►
From YouTube: Kubernetes SIG Windows 20180612
Description
Kubernetes SIG Windows 20180612
B
And
welcome
to
another
seen
windows
Meetup.
We
have
a
wide
variety
of
topics
today.
Yes,
we're
trying
to
finalize
all
the
items
for
1:30
11
release,
there's
actually
a
lot
of
work,
that's
happening
and
then
there's
a
couple
of
things
we
want
to
discuss.
First,
first
and
foremost,
is
the
DNS
changes
that
need
to
be
made
for
with
regards
to
the
CNI
plugin,
and
then,
after
that,
I'll
give
some
updates
on
on
some
of
the
recent
work.
B
That's
been
that's
been
happening
on
on
sick
windows,
so
partly
you
wanna
start,
the
DNS
discussion
or
I
couldn't
give
actually
a
high
level
overview.
So
some
of
the
discussion
started
from
a
ticket
that
link
filed
where
the
cni
plugin
was
called
by
the
cubelet
for
every
single
container.
If
he
had
multiple
containers
in
a
pod
that
that
kind
of
violated
the
cni
spec
and
also
it
incurred
an
additional
parfum
provement.
B
C
C
Today,
CNI
has
only
added
in
point
and
removing
one,
and
we
wanted
to
have
a
gate
endpoint,
but
I,
don't
know
where
we
stand
in
terms
of
when
the
gate
endpoint
will
be
removed,
implemented
in
the
single
spec.
So
we
were
using
add
in
add
in
point
as
the
idempotent
call
to
basically
get
more
information
and
that's
what
we
did
so
really
two
different
things.
One
is
I,
don't
know
when
the
CNS
CNI
Peck
will
implement
end
point
and
if
there's
any
discussion
on
that,
second
is:
when
we
implement
the
namespace
support.
D
Just
don't
think
that
yet
is
being
implemented
already
in
CNI
spec,
one
v4
and
I
think
he's
gonna
get
through
this
probably
soon.
The
only
thing
is
that
if
we
replace
that
we'd
get
is
still
not
gonna
work
on
this,
you
actually
win.
The
CNI
call
at
the
end
point
actually
hot
attachment
point
for
the
container.
C
C
D
But
still,
this
is
a
machine
H&S,
because
the
dns
does
not
get
replicated,
but
I
can't
address
that
issue
by
making
this
couplet
called
only
that
CNI
once
for
infra
container,
but
apparently
due
to
the
HNIC
issue.
They
which
should
call
the
in
fact
the
CNI
for
every
container
from-
and
this
should
be
stated
somewhere.
At
least
we
should
have
like
a
matrix
with
what
supported
in
rs3
rs4
or
which
windows
variations
are
we
gonna
target
should
with
robust
support
417
online,
or
should
we
continue
with
supporting
both
1709
and
1803.
E
To
interrupt
you,
but
it
would
be
I,
don't
know,
would
be
nice
idea
to
document
it.
What
is
needed
for
1709
1903
and
probably
whenever
the
next
release
will
come.
So
people
know
what
to
expect
when
they
run
run.
The
actual
couplet
I'll.
Give
you
another
example,
for
example
the
symlinks
which
work
on
the
different
version,
but.
C
It
words
today
with
I
understand
that
there
is
a
platform
limitation
that
you
have
to
make
another
call
to
replicate
the
deepness
register
information
to
the
shade
shared
pod,
the
shade
container
in
a
cord
which
is
sharing
the
same
space
that
will
be
fixed
as
part
of
the
when
we
bring
in
the
namespace
support
in
the
platform
and
that's
what
we
are
working
on
now
right,
but
I
agree
with
the
documentation
that
we
should
call
out
the
documentation
say.
Ok,
this
is
the
reason
we
are
doing.
C
C
C
B
I
think
thanks:
I
was
talking
about
that
in
one
of
the
PRS
or
one
yeah
I
seem
to
recall
a
discussion
where
someone
talked
about
having
the
ability
to
do
an
OS
check
between
70,
no
wine
or
vanilla
server
16,
so
that
could
differentiate
capabilities
so
somebody,
so
maybe
that's
that
something
you
can
sync
with
them.
It's.
E
E
F
Think
we
wait
on
the
version
checking
in
there
know
some
topics,
the
CI
itself.
Could
it
be
called
many
times
even
today
and
I'm
not
sure
whether
you're
not
a
standard
from
say
eyes
back.
There
would
be
a
cat
command
a
tedium
days
of
point
for
release
today.
It
is
not
ready
yet
from
simple
ideas,
but
I
think
it'll
be
ready.
So
if
we
upgrade
either
say
I'm
to
zero
point,
four
then
committed
union
could
minutes
way.
We
could
use
cat
the
cat
command
instead
of
current
setup
commands.
F
E
F
And
partying
TCO
I
have
seen
that
not
piache
said
half
the
deaths
for
the
top
API,
so
the
the
toxin
box
could
Saturday
a
verse
and
switch
domain
and
then
the
containers
sharing
the
phonetic
tag
from
the
sandbox.
Then
dish
receives
him
in
SS.
Second,
but
as
Windows
a
the
it
chef
Ezio's,
which
called
the
current
simple
a
dozen
workers
buy
the
item.
The
stock
price
version
reveal
works,
window
dead
center,
so
I
think
after
this
is
effect,
then
the
DSD
Theo
should
be
Victor
together.
C
E
D
Actually,
when
you
cooperate
with
Cole
the
CNI
only
for
doing
for
containers
who
have
nothing
to
do
with
the
others
containers
from
within
the
pod,
so
at
least,
if
there's
an
initially
that
I
think
it
should
be
isolated
to
the
CNI
side,
because
at
the
moment
there
are
required
workarounds
in
corporate
and
in
the
scene
itself.
At
the
same
time,
the
completion
cannot
lead
the
scene
I
only
for
them
for
container
and
then
at
the
CNI
level.
You
should
see
that
hey.
This
is
a
call
for
the
intra
container.
D
This
is
Windows
Server,
1709
or
18:03.
I
know
that
I
should
iterate
through
all
the
containers
from
within
that
pod,
because
you
actually
have
all
the
details,
and
then
you
just
do
attach
endpoint
for
that,
because
the
Demont
is
not
right
since
complete
calls.
Actually
the
CNI
plugin
and
says
that
it
is
other
container
is
actually
my
infer
container,
but
that
container
is
nothing
for
container
of
the
pod.
F
F
C
Point
to
the
containers
through
CNI
and
are
using
to
that
film.
Are
you
passing
and
we
program
the
intro
container
with
all
the
innocent
emissions
and
then
when
we
try
to
create
the
like
a
workload
container
inside
that
pod,
we
basically
try
to
expect
that
the
information
is
the
expectation
and
that's
what
the
next.
C
F
This
is
because
the
they
is
a
policy
from
particle.
So
if
you
said
policy,
then,
if
you
set
different
policies,
then
the
the
giant
servers
and
such
comments
made
different
from
the
from
cube
later.
So,
if
you
configure
the
DNS
servers
from
their
plug-in,
then
the
then
the
list
of
servers
are
static.
So
and
you
you
didn't,
didn't
notice
the
guest
policy
provided
from
horseback
and.
F
Non
DCO
is
under.
There
is
also
cat
terminal,
yes
from
horseback,
which
it
called
a
pod
config.
So
yoga
could
set
up
a
list
of
different
servers,
also,
two
domains
from
horseback
and
the
DOS
game
service
may
different
from
other
day.
Service,
for
example,
could
be
of
the
interest
on
the
host.
So
if
we
want
to
fully
confirm
to
the
the
get
policy,
then
we
we
should
last
cube
later
past
those
as
those
guests
audience
key
to
the
container.
F
From
from
the
from
say,
see,
I,
can
you
run
him?
Interface
cooperate,
have
a
list
of
game
servers
and
such
domains
so
so
cube
later
past
those
games
context
to
control
time.
You
cooperate
as
a
seat.
Doc,
shame
talk
to
him.
Well,
we
have
set
up
the
guests
for
the
for
the
sandbox
and
they
container.
We
have
shared
the
sin
network
stack
with
the
sandbox
for
Linux
containers
against
a
set
up
differently
because
they
each
read
the
file.
So
so
far
in
containers
created
actually
talk.
Shame
touch
overrides
the
fire.
C
F
For
Windows
10
dangerous,
they
no
such
list,
so
my
peer
touch
to
assess
interest
and
sacraments
from
the
stalkers
API,
okay,
the
th
servers
and
such
domains
to
the
sandbox
container
same
career,
the
containers,
the
shares
the
same
network
with
the
sandbox
and
about
should
receive
aimed
at
hooks
Inc
in
the
config
utter
at
the
windows
days.
It's
just
easier.
This
is
this,
isn't
working
yet
at
it
should
work
later
if
we
should
be
fixed.
F
C
F
A
C
Understand
from
Bank
a
what
what
we
were
thinking
is,
the
CNI
can
be
modified
by
cue
blood
and
runtime.
Venous
information
can
be
set
on
that,
and
that
should
work
is
what
we
were
thinking,
but
I
would
like
to
understand
from
thank
you.
What
is
this
concern
on
that
see
that
when
he
says
it
Genesis
an
issue,
there
are
two
two
parts:
I
would
split
this
into
two
two
parts
right,
one
is
the
shared
car.
C
The
shade
container,
getting
the
information
related
to
DNS
from
the
inflow
container
is
something
that
will
be
resolved
when
we
add
the
namespace
support
in
Windows
as
a
platform.
Until
then,
we
have
a
workaround
that
is
already
implemented
in
CNI,
where
we
are
making
to
add
calls
and
getting
that
information
and
doing
some
things
with
that.
Right.
I
would
was
that
to
stay
asses
for
1703
and
eighty,
not
1709
and
1803,
and
we
will
make
a
change
as
part
of
bringing
in
the
namespace
at
work
now.
C
To
CNI
and
at
the
end
of
it
to
H&S
right
so
what
we
were
thinking
is
similar
to
how
linux
is
doing
Rizal
Khan.
We
can
implement
a
mechanism
where
cubelet
dynamically
updates
that
see
any
configuration
file
with
the
set
of
DNS
suffixes
and
be
honest
servers,
and
that
should
automatically
work.
That's
how
we
were
thinking,
but
let
me
I
think
if
I
understand
correctly
thin-faced
saying
there
is
no
input
to
see
and
I
call
it
self
and
we'll
be
doing
something
different
for
Windows
and
instead
do
something
else's.
D
F
F
F
F
Butter
butter,
since
they
a
chance,
Ezio's
containers
thousand
receives
the
game
config
from
sandbox.
So
we
need
to
beauties
that
have
ten
servers
for
four
containers.
So
that's
the
reason
we
should
refer
to
the
should
revert
to
the
Chia
and
called
the
sample
again
for
each
containers,
so
those
containers
could
receive
of
the
da
server
from
sample
IBM.
A
A
F
A
Okay,
so
we
need
to
get
this
one.
This
one
reviewed,
oh
okay,
I
see
I
was
just
approved.
Okay,
so
so
they'll
revert
it
back
to
the
previous
behavior,
but
we're
still
going
to
be
stuck
where
the
DNS
suffix
in
servers
are
pulled
from
the
CNI
config
file.
Instead,
I
think
we
can
do
that
as
a
temporary
workaround,
but
I'll
talk
I'll
work
with
the
nation',
we'll
we'll
look
at
see.
If
we
can
get
this
done,
the
right
way
or
the
other
way
through
the
host
config
instead
and
come
back
next
week.
C
F
They'd
apply
for
a
link
container
but
as
window
coupe
later
also
support
docker
one
point
xi,
but
dock
one
party,
eleven
thousand
or
setting
the
game
server
together
with
network
that
into
you
host.
So
we
should
waited
copulated
deprecating,
taco,
babe
version,
one
point
eleven,
so
so
a
if
they
are
really
quite
on
time
to
you
to
make
the
change
it
for
for
Lincoln
inner.
No.
C
But
I
say
that
this
is
the
like
this.
This
is
what
the
right
thing
to
do
and
we
should
that's
what
windows
is
moving
towards
and
I
feel
like
I
understand
that
the
backward
compatibility
and
support
has
to
be
there,
and
we
can
support
that.
But
I
really
want
to
push
forward
for
CNI,
taking
over
the
DNS
information
and
not
like
keep
supporting
the
old
model
right
I
mean
the
the
right
thing
to
do
here
is
cubelet.
D
There's
only
one
thing
that
they
want
to
propose
this
victim
of
all
the
workarounds
that
they
incorporate
at
the
moment
at
the
senior
level,
so
the
cupola
should
call
the
CNI
only
for
them
for
a
container
and
then
at
the
senior
level,
just
inspect
hey
this
is
in
for
container
is
an
unsupported
version.
Why
should
I
have
to
call
for
all
the
containers
from
within
the
best
specific
port.
D
G
F
But
from
current
Canon
runtime
with
empower
or
other
container
on
higher
settings,
oh
it
coming
from
all
containers
and
it
directly
from
socket
API
think
sample.
I!
Wish
you
happy!
So
even
even
you
you
are
using
different
nope
again.
The
game
items
should
be
same
way
with
same
TN
policy.
So
hey
I
think
it
should
be
a
common
logic
within
kool-aid,
not
in
CI
I.
C
Would
argue
that
it
should
be
in
CNI,
but
again
let
me
let
me
let
me
talk
to
Martin
and
we
both
can't
like
will
look
at
your
PR
and
then
we
can
some
proposal
there,
but
I
strongly
think
Linux
will
be
moving
like
I.
Don't
know
at
least
tell
me
if
that's
not
true
in
expect
clearly
says
this.
This
is
the
going
forward
model
that
we
want
to
support
and
I
am
assuming
Linux
will
move
towards
that
and
I
really
want
with
the
platform
support
of
names.
C
Please
I
would
like
to
move
to
this
model
from
our
spy
onwards.
I
want
to
support
this,
but
I
hear
you
on
that.
We
need
to
support
the
older
models
and
I
feel
like
CNI
would
be
the
right
place
to
handle
that
versioning
change
and
say.
Okay.
This
is
this.
This
version
go
with
the
container
and
this
version
go
with
in
point
so,
but
let
me
get
you
guys,
I
think
give
our
see.
Does.
C
B
C
Is
it
possible
for
you
to
guide
and
like
lead
and
I,
can
give
my
windows
information?
There
sure
sure
we
can
start
an
email
thread
and
then
begin
I
really
think
I
at
least
we
are
designing.
Our
entire
thing
are
based
on
CNI
spec,
like
the
v2
spec
is
just
everything
based
on
C
and
I
suspect.
A
video
of
readiness,
API
surface,
so
I
know
that
that's
the
model
Linux
is
moving
towards
when.
A
A
Okay,
so
this
there's
a
community
proposal
here
for
adding
service
port
ranges,
and
we
were
pinged
on
this
and
asked
to
review
it.
And
basically,
it
looks
like
they're
talking
about
using
cube
proxy
to
program
IP
tables
to
forward,
rather
than
just
a
single
port,
be
able
to
pass
a
whole
range
all
at
once
and
I.
A
Don't
know
if
there's
any
didn't
read
it
close
enough
to
see
if
there
are
restrictions
on
whether
it
could
easily
be
resolved
back
to
a
you
know:
proper
subnet,
you
know
with
the
clean
bitmap
it
was
arbitrary
port
ranges
or
or
so
on
here.
So
I
think.
The
bigger
question
is
whether
or
not
this
is
something
that
we
would
be
able
to
implement
on
Windows
or
not.
A
C
C
C
A
C
B
E
A
quick
update
from
me
if
somebody
wants
to
try
out
to
VN
and
obvious
without
hyper-v
support
or
I,
did
PR
on
or
being
what
ninety
is
sensible
playbooks.
So
if,
when
everyone
anyone
wants
to
try
it
on
clothes,
feel
free
feel
free
to
ping
me
if
you
encounter
any
issue.
Okay,.