►
From YouTube: Kubernetes WG K8s Infra 20181012
Description
GMT20181012 160405 k8s infra 2058x1350
A
Okay,
hi
everybody.
This
is
yet
another
meeting
of
the
kids
in
track
team.
October
12th
welcome
everyone.
We
are
recording
this,
so
please,
you
know
speak
appropriately,
so
we
do
have
an
agenda.
I!
Think
I,
don't
know
if
you
have
quorum.
Do
we
wait
for
somebody
else,
or
can
we
get
going?
It's
good?
Okay,
let's
get
going
so
on
the
agenda.
The
first
thing
that
I
have
is
me
and
Aaron
had
a
quick
chat
about
charter
and
we
discussed
a
few
points.
There
is
a
doc,
please
open
up
that
doc.
A
B
A
C
G
G
F
A
F
C
I
F
Yeah
as
I
would
consider.
This
is
something
that
this
is
why
I
like,
when
Ben
tried
to
scope
out
moving
prow
and
whatnot,
it
was
going
to
be
a
little
bit
of
an
extended
effort
because
we
wanted
to
be
able
to
plan
it
in
the
context
of
billing,
which
is
a
key
requirement
for
all
of
these
projects
to
be
able
to
describe
what
resources
were
using.
F
How
and
why,
and
right
now,
for
testing
I
think
that's
spread
across
a
pool
of
projects
that
were,
at
one
point
dedicated
to
specific
things
better
now,
just
kind
of
test
pool
projects,
so
I
would
consider
like,
in
the
context
of
tests
infra
that
we're
going
to
want
to
talk
about
like
a
project
to
run
some
of
the
infrastructure
and
then
a
project
that
is
for
hosting
all
of
the
cluster.
In
like
testing
capacity,
sort
of
right.
A
C
A
C
A
C
A
C
A
The
one
reason
yes
I
agree
with
the
artifacts
part:
how
word
for
incoming
managing
incoming
requests
like,
for
example,
the
cops
folks
we're
asking
for
you
know,
access
to
it,
some
a
dubious
infrastructure
right
or
the
cluster
API
for
cluster
API
provider
for
AWS.
They
were
asking
for
some
resources
to
test
the
code
that
they're
developing.
So
things
like
that,
we
need
issues
right
now.
We
use
all
get
the
kid
k,
dot
org
for
the
data
hub,
related
issues
right.
So
what
do
we
use
for
for
us?
So
sorry,.
F
Say
they
wanted
to
be
able
to
use
AWS
to
test
the
cluster
API
provider
project,
and
so
for
me,
that
kind
of
falls
under
they
should
file
a
ticket
which
testin
fret
asked
to
be
able
to
use
tests.
Infra
on
AWS
I
feel
like
we
are
not
at
the
point
where
we
want
to
create
some
kind
of
ticketing
queue
specifically
for
this
working
group
ingredient.
G
F
F
F
J
F
K
J
L
A
F
The
tricky
thing
for
me,
maybe
I'm,
the
only
one
who
cares
about
the
details
on
this-
is
like
working
group
barely
on
some
projects
because
of
projects
our
code.
What
are
the
efforts
that
were
focused
around?
We
should
figure
out
like
which
sig
does
this
thing
belong
to,
and
we
have
representatives
from
all
of
the
SIG's
that
this
working
group
cuts
across
so
I
think
all
of
those
sakes
should
have
their
charters
in
place
to
figure
out
how
they
establish
some
projects.
F
A
But
basically
the
why
I'm
asking
this
question
is:
we
need
to
name
at
least
a
few
people
who
are
interested
in
making
something
happen.
How
what
is
the
process
for
making
sure
that
they
write
up,
something
which
somebody
else
approves.
So
we
can
then
say:
okay,
you
are
blessed
and
let
them
go
their
merry
way
and
add
more
people
recruit
more
people
to
get
whatever
they
need
done
done
right.
F
So,
for
what
it's
worth,
I
was
thinking
that,
in
the
context
of
our
charter,
we
could
we
don't
necessarily
have
to
hash
all
this
out
today,
but
we
can
describe
that
part
of
the
scope
of
our
Charter
is
defining
the
processes
and
policies
to
run
and
maintain
this
infrastructure.
As
we
hand
it
over
to
the
CN
CF,
potentially
I,
don't
know
how
this
group
feels
about
the
idea
that
maybe
one
day
the
CNC
F
takes
over
management
of
this
stuff
or
whether
this
stuff
will
in
remain
managed
by
the
kubernetes
project
in
perpetuity.
C
Think
CN
CF
wants
to
take
ownership
of
these
things.
I
think
the
the
position
they've
taken
so
far
is
as
administrators
of
the
property
rights
and
the
business
side
of
things
and
less
about
the
technical
side
of
things
and
I
think
that's
appropriate
I
think
this
needs
to
be
something
that
we
plan
to
own
forever.
Okay,.
K
J
F
Model
I
was
thinking
of,
for
example,
is
how
one
day,
long
long
ago,
we
used
to
have
Google
running
its
own
CL,
a
bot,
and
then
we
switched
over
to
the
CN
CF
CLA
and
the
CN
CF
has
provided
a
bot
for
that.
They
also
provide
a
help
disk,
which
has
been
tremendously
responsive
and
follows
a
really
well-known
script
on
how
to
help
people
with
common
CLA
issues.
F
K
K
C
C
F
Yeah
and
that's
all
I
was
asking
is
from
a
scoping
question-
is
that
the
goal
of
this
group
I'm
not
looking
for
a
hard
answer
from
CN
CF
today,
just
understand
in
the
definition,
in
the
context
of
how
we
work
I
know
it's
really
important
that
we're
kind
of
in
a
bootstrapping
face
so
like
we
can't
necessarily
do
things
like
enforce
maximal
representation
right
now,
but
we
aspire
to,
and
so
like.
One
of
the
things
we
aspire
to
is
to
be
able
to
hand
these
things
off
see
if
it
makes
sense,
I
mean.
C
H
F
Where
we
have
like
the
contributor
role
board
or
whatever,
where,
if
you
have
a
well-defined
role
with
well
documented
responsibilities,
you
can
ask
hey
if
anybody
wants
to
help
out
doing
these
specific
tasks
like
Christophe
and
I,
just
got
to
community
people
to
take
on
managing
review
of
Oregon
ship
requests.
That's
what
those
sorts
of
things
be
great
and.
K
F
To
go
back
to
the
broad
strokes
of
how
we
work
that
all
looks
good
to
me,
especially
factoring
in
the
thing
from
the
product
security
team
process,
because
they
spell
out
the
concept
of
selecting
people
for
sort
of
lightweight
duties
and
vetting
them
before
allowing
them
to
take
on
four
responsibilities,
which
I
think
is
kind
of
crucial
here
and
I
think
ensuring
we
have
distribution
across
companies.
While
aspirational
isn't
feasible.
Now
time
zones
may
be
something
we
can
push
for
a
little
sooner
and
and
I
personally
feel
like
a
call
tree
per
team.
A
F
H
F
A
A
I
think
it's
time
for
us
to
get
something
where
we
can
try.
We
need
a
GCS
bucket.
We
need
a
Yuki
cluster
for
the
publishing
board,
so
I'm
combining
the
next
two
items
right.
So
if
you
look
at
the
utility
cluster
for
publishing,
but
there
is
some
detailed
requirements
from
Stefan
in
the
doc
about
things
running
under
things
running
elsewhere,
so
that's
one
I
mean
so.
Basically
we
need
to
run
something.
A
C
I
mean
turning
on
a
cluster
is
pretty
easy.
I
would
like.
Well,
let's
assume
that
we
have
a
volunteer
that
isn't
me
that
will
make
time
to
do
this
in
the
next
week
or
two.
Then
I
would
just
like
to
see
a
proposal
for
how
we
want
to
govern
the
cluster
like
what
do
we
want
to
set
up
in
terms
of
our
back
rules,
and
how
do
we
want
to
invite
people
to
it?
And
what
is
the
scope
of
it?
Do
we
need
a
regional
cluster?
Do
we
need
hae
need
multiple
clusters?
C
A
J
J
Are
we
going
to
use
like
a
tool
like
terraform
or
are
we
going
to
just
you
know,
use
g-cloud
commands
like
whatever
our
procedure
is
for
standing
up
administering
the
cluster.
Are
there
any
naming
conventions
that
we
care
about
right
now?
We
can
always
go
and
sick
some
of
this
stuff
later,
but
at
least
having
a
base
framework
to
do.
That
would
be
helpful.
So.
A
C
C
I
think
the
simplest
first
step
would
be
to
move
things
like
GCSE
web
over,
which
is
a
pretty
dumb,
stateless
application,
but
it
means
we
can
set
up
the
patterns
for
namespaces
in
our
back
and
network
policy
and
like
what
are
the
things
that
we
want
to
put
into
this
cluster
so
that,
as
we
add
more
stuff,
we
have
confidence
that
it's
a
safe
thing
to
do
like
this
is
we're
effectively
running
it
as
a
multi-tenant
cluster
with
trusted,
but
not
completely
trusted
parties
right
I
mean
that's
how
we
should
be
treating
it.
I
think.
E
J
I'm
reluctant
but
I'll,
say
I'll
volunteer
for
in
two
weeks,
it'll
be
the
one
action
item
that
I
could
take
on.
Alright
I
can
write
up
a
proposal
for
how
and
look
at
least
the
base
framework
of
like
what
the
cluster
will
be
named.
How
it'll
be
stood
up,
I
can
write.
I
can
get
something
basic
down
so
that
we
have
something
to
try
in
action
and
I'll.
Get
that
overview
sometime
before
next
meeting
right.
J
That
the
second
part
is
what
I'm
more
interested
honestly
I
could
probably
write
up
a
proposal
without
the
credentials
just
yet,
but
and
get
everybody
to
give
a
thumbs
up
before
we
actually
run
the
run
the
thing
but
yeah
the
learning.
What
what
you
guys
are
doing
today
and
any
like
intricacies.
That
would
be
that
we
should
mark
down
as
important
all.
F
Stump
Cousteau,
in
that
context,
doing
the
day
I
think
I
saw
been
add
his
name
to
the
attendees
list,
so
I
feel
like
that's
something
Ben
was
maybe
supposed
to
one-page.
Maybe
we
didn't
get
there
this
week,
but
that's
something
I'm
happy
to
work
with
Ben
on
in
terms
of
illustrating
one
of
the
clusters
we
have
today.
How
are
they
set
up?
Why
do
we
think
that's
a
good
idea
or
a
bad
idea
to
follow
things
like?
Do
we
trust
namespaces?
Do
we
trust
different
secrets
to
different
namespaces
I?
F
Would
think
of
the
case,
for
example,
where,
if
we
have
quote
unquote
separate
teams
for
like
DNS
versus
GCS,
you
should
be
credentials
used
to
access
those
things
be
considered
safe
if
they're
in
Secrets,
but
in
different
namespaces,
and
we
are
back
to
teams
such
that
they
can't
do
those
namespaces.
Or
does
this
lead
us
to
consider
things
like
clustered
or
per
team
or
an
oyster
concern,
so.
C
C
So
Ben
and
Erin
and
Christoph
and
I
can
talk
about
what
we're
currently
doing
and
what
we
think
works
and
what
we
think
doesn't
and
it
honestly
it
won't
be
a
very
long
conversation
to
start
with,
because
we're
not
doing
that
much
and
then
we
can
let
it
run
from
there
and
I'm
happy
to
let
somebody
else
tell
me
what
they
think
we
should
do.
Yeah.
C
A
Good
yeah,
that's
fine,
then
a
similar
request
for
GCS
buckets
I
think
neither
and
Justin
are
itching
to
get
going
on
apt
Deb
at
least,
and
there
is
a
straw
man
proposal
from
Justin,
and
now
there
was
writing
up
one
to
not.
There
I
haven't
seen
yours
yet,
but
the
idea
here
is
there
is
something
that
we
currently
use
for
a
PDA
and
rpm
repository.
So
we
take
that
we
model
the
similar
thing
and
then
start
using
it
for
coughs.
Is
that
what
you
guys
are
talking
about
matter?.
B
Yeah
pretty
much
I
I
still
need
to
check
that.
There's
consensus
in
cyclists
across
the
lifecycle
I
face
today:
I'll
post
a
link
in
slack
to
I'll,
be
on
this
doc
white
started.
It's
not
that
much
being
focused
on
cluster
a
guy!
Oh
yes,
this
week,
but
yeah
I.
Do
you
have
something
more
complete
once
a
talk
to
various
people?
Okay,.
A
So,
at
least
from
my
side,
what
I
want
to
do
is
I
want
to
mirror
the
existing
apt
repository
into
a
GCS
bucket
and
see
if
it
would,
you
know
and
try
some
testing
and
make
sure
you
know
some
of
the
things
that
we
are
able
we
want
to
do.
We
are
able
to
do.
Yeah
would
be
the
first
step
and
then
do
some
automation
with
the
the
K
release
and
see
if
we
can
push
stuff
to
this
new
bucket.
So
that's
the
kind
of
experiment
that
I
would
like
to
do.
Yeah.
B
C
On
that
so
I
little
bit
too
Justin
yesterday
and
the
biggest
thing
that
I
see
coming
if
we
start
moving
things
well,
when
we
start
moving
the
apt
and
rpm
and
that
naturally
leads
into
G
CR
and
sort
of
general
GCSE
downloads
which
we
have
all
of
is
mirroring
like
it
doesn't
make
sense
for
us
to
host
all
the
cops
binaries
in
GCP.
Since
the
vast
majority
of
users
are
in
Amazon,
we
would
be
spending
a
lot
of
money
for
no
good
reason.
C
So
a
we
have
to
get
some
sort
of
coordination
with
folks
at
Amazon
who
are
willing
to
fund
the
storage
there
and
I
guess
they
have
been
doing
for
a
while.
But
it's
not
a
permanent
situation
and
the
think
about
how
mirrors
and
data
integrity
and
those
sorts
of
things
are
going
to
work.
I
guess,
I've,
a
glee
understand
how
mirrors
work
for
apt
repositories.
I
have
no
idea.
If
there's
any
concept
of
like
integrity
and
mirroring
with
docker
registries,.
F
Yeah
I
also
just
have
a
dumb
high-level
question
and
I
apologize
if
this
has
been
discussed
before.
But
since
we're
talking
about
things
like
apps,
is
this
anything
that
we're
planning
on
doing
prior
to
getting
the
113
release
out
the
door?
So
are
any
embankments
for
working
on
intended
to
be
no
all
right.
A
So
the
one
more
piece
of
information
here
is
I.
Am
we
set
up
a
cien
dev,
slack
channel
and
pinging
people
about
how
they're
using
stuff
that
we
publish
in
China
and
they
are
using
mirroring
today
for
apt
rpm
as
well
as
containers,
there's
a
few
people
who
have
done
it?
A
Lyon
there's
a
few
mirrors
already
so
I
want
to
learn
from
what
they
are
doing
and
then
try
to
apply
it
to
us.
C
A
A
C
I
spoke
with
him
a
little
bit
yesterday
about
this.
It
seems
to
me
to
be
a
somewhat
ambitious,
I'm,
not
sure
I'm,
not
a
hundred
percent
sure
that
it
is
worth
the
energy,
but
it
might
be,
but
I
asked
him
to
really
think
about.
First,
first
is
correctness
like
how
do
I
ensure
that
you
know
when
somebody
references
a
file,
whether
it's
an
s3
file
or
GCS
file
or
whatever
LA
clouds
storages
or
whatever
our
friendly
Chinese
mirrors,
are
that
they
get
the
file
that
they
intended
to
get
I?
A
B
B
A
Me
explain
a
little
bit
more
right,
so
what
I
want
to
do
is
I
want
to
mirror
the
stuff
and
I
want
to
be
able
to
use
cube
ATM
to
stand
up
a
cluster
using
just
the
stuff
in
the
mirror,
without
using
any
of
our
infrastructure.
So
we
so
I
know
that
this
is
the
set
of
things
that
we
need
eventually
for
our
community.
Okay,.
C
C
A
K
C
D
A
F
K
F
A
F
When
what
one
like
AWS
again
will
make
me
don't
know
days,
I
stay
one
AWS
cheerio
is,
that
is
suggesting,
doesn't
know
anything
about
billing
for
the
AWS
accounts.
Ciencia
are
the
only
entities
who
do
and
I
just
wanna
understand
at
some
point
how
we're
going
to
make
sure
he's
responsible
for
generating
reports,
and
you
know
tying
the
link
between
like
why
we're
spending
this
money
responding.
It
all
agree.
K
F
Maybe
just
to
have
the
visibility
I
think
like
the
Google
folks
who've
been
running
tests.
Infra
though
we
don't
have
it
set
up
for
billing
super
well.
Today,
I'm
sure
we
have
a
lot
of
insight
there.
We
maybe
have
less
insight
on
how
to
best
structure
things
to
make
billing
really
easy
on
a
per
project
or
per
effort
basis.
A
C
C
The
other
one
is
this
like
org-mode
thing
that
I
don't
know
about
and
I
think
it's
worth
discussing,
the
the
pr
looked
like
a
proposal
to
use
yet
another
markup
language
to
which
is
not
llamo
and
to
write
to
use
that
to
manage
our
documentation
or
something
in
this
in
the
repo
I'm
sort
of
disinclined
to
learn
another
markup
language
personally,
I
think
text
or
markdown
will
work
just
fine
here,
I'm
looking
for
other
opinions
as
their
value
in
this
I've,
never
even
heard
of
org-mode.
Before
so,
is
there
value
in
using
it.
F
C
A
A
L
C
C
I
appreciate
everybody
who
sent
me
notes
and
pr's
about
closing
out
some
of
the
to
do's
I
have
decorated
a
whole
bunch
of
the
records
with
metadata
about
who
owns
them,
which
SIG's
in
which
people
I
have
a
few
left
that
I
thought.
Maybe
it
would
be
worthwhile
to
just
throw
out
see
if
anybody
knows
what
they're
for
if
we
can
delete
them.
C
L
G
I
think
I
intended
to
make
that
go
to
the
App
Engine
app
and
then
I
may
not
have
completed
that
for
some
reason,
or
maybe
I
was
like,
so
that
might
so.
We
should
make
that
go
to
the
App
Engine
app
or
we
should
at
least
make
it
redirect.
I
think
the
fact
that
it's
going
to
just
Kate
spod
IO
is
a
mistake.
Okay,.
C
G
B
G
B
C
M
C
C
C
Means
that
the
next
person
who
comes
along
and
looks
at
this
file
and
says
what's
going
on
here,
will
contact.
You
sounds
good
or
should
I
put
like
cjw
s
and
just
like
ping,
Yi
Shi.
No,
that's
for
that's!
That's
more!
For
cops!
Okay!
Okay!
Is
there
a
or
should
I
just
put
your
name,
I?
Don't
think
we
have
a
group,
so
my
name
will
work?
Okay.
G
L
C
C
E
e,
and
presumably
its
it
with
dot
Kate's
that
IO
as
the
suffix
and
it's
a
we
have
a
whole
zone
delegated
so
like
all
I
have
is
an
NS
record.
That
says
somebody
else
is
administering
the
rest
of
this
domain,
so
presumably
there's
a
GC
key
project
somewhere
that
has
a
zone
registered
for
test
ete
decades
at
I/o,
and
maybe
tests
are
adding
and
removing
records
from
that
zone.
I
don't
know,
and
instead
I
get
at
the
GCP,
not
about
53
I.
C
G
M
C
M
M
C
Yeah
I
feel,
like
I
paint
some
of
these
at
their
beginning
of
this
whole
process
and
then
maybe
lost
track
of
them.
These
are
some
of
the
last
two
news
left
in
the
files,
so
I
just
wanted
to
follow
up
sorry,
just
as
I'm
finishing
off
these
notes,
so
testing
CIWS
is
just
in.
Can
you
give
me
like
a
one
sentence,
description
of
what
we're
doing
with
this?
That
is
used
for
at
least
four
cops
testing
cups?
You.
M
C
And
that
is
in
active
use
and
test
AWS
I'm,
just
going
to
nuke
and
I
will
give
you
the
option.
If
you
want
to
change
it
from
test
CN
CF
AWS
back
to
test
AWS,
you
can
have
that
name
now,
but
that's
up
to
you
I,
don't
care
that
much
I
had
one
more
fix
me.
I
wanted
to
look
at
Oh,
goober,
Nader,
yeah,
Jeff,
you're
gonna
follow
up
with
that
right.
Yeah.
C
All
right
figure
out
what
you
wanted
to
do
or
make
it
go
away
and
then
and
then
I
think
all
my
two
dues
are
done
from
the
zone
configs
and
we
can
proceed
with
the
switchover
planning.
We
want
to
still
set
up
the
I'm
just
looking
at
my
notes
for
DNS
want
to
run
a
diff
against
the
two
zones
and
make
sure
that
we
understand
why
they're
different.
C
F
C
F
F
M
E
F
A
C
F
A
H
A
H
A
M
There
are
like
sub
accounts
of
billing
accounts,
but
we
should
figure
out
the
structure
that
we
want.
I
I
think
we
probably
want
to
totally
separate
AWS
account
for
for
the
sort
of
locks
down
accounts,
but
I
think
we
could
create
a
totally
separate
of
us
account.
That
is
a
locked
down
account.
That
is
a
sub
billing
account
of
this
current
CN
CF
8
of
us
account,
which
I
think
would
be
fine,
there's
no
like
a
call
granting,
and
then
we
just
need
a
name.
Dns
name
I,
think
I'm
gonna,
look
at
it.
C
M
So
we
do
need
a
3r
to
read
because
it
only
sends
the
original
host
it
doesn't
send
them
word
only
send
this
I,
don't
remember.
We
might
be
able
to
get
around
that
Justin
with
cap
on
maybe
yeah
we
got
yes,
we
can.
We
could
do
that.
I
was
like
a
302
service,
the
other
thing,
the
other
advantage
of
a
302
of
services
it
would
be,
could
have
SSL.