►
Description
Kubernetes Storage Special-Interest-Group (SIG) Volume Populator Design Meeting - 02 March 2021
Meeting Notes/Agenda: -
Find out more about the Storage SIG here: https://github.com/kubernetes/community/tree/master/sig-storage
B
Let
me
ask
you
a
lot
of
sources.
Let
me
ask
yeah,
let
me
ask
a
different
question
so
and
I
apologize
because
that
my
memory
for
details
is
terrible.
If
we
leave
the
existing
behavior,
where
we
auto
clear
it
and
we
add
the
populators
we
follow
through
with
that
cap
in
pr,
the
populators
allows
you
to
have
any
source
as
long
as
that
source
is
registered
right.
A
Well,
actually,
what
it
means
is
the
api
server
will
allow
anything
that
except
a
core
object
other
than
a
pvc
in
that
field,
and
then,
if
it
is
something
that
is
not
recognized
by
the
not
registered
as
a
populator
you'll
get
events,
we
were
still
talking
about
doing
asynchronous
warnings
right,
saying
hey
unless,
unless
you
don't
agree
with
that,
I
mean-
I
guess
no.
B
That's
consistent
so
anyway,
the
point
I
was
getting
to
is:
if
we
really
have
to
take
the
slow
path
on
the
bug
fix,
we
could
and
that
doesn't
actually
affect
the
populator's
change
right
correct,
so
it,
for
example,
hey
you're
not
allowed
to
put
core
objects
here,
I'm
going
to
throw
an
annotation
on
your
object
and
then
clear
it
like
we
always
did
before
and
now
we
can
go
through,
say
march
of
2022
go
through
the
fleet
of
gke
and
whoever
else
wants
to
participate
and
say
hey.
Is
anybody
actually
doing
this
right?
B
If
they
are,
then
we
have
different
data
and
if
they're
not,
then
we
are
safe
to
proceed
right.
I
don't
really
want
to
be
talking
about
this
again
in
a
year,
but
that's
the
safer
path.
So,
but
if
we
go
that
avenue,
we're
not
saying
that
all
the
popular
work
has
to
wait
for
another
year,
also,
okay,
correct.
A
Right
right
right,
the
populated
work
can
proceed
separately
from
this.
I
guess
the
the
the
open
question
on
the
the
populator
side
is
four
things
that
are
that
the
populator
controller
doesn't
know
about.
A
Is
it
better
to
reject
those
using
like
a
validating
web
hook
or
to
sort
of
post
events
on
them,
and
we
were
saying
we
prefer
events?
I
think
you
were
a
little
conflicted
on
this
last
week.
B
A
A
Because
what
the
feature
gate
does,
is
it
basically
relaxes
the
admission
controller's
behavior
of
zeroing
out
the
field?
What
we're
adding
in
121
is
a
separate
controller
that
is
going
to
watch
your
pvcs
and
warn
you
when
they
have
data
sources,
that
that
don't
match
something,
and
that
controller
only
makes
sense
when
we're
not
zeroing
out
the
field.
So
we
have
to
put
the
emission
controller
into
beta
so
that
we're
not
zeroing
out
the
field
and
then
letting
and
then
this
other
controller
will
start
warning
you
that
hey
nothing's
going
to
bind
this
volume.
B
A
Right,
it
would
be
something
that
we
would
want
kubernetes
distributions
to
install
so
that
you
get
this
warning.
It
wouldn't
be
absolutely
necessary,
but,
like
the
absence
of
it
would
would
cause
bad
behavior.
So
we
would
write
a
blog
entry
saying
like
you
need
to
include
this
controller.
Much
like
what
happened
with
snapshots.
When
we
shipped
snapshots
you
had
to
install
crd,
you
had
to
install
a
controller,
you
know
we
we
encouraged
kubernetes
just
shows
to
do
that
and
it
didn't
happen.
A
It
didn't
happen
across
the
board,
but
but
gke
did
and
a
few
others
are
relatedly
doing
it.
So.
B
And
the,
but
strictly
speaking,
if
you
don't
run
this
controller,
the
the
feature
still
works
right,
the
the
type
the
I
forget,
what
the
type
name
was,
but
for
the
for
the
populator
registration.
A
A
B
So
it
jumps
to
beta
I'm
trying
to
think
through
what
are
the
risks
right?
What
happens
if
it
goes
sideways?
Well,
the
risk
here,
the
biggest
risk
here
is
you've
got
a
controller
that
starts
spamming.
Events
on
everything-
and
you
know
worst
case
like
makes
your
control
plane
unavailable
right.
It's
pretty
bad
worst
case
right
seems
unrealistic,
but
it's
it's
there
and
we
have
no
real
testing
on
it
except
you
know
whatever
you
all
have
done
by
hand.
B
A
A
A
So
there
were
a
few
other
feedbacks
that
you
put
on
the
kept
that
I
wanted
to
to
suggest
real
quick.
So
let's
do
it
the
one
about
metrics.
So
so
you
would
ask
about
what
kind
of
metrics
we
can
output
here
and
and
the
the
response
back
was
for
me
was
that
for
actual
populators
they
will
of
course
generate
their
own
metrics,
but
the,
but
the
metrics
that
I
think
are
going
to
be
most
useful
to
an
operator
are
going
to
be
the
one
that
you
suggested
in
particular,
was
like.
A
That
particular
time
elapsed
from
pvc
creation
to
pvc
bound
by
data
source
kind,
and
I
think
that's
also
kind
of
a
separate
effort,
because
that's
a
core
feature
to
enhance
that
metric.
That's
useful
for
all
kinds
of
reasons
not
just
for
the
populators
okay
is
that
is
that
a
reasonable
plan
to
that.
B
Is
that
seems
like
a
reasonable
answer?
Does
that
mean
it's
its
own,
a
separate
cap
for
adding
these
new
metrics
or
maybe
not
a
cap,
but
a
separate
track.
A
B
Yeah,
what
I
want
to
avoid
is
putting
a
blind
spot
in
and
then
hoping
that
somebody
will
eventually
fix
the
blind
spot.
A
Yeah,
the
I
guess,
the
the
difference
is
that
almost
all
of
the
code
for
for
volume
populators
is
outside
of
the
core.
The
exception
of
the
the
validation
of
the
data
source
and
and
this
these
metrics
are
are
part
of
the
core.
So
so
I
that's
why
I
didn't
yeah.
B
A
The
scheduling
gets
funny
because
you
know
we
do
a
lot
of.
We
do
a
lot
of
work
in
the
various
repos
sort
of
out
of
cycle
with
kubernetes
itself,
but
obviously
a
core
change
has
to
be
in
cycle
with
kubernetes
so
like
it
would
not
fit
in
121.
B
B
That
seems
okay,
yeah.
I
I
I
would
encourage
strongly
that
we
find
how
to
get
better
visibility
into
these
things,
as
we
add
more
third-party
actors
being
able
to
have
a
central
set
of
metrics
that
that
gives
us
that
observability
is
pretty
important.
A
It's
it's
exactly
what
an
operator
would
want.
Yeah.
It
just
doesn't
feel
like
it's
on
the
critical
path.
For
me.
Okay,
there
was
one
more
feedback
you
had
suggested.
We
contact
sig
security
and
I
was
curious.
Why?
Because
because
we
never
did
pull
in
the
security
guys.
B
I
forget
what
I
was
getting
to
oh,
I
think
I
think
it
was
simply
like.
Are
there
security
implications
to
being
able
to
like
who
who
can
register
a
data
populator
and
you
you've
answered
you
cut
off
one
big
vector
by
just
saying
we
don't
accept
core
types
right,
but
could
I
find
a
way
to
the
reason
I
ask
for
for
sig
security
is
because
they're
good
at
coming
up
with
answers
to
the
questions
of.
Could
I
find
a
way
to
could
I
trick
your
controller
into
letting
me
register.
B
A
I'm
afraid
it
just
has
to
be
a
level
of
trust
with
populators
and
a
level
of
verification,
and
you
know
hopefully
they're
open
source
and
you
can
go,
read
the
code
and
and
make
sure
there's
nothing
evil
in
there,
because.
B
B
Back
right
to
volumes
so
yeah
that
that
seems
like
a
a
reasonable
answer,
I
would
maybe
still
take
it.
Async
like
the
seek
security
folks
are
awesome
and
yeah.
B
They're
very
good
at
that,
and
especially
before
you
ga
it
like
hey,
throw
your
best
grenades
at
us.
If
our
answer
may
simply
be
yeah,
that's
possible
right!
Okay,
don't
run
a
controller
that
you
don't
trust
right.
A
Yeah,
okay,
okay,
okay,
so
so
that
I
think
that
covers
the
your
feedback
and
and
responses
to
it.
So
if
you're
satisfied
with
all
that,
I
I'll
just
proceed
on
the
pushing
that
other
cap
and
then
so.
How
do
we
get
out
in
front
of
the
right
people
once
once?
We
have
the
other
cap
that
addresses
the
legacy
behavior.
B
We
can
tag
them
and
actually
we
can
bring
it
up
at
cig
arch
like
next
week.
Looking
at
the
calendar,
I
think
it
would
be
next
week.
Oh
shoot
next
week
is
next
week.
Code
free
is
next
week,
but
also
we're
going
through
perf
reviews.
So
I
have
a
conflict
I
can
maybe
make
maybe
make
it
happen,
the
11th
at
cigar.
So
if
you
have
a
cap,
that's
out
and
we
can
even
sort
of
preemptively
merge
the
fix
and
then
bring
it
to
cigarch
and
say
like
hey.
Is
anybody
gonna
scream?
A
Yeah:
okay,
okay-
I
like
that
so
so
I
can
have
the
the
kept
posted,
or
at
least
the
pr
for
the
cat
posted
today,
because
I'm
working
on
it
now
and
and
then
also
have
the
the
two
specific
code
changes
for
the
two
caps
for
the
core
repo
also
pushed
up
very
soon
this
week
and
get
them
reviewed
and
hopefully
merged,
and
then
okay
have
those
other
discussions
and
and
if,
if
someone
says
no,
no,
this
is
a
terrible
idea.
We
will
have
the
opportunity
to
back
it
out.
B
Okay,
I
am
happy
to
look
at
things
if
you
send
them
to
me
the
less
you
send
to
me
the
happier
you're
going
to
be
in
terms
of.
A
A
For
today,
nothing
for
my
end.
A
All
right,
yeah
I'll
just
I
mean
that
that
discussion
with
tim
was
what
I
really
wanted
to
have
today.
So
if
you
guys
don't
have
anything
to
add,
we
could
go
ahead
and
end
this
meeting
and
by
next
week,
we'll
be
staring
code
freeze
in
the
face.
A
So
so,
hopefully,
all
this
all
the
cap
work
and
the
the
the
prs
for
the
quarter
stuff
will
be
done
by
then
and-
and
I
also
need
to
push
another
revision
of
the
the
the
changes
in
the
external
provisioner
repo
that
would
that
actually
contain
the
volume,
populator
cr
and
the
controller
just
to
make
sure
those
that's
in
in
shape
and
mergeable.
A
I
think
it's
already,
I
think,
there's
already
a
pr
against
the
external
provisioner
repo
I'll
have
to
double
check
that,
because
I
wrote
that
code
last
year
and
it's
just
been
sitting
there
so
yeah.
I
may
I
I'll
probably
ask
you
guys
for
some
reviews.
I
guess
that's
what
I'm
saying.
Yep
sounds
good.
Hopefully.