►
From YouTube: 20190515 kubeadm office hours
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
Hello
today
is
Wednesday
May,
15
2019.
This
is
the
standard
Kubb
ATM
office
hours,
the
sub-project
with
sig
cluster
in
life
cycle.
Just
as
a
reminder,
we
have
a
we
follow.
The
community,
/
C
and
C
F
could
conduct
policy
so
which
basically
boils
down
to
don't
be
a
jerk,
so
if
folks
can
make
sure
that
they
adhere
to
the
policy
that
would
be
super-dee-duper.
A
B
B
B
B
A
B
The
last
question
about
you:
you
are
expert
for
AG.
He
regards
to
the
upgrade
part
for
the
notes.
Currently,
when
we
do
upgrades
on
the
control
plane
nodes,
we
have
to
run
two
comments.
One
is
with
mean:
update,
node,
experimental
control,
plane
and
the
other
one
is
command
mean,
upgrade
node
config.
Sorry,
I
did
I
forgot
to
config
in
the
issue.
My
idea
is
to
ever
Italy
I
would
like
to
have
only
one
coumarine
upgrade
noted
that
takes
charge
to
understand
if
it
is
a
control,
a
node
or
a
worker
node,
and
to.
A
B
Currently
for
doing
upgrades,
we
have
on
note,
we
have
to
come
on
well,
on
his
cookie
mean
upgrade
no
to
config
wish
upgrade
the
the
Kubrat
config,
and
this
comedy
should
be
run
on
workin
nodes
and
also
on
contour
playing
notes
on
secondary
control
panels.
And
then
we
have
also
cubed
min
upgrade
node
its
parameter
control
plane
that
takes
charge
to
upgrade
the
control
plane
on
a
secondary
controller
in
order.
B
A
The
what's
the
flags
for
the
upgrade
for
the
control
plane
notice.
It
still
doesn't
have
an
experimental,
it's
not
a
flag,
it
is
a
sub
commander
which
is
called
experimenta.
Okay,
then
that's
fine,
so
long
as
it's
listed
as
experimental.
If
it
was
not,
then
we'd
be
in
trouble.
We
have
to
go
through
deprecation
cycle.
C
C
B
Okay,
so
for
for
this
point,
I'm
done
and
then
we
some
tests
to
implement
the
idea
just
to
inform
everyone
is.
The
deviation
is
to
not
create
a
specific
set
of
tests
for
a
chi,
but
to
add
the
current
jobs.
Add
a
tech,
Andheri
control,
plane
node,
so
we
are
with
a
unique
set
of
jobs.
We
are
testing
also
G.
A
Yes,
but
we
need
to
have
some
more
verification
from
the
Hinton
perspective
on
like
what
the
behavioral
expectations
are
on
the
cluster
for
the
deployment,
so
I
think
we'll
get
coverage
just
by
having
the
default
hae
deployment,
plus
the
standard
life
cycle
paths
I
think
that
will
probably
be
pretty
good
coverage,
but
there's
also
like
introspection.
We
might
want
to
do
from
a
you
know.
We
muck
the
config
right.
We
want
to
verify
that
the
configs
been
mocked
properly.
A
B
What
do
you
intend
that,
for
instance,
they
take
uber
the
mean,
configure
the
status,
the
list
of
nodes
in
the
status
yeah?
That
would
be
one
of
them
that
they
are
you
already
implemented.
Those
testing
in
the
at
the
beginning
of
the
cycle
in
the
in
the
cubed
mean
end
to
end
the
test,
so
they
are
now
cool.
B
B
C
Well,
the
cubed
Maga,
but
our
configures
to
better.
So
we
can
trail
one
portion
behind
him
like
what
is
the
actual
state.
So
if
these
folks
are
experimental,
if
they
mean
alpha
and
we
graduate
AJ
to
bitter
I-
think
it's
still
okay
to
hold
them,
but
I,
don't
making
a
comparison
with
the
config.
Basically.
A
Italy
I
didn't
question
with
regards
to
upgrade
and
there
there
are
several
issues
and
I
know.
We
talked
about
it
of
people
mucking
the
config,
and
why
to
see
that
say,
for
example,
on
a
control,
plane,
modification
description,
plane
modification.
They
want
to
update
the
end
points
and
they
want
that
to
be
reflected
in
the
latest
version.
Did
you
have
that.
B
A
B
This
is
the
discussion
I
think
that,
first
of
all,
as
a
group,
we
have
to
make
a
decision
if
we
want
to
use,
upgrade
to
change
the
cluster
or
not,
or
are
we
far
off
if
you
want
to
use
something
else,
I
already
I
think
that
I
already
shared
with
this
group,
my
idea
is
that
he
might
be
a
man
upgrade,
should
take
chapters
only
of
changing
the
version
and
reason
behind
these
is
that
is
that
upgrade
is
a
complex,
a
really
complex
procedure.
It
touches
all
the
components
and.
B
And
I
don't
think
that
it
is
a
good
good
suggestion
telling
to
the
user.
Basically
I
read:
do
everything
only
for
changing
a
flag
of
or
for
changing,
I,
don't
know
a
certificate,
sons
and
so
I
see
I,
see
a
risk
in
changing,
always
everything
second
eye
I
see
also
that
there
are
so
at
least
two
other
problem.
First
of
all,
as
a
grade
is
written
today,
there
are
a
lot
of
knobs,
and
maybe
that
8080
city
is
not
upgraded
is
certificate,
does
not
not
recreate
it
in
some
cases,
so
ET
it
is
really
complex.
B
You
expect
that
it
changed
everything,
but
it
is
not
true,
and
it
is
why
the
people
complain
and
an
nth-order.
Is
that
not
not
always
a
paid
is
enough
for
changing
your
cluster,
because
in
some
cases
let
me
make
an
example.
If
you
want
to
make
a
change
to
a
cupola
settings,
it
is
not
enough
to
run
upgrade
under
hundred
on
the
on
the
control
brain
model.
You
have
to
download
the
config
on
the
nodes
and
for
a
chili.
We
have
to
think
about
what
does
mean
changing
a
flag
with
upgrades.
B
A
A
I
think
we
do
need
to
have
a
story,
though,
that
it
doesn't
necessarily
need
to
be
in
committee.
Improper
like,
for
example,
changing
the
knobs
and
default
configurations.
If
we
had
fully
fleshed-out
component
config,
it
would
solve
some
of
these
scenarios
right
and
if
a
person
is
going
to
muck
things,
asynchronously
they're
responsible
for
making
sure
that
the
configures
of
correct
representation
of
what
they
want.
You
know
before
they
do
that
they
upgrade
because
it's
going
to
pull
the
config
and
do
whatever
it
sees
right.
A
It's
pretty
good
force
and
I'm,
ok
with
having
that
as
a
user
story,
because
you've
gone
off
the
beaten
path,
because
you
should
originally
in
it
with
the
proper
config
settings,
and
if
you
do
something
asynchronous,
then
you're
gonna
have
to
make
sure
your
config
matches
and
it's
properly
proper
reflection
of
what
your
cluster
actually
is.
When
you
do
the
upgrade.
C
B
A
I
really
like
the
idea
of
putting
recount
to
something
like
cluster
API,
because
it
just
shoots
things,
and
then
they
come
back
up
right
and
that
would
force
the
scenario.
The
question
is,
like
you
have
an
on
cluster
things.
So
I
want
to
defer
that
to
like
we
need
to
address
this
story.
You've
brought
up
recon
many
times,
I.
B
E
B
A
A
B
Okay,
it
is
a
it
was
a
train
for
my
objective
of
this
cycle.
I
stopped
at
these
because
time
is
running
and
basically
what
I
achieved
that
I
achieved
that
now
we
have
renewals
procedure,
the
for
certificates
in
defecate,
KEF,
all
PKI
folder
and
the
Cooper
config
files,
with
the
exception
of
the
Kublai
Khan,
which
has
been
attacked
by
a
couplet,
and
we
know
there
are
problem.
There.
B
B
Basically,
there
is
a
decision
that
should
to
the
cylinders
which
will
be
taken.
The
first
one
is
what
we
think
are
good
renewal
period,
considering
that
our
certificated
evaluation
of
one
year
and
secondly,
if
we
want
to
show
information
about
certificate,
aspiring
in-depth
great
plan
and
to
make
these
linka
today
a
special
fire
air
period.
B
A
A
A
A
D
A
A
A
C
I
have
a
comment
about
the
doofus
request
or
a
new
certificates
only
if
they
are
about
to
expire,
but
this
can
create
a
picture
where
we
are
starting
to
renew
certificates
a
synchronously
from
one
another.
And
if
you
look
at
the
whole
picture,
you
might
end
up
with
certificates
that
are
going
to
expire.
Some
are
not
going
to
expire
and
I
think
what
is
going
to
be
easier
for
us,
like
maintenance
and
also
easier
to
understand
for
the
user,
is
to
renew
all
certificates
at
a
batch.
A
B
A
C
F
B
B
A
A
B
B
C
A
Well,
I
think
if
a
person
does
their
own
management,
then
having
that
show
up
is
useful.
The
name
sefirot
I
mean
I
would
just,
but
you
might
just
remove
this
set
form
to
say
automatically
rotate
or
something,
and
then
it
then
it
specifies
it
because
that
way,
if
a
person
does
some
lucky
configuration
where
they
have
a
set
of
certificates
that
they
manage
on
their
own,
which
a
lot
of
people
do,
that
is
very
explicit.
What
certificates
will
be
rotated
back
to
medium.
B
C
C
B
So
I
demand
to
stew
scenario
when
one
is
we're
up,
grace
renew
certificate
only
if
they
are
in
a
regular
renewal
period
and
in
this
scenario
the
the
last
column
makes
sense.
The
second
one
is
a
top
grade:
renew
certificates
every
and
no
matter
of
the
deadline,
and
in
that
scenario
the
last
column
does
not
make
sense.
Well,
the.
G
B
C
About
the
the
main
question
here:
should
we
upgrade
certificates
renew
certificates
every
time
to
interpret
I?
Think
we
shouldn't
do
it
unless
the
user
specifies
a
fourth
parameter?
Otherwise,
I
think
that
we
should
renew
the
certificates
only
if
they
are
within
the
threshold.
This
is
what
I'm
proposing.
Finally,
here.
A
F
Why
we
would
be
squeamish
to
change
people's
certs?
These
components
are
all
self-contained
and
only
talked
to
each
other,
but
I.
You
know
I
mean
I
I.
Guess
if
you
change
the
sed
cert
and
you
were
talking
to
it
with
calico
or
something,
then
you
would
need
to
know
which
that's
a
setup.
I've
run
before.
Oh.
C
F
C
F
A
F
A
A
E
C
G
A
B
And
honestly,
I
didn't
have
time
to
look
into
the
problem
is
that
it
seems
that
okay
could
mean
create
the
the
configuration
on
the
master
node,
and
then
it
seems
that
this
file
is
managed
by
I
kuba.
Let
certificated
automatic
certificate
renewal,
but
something
is
not
working
properly
and
the
same
it
also
for
node
is
also
for
not
the
couplet
but
urges
this
well
yeah,
but
it
seems
that
we
are
pointing
the
the
cupola
to
the
to
a
file
that
is,
and
then,
when
this
fight
generated,
it
is
generating
another
place.
Yeah.
C
A
Believe
that
there's
some
funding
going
on
to
within
this
from
from
the
CN
CF,
where
we
can
actually
get
external
people
who
do
them
not
just
the
CIS,
miss
burns
and
whatnot
and
not
just
sick
off.
But
the
people
who,
like
you
know
where
the
real
tin,
foil,
hats
and
like
live
in
a
tin
shed
somewhere
in
the
wilderness.
They
they
come
out
every
now
and
then
they
do.
They
do
a
full
suit
and
that's
about
it.
A
C
So
I
spoke
with
nadir
and
his
computer
crashed
in
the
middle
of
the
meeting,
so
we
dropped
quickly,
but
from
what
we
basically
discussed
is
that
we,
the
both
of
us,
do
not
agree
with
the
whole
CS
CSI
report,
pretty
much
so
by
bringing
someone
from
signaled
I
think
that
we
are
just
gonna
bring
another
person
that
does
not
agree
with
us
here.
Si
si
benchmark,
they
are
very
like
I,
have
question
max:
I
need
to
talk
with
the
person
who
designed
the
the
basically
created
the
results
of
this
benchmark,
because
it's
kind
of
there.
C
So
I
asked
nadir
to
create
a
public
document
because
he
is
currently
working
with
a
client
in
VMware
and
his
documents
are
private,
so
I
basically
spoke
with
that
there
in
terms
of
like
hey,
can
you
please
break
out
the
CSI
mark,
so
we
can
share
it
with
the
public
and
he
promised
that
he
is
going
to
be
ready
for
that
for
the
next
meeting
of
5th
of
June,
which
is
like
one
week
after
the
week
of
cube
actually
two
weeks.
Okay,.
A
C
A
No
bootstrap
tokens
I
saw
the
PR
were
totally
blocked
on
API
machinery.
I
took
a
look
at
it,
so
I
can't
do
anything
like
I.
Don't
have
power,
I
could
I
could
assert
it,
but
I
don't
want
to
do
that,
because
API
machinery
would
start
to
yell
at
me
and
maybe
take
away
my
super
powers,
so
I
want
to
make
sure
that
they
have
buy-in
so
I'm
we're
totally
blocked
on
them
until
they
actually
pull
the
trigger.
A
C
Yeah-
and
it's
still
not,
these
are
not
all
the
peers
that
we
have
to
do.
There's
another
PL
that
we
basically
have
to
move
the
API
itself.
These
peers
are
only
moving
the
utilities
and
D
dicks.
You
basically
said
that
he
does
not
want
to
move
the
API,
because
this
for
some
reason,
the
coaster
bootstrapped
repository
should
not
hold
any
API,
so
if
it
doesn't
hold
any
api's
like
the
question
is:
where
are
we
supposed
to
put
the
booster
talk
him
structure,
config.
A
Then
we'd
have
to
maintain
and
B
1
beta
2
until
like
it's
been
and
D
1
beta,
it's
been
in
our
config
for
since
epoch
we
would
have
to
maintain
until
we
actually
get
an
external
API
or
component
config.
It's
a
component
of
a
really
it's,
not
an
API
like
that.
Distinction
is
always
seems
to
be
lost,
but
yeah.
C
A
A
G
F
C
A
Lucas
is
fully
abreast
of
this
situation.
We've
been
living
with
it
since
the
beginning.
Let
me
create
our
config
as
a
component
config,
so
I
mean
you
could
talk
with
Lucas
and
he'd
know.
He
see
the
PR
and
he'd
know
what
to
do
and
where
to
go.
The
question
is
from
an
API
Machinery
perspective.
We
need
to
pull
something
to
make
sure
that
that
configure
that
struct
can
actually
live
outside
there.
H
H
H
C
C
Basically,
we
use
the
internal
configurations
to
be
able
to.
You
know,
comfort
between
different
from
between
different
version
of
site,
external
types,
and
we
store
the
internal
configuration
inside
a
config
map
in
the
coastal
fork.
You
proxy
for
coolant,
but
as
a
separate
component
cube
ADM
is
not
supposed
to
vendor
includes
internal
types.
So
this.
A
H
A
Would
agree
with
that
statement
like
the
problem?
Is
there
there
are
a
bunch
of
blockers
to
move
into
staging
where,
like
we'd,
have
to
decouple
clients
in
decoupled
the
data
model
I.
My
my
heart
blocker
for
for
moving
to
what
succumbed
to
moving
to
staging
is
that
we
really
I
really
want
to
rely
on
a
set
of
api's
for
the
entire
system
that
and
that
API
is
a
definitely
includes
component
config
until
API
server
has
a
well-defined
Kubota
convey
like
every
single
iteration
of
the
project
causes
perturbations
over
we've.
A
Seen
this
with
a
proxy
we've
seen
this
with
a
couplet
you're,
seeing
this
API
server
anytime,
they
change
or
modify
flags,
including
feature
dates
without
us
having
a
well-defined
versioned
apparatus
for
us
to
depend
upon.
We
will
always
need
that
type
of
type
feedback
loop
to
turn,
otherwise,
where
we're
in
trouble
right
just
like
consumers
of
comedian,
because
we
give
the
contract
of
the
config
that
gives
them
some
guarantee
that
we
will
break
them
across
releases.
C
I
also
see
another
problem,
because
we
we
basically
include
the
internal
correlated
configuration
in
the
cluster
as
a
config
map
when
you
join,
and
all
that
may
be
wrong
here.
When
you
join
annoyed
note
that
does
not
support
the
same
internal
config
is
it?
Is
it
even
possible
to
join
a
note
with
a
cooperate
version?
Does
not
that
does
not
respect
the
same
internal
couplet
configuration
type.
A
F
F
A
That's
why
it's
the
whole
reason
why
the
component
configuration
is
a
hard
blocker
like
we
need
a
well-defined
version
apparatus
system
that
we
can.
We
can
leverage
and
not
be
stuck
right
like
otherwise
they're,
not
api's.
There's
us,
like
you,
know,
scribbling
little
post-it
notes
putting
in
my
drawer
and
making
sure
that
for
this
corner
we
actually
could
pull
out
that
post-it
note.
Do
that
thing.
C
H
A
C
A
And
the
only
other
topic
I
had
we
have
six
minutes
left
was
the
decoupling
of
a
knit
and
cluster
config
I
had
that
one
asked
Ross
if
there
were
any
more
outstanding
chain
of
dependencies
or
overrides
that
could
occur
and
the
end
points
one
came
up
and
the
question
I
had
is:
does
it
make
sense?
This
is
even
possible
to
do
a
couple.
I.
A
A
Going
once
twice
three
times
all
right:
well,
thanks
everybody!
We,
if
you're
going
to
kuqali
you,
we
will
see
you
there's
a
session
on
Monday,
yes
on
Monday,
where
we
have
a
sequestered
lifecycle
sort
of
face
to
face
meaning
for
the
whole
afternoon
if
they
could
be
great
for
us
to
chat
and
banter
about
future
projects
as
well
as
all
the
good
work.
That's
been
done,
and
if
we
see
you
there
will
be
great
if
we
don't
maybe
next
time,
yeah.