►
From YouTube: Kubernetes SIG Security Docs 2020-12-17
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
Hello,
everyone
today
is
the
december
17th
and
this
is
the
security
documentation
subproject
meeting
we
abide
by
the
kubernetes
code
of
contact,
which
means
be
awesome
to
everyone
and
to
yourself.
So
let's
get
started
and
I
have
dropped
the
agenda
link
in
the
chat.
Please
feel
free
to
add
yourself
to
the
agenda
and
I
have
got
one
discussion
so
far,
so
there
has
been
a
long.
Can
everyone
hear
me.
A
Thank
you,
I'm
gonna
get
that
added
to
the
meeting
invite.
I
noticed
that
it's
missing
from
the
meeting
invite
I
will
get
that
added
for
the
next
time.
So
moving
on,
so
I
have
one
discussion.
So
there
has
been
a
long-standing
issue
to
create
some
tutorials
or
documentation
on
how
to
set
up
dls.
A
So
tim
had
posted
that
on
the
security
group
asking
for
help.
So
if
anyone
is
interested
in
picking
that
up
or
chiming
in,
please
feel
free
to
do
so
and.
C
Is
that
will
that
be
an
extension
of
the
docs
that
already
exist
in
kubernetes.
A
Then
living
under
the
concepts
page
are
the.
A
B
I
don't
have
much
experience
with
this
if
someone
needs
help
editing
or
like
testing
whatever
they
come
up
with.
I
can
help
but
yeah
sure.
C
Yeah
because
there
is
sorry
real
quick,
there
is
the
the
tls
specific
kind
of
blurb
under
ingress.
B
A
Feel,
like
I
feel
like
at
this
point,
I
wanted
to
expand
with
some
examples,
but
that
is
a
good
question.
So,
if
you
like
to
follow
up
on
the
issue,
please
feel
free
to
otherwise
I
will
follow
up
later
and
post
the
whatever
that
they
want.
I
can
talk
to
them
and
get
the
get
what
he
was
looking
for.
C
The
discussion-
okay,
yeah
perfect,
that's.
A
A
So
I
figured
we
could
just
chime
in
and
add.
Maybe
it
doesn't
even
have
to
be
elaborate
tutorial
because
it's
going
to
be
difficult,
but
we
can
just
add
some
code
snippets
to
start
with
on
how
to
add
basic
certificate,
let's
encrypt
or
won't.
If
I
don't,
if
anyone
is
hiding
their
own
self
science
again,
but
yeah
some
sort
of
we
get,
we
can
do
that.
C
Yeah,
it
seems
like
they
also
want
more
in
depth
about
like
what
ssl
and
tls
is
right.
That's
ltls,
like
it's
also
somewhat
of
an
introduction
to
the
concept
altogether.
A
Yeah
and
michael,
I
think
you
talked
about
the
hardening
guide
in
the
first
meeting
or
before
your
first
first
meeting,
so
we
talked
a
little
bit
about
it
last
time,
but
just
like
brainstorming.
So
if,
if
no
one
has
any
topic,
we
could
just
have
open
discussion
and
talk
about
stuff
that
we
want
to
do.
A
C
Yeah
to
me,
I
think
more
issues
like
this,
where,
like
the
community,
actually
needs
documentation
outlining
something,
is
a
good
place
to
start
the
heart,
not
sure
if
anybody
saw
the
the
white
paper
that
came
out
right
from
security,
yeah.
C
Do
like
a
watered-down
version
of
that
nice
could
also
do
like
a
a
road
map
like
a
security
checklist
roadmap
of
if
you're,
starting
with
kubernetes.
You
know
before
you
really
even
get
started
like
here's,
some
simple
security
things
that
you
need
to
know
about.
I
find
the
roadmaps
are
really
helpful
for
people
that
are
starting
off.
A
Yeah,
actually,
yes,
like
up
prediction,
readiness
like
how
we
have
a
prediction,
readiness
checklist-
we
could
have
a
security
checklist.
I
think
it
will
be
a
good
place
to
start
with
and
the
one
way
that
I
cannot
decide
is
that
where
would
we
put
it,
would
it
be
a
blog
post
or
would
it
be
a?
Would
it
be
under
the
main
documentation?
So
I
am
I'm
not
sure
on.
Where
would
we
add
such
things?
It
needs
to
be
constantly
evolving.
C
B
Have
a
document
that
we
always
update
and
when
we
launch
it
we
make
a
blog
post
to
say:
oh
hey
there,
here's
this
new
resource
that
we're
going
to
keep
up
to
date.
Just
so
people
can
share
the
announcement
like.
C
Mm-Hmm
and
I
agree-
and
I
think
we
could
put
it
in
tutorials
like
we
could
do
more
of
a
demo
style
because
I'm
looking
at
it's
like
kubernetes
basics,
configuration
stateless
applications,
they
get
clusters,
there's
app
armor
in
there.
C
You
could
do
security
and
then
do
a
road
map
and
then
each
like
the
road
map,
maybe
outlines
the
we
can
start
with,
like
the
top
three
security
things
that
you
know,
we
think
people
need
to
focus
on,
explain
those
in
depth
link
them
back
to
previous
blog
posts
right
in
kubernetes
or
previous
kubernetes
documentation.
C
That's
that's
my
thought
like.
If
I
think
that,
unless
you
know
other
groups
outline
that
there's
like
a
gap
in
the
documentation
that
needs
to
be
filled,
then
really
we're
kind
of
just
like
beefing
up.
I
think
some
of
the
content
right.
It's
like
unless
there's
a
specific
issue
where
it's
like
hey.
We
brought
this
new
feature
and
there's
no
documentation
on
it.
We
need
somebody
to
write
about
it.
I
think
that
most
of
our
work
is
going
to
be
like
blog
posts
and
tutorials,
specifically
around
security
right.
A
Yeah
that,
and
also
I
feel
like
whenever
and
wherever
we
come
across,
I
I
know
it's
impossible
to
sweep
through
the
entire
site,
but
if
we
come
across
anything
where
we
could
boost
the
security
up
or
like,
if
we
see.
A
Is
lacking
and
we
could
just
open
an
issue
pretty
much.
That's
what
I
think
and
I
so
if
I
I
know
michael,
you
have
some
experience
with
the
checklist,
I
believe
so.
If
you
would
like
to
get
started,
I
would
be
happy
to
help,
but
I
I
just
want
to
know
like
if
anyone
wants
to
volunteer
I'd
be
happy,
and
there
is
no
time
constraint
on
this.
So
I
just
want
to
like
folks
know
that
holidays
are
coming
up
and.
C
I
think
just
brainstorming
for
now
would
be
pretty
good.
Just
we'll
start
starting
like
google
drive
and
a
doc,
and
then
just
you
know,
security
checklist
from
the
beginning.
You
know
when
you're
first
creating
like
you,
can
start
with
container
security,
and
then
you
can
start
with
okay,
we'll
build
our
first
deployment
right.
Let's
make
sure
that
we're
specifying
the
ports
that
are
open
right.
Okay,
let's
connect
a
service,
let's
use
annotations
right
just
beginning
to
end,
and
then
we
don't
necessarily
need
to
reinvent
the
wheel
here.
C
A
Yeah,
I
think
that
that
would
be
a
good
thing
to
do
so
so
many
people
when
they
look
at
the
documentation.
They
know
how
to
get
things
done,
but
they
don't
know
how
to
get
things
done
securely
and
then
they
implement
the
kubernetes.
They
design
the
kubernetes
clusters
and
then
they
go
back
and
they're
like
oh,
oh,
like
I
need
to
now
do
the
security.
So
I'm
it's
not
the
right
way.
So
I
believe
that
you
do
hand
in
hand,
security
and
designing
and
it
comes
in
every
step.
A
A
And
yeah
I
can
create
a
document
and
link
and
then
we
can
start
brainstorming
sure
or
we
could
either
waste
work.
So
we
could
start
brainstorming
in
slack
or
we
can
start
brainstorming
in
a
documentation.
So.
C
I'm
good
with
either
I'm
just
gonna
like
probably
go
in
and
when
I
want
to
have
some
time
just
vomit
onto
the
into
the
dock,
so
feel
free
to
correct
me,
but
yeah,
I
think,
just
kind
of
setting.
You
know
what
honestly
kind
of
how
you
got
into
kubernetes,
like
if
you
just
started
with
containers
like
what
are
the
things
to
check
what
are
some
resources
and
then
it
just
continues
to
go
down
and
we'll
kind
of
build
up
a
library
I
think
of
external
documentation
as
well.
C
So
we
we're
not
repeating
ourselves-
and
I
guess
probably
try
to
focus
on
keeping
it
within
the
kubernetes
documentation,
not
like
external
links
and-
and
the
other
thing
too,
is
by
doing
this,
we'll
be
able
to
identify
what
documentation
isn't
in
kubernetes
right.
So,
if
we're
going
through
a
checklist
and
all
of
a
sudden
we're
like
hey,
there's
no
real
explanation
of
this
security
topic,
it's
like
okay,
we
should
probably
write
about
it.
A
Oh
definitely,
those
are
should.
B
A
Definitely,
and
do
you
envision
this
guide
as
a
post
or
like
a
tutorial
again
like
I'm
just
trying
to
this
is
gonna
be
ever
evolving
and
I
would
love
to
see
an
hour
back
guide
because
I
struggle
every
single
time
I
am.
I
have
to
google
and
I
have
to
go
to
multiple
documentations
in
multiple
sites
and
it's
it
struggles.
A
C
Like
I'll
give
you
guys
an
example,
because
there's
the
like
the
staple
set
basics
right
and
where
is
this
in
the
chat
there?
It
is,
and
so
like
there's
the
before
you
begin,
you
know
basic
understanding
of
what
things
are
and
how
it
should
how
you
like
what
you
should
know,
and
so
I
think
that
we
come
in
and
we
say:
okay,
you
really
should
know
about
pods
deployment
services
at
least
to
get
started,
and
then
we'll
take
you
through
how
to
set
up
kind
of
your
first.
C
You
know
small
micro
service
sort
of
thing
and
then
now
you
need
to
know
quotas.
You
know
now
you
need
no
security
context.
Now
you
need
to
know
rbac
and
then,
depending
on
how
complicated
those
topics
be,
they
can
also
be
splinter
off
right,
because
if
you
look
at
the
tutorial
section,
it
really
actually
is
there's
like
configurations.
Stateless
applications,
state
full
applications.
C
C
But
I
think
that
that,
like
overarching
road
map,
just
for
people
who
are
starting,
who
are
searching
off
that
are
like
right,
I
think
it'll
be
pretty
useful.
A
C
A
A
And
ctl
was
also
moved
out
and
there
are
things
that's
going
to
move
out
of
the
code
base
and
the
word
move.
So
when
we
try
to
address
certain
things
like
security
and
we
have
a
tutorial
or
we
have
some
guides
and
best
practices
around
it.
Are
we
gonna
think
of
an
entire
kubernetes
ecosystem
or
are
we
just
gonna
see
what
is
just
in
the
code
base
or
like
I'm
trying
to
get.
C
With
the
kubernetes
basics,
personally,
keep
it
simple
for
people
to
at
least
start
contributing
and
then
once
we
have
that
those
kind
of
core
security
concepts
outlined,
then
we
kind
of
branch
off.
That's
that's
my
two
cents.
B
A
All
right-
and
that
sounds
like
a
plan
to
me
as
well-
started
the.
A
A
B
A
Just
we
could
make
a
section
in
the
same
meeting,
notes
and
start
piling
on,
or
I
could
send
out
a
new
new
documentation.
However,
it
would
work,
would
it
work
to
maintain
everything
in
the
same
meeting
notes
or
would
folks
prefer
a
separate
documentation.
C
Yeah,
I
think,
probably
just
a
link
to
another
doc.
Okay
would
probably
be
best
just
to
avoid
clutter
like
keep
the
meeting
notes
and
then
we'll
just
keep
the
running
documentation
until
it
gets
too
large
that
we
maybe
need
to
move
it.
But
the
other
thing
I
just
posted
was
there
is
the
kubernetes
basics
right,
which
is
create
your
first
cluster,
deploy
an
app
explorer
app.
We
could
go
into
seven
and
do
secure
an
app
right
so
as
part
of
the
kubernetes
basics.
C
It's
you
know,
you
learn
the
basic
concepts,
but
you
actually
need
to
go
back
to
make
sure
it's
secure,
because
you
I
don't
know
we
could
like,
add
on
to
that
and
it
might
be
worth
exploring
for
what
each
I
actually
haven't.
Even
read
this
documentation
but
yeah.
It's
like
creating
a
cluster.
What
is
a
cluster
and
there's
an
interactive
tutorial
there?
So
maybe
I'm
not
sure
who
we
should
ping
for
this,
but
it
could
be
something
that
we
add
on
to
this
to
be.
You
know,
secure
an
app
as
number
seven.
C
A
Work,
I
I
think
it's
it's.
A
I
think
we
can
explore
the
options
and-
and
I
don't
know
who
maintains
it-
maybe
sick
dogs
folks
will
know
who
meet
and
said
ray.
Do
you
have
an
idea
who
maintains
the
interactive
tutorial.
B
C
A
C
Yeah
yeah,
the
more
I'm
reading
through
this,
I
think
tutorial,
is
the
way
to
go
because
we're
not
redefining
a
concept
right
so,
like
I
think,
like
every
two
weeks,
if
sig
security
or
the
other
cigs
decide
that
there's
a
hole
in
the
documentation,
then,
like
you
know,
we
go
back
and
redefine
a
concept,
but
if
we're
just
beefing
up
existing
documentation,
I
think
tutorials
is
the
way
to
go,
but
yeah.
I'm
surprised
that
we
haven't
even
done
this,
yet
there
really
isn't
security-based
tutorials
anyways,
just
rambling.
Now.
C
Yeah
I'm
excited
this
is
cool
and
thankfully
people
get
some
time
off
in
the
coming
weeks.
So
get
some
time
off
to
do
more
work.
You
know.
A
I'm
I'm
gonna
actually
avoid
trying
to
do
more
work,
but
I
recently
got
this
one,
so
this
is
what
I'm
gonna
do
to
familiarize
more
like
if
I'm
missing
something
or
like
just
a
holiday,
so
casey
wong
and
cronjo
joomdi,
someone
from
I
I
don't
know
from
where
they
are.
A
Yeah,
so
I
I
class
I'm
classifying
this
as
a
holiday,
read,
I'm
not
sure
if
this
qualifies
the
holiday
read
or
not,
but
I'm
just
classifying
like
okay,
I
need
so
many.
I
have
some
books
too.
I
really
need
to
get
back
to
reading.
It's
been
a
while
because
of
all
the
pandemic
and
things
going
on
like.
A
Oh,
that's
a
good
one,
so
yeah,
I'm
gonna
actively
try
not
to
work
during
the
holidays,
but
that's
gonna
be
tough.
C
A
C
A
A
Yeah,
I'm
I'm
not
I'm
unsure
that
if
we
will
meet
next
next
week,
it's
the
31st.
So
probably
I'm
not
sure
if
the
meetings
will
be
happening
or
not
just.
C
Probably
get
out
kick
it
out
another
week
and
take
the
31st
off
to
yourself
yeah.
A
So
we
can
check
in
asynchronously
and
I
know
we
are
at
the
end
of
the
meeting
time.
We
have
quite
a
good
list
of
things
to
start
with
and
I'm
excited
and
thank
you.
Everyone
go
ahead.
B
A
So
if
you
have
enough
things
to,
if,
if
you
have
enough
things
to
put
it
under
a
dock,
that
is
good
or
if
you
really
want,
you
can
just
directly
open
a
pr,
create
an
issue
and
open
a
pr,
and
we
can
just
go
over
and
review
back
and
forth
with
other
folks,
too,
that's
easier.
A
B
C
Yeah,
I've
always
found
just
google
docs
and
then
once
it
gets
big
enough
and
enough
because
I
just
find
it
harder
to
collaborate
and
get
until,
especially
when,
like
when
it's
blogs
and
writing.
Just
fine
comments
are
a
lot
easier
and
then
moving
it
over
but
yeah.
Well,
if,
if
you
want,
I'm
probably
just
going
to
start
to
look
at
outlines
and
just
vomit
into
the
google
doc,
and
if
you
want
to
share
the
when
you're
done
our
back
or
whatever
we
can,
we
can
merge
and
do
all
that.