►
From YouTube: Kubernetes SIG Service Catalog 20170718
Description
Design meetings:
- Orphan mitigation
- Name of BindingResource
- Secret parameters
A
Okay,
welcome
everybody
to
the
Tuesday
July
18
2017
meeting
of
terminated,
cigs
Service
Catalog,
we're
continuing
design
discussions
today
about
What's
in
scope
for
beta
and
what's
not
I
will
go
ahead
and
well
would
someone
else
like
to
share
their
screen
and
should
the
agenda
and
be
the
note-taker
I
am
absolutely
awful
at
talking
taking
notes?
At
the
same
time,
I'm.
A
A
D
A
A
It
is
like
treated
as
this
is
just
what
you
look
at
know.
What
to
do,
but
I,
don't
think
that
it's
universally
applicable
to
all
the
resources
that
it
applies
to
like
I,
think
there
are
cases
where
you'd
want
to
treat
a
certain
EXA
code
or
a
certain
HTTP
status
code
that
might
be
valid,
for
instance,
I
differently,
then
the
same
status
code
that
wouldn't
be
valid
for
a
binding.
So
as
an
example
as
an
example,
the
status
code
for
excepted
is
definitely
one.
A
That's
valid
for
operations
on
an
instance
if
that
incident
supports
or
if
the,
if
the
broker
and
the
client
support
Aysen
operations.
But
right
now,
since
we
don't
have
asynchronous
bindings,
it's
not
valid
for
bindings.
I
think
it
would
be
great
if
we
could
wind
up
in
a
state
where
the
orphan
mitigation
is
defined
like
separately
for
instances
and
bindings,
and
it's
really
specific
so
that
you
don't
have
to
make
inferences
about
what
might
be
accepted.
And
what
might
not
be
for
a
particular
resource
time
so.
A
That
we
well
Aaron
has
already
started
opening
an
issue
for
this
to
add
some
clarification.
I
would
just
like
to
get
clarification
on
bindings,
I,
think
Aaron's
issue
and
poor
request
has
to
do
with
clarifying
it
for
instances,
but
Aaron
you
probably
remember
better
than
I
did.
Is
that
accurate?
Yes,.
B
That's
accurate
and
I
someone
dug,
you
might
have
been.
You
request
them
to
add
at
least
to
add
specification
for
bindings
as
they
currently
are
in
master
orphan
mitigation,
specifically
for
binding
sorry,
so
that
might
land
them
I
lent.
An
FPR
I
think
that's
reasonable,
and
then
we
will
deal
with
the
orphan
mitigation
for
async
bindings.
As
we
add
as
we
work
on
work
through
the
async
bindings
PR
as
well.
Yeah.
D
And
that
sounds
familiar
I
guess
the
point
of
my
leading
questions
was
to
get
to
the
point
of
what
can
we
decide
today
for
our
stuff
before
we
make
any
spec
changes,
and
if
are
things
we
give
our
decisions
that
we
can
make
right
now
what
the
DuBose
will
be
put
forward
so
I
view
the.
A
Don't
think
that
were
there's
a
any
case
where
there's
anything
but
oh
yeah
well
for
binding
that
one
wouldn't
be
valid,
but
we
kind
of
treated
this
as
like
the
one
place
for
everything
if
we
make
if
we
get
the
orphan
mitigation
behavior
defined
for
instances
separately
for
bindings
and
locate
those
things
near
the
the
right
portions
of
the
spec
I
think
that's
enough
I,
just
it.
It
seems
to
me
like
it,
should
be
pretty
cut
and
dry
I
just
like
to
get
everything
merged
into
the
spec
before
we
make
additional
changes
for
this
yeah.
D
A
So
when
one
thing
is
that
I
already
have
a
poor
quest
open
to
stop
retrying
a
failure,
provision
operations
that
the
broker
has
said
have
failed,
which
is
part
of
being
compliant
with
the
spec
I,
think
that's
pretty
unambiguous
I
was
hoping
that
somebody
else
could
go
and
do
the
same
thing
for
bindings
and
that
will
probably
I
don't
think
Peter.
Those
are
controversial
as
things
that
we
should
do
and
they
move
us
in
the
direction
of
implementing
the
orphan
mitigation.
So
there
are
definitely.
B
E
B
A
So,
as
a
next
immediate
step
that
we
could
take
on
binding,
I
would
suggest
basically
the
equivalent
of
what
I
did
for
instances
and
the
for
requests
that
I
have
open,
which
is
basically
just
to
add
a
failure
condition
and
if
the
broker
returns,
something
that
indicates
a
failure
to
no
longer
retry.
The
binding,
yep
yeah
absolutely
agree.
Okay,
so
I
I
will
add
an
issue
specifically
for
that,
and
I
am
hoping
that
somebody
would
like
to
to
make
that
change.
A
A
F
B
A
A
We
definitely
need
to
rename
binding
because
when
you
use
there
well,
because
there
is
a
resource
in
the
kubernetes
v1
API
called
binding
that
the
Scout
would
the
scheduler
uses
to
make
assignments
of
pods
and
nodes,
and
so,
when
you're
running
behind
the
aggregator
and
you
use
cube
Cpl
to
try
to
address
a
binding,
you
get
a
naming
collision
and
you
have
to
use
the
fully
qualified
name
of
the
resource
which
is
kind
of
cumbersome.
So
we
definitely
need
to
to
change.
The
name.
A
I
am
very
happy
to
spend
a
few
minutes
talking
about
what
the
name
might
be.
Doug
I
think
you've
got
some
opinions
on
that
I've
been
thinking
about
it
a
little
bit.
If
we
do
that,
I
think
that
we
should
try
to
time
box
that'sa,
like
maybe
five
to
ten
minutes,
because
naming
discussions
tend
to
be
a
strange,
attractor
and
more
difficult
to
agree
on
than
ordering
pizza.
So
if
people
are
ok
time
boxing
in
maybe
two
ten
minutes,
we
can
definitely
talk
about
that
now.
So.
B
D
Okay,
so,
following
on
from
the
stage
discussion
or
like
I,
said
that
should
say
agreement
to
prefix
everything
with
service
catalog.
My
proposal
for
this
was
a
service
catalog
key
because
that's
consistent
with
what
Cloud
Foundry
caused
these
resources,
I
believe
now
put
in
prose
Oh
for
I
want
to
say
instance,
secret
key
I'm.
Sorry
I
have
to
go.
Look
it
up.
He
had
a
different
proposal.
D
So
always
in
fact,
this
key
was
his
proposal,
but
so
I
guess
to
be
service.
Catalog
instance.
Access
key
I,
don't
have
a
huge
preference
other
than
that
you
have.
A
plumbing
I
have
a
slight
preference
towards
just
service
catalog
key
for
consistency
with
Cloud
Foundry,
but
other
than
that
I.
Don't
really
care
it's
too
much.
So.
D
A
D
I'm
sorry,
a
lot
of
you
know
it's
not
part
of
the
spec
as
part
of
Cloud
Foundry.
If
you
look
at
the
link,
I
just
pasted
it
in
there
service
Keys
are
basically
your
way
of
saying
I
create
an
instance.
All
I
need
other
credentials,
so
basically
it's
kind
of
like
doing,
though
the
binding
operation,
without
linking
it
to
an
app.
D
A
D
D
A
D
B
A
So
here's
another
one
which
is
I
worried
that
since
we
tend
to
explain
the
open,
serviceworker
API
in
the
same
context
as
we
explain
the
kubernetes
api
for
catalog,
that
I
am
worried.
If
we
say
oh
and
then
there's
this
bind
operation
in
the
serviceworker
api.
That
and
in
the
same
breath
we
say-
and
it's
called
service
key
in
kubernetes-
that
it
will
be
confusing
I.
D
No,
what
could
my
one
thing,
Paul
III,
think?
Well,
what
you
said
is
true
that
right
now
we
do
end
up
discussing
sort
of
the
kubernetes
resources
and
deserves
world
API
to
people,
because
we're
telling
them
about
the
open
source,
burger
guy
I
think
this
particular
issue.
We
need
to
look
at
it.
I
mean
users
kibrit
at
ease
and
users,
point
of
view
where
they're
not
really
going
to
know
or
care
about
the
open
source
program
yeah,
because
it's
an
it's
an
almost
invitation,
detail.
B
A
little
bit
I've
done
this
I've
done
this
explanation
independently
from
OSB.
Quite
a
few
times,
I
haven't
tried
to
explain
things
with
another
name
besides
binding,
obviously
because
that's
what
it's
called
right
now,
but
the
way
that
I've
explained
it
is
when
you
create
an
instance
that
creates
an
instance
of
the
service
when
you
create
a
binding.
That
is
what
allows
you
to
access
that
instance
of
the
service.
Now,
if
I,
let's
say,
I
went
and
started
trying
to
explain
service
catalog
key.
B
What
I
would
probably
say
is
when
you
create
a
service
catalog
key
that
returns
to
you
all
of
the
data,
that
you
need
the
credentials
and
coordinates
that
you
need
to
access
the
instance
so
really
what
it
would
be
about
if
we
use
Service
Catalog
key,
is
getting
people
to
just
memorize
a
term
instead
of
trying
to
get
them
to
make
sense
of
it.
In
the
context
of
the
kubernetes
resource
set
yeah.
A
A
A
D
Mama
was
up
in
the
S
on
credentials.
I
accepting
credential
makes
more
sense.
Evil
sounds
little
orleans
all
right,
that's
so
hard
to
say,
but
Aaron
I
wanted
to
point
out.
One
thing,
though
I
suspect
in
most
your
conversations
using
the
word
binding
up
until
now,
probably
just
seemed
to
make
a
whole
lot
of
sense.
A
I
tend
to
agree
with
Doug
about
this,
since
I
definitely
view
the
long
term
thing
that
will
converge
upon
to
be
there's
a
resource
that
represents
the
open,
serviceworker
part
of
the
bind
operation,
and
then
there
might
be
any
number
of
resources
that
govern
the
consumption
of
that
binding
in
kubernetes
like
pod,
preset
I
could
easily
see
another
resource
that
built
a
V
cap
services.
Environment
variable
I
could
see
another
one
that
did
an
histy
o
rule.
I
could
see
another
one
that
did
a
network
policy
rule
so
I.
A
B
This
is
hard
point
to
your
point.
Yeah
I
mean
that
would
it's
doable
still
that
it
would
get
harder,
but
so
all
that
I
was
illustrating
there
is
that
to
date,
I've
had
this
same
tutorial
session
flush,
discussion,
I,
would
say
between
10
and
15
times,
with
everyone
from
people
who
are
hardcore,
CF
users
to
people
brand-new
to
kubernetes
and
never
used
CF
before
mostly
people
are
Microsoft
engineers.
Some
of
them
are
PMS,
but
they're
all
Microsoft
people.
B
So
what
I
was
trying
to
illustrate?
There
is
I
use
binding
independently
from
the
OSB
/
CF,
binding
concept
and,
in
fact,
with
the
Cloud
Foundry
hardcore
people
I
take
great
pain
to
separate
the
kubernetes
binding
concept
from
the
CF
binding
concept
for
a
couple
different
reasons.
But
if
we
changed
over
to
something
else,
just
want
to
illustrate
that
I
would
still
prefer
that
we
keep
it
separate
from
CF.
So
if
we
use
Service
Catalog
key,
it
would
just
be
a
matter
of
separating
it
from
the
CF
key
concept
and
then
getting
the
minima.
B
If
it
sounds
more
semantically
meaningful,
then
I
would
just
focus
on
getting
them
to
understand
what
the
semantics
meaning
meaning
of
it
is,
and
then
they
understand
it
at
that
point,
sir
I'm
not
too
worried
about
the
specific
name
as
long
as
it's
something
that
makes
a
reasonable
amount
of
sense.
You
know
not
gobbledygook
or
foo,
or
something
like
that.
I
tell.
B
A
D
B
B
So
I
will
say
to
move
the
discussion
I.
Think
to
the
next
point
kind
of-
let
me
just
say
this
as
far
as
the
use
cases
go,
one
of
our
main
use
cases
is
what
helm
and
and
these
things
would
thus
be
packaged
up
in
town
charts
and
if
it
serves
catalog
instance
credential,
that's
what
it
would
just
be
hard-coded,
as
in
the
helm
chart.
So
I
think
this
is
reasonable.
From
my
perspective,
that's
what
I'll
leave
it
as
cos
from
me.
A
Okey
giggles
so
done
since
you
made
I
think
at
least
one
or
two
issues.
Would
you
take
the
action
item
to
record
our
consensus
yep
and
after
that,
can
we
make
sure
there
is
only
one
issue
open
for
this,
because
I
think
we
have
at
least
two
and
I
know:
there's
been
one
that
I
heard
enclosed
about
rigging
and
hemming
binding,
so
I
don't
care
which
one
God
as
long
as
there's
just
one
at
the
end.
B
A
A
D
I
suspect
so
nail
is
them
on
the
call,
so,
okay
sure
but
I
think
it
probably
too
late.
The
discussions
that
we're
having
yesterday
too
they're
an
issue
or
slack
again,
which
one
we're
not
all
jason
becames,
can
be
valid
in
our
variable
names
or
kubernetes,
config
map
names
or
keys,
and
so
the
question
is:
what
are
we
going
to
do
about
that?
If
that's
the
top
level
s
you.
A
A
Results
in
a
secret
being
creative,
with
a
single
key
that
has
the
entire
content
of
the
response
for
cases
like
I
know
that
there
that
at
least
the
IBM
contingent
is
interested
in
making
a
V
cap
services
equivalent
or
implementing
V
cap
services
for
kubernetes
and
I.
Think
that's
a
valid
use
case
and
I.
Think
if
there's
a
mode
where
you
can
just
say,
hey,
dump
everything
into
this
secret
key
that
is
probably
going
to
make
implementing
D
cap
services
a
lot
of
you
here.
So
your
country
idea.
C
Oh
sorry,
you
go
ahead,
no
go
ahead!
Okay,
so
your
proposal
was,
for
specifically
the
credentials
a
secret,
but
I
think
that
this
discussion
was
started
based
off
of
the
secret
for
secret
parameters
for
the
instance
spec.
So
would
that
apply
in
this
case
as
well,
you'd
be
able
to
specify
or
or
what's
the
thinking
there.
A
A
B
E
F
D
E
B
A
B
B
E
B
A
That's
fine,
so
II
I
I
think
that
there
are
probably
also
two
different
modes
right
like
if
you
want
the
control
as
someone
that
is
sending
parameters
to
just
send
to
have
explicit
control
over
the
JSON,
then
there
might
be
a
case
where
you
could
reference
a
single
key
and
take
whatever's
in
that
key
and
send
that,
as
the
body
I
think,
there's
another
case,
which
is
probably
closer
to
what
folks
that
are
building
forms
that
will
collect
parameters
would
want
to
send,
which
would
be
that
you
might
specify
a
group
of
secret
keys
or
a
list
of
secret
keys
and
synthesize
a
body
that
includes
those
as
a
json
dictionary.
D
A
A
I
would
say
like
in
that
case
that
if
null
was
able
to
say
here's,
here's,
the
body
that
I
want
you
to
send
it's
in
this
particular
secret
key
or
possibly
a
config
mat,
see
that
that
would
that
would
enable
that
use
case
and
I
definitely
think
that
almost
everybody
else,
and
please
correct
me
if
this
is
an
invalid
assumption.
E
Well
actually
argue
that
that
further,
because
we've
got
to
convert
something
that
then
Jason
schema
format,
which
is
a
simple
key
map
to
a
secret
format,
which
is
not
great
secrets.
The
content
is
stored
when
you
create,
usually
as
data
string
or
data
text
or
whatever
it
is
right.
You're
making
the
client
do
the
conversion
to
about
a
secret
object.
E
G
G
D
Probably
not
if
you're
going
to
be
creating
a
secret
for
the
purpose
of
using
it
for
the
service
broker.
My
concern
is
somebody
who
had
a
pre-existing
secret
and
then
wants
to
send
it
all
into
a
broker,
just
the
basic,
the
good
strength.
There's
say:
well,
that's
fine,
but
because
you're
using
a
secret
for
some
other
purpose,
probably
you
may
not
be
able
to
get
the
names
at
the
broker
needs.
So
it's
up
to
you
to
do
some
kind
of
mapping
to
it
into
a
brand
new
secret.
Is
that
a
social.
A
I
dug
I
I,
don't
disagree
with
you
at
all
and
I
think
we
could
totally
do
both
of
these
I
think
I
think
the
specific
problem
that
we're
trying
to
solve,
which
we
should
keep
in
mind,
is
what
are
we
going
to
do
for
beta,
knowing
that
we
can
add
additional
modes
or
additional
flexibility
in
a
later
release?
So
maybe
this
is
like.
We
are
trying
to
find
that
80%
use
case
and
we
can
do
the
other
20%,
as
as
we
have
somebody
that
can
point
to
a
specific
use
case,
that
they
have
clear.
D
A
So
yeah
I
would
say
if
we
decided
to
go
with
that.
That
would
be
the
answer
and
can
also
say
if,
if
you
need
more
flexibility
in
doing
this,
I
would
love
to
have
an
issue
with
the
specific
use
case
created
in
catalogue,
so
that
we
could
consider
what
the
right
API
is
to
build
for
people
that
offers
more
flexibility.
A
Double
son,
okay
and
then,
as
we
as
we
find,
we
get
enough
feedback
from
users
that
we
feel
like.
Okay.
Well,
we've
covered,
we've
got
some
interesting
feedback.
We've
got
several
different
examples
of
things.
People
want
to
do,
let's
figure
out
how
to
add
one
or
more
additional
modes
to
do
those
we
can
do
those
in
a
backward,
compatible,
yeah.
D
A
D
D
It
doesn't
sound
good,
that's
fine,
but
could
we
not
infer
the
mode
based
upon
whether
they
use
a
to
find
property
name
versus
not
using
my
property
name
like
let's
say,
service
kinda,
like
parameters
or
something
like
that
where,
if
that
is
there,
it
has
to
be
the
only
one
there
and
there
it's
a
single
blob.
We.
A
Could
do
that,
so
that's
that's
actually
similar
to
how
the
API
for
volumes
is
constructed,
where
there's
basically
a
volume
source
type,
which
is
a
union
of
n
other
types
and
those
types
are
inline
so
that,
like
as
a
user,
when
you
go
to
write
a
memo,
you
just
say
give
me
an
AWS
BBS
volume
or
give
me
a
GCE.
Persistent
disk
volume
or
an
I
scuzzy
draw
I
scuzzy
volume,
and
you
can
only
specify
one
of
those
per
volume
definition.
But
you
don't
have
to
have
an
explicit
mode
field
if.
D
A
D
Maybe
I
wasn't
clear:
I
was
actually
wondering
whether
we
could
just
say
if
you
define
your
secret
with
a
single
key
of
this
special
name,
then
our
our
logic
knows
what
to
do
with
it.
It's
a
single
blob.
If
there's
anything
else
in
there,
then
it
treats
it
as
real
property
names
and
just
copies
verbatim,
all
every
someone
of
them
I.
A
D
B
A
A
B
This
has
been
an
open
question
for
some
time
now.
The
basic
of
it
is:
what
do
we
do
if
someone
tries
to
coop
CTL
delete
an
instance
where
there's
one
or
more
bindings
that
references
that
instance,
if
you
look
at
the
prior
to
Scott,
the
first
prior
discussion
link
yeah,
that's
part
of
issue
number
801.
What
we
our.
E
B
You
decided
on
or
I
shouldn't
say,
decided
on
what
we
originally
discussed
in
the
last
face-to-face
meeting.
We
had
was
to
somehow
pass
a
force
flag
to
coops
ETL
such
that,
if
you
could
say
TL
an
instance,
it
has
bindings
on
it,
it
would
fail,
and
if
you
could
CTL
force
delete
it,
then
it
would
just
automatically
cascade
delete
all
the
binding.
So.
B
Oh
I
have
I
I'm
just
going
over
just
like
the
prior
discussion,
so
I'm
not
I,
don't
necessarily
think
that
either
one
of
those
is
the
right
way
to
go.
But
Jessica
to
your
point,
maybe
do
you
want
to
describe
how
garbage
collection
might
solve
this
because
I
don't
really
have
much
much
better
than
that.
Yeah.
E
So,
basically,
when
you're
doing
garbage
collection
on
the
server,
so
what
we've
switched
to
in
our
own
console
for
end-users
is
by
default.
Well,
we
do
something
called
foreground
deletion,
foreground
deletion
says
delete
me,
but
first
go
delete
anything
that
I
own.
So
in
this
case
you
would
say
foreground
delete
the
instance
and
then
that
would
go
and
delete
all
of
the
findings.
Assuming
that
the
findings
had
owner
references
back
to
their
service
instance,
it's
just
what
we
would
probably
want
to
do
and
the
source
mode
is
what's
called
an
orphan
delete.
E
So
when
you
go
to
do
to
control,
there's
a
deaf
cascade
and
equals
false
option,
and
that
automatically
tends
to
do
an
orphan
garbage
collection,
delete,
and
that
says,
I,
don't
care
that
there
are
things
that
say
that
I
own
them
I'm
going
to
delete
me
immediately.
These
other
things
are
just
going
to
be
left
around.
E
D
D
E
A
B
A
A
Support
yet,
but
not
supported
right
now
and
the
if
I
remember
correctly,
the
behavior
of
the
of
Cloud
Foundry
is
that
if
you
have,
if
you
have
active
findings
or
do
you
have
findings
to
an
instance,
and
you
try
to
do
provision
that
instance
that
it
will
block
you
but
I,
don't
think
there
is
any
precedent
anywhere
in
the
API
for
a
resource
that
you
cannot
delete.
Sometimes
so
I
think
that
we
have
to
be
able
to
accept
the
delete.
I,
don't
think
we
can
block
the
actual
HTTP
deletion.
A
If
we
wanted
to
do
something
like
that,
we
might
have
to
make
the
semantics
such
that,
like
you
can
delete
it.
But
then
you
have
to
go
and
manually
delete
the
bindings
before
the
before
the
instance
will
be
deferred,
Ypres
vision,
but
I.
Don't
think
that's
a
great
experience,
probably
one
that
would
be
more
similar
to
how
things
work
in
kubernetes
is
one
where
your
bindings
would
get
garbage
collected
and
we
decided
to
leak
garbage,
collect
the
bindings,
unbind
them
and
then
do
the
deep
revision.
So.
B
Basically,
I
wrote
a
really
brief
proposal
and
issue
820.
That
says
there
is
a
new
field
on
the
spec
that
defaults
to
just
failing
so
accepting
the
delete
and
then
writing
a
status
in
a
instance
that
says
can't
delete.
There
are
bindings
open
and
if
you
set
that
field
to
I
think
I
called
it
cascade,
something
like
cascade,
binding,
delete
or
something
along
those
lines.
Then,
essentially,
our
controller
would
implement
foreground
deletion,
which
is
which
is
what
again.
That
was
what
I
have
referred
to
in
the
past
as
force
delete.
B
A
So
if
we
thought
that
we
were,
if
garbage
collection
wasn't
a
thing,
we'd
have
to
go
and
do
that
I
if
I
go
to
API
machinery,
and
anybody
else
obviously
welcome
to
join
me
and
say:
when
is
it
going
to
happen
and
they're
like
oh
well,
it's
funny
you
ask
because
the
pull
request
was
just
merged
and
the
cherry-pick
is
in
progress
right
now,
I
might
say:
okay,
let's
not
do
that.
I
think
it
kind
of
depends
on
what
the
the
remaining
time
until
we
can
get
it
from
the
core
is
okay.