►
From YouTube: wg-k8s-infra biweekly meeting 20200106
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
Okay,
hi
everybody
happy
new
year
today
is
wednesday
january
6th
2021..
This
is
the
kubernetes
wg
kate
center
meeting.
I
am
your
host
aaron
of
sig
beard,
I'm
also
known
as
fxp.
At
all
places.
This
meeting
is
publicly
recorded
and
we'll
be
adhering
to
the
kubernetes
code
of
conduct
during
it,
which
briefly
means
don't
be
a
jerk
and
be
your
best
self
to
each
other.
If
you
feel
like,
we
are
not
doing
that
or
if
you
have
a
problem,
please
reach
out
to
me
or
conduct
at
kubernetes
dot,
io.
A
Okay,
we
had
a
fairly
light
agenda
today,
but
I
pulled
the
room
before
we
started
the
meeting.
We
came
up
with
a
few
things,
so
I'm
gonna
hand
it
over
to
tim
to
talk
to
us
about
the
sort
of
billing
report,
and
maybe
we
can
just
look
at
the
year
in
review.
B
Thank
you
so
in
prep
for
today's
meeting
I
pulled
up
the
google
cloud
one
year
view
of
our
billing,
the
total.
So
I
just
changed
the
query.
Let
me
change
it
back.
B
The
total
that
I'm
looking
at
is
for
the
year
2020
january,
1st,
to
january
1st
661
000
some
dollars
the
that
doesn't
tell
the
whole
story,
though
the
graph
is
actually
pretty
hilarious
because
right
up
until
about
july
19th,
it's
mostly
flat,
and
then
it
goes
enormously
large.
That
was
when
we
cut
over
the
gcr
repo.
I
guess
so,
if
you
look
only
at
let's
say
the
last
four
months
of
20.,
so
it's
a
september
1st
20
to
january
1st
of
21
the
total
there
is
470
k,
plus
change.
B
So
if
you
roughly
triple
that,
I
would
estimate
that
this
year,
we'll
be
looking
at
about
1.5
million,
which
is
still
well
within
the
credits
that
we
have.
So
everything
is
a-okay
and
I
think
it
is
okay
for
us
to
consider
new
projects
in
the
the
new
year.
I
know
there
are
some
that
need
doing,
and
so
we've
held
off
a
little
bit
while
we
were
trying
to
figure
out
make
sure
that
we
had
enough
credit.
We
do,
I
think,
there's
no
problem
proceeding.
A
I
was
going
to
share
a
copy
of
the
the
publicly
beautiful
report
just
to
illustrate
what
you
were
talking
about:
that's
cool,
so
this
is,
if
you
join
the
wdk
temperament,
you
have
access
to
this
this.
This
part
of
the
year
was
when
we
started
shifting
some
of
the
crowd
jobs
over
and
were
prototyping
with
it.
B
A
I
don't
have
a
specific
question
on
it,
but
a
thought
is
something
I
feel
like
we
will
want
for
this
year
is
the
ability
to
do
kind
of
more
granular
building
breakdowns.
I
appreciate
that
folks,
like
tim
and
myself,
can
look
at
that
report
and
we
have
the
history
of
what
we've
been
doing
baked
in
her
head,
but
at
some
point
in
order
to
help
more
people
understand.
A
What's
going
on
here
and
more
people
manage
this,
we'll
need
to
be
able
to
break
this
down
more
granularly,
maybe
eventually
down
to
the
level
of
like
per
service
or
per
sig,
and
I
feel,
like
bart,
had
tried
to
reach
out
to
justin
at
some
point
to
get
like
more
access
to
the
the
queries
that
we're
using
or
whatever,
and
I
feel
like,
maybe
that
work
stalled
out.
So
I
will
try
kicking
that
pebble,
digging
that
bubble
back
up
and
seeing
if
we
can
start
planing
around
that.
B
So
when
we
did
the
gcr
flip
over
justin-
and
I
started
doing
some
data
spelunking
through
the
logs
to
try
to
figure
out
if
we
could
produce
at
least
information,
if
not
a
report,
quite
of
the
same
fashion,
about
which
images
were
the
most
used,
it
looked
early
successful,
but
we
both
got
busy
and
turned
to
other
things.
So
one
of
the
things
I'd
like
to
turn
to
this
year
is
to
revisit
that
and
look
again
at
those
logs
and
see
if
we
can
extract
useful
information
out
of
it.
C
I
didn't
know,
I
just
didn't
see
it
so
I,
but
yes,
I
think
it'd
be
great
to
do
that
and
I
think
if
we,
if
we
look
at
where
the
spend
is
and
where
the
gaps
are
and
sort
of
drive
that
so,
in
other
words
like,
I
would
argue
that
we
don't
really
care
about
the
individual
breakdown
on
cloud
build
when
it
totals
two
thousand
dollars
a
month.
Two
thousand
dollars
a
year
versus
on
other
things,
which
are
more
like
two
hundred
thousand
dollars
a
year.
B
It
makes
sense
from
an
administrative
point
of
view,
to
have
like
a
storage
project
where
we
store
all
of
our
storage
buckets.
But
the
storage
breakdown
per
bucket
is
harder
to
extract,
whereas
per
project
is
sort
of
already
there,
and
so
we
we
may
want
to
rejigger
how
we,
at
least
for
future
buckets
how
we
arrange
what
we're
going
to
store,
for
example,.
B
Yeah,
so
this
has
come
up
twice
now
in
the
last
six
months
and
basically,
you
know
we're
using
start
manager
in
our
aaa
cluster
for
all
for
everything
that
wants
to
do
tls
and
occasionally
cert
manager,
burps
for
one
reason
or
another,
not
pointing
any
fingers.
One
case,
it
was
us
doing
things
that
cert
manager
doesn't
support
in
the
current
case,
I'm
not
actually
sure
why
it
burping.
B
So
when
we're
trying
to
figure
it
out,
I
wanted
to
a
encourage
everybody
who
is
paying
attention
to
services
in
the
aaa
cluster
to
think
about
their
certificates?
I
don't
know
who
gets
the
emails.
I
get
an
email
from
from.
Let's
encrypt,
I
don't
know
why
I
get
an
email
from
let's
encrypt,
I
don't
know
if
it's,
because
I'm
a
project
owner
or
I'm
not
really
sure
why.
C
I'm
not
sure
why
either
I
do
too,
when
you,
when
you
create
your
account
with
let's
encrypt,
you,
do
specify
an
email,
and
my
guess
is
whatever
email
we
specified
is
a
listing
to
at
least
the
three
of
us
and
presumably
others.
B
C
E
Thank
you
yeah.
I
have
a
sneak
peek
and
that's
what
it
is
emails
of
time
receiving
are
coming
to
cadets
infra
team
private
from
that
yeah.
B
Okay,
cool
well,
that
explains
why
we're
getting
it
yeah,
the
the
one
around
kate's
that
I
owe
like.
I
didn't,
really
pay
attention
to,
because
I'd
received
so
many,
let's
encrypt
emails
from
things
that
had
been
moved
off
and
I
just
sort
of
let
it
go
until
it
was
almost
too
late
and
we
had
a
little
emergency
and
it
turns
out
that
let's
encrypt
and
ipv6
we're
not
super
friendly
and
we
had
to
figure
out
how
to
fix
it,
we
fixed
it
for
the
current
one.
B
I
don't
really
know
I
don't
know.
What's
going
on
with
perf
dash,
I
don't
know
cert
manager
well
enough
to
be
able
to
say
like
how
to
even
debug
it
there's.
No
events,
there's
nothing
that
looks
out
of
place.
It's
just
all
pending
munners
has
piped
up
on
slack,
so
you
know
he's
ever
the
expert
and
always
generous
with
his
time.
So
I
will
lean
on
him
one
more
time
to
try
to
figure
this
case
out,
but
I
do
want
to
just
plant
a
seed
of
like.
A
A
A
A
B
C
I
actually
put
a
link
in
the
zoom
chat
to
what
I
believe
is
the
code.
You
configure
an
issuer,
you
can
either
configure
the
cluster
level
or
the
namespace
level.
I
I
think
you
can
actually
create
as
many
those
correspond
to
an
account
with
that's
encrypt,
and
I
believe
you
can
create
as
many
accounts
as
you
want,
because
I
think
they
restrict
based
on
ip
address
and
domain
name
and
things
like
that.
So
they
don't
really
care
about
the
account
type
thing
interesting.
C
B
B
Some
sort
of
that's
a
good,
that's
a
good
question.
We
could
totally
try
to
put
that
together.
I
guess
the
next
question
is:
do
we
have
any
volunteers
who
want
to
poke
at
this,
whether
it's
a
like
a
cron
job
report
or
a
dashboard
or
something
I
don't
care,
how
primitive
it
is
just
I
I
don't
want
to
have
emergencies,
especially
over
holidays,
when
I'm
going
what
I
don't
know
what's
going
on.
B
F
F
A
F
A
Awesome
that
was
all
I
had
just
ask
the
question
if
we
feel
like
we're
over
optimizing
on
one
specific
use
case
here,
because
this
is
it's
definitely
painful-
it's
happened
happens
once
a
year
at
the
moment.
C
A
C
Okay,
but
but
I
also
think
what
we
will,
what
I
hope
we're
able
to
do
is
we're
able
to
effectively
have
a
mechanism
to
every
day.
For
example,
look
at
all
the
kubernetes
objects
that
match
some
spec
extract
certain
fields
and
basically
bump
that
into
a
report
somewhere
right.
It's
it's
not
necessarily
going
to
be
very
specific.
It's
going
to
be
adaptable
to
other
scenarios
that
arise
right.
You
you're,
you
told
me.
B
A
Awesome,
ricardo
and
justin.
Thank
you
very
much
for
volunteering
to
take
a
look
at
this.
Can
one
of
you
please
make
an
issue
on
kate's
I
o,
so
that
we
can
track
this?
I
did
a
poor
job
of
preparing
this
for
today,
but
I
would
like
to
try
and
get
us
back
to
putting
issues
on
the
board
and
walk
on
the
board.
So
the
agenda
for
this
meeting
can
kind
of
build
it
up.
C
C
We
went,
we've
done
a
lot
of
back
and
forth
on
how
it
should
work,
and
it
currently
has
a
the
state
store-
is
stored
in
a
gcs
bucket
encrypted
with
a
secret
that
is
stored
in
google's
internal
secret
store,
and
I
guess
we
could
share
with
other
people
that
need
to
know,
but
hopefully
not
many
people
need
to
know.
C
A
Can
start
reviewing
this?
Thank
you
been
guilty
for
some
of
the
terraform
in
this
you,
you
triggered
me
a
little
bit
when
you
talk
about
google's
internal
secret
store,
I'm
wondering
if
you
could
use
google's
externally
available.
Google
cloud
secret
manager.
A
A
Do
you
all
want
36
minutes
back
or
do
you
want
to
catch
up
for
a
bit
or
do
you
have
other
specific
things?
You
want
to
talk
about.
B
I
don't
know
about
everybody
else,
but
I
actually
did
no
work
over
the
holidays,
so
I
I
have
a
pile
of
things
to
look
at
this
week.
I
would
be
happy
to
start
planning
for
the
remainder
of
this
quarter
year
in
earnest
in
two
weeks
time.
A
If
it's
cool
with
you,
though
I
just
maybe
wanted
to
take
five
minutes,
talk
about
our
high
level
thoughts
for
the
rest
of
the
year,
because
I
know
there
was
a
lot
of
consternation
over
whether
or
not
like
we,
you
know
credits
and
how
much
of
this
stuff
has
been
migrated
over
and
stuff-
and
I
know
before
the
year
closed
down,
like
google
has
recommitted
funding
for
all
of
this,
which
is
awesome,
and
this
tim
pointed
out
earlier
with
everything
we've
migrated
over
thus
far.
A
We
are
well
within
our
budget,
but
I,
I
still
think,
there's
a
fair
amount
of
stuff
to
be
migrated
over
so
I
plan
I
started
to
put
together
a
bunch
of
issues
over
like
all
of
the
remaining
google.com
projects
that
we
rely
upon.
Some
of
them
are
small.
Some
of
them
are
large,
but
I'm
trying
to
get
us
to
a
punch
list
that
remains
to
be
migrated
over.
A
I
anticipate
there's
going
to
be
some
interest
from
some
of
the
release
engineering
folks
to
help
migrate
over
some
of
the
ci
related
projects.
I
feel
like
two
of
the
most
costly
lifts
that
we'll
have
to
do
at
some
point
and
we
can
decide
how
to
prioritize.
These
would
be
scale
testing
of
kubernetes
5000
node
tests
that
currently
block
the
kubernetes
release.
A
So
as
always
for
me,
I'm
interested,
I
feel
like
the
group's
original
mission,
was
like
eliminate
google.com
as
a
dependent
as
a
blocking
dependency,
so
the
project
can
run
itself
and
that's.
I
want
to
really
focus
on
closing
that
out
this
year.
B
And-
and
I
would
add,
maybe
to
that
list-
learning
from
some
of
our
past
mistakes
and
adding
the
intermediate
abstractions
when
appropriate,
like
not
exposing
direct
buckets,
which
was
a
giant
pain
in
the
butt
for
the
helm.
Folks.
A
Right,
yeah
there's
another
thing
that
would
maybe
be
helpful
as
we
start
to
think
about
reorganization
and
stuff
that
a
lot
of
this
stuff
is
put
together
with
batch.
Less
of
it
is
done
with
terraform
and
it
would
be
cool
if
there's
somebody
who
is
interested
in
reorganizing
this
stuff
with
terraform.
A
I
I
am
super
in
favor
of
that
I
feel
like
I'm
a
public
skeptic
of
it.
I
think
it's
more
an
acknowledgement
of
my
own
lack
of
experience
with
terrible
mediums
and
whatnot,
but
as
much
as
they
prior
as
much
as
I'm
interested
in
that
I
still
kind
of
feel
like
the
the
maturity
of
what
we
have
is
is
in
bash,
and
so,
if
I'm
adding
stuff
to
stuff,
that's
already
in
bash,
I'm
probably
going
to
keep
staying
in
batch
rather
than
like
piecemeal
migrating
stuff
over
to
terraform
as
we
go.
A
B
And
I
will
admit
that
I
actually
started
on
a
major
refactoring
of
the
bash
into
more
bash,
and
then
I
realized
that
I
would
probably
get
chewed
out
for
doing
so,
and
so
I
I
paused
that
work
like
you,
I'm
not
a
terraform
expert,
so
I
just
don't
know
the
idioms
and
the
norms
and
the
best
practices
there
if
we
can
establish
a
better
way
to
do
it
with
terraform,
I'm
fine
with
it.
B
I
expect
that
the
way
I
would
have
laid
out
the
bash
now
with
all
the
you
know,
the
several
years
of
hindsight
would
look
a
lot
more
like
the
terraform.
It
would
be
a
lot
more
sort
of
project,
oriented
and
purpose
oriented,
rather
than
the
way
it
is
like.
I
would
align
it
in
completely
the
opposite
direction
than
we
have
done
today.
A
And
then
one
other
thing
I'll
mention
the
release
engineering
folks
aren't
here.
I
know
that
there
was
an
interest
and
possibly
even
a
cap
around
trying
to
break
out
all
of
the
kates.gcr.io
like
artifact
management
stuff
into
a
separate
repo
which
I
am
in
favor
of,
but
I
I
have
a
little
bit
of
skepticism
about
making
sure
that
we
have
things
appropriately
tied
together.
A
So
we
don't
have
things
stripping
apart,
but
I
just
personally
would
be
interested
in
that,
since
the
vast
majority
of
pr
traffic
to
this
repo
right
now
is
image
manifest
updates.
So
it
makes
it
kind
of
difficult
to
see
like
what
else
has
been
going
on
totally.
B
A
I
just
remember
that
I
had
them.
I
don't
remember
what
they
are
right
now
so
anyway,
those
are
my
hopes
and
dreams
I
feel.
Like
antonio
mentioned,
he
definitely
wants
to
help
us
with
all
things
ipv6
last
year
I
know
harno
has
been
doing
great
work
for
like
triage
party
and
other
services
in
the
aaa
cluster
and
has
been
looking
to
get
a
proud
staging
instance
up.
So
I
feel
like
we've.
A
We've
got
a
lot
of
cool
stuff
to
work
on
this
year
and
I'm
super
psyched
for
it,
but
if
there's
something
that
somebody
watching
this
or
somebody
here
would
like
to
suggest
instead,
let
us
know.
A
All
right,
I've
held
you
hostage
for
five
minutes.
Thank
you
all
for
your
time
really
great
to
see
you
all
happy
wednesday,
happy
new
year,
everybody.