►
From YouTube: Kubernetes SIG Windows 20200901
Description
Kubernetes SIG Windows 20200901
A
Hello,
everybody
and
welcome
to
another
sick
windows
meeting
it's
the
first
of
the
month
first
of
september.
So
as
always,
it's
a
recorded
meeting.
So
please
adhere
to
the
cncf
code
of
conduct.
Apologies
for
last
week.
We
don't
have
a
recorded
conversation
if
anybody
is
really
interested
in
finding
out
what
happened
last
week,
you
can
always
view
our
our
fairly
good
meeting
notes
and
you
can
see
what
happened
so
again.
My
apologies.
I
was
100.
My
fault
can't
blame
anybody
else.
A
So
couple
of
updates
maz,
you
wanna,
give
a
quick
update
on
the
on
the
backlog,
refinement
that
we
did
the
other
day.
B
Yeah
for
sure,
so
so,
on
thursday,
based
on
the
poll
the
community
took,
we
have
every
other
thursday
a
meeting
at
9
30
a.m.
Pacific
time
for
reviewing
the
backlog
we
go
over.
The
kubernetes
backlog,
which
is
on
github,
probably
michael,
can
share
the
lingeries
on
the
top,
so
we
went
over
the
backlog
and
we
started
arranging
the
items.
B
So
we
cleared
the
backlog
from
119
perspective,
put
everything
back
in
either
120
or
in
the
backlog,
and
then
we
prioritize
things
in
a
way
that
in
the
backlog
either
in
progress
or
back
in
the
in
the
backlog
section
or
the
column,
the
the
top
thing
is
the
highest
priority.
And
then
the
you
know,
the
thing
on
the
bottoms
are
like
the
lower
priority.
What
we
agreed
on,
basically
as
a
group
was
container
d,
will
continue
to
be
the
top
priority
for
120
and
then
cluster
api
for
windows
is
pretty
important.
B
So
so
we
put
that
like
as
a
second
priority
and
then
hyper-v
isolation
was,
you
know,
which
is
related
to
continuity,
but
will
come
right
after
container
d
to
enable
that
is
the
third
priority
for
the
semester.
As
you
already
know,
we
have
announced,
like
the
british
containers
the
cap
is
on
this
week,
we're
going
to
do
the
enhancement
so
privilege
for
privilege
container
an
excellent
enhancement
proposal
like
creating
an
issue,
so
that
would
be
our
fourth
priority
and
then
csi
proxy
to
ga
will
be
the
last.
B
You
know
high
priority
item
for
120..
One
thing,
I
would
say
is
for
csi
proxy.
Last
time
we
had
a
discussion
on
what
you
know.
Should
we
take
it
to
g
or
not
based
on
privilege
containers,
so
that's
still
up
in
the
air,
but
that's
basically
what
we
decided.
You
can
please
go
ahead
and
take
a
look.
If
you
disagree
with
something
please
let
us
know.
A
Yeah
and
we
make
comments
on
tickets
most
of
the
times
you
prefix
them
with
saying
this
is
the
sick
windows
triage?
I
forgot
about
that
apologies.
But
if
you
disagree
with
our
opinion,
you
know
please
voice
it
out.
This
is
a
community.
We
all
you
know,
we
all
make
mistakes.
Sometimes
we
don't
have
all
the
data.
A
So
if
you
file
the
ticket
or
if
you
feel
strongly
about
the
ticket
or
if
it's
your
area
of
expertise,
either
come
to
the
meeting
and
talk
to
us
or
put
it
come
in
this
meeting
as
well
or
or
put
some
notes
in
the
ticket,
we
want
to
make
sure
that
we
make
the
right
calls
for
sick
windows
and
for
kubernetes
in
our
community
and
we're
not
doing
this
in
isolation.
So
we
use
the
data
in
front
of
us
and
make
decisions,
but
if
you
disagree
come
and
talk
to
us.
C
And
one
last
thing:
this
a
lot
this
last
exercise
was
there
was
a
lot
of
cleanup.
I
think
we
all
agreed
that
in
the
future,
once
we're
going
to
help
or
work
towards
identifying
good
first
issues
and
and
help
wanted
to
tickets
and
make
it
a
little
bit
more
obvious
for
folks
who
would
like
to
contribute
what
to
work
on
or
where
we
can,
where
we
think
we
should
direct
help.
D
Yeah,
I
think
we
are
waiting
on
james
and
I
think
james
has
updated
the
talk
today
saying
that
he'll
review
it
soon.
I
I
we
just
want
to
give
people
some
time
to
review
it,
so
we
are
actually
waiting
on
james
now,
that's
that's
the
only
thing.
It's
just
sort
of
a
soft
thing
from
our
side.
A
A
Cool,
thank
you.
I'm
not
sure
what
the
vcu
csi
driver
is
it
is
it
supposed
to
be
like
this,
or
is
it
supposed
to
be
on
its
own
call
on
its
own
line.
F
Yeah,
actually,
this
is
me
here
from
red
hat.
I
work
with
I'm
the
pm
for
windows
containers
on
the
red
hat
side.
I
work
with
arvind
and
ravi.
I
added
that
item,
but
essentially
we're
looking
for
the
best
solution
for
storage
on
vsphere,
and
you
know
I
kind
of
came
across
this.
You
know
github
note,
which
kind
of
said:
there's
not
much
of
investment
going
on
from
vmware
for
the
csi
driver
and
so
just
wanted
to.
F
A
It's
a
pretty
big
deal
for
me,
I'm
trying
to
see
how
I
can
solve
it,
but
so
far,
unfortunately,
I
haven't
had
a
lot
of
luck.
I
know
that
deep
is
deep
on.
I
don't
see
deep
from
from
a
csi
standpoint.
A
You
know,
with
the
first
release
of
the
beta
for
the
csi
proxy,
we
only
had
azure
precision
volume
disks
as
well
as
gce
precision
volume
disks,
so
we're
looking
to
see
how
we
can
enable
the
b
sphere
csi
driver
next,
if
you
and
your
team
are
willing
to
collaborate
and
see
how
we
can
actually
make
it
work.
Essentially,
we
just
need
to
make
the
csi
proxy
work
for
the
vsphere
volume
driver.
A
If
you
want,
let's,
let's
start
a
a
a
quick
slack
channel
with
you
me
and
deep
de
bruy
and
deep
can
kind
of
give
us
a
little
bit
of
the
lay
of
the
land
in
terms
of
the
work,
and
we
can
see
if
your
team
can
do
some
of
that
and
then
I'll
see.
If
we
can
get
some
folks
from
my
team
as
well
to
to
work
on
it.
A
F
A
You
can
use
vsphere
volume,
which
is
outside
of
the
csi,
so
so
that's
what's
documented
and
working
so
so
that
works
very
well,
it's
just
outside
of
csi,
so
you
can't
use
any
csr
capabilities,
got.
C
C
A
A
All
right,
I
think
we
talked
about
the
120
prioritization
exercise.
That's
what
amaz
talked
earlier
so
cover
that
jing.
The
next
one
is.
A
A
All
right,
let's
I
don't
know
if
jin
can
hear
us
or
not,
let's
move
to
the
next
one
james.
You
want
to
talk
about
the
cubby
windows
proposal.
E
Yeah,
so
calia
did
a
great
job
presenting
it
last
week
at
cappy
meeting
and
we've
gotten
quite
a
few
comments.
Nothing
blocking
right
now
or
major
concerns,
so
just
wanted
to
remind
people
to
take
a
look
at
it
and
leave
some
comments.
Goal
is
to
open
up
a
pr
for
the
proposal
by
next
tuesday.
So
please,
if
you
have
any
comments,
it's
a
good
time
to
to
make
it.
Thank
you.
A
Yeah,
congratulations
for
everybody
that
worked
on
this
james,
kalia
and
others
is
a
great
meeting.
Obviously
we
didn't
have
the
level
of
discussion
that
we
wanted
out
of
that
meeting
with
the
cabi
team.
It
was
more
or
it
was
a
one-directional
data
insertion.
A
But
overall
you
know
the
the
fact
that
this
is
important
to
us
in
our
community
is.
Is
you
know,
as
you
can
see,
also
from
the
prioritization
exercise?
This
is
number
two
on
our
list,
so
I
think
that
it's
it's
super
important
to
to
keep
the
momentum
here
and
work
on
this
and
have
some
investment
from
the
from
the
cluster
lifecycle
team
as
well
to
help
us
on
this.
We
can't
be
on
an
island.
So
thank
you
all
for
driving
this.
A
Yeah,
so
so,
yes
for
120,
so
actually
I
mean
it's
actually
annotated
up
here
right,
so
we
need
a
cab
required
here.
So
this
is
a
cab
update
to
actually
say
if
we're
gonna
go,
ga
or
not.
I
don't
know
mark
if,
if
that's
gonna,
if
are
we
gonna
be
able
to
go
to
ga
for.
C
Continuity,
a
lot
of
it
depends
on
performance
and
kind
of
use
at
scale.
I
think
it's
doable.
A
C
We're
going
to
try
to
go
as
alpha
again
yeah,
there's
a
lot
of
discussions
that
need
to
happen
with
between
members
of
sig
windows,
microsoft,
signod
and
the
continuity
community,
and
we're
still
trying
to
navigate
all
of
that
in
the
past
couple
of
months.
It
looks
like
there's
a
lot
of
folks
that
have
a
lot
of
knowledge
drain
and
in
a
bunch
of
these
areas.
So
we
need
to
rebuild
that
knowledge
and
rebuild
kind
of
community
support
around
this.
A
And
in
this
case
it's
it's
going
to
be
a
cab
update
right,
so
we
will
need
a
new
cap
because
you
know
we're
going
to
look
inside
the
container
dework
and
then
privileged
containers,
I'm
assuming
the
work
there.
If
we
do
get
it,
it
will
be
up
for
right.
So
in
this
case
we
also
need
a
cap.
E
So
the
cappy
one
is
a
cape
c-a-e-p
for
cluster
api
and
that's
that's
what
I
plan
on
opening
up
guys
next
week.
So.
B
Yeah
and
the
same
for
my
michael
for
for
privileged
containers
as
well,
the
cap
has
been
out
for
two
three
weeks.
We
had
a
lot
of
comments
and
I
think
we're
we're
gonna
go
ahead
this
week
with
the
enhancement
because,
like
making
it
official.
B
A
G
It's
pretty
straightforward
in
order
to
run
those
tests,
we
we
need
to
have
gpus
on
the
the
nodes
and
the
current
vpns
that
we're
using
for
all
jobs,
don't
actually
have
physical
gpus
pass
through
or
something
something
similar
so
running
them
in
this
configuration
in
nature
is
not
possible
at
the
moment.
A
C
That
there
may
be
some
skus,
there
are
excuses
in
azure
that
support
assignable
gpus.
C
They
are,
I
believe,
you
have
to
request
to
enable
them
in
your
subscription,
because
there
was
a
lot
of
cases
where
customers
like
they're,
very
expensive
to
run
and
a
lot
of
customers
were
picking
those
skus
and
not
realizing
that
they
were
racking
up
huge
bills.
So
for
most
subscriptions
I
at
least
it
used
to
be
the
case
you
needed
to
kind
of
onboard
to
get
those
that
I'm
not
sure,
if
that's
the
case
now,
but
we
need
to
investigate
that.
We
also
need
to
look
at
the
cost.
A
C
C
We
were
also
wondering
if
this
same
was
true
for
any
of
the
gce
or
gke
kind
of
pools.
If
there
was
windows
support-
and
that
was
also
an
option.
A
C
Little
bit
tuned
out,
we
were
just
we
were
wondering
if
there
are
vm
skus
in
gce
gcp,
that
can
support
device
assignment
for
for
windows
vms
as
well,
and
if
those
were
treated
separately
like
special
in
the
platform
and
if
it
would
be
possible
to
enable
some
either
pre-submit
or
periodic
jobs
that
use
those.
H
C
A
I
think
thank
you
mark
and
peter
all
right.
The
do
those
tests
work
today,
adelina
like
if
you,
if
someone
were
to
basically
take
those
tests
and
run
them
manually
somewhere.
Would
they
work
like
if
you
were
to
able
to
find
like
if
you
provision
a
vm
or
or
has
nobody
tried
it.
G
There's
just
looking
at
the
code,
there
seems
to
be
some
work
that
still
needs
to
be
done
cloud.
You
also
commented
on
the
issue.
I'm
raising
some
some
questions
and
feedback.
I
Oh
so
because
I
missed
my
item,
I
just
wondering
when
yeah.
I
Okay,
thank
you.
So
the
first
one
is
basically
a
quick
question.
I
want
to
ask
like
to
see
anyone
have
some
feedback
about
this
after
we
enable
the
run
as
user
name
on
windows,
so
I
think
you
can
specify
username
to
start
container,
so
I
just
want
to
confirm
whether
there
is
any,
like
implication,
on
file
permission
so
for
linux.
I
In
order
to
do
that,
we
need
to
change
files,
fs
group
etc,
but
for
windows
right,
it
seems
not
necessary,
but
I
want
to
confirm
that
whether
there
is
security
related
or
file
permission
related
issue
on
this
area.
A
Mark
when
we
start
a
process
with
a
specific
username,
I
don't
think
it
has
any
file
permissions
outside
of
the.
J
Yeah,
I
think
we
discussed
this
earlier.
I
think
patrick
lang
at
that
time
clarified
most
likely
that
the
concept
of
file
permission
does
not
happen
in
windows
just
because
of
the
way,
the
the
appropriate
permission
files
the
case
as
well.
I
So
because,
like
a
seek
storage,
when
we
talk
about
this,
I
just
want
to
confirm
again,
so
we
probably
yes,
we
talked
this
before,
but
so
far
it
seems
no
work
still.
A
So
so
james,
let
me
ask
you
this.
This
is
like,
in
order
for
the
process
to
run
under
specific
account,
which
we're
doing
here
is
the
directory
under
which
the
process
running
gonna
be
updated,
with
certain
file
permissions
for
that
for
that
user,
the
working
directory
we
update.
Any
of
that
does
that
happen.
A
So
when
you
enable
run
as
username,
essentially
you're
you're
kicking
the
startup
process
inside
the
container
to
run
under
a
specific
account
that
that
account
and
that
process
is
going
to
run
with
a
working
directory.
Do
we
update
that
account
in
default
permissions
of
that
working
directory
or
not.
A
J
What
happens
in
linux
probably
most
likely,
and
I
think
the
reason
this
item
was
being
tracked
in
six
storages
if
some
similar
activity
needs
to
happen
for
windows
as
well
and
to
go
and
scope
all
that
work,
but
most
likely
because
of
what
james
and
mark
just
clarified.
I
think
it's
just
not
possible
in
windows
today
because
of
the
lack
of
sharing
of
the
permission
database.
So
it's
like
a
free-for-all
today
in
windows,.
C
B
Deep
is
saying:
that's
true:
I
can
follow
up
with
the
with
kevin
or
danny.
I
think
they
would
be
more
aware
of
it.
I
think
the
same
question
came
up
around
when
we
were
thinking
about
privileged
containers.
I
can
follow
up
and
then
you
know
get
an
answer.
E
Yeah
in
the
in
the
case
of
privilege,
containers
the
way
that
it's
proposed
to
implement
the
database,
the
user
that
is
created
inside
the
container
will
actually
be
from
the
host,
and
so
there
will
be
implement
implications
for
that.
But,
as
as
it
is
right
now,
there
aren't
that.
Are
that
I'm
aware
of.
B
Correct
yeah,
let
me
confirm,
and
just
like
you
know
so
we
can
make
a
you
know,
an
authoritative
statement.
There.
I
Right
we
wanted
like
a
kind
of
a
statement
right
to
just
give
to
seek
storage
so
that
we
are
sure
clear
about
this.
A
B
Okay,
that
sounds
good
yeah
I'll
leave
a
note
either
in
flag
or
here,
and
then
we
will
see
how
we're
gonna
do
that.
A
Just
add
it
to
next
week's
update
yeah.
B
C
I
So
for
my
next
question
related
to
for
oh,
are
we
done
with
this
okay
yeah
yeah
keep
going
keep.
A
I
Okay,
so
I'm
trying
to
perform
some
like
this
month,
operation
on
volume,
so
right
now
like
for
linux,
right
for
volume,
we
do
like
a
month
and
a
month,
but
for
windows
we
amount,
but
we
don't
do
any
like
amount
of
dismount.
I
So
there
is
a
command
called
mount
volume
and
the
slash
p,
which
performs
seems
like
the
the
dismounts
operation.
When
I
test
it,
if
there's
no
driver
lighter
assigned
to
a
volume,
I
plan
to
use
like
the
volume
id,
but
when
I
try
this,
it
does
not
work.
I
There
is
a
like
a
very
high
key
way
to
work
around
it.
When
I
do
like
mount
volume
with
this
volume
id
to
a
temporary,
let's
say,
directory
and
then
run
this
command,
it
seems
working.
I
I
don't
know
is
anyone,
know
more
details
about
the
usage
of
this
month
volume
and
to
use
directly
on
volume
id
instead
of
drive
lighter.
I
Yeah
arrow
arrows
saying
something
not
fun.
I
think
the
specific
the
specified
path
not
found
or
something
yeah.
A
That
sounds
sounds
weird
to
me:
I've
I've
done
that
many
times
being
able
to
monitor
amount
volumes
with
or
without
drive
letters
deep
or
james
or
someone
from
microsoft.
Any
ideas
here,
I
guess
also
the
other
question
is
under
what
context
are
you
mounting
and
amounting
volumes
here
like?
What's
the
underlying
operation
that's
causing
this.
I
So
right
now,
when
you
format
right,
for
example,
our
pd
driver
of
a
pde,
persistent
disk,
you
attach
to
a
node
and
then
format
and
partition,
and
I
think
it's
automatically
mount
and
you
you
don't
need
to
assign
drive
letter
for
it
and
after
you're
done
with
this
volume
right,
you
delete
the
part.
Typically,
we
should
dismount
the
volume
before
detach
the
volume
from
the
node.
I
So
you
have.
You
can
have
a
clear,
clean
state,
otherwise,
next
time,
when
you
mount,
it
will
complain
about
unclean
state.
This
is
mainly
for
linux
after
next
time.
If
you
want
to
monitor
linux
for
windows,
I
think
it's
automatically
do
some
repair.
So
it's
okay,
so
right
now,
basically
most
of
the
persistent
disks
in
kubernetes
right.
There
is
no
proper
dismounts
for
windows,
so
you
just
like
unplug
disk
directly
and
but
windows
have
an
auto
repair
process.
I
A
I
I
just
use
command.
I
there's
no
like
a
windows
api
in
kubrick,
so
so
to
perform
this.
We
just
run
the
command
and
also
for
format
and
the
partition
right.
We
run
the
powershell.
A
A
I
wonder
if
there's
a
better
way
to
do
this
yeah,
we
are
calling
mountvol.
A
J
Hey
yeah,
we
were
discussing
this
yesterday
as
well
with
mark
and
the
csi
windows
meeting.
I
yeah
we
looked
around.
There
was
nothing
evident,
that's
why
we
decided
to
discuss.
I
C
Possibly
just
kubernetes
kubernetes,
if
it's
related
to
this
some,
I
think
that
andy
jang,
who
works
a.
H
C
A
Quick,
quick
last
question:
have
you
guys
tried
the
limp
volume?
Mount
point
call,
because
I
think
you
can
call
that
the
powershell
which
one
it's
called
delete,
volume
mod
point
here
I'll
share
my
screen,
so
you
can
see
that
so
so
this
is
the
132
api.
You
should
be
able
to
call
that
from
powershell,
since
you
can
call
partial
commands.
I
Oh
okay,
but
does
it
do
the
this
month
to
like
kind
of
clean
up
the
state.
A
It
should
I
mean
this
is
an
example
of
mounting
a
volume
at
the
mountain
point,
so
this
is
the
try
it
out.
I
think
this
should
work.
I
I
So
yeah,
can
you
put
it
the
link
in
the
doc.