►
Description
Kubernetes Storage Special-Interest-Group (SIG) Object Bucket API Design Meeting - 17 February 2022
Meeting Notes/Agenda: -
Find out more about the Storage SIG here: https://github.com/kubernetes/community/tree/master/sig-storage
Moderator: Sidhartha Mani (Minio)
A
So
good
morning,
everyone
jiffin
just
brought
up
that
the
cozy
website
is
outdated.
A
So
github
pages
is
currently
the
website
re-archive
this.
For
now,
let's
find
out
stop
publishing
website
who
knows,
does
anyone
know
no
unpublishing?
Okay,
there
you
go.
A
D
A
A
Let's,
let
me
make
sure
of
that.
A
All
right,
let's
go
bring
it
to
master.
A
Yep
so
latest
comment
is
here:
everyone:
okay,
with
that
getting
rid
of
this
website,
we'll
create
a
new
one,
all
the
way
from
scratch
when
we're
ready
again.
E
What
do
you
mean
you're
deleting
the
whole
repository?
What
is
that
we
have.
A
We
have
actually,
we
have
quite
a
bit
of
information
here,
so
this
is
just
a
lot
of
information
about
how
cosy
was
designed
before
how
to.
E
A
It's
just
on
github,
so
you
just
create
a
repository
by
this
name.
It'll
automatically
get
published
but
see
the
way
grant
set
up.
Cozy
is
by
following
these
stocks.
Oh.
A
E
A
E
Right,
I
know
yeah
I'll
just
yeah
there
anything
that
is,
you
know
you
think
it's
just
too
updated
that
you
just
want
to.
I
don't
know
it.
At
least
I
don't
know
if
that's
helpful,
but
if
the
this
whole
thing
is
helpful,
like
grant
actually
was
able
to
set
up
something
following
this,
and
would
you
keep
it.
A
Okay,
I'm
happy
to
hear
that
so
yeah.
We
are
a
little
behind
on
updating
this
website,
mostly
because
our
design
is
still
kind
of
in
flux,
so
yeah,
but
I'm
glad
it
helped
you
grant.
That
was
the
intention.
A
All
right,
so
so
so
for
those
of
you
joining
just
now
or
maybe
after
I
was
talking
about
the
review
process,
our
next
step
is
really
getting
our
review.
A
A
I've
done
it,
I
think
she's
very
busy,
but
but
I
think
yesterday
she
she
said
that
she
should
be
able
to
find
some
time
to
take
a
look
at
this,
but
as
of
right
now,
unless
someone
has
something
to
bring
up
they're
exactly
where
we
were
last
week
at
least
next
week
we
have,
we
will
have
the
opportunity
to
bring
up
cozy
during
the
sixth
division
meeting
and
and
have
others
take
a
look,
but
but
as
of
right
now
we
you
know
not
much
has
changed.
A
So
you
know
what
I
was
planning
was.
We
will,
you
know
we'll
reconvene
next
week
when
the
review
is
done
and,
and
I'm
fairly
positive
it'll
be,
you
know
we'll
have
we
have
we'll?
Have
someone
take
a
look
at
it
and
and
next
week
at
least
it's
there's
something
actionable
there'll,
be
a
six
storage
meeting
where
I
can
bring
it
up.
A
Okay,
all
right
so
shane
is
there
anything
we
should
you.
You
want
us
to
discuss
other
than
doesn't
the
review
part.
E
I
don't
have
anything
really
just
that's
the
most
important
things.
You've
got
to
review
down
that
capyan.
A
Yeah,
how
about
ben
or
jeffen
any
of
the
so
so
so
I
believe
the
piero
is
merged
for,
for
the
grpc
namespace
reservation
is
that
right.
E
A
That's
good
all
right,
yeah
and
I
saw
that
yeah,
and
I
saw
that
you,
you
auto,
generated
the
files
and
rest
of
the
stuff,
so
yeah.
D
A
To
know
all
right,
so
okay,
so
there
is
another
thing
we
can
discuss,
which
is
so
you
know
we
are
all
agreeing
on
this
design.
More
or
less
I
mean
really.
The
reviewers
are
not
going
to
have
this
fundamentally
change.
A
A
F
E
A
Right,
I
I
agree
with
you
entirely:
okay,
so
here's
the
here's,
the
things
that
need
to
move
in
locks
type
when
changing
the
api.
So
if
you're
changing
the
api-
and
you
know
we
could
be
changing
the
api
but
not
changing
the
grpc
spec.
A
So
if
you're
not
changing
the
jrpc
spec,
it's
easier,
but
here's
the
api
repository
yeah,
we
can
go
ahead
and
change
the
api,
but
once
we
do
that
we'll
have
to
go
ahead
and
update
every
other
project,
because
every
other
project
depends
on
this.
Otherwise,
anyone
who
pulls
code,
I
think
goget
by
default,
tries
to
get
the
latest
one.
It
will
fail.
A
I
think
it
also
does
some
kind
of
constraint
matching
nowadays.
So
I
think
we
should
be
okay
on
that
front
too,
but
but
I
would
say
once
we
once
we
change
the
api
we
should.
We
should
also
immediately
update
the
rest
of
the
rest
of
the
repositories.
So
so
I
like
what
jiffy
was
saying
so
jeffen
can
I
can
I
rely
on
you
to
remove
whatever
is
not
being
used,
so
we're
not
using
bucket
requests
anymore,
we're
not
using
bucket
access
requests
anymore.
A
C
A
And
the
other
thing
is
bucket:
bucket
access
is
defined
as
a
non-name
space
object
in
in
the
in
the
old
definition.
A
So
this
needs
to
be
changed
to
a
namespace
one,
and
there
are
fields
that
have
changed.
It's
not
the
same
as
what
it
was
before.
A
So
we
need
to
make
sure
that
is
done
correctly
as
well.
Yeah,
that's
about
it.
I
think
apis
classes
are
pretty
much
the
same.
Nothing
has
changed
on
the
class
front,
but
there
are
some
changes
in
in
how
the
bucket
claim
and
bucket
access
work.
A
A
You
know
we
pay
some
attention
to
detail
and
and
that's
about
it
yeah
and
then,
and
then
we
we,
we
had
a
generic
controller
pre-built
so
that
anyone
could
just
implement
the
controller
rather
than
having
to
use
the
operator
framework
or
anything
like
that.
I
don't
think
any
changes
are
needed
here.
I'm
not
sure
just
make
sure
this
is
also
taken
care
of
if
you're
updating
the
api.
A
Yeah
and
then,
and
then
we
have
the
controller
repository,
so
I'm
just
going
over
the
code
so
that
so
that
people
wow
it's
two
years
old,
I'm
just
going
over
the
code
so
that
people
can
you
know
whoever
wants
to
contribute,
can
get
started
quickly
everywhere.
We
follow
the
regular.
A
You
know
the
standard
kubernetes
way
of
writing
code,
as
in
the
way
we
distribute
the
responsibility
into
packages,
so
you
know
command
package.
It
all
means
the
exact
same
thing
that
that
you
know
you
would
expect
it
to
mean
yeah.
So
so,
once
once
the
api
is
updated,
we'll
have
to
update
the
controllers.
Here.
A
I
think
we
can
move
the
specific
controllers
under
package
controllers.
We
have
bucket
request
and
bucket
access
request
here,
yeah,
so
so
this
needs
to
be
updated.
So
what
will
be
the
responsibility
of
the
controller?
Now
that
we
have?
We
don't
have
a
bucket
request
or
a
bucket
access
request,
as
in
bucket
claim,
will
lead
to
the
creation
of
a
bucket.
A
A
C
Claim
to
the
bucket
yes
or
not
like
you
can
do
like
the
people
can
create
bucket
and
then
create
the
bucket
claim
right
like
it
can
be
otherwise.
A
Yeah
I
was
getting
to
that
yeah
good
point.
So
what's
the
what's
the
what's
the
latest
decision
on
that?
What
did
we
decide?
It
escapes
my
memory
right
now,
but
let's
take
a
look.
A
A
So,
on
the
controller
we'll
have
a
bucket
claim
sitting
on
the
control
area.
On
the
controller,
we
have
a
bucket
claim
listener,
which
has
two
things
it
does.
One
is
the
new
bucket
goes
and
creates
the
intermediate
bucket
object
if
it's,
if
it's
an
existing
bucket
it
just
binds
and
while
binding.
A
A
A
F
F
Other
people,
you
can
try
not
to
delete
it
out
from
other
people,
either
way.
There's
downsides
right,
if
you,
if
you
can't
delete
it
as
long
as
someone's
accessing
it,
then
a
malicious
user
can
prevent
you
from
deleting
a
bucket
or
if
you
can
delete
it,
while
someone's
accessing
it.
Then
a
malicious
user
can
delete
your
buckets
either
way.
Malicious
users
can
do
bad
things.
A
F
F
F
D
F
A
Yeah
yeah,
I
think
I
think
that's
the
best
way,
all
right,
but.
F
A
Bucket
x,
yeah,
as
soon
as
a
bucket
is
marked
with
the
deletion
time
stamp.
I
don't
think
we're
gonna
love
any
new
bucket
claims
to
buy
into
it
right
or
bucket
access
to
access.
It.
F
F
F
It
could
be
as
little
as
two
it
depends
how
you
want
to
structure
your
side
cards
like
within
the
csi
world.
We
decided
to
separate
out.
You
know
provisioning
from
attaching
those
two
super
side
cards
to
do
those
things
and
there's
even
a
third
and
a
fourth
side
card
that
do
resizing
and
snapshotting,
and
you
know
that's
how
they've
decided
to
do
it.
On
the
csi
side,
we
could
have
a
one
giant
side
card
that
does
all
the
things
or
split
it
out.
Similarly,.
A
Right
right,
so
I
think
it's
okay
to
start
with
one
sidecar
right
now,
I'm
just
saying
that,
because
we
don't,
I
don't
see
them
as
having
different
responsibilities.
A
The
only
thing
our
site
car
does
is
well
this.
These
two
two
things
it
does
one
is
create
the
bucket
or
manage
buckets.
The
other
is
manage
access,
but
they're
all
for
the
same
driver.
A
Isn't
it.
Why
are
the
moving
pieces.
F
F
Giant
finally,
simplicity:
modularity,
like
you
know
a
side
card
that
just
does.
One
thing
is
still
thousands
of
lines
of
code
yeah,
it's
it's.
None
of
this
stuff
is
easy
and
so
to
try
to
cram
multiple
things
into
one
binary
makes
it
that
much
harder
to
wrap
your
mind
around,
but
if
we
can
manage
to
wrap
everything,
cozy
does
into
one
side
card,
which
I
think
we
can.
Then
then
that's
great.
A
Yeah,
I
I
buy
all
these
arguments
yeah.
The
other
way
is
also
not
so
bad
having
everything
in
one
one
binary
is
also
not
terrible.
That's
why
I
was
curious
anyway,
so
so
then,
I
think
I
think
we
have
a
clear
approach
on
how
we're
gonna
handle
deletions,
which
is
we're.
A
Gonna,
have
a
an
index
informer,
so
a
local
cache
in
memory
cache
of
the
current
state
of
all
the
all
the
bucket
accesses
in
the
system,
and
whenever
a
bucket
deletion
starts
up,
we
make
sure
that
no
in
no
no
bucket
access
is
pointing
to
that
the
bucket,
which
is
you
know,
going
to
be
deleted,
and
if
not-
and
we
wait
until
that's
true
so
so,
how
do
we
wait
until
that's
true?
So
do
we
just
kind
of
respond
to
every
bucket
access
update
event.
F
It's
I
guarantee
you,
it's
gonna
be
more
complex
than
you
could
possibly
imagine,
based
on
based
on
all
the
code.
I've
seen
in
csi,
like
it's
really
really
simple
things,
take
a
thousand
lines
of
code,
yeah.
A
Yeah
yeah
I'm
yeah.
F
A
So
getting
back
so
so
all
right,
who
can
I,
who
can
I
ask
to
to
work
on
this,
so
I'm
also
going
to
be
working
on
all
of
this
just
to
be
clear,
but
but
I
I
do
encourage
everyone
else
to
contribute
grant.
I
know
you
made
some
prs
recently.
D
Yeah
I
can
help.
I
helped
with
the
snapshot
controller
in
the
past
as
well,
so
I
can
sweep
thanks
okay,
so.
A
We
have
more
people
here,
so
I'm
going
to
be
signing
up
more
people
all
right.
So
then,
once
that
is
done,
we
have
the
sidecar.
What
did
we
call?
It.
A
All
right
the
sidecast
job.
Now
I
mean
it's
remained
the
same,
which
is
to
provision
buckets,
go
talk
to
the
back
end
and
create
the
actual
bucket,
and
the
other
one
is
to
provision
access,
talk
to
the
backend
and
create
access
credentials
and
so
on
and
then
revoke
it.
So
this
was
even
back
then
not
fully
done.
The
creation
and
deletion
of
buckets
was
was
in
good
shape,
but
bucket
access
creation
and
deletion
wasn't
really
anywhere
good.
I
think
that's
the
best.
I
remember
so.
A
We
had
a
bunch
of
issues
with
the
with
the
life
cycle
of
bucket
access,
oh
right
and
and
also
we
didn't
have
a
concept
of
im
based
access
back
then.
A
So
so
this
also
needs
an
update.
The
the
functions
are
not
like
early
said:
it's
not
what
I
earlier
said
that
that
it's
going
to
remain
pretty
much.
The
same
is
not
true.
There
are
changes
needed
here
quite
a
bit,
so
so
so
on
this
side
we
need
to
deal
with
iam,
based
authentication
and
also
we
need
to
make
sure
we
update
it
to
reflect
whatever
changes
are
going
to
be
made
in
the
api.
A
A
F
I'm
sorry
I
was
gonna
say
I
I
I
can't.
A
It's
it's
okay,
this
is
yeah,
I
didn't
you
know
I
can
I
can
I
can
cover
it.
You
know
I
can
call
for
anyone
anything
that's
needed.
It
was
more
of
a
making
sure
we
had.
We
had.
A
We
had
things
planned
and
then
whoever
can
contribute.
It's
it's
easier,
if
I
just
ask
directly,
rather
than
asking
people
to
sign
up
only
because
the
code
is
kind
of
stale
and
we
kind
of
have
to
figure
things
out
all
over
again.
Nobody
has
this
code
in
context
or
in
mind.
Yet
at
this
point
so
yeah.
A
Asking
directly
and
it's
totally
okay
to
say
no
so
anyways,
okay,
that's
the
state
of
things,
I'm
glad
we
went
over
the
court
today.
So,
let's,
let's
continue
waiting
for
the
review
and
next
week
you
know
everyone.
I
I
encourage
you
to
show
up
at
the
sixth
storage
meeting
and
and
I'll
definitely
be
bringing
up
this
review
for
cozy
and
and
yeah.
A
Let's,
let's
try
to
push
over
there,
and-
and
I
was
also
wondering
this-
is
a
question
for
you
shane-
should
we
should
we
bring
saad
to
take
a
look?
Maybe
if
michelle
is,
I.
B
E
Think
you
should
just
just
just
yeah,
because
since
michelle
has
already
gone
very
deep
with
this
okay,
but
if
in
next
you
know
in
the
sixth
georgia
meeting
by
that
time,
if
she
still
have
not
reviewed
it.
Definitely
sad
is
also
in
that
meeting
at
that
time,
but
maybe
he
will
maybe
he
will
have
more
time
now.
E
But
but
I
mean
the
problem:
is
that
every
time
you
view
it,
they
will
have
their
own
questions
right.
So
if
you
switch
a
reviewer
does
not
mean
it's
going
to
go
faster,
you
know
what
I
mean
they
will
so
I
think
yeah.
I
think
michelle
already
getting.
I
think,
just
getting
a
last
set
of
questions.
I.
F
E
E
A
Makes
sense
so
how
about
is
michelle?
Also
at
google.
E
A
A
Wasn't
there
someone
from
red
hat,
who
was
involved
with
cozy
early
on,
like.
E
She's
in
the
what
is
that
tlc
cncfts
yeah,
so
she
has
not
joined
the
sixth
stage
meeting
for
a
very
long
time.
I.
E
A
Wondering,
okay,
all
right
good
to
know.
I
think
that's
all
from
me.
If
anyone
has
anything
else,
now
is
a
good
time
to
bring
it
up.
A
Okay,
I
think
we
can
end
the
meeting
now
thanks
thanks
everyone,
let's,
let's
meet
again
next
week
and-
and
I
I
have
a
good
feeling
about-
I
think
there'll-
be
progress
on
the
review
by
that
point.