►
Description
Kubernetes Storage Special-Interest-Group (SIG) Object Bucket Review Meeting - 01 October 2020
Meeting Notes/Agenda: -
Find out more about the Storage SIG here: https://github.com/kubernetes/community/tree/master/sig-storage
A
Okay,
so
last
week,
where
we
left
off,
we
were
talking
about
what
monday,
where
we
left
off.
We
were
talking
about
how
the
development
is
coming
along.
As
of
as
of
today,
we've
started
working
on
the
sample.
Provisioner
we've
got
a
new
developer
sergeant,
helping
out
with
that
and
development,
as
of
right
now
is,
is
going
at
a
good
cadence
and
and
it's
moving
forward,
I
would
say
we're
still
on
track
to
do
the
demo
in
a
few
weeks
again.
A
That
is,
I
I
want
to
have
a
high
quality
code,
not
prototype
level
code
and
and
have
it
with
testing
in
place
and
do
the
demo,
as
as
the
end
point
of
finishing
a
certain
number
of
tasks.
A
So
the
demo
is
going
to
include
the
simplest
use
case
of
creating
a
green
field
bucket,
creating
a
bucket
access
for
that
green
field
bucket
and
then
giving
that
bucket
to
a
part
by
by
through
the
node
adapter.
A
Moving
forward,
we
have
some
good
news,
so
my
talk
for
cubecon
2020
was
accepted.
We're
going
to
be
talking
about
cozy
and
and
yeah
it's
going
to
be
exciting
and
I
we
we
will
definitely
get
more
visibility,
probably
more
contributors
after
this
stock.
I
think
that'll
be
good.
A
So
the
talk
we
originally
submitted
was
with
the
john
cope,
and
I
I
don't
know
if
everyone
here
knows
john
koh,
but
he
was
leading
this
group
before
I
came
along
and
when
we
both
were
here
at
one
point,
we
decided
to
submit
this,
I'm
not
sure
if
john
is
going
to
speak
at
this
stock.
This
time,
however,
if
john
cannot
make
it
jeff
who
is
taking
out
jon's
version
will
will
help
us
out
with
that.
A
So
it'll
be
me
and
jeff,
if
not
me
and
john
or
john,
and
I
going
to
the
next
thing,
so
the
deadline
for
cap
merging
is
is
coming
up
it's
very
very
soon,
so
I
want
to
spend
a
majority
of
the
time
today
going
over
anything
left
in
the
cap.
That
needs
to
be
fixed.
A
We
got
a
bunch
of
feedback
this
morning
from
andrew.
Thank
you
so
much
andrew
and
you
know
I
would
like
to
go
through
them
and
answer
the
questions
that
are
there
or
figure
out.
If
there's
anything,
we
don't
know
that
we
need
to
answer
in
a
different
way,
so
I'm
going
to
open
up
the
email
so
so
andrew.
I
haven't
had
a
chance
to
go
through
this.
It
came
in
like
what
seven
minutes
ago.
I
know
sorry
about
that.
A
It's
okay,
so
are
these?
Are
these
mostly
like?
Are
there
any
technical
issues,
or
most
of
them
seem
to
be
about
just
the
wording
or
several
rewarding
related.
B
Probably
the
biggest,
I
have
two
sort
of
general
questions
that
are
technical
questions
and
they're.
Not
necessarily.
I
think
you
got
a
wrong
comments.
They're
more
like
I
don't
quite
understand,
okay,
the
first
is
around
anonymous
access
mode.
B
The
the
driver,
the
the
cap
says
basically,
oh
yeah.
This
basically
doesn't
have
any
effect,
in
which
case
I
I
I
don't
know
if
that
statement
means
that
really
or
yeah
yeah.
So
that's
what
I
was
kind
of
trying
to
to
get
at
there.
Okay,
so
I
yeah.
Let
me
open
it
up
and
I
can
quote
you
the
actual,
no.
B
C
Right
yeah,
I
was
on
mute
andrew.
You
know
this
is
a
carry
over
some.
I
think
it's
john's,
it's
john
wrote
it
and
I'm
not
sure
I
fully
understood
how
it
was
used
and
I
sort
of
as
I
was
refreshing,
the
kept
didn't
really
focus
much
on
there.
My
understanding
was,
if
you
don't
have
a
more
formal
policy.
This
is
a
way
to
say:
what's
the
access
for
generally
open
buckets
for
anonymous
access,
non-user,
non-specific
user
type,
access
policies?
What
what?
B
Yeah,
I
just
don't
understand
how
this
would
be.
I
mean
I
I
could
understand
if
if
if,
if
this
actually
should
be
reflected
in
setting
public
read-only
access
to
the
bucket,
but
that
line
below
it
says:
oh
no,
no
we're
not
going
to
do
that.
So
that's
I'm
just
confused!
That's
all
because
it's
just
decoration,
I'm
not
really
sure.
I
understand
why
it's
there.
A
One
answer
to
this
is
yeah:
maybe
it
shouldn't
even
be
there,
but
I
think
we're
trying
to
say
that
generally
in
object,
storage,
you
know
there
is,
I
think,
four
different
ways
of
setting
access
or,
or
you
know,
doing,
access
management
and
accols,
iam
and-
and
there
is
this
catch-all
bucket
level
policy
which
is
anonymous,
access
which
does
not
follow
the
im
way
or
the
echo
way,
or
I
think
there
is
another
way
to
do
it
sts,
I
think
token
service.
A
So
so
I
think
that's
what
we're
trying
to
say
technically,
it
doesn't
use
articles
or
im
policies
to
achieve
this.
Okay,
so
so
I
think
it's
just
the.
C
So
the
note
to
me
andrew
reads
if
you're
using
anonymous
access,
if
you
set
that
in
the
bucket
class,
it
does
not
impact
any
of
the
underlying
object
stores
policy.
C
B
C
Yeah,
I
guess
I
guess
I
see
the
source
of
compute,
I'm
saying
that
if
the
you,
if
a
bucket
class
describes,
defines
an
anonymous
access-
and
so
it's
reflected
in
the
bucket
instance-
object-
which
is
what
we're
looking
at
here-
the
the
cosy
itself
isn't
going
to
make
any
kind
of
driver
call.
So
what
the
grpc
will
pass
in
this
private,
public
or
public
settings.
The
three
public
settings
are
private
right,
we'll
pass
that
down
to
the
driver.
A
C
No
we're
just
looking
at
anonymous
access
is
in
is
in
the
bucket
class,
so
we're
talking
green
field
buckets
only
and
it's
copied
into
the
bucket
instance
right.
So.
B
C
Talking
about
it
andrew's,
looking
at
our
definition
and
oh
the
definition,
it
doesn't
have
the
note
in
bucket
class
like
it
does,
for
the
bucket
instance.
If
you
go
to
the
bucket
instance
and
you
look
at
anonymous
access
description,
number
six
you'll
see
a
note
after
it
says,
does
not
reflect
or
alter
the
backing,
storage,
apples
or
iam
policies.
C
A
No,
no
yeah.
I
don't
think
that
statement
is
correct.
So
so
that's
like
saying:
if
anonymous
access
mode
is
set,
then
we
don't
do
anything
with
eccles
or
iom
policies
correct.
C
Is
isn't
that
what
you're
saying?
No,
I'm
saying
that
in
the
app
in
absence
of
more
restrictive
policies
we
would
default?
We
would.
We
would
expect
the
anonymous
access
to
be
followed.
B
Right
but
but
following
anonymous
access,
I
mean
there's
two
parts
to
this.
One
is
imagine
this
is
applying
to
greenfield.
How
do
you
implement
that
right?
That's
the
first
problem,
the
second
problem,
which
is
what
sid
just
kind
of
mentioned,
which
is
okay.
What
are
the
implications
on
bucket
access
when
you've
got
anonymous
because
you
don't
need
any
kind
of
credentialing
if
anonymous
access
is
available
right,
and
so
it
almost
strikes
me
that
this
ought
to
be
moved.
This
whole
concept
ought
to
be
moved
into
bucket
access.
C
B
A
B
Right
so
so
right,
presumably
if
it's
anonymous
access,
that
means
it
does
not
require
any
kind
of
credentialing,
either
the
identity,
mapping
or
downloaded
credentials
right.
So
fine,
that's,
okay!
I
don't
know,
I
don't
argue
with
that
as
a
potentially
desirable
thing.
My
question
is:
how
do
you
model
that?
B
A
So
yeah
I
mean
there's
still
reasons
to
have.
You
know
credentialed
access,
like
for
rate
limiting,
say
if
you
want
to
go
over
the
default
rate
limits
you
want
to
be.
You
know
an
authenticated
user.
B
I'm
sorry
sid,
I
didn't
mean
there's
no
point
in
having
credential
access.
I
meant
in
a
world
in
a
scenario
where
the
workload
wants
to
access
something
anonymously
right.
So
how
do
we
say
that
I
don't
think
it
makes
sense
to
put
that
particular
access
question
on
the
base
bucket
itself.
It
seems
like
that
really
ought
to
be
an
option
that
can
be
put
in
the
bucket
access
request.
A
Right
yeah,
I
think
what
you're
saying
makes
sense
in
terms
of
the
workflow.
It
doesn't
model
what
the
clouds
do.
Today,
though,
the
the
anonymous
access
itself
is
a
policy.
That's
for
the
entire
bucket
and
and
the
the
layer
of
abstraction
is
the
bucket.
Where
this
is
set
a
bucket
access.
B
Yeah
so
so
I
take
your
point
so
so,
let's
look
at
it
this
way.
So
fine
we
want
to
make
this
private
basically
means.
Don't
do
anything
in
this
case
right.
The
three
different
publics
would
reasonably
be
expected
to
then
at
the
time
that
you
are
provisioning
this
bucket
to
set
these
public
access
modes
and
yeah
your
point
being:
is
this
isn't
specific
for
user?
So
it
shouldn't
be
on
bucket
access,
but
that's
fine.
I
get
that,
but
then
what
do
you
do
for
bucket
access
when
you
want
to
access
a
bucket?
B
That
is
a
public
bucket.
How?
In
other
words,
there
has
to
be
an
option
that
says
I'm
going
to
be
accessing
this
bucket.
Give
me
the
end
point
for
it,
but
don't
try
to
give
me
any
credentials
and
don't
try
to
set
up
any
kind
of
workload,
identity,
mapping
or
anything
like
that,
because
I
just
know
that
I'm
going
to
be
able
to
access
it
anonymously.
C
Yeah,
what
you're
saying
is
that
it
seems
like
we
need
to
expose
this
concept
of
anonymous
access
in
the
bac
as
well.
C
B
Yeah
and
and
further,
I
think
that,
based
on
what
I
the
way,
the
way,
what
that
I
heard
is
that
setting
this
public
read-only
public
right-only
public
read
write
does
have
an
impact
on
the
back
end.
It
is
expected
to
implement
that
on
the
back
end.
So
this
note
here
is
a
little
misleading.
It
isn't
misleading
because
yeah
it
doesn't
impact
apples
or
iam
policies,
but
it
does
move
back
to
back
end.
A
Right
right,
so
I
think
I
think
what
we
can
do
is
to
move
forward.
I
think
one
we
should
definitely
take
this
note
out.
I
don't
think
it
clarifies
anything
and
it
definitely
adds
confidence.
C
The
note
can
be
removed,
you're
right
because
it
doesn't,
it
just
confuses.
I
think
I
think,
because
we
still
want
this
concept
of
anonymous
access.
A
Yeah
yeah
I'm
going
into
that,
so
okay,
so
about
that,
I
think
I
think
modeling
anonymous
access
is
something
which
might
need
a
I'm,
not
sure
if
we
need
a
longer
discussion,
but
I
think
it's
worth
having
it.
I
think
I
think
this
is
so
so
earlier
we
talked
about
how
you
know
we
were
sure
there
were
going
to
be
some
changes
that
will
come
into
the
cap
even
after
the
cap
goes
through.
A
This
is
the
first
thing
you'll
have
to
address,
and
I
think
this
this
anonymous
access
is
with
the
current
workflow
it'll
still
work
except
you
know
you
will
go
through
the
credentialed
way
of
doing
things.
However,
in
order
to
really
model
anonymous
access,
I
think
I
think
we
can
have
that
discussion
after
the
the
kept
deadline
after
we
go
through
with
the
with
the
cap
process.
A
A
I
think
so
I
don't
think
there's
much
ambiguity,
maybe
I'm
getting
it
wrong.
But
if
the
worst
case
scenario
is
there's
going
to
be
an
anonymous
access
mode
and
credentials
are
always
going
to
trump
that,
regardless
of
what
the
anonymous
access
mode
is.
A
So
one
of
them
could
be,
you
have
a
you,
have
a
like
a
website,
the
workloads
that
have
credentials
right
to
it,
but
the
public
can
read
from
it.
Anyone
can
go
to
the
website,
see
its
contents.
So
the.
B
A
Right
yeah
so
yeah
to
move
forward.
Let's
remove
this
note
and
I
think
yeah
we
can
have
a
lot
longer
discussion
about
this
in
the
future
right
next
right
after
you
know,
the
the
cap
gets
reviewed
and
hopefully
merged.
Let's
go
to
the
next
comment.
B
Oh
yeah,
that
was
there's
some
small
typos
and
things
yeah.
A
B
And
then
we're
using
azure
blob
and-
and
I
don't
know
if
there's
a
url
format
for
azure
blob
storage,
but
is
the
protocol
azure
blob
in
that
like
in
the
case
of
gcs,
the
protocol
is
gs
colon
just
like
s3
colon,
so
I'm
wondering
if
there
isn't
an
a
b
colon
or
something
like
that.
I
don't
know
yeah
hey
chris.
Do
you
think
you
could
check
that
out.
C
Chris,
I'm
not
sure
chris
is
on
the
meeting.
He
had
a
conflict
during
the
first
half
of
this
meeting.
A
Okay,
no
worries
yeah.
We
will
look
into
it
for
azure
storage,
apis
bucket
request,
parker
instance
name.
You
want
to
make
sure
there's
a
discussion
of
the
binding
logic
for
brownfield
case.
B
Well,
I
can
mention
that,
because
that's
that
is
my
other
one
of
my
other
question
areas.
So
let
me
let
me
up
level
just
one
thing.
As
I
was
reading
the
the
cap,
I
was
very
much
trying
to
put
myself
in
the
position
of
an
app
developer,
trying
to
decide
which
of
these
fields
to
use,
and
I
would
say,
as
a
meta
comment,
it
is
not
always
obvious
why
I
would
use
a
particular
field,
whether
it
was
optional
or
not,
and
what
I
should
supply
to
get.
B
What
behavior-
and
I
know
this
is
an
authorship
issue,
it's
less
of
a
technical
issue,
but
it's
difficult
to
fully
reason
about
things
when
it's
not
super
clear
what
the
intent
is
and-
and
sometimes
I
feel
like-
I'm
not
even
sure
that
keph
itself
has
consistency
of
intent.
The
language
is
a
little
bit
different
in
an
access
versus
you
know
or
the
you
know
the
namespace
versus
non-name
space
or
etc.
B
But
as
far
as
this
particular
comment,
though,
I
think
that
the
answer
is:
we
can
control
namespace
level
access
to
from
the
bucket
side,
and
so
it
is
sufficient
in
the
bucket
request
side
to
just
name
the
bucket
and
then
as
long
as
your
name,
space
is
allowed
you're,
the
one
that
gets
to
buy
in
the
bucket,
as
opposed
to
forcing
the
bucket
to
to
have
a
back
reference
in
order
to
make
the
binding
happen.
A
The
the
consistency
issue,
basically,
so
we
have
a
lot
of
contributors,
who've
been
working
on
this
over
a
long
time.
A
I
would
say
it's
getting
more
and
more
consistent
from
where
it
was
before,
and
you
know
this
is
how
it
goes
when
lots
of
people
are
working
on
it
with
very
different
backgrounds,
and
you
know
different
experiences.
A
Yeah,
I
think
you
know
we'll
we
will
have
definitely
have
to
write
good
documentation,
which
is
a
part
of
our
milestone
and
also
the
api
review
process
is
going
to
get
into
all
of
this.
So
I
think
we
we're
we're,
set
up
to
go
through
this
at
a
higher
higher
detail
and-
and
you
know,
get
it
right
so.
B
Basically,
how
you
support
the
various
scenarios,
the
various
scenarios
being
workload,
identity,
a
driverless
kind
of
thing
which
says
hey.
I
got
everything
defined
here.
You
don't
need
to
invoke
a
driver
at
all
and
the
third
being.
I
want
you
to
actually
go
mint.
What
you
need
to
mint
on
the
server
and
give
me
credentials
back
so
the
case
where
you
provide
the
sorry.
Let
me
I
have
to
look
at
the
actual
cap
here
when
you
provide
the
secret.
The
service
account
name
that
I
think
that
that
feels
fairly
clear.
B
B
A
C
Don't
know
if
I'm
on
you
now
we
can
hear
you,
okay,
yes,
I'm
reading
the
description.
I
think
that
I
agree
that
this
is.
This
is
a
case
where
I
already
have
access
to
the
back-end
store
and
I'm
putting
my
access
tokens
in
a
secret
in
my
own
name
space
and
I'm
supplying
that
secret.
C
Because
my
workload
can
just
consume
the
secret
through
environment
variables,
it's
my
own
secret
or
or
through
a
as
a
file
mount
any
either
way.
So
I'm
not
I'm
not
sure.
B
A
The
that's
the
right
answer,
so
I
think
this
has
been
left
over
from
again
from
from
the
previous,
I
think,
yeah
so
yeah.
So
this
is
good.
This
is
how
it
gets
removed.
So
yeah,
I
think
we
can.
We
should
remove
this
field
because
we
added
we
added
the
minted
secret
name
here,
which
is
what
holds
the
actual
secret
and
in
a
static
brown
field
case.
The
admin
would
create
the
bucket
access
with
the
secret
provided
here
not
here.
A
A
B
Sorry
wait.
Andrew
did
you,
were
you
finishing,
I
don't
think
other
than
the
knits,
but
the
knits
are.
You
know,
we've
already
kind
of
talked
about.
Most
of
them.
D
C
But
from
cozy
point
of
view,
guy
we
are
just
going
to
write
to
the
volume
for
the
endpoint
information
and
the
credential
tokens
and
the
and
the
app
will
have
to
consume
those
whether
it
can
use
projected
volume.
I
don't
know
that
concept
exists,
but
I
don't
know
if
that
works
for
csi
driver
volumes
or
not
node.
A
D
And
about
the
the
actual
format
of
what
it
gets
to
the
volume?
Is
that
something
that
can
be
changed
per
the
protocol
or
the
provisioner?
Or
is
that
okay.
A
Yeah
it's
set
by
the
provisioner
and
and,
and
you
know
the
provisioner
sets
it-
creates
a
secret
from
it.
That
then
later
on
gets
mounted
through
the
csi
into
into.
C
D
A
D
Any
changes
to
it
so
it
becomes
just
files
flat
file
names
that
can
be
mounted
to
wherever
the
workload
decides.
A
C
All
right
so
a
secret
in
the
provisioner's
name,
space
we
have
a
secret
and
our
our
csi
node
adapter,
also
called
a
csi
driver.
Reads
that
secret
and
writes
it
to
the
volume
in
the
pod
csi
volume
section
right.
C
Are
you
asking
or
he's
telling
jeff
I'm
saying
that's
my
understanding
of
how
it
works,
because
I
wanted
I
I
wanted
to
make
sure
that
we
aren't
cozy,
isn't
creating
or
copying
a
secret
into
the
user
name
space.
It's
not,
and
I
wanted
just
to
make
because
that
one
one
of
these
earlier
iterations
we
were
doing
that
side
and
we're
not
doing
that
got.
A
C
A
Okay
moving
forward,
so
how
much
time
do
we
have?
Okay,
so
so
we'll
carry
out
the
changes
right
away
actually
and-
and
it
seems
like
most
of
all-
of
the
changes
so
far
are
not
major
and
we
can
do
them
quickly.
A
I
want
to
acknowledge
that
the
next
thing
we'll
talk
about
possibly
starting
next
week,
is
modeling
anonymous
access
a
little
bit
more
clearly
and
how
it
kind
of
works
alongside
the
current
im
style,
access
or
bucket
access
that
we're
doing
the
next
step
is
after
the
cap
gets,
reviewed
and
merged
would
be
api
review
so
about
the
api
review.
A
So
I
just
want
to
find
out
what
that
process
looks
like,
and
what
would
we?
What
would
we
need
to
do
in
order
to
you
know,
get
that
started
just
as
a
question
just
says,
you
know
trying
to
figure
out
what
to
expect
as
the
next
step.
A
So
can
someone
sad
or
shane
or
anyone
who
knows
about
this
help
me
understand
that.
E
And
then
it's
basically
like
a
code
review,
and
you
know,
they'll,
go
in
and
place
comments
and
questions
as
they
have
about
the
api
and
give
their
sign
off
on
it.
F
Label,
one
of
us
can
do
that:
shangri-probably,
okay,
good
once
you're
ready.
Just
let
us
know,
and
we
can
do
that
all
right
sounds
good.
A
Okay,
yeah,
I
think
I'm
a
little
clearer
now
yeah,
when
we,
when,
after
we
get
merged
with
the
provisional
status
and
after
we
finish
the
modeling
of
anonymous
access
and
anything
else
that
comes
up,
I
think
we
can
start
the
api
review
right
after
that.
C
Xing
had
a
comment
related
to
api
review
or
someone
did
that
the
expectation
is
that
we're
showing
them
go
structures,
not
yaml
or
maybe.
G
A
See
I
see
okay
got
it
all
right,
all
right,
so
that's
all
I've
got
for
today.
If
the
does
anyone
have
any
other
questions.
A
Great
okay,
so,
let's
so
we
can
end
the
meeting
now
we'll
carry
out
the
changes
very
quickly
and
yeah.
Please
do
a
final
review.
Jing
saad
and
everyone
else
here
and
you
know,
give
us,
give
us
feedback
and
we'll
be
able
to
respond
to
that.
Also
right
away.