►
Description
A Kubernetes community meeting about the Azure provider for Cluster API. Cluster API brings familiar, declarative APIs to Kubernetes cluster creation, configuration, and management.
A
B
Did
you
start
recording
one
okay,
hi
hi?
Everybody
today
is
april
29th.
This
is
the
office
hours
for
a
cluster
api
provider
for
azure.
We
followed
the
cncf
meeting
guidelines,
so
please
be
kind
to
each
other
and
raise
your
hand
if
you
have
any
questions
or
wanna
or
have
any
comments,
and
please
add
your
names
to
the
attendees
list,
and
this
is
also
being
recorded.
B
B
People,
okay,
other
than
that
I
see
we
have
in
our
list
of
of
discussion
topics
a
demo
by
eugene.
B
Right,
are
you
ready
to
do
that
using
or
yeah.
B
C
So
again,
my
name
is
eugene
eugene
fedoremco.
I
am
working
on
csv
team,
devops
and
infrastructure,
and
currently
our
scenario
that
we
are
working
on
that
we
are
digging
into
is
related
to
devops
for
cloud
native
applications
related
to
mostly,
our
focus
is
about
githubs
and,
besides,
just
you
know,
trivial,
regular,
github
separations
that
are
related
to
deployment
of
applications.
C
We
are
looking
at
the
whole
big
picture,
including
provisioning
and
updating
the
infrastructure
where
those
applications
are
running
on
and
actually
the
question
which
is
coming
out
is:
is
there
anything?
Is
there
any
toolset
that
we
can
use
in
order
to
do
that
in
the
same
very
detox
fashion,
so
without
any
push-based
pipelines
with
direct
access
to
the
cluster
from
our
devops
orchestrator?
And
actually,
fortunately,
we
came
across
cathy
and
kanji.
C
Actually,
I'm
very
excited
about
this
project
and
just
because
of
its
nature
because
of
its
design
and
architecture,
it
opens
a
wide
door
for
for
the
tops,
the
white
door
or
provisionally
kubernetes
clusters
with
detox
and
on
this
diagram.
So
this
is
actually
the
overall
picture
of
the
area
where
we
are
currently
focused
on.
So
it's
pretty
high
level
and
its
main
purpose
is
to
set
the
co
boundaries
and
to
understand
how
different
walk
streams
are
connected
to
each
other.
So
here
there
are
two
roles.
C
Two
roles
which
we
call
platform
administrator
and
development
teams,
so
the
development
team
is
involved
with
developing
the
business
applications
and
its
features.
While
the
platform
team
takes
care
of
the
platform
of
the
infrastructure
that
hosts
these
services,
these
applications.
C
So
let's
say
there
are
a
number
of
development
teams.
Each
of
them
runs
its
own
software
development
life
cycle
to
develop
applications.
C
They
have
their
code
repositories,
icd
pipelines
and
eventually
they
release
a
new
version
of
the
application,
and
this
inversion
of
the
application
is
represented
by
a
docker
image
stored
in
some
container
registry
and
by
manifest,
describing
how
to
deposit
the
application
to
an
environment
to
kubernetes
cluster,
and
these
manifests
are
stored
in
the
manifest
repository.
C
So
this
is
the
output
of
the
software
development
lifecycle
of
the
development
team.
So
then
they're
happy
with
that,
but
what
they
really
need
in
order
to
support
their
development
life
cycle
is
in
this
case.
Cloud
native
applications
is
kubernetes
resources,
so
they
go
to
the
platform
administrator
tindering
and
ask
them.
Please
give
us
some
piece
of
your
mighty
compute
the
platform
administrator
answers
no
problem
and
makes
necessary
configurations
in
the
fleet.
C
Repository
this
guide
contains
all
the
information
about
what
clusters
are
available,
what
configurations
are
applied
to
those
clusters
and
what
teams
tenants
with
their
applications,
share
kubernetes
clusters.
So
having
done
that,
having
applied
configurations
here,
a
team
will
have
a
dedicated
space
in
the
existing
field,
and
the
platform
administrator
might
also
decide
to
provision
a
new
kubernetes
class
and
give
it
to
the
team
and
it
will
and
the
platform
administrator
will
add
to
this
kubernetes
cluster
to
the
fleet.
So
for
that
purpose
they
can
use
two
options.
C
They
can
use
an
ic
pipeline
with
terraform
to
provision
a
cluster
and
to
install
flux,
donate
pointing
to
the
fleet.
Repository
with
this
done,
flux
will
install
all
required
configurations
and
workloads
on
the
cluster
another
option
for
a
platform
administrator
to
provision.
A
new
cluster
which
is
way
cooler
is
to
use
cutting,
so
they
can
define
counter
resources
in
this
fleet
repository.
C
So
the
the
fleet
wrapper
this
guy.
C
It
contains
information
about
what
clusters
or
plastic
groups
are
included
in
the
flip,
how
how
environments
like
dev
test
road
are
distributed
across
the
fleet,
what
teams
share
of
the
clusters
and
what
team
applications
should
be
running
on
those
clusters?
C
This
wrap
also
contains
any
cluster
specific
configurations
for
infrastructure
applications
such
as
again
ingress
rules,
port
numbers,
storage,
accounts
that
might
be
specific
for
every
cluster.
For
plus
a
group,
there
is
a
prototype.
C
C
Now,
there's
safari
browser
right,
yeah,
there's
a
prototype,
or
example
of
this
repository
on
github.
So
in
this
sample
we
targeted
to
cover
a
broad
generic
use
case
when
an
organization
has
a
fleet
of
kubernetes
cluster.
There's
a
clusters
within
multiple
environments
hosted
on
that
fleet,
with
a
number
of
development
teams,
with
the
applications
working
on
these
clusters
with
centralized
configurations
and
with
the
ability
of
fine-tuning
their
cluster
group
or
cluster.
C
So
this
wrapper
actually
contains
detailed
information
about
how
it's
organized
what
folders
are
there
and
how
actually,
what
performs
in
their
consolation
of
all
those
applications
and
configurations.
But
this
wrapper
besides
storing
configurations
and
applications.
So
the
traffic
also
serves
as
a
storage
of
cluster
definitions
in
terms
of
copy
resources.
C
So
this
is
like,
I
said,
an
alternative
approach
to
producing
clusters,
but
it's
very
cool
and
promising,
and
with
this
we
can
handle
the
whole
process.
The
whole
loop
in
pure
pull
base
detox
fashion
without
any
push-based
ic
pipelines
totally
because
decoratively
so
that
I
just
add
a
new
cluster
to
this
little
apple,
pr,
it
and
and
basically
that's
it
and
the
dpr
is
merged
in
a
while.
A
new
cluster
magically
pops
up
with
flux
installed
on
it
and
with
all
required
in
my
organization,
infrastructure
set
up
up
and
running
so,
for
example,.
C
C
C
C
C
I'm
going
to
add
a
new
cluster
here
to
my
fleet
repository
and
just
defining
a
helm
chart
with
some
values
for
for
this
cluster,
so
the
whole
definition
of,
of
course,
resources
encapsulated
in
in
actual
count
chart,
and
here
I'm
just
defining
what
helm,
release
consuming
this
flux,
this
helm
chart
and
providing
some
values,
like
name
name
of
the
resource
group,
name
of
the
action
full
name
and
so
on.
So
I'm
just
adding
it
and
committing
it.
C
And
basically,
that's
it
so.
C
C
C
There
will
be
a
cluster
like
it's
brother,
west
access,
so
there
will
be
a
cluster
with
every
with
everything
installed
on
it,
everything
which
is
defined
in
my
fleet
repository
in
terms
of
infrastructure,
so
it
has
fox
system
installed
on
it
and
nginx
controller
installed
in
it.
So
this
is
kind
of
my
my
set
of
infrared
that
I
want
to
be
installed
on
this
cluster.
So
if
I
configure
more
in
my
clusters,
I
will
have
more
workloads
installed
here.
C
Management
cluster,
in
my
case
is
actually
it
can
be
actually
any
any
commenter's
cluster
and
in
my
case
it's
just
k3b
running
local.
On
my
laptop.
E
C
In
reality,
in
the
quality
measure,
cluster
helm
chart
also
defines
flux,
system
and
flux,
infra
customization,
the
first,
the
first
one
remotely
installs
flux
from
the
new
provision
cluster,
so
it
can
manage
its
workloads
independently
and
the
infra
customization
is
responsible
for
installing
all
required
infrastructure
configurations
from
the
new
cluster.
In
my
case
it
was
infra.
It
was
nginx
controller.
C
C
So
basically,
this
is
what
I
wanted
to
show.
This
is
what
we
are
focusing
on
in
terms
of
kathy
and
kanji.
Any
questions
here.
C
Ahead,
so
this
is
an
interesting
and
promising
way
of
provisioning,
kubernetes
resources-
and
it's
obviously
currently
is
a
great
option
for
self-managed
benefits
clusters
on
azure,
but
we
and
our
customers
are
mostly
interested
in
provisioning,
managed
ips
clusters.
C
So
in
a
parallel
workload
to
this
one,
we
evaluated
secure
case
baseline
pattern.
So
this
is
an
official
microsoft
answer
and
recommendations
for
production,
ready
access
clusters,
and
we
asked
ourselves
if
we
can
use
county
to
provision
as
a
theoretical
cluster.
So
we
found
a
few
yet
and
reported.
C
In
this
issue,
let
me
bring
it
up
yes,
so
I
open
this
issue,
so
girl
like
comparation
table.
Basically,
this
is
this
is
what
what
should
be
done
to
the
cluster
in
order
to
to
meet
the
requirements
of
securecast
baseline
either.
It
is
provisioned
like
in
terms
of
provisioning
or
just
installed
by
flux,
as
as
a
configuration
as
a
workload
on
top
of
progression,
provisions
advantageous
cluster
and
here's
kind
of.
Can
we
do
that
or
not
with
scotty
and
kg,
and
there
are
like
three
four.
C
C
So
yeah
in
order
to
actually
meet
the
requirements
of
security
baseline,
those
things
26.
However,
I
can,
I
can't
say
that
you
know
any
of
these.
Things
is
actually
a
blocker
of
using
katie
c
for
provision
clusters,
the
blocker.
What
is
really
the
blocker
when
you
communicate
to
the
customers
is
that
it's
still
experimental,
which
is
you
know,
stated
clearly
on
the
website.
So
the
support
of
hackers
manufacturing
is
experimental
and
everybody.
Oh
okay,
it's
experimental!
So
we
don't
it's
interesting
cool,
but
no.
C
A
Thank
you
and
and
eugene.
Thank
you
very
much
for
the
demo,
not
my
question,
but
I'll
speak
to
the
experimental
side
that
that's
definitely
something
that
we've
heard
from
multiple
users
and
definitely
something
that
we
want
to
address
in
the
future.
So
I
don't
think
that
interface
is
going
to
change
all
that
much.
A
I
think
we
just
need
to
have
a
discussion
of
when
we
start
to
say
yeah,
it's
stabilized
and
also
in
the
cappy
meeting
yesterday
we
talked
about
moving
machine
pool
into
the
out
of
experimental
and
making
the
braking
change
and
moving
it
into
the
api
group
for
all
of
the
rest
of
the
api.
So
I
think
when
that
change
happens,
it'll
be
much
more
likely
that
we
will
take
the
change
and
move
out
of
the
experimental
group
and
into
the
regular
api
group
for
these
these
resources.
C
A
C
So
basically,
you
just
need
to
follow
this
guidance.
C
And
quickly,
so
it's
if
it
is
difficult
like,
like
you
said
so,
yeah
it's
in
the
interesting
feedback,
probably
the
first
one
who
said
it's
difficult.
C
C
C
B
C
A
Eugene,
that
is
a
fantastic.
Please,
please,
could
you
drop
the
link
in
there?
I'll
definitely
make
sure
it's
added
to
the
the
notes
here.
I
am
sure
that
article
is
fantastic
and
will
help
anybody
get
started,
but
imagine
all
the
steps
that
that
had
to
go
into
that
article
is
there
a
way
that
we
can
set
people
up
without
them
having
to
do
all
that.
A
So
what
when
I
imagine
this,
you
know
I
coming
from
a
web
web
developer
background
like
when
I
was
introduced
to
rails,
I
could
say:
rails
create
new
and
it
spun
up
a
new
project
and
all
the
bells
and
whistles
were
there.
It
was
ready
to
go,
it
was
really
cool.
I
could
just
say
you
know
run,
and
I
had
my
controllers
and
my
views
and
everything
was.
It
was
right
there
ready
to
go.
A
All
I
had
to
do
is
just
manipulate
a
few
things
really,
my
my
dream,
I
hope,
is
that
we
can
get
to
that
same
point
with
a
git
flow
kind
of
layout
like
if
we
had
some
kind
of
tool
like
lay
down
hey.
This
is
the
way
this
goes.
This
is
how
you
should
lay
out
your
directory
and
just
get
push
or
get
open
a
pr
and
you're
all
set
you're
ready
to
start.
A
C
B
Think
david
is
looking
for
more
automation,
but,
as
james
also
has
a
question,
let's
see
if
it's
related.
E
Yeah
thanks.
So
this
is
where
I
see
like
the
tool
that
matt's
working
on
comes
into
play,
where
you
can
say:
hey
create
a
cluster
and
it
goes
out
and
provisions
the
get
repositories
for
you
drops
all
these
things
into
it
and
kind
of
wires,
everything
together
so
that
you
can
have
kind
of
from
zero
to
running
very
quickly.
So.
D
C
Repositories
for
you,
so
they
can
do
that,
but
in
practice,
in
practice
it's
it
appears
to
be
even
more
complicated
than
just
to
have
a
template
of
repo
clone
it
and
massage
it
to
your
purpose,
then
configure
the
tool
to
provision
the
repositories
in
the
right
way
for
you
in
practice,
people
just
refuse
to
use
bedrock
because
actually,
even
though
it's
supposed
to
to
simplify
things,
it
brings
more.
E
Yeah
I
I
did
a
demo.
I
have
a
like
a
project
that
I
worked
on
where
we
made
it
so
that
you
could
take
different
types
of
strategies
on
how
you
would
set
these
things
up
I'll
see
if
I
can
pull
up
the
link
and
drop
it
in
there,
but
I
think
there's.
C
E
C
About
this
multi-cluster
setup,
for
example,
what
I
showed
is
just
actually
defining
just
directly
a
cluster
or
any
infrastructure
here
and
creating
a
pr
and
merging
there's,
no
actually
like
a
flow.
A
process
that
this
yamaha,
that
they
create
it
should
be
validated
should
be
tested,
should
be
checked
if
it
is
even
valid
before
actually
creating
epr.
So
there
could
be
some
pipelines
checking
that
in
automated
way
and
you
know
providing
the
normal
flow.
So
there
is
area
of
improvement
here
and
yeah.
C
This
is
what
what
we
are
working
with
is
what
we
are,
what
we
are
looking
looking
into
to
work
next
to
improve
and
the
numeration
this
multi-cluster
setup
in
order
to
make
it
more
usable
and
easier
to
easier
for
people
to
use.
D
Yeah
I
was
just
going
to
chime
in
since
david
and
james
are
both
kind
of
pointing
at
the
same
thing
which,
if
it
wasn't
clear,
I
have
a
extension
to
the
az
client.
That's
supposed
to
wrap
up
the
general
workflow
for
cap
z
and
simplify
things
as
much
as
possible,
and
it
doesn't
do
any
of
this
yet.
But
the
very
next
step
that
we
want
to
attempt
is
essentially
installing
flux
and
sort
of
enforcing
a
git
flow
world
by
default,
because,
as
you
pointed
out
here,
it's
a
great
fit.
D
So
so
I
think
I
think
I
think
something
like
that
could
be
flexible
enough
to
maybe
provision
what
you're
showing
us
here
and
then
there
could
be
a
tool
that
you
know,
so
you
don't
even
have
to
go
through
this.
You
just
have
that
you
just
have
your
environment
set
up
the
way
we
want
it
yeah.
This
would
be
great
at
some
point.
B
I
think
you
mentioned
that
before
matt,
but
is
that
something
you're
ready
to
show
us,
maybe
next
time
or
something
or
is
it
still
in
the
early
stages.
D
It's
it's
still
pretty
early,
I'm
still
just
working
on
the
basic
workflow.
I
mean
it
does
work
for
provisioning,
a
cluster
deleting
a
cluster
listing
working
with
the
management
clusters
and
all
that,
but
none
of
the
flux
or
git
flow
stuff
have
we
attempted
yet
it's
just
a
great
idea
that
david
put
out
there,
but
hopefully
soon,
okay,.
B
Okay,
okay,
I
think
thank
you
everybody
for
this,
but
let's
move
on
to
other
items
in
the
agenda.
B
E
Yeah,
so
yesterday
the
windows
jobs
just
started
failing
very
consistently.
We
had
a
flake
that
was.
A
E
Fully
looking
into,
but
yesterday
it
seems
to
be
failing
pretty
regularly,
like
I'd,
say,
80
of
the
time,
so
I'm
working
on,
we
don't
have
any
logging
or
the
logging
doesn't
work
properly
for
windows.
E
So
I'm
adding
support
to
collect
the
logs,
because
I
I've
been
spinning
up
clusters
locally,
but
haven't
run
into
the
issues
that
we're
seeing
in
the
ci,
and
so
I
am
working
on
that,
but
probably
be
later
today
before
I
can
get
the
logs
out
to
be
able
to
figure
out,
what's
going
on
to
be
able
to
fix
it,
and
so
I
I
wasn't
sure
if
we
want
to
make
that
pr
optional
or
there's
just
it's
just
one
particular
job.
That's
failing
very
regularly.
E
I
think
it's
the
vmas
job,
not
the
vmss
job,
and
so
I
just
wanted
to
see
what
others
thought
on
that.
B
I
tried
there
were
a
couple
of
pr's
already
approved
and
I
ran
it
this
morning
and
they
passed
so
it's
a
little
bit
better
than
yesterday.
So
it's
like
still
flaky,
like
the
normal
flaky
that
we've
seen
before
different
than
yesterday.
It
was
extremely
flaky,
so
I
I
personally
don't
want
to
disable
it
because
I
think
it's
important
to
have
it,
but
I
don't
know
just
see
what
everybody
else
thinks.
E
B
I
think
we
can
wait
a
couple
more
days,
there's
no
like
version
prs
or
releases
if
we
can
get
it
done.
If
it
like
takes
like
a
week
to
figure
it
out,
then
maybe
we
can
disable.
I
would
say
we
can
live
with
this
for
like
two
three
days
or
something.
Does
everybody
agree
to
that?
Or
does
anybody
disappear?
B
Okay,
oh,
I
think
this
was
the
last
item.
I
don't
have
this
item,
but
I
just
noticed:
like
david,
you
created
an
issue
called
placeholder.
This
looks
very.
A
Suspicious,
I
apologize,
I
didn't
mean
for
it
to
be
suspicious.
It
is
a
placeholder
to
a
placeholder
there's,
a
security
placeholder
out
in
kk
repo
and
this
this
links
out
to
it.
B
A
B
D
D
A
That's
all,
and
maybe
you
know
what
that's
a
great
thing
to
put
in
there-
just
update
next
patch
release.
A
Yeah
right,
I
was
just
following
the
same
level
of
you
know,
input
that
that
was
that
was
in
the
placeholder
issue.
B
Okay,
so
that
was
the
last
one:
does
anybody
have
any
questions
or
topics
they
want
to
bring
up?
We
might
be.
B
Thank
you,
everybody
for
attending
and
for
all
the
discussion
and
thank
you
eugene
for
the
cool
work
and
the
demo
and
the
in
the
discussion
and
we're
looking
forward
to
seeing
matt's
stuff
in
the
near
future.
And
I
think
that's
all
and
see
you
all
on
slack
and
on
pr's.