►
From YouTube: Kubernetes SIG K8s Infra - 20220316
Description
A
The
cloud
hi
everybody
today
is
march
16,
and
this
is
the
meeting
for
the
kate's
intro
group.
Please
be
kind
to
each
other.
This
is
being
recorded,
hey
ben!
You
ended
up
joining.
Oh,
both
bands
are
here
so
good,
okay.
So
let's
get
started
with
our
usual
stuff.
But
before
that
ariel
have
you
introduced
yourself
to
the
team
here
before
I
recognize
everybody
else.
B
No,
I
think
I
know
most
of
the
folks,
but
my
name
is
ariel.
I'm
a
cncf
ambassador
and
I'm
currently
working
with
the
cncf
on
strategic
initiatives
with
hippie
nice.
A
Welcome
welcome
to
this
group.
Thank
you
billing
review,
so
let
me
make
you
co-host
eddie
make
cohost.
Okay,
please.
C
A
D
Nothing
jumps
out
as
having
changed.
There
was
the
increase
from
what
was
this
our
know.
That
is
there
no
on
the
call.
Yet
no.
F
D
I
have
some
data
that
I
can
send
you
as
well
that
we
brought
when
we
broke
it
down
by
provider
so
that
that
could
probably
help
answer
your
question
a
bit.
Okay,.
F
G
This
this
report
will,
let
you
see
the
the
quickest
thing
in
the
beginning
is
just
there's
a
project,
that's
only
image
hosting,
so
that
gives
you
a
very
quick
idea
like
how
much
is
the
image
hosting,
but
then
drilling
down
into
like?
Where
is
the
image
hosting
cost
go
to?
I
think
that
right.
F
G
From
some
log
analysis
and
that
isn't
public.
F
Okay,
gotcha
because
yeah
I
remember
seeing
in
your
dock
and
the
that
there
was
a
significant
chunk
of
those
costs.
Were
transit
costs
right
getting
from
gcr
into
aw.
You
know
aws
customers
pulling
from
google
over
into
aws
regions
and
there's
a
significant.
G
G
That
we're
inferring,
that,
based
on
like
the
just
the
raw
like
just
having
the
images
stored,
should
be
negligible
compared
to
the
rest
of
the
costs
like
the
actual
downloads
not,
and
we
can
look
at
the
percentage
of
requests
coming,
I
actually
don't
have
original
access
to
the
that
log
data
either
that
that
those
numbers
actually
come
from
previous
iterations
of
this
meeting.
F
A
Okay
cool,
so
we
are
sensitive
to
publishing
the
provider
specific
data
in
a
public
meeting
so
but
rhian
and
caleb
in
hippie.
They
worked
on
some
digesting
some
log
information
and
then
we
have
that
which
eddie
can
send
to
you.
Jay.
A
Sounds
good?
Okay,
I
don't
know
what
action
items
to
be
picked
last
time
I
don't
see
any
here.
So
let's
go
to
the
open
discussion.
Jay.
Do
you
want
to
get
us
started.
F
Sure
so
just
introduce
myself
to
those
who
don't
know
me:
hi,
I'm
jay.
I
work
at
the
kubernetes
team
at
aws
and
I
just
want
to
back
what
eddie
has
stated
previously
up,
that
aws
is
100
committed
to
sharing
the
costs
of
kubernetes
infrastructure
and
well
cncf
in
general,
but
in
particular
the
kubernetes
costs,
and
we
recognize
that
it's
a
huge
amount
of
money
that's
going
to,
in
particular,
serving
container
images
for
aws
customers.
So
we
want
to
do
everything
that
we
can
to
help
alleviate
those
those
costs.
F
So
I've
brought
in
a
solutions
architect
to
to
help
with
a
couple
technical
projects
at
the
cncf
level.
His
name
is
ted
zawarski
I'll,
be
working
with
ted
over
the
coming
weeks
and
months
to
get
you
whatever
you
need.
You
know
whether
it's
account
resources.
F
Type
type,
resources,
or
you
know,
scripts
or
cloud
formation
whatever
it
is,
we'll
we'll
get
you
what
you
need
and
yeah
the
the
dock
that
then,
that
you
put
together
with
the
the
multi-cloud
provider
registry
and
all
that
I
see
some
great
ideas
in
there.
I'm
curious
of
where
you
all
are
with
like
an
implementation.
I
saw
something
from
caleb
about
like
different
alternatives
and
like
a
documentation
pr
to
the
to
the
registry
or
to
the
repository
there,
but
how?
How
can
we
help?
A
Yeah,
so
maybe
that's
the
segway
to
me,
giving
you
know
what
was
happening
for
the
last
couple
of
weeks,
the
first
one
that
we
did
was
we
created
a
registry
dash
sandbox
dot,
cates
dot
io.
So
this
this
was
an
end
point
which
was
just
forwarding
all
calls
to
the
previous
repo.
I
mean
the
repository.
A
That's
currently
the
production,
one
kates.gcr.io
and
we
were
we
started
by
trying
things
by
hand,
doing
docker,
pulls
and
running
some
local
stuff
to
get
it
get
things
from
that
repository
and
that
worked
out
fine.
So
we
promoted
that
to
registry.kates.io.
Now,
and
you
know
we
did
the
same
same
testing
again
by
hand
and
things
were
working.
A
So
we
took
one
of
the
pre-summit
tests
which
is
running
in
kubernetes
kubernetes.
That's
the
one
with
the
long
name
that
ends
with
ubuntu
dash
continuity.
So
we
picked
that
one
and
we
added
some
environment
variables
so
that
the
cube
of
scripts
turns
around
and
uses
registry.case.io
and
that
worked
fine.
A
It's
been
running,
it's
been
on
since
last
friday
with
no
issues
showing
up,
so
it
is
actually
live
right
now
on
the
kk
repository.
So
the
second
one
that
we
did
this
morning,
what
we
turned
on
was
there
is
a
periodic
job
that
runs
all
the
time
we
enable
the
same
environment
variables,
point
making
it
point
to
the
registry.case.io.
A
So
essentially,
at
this
point
we
have
one
pre-summit
and
one
periodic
job,
hammering
the
registry
and
the
traffic
is
not
that
much
yet,
but
now
we
have
to
figure
out
like
what
are
the
other
classes
of
tests
that
are
there,
because
this
first
batch
was
essentially
cuba.
Scripts.
A
G
I
just
might
add
a
little
bit
more,
so
we
kind
of
have
the
multiple
tracks
as
well
on
the
actually
hosting
site.
We
kind
of
focus
on
trying
to
figure
out
like
what
will
be
provided
so
that
we
can
set
that
up,
and
I
think
we've
had
kind
of
like
different
tracks
going.
G
We've
also
had
release
engineering
looking
a
bit
at
the
image
promoter
changes,
and
then
I
think
a
couple
of
us
here
have
been
primarily
focused
on
what
dems
was
talking
about
getting
the
getting
the
registry
domain
rolled
out
with
just
the
stable
redirector.
So
we
can
start
getting
client
traffic
shifted
over.
G
I
think
we're
pretty
close
to
the
point
where
we're
gonna
be
comfortable
to
start
asking
projects
to
switch
over
that,
so
that
that
domino
is
in
place
when
we
set
up
the
rest,
but
the
aw,
the
like
actually
hosting
multi-cloud,
has
not
moved
a
lot
at
the
moment,
because
we've
been
trying
to
figure
out
how
are
the
resources
getting
provided
and
what
resources
for
sure
before
we
like
really
roll
with
anything.
In
the
meantime,
I've
worked
a
bit
on
the
identify
traffic
piece
and
the
options
for
that.
G
I
haven't
sent
any
pr's
yet,
but
I
have
some
local
benchmarking
and
tests
and
like
research
and
whatnot,
I
think
that
part
should
work
fine
and
it
looks
like
the
the
just
toss
it
at
cloud
run
is
working
fine
for
where
to
serve
the
minimal
redirector
service.
So
I
think
next
steps
are
we.
We
need
to
figure
out
those
actual
resources.
Is
that
ecr?
Is
it
s3?
Is
it
like?
How
do
we?
How
do
we
need
to
regionalize.
G
End
or
the
back
end
like
yeah,
are
we
just
handing
off
the
cloud
front
or
does
the
redirector
need
to
identify
regions,
those
pieces?
We
need
to
figure
out
before
we
move
much
more
on
the
code.
There's
not
going
to
be
a
lot
of
code.
I
think
same
thing
with
like
copying
images
over
it's
actually
going
to
be
very
little
code,
but
we
need
to
figure
out
like
are
we
doing?
G
Are
we
copying
to
a
registry
endpoint?
Are
we
copying
to
a
bucket,
and
where
are
you.
F
Where
are
you
on
that
particular
decision?
As
far
as
like,
I
saw
a
comment
from
jesse
butler
about
maybe
using
like
ecr
public
to
sort
of
like
mirror
both
the
registry,
as
well
as
the
bits
themselves,
and
there
was
a
comment
about
you
know-
maybe
using
cloudfront
instead
of
just
raw,
so
free.
G
E
G
Pass
along
the
bits,
so
I
still
lean
in
the
direction
of
doing
the
bucket,
just
because
it's
easier
for
me
to
convince
every
stakeholder
that,
like
this
is
fine,
it's
just
the
blobs
we
can
expand.
The
other
thing
I
like
about
that
is
it's
very
easy
to
expand
to
like
as
many
providers
we
want.
The
main
problem
is
going
to
be
concerns
around
like
reliability
or
identifying
traffic.
G
It's
a
lot
easier
to
convince
people
of
like
the
security
properties,
of
having
more
registries,
if
they're,
not
actually
registries
and
they're,
just
hosting
the
the
blobs
and
it's
it
solves
our
cost
issue.
But
I
wanted
to
leave
the
other
routes
open
because
I
think
there's
a
little
bit
of
like
beggars
can't
be
choosers
here
we
need
resources
and
someone
says
we're
providing
ecr.
That's
it
then.
F
The
the
ecr
thing,
but
the
ecr
comment
from
jesse
was
definitely
not
like
we're
only
going
to
support
ecr
or
anything
like
that.
It
was
just
like
here.
Here's
a
potential
solution-
oh
yeah,
it
just
but
like
I
mentioned
earlier,
we'll
do
whatever
needs
to
be
done.
Okay,
if
s3
is
the
simplest,
most
direct
way
to
get
to
sharing
the
costs
of
these
container
image
downloads.
Let's
do
that.
Let's
do
it
like.
G
G
How
would
we
convince
people
that,
like
this
is
locked
down
enough,
because
again
we're
not
saying
that,
like
the
registry
itself
is
in
ski
or
something
it's
more
like
our
own
trust
issues
around
handling
those
credentials
and
that
sort
of
thing
we've
there's
been
some
sentences
in
the
past
and
there's
from
some
certain
folks
there's
a
somewhat
understandable,
high
level
of
paranoia
around
hosting
things
like
cube
proxy
that
run
privilege
everywhere.
So.
F
G
Yes,
and
in
the
past
it's
even
potentially
been
humans
and
whatnot.
So
we've
we've
moved
towards
the
promoter.
We've
moved
towards
having
there's
some
infrastructure
somewhere.
That
uses
pub
sub
to
monitor,
like
everything
that
happens
in
the
registry,
and
we
have
things
like
continually
checking
it.
So
there's
a
lot
of
like
extra
things
beyond
gcr
itself,
where
we're
trying
to
make
sure
like
we're,
keeping
this
source
of
truth
very
locked
down
and
like
transparent.
G
So
there's
some
concern
that
like
if
we
start
adding
more
registries,
how
do
we
replicate
that
out
everywhere
and
how
do
we
convince
folks,
like
the
release
team
or
like
tim,
that
this
is
actually
secure?
The
gc
the
s3
thing
also
has
a
nice
property
that
registry
implementations
tend
to
vary
a
little
bit
and
exactly
how
they
work
and
behave
whereas,
like
the
s3
api
is
really
well
standardized.
So
if
we
can
get
this
route
working,
then
we
can.
We
can
potentially
spin
this
up
on
more
providers
very
easily.
G
F
Exactly
and-
and
you
know
like
we'll-
bring
ted
in
to
give
his
advice,
it's
the
you
know:
what's
the
most
cost
effective
solution
for
that
it
may
be
cloud
front
fronting
you
know
some
other
stuff
or
just
maybe
s3
objects.
It
depends,
I
think,
on
a
number
of
of
attributes
of
these
container
images.
Size.
E
G
Right
yeah,
I
I
think
we're
also
in
a
little
bit
of
a
unique
position
with
this
project,
where
we
have
some
fun
things
to
share
here
where
we
have,
because
we
have
this
promoter
process
and
because
these
images
are
only
public,
we
can
have
this
like
public
read-only
super
simple,
open
source,
little
thing
serving
as
much
of
the
traffic
as
possible.
I
think
our
other
end
goal
here
is
just
besides
getting
cus
costs
cut
now
getting
something
in
place
where
we
have
control
to
rethink
this
all
in
the
future
serve
what
server.
G
However,
we
want.
So
I've
been
a
recent
a
little
bit
more
focused
on
that.
Arnold
has
done
some
great
work
there
and
I
think
we're
pretty
much
at
the
point
where
we
can
roll
that
out,
but
there's
definitely
some
questions
around
exactly
how
we
architect
the
aws
side
and
I'm
super
welcome,
help.
There.
G
I
think
I
I
think
arno
also
has
thoughts
on
that.
I
would
love
to
help
him
keep
in
touch,
but
I
would
want
our
no
involved
for
sure.
F
I
saw
that
there
was
a
github
project
that
you're
using
to
sort
of
track.
The
the
oci
registry
thing
I
think.
G
G
F
Issue
that
was
specific
to
like
the
aws
setup
bits
that
we
want
to
explore.
Then
we
can
have.
You
know
folks,
like
ted
yeah,.
F
G
I
also
say
if
we
stand
up
any
additional
infrastructure,
like
the
actual
hosting
that
isn't
just
the
redirector,
like
that
those
things
are
probably
going
to
live
in
that
repo.
That's
where
we
have
like
all
of
our
terraform
and
bash
and
whatnot
that
actually
stands
up
infra.
We
just
pulled
out
the
code
specific
to
this
project
that
isn't
infra
configs
into
a
different
repo.
A
Yeah,
so
the
way
I
want
to
some
somehow
drive,
this
is
like
what
are
we
doing
for
the
next
two
weeks
right,
so
on
the
testing
side,
I
I
know
that
we
will
work
on
the
cubadium,
kinder
and
kind,
so
those
are
the
three
different
sets
of
things
that
we
have
in
the
ci
jobs.
So
a
bunch
of
us
can
work
on
that
on
the
aws
side.
What
should
we
do?
Jay?
A
F
Specifically
on
the
the
oci
like
the
container
image
stuff.
A
F
Oh
sorry,
there's
a
little
delay,
probably
because
I'm
on
vpn,
so
it's
going
to
the
west
coast.
Who
knows,
but
is
there
a
sort
of
an
agreed
upon
naming
scheme
that
for
these
container
images
copies
like
the
the
copies
of
the
container
images,
so
that,
like
this
top
level,
routing
server
can
say?
Okay,
I'm
coming
from
u.s
east
one
in
an
aws.
As
you
know,
and
this
this
like
cube
proxy
image,
is
actually
stored
at
this
particular
s3
object.
G
The
object
should
all
be
identified
by
their
hash
and
there's
like
a
stan
that,
like
the
registry,
api
itself
has
a
standard
for
the
past.
I
think
the
sanest
thing
for
us
to
do
is
to
just
kind
of
like
mimic
statically
those
paths.
G
Okay,
I
believe
that's
more
or
less
what
the
like
gcs
backing
your
gcr
is
doing
today,
so
that
would
also
allow
us
to
even
potentially
make
the
upload
implementation
as
simple
as,
like
sync,
the
buckets.
G
G
So
then
we
don't
have
to
implement
that
and
we
have
the
same
properties
as
today.
Okay,
so.
F
F
You
know
the
the
the
canonical
according
to
like
docker
registry,
canonical
image
uri.
I
guess
to
that,
and
then
that
would
be
the
the
object
identifier.
G
Yeah,
so
we're
basically
just
substituting
the
host
and
the.
I
think
the
open
question
we
have
on
the
implement
the
registry
side
is
just.
Should
the
registry
be
trying
to
identify
aws
regions
which
looks
doable
with
ip
addresses
or
just
identify
this
as
an
aws
client
and
hand
off
to
like
an
amazon,
global
endpoint
like
cloud
front
or
something
or
should
we
have
like
a
bucket
per
region
and
do
it
in
the
front,
because
I
believe
we
could,
from
the
published
ip
range
data
detect
the
region
in
the
redirect
service
and
map
to
okay.
F
You
can
just
detect
it's
coming
from
aws
and
then
redirected
to
some
something
you
know
housed
at
aws.
That
would
have
more
fine-grained
information
about
regional
locations.
G
I
assume
that,
like
same
thing
on
the
aws
side,
we're
gonna
want
to,
you
know,
serve
from
local
copies.
We
have
there's
something
like
that
happening
on
the
on
the
google
cloud
side
today
which
helps
some,
but
you
know,
obviously
not
for
traffic.
F
Okay,
well
I'll,
take
that
as
an
action
item
to
chat
with
ted,
definitely
get
ted.
I've
just
gotten
joined
into
the
cncf
slack
community,
so
I'll
I'll
have
him
join
the
kubernetes
slack
k-tempra
channel
and
I'll.
Take
it
as
action
to
discuss
with
him.
What's
the
best
approach,
they're
either
embedding
that
information
into
the
top
level,
router
or
sort
of
just
redirecting
to
something
that
you
know
is
on
the
aws
side
that
can
make
a
determination
as
to
best
location
for
source
ips.
A
And
if
you
want
to
like
model
something
like
I
pasted,
two
logs
log
files,
which
has
you
know,
images
that
we
use
for
the
pre-summit
job.
So
this
is
basically
what
we
we
should
be
able
to
serve
from
your
endpoint.
Essentially.
G
A
G
We
come
to
a
decision
on
that
piece
of
the
architecture.
Then
we
can
have
folks
move
forward
on
okay,
getting
things
copied
into
the
storage
and
actually
doing
the
redirect
at
the
level
of
intelligence
that
it
needs
right.
So,
at
this
point
by.
A
Hook
or
crook
you
set
up
whatever
you
want
to
set
out
which
will
serve
these
images
essentially,
and
then
we
can,
you
know,
start
tweaking
then
talking
about
how
do
we
copy
things
from
gcs
buckets
into
you
know,
whichever
you
choose
on
the
aws
side,
right.
F
Yeah,
does
the
image
promoter
have
sort
of
knowledge
of
how
to
push
to
an
s3
bucket
versus
a
cloud.
G
G
The
manifest
and
copies
over
the
the
referenced
objects,
or
we
can
like
do
a
bulk,
a
separate
bulk
sync
step
or
like
that.
We
have
a
number
of
options.
I
think
the
was
leaning
towards
is
we
when
we
promote
an
image
to
gcr
before
we
do
that
inspect
the
manifest
copy,
the
objects
into
s3
where
they
belong
once
that
succeeds,
promote
the
image
that
way,
we
don't
have
any
consistency
issues
and
then
won't
have
just
a
small
script
for
one
time:
backfill.
G
G
D
I
I
don't
want
to
cut
anyone
off,
but
we
got
to
move
up
we're
still
like
way
down
in
the
technical
weeds,
where
we
always
wind
up
for
a
long
time.
So
right.
All
of
that
is
implementation.
Details
right
like
once
once
the
registry
is
set
up
once
the
redirect
once
the
urls
foodart,
whatever
that
case
that
I
owe
everything
beyond
that
is
an
implementation
detail
that
the
user
will
never
know
or
need
to
worry
about,
and
we
can
change
without
telling
them
right.
A
A
You
know
and
the
docker
pull
against
the
endpoint
that
you've
set
up
works.
You
know,
let's,
let's
get
there.
G
Like
that,
that
will
just
we
don't
need
a
whole.
We
don't
need
a
whole
docker
pole
endpoint,
because
some
of
that's
going
to
come
from
the
pre-directory
anyhow.
We
just
need
some
input
from
an
expert
on
what's
the
best
way
to
handle
regionalizing,
this
storage
or,
if
they're,
right,
because
super
bad
ideas.
G
Mechanism
we've
got
an
extensive
test
on
that.
That's
actually
how
the
gc
that's
exactly
how
the
the
other
thing
is.
This
is
how
the
existing
registry
works
if
302
is
too
to
gcs,
so
we
know
all
that
we
just
need
to
know.
You
know
what
are
the
experts
recommend
for
how
do
we?
How
do
we
make
sure
this
is
regionalized
and
cost
effective
on
the
aws
side
once
we
know,
if
that
should
be
done
in
the
in
the
front
or
the
back,
then
we
can.
G
We
can
move
to
implement
on
the
other
tasks
we
can
talk
about.
We
should
have
folks
move
forward
more
on
rolling
out
just
the
the
the
simple
redirect
domain,
so
what
dims
was
talking
about?
We
should
get
this
in
more
classes
of
our
ci,
so
we
can
make
sure
everything's
good
there
just
to
be
safe
and
we
should
probably
be
looking
at
what
else
do
we
need
to
roll
that
out?
G
So,
on
top
of
my
mind,
I
want
to
slip
a
few
more
things
into
the
tool
itself,
so
that
I
feel
we're
ready
to
like
freeze
it
and
roll
it
out
to
production.
One
that
comes
to
mind
is
right.
Now
it
hard
codes
where
the
back
end
is.
We
maybe
need
to
be
able
to
shift
that
around
in
the
future,
so
we
can
potentially
take
over
that
domain
as
well
for
traffic
that
may
not
be
moved
as
easily.
G
So
I
want
to
just
like
look
at
what
remaining
things
do
we
feel
like
be
robust
enough
to
just
freeze
that
code
in
place,
for
this
is
the
version
we're
using
to
serve
the
production
domain,
so
we
can
start
moving
traffic
if
folks
are
interested
in
and
looking
at
that
and
think
about
what
else
do
we
want
to
future
proof
for
that
before
we
start
adding
further
complications
like
identifying
address
ip
addresses,
and
I
want
to
get
a
tagged
image
published
in
the
next
two
weeks.
G
Yes,
I'll
follow
some
issues
related
that
dems.
Do
you
have
issues
related
to
the
ci
or
should
we
file
some
more.
A
Yeah
I'll
file
it
today
I
haven't
done
that
yet
I
was
distracted
with
looking
through
logs,
so
yeah,
so
so
ben
you,
you
have
an
action
item
to
lock
some
issues.
Some
of
those
issues
caleb
will
pick
up
and
let's
see
if
anybody
else
can
work
on
anything
else
and
we
are
working
on
a
couple
and
by
the
by
this
time,
two
weeks
from
now,
let's
make
sure
that
we
have
a
tagged
image
promoted
to
registry
dot
case
dot,
io,
okay.
A
So
let's,
let's
see
if
we
can
get
there
at
by
that
time.
So
I'm
trying
like,
let's,
let's
try
to
get
there
right,
that's
our
objective!
If
you
know,
if
something
else
comes,
you
know
something
always
comes
and
jay
and
eddie
you
have
enough
things
to
try
or
enough
information
to.
F
C
Gonna
talk
with
ted
and.
A
S3
and
the
other
thing
is,
it
doesn't
have
to
be
like
super
optimized
jay.
It
could
be
something
rough
where
the
back.
We
can
change
right,
like
yeah.
F
C
G
A
So
the
way
I'm
looking
at
this
ban
is,
you
know
until
we
open
up
things
for
125
and
we
get
a
kept
through.
We
can't
change
any
of
the
hard-coded
urls
right
in
the
code.
We
are
not
going
to
touch
any
of
the
hard-coded
urls
like
the
pause
image
or
whatever
right
like.
We
will
not
we'll
try
not
to
touch
the
main
code
base.
A
A
A
G
So
I
think
we've
had
to
make
this
kind
of
change
before
and
that
that's
fine-
and
it's
like
within
this-
this,
like
past
image,
domain
migration
as
an
example,
but
I
I
I
do
agree.
We
we
shouldn't
do
this
in
124,
but
we
should
be
making
all
the
preparations
on.
We
can
potentially
look
to
moving
some
of
the
sub
projects
on
their
own
timelines.
D
We
should
be
moving
towards
getting
everything
using
the
new
registry
url.
That
should
be
the
goal
right
like
we
should
be
going
out
to
pull
request
cops.
We
should
be
updating
in
cube
adm.
I
like
again
implementation
detail
beyond
that
point
right
like
once,
everything
is
using
the
right
domain
and
the
new
registry,
everything
else
we
can
change
and
it
doesn't
matter.
A
Yeah,
so
the
one
thing
here
is
eddie
is
we
can't
tell
like
if
I
go,
tell
cubidium
folks
go
change
to
registry.kates.iu
they're
gonna
like
protest
vehemently,
and
rightly
so.
Right
maybe.
G
I
don't
know
that
that's
the
key
I
mean
if
we
show
them
that
this
is
just.
This
is
just
a
stable
redirector
and
we
have
that
locked
in
place.
Yeah.
A
Cycle
to
do
this
right
like
that
is
what
that
is
part
of
the
reason
why
you
know
I'm
okay,
with
switching
on
by
default
to
some
of
the
ca
jobs.
You
know
like
the
ones
that
that
we
did
you
know
last
friday
and
this
morning,
but
I
don't
want
to
go
around
telling
people
like
go
change.
All
your
registry
right
now.
G
But
if
there's
any,
but
if
there
are
any
projects
that
are
not
close
to
releasing,
the
only
reason
that
I
wouldn't
want
to
change
right
away
is
just
so.
We
get
a
chance
to
soak
it
and
double
check.
But
we're
not
talking,
like,
I
think,
there'll
be
a
very
separate
decision
on
when
we
cut
over
to
actually
having
the
more
advanced
hosting,
but
just
the
redirector.
G
We
should
be
able
to
get
enough
confidence
and
and
start
moving
folks
to
having
the
domain
sooner
rather
than
later,
and
then
and
then
we
have
a
separate
discussion
about.
When
do
we
time
the
cut
over
to
yeah,
potentially
breaking
different
behaving
registry.
G
A
And
the
thing
there
is
like
we
do,
the
boiling
the
frog
analogy
where
we
keep
telling
people
like
hey.
We
are
trying
this.
We
are
trying
that
and
people
say
hey
what
are
you
doing
right
so
and
then
they
realized
that,
yes,
we
are
trying
to
create
a
new
one,
so
lou
women
got
interested
and
fabrizio
got
interested.
So
you
know
they'll
also
start
researching.
What
kind
of
problems
are
there
in
their
side
of
the
neck
of
the
woods?
So
they
are
not
taken
by
surprise
right
right.
G
D
We've
talked
about
this
a
few
times
right.
The
important
thing
again
is
getting
the
new
domain
in
place
because
our,
but
when
we
look
at
our
forecasting
for
our
budget,
we
need
to
make
change
now.
Right,
like
this,
has
to
be
changed.
Now
we're
going
to
run
out
of
money
by
the
end
of
the
year,
and
so
the
slowest
part
is
going
to
be
having
users
start
updating
their
tools
to
use
the
new
endpoints
and
the
project
maintainers
cutting
a
new
version
release
that
have
the
new
endpoint
in
there
right.
D
So
when
we've
talked
about
this
before,
we
need
a
transparent
proxy
to
whatever
is
in
place
now
right,
just
like
updating
the
domain
through
our
proxy.
That
is
the
most
important
thing,
because
again
we
are
going
to
run
out
of
money
by
the
end
of
the
year
unless
we
start
putting
all
these
things
in
place
and
the
longest
adoption
is
going
to
be
that
cut
over.
G
D
G
So
I
think
when
we
come
back
in
two
weeks,
we
can
have
folks
already
looking
at
okay
who
what
other
projects
in
the
ecosystem
are
pulling
through
this
registry.
That
are,
you
know
at
a
reasonable
point
of
really
cycle.
Or
can
we
start
talking
to
them
about
this
anyhow,
and
that's
something
that
we
can
massively
chart
out
in
this
group
is
please
go.
Please
go
work
with
our
sub
projects.
To
start
this
migration
to
the
to
the
new
endpoint.
D
H
Once
cube,
adm
hits
in
the
release
cycle
and
is
pointing
to
that
reg.
That
is
the
moment
when
we're
going
to
see
this
cost
reduction
hit
right.
A
So
so
I
guess
just
to
repeat
until
124
final
124.0
is
released,
we'll
be
trying
to
change
as
many
ci
jobs
as
possible
over
a
period
of
time,
cubadium,
kinder
and
kind,
and
then
cube
up
so
we'll
go
around
changing
all
those
jobs
to
point
to
the
new
registry
and
getting
a
sense
of
you
know
how
it
works
right
and
and
then
we
are
going
to
do
the
we
we're
going
to
capture
some
metrics
too
right
ben.
A
A
A
How
do
we
set
this
up
and
how
do
we
serve
these
blobs
for
the
showers
you'll
figure
out
that
side
and
then
there
is
going
to
be
like
okay.
When
can
the
redirector
point
to
your
stuff?
So
that
will
be
one
another
major
milestone.
I
don't
know
when
that
when
we'll
be
able
to
get
there,
but
let's
shoot
for
maybe
a
couple
of
months
down
the
line.
So
I.
G
H
Is
there
something
within
our
community
where
we
can
escalate
up
to
the
the
next
level,
either
whether
it's
steering.
E
H
To
say
that
the
importance
of
the
cost
savings
and
getting
this
domain,
we
have
a
super
simple
review
of
of
that
flow
to
to
get
that
the
the
updates
happening
as
early
in
the
process
as
possible
with
some
confidence
or
do.
Are
we
worried
enough
that
we
really
must
must,
must
push
this
out
too?
I
want.
A
A
That
is
the
point.
When
we
will
go
around
to
all
the
repositories
and
say:
hey
kubernetes
is
changing.
Let's
change
right
like
so.
You
know
all
of
us.
It's
all
hands
on
deck.
At
that
point,
right
like
going
around
changing
all
the
projects
and
then
making
sure,
and
essentially
what
we'll
tell
them
is
look
125
alpha
one
of
kubernetes
has
already
switched
to
registry.case.io,
so
all
of
you
should
do
the
same
right
that
that
is.
A
You
know
that
is
the
best
way
to
deal
with
the
situation.
They
should
see
evidence
that
kubernetes
is
doing
and
then
they
will
follow
like
this
is
the
same
for
pause,
image
or
destroyless
image
or
any
of
the
other
things
also.
You
know
we
lead
the
way
right
like
so
we
start
first
and
then
we
show
them
that
we
are
doing
this
and.
D
So
125
isn't
going
to
come
out
until
august
right,
and
so
that
leaves
us
that's
probably
halfway
through
august.
So
that
gives
us
four
months
and
we
are
definitely
going
to
blow
through
all
of
our
budget
and
runway.
Well,
the
thing
is
uptake
is
not
very
fast.
All
the
modeling
that
we
did
was
based
off
of
getting
this
shipped
in
like
february
right
and
so
we're
pretty
past
that
at
this
point,
yeah.
G
We
do
have
the
ability
to
look
at
like
distros,
though,
like
or
install
their
tools
and
use
it,
regardless
of
what
the
defaults
are
in
kk.
H
G
Yeah
we
discussed
this.
The
problem
is
the
actual
agent
is
the
container
runtime,
which
isn't,
which
is
very
unlikely
to
be
aware
of
the
like
distro
above
it
correct
it
potentially
even
has
multiple
clients,
in
theory,
like
of
like
cubelet
talks
to
cri,
api
container
d
and
then
container
d
is
the
thing
actually
doing
the
pulling
so
we'll
just
see
like
oh
it's
container
d
version
x
and
that
won't
tell
us
anything
about
okay,
but
who
configured
this
right.
H
So
we're
kind
of
dialing
home
type
things,
but
we
when
we
were
working
on
api
snoop,
we
had
to
go
through
and
update
the
client
go
library
to
be
able
to
infer
and
at
one
point
we
actually
injected
into
the
user
agent.
The
the
call
the
stack
trace
so
that
we
could
identify
what
pieces
of
the
kubernetes
code
base
were
part
of
that
call
it.
H
G
C
A
G
A
Thing
is
there
is
some
security
implications
of
that
as
well.
There
is
an
issue
similar
to
this
that
was
being
talked
about
in
the
continuity
they
were
trying
to
figure
out
like
how
much
of
the
traffic
comes
from
nerd
ctl,
for
example,
right
because
that's
the
two
anyway,
that's
digressing
on
a
different
direction.
So,
let's
not
worry.
A
Yeah,
so
that
that's
a
good
idea,
I
like
it,
it's
just
that
if
it's
cube
ctl,
which
we
have
control
over,
then
we
know
we
can
do
some
stuff.
But
if
there
is
other
community
tools,
then
it
becomes
harder
to
like
you
know
they
have
they.
They
can
push
back
against
us
right.
So.
G
I
think
eddie's
point
is
really
important
and
worth
like,
potentially
reconsidering
that
I
mean
we
are
not
actually
in
code
freeze
yet
and
august
is
really
late.
My
only
suggestion
would
be
that
we
do
have
the
potential
to.
If
we
have
confidence
that
it's
not
just
people
using
cubatum
and
kubernetes
kubernetes
defaults,
then
we
can
go
around
to
like
chaos
and
cubespray
and
everything
and
say
hey.
G
Can
you
please
like
just
override
this
use
the
case.io
in
your
next
release,
independent
of
the
kubernetes
release,
timeline
and
then
hope
those
tools,
roll
out
and
also
projects
that
aren't
part
of
the
org?
We
can
ask.
A
Yeah
we
can,
we
can
go
around
creating
issues
in
the
different
places
for
sure.
At
this
point,.
G
Because
I
do
think
we
want
as
much
of
this
to
roll
out
like
in
the
next
month
or
so
as
possible,
it
might
be
worth
having.
G
G
A
I
know
you're
back
hello.
Did
you
have
anything
so
we
were
trying
to
figure
out
like
what
comes
first?
What
comes
next?
What's
paralyzable
and
who's,
you
know
who
has
action
items
and
what
can
we
do
in
the
next
two
weeks?
Does
that
sound
like
a
plan
to
you
or
no.
A
A
E
C
A
So
did
you
already
catch
what
I
was
saying
about
the
next
two
weeks
or
no,
or
should
I
repeat
that?
No,
no,
I
didn't
catch
anything.
You
didn't
catch
that,
so
one
track
is
jay
and
eddie
are
going
to
figure
out.
A
I
gave
them
two
log
files
pointers
to
two
log
files,
they're
gonna,
look
at
which
images
we
pull
and
they're
trying
they're
gonna
figure
out
like
how
in
how
the
blobs
need
to
be
stored
where
they
need
to
be
stored
and
they'll
come
come
back
with
some
ideas
for
the
next
next
call
on
our
side
in
the
next
two
weeks.
A
We
will,
we
already
have
a
way
to
you
know,
do
the
preset
for
the
pre-summit
and
the
periodic
jobs
so
we'll
roll
that
out
to
more
jobs,
especially
release
informing
release
blocking
those
kinds
of
things,
and
then
we
will
also
attack
a
kind
kinder
cubanium
and
essentially
throw
more
load
at
you
know
this
new
endpoint.
G
Bringing
up
kind
also
dropped
my
memory
on
it.
I
think
that's
somewhat
important
point,
I'm
not
sure
about
cryo,
but
I
think
this
is
the
case.
I
know
with
container
d.
We
can
also
have
projects
like
k-ops
switch
sooner
rather
than
later,
and
not
change
the
canonical
location
of
the
images,
but
instead
configure
that
this
is
a
mirror,
so
it
will
try
to
use
registry.case.edu
before
it
tries
to
use
case.gcr.io,
but
if
registry.kates.o
fails
it
should
fall
through
to
the
original.
A
Yeah,
well,
we
don't
have
the
people
well,
I
can
help
out
with
the
continuity
stuff.
We
don't
have
anybody
for
cryo
right
now
here
on
this
call,
so
we
allowed
to
like
write
it
write
up
what
we
want
them
to
do
and
see
if
they
they
can
do
it.
Sorry.
G
A
G
Yeah
yeah
and
then
we
can
that
will
let
us
roll
out
in
more
places
ahead
of
whatever
level
of
confidence
we
need
and
changing
it
and
kkk.
So
the
way
to
do
that,
then.
A
G
I
think
we
can
take
this
approach
to
some
projects.
I
I
know
not:
every
project
is
using
container
d.
Docker
d
doesn't
have
this,
but
I
think
cryo
does
so
at
least
projects
using
continuity
and
cryo,
which
should
be
most
of
them
going
forward.
We
can
ask
them
to
make
this
change
right.
A
Yeah
and
the
other
thing
to
keep
in
mind
here
is
we
are
already
taking
a
lot
of
we're
going
to
take
a
lot
of
flack
already
for
the
124
docker
shim
stuff.
So
let's
not
throw
in
an
alternative
endpoint
there
too,
then
we're
just
going
to
get
hammered
by
people
so.
A
Okay
was
there
anything
else
that
we
need
was
on
the
agenda
today.
D
Yeah
I
had
one
thing
that
was
up
next
before
we
move
on
from
this,
though
we
we
are
going
to
run
out
of
money
right
like
it
is
most
likely
going
to
happen
that
three
million
dollars
that
we
have
budgeted
for
the
yes.
A
D
A
Yeah,
it's
oriental
is
aware
already,
for
example,
and
there
is
a
deadline
coming
up
july
august,
something
where
the
three
million
is
gonna
run
out.
So
there
is
already
talks
happening
with
google
and
priyanka
is
aware-
and
you
know
we-
I
had
a
call
with
her.
Yes,
you
know
some
of
us
had
a
call
with
her
yesterday
and,
like
we
kind
of
said
yes,
this
we
are.
A
D
Cool
and
so,
and
on
that
note
one
of
the
things
that
arno
mentioned
jay-
this
is
something
you
and
I
will
have
to
figure
out
is
we
need
we're
going
to
need
a
commitment
from
aws
for
x
years
to
provide
this
funding
and
support
for
this
type
of
infrastructure,
we're
doing
yeah.
A
F
Oh
yeah,
no
I'm
gonna
like
I,
I
had
like
some
follow-up
questions
that
I
had
supposed
to
to.
Rihann
ryan
actually
sent
me
a
little
bit
of
information
earlier
about
that.
Like
breakdown
of
like
costs
like
you
know
what.
F
That
kind
of
thing
that'll
be
useful
in
my
my
presentation
to
the
uppers.
A
Show
you
walk
you
through
those
reports
too
right
on
yeah
for
sure
and
yeah.
A
Yeah
and
hippie
is
doing
the
cloud
credits
program,
so
you
know
he
can
give
you
the
information
that
we
have
on
that
side
too.
Yep,
okay,.
A
H
I
mainly
wanted
to
make
sure
that
caleb
and
the
ii
team
can
help
really
directly
and
succinctly
and
the
same
thing
I
think
for
jay
and
crew.
We
have
this
beautiful
document.
That's
really
helped
to
kick
start
things
into
high
gear
and
we
have
the
repository
with
the
issues
and
I'll
just
flow
that
right
into
we.
We
had
a
really
good
rhythm
early
on
of
having
this
issue
board,
that
we'd
reviewed
to
move
things
forward
and
we're
all
kind
of
spread
thin
in
different
areas.
H
If
there's
any
way
that
we
can
help
to
create
and
steward
and
create
those
issues
as
a
as
a
group
and
prioritize
them.
Maybe
we
can
set
aside
some
time
in
the
meetings
to
be
sure
and
limited
to
a
few
minutes
to
make
sure
we
quickly
update
those
tickets
so
that
we
can
reassign
and
prioritize
the
the
people
getting
applied,
which
is
separate
from
prioritizing
and
making
sure
that
the
work
is
captured
and
available
for
people
to
be
assigned
to
yeah.
A
We'll
get
there
hippie,
but
just
not
yet
for
the
next
two
weeks
at
least.
We
know
that
we
have
to
do
on
our
side.
We
have
to
do
two
sets
of
things.
One
is
ben,
is
going
to
log
some
issues
and
caleb
can
pick
them
up,
and
then
we
have
to
go
around
changing
the
ci
jobs
to
make
sure
that
they
point
they
point
to
registry.kate's
dot
io.
A
So
if
caleb
can
pick
up
say
kind,
then
me
and
arno
can
look
at
something
else,
so
pick
a
job
in
kind,
that's
pre-summit
and
then
see
what
it.
What
it
will
take
to.
A
So
arnold
was
working
on
that.
So
I
know,
did
you
want
to
say
something.
A
Yeah
I'm
trying
to
assign
some
work
to
caleb.
Did
you
have
anything
specific
that
you
we
could
are
trying
to
kill
him.
A
C
E
Now,
if
we
want
to
do
something,
is
this
is
a
conversation
with
closer
life
cycle?
Focusing
signal,
false
is
have
some
do
some
load
testing
against
that
new
endpoint
and
see
what's
happening?
I
think
this
is
something
that
can
can
that
can
really
bring
value
to
see
how
cloud
brand
handle
scalability
for
this
endpoint.
I
think
this
is
one
thing
I
can
think
about
right
now.
Yeah.
A
Yeah
so
pick
up
one
class
of
jobs
that
you
want
to
work
on
caleb
and
bring
us
back,
so
we
don't
duplicate
the
work.
Okay,
so
that
that's
all
we
have
time
for
today.
Thanks
a
lot
everyone-
and,
let's
see
all
in
two
weeks-
please
please
please
leave
some
notes
or
comments
or
questions
on
slack.
A
Let's
try
to
do
something
every
day
on
slack,
so
we
don't
come
back
into
the
meeting
to
talk
about
things
and
we'll
like
deal
with
things
asynchronously
over
the
next
two
weeks,
and
let's
not
wait
for
to
report
a
progress
or
you
know,
start
a
conversation
or,
like
you
know,
hey
do
we
want
to
do
this?
Do
we
want
to
do
that
or
something
like
that,
and
we
can
add
hopeful
people
into
meetings
and
we
can
we
can
get
going
and
it's
already
late.
G
We
have
any
work
to
do
file
an
issue
that
way
also,
if,
if
you're
not
getting
to
it,
someone
else
can
pick
it
up.
Okay,
thanks.