►
From YouTube: Kubernetes WG K8s Infra 20190109
Description
GMT20190109 163522 Dims k8s 1920x1028
A
C
Or
hey
everyone,
I'm
Chuck
from
VMware
I've
had
a
couple
of
she's
kidding.
Sorry
there's
a
bit
of
an
echo.
It
just
confuses
me.
A
little
bit,
I've
been
I,
think
she's
getting
AWS
credentials,
of
course,
like
projects,
so
I'm,
just
kind
of
poking
my
nose
into
a
lot
of
places
to
figure
out
how
to
get
that
moving
forward.
Dude.
C
So
I'm
working
on
sig
cluster
lifecycle
projects,
in
particular
the
cluster
API
provider
AWS,
and
one
of
the
things
that
we
provide
our
ami
is
for
people
to
consume
and
we
don't
have
anywhere
to
stick
those
right.
Now
we
have
testing
credentials.
I,
don't
know
if
those
are
the
same
credentials
that
we
would
use
for
a
Mis,
but
I
am
guessing
they're,
not
yeah.
C
D
A
I
would
mildly
say
yes,
but
no
because
sorry,
I'm
gonna,
be
I,
think
you're
the
source
of
the
echo
yes.
But
no
because
to
me
this
seems
to
be
like
what
are
the
best
practices
for
organizing
the
credentials,
sundry
clouds
for
where
we're
dumping,
our
our
our
artifacts,
if
am
eyes,
are
an
output
of
a
sink
sponsored
project.
A
I
feel
like
we,
as
the
kubernetes
project,
could
do
well
to
make
sure
that
they're,
using
something
that's
officially
sanctioned
and
supported
by
the
project
so
much
in
the
same
way
that
I
think
we
still
need
to
kind
of
lay
out
what
that
framework
is
for
GCP
projects.
We
probably
want
to
consider
the
same
thing
for
AWS
credentials,
slash
projects,
otherwise
I
just
have
concerns
that
it's
going
to
be
a
bunch
of
random
AWS
accounts
floating
around,
because
people
are
talking
to
people
which
is
great,
but
not
super
supportable.
In
the
long
run.
D
A
D
So
hippy
sent
me
a
PR
which
we've
been
through
in
a
couple
of
iterations,
and
it
looked
really
good.
As
of
yesterday,
there
was
I
had
four
or
five
relatively
small
requests
for
changes.
He
may
have
done
them
on
his
time
zone.
I
haven't
left
my
email
yet
this
morning,
once
those
go
in
or
once
once
that
PR
is
done,
I'll
approve
it
and
once
it
merge
is
I
think
we
can
actually
do
a
real
push
and
start
the
process
of
flipping
it
over
I.
D
E
So
cute
in
my
have
been
figuring
out
how
to
create
the
cluster
with
appropriate.
I
am
rules
such
it
is
sufficiently
locked
down
and
I
believe
we
got
that
working
last
night.
So
there
is
one
and
I
work,
fair
ball.
I
think
you
can
actually
see
it.
Dims,
although
again
I
am
credulous,
are
a
little
weird,
but
you
should
be
you
as
a
member
of
the
group
dims
and
nobody
else.
Alan
Tim
should
be
able
to
cheat
cloud
cluster
container
clusters
list
and
then
get
credentials
and
actually
have
access
to
it.
But
that's:
okay.
E
D
Not
added
anybody
to
this
project,
except
my
via
the
Google
Groups
okay,
except
for
like
Eeyore
who's
got
CN,
CF
and
level
access,
and
so
I
think.
The
the
goal
here
is
to
at
every
step
tried
to
maintain
the
least
privilege
possible,
and
so
we
buck,
Justin
I
bumped
our
heads
a
little
bit
some
of
the
documentation.
That
was
not
really
designed
for
people
who
are
doing
least
privilege
on
the
creator
side,
they're
designed
for
people
who
are
doing
these
privilege
on
the
user
side,
but
not
on
the
on
the
creator
side.
D
E
F
D
F
E
F
A
Move
on
sorry,
I
just
want
to
like
bump
up
to
the
higher
level
to
remind
us
why
we're
talking
about
a
thirty-day
cluster
right,
it's
a
cluster
where
we're
gonna
experiment
the
best
way
to
migrate
these
things,
but
it
blows
up
after
30
days.
So
this
is
about
necessarily
saying
we're.
Gonna
the
production
versions
of
things
over
at
least
I
hope.
That's
not
we're
talking
what
we're
talking
about,
and
this
is
purely
for
experimentation
purposes.
Right.
D
D
Cluster
right,
yeah
and
actually
automating,
the
cluster
turn
up.
I
think
is
important
and
and
all
of
the
all
the
things
that
we've
done
through
the
UI
to
make
the
least
privileged
operation
accessible,
we
should
actually
take
apart
and
Reese.
Crypt
is
a
document
based
on
whether
it's
practical,
yeah.
E
D
A
D
A
E
D
That
is
the
process.
The
I
think
there's
an
open
question
about
whether
the
original
somewhere
is
a
per
project
like
do
your
own
thing
sort
of
place
or
whether
it's
do
your
own
thing
as
long
as
it's
GCR
or
whether
it's
the
scale
will
provide
a
staging
zone
for
you,
because
that
has
permissions
issues
that
are
sort
of
lis
right.
F
D
D
Well,
I
think
we
need
to
discuss
which
path
we
want
to
pursue
like.
If
we
told
everybody
like
make
yourself
a
GC,
our
repo
somewhere,
we
don't
care
where,
then
it
becomes
easier,
because
the
things
are
already
in
GC
R,
and
so
the
promoter
tool
can
actually
just
sort
of
cross-reference
them
in
GC
r
will
t
do
photo
matically.
If
it's
pull
from
any
random
location,
then
I
think
the
promoter
will
need
to
grow
some
more
scripting
yeah.
F
D
D
G
On
there
is
afraid
your
juicing
are
but
like
in
total,
that's
not
free,
okay.
What
does
that
mean
so
I
wish
I
mean
like
there's
a
free
clear,
so
you
can.
You
can
use
it
up
to
some
limit,
but
after
deployment
you
have
to
be
a
source
of
limits.
It's
like
five,
five,
five
gigs,
five
gigs
of
storage,
okay,.
D
E
D
Guess
if
the
staging
is
really
just
a
staging
zone
and
that
they
have
a
rotating
buffer
of
recent
images
and
their
staging
then,
but
like
Courtney
Ness
today
pushes
to
their
docker
hub
repo,
which
is
the
core
DNS
repo
and
there's
we're
saying
we
import
it
to
GC
r,
because
cam
radius
feels
like
we
need
to
have
some
amount
of
ownership
of
the
image,
but
that's
their
repo
anyway
right
and
docker
hub
for
now
is
free,
but
will
it
be
free
forever?
I,
don't
know
right,
okay,.
F
D
Yes
and
this,
this
conversation
needs
to
be
had
probably
in
the
context
of
the
cap.
The
other
option-
I,
guess
that
we
didn't
throw
out,
would
be
that
we
create
a
stage
and
repo
for
each
project
that
we
own
as
part
of
Kate's
in
from-
and
we
give
you
know
the
individual
users
we
create
one
for
Cortinas,
we
create
one
for
Helen.
We
create
one
for
whatever
third
party
projects
out
there
at
third
party
ecosystem
project
and
it's
ours,
but
they
can
push
to
it.
D
That
way,
we
eat
the
bill
for
it
and
we
manage
they
sort
of
ring
buffer
eNOS
of
it.
That
may
be
sort
of
the
more
sustainable
approach,
but
we
have
to
then
find
ways
to
define
the
process
for
who
gets
a
repo
and
how
do
we
manage
them
and
where's
the
list
of
them,
etc?
And
GCR
is
weird
because
you
have
to
have
a
GCP
project
for
GCR
repo.
So
we
have
many
more
projects
created
now.
I
also.
A
B
A
A
G
A
D
I,
don't
know
what
all
images
that
encompasses
and
who
build
them,
kubernetes
kubernetes
being
this
monolithic
thing
has
a
lot
of
different
stuff
from
different
people
and
I
think
it's
worth
exploring
how
to
continue
to
grant
individuals
least
privilege
possible
just
as
a
as
a
policy.
So
I
don't
want
to
make
a
blanket
statement.
It
sounds
reasonable,
but
I
haven't
done
the
work
to
look
at
that.
Yet.
F
G
Yes,
I
can
I'd
like
to
like
I,
made
a
brief
research
on
the
price
in
fujian
for
GCR
like
and
actually
how
GCR
works
so
GCR
as
a
service
itself
is
free,
but
for
the
storage
it
uses
GCS
the
Google
storage
pockets
and
they
are
not
free,
so
they
have
days
free
tier
of
five
gigabytes
per
per
month
for
as
I.
Remember
yes,
sir
five
of
five
Giga
gigs
of
months
of
original
storage
and
only
in
u.s.
regions.
G
So
if
we're
going
to
store
this
artifact
somewhere
outside
of
the
US
regions
like
in
Europe
or
in
Asia
and
Richard,
some
JSON
GCP
will
will
have
to
pay
and
draw
also
like
some
some
limits
on
their
own.
The
operations
and
network
address,
but
yeah
like
the
the
key
point
about
pricing,
is,
is
about
the
GC,
a
storage
for
GCL.
F
Okay,
so
I
will
take
an
action
item
to
create
an
issue
with
a
limited
scope.
You
know
who
will
be
who
will
be
able
to
access
this,
so
we
can
take
some
stuff
off
of
you
know:
people
like
XD,
who,
who
get
pulled
in
all
the
time
for
cluster
images,
so
I
I'll
create
a
issue
and
Igor
I'll
assign
it
to
you.
Okay
and
then
you
can
create
a
an
account
for
us.
D
D
It's
not
implementable,
yet
if
I
recall
right,
I
think
he
was
still
in
the
whatever
the
pre
implementable
stage
was
okay,
I
think
and
if
not
well,
at
least
we
have
some
details
still
to
work
out
and
I'll
try
to
close
the
loop
with
Xavier
I.
Don't
know
if
he's
back
yet
this
week
or
not
right,
then
the
other
action.
F
E
I
mean
Brent,
we
actually
did
talk
about
it,
a
kook
on
a
little
bit.
We
need
to
talk
more
about
it,
I
think
in
detail,
but
yeah
I've
been
mostly
doing
the
the
bots
and
I
think
some
of
that
will
come
out
of
the
proxy
and
I
will
do
some
experiments
to
see
what's
possible
and
then
yeah.
My
friend,
you
have
any
thoughts.
B
Well,
under
Stella
fairly
well
understood
may
be
tricky
to
implement,
but
understood,
I
think
that
the
promoter
process
is
the
other
piece
of
it,
so
I
think
we
separated.
How
are
we
going
to
serve
binaries
from?
How
are
we
gonna
serve
images
and
when
there's
a
belief
that
if
we
can
serve
HTTP
that
we
can
serve
images
to
hide
the
redirector,
so
we're
gonna
that
was
sort
of
a
agreement
that
we
came
to?
B
D
B
Okay,
I
just
wanted
to
make
sure
that
we're
okay
with
the
notion
that
this
is
going
to
become
sort
of
a
general-purpose
dumping
ground
for
everything
interrelated
gonna
get
some
legs.
We
can
move
it
down
sprint
all
right.
Well,
I
will
I
will
send
a
PR,
then,
and
Justin
can
review,
describing
my
memory
of
the
conversation
and
where
I
think
we're
moving
forward
and
file
from
issues.
Maybe
or
maybe
I
mean
I,
don't
know.
B
F
A
F
A
Okay,
thanks
so
much
for
running
the
first
half
dims
that
was
helpful.
I
will
run
us
through
the
project
or
just
to
remind
us,
that's
the
thing
we
have
and
I
think
it's
a
good
practice
to
go
through
and
I.
Think
we'll
have
plenty
of
time
to
talk
about
the
three
topics
in
open
discussion.
So
just
real
quick,
let
me
click
the
project
board
link
into
a
screen
share
thing,
see:
add-ins,
have
fun
kay
thanks.
A
Bye
share
a
window,
though
that
has
a
project
board,
looking
thing
on
it
cool,
so
we
sort
of
have
three
things
going
on
there
we
go.
We
have
three
things
that
are
listed
as
in
first
off.
Can
everybody
see
this
I'm
assuming
we
can?
Okay,
so
I
think
we
just
pretty
well
thoroughly
discussed
the
first
two
issues
that
are
listed
as
in
progress.
B
A
Fine
I
think
what
I'm
trying
to
get
to
is
this
in
progress.
Column
should
have
people
assigned
to
issues
and
I
roughly
feel
like
I
got
assignees
for
some
of
the
stuff
based
on
who
was
talking
about
what
previously
I'll
assign
Tim
and
hippy
de
to
DNS,
and
then
we
should
probably
figure
out
who
to
assign
for
the
TCR
related
stuff,
which
I
had
Tim's
name
down.
I
think
there
needs
to
be
more
people
than
Tim's
who's
really
pushing
on
the
cap.
A
It
sounded
kind
of
like
Tim
okay,
so
this
is
dims
and
Tim,
and
this
is
not
like
voluntold
a.
This
is
just
so
there's
a
point
of
contact
and
we
can
eventually
the
pattern.
Here's
somebody
takes
this
over
and
Shepherds
echoing
forward,
thanks
for
being
understanding
there
and
then
DNS
is
HH
and
Pam.
Okay,
so
I
think
that's
that
the
one
thing
that's
listed
as
in
progress
is
setting
up
an
infra
or
setting
up
a
billing
report
for
all
of
our
assets.
Right
now,
which
I
was
curious.
G
I
can
so
I
made
a
brief
research
and
actually-
and
my
goal
is
to
make
the
birth
discussion
here
on
what
is
our
final
Gulf
of
heaven
district
courts?
From
my
understanding,
we
need
our
most
detailed
reports
as
possible
and
also
we
also
need
to
have
an
ability
to
visualize
that
in
some
way
for
like
for
easy
human
concern.
G
So
how
GCP
allows
generative
billing
reports?
We
can
export
them
as
a
big
query
and
we
also
can
export
them
as
CSV
or
JSON
files.
So,
since
we
in
a
JSON
file,
export
into
CSV
adjacent
file
is
like
a
bit
easier,
but
it
also
has
some
limitations
because
we,
like
big
queries,
more
feature-rich.
So
if
we,
if
we
really
agree
that
we
need
big
query,
I
can
set
it
up,
but
I
also
need
some
extra
permissions
on
that,
because
I
don't
have
them
in
a
moment.
So
we
speak
we're
exporting.
G
D
G
G
I
cannot
you.
D
But
secondly,
it
would
be
nice
to
try
to
set
this
up
again
with
minimal
privilege
required
and
just
to
write
the
script
down.
So
I
could
do
an
experiment.
We
can
try
to
do
this.
Just
in
Isis.
Well,
I
mean
I
do
with
anybody
who
doesn't
have
full
access
right,
and
so,
if
somebody
wants
to
sign
up
we'll
do
the
same
thing:
let's
go
create
a
Google
Group.
That
is
this
active
actor
and
assign
a
couple
people
to
it,
and
then
I
will
be
the
person
who
pokes
the
least
privileged
possible
credentials
to
that
role.
G
It's
not
about
women,
so
so
I
have
an
access
to
villain,
for
example,
and
Taylorville.
You
know
from
from
C&C,
or
she
also
has
Nexus
it's
more
about.
Like
probably
the
plant
from
admins
like
you
me,
maybe
I
would
nominate
dreams
and
an
errand
as
well
as
their
as
the
working
group
cheers
suggest
just
a
few
people
who
you
should
be
able
like
to
invoke
the
car.
D
B
D
D
From
within
bigquery,
you
can
share
individual
data
sets
with
other
users,
so
we
can
actually
enable
people
to
do
other
things
with
it
on
a
more
granular
access,
so
I
think
bigquery
is
is
great.
Let's
just
try
to
pin
down
what
the
exact
role
that
we're
defining
here
is,
whether
it's
not
the
billing
administrator.
It's
the
billing
report,
administrators,
no.
G
G
D
To
create
the
destination
yeah
and
I'm,
trying
to
figure
out
if,
if
we
should
create,
if
the
role
we're
defining
is
the
intersection
of
billing
and
bigquery
or
the
Union
rather
or
whether
it's
just
bigquery
like
the
bigquery
admins
role,
who
can
then
do
anything
with
bigquery
but
like
if
I
don't
have
access
to
billing
that
I
couldn't
set
it
up?
I
couldn't
set
up
the
billing
myself.
Let
me
let
me
go
take
a
look
at
that
myself
and
see
what
access
I
have
with
respect
to
billing.
I
think
I
do
not
have
billing
access.
D
D
A
My
perspective
is
traditionally
something
like
this,
where
part
of
the
kubernetes
project
I
would
expect
to
see
like
a
proposal
document
that
describes
roughly
what
you're
planning
to
do
and
how
you're
planning
to
do
it.
So
I
feel
like
you're
you're
at
the
iteration
stage,
where
you're
still
exploring
and
trying
to
figure
out
what
this
roughly
looks
like
so
I'm.
A
Destructiveness
as
the
thirty-day
alpha
clusters,
in
my
opinion,
that
said,
I'm
really
glad
we're
talking
about
this.
Now
I
was
sort
of
hoping
that
we
could
new
year
new
meeting
item
regularly
review,
how
much
money
we
have
spent
and
on
what?
Because
I
kind
of
feel
like
that's,
going
to
be
a
forcing
function
for
how
organized
are
in
numerating,
the
projects
and
stuff
I
agree.
A
D
To
cause
the
common
so
prior
to
justin,
burning
away
money
with
clusters,
we
had
spent
literally
pennies
on
the
dns
tests,
so
we're
still
we're
still
clear
there.
Now
that
we've
got
real
VMs
running
in
the
clusters,
we're
gonna
start
paying
real
money.
It's
not
a
whole
lot,
because
I
assume
your
clusters,
not
very
big,
nor
does
it
need
to
be.
D
E
B
A
G
D
A
A
Okay,
if
it's
alright
with
you
guys,
I
would
like
to
move
on
to
the
let's
see.
So
just
that's
all
in
progress
set
up
GC
our
repository
I'm
gonna
go
through
and
put
names
on
that
based
on
the
agenda
and
then
I
think
that's
pretty
much
it
does
anybody
disagree
I'm
kind
of
confused
whether
or
not
image
promotion
process
should
or
GCR
repo
is
the
the
thing
seems
like
I
want
to
talk
about
one
of
those
as
being
what
we
talked
about
with
respect
to
the
cap
and
GCRs
rico's.
A
B
The
two
pieces
are
literally:
we
need
to
create
some
juicy
our
repos
and
decide
like
those
two
consent
of
whether
somebody's
gonna
we're
gonna
give
them
all.
Some
projects
for
staging
or
they're
gonna
do
their
own
thing,
and
then
we,
a
separately,
have
to
figure
out
a
process
by
which
images
move
from
one
to
the
other.
Those
are
two
separate
topics.
I,
don't
know
that
we
want
I
mean
we
can
have
an
umbrella
issue.
I,
don't
know
that
it
matters.
That's
why
I
think
they're
separate
issues,
I
I.
D
Don't
know
the
granularity
that
we
want
to
keep
in
this
project
board.
It
seems
to
me,
like
that's
too
fine-grained
I,
think
the
create
image
promotion
process
encompasses
the
setting
up
of
GCR
repositories.
If
we're
going
to
do
that
and
I
think
one
item
here
cup
should
cover
both.
There
are
two
items
for
sure,
but
I
think
that
the
project
board
only
needs
one
I
will.
A
C
C
It
sounds
like
there's
a
couple
places
I
can
go
to
track.
This
work,
I
think
one
issue
that
I've
had
is
I.
Don't
really
know
how
to
find
the
status
of
this.
This
is
not
the
first
time
I've
requested
something
like
this,
but
a
week
ago,
or
so,
I
asked
about
GCR
projects
for
the
kind
project
and
I
think
that
there's
some
issue
with
its
Kate
style,
158
or
153,
like
that
that's
kind
of
kind
of
tracking
these
general
projects-
I,
don't
know
if
there's
another
place
to
go.
C
D
C
D
D
A
D
A
D
D
It
seems
to
me
like
I,
know
how
much
effort
the
Google
cos
team
puts
into
updating
the
base
image
and
doing
security
updates
and
container
runtime
updates
integration,
testing
and
feature
requests
and
changes,
and
you
figure
bility.
It's
a
freaking
nightmare
I'm,
not
sure
that
we
want
to
take
that
on
as
community
or
let
like
we're
going
to
be
staff
to
do
it
well,
much
less
across
all
the
different
providers.
Yep.
C
A
D
E
D
Agree
with
that-
and
there
is
so
there
is
I
totally
acknowledge.
There
is
a
need
for
the
need
for
the
ability
to
store
images
or
something
on
AWS.
In
addition
to
GCP
and
how
we
manage
credentials
and
accounts,
it
is
going
to
be
something
that
I
think
this
group
should
address
how
I
do
billing.
There
is
something
that
I
have
no
context
on
I,
don't
know
if
Amazon
or
anybody
else's
is,
is
going
to
be
paying
those
bills
or
if
CNCs
will
be
paying
those
bills,
I
don't
actually
care.
D
E
Yes,
team
cops,
aka
Justin
in
particular
in
this
case,
does
maintain
a
cops
image
and
the
you
know
you're
not
obliged
to
use
it.
So
it
is
an
optimization,
but
we
do
default
to
it
and
I
do
think
we
have
some
scripts
to
do
that.
Another
thing
we
could
look
at
is
automating
creation
of
ami
of
a.m.
is
such
that
it
is
not
a
security
burden.
I
feel
like
I,
say
well,
I
guess
then.
E
E
A
Want
to
do
that,
that's
that's
taking
point
for
me,
like
I,
do
feel
like
I
would
rather
be
friendly
to
all
of
our
six
months
or
projects
and
prevent-
and
you
know,
provide
them
all
of
the
needs
they
require
for
self-service
and
a
place
for
them
store.
Artifacts
seems
ideal.
Whether
that
then
implies
that,
like
the
kubernetes
product
security
team
is
now
responsible
for
any
security
vulnerabilities
found
within
any
of
the
artifacts
produced
by
any
of
the
suntrasoft
projects
is
like
where
my
concern
lies.
D
Agree-
and
that
is
exactly
the
the
boiling
down
of
my
main
concern.
I,
don't
think
the
security
team,
which
is
a
volunteer
army,
is
equipped
to
handle
security
for
arbitrary
Emmys
and
Google
Images
and
Microsoft
images
and
VMware
images,
and
whatever
else
images
that
are
built
from
God
knows
where
on
god-knows-what
OS
well,.
E
My
dream
is
that
we
produce
a
process
that
takes
a
Duggar
image
and
adds
a
kernel
to
create
an
ami
so
that
it
becomes
one
thing.
But
yes,
I
certainly
think
it
is.
It
is
a
broadening
of
their
scope
to
include
the
kernel,
for
example,
and
to
include
yes,
something
which
is
more
exposed
on
the
Internet.
A
Saying,
like
the
security
of
clusters
stood
up
by
this
particular
cluster
provider
falls
upon
that
the
group
who
created
that
cluster
providers,
so
if
it's,
if
it's
some
completely,
if
it's
an
Associated
repo,
so
something
not
part
of
the
kubernetes
project,
totally
sponsored
by
a
single
company,
great
responsibility
falls
on
them.
If
it's
done
by
a
cig,
great
responsibility
falls
to
the
sig
chairs
or
does
keep
escalating
all
the
way
up.
I
would
well.
B
Doesn't
know
it
does
it
does
escalate
all
the
way
up,
because
you
just
have
this
discussion
around
the
dashboard
right
so
like
if
nobody's
willing
to
take
it
it
does
this
get
all
the
way
up.
I
think
we're
actually
a
little
bit
bike.
Shetty,
though,
at
this
point,
I,
think
what
the
real
action
item
is
to
create
a
credential
store.
B
Let's
create
a
credential
store,
let's
skip
all
of
the
who
don't
slip
image
and
and
then
we
make
a
credential
store
available
to
people
so
that
they
can
score
the
right
individuals,
because
I
can
tell
you
right
now,
the
public
key
or
the
private
key
that
I
use
to
sign
the
Java
maven
packages
or
the
client
libraries
is
in
a
Google
Doc
that
is
shared
between
me
and
Medi
right.
So,
like
that's,
the
state
of
the
art
education,
so
it's
just
a
step
forward
to
a
centralized.
A
Coaster
so,
like
I,
hear
the
bike
shaking
I
just
want
to
try
and
draw
the
distinction
between
the
kubernetes
or
repos
and
the
kubernetes
six
repose,
because
dashboard
was
within
the
kubernetes
org
I
could
argue
that
kubernetes
org
has
too
many
repos
in
it
that
aren't
actually
Curitiba
Nettie's
or
whatever,
but
I
feel
like
that's
a
pretty
easy
distinction
to
make
in
terms
of
what
we
are
willing
to
officially
support
versus.
We
are
being
friendly
to
our
contributors
and
collaborators.
D
D
So
you
know
if
GCS
web
goes
down,
I
expect
to
get
paged
if
cait's
that
IO
goes
down,
I
expect
to
get
paged.
If
there's
a
security
problem
on
taste
at
I/o,
I
expect
to
it
land
in
my
inbox
I'm,
not
sure
that
if
there's
a
security
problem,
Rando
vase
image
on
other
cloud
provider,
that
I
expect
this
group
to
be
responsible
for
paying
for
it.
That's
that's
the
the
mental
map
where
I'm
going
I
have.
G
No
white
question:
it's
probably
not
stopping
for
discussion
today,
because
we
don't
have
so
much
time,
but
maybe
for
the
next
time.
So
in
general
we
have
the
NBA's
based
infra,
that
that
was
sponsored
by
aw.
Yes,
and
it's
very
original
was
created
after
that,
like
after
the
sponsorship
by
suggesting
so
Aaron
correct
me
if
I'm
wrong.
So
we
have
the
edible
yes
infra,
that
is
intended
to
be
used
by
Canada's
community.
G
The
major
question
here
is
integral
for
our
group
here
or
to
manage
all
that
assets
or
not
so
well.
I'm
asking
this
because
our
as
with
our
GCP
account
I'm,
also
the
primary
owner
and
creator
for
our
edible,
yes
account
so
I'm,
not
the
person
who
managed
managed
I
call
them
like
the
technical
Stumbler.
So
suggesting
is
responsible
for
that.
Like
suggest
me
and
make
me
be
as
a
six,
but
like
I'm,
responsible
for
Bill.
B
D
Think
we
need
so
I'm
I'm,
acting
as
gatekeeper
for
sort
of
all
things
GCP
in
this
migration.
We
need
an
equivalent
gatekeeper
for
all
things,
AWS
and
all
things,
Microsoft
and
and
anybody
else
that
we're
going
to
engage
with
on
this
sort
of
mechanism.
If
somebody
came
to
me
and
said,
I
need
to
be
able
to
store
GCS
GCP
VM
images
where
do
I
store
them.
I
would
put
the
brakes
on
and
said
hold
on
a
second.
What
are
we
doing.
A
So
I
I
got
approached
by
somebody
from
sig
AWS
about
I,
can't
AWS
just
take
care
of
this
directly
and
I'm
very
opposed
that
I
really
feel
like
coming
through
the
CNC
F
and
having
open
and
public
and
transparent
discussions
here.
Community
come
to
consensus
is
a
far
healthier
model
for
cloud
providers
to
adopt
this.
D
D
A
Whether
or
not
mechanically,
it
needs
to
follow
the
same
model
of
a
donation
to
the
CNC
F
and
now
the
CNC
F
is
managing
the
funds.
But
representatives
from
the
cloud
manage
how
the
funds
are
spent.
Like
I,
don't
know,
I
seems
like
it's
a
pretty
clean
process
to
me,
but
I
do
think
that,
like
do
the
AWS
credentials
still
work
for
you.
Igor
I
felt
at
some
point
like
they
ran
out
of
quota
and
there
was
a
swapping
of
credit
yeah.
G
So
well,
credentials
are
working
for
me.
We
unfortunately
we
or
we
have
some
issues
with
credits,
because
we
have
anybody's
donated
way
more
weigh
less
credits
than
GCD
and
edible.
Yes,
is
way
more
actively
used
today
than
GCB.
So
sometimes
we
may
have
like
financial
issues
with
our
GL,
with
our
edibles
account,
but
like
welcome
to
net
on
the
C&C
F
site.
So,
like
you,
you
shouldn't
care
about
about
like
about
the
bill
in
itself,
but
yeah
like
so
so
dead,
stasia's
that
we
that
we
have
today
and
that
we
may
have
in
the
future.
G
A
Are
probably
way
off
and
bike
shed
territory,
but
just
as
a
concrete
example
like
AWS
wants
to
test
eks
based
on
things
that
are
pushed
to
kubernetes
repos
in
much
the
same
way,
Google
does
for
gke,
and
so
they
need
to
use
a
special
engineering.
Only
AWS
account
in
order
to
do
that,
rather
than
production,
off-the-shelf,
bog-standard,
AWS
account
and
I.
Don't
think
those
funds
are
going
through
this
group
that
seems
okay,
but
I'm,
not
super
sure
about
that,
and
that's
not
how
I
would
want
this
group's
funds
to
be
used.
I.
G
You
guys
remember
like,
as
far
as
I
remember
it
had
the
same
happens
with
IKEA,
so
the
current
AWS
account
is
used
on
the
folder
for
the
community
artifacts
and
against
Erlich.
It
was
originally
used
by
six
Tests
and
like
Derek
West
from
from
Chuck
to
store
some
community
a
mice.
If
we'll,
if
we'll
approve
it
and
we'll
agree
on
that,
so
it
will
also
lend
there.
But
it's
not
about
their
commercial
offerings
by
some
minders.
A
G
D
That
boundary
is
community,
though,
and
that
means
that,
as
we
move
the
GCP
stuff,
the
g
ke
gets
left
behind
and
as
we
move,
amazon
stuff
to
e
KS
gets
left
by
that's
Amazon's
problem,
that's
Google's
problem
and
the
community
stuff
is
the
stuff
that's
in
the
middle
and
and
it's
for
everybody
I
apologized
to
chuck
for
sort
of
piling
on
and
taking
it
in
a
completely
other
direction
than
you
really
needed.
Let's
go.
We
need
to
come
back
and
revisit
your
actual
question,
which
is
you
know?
D
C
D
E
C
D
The
end
of
it,
sorry,
it's
a
qualified,
yes,
because
some
we
will
have
to
decide
which
things
are
being
paid
for
by
community
projects
and
which
ones
are
not,
and
we
don't
really
have
criteria
for
that.
Yet
so,
let's
assume
that
the
answer
is,
if
a
sig
approved
it
and
sig
arch
hasn't
objected,
then
probably
yes,
whether
that's
a
GC,
are
that
you
set
up
yourself
or
one
that
we
set
up
for
you
or
a
shared
one
I
think
is
TBD.
Okay
sounds
good!
Thank
you.
C
D
A
B
D
E
D
D
Exactly
this
group
I
think
it
owns
the
mechanisms
and
the
should
gate.
All
of
the
you
know.
How
do
you
store
your
image?
Where
do
you
store
your
image?
How
do
we
set
up
the
billing
report
etc?
I,
don't
think
this
group
has
I,
don't
think
the
Charter
says
whether
we
have
an
opinion
on
if
you
should
store
those
things
or
not.
That's
a
separate
question
and
sort
of
I
don't
know
what
the
policy
for
that
needs
to
be
I
agree.
A
A
Willing
to
be
a
guinea
pig
to
help
out
with
that
sure,
come
on
down
maybe
later
on
down
the
line
when
it's
a
super
frictionless
process
and
we
start
to
realize
how
much
money
we're
spending
we
will
realize
there
is
a
policy
that
needs
to
be
put
together
by
the
steering
committee,
but
I.
Don't
necessarily
think
that
gets
us
just
kind
of
servicing
who
whomever
asks
but
I
do
agree.
Then
ami
question
is
our
question.
Well,.
D
This
parishioner
provided
I
think
that
that
that
one
is
much
more
clear
to
me
that
it
should
be
indicates
that
I/o
GCR
go.
So
we
don't
have
a
promotion
process
for
that.
Yet
if
it's
valuable,
what
we've
been
doing
with
core
DNS
is
people
point
me
at
their
docker
hub
manifest
and
I
import
it
into
GC.
D
Our
dedicates
that
IO
sort
of
manually,
okay,
I'm
happy
to
do
that
for
kind
as
long
as
you're,
not
updating
it
every
day,
because
it's
a
little
bit
of
a
tedious
process
until
the
promoter
is
in
place
or
you
can
just
leave
it
as
it
is,
and
once
the
promoters
in
place
will
have
this
process
for
a
document.
I.
A
Think
then
has
whatever
credentials.
He
would
need
to
do
that,
but
I
do
actually
appreciate
that
y'all
are
trying
to
be
honest
and
do
this
the
community
way,
rather
than
abusing
the
fact
that
one
of
the
folks
who
started
it
works
for
Google,
so
yeah,
let's,
let's
talk
about
that
offline,
because
that
seems
like
a
much
clearer
thing
and
I
have
to
run
on
five
minutes
late
for
my
next
meeting.
I'm.