
and
welcome
to
the
October
seventh
edition
of
the
cluster
API
provider
EWS
office
hours,
a
sub-project
of
on
state
cluster
lifecycle
and
cluster
API,
just
a
reminder
that
the
kubernetes
code
of
conduct
is
in
play
for
this
meeting
and
it
is
being
recorded
and
will
be
uploaded
to
YouTube
later.
If
you
are
attending,
please
go
ahead
and
I
drew
herself
to
the
attending
list
on
the
meeting
notes
and
if
there's
anything
that
you
would
like
to
discuss,
please
go
ahead
and
add
it
to
the
agenda.
A
I've
went
ahead
and
linked
the
notes
in
the
chat
for
anybody
who's
here
as
well.
To
start
off
with,
we
had
a
few
PSAs
first
one
version
0.4
dot,
one
was
released.
Please
go
ahead
and
check
the
release
notes.
There
are
quite
a
few
features
and
bug
fixes
that
landed
with
that
release,
and
we
also
had
version
0.39
release
as
well.
A
A
B
Basically
we're
talking
with
some
of
our
other
teams
who,
like
instrument
of
our
core
OS
provisioning
process,
to
see
like
if
it
would
be
acceptable
for
in
the
interim
term,
to
kind
of
just
do
what
we're
doing
now,
but
in
core
Westland,
which
would
just
be
in
basically
an
image,
an
image
perversion
and
then
see
if
we
could
go
from
there,
have
not
put
a
ton
of
time
into
figuring
out
like
how
to
make
like
the
bootstrap
provider,
understand
kind
of
the
way
that
we
want
to
do
it.
Yet.
A
B
C
Oh
all
right
then,
over
to
you
Andy
thanks
Jason.
If
you
would
stop,
Sharon
I
will
take
over
slaughter
the
book
okay.
So
we
have
four
open
issues
without
a
milestone
and
the
goal
here
if
you're
new,
is
to
just
do
a
quick
review
and
then
try
and
set
the
priority
in
the
milestone
and
we're
basically
deciding
if
we're
going
to
work
on
this,
for
treat
something
as
a
bug
fix
for
the
current
release.
C
Work
on
it
for
the
next
upcoming
milestone,
or
we
also
have
a
next
milestone,
which
basically
means
that
we've
triaged
it,
but
it
doesn't
have
a
particular
release
that
we're
planning
on
getting
it
out
in.
So
this
was
one
that
I
opened
about.
Should
we
wait
on
AWS
operations
to
complete
when
we're
reconciling,
or
should
we
just
issue
an
operation
against
AWS
and
then
come
back
in
the
next
resync
and
see
how
things
are
going
and
I?
C
C
C
C
D
D
It
came
from
a
different
book
report
and
I
assume
that
this
person
who
filed
the
other
bug
report
once
they
got
the
fix
that
I
had
for
that
initial
bug
report.
They
would
encounter
this
issue,
but
also
just
like
you
know.
If
we
want
to
say
this
sort
of
thing
is
out
of
scope,
we
should
have
enforce
that
explicitly.
D
We
should
just
you
know,
have
a
validation,
error,
I,
don't
I
honestly,
don't
totally
understand
the
implications
of
the
numbers
of
subnets,
so
somebody
else
might
need
to
make
that
call,
but
the
situation
where
you
can
do
it
and
it
just
fails
for
unknown
reasons.
It's
probably
not
will
permanently
great.
C
C
B
C
A
C
Okay,
well,
nobody
else
has
reported
it,
which
doesn't
necessarily
mean
that
nobody
run
into
it
right.
It's
not
anything.
That's
causing
a
significant
amount
of
headaches,
I'm
guessing
so
I.
Think
Maurice
can
point.
I
would
say
soon,
given
that
it
is
a
seg
fault
and
we
can
put
it
into.
C
D
C
So
well,
then,
we'll
do
important
soon,
thanks
Liz
all
right.
So
that
is
the
end
of
open
issues
with
a
milestone
we
do
have
eleven
open
PR.
Is
that,
since
we
have
plenty
of
time
left
in
the
hour
I
figured,
we
could
just
touch
base
on
what
we've
got
open.
So
first
one
from
the
bottom
is
refactoring
the
ete
test
Jason.
How
are
we
to
go
ahead
and
close
that
one.
C
E
F
C
I
think
this
one
just
needs
another
review,
because
I
haven't
looked
at
it
in
a
little
while
so
I'll
come
back
and
take
a
look
at
this
and
anybody
else
who's
interested.
Please
do
so
as
well.
So
what
this
one
does
is
it
takes
the
validation
logic
that
we
had
in
that
we
have
a
master
right
now
and
in
Tier
four
and
zero.
Three
that
looks
at
the
capital
resources
after
they've
been
created
or
updated
and
they've
been
stored
in
MTD,
and
then
it
will
go
and
validate
them
and
potentially
set
error,
message
or
error.
C
C
Okay
I
know
there
were
some
activity
on
this
one
over
the
weekend
or
today
wanting
to
be
able
to
do
internal
and
not
internet-facing
control,
plane,
load,
balancers,
I
think
this
one
probably
I
know
nadir.
You
had
some
comments
in
here
as
well
as
Vince
y'all
think
this
one
is
close
to
ready
to
go.
Should
it
go
in
four
zero?
Four,
or
should
it
wait
until
the
next
release
I
think.
F
C
C
B
C
C
D
C
Sorry,
add
web
port
web
hook
port
flag.
So
this
we
want
to
be
able
to
run
the
kapa
pod
as
non-root,
and
there
were
some
defaults
that
expected
the
web
hook
server
to
listen
on
port
443,
which
requires
a
root
user.
So
this
changes
the
default
port
to
8,
4
4
3
and
also
exposes
it
as
a
command
line
flag
so
that
you
can
configure
it
I
know
Jason.
You
were
waiting
on
this
change
which
looks
like
it's
in
now,
so
you
should
be
pretty
close
on
this
one.
C
Although
I
did
have
a
question
so
the
ports
in
the
container
portion
of
the
pod
spec
I
know
it's
intends
to
be
informative
and
not
prescriptive
and
I'm
also
wondering
like.
If,
if
a
user
were
to
change
this,
then
presumably
they
should
change.
What's
in
the
patch
as
well
I'm
wondering
if
this
is
even
really
needed
or
if
we
could
just
remove
this
entirely.
B
C
Because
I
know
like
when
you're
doing
a
docker
run
and
you
tell
it
or
like
in
the
docker
file,
you
say
that
it
exposes
a
certain
port.
That's
really
that
tends
to
be
informational
and
from
a
kubernetes
perspective,
I
think
it's
even
more
informational
and
that,
like
this,
isn't
I,
don't
think
this
does
anything
I'd
have
to
go.
Look
at
the
decoding,
kubernetes
on
the
keyword
side,
but.
A
A
C
B
A
C
This
becomes
a
problem
so
in
the
validating,
webhook
PR.
At
one
point,
there
was
a
change
to
the
docker
file
to
run
as
root
I'm,
pretty
sure
that
got
undone
yeah.
So
here
with
the
validating
web
hooks
enabled,
then
you
know
running
is
non
root.
It
can't
bind
and-
and
so
we
ended
up
getting
11
20
file
to
make
the
port
configurable,
which
lends
to
the
TR.
C
All
right,
Liz
you've
got
a
new
one
to
actually
apply
explicitly
specified.
Subnet
tags.
C
Yeah
we'll
get
around
to
reviewing
that
today,
Thanks
and
when
we
have
Noah's
leader
election
fix.
So
we
were
trying
to
run
cluster
API
Kappa
and
the
QB
damn
provider
all
in
the
same
namespace,
and
they
all
try
to
use
the
same
default
leader
election
ID
and
so
only
the
first
one
that
gets
it
and
acquires
the
lock
is
allowed
to
run
and
the
other
team
just
waited.
C
G
Do
hi
guys
so
so
I'm
working
with
stuff
around
subnets
we're
in
an
organization
where
our
accounts
are
created
for
us
by
a
separate
department
in
our
organization
and
the
subnets?
Are
we
wear
an
a
but
we're
not
able
to
name
them
or
tag
them
that
is
given
to
us?
So
we
have
a
set
of
like
for
private
subnets,
which
will
be
will
be
sharing
for
all
our
communities
accounts
and
there's
like
lots
and
lots,
and
lots
of
accounts
like
that.
So
we
need
to.
G
G
Because
we
kind
of
we
sort
of
when
I
provide
when
I
provide
an
egg,
an
AWS
class
to
spec,
with
with
the
subnets
list,
the
subnet
ID
is
listed
and
in
the
network
spec
and
then
the
reconciliation
happens,
like
my
set
of
subnets,
just
kind
of
gets
lost
and
everything
gets
populated.
And
then,
when
you
create
like,
when
you
create
the
control,
plane,
load
balancer
it
like
there
isn't
really
a
mechanism
there
where
I
can
specify
which
subnets
to
use
it's
a
tricky.
One
and
I
don't
want
to
are.
D
G
Could
it
could
be
I'm,
not
I'm,
not
aware
of
what
ice
that
like
if
I
provide
X,
then
why
should
happen?
I'm,
not
I'm,
not
sure
what
I
can
provide
for
it
to
to
grab
just
the
subnets
I
want.
It
looks
as
though
it's
expecting
that
they
would
be
named,
they
would
renamed
a
particular
thing,
and
part
of
the
part
of
the
expected
name
is
the
name
of
the
cluster
that
it's
provisioning,
but
we
can't.
We
can't
have
specific
subnets
per
clusters
here.
So.
G
B
The
way
so
the
way
that
we
make
clusters
right
now
is
we
have
an
existing
AWS
account
with
an
existing
V
PC
with
existing
subnets,
and
we
put
those
subnet
IDs
into
the
subnet
field
on
the
cluster
object,
and
then
we
also
put
the
subnet
ID
in
the
subnet
field
of
all
the
machine
deployments
that
we
create.
Okay,
that
presently
works
and
also
creates
a
load
balancer
though
load
balancer
in
a
private
subnet
is
not
yet
the
thing
I
believe.
If
that's
something
that
you
may
require
yeah.
G
G
F
G
And
we
also
wouldn't
want,
because
we
have
some,
we
have
some
subnets,
that
we
should
use
that
I
marked
like
enterprise,
and
we
have
other
ones
that
are
marked
there.
They're
intended
for
specific
things
and
we're
not
supposed
to
we'll
be
out
of
compliance
if
we
use
those
other
subnets,
they're,
all
private.
So
by
the
current
implementation.
If
I
was
just
to
just
take
out
the
filter
public
thing
it
would,
it
would
likely
choose
subnets
that
we
don't
want
it
to
use.
G
F
E
E
D
F
I
thought
that
I
had
was
we
your
other
PR
for
the
load
balancer
scheme,
instead
of
like
kind
of
had
this,
like
a
very
generic
load
balancer
scheme
on
the
network
spec
to
have
a
Scruggs,
that's
very
specific
to
the
API
server
load
balancer,
which
says
which
scheme
and
then
later
on?
You
could
add
also
the
subnets
in
there.
So
there's
like
a
struct
like
who
this
was
mentioning,
that
kind
of
it's
very
specific
to
bad
load,
balancer,
okay,.