►
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
Hi
everyone:
this
is
the
Cuban
adoption
working
group
today,
it's
the
12th
of
September
and
we're
just
getting
started
and
seeing
what's
on
the
agenda.
Currently
we
have,
which
is
really
cool.
We
have
Q
spray
in
the
process
of
adopting
Q,
beta
and
I'm
excited
to
hear
like
if
you
faced
any
blockers
or
similar,
how?
How
do
you
think
it
went
or
it's
going?
Okay,
please
I
know
you
said
a
minute
ago,
short
creepy
recap,
but
can
you
say,
breathe
right,
yeah.
B
B
Generally,
everything
I
think
we've
had
a
pretty
good
discussion
on
there.
As
far
as
how
things
got
implemented
looks
like
there's
a
couple
issues
that
that
you
and
Matt
have
gone
back
and
forth
on
that
probably
will
translate
into
issues
for
like
feature
requests,
but
generally,
it
seems,
like
things,
went
pretty
smoothly.
A
A
And
then
it
was
yeah
I
can't
controi
member
it
now,
but
anyway,
yeah
I
mean
that's
cool
to
see
that
it
it
worked,
worked
well,
I
mean
if
the
pl
came
up
some
days
ago
and
seems
to
be
pretty
too
much
nearly
are
already
yeah
yeah
no
I
found
it
yeah.
It
was
about
mounting
extra
directories
into
the
control
plane.
A
A
How
about
others
should
we
earlier
in
the
meetings
will
gone
like
in
alphabetical
order?
Just
introducing
ourselves,
I
mean
it's
a
pretty
small
group
and
just
what
we're
interested
in
and
what
we
want
to
see
us
outcome
from
this.
This
group,
if
you
don't
mind,
we
could
do
that
today
as
well.
What
do
you
think.
C
It
sounds
good
Lucas
there
you
tell
you,
we
Kentucky
do
empty
yeah,
yeah
I'll,
just
start
I'm,
not
a
political
order.
My
name
is
Matt
I
work
for
hep.
Do
we
have
a
thing
called
a
devious,
quick
start
that
uses
Kubat
him
right
now,
but
I'm
mostly
interested
in,
like
unlocking
security,
and
to
secure
interjection
of
of
new
notes,
the
control
plane,
the
bootstrapping
process,
making
sure
that
is
generic
enough
to
be
pluggable?
If
you
have
an
environment
like
a
cloud
provider
that
has
its
own
source
of
identity.
D
E
And
just
trying
to
get
up
to
speed
and
make
sure
that,
when
we're
ready
to
start
using
cube
ATM
as
it's
been
processed
for
us,
so
mostly
I'm
here,
just
intention.
What's
going
on,
gonna,
have
a
lot
of
attention.
The
cube
spray
guys
and
see
how
that
that
PR
rolls
out
for
so.
Thank
you
for
going.
First.
F
Okay,
I'll
say
hi
next,
my
name
is
Steven
Augustus
I'm,
a
field
engineer
at
corner
watts,
just
decided
to
check
out
this
cube.
Atm
situation
I'm
always
curious
about
different
ways
of
installing
our
own
APIs
and
then
the
you
know
kind
of
the
different
approaches
on
a
company's
hi.
B
G
A
G
G
What
kind
of
deployments
it
can
do
also
contributing
to
it?
You
know,
as
I
mentioned
before,
I
I,
like
all
things
kubernetes,
so
I'm
excited
to
see
the
progress
on
it.
You
know
having
used
kubernetes
for
a
number
of
years
having
built
clusters
using
ansible
and
vagrant,
so
many
painful
I
I
once
did
one
with
fleet
and
it
is.
G
A
Yeah,
my
like
personally,
my
first
cluster,
was
first
compiling
binaries
on
Raspberry
Pi,
then
trying
to
get
those
to
work
somehow
together
and
it
was.
It
took
me
four,
three
four
months
to
get
to
get
the
cluster
running,
also
not
actively
working,
and
it
of
course,
but
anyway
was
in
a
0:17
releases.
Also,
today,
it's
it's
much
more
better,
much
better.
Indeed,.
D
I
I'm
Chad
Swanson
I
work
for
AT&T,
we've
been
using
and
contrarian
the
cube
spray
for
about
a
year
and
a
half
now
and
a
big
fan
of
cube
Adam
ever
since
it
will
include
cluster
lifecycle.
Ever
since
Joe
first
wrote
the
proposal
like
I,
think
on
the
plane
back
from
dr.
Khan
2016,
so
I
I've
been
lurking
in
the
background.
So
I'm
really
excited
we're
falling
to
the
point
where
we
can
get
it
in
the
kid
spray
for
a
lot
of
reasons.
I
D
Sorry
I'm
I've
been
having
flaky
internet
today,
yeah
Craig
Tracy
working
for
hep
tio
as
of
last
week
and
anxious
to
start
helping
more
with
qad,
am
particularly
interested
in
the
AJ
pieces.
So
I
will
be
attending
the
meeting
tomorrow
as
well.
Do
we
instantly
on
those
meetings?
Do
we
have
those
posted
anywhere
because
or
I
guess
it's
in
the
mailing
list
I
that
somehow
some.
C
D
A
A
Official
Docs
so
yeah
nice
nice
to
see
everyone
and
yeah.
So
if
I
do
a
quick
1/8
recap
of
what's
new,
since
this
is
about
seven,
there
has
been
a
couple
or
many
I'd
say.
Improvements
and
changes
to
Cuba
means
is
one
seven.
The
one
of
the
biggest
features
are
kubaton
upgrades
with
the
cuban
upgrade
command
and
in
this
context,
what's
really
interesting
is
cubed
in
face.
A
A
A
Been
working
on
the
alpha
phase
come
on.
Well,
it's
it's
gonna,
be
called
cubed
and
face
it's
currently
staged
under
the
alpha
sub
command.
Well
indicate
that
it's
all
feh
I
have
like
you.
Barium
here
looks
like
that.
If
I
get
to
come,
it's
compiling
or
like
encoding,
the
last
signals
life
cycle
session
in
the
background,
while
running
a
zoom
meeting
as
well.
So
it
might
take
some
time.
But
here
we
go
Kuban
all
fine.
We
have
one
sub
come
on
there,
q
better
more
phase,
so
we
have
in
order
like
what's
executed.
First,
we.
A
You
see
if
I
can
well
I,
don't
seem
to
be
able
to
access
chat
right
now,
but
anyway
it's
it's
in
the
meeting
notes.
So
the
first
thing
to
Benham
does
is
create
generating
sets
and
you
can
do
certs
all
that
will
of
course
give
you
generate
all
the
certificates.
You
can
do.
Ca,
let's
generate
the
CI.
So
it's
forget
nothing!
Nothing
special
here,
just
just
a
normal
CA
with
RSA
and
RSA
private
key.
Then
we
have
the
API
service
serving
cert
for
a
master,
and
this
includes
a
couple
of
sons
and.
A
A
Identities
with
that
are
in
the
system
masters
organization
like
which
equals
super
user
can
access
the
cubelet
API.
Basically,
only
only
persons
with
root
access
to
cluster
can
access
the
cubit
and
this
this
client
certificate
can
do
so.
Then
we
have
the
service
account.
Public
and
private
key
used
by
the
control
amount.
Just
generates
service
account
tokens.
A
A
The
the
front
proxxon-
well,
let's
not
dive
into
that
one-
it's
it's
a
bit
like
it's
described
in
the
API
aggregation
doc,
but
it
organized
from
where,
where
the
aggregator,
where
aggregator
was
standalone,
now
it's
compiled
into
the
API
server.
So
it's
it's
much
easier
from
from
one
seven
and
forward
anyway.
That's
implementation
detail,
so
I
could
go
ahead
and
do
cubed
M
face
sorts.
Oh.
C
A
C
A
A
A
D
A
Its
own
I
mean
this
is
a
new
feature
in
1/8.
It's
gonna
be
some
of
its
own
page
and
all
that,
but
it's
gonna
serve
as
a
reference.
So
now
I
ran
cubed
them
all
for
face.
So
it's
all
and
now
PKI
I
see
my
my
certificates
and
I
can
do
this
again
and
it
will
notice
that
oh
I
have
already
that
they're
all
release
valid
certificate.
Sir
I'm,
not
gonna,
override
them,
I'm,
just
it's
right
up
on
it,
so
it
checks
it.
Well,
things
are
as
if
they
should
be
and
I'm
just
doing.
A
J
A
B
A
Also
like,
if
the
API
their
API
service
having
so
this
is
supposed
to
be
signed
by
a
CA,
and
it's
also
like
those
they
are
aligned.
So
then
we
have
face
cube
config.
We
have
for
cube
config
files,
one
for
admin
like
we
have
to
get
super
user
credentials
from
somewhere
in
cabinets
at
HEB,
ET,
kubernetes
admin
coms.
We
have
one
for
the
cubelet,
basically
the
cube,
that
is
in
a
crash
loop
until
a
certain
stage
where
this
cube
let
conf
config
file
is
written
with
credentials
and
an
address
to
contact
the
api
server.
A
Then
it
starts
up
it
notices.
I
can't
reach
an
api
server
because
it's
down,
but
I
do
have
some
static,
manifests
written
in
@t,
kubernetes
manifests
and
I'm
launching
them,
which
is
the
api
server
itself
and
the
other
control
plane
components.
So
yeah,
that's
that's
it.
Then
we
also
have
a
unique
credit
credential
for
the
controller
manager
and
scheduler
and
those
they
have
like
the
right
common
names
and
organizations
required
for
for
later
for
our
back
integration
and
authorization.
So
the
scheduler
cube,
config
and
the
associated
clients
can't
do
anything
more
than
the
scheduled
I.
A
A
A
There
we
go
and
that's
it
then
we
have
after
cube
config.
We
have
control
plane
or
depending
on
how
you
see
it
at
CD
and
right
now
we
only
have
one
mode
for
deploying
at
CD
and
it's
locally
using
a
static,
pod
and
yeah.
This
is
basically
what
we're
doing
today.
We're
gonna
do
something
more
fancy
when
we
do
a
J,
hopefully
in
the
next
cycle-
that's
at
least
my
priority.
A
That's
really
normal
a
TD
deploy
is
nothing
special
there.
Then
we
go
ahead
to
the
control
plane
face,
and
here
we
have
three
components
regarding
this:
at
CD
and
control,
plane,
split
I've
debated
with
Fabricio
whether
they
should
be
the
same
or
separate.
We
came
to
the
conclusion
that
separate
is
much
better
because
we're
gonna
do
it
see
one
could
do
at
CD
deployments
in
a
bazillion
of
ways,
but
we
still
want
to
have
the
control
plane.
A
So
that's
that
that's
not
going
to
be
that
many
variations
of
that
compared
to
how
you
can
deploy
it.
Cd-
and
here
we
have
the
cube-
API
server-
manifests,
always
enables
node
and
are
back
authorization
enforces
those
to
be
somewhat
securities
turns
of
the
insecure
port
always
licensed
by
default.
Secure
port,
643
and
yeah.
A
H
A
A
A
Picked
up
after
mod
master
is
bootstrap
token,
and
it
looks
like
this.
We
have
cluster
info,
I
mean
and
the
best
thing
with
using
phases
is
you
can
you
can
skip
something
if
you
want
to
I
mean
if
you
have
well
in
the
certificates
and
cube
config
cases,
if
you
specify
something
it
will
just
use
them
if
valid,
but
in
the
others.
It's
like
we'll,
try
to
reconcile
and
apply
its
thing
anyway,
so,
but
you
can
skip
them
with
Cuba
animal
face.
A
A
Config
file
extract
the
class,
the
first
cluster
or
an
unnamed
cluster,
and
put
this
in
a
config
map.
That's
public!
This
public
confident
is
then
going
to
be
used
in
a
bootstrap
discovery
flow
that
Matt
Joe,
Beda
and
myself
have
been
working
on
and
it
this
enables
the
use
of
the
token
so
that
a
worker
can
trust
the
master
there
we
go
and
I
can
now
verify
what
this
looks
like
I'm
using
clear.
A
A
A
So
here
we
see
what
the
clustering
for
config
month
look
looks
like.
We
basically
have
a
cube
config
here,
a
key
just
in
the
config
map,
and
then
this
this
was
extracted
from
the
cube
config
file.
A
link
to
more
information
is
in
the
proposal
like
how
this
exactly
ties
together
and
works,
but
the
important
part
is
like,
if
you
don't
like
the
bootstrap
discovery
for
validation
of
the
master
from
the
node
side,
you
can
your
feet
feel
free
to
skip
this.
Then
you
have
to
like
pass
this.
A
A
The
first
thing
we
have
to
do
here
is
make
the
node
this
bootstrap
token
able
to
post
the
CSR.
It's
all
back.
This
is
now
done
so
that
a
cubelet
or
like
cubed
M,
join
well
in
in
in
one
one,
eight,
it's
actually
the
cubelets
that
does
this.
So
the
cube,
let's
ask
the
API
server,
can
I
get
my
unique
credential
here
is
my
certificate
signing
request.
This
arbitral
may
that
I
that
was
created
here
makes
that
possible.
A
Then,
in
order
for
cube,
am
joined
to
just
just
work
and
the
user
has
doesn't
have
to
like
go
and
approve
this
certificate.
Signing
request
explicitly
we're
also
having
an
auto
approve
role.
So,
basically,
there
are
two
controllers
in
the
controller
manager,
one
which
is
signing
the
certificates,
and
this
consumes
the
CA
key
and
certificate.
A
A
A
A
A
System,
bootstrappers
cube
am
default,
so
this
is
what
cube
areum
is
doing
under
the
hood
cube
at
a
minute.
It
creates
a
token
that
expires
in
24
hours.
This
token
can
be
used
for
both
authentication
to
the
API
and
it's
being
used
for
for
the
discovery,
and
it
will
when,
when
it
authenticates,
it
will
authenticate
as
this
group
system,
bootstrappers
cubm
default.
Node
token.
This
is
a
new
feature
in
one
1/8
that
not
programmed
oh
cool.
A
A
A
In
cubed
m18
we
have
a
new
command
called
cuban
config
basically
tells
the
user
which
so
when
you
do
cubed
a
minute,
it
will
save
the
configuration
you
used
and
then,
when
you
upgrade
its
gonna
like
look
what
config
that
they
used
to
use
to
create
this
cluster
and
then
like
okay,
I,
had
a
custom,
API
server,
port
and
I'm,
even
and
also
after
the
upgrade
I
should
use
this
custom.
Api
server,
port
and
that's
accomplished
by
uploading.
A
By
using
this
config
map,
so
config
upload
and
from
flags
I
I,
don't
specify
any
I
so
here
I
could
specify
any
any
Cuban
venous
flag.
I,
don't
do
so
now,
then
I
can
do
Cuban
in
config
view,
and
it
will
show
me
the
the
country
map.
I
can
also
look
that
up
the
cute,
Cuban
and
Collin.
Think
that
way-
and
you
see
it's
pretty
much
the
same.
A
A
A
A
Master
as
well
and
these
complaints
really
reasonably
that
I,
my
cluster
is
running
I
mean
all
the
ports
are
in
use
and
etc.
So
I
can't
create
a
new
cluster
now
which
is
yeah,
and
then
we
should
be
well.
If
the
token
command
would
have
worked,
it
would
have
been
as
easy
as
giving
them
join
token,
and
then
the
master
IP,
IP
and
forth,
something
that
might
be
interesting
for
you
is
we
actually
have
some.
A
Sha-256
hash
of
the
CA
and
yeah
I
mean
that's
it
then
you
can
also
you
can
use
different
bootstrap.
Okay,
you
can
use
different
booster
tokens
for
discovery
and
TLS
bootstrap
as
well.
So
if
I,
if
I
wanted
to
this,
is
a
document
that
in
the
side
on
the
side,
but
if
I
want
to
join
with
a
file,
I
could
do
cat.
Let's
see
it's
an
icon
or
actually.