►
From YouTube: Kubernetes SIG Windows 20171031
Description
Kubernetes SIG Windows 20171031
A
Hello,
everyone
and
welcome
to
another
meeting
for
the
sig
windows
interest
group
I
want
to
get
started
and
provide
a
few
updates
about.
What's
going
on
in
the
community
and
things
that
interest
or
directly
impact
our
work
on
Windows
I'll
talk
a
little
bit
about
the
open
source
summit
that
happened
last
week
that
mean
alessandro
presented
and
then
we'll
open
up
the
floor
for
additional
for
additional
updates
from
everybody
and
then
we'll
have
I
believe
we'll
have
a
presentation
on
by
by
Microsoft
as
well
after
that.
A
So
so,
let's,
let's
get
started
here
so
last
week,
I
was
at
the
open
source
summit
with
Alessandro
from
cloud
base.
We
had
the
chance
to
present
on
Windows
educate
the
community
about
our
efforts
to
to
add
additional
support
for
Windows
Server
containers
to
kubernetes
and
kind
of
give
them
an
opportunity
to
ask
questions.
The
room
was
packed.
We
went
the
way
over
are
a
lot
of
time.
There
were
a
lot
of
questions.
A
Folks
were
very
energized
very
happy
to
see
the
progress
we've
made
with
Windows
and
a
lot
of
them
can't
wait
to
get
their
hands
on
these.
When
you
go
to
bed
with
1.9
at
the
end
of
the
year,
I
only
gonna
show
here
a
couple
of
slides
to
kind
of
congratulate
everyone
on
the
effort
on
the
massive
effort
in
the
last
few
months.
A
Oh
just
a
couple
of
months
ago,
we
had
no
seen
eyes
on
Windows
and
nothing
that
basically
worked
on
the
networking
side
as
efficiently
as
who
have
hoped
and
coming
into
today,
we
have
the
opportunity
for
four
different
CNI
plugins
to
be
available
for
kubernetes.
One
of
it
is
the
windows
containers
using
flat
layers
200
and
that
works
and
Microsoft
has
produced
and
cloud
base
is
working
on
a
scene.
I
for
Windows
containers
with
ovn
depend
on
RS
3.
A
That
demonstrates
multiple
containers
per
pod
and
we
showcase
Adam
of
that
add
open
source
summit
and
there's
a
hidden.
Either
cloud
base
is
working
on
using
ovm
that
is
not
dependent
on
our
s3,
where
it
will
still
have
the
limitation
of
one
container
per
pod,
but
very
powerful
for
the
folks
that
cannot
upgrade
to
our
s3.
A
They
don't
have
access
to
the
build
and
then
there's
a
lysine
I
for
flannel
using
Hostgator
in
VX
lon,
that's
also
been
produced.
If
you
look
at
the
timeline-
and
this
is
a
next
slide
I
have
here
in
terms
of
where
we,
where
and
we're
going
to
you-
there's
a
lot
of
work
that
went
in
between
October
and
November
of
this
year,
starting
with
config
map
secrets
and
volume,
support
or
documentation
support
the
CRI
pod.
A
The
note
level
stats
for
auto
scale,
the
networking
contributions
with
the
multiple
CN
Ice
Cube
ATM
support
the
CNF
of
flannel
and
then
the
cni
plugins
that
will
come
in
for
ovn
and
OBS
in
november.
So
this
is
a
tremendous
timeline,
a
lot
of
contributions
and
everybody
give
a
round
of
applause
to
yourselves.
This
is
thank
you
for
all
the
hard
work
and
thank
you
for
getting
us
here,
and
this
is
in
a
very
good
position
to
kind
of
stabilize
all
of
these
features
and
release
them
with
1.9.
A
I,
don't
believe
we
have
documentation
for
some
of
them
up
to
the
config
map,
secrets
and
volumes,
I,
don't
think
about
the
documentation,
full
documentation
on
the
CRI
and
all
those
skill
stuff.
Actually,
that
stuff
is
not
working
right
now,
so
that's
gonna,
be
one
of
my
one
of
my
status,
updates
and
and
Bob
can
shed
a
little
bit
more
light
into
that.
A
We
have
not
been
able
to
get
all
those
scale
to
work
so
even
though
the
PR
has
been
merged
and
to
unfunctional,
it
is
not
there
yet,
and
the
ovn
OVS
and
all
the
other
C&I
work.
We
do
not
have
documentation
yet
so
that's
going
to
be
part
of
the
getting
us
to
play.
That
is
also
documenting
all
this
work.
Okay,.
B
C
I'm
waiting
for
some
more
documentation
from
our
internal
team,
but
basically
I
updated
the
getting
started
guide
for
Windows
to
take
into
account
on
the
improvements
we've
made
in
the
platform
in
our
s3
and
then
I've
called
out
kind
of
different
networking
options
that
people
have
or
that
it's
all
send.
At
least
maybe
my
my
private
Fork
of
this
and
I'd
love
to
see
people's
comments
on
this.
But
hopefully
we
can
all
kind
of
merge
on
updating
this
documentation.
A
So
so
Bob
from
my
team's
also
has
updated
documents
in
the
past,
so
he's
doubly
great.
If
Bob
can
you
work
with
Jason
make
sure
you
can
see
that
that's
the
fork
that
he
has
that
way,
you
can
get
it
to
a
good
stay
this
or
merging.
Ideally,
at
the
end,
we're
gonna
have
one
main
documentation.
That's
gonna
talk
about.
You
know
how.
How
do
you
set
up
Windows
nodes
into
an
environment
of
kubernetes
and
they're?
A
D
A
With
139,
you
can
update
all
of
that
with
including
all
these
new
documentation
were
talking
about.
So
no
longer
will
you
need
to
go.
Look
at
the
apprentice
fork
of
the
documentation.
That's
in
private
right
now,
they'll
get
the
full
update
with
which
will
include
all
other
stuff
we
talked
about,
but
it
probably.
E
E
That's
the
goal:
okay
and
just
one
other
question
I
just
wanted
to
understand
what
gates
do
we
have
to
to
get
there
like?
Is
there
do
we
feel
confident,
we'll
make
that
happen
or
is
there?
Are
there
things
we
need
to
integrate
in
terms
of
CI
and
other
testing
to
make
sure
that
it's
at
the
level
of
quality,
that's
expected
of
a
beta
product?
I
come
just
trying
to
understand
what
the
process
and
we
can
take
this
offline.
A
So
I'll
do
this
very
quickly
and
then
I'm
gonna
have
to
move
through
their
presentation
for
flannels
in
essentially
we
are
we're
not
gonna.
Have
automated
tests
are
by
the
time.
That's
there.
You
know
SURS
wise.
We
just
don't
have
the
resources
to
get
there,
but
we
will
test
it
fairly.
Well,
a
lot
of
people
in
the
community.
Anybody,
that's
that.
You
know
that.
That's
here
we're
going
to
encourage
them
to
try
out
the
different
solutions
and
give
it
a
spin.
It
would
be
to
our
best
of
our
ability
will
be
better
call.
A
It
didn't
be
able
to
support.
You
know,
workloads
running
on
this,
even
production
workloads,
but
you
know.
Obviously
this
is
a
community
project
right.
We
don't
have
a
formal
testing
organization,
that's
going
to
come
and
test
this,
and
we
did
not
have
the
resources
to
go,
create
C,
ICD
and
an
automated
testing.
That's
something
that
we're
gonna
look
for
for
RT
M,
but
right
now
we
had
so
much
other
work
in
our
plates
that
that
just
was
not
possible.
A
F
F
So
can
you
share?
Can
you
see
my
screen?
Yes,
okay,
so
I
saw
just
got
like
a
presentation
and
then
I'll
show
you
a
demo.
So
I'm
assuming
you
guys,
are
familiar
with
flammable,
yes,
just
a
quick
overview
in
any
case.
So
basically,
of
course,
it
sets
up
cluster
networking
for
KJ,
so
I'm
assuming
you
know
that,
and
it's
got
two
main
parts,
so
there's
the
flannel
demon
or
in
the
case
of
Windows
or
whatever,
an
exe,
and
what
that
does.
F
Is
it
configures
the
networking
on
the
local
node
and
then
it
listens
for
the
presence
of
remote
nodes
when
they
get
added
or
deleted,
and
it
sets
up
networking
on
the
local
node
for
remote,
node
right
and
it
basically
obviously
has
to
run
on
all
nodes,
because
it's
configuring,
every
node,
so
that'sthat's
one
component
and
that's
what's
in
the
flannel
repository
and
then
the
second
component
is
the
flannel
CNI,
which
is
a
meta
CNI.
All
that
he
does
is
to
delegate
to
other
CNI
is
to
do
stuff
and
it
just
passes
the
configuration
alone.
F
So
it
basically
delegates
in
the
Linux
case
it
delegates
to
host
local
for
IPAM,
and
then
it
delegates
to
the
bridge
plugin
for
host
gateway
and
to
the
V
X
and
plug
in
for
overlay
and
in
the
windows
case.
You
know:
we've
updated
a
host
local
to
support
Windows,
so
it
still
delegates
to
host
local
for
ipam
and
then
it
delegates
to
win
CNI.
So
again,
Siena
is
not
open
source.
F
Yet,
but
I've
got
a
experimental
version
of
the
windows
CNI
in
a
branch
which
are
so
so
call
that
the
flannel
CNI
does
is
to
delegate
and
of
course
the
CNI
has
two
responsibilities.
One
is
the
ipam,
which
is
the
annoy,
be
addressed
allocation
and
then
just
provisioning.
The
IP
address
for
the
container
so
they're
these
two
components
that
are
in
different
repositories
and
work
differently.
So
for
Windows
we've
been
able
to
know
one
is
the
overlay
mode.
F
So
overly
and
l2
h,
@
h,
NS
terminology
we're
in
Genesis
the
host
networking
service,
the
Windows
host
networking
service
so
overly
corresponds
to
V,
X,
LAN
and
l2
bridge
corresponds
to
the
Linux
host
gateway
mode.
The
flannel
website
has,
of
course,
documentation
on
what
the
words
mean
from
the
Linux
perspective
and
the
windows
ones
are
pretty
similar,
so
there
are
few
different
PRS
out.
F
So
there
is
a
PR
out
on
flannel
for
configuring,
like
I,
said
the
local
Nordic
listening
to
events
for
the
notes,
there's
a
PR
out
on
the
host
local
I
pass
to
get
it
to
compile
and
run
on
Windows
there's
a
PR
all
for
changes
to
the
flannel
CNI
to
delegate
to
Windows
CNI.
Instead
of
you
know
the
bridge
CNI
and
the
VX
LAN
CNI,
and
they
have
got
an
experimental
window.
Cni.
F
And
just
I
guess
the
open
issues
are
are
mainly
I
think
you
guys
also
just
mentioned
integration
testing.
The
flannel
maintainer
also
want
to
know
how
and
also
of
course,
for
this
to
be
maintainable.
They
needs
to
be
some
kind
of
integration,
see
a
CDN
integration.
So
that's
an
open
issue
on
this,
so
I
ghost
into
the
demo
I've
stopped
me.
F
If
you
have
any
questions
so
my
setup
is
I,
have
kubernetes
cluster
set
up
using
cube
ADM,
so
that's
a
Linux
Ubuntu
known
over
here
right,
but
we're
not
going
to
go
to
that
or
do
anything
with
it,
because,
basically,
we
have
two
two
windows
nodes,
so
I
show
you
what's
on
the
windows
nodes
first,
so
windows
nodes.
Essentially
we
have
yeah.
F
So
these
are
the
things
that
we
have.
So
we
have
the
doc
cubed,
which
was
built
from
the
window
from
these
from
the
instructions
online.
Basically,
and
so
that's
the
Windows
version
of
the
cubelet
and
then
we've
got
flannel
from
the
branch
from
the
branch
that
I
mentioned
earlier,
so
we
bought
a
flannel
which
is
the
exe
that
configures,
the
local
node
and
unlicensed
for
the
mote.
F
Events
as
well
and
then
they've
got
you
know,
keep
CDL,
none
of
the
other
stuff
is
under
open,
feel
none
of
the
other
stuff
is
used
and
in
the
CNI
folder
we
have
again
how
another
exe,
which
is
also
called
flannel
confusingly,
but
this
is
the
flannel
CNI,
and
then
these
got
the
host
local
I
Pam
and
then
the
Vincey,
an
Ibis
is
a
private
version.
Though
windows
team
is
working
on
getting
this
open
source
and
on
in
config
we've
got
this
en
I
can
feel
so
once
you've
got
these
X.
F
Even
please
the
the
flannel
CNI,
the
host
local
CNI,
the
window
CNI,
the
cubelet,
as
well
as
just
the
flannel
demon,
once
you've
got
those
in
place,
there's
a
little
bit
of
configure
need
to
have.
So,
of
course,
you
need
to
have
the
tube
config,
so
I've
got
that
over
and
then
for
flannel.
On
the
Linux
side,
you
deploy
random,
using
a
demon
set,
and
that's
super
awesome
and
I
know
all
the
mowers
containers
everywhere
and
the
conceit
is
asking
Sigma's,
unfortunately,
$20
on
Windows
for
two
reasons.
F
One
is
because
it
doesn't
support
through
bridge
containers.
So
you
can't
actually
set
up
the
networking
from
inside
the
container
and
secondly,
it
doesn't
support
the
host
network
more
so
you
might
actually
create
the
container
until
you
have.
You
know
C&I
set
up
right,
so
what
you
have
to
do
is
you
have
to
place
this
config
manually.
So
this
is
the
flannel
conceit
which
is
very
similar
to
the
standard
Linux
panel
from
thing.
So,
of
course
we
got
this
one
for
the
X
run.
F
So
you
can
see
my
cluster
subnet
is
10
2,
4,
4,
/,
/,
16
I've,
just
called
the
network
VX
x
0
and
it's
off
type
VX
land,
which
is
corresponds
to
overlay.
I,
now
set
the
vni
to
4
0
9
6,
4
windows.
It
has
to
be
4,
0,
9
6
operator
before
Linux
written.
So
this
is
the
this
is
the
config
that
flaner
reach
and
then
there's
also
C
and
I
configure
some.
There
is
also
a
CNI
config,
which
is
over
here
and
let's
look
at
that.
That's
pretty
simple
as
well!
F
So
we
look
at
Budokan
fix
together,
so
the
one
on
the
left
is
the
flannel
configuration
and
the
one
on
the
right
is
the
CNI
constellation.
So
the
CNI
configuration
hat
is
using
the
same
name.
So
that's
what
identifies
the
network
name
but
has
to
match,
and
it's
saying
that
the
C
and
I
type
this
flannel.
F
So
it's
going
to
delegate
to
the
honest
he
and
I
and
it
stating
the
standard
C
NIH
through
the
delegate
field,
that
the
Bracken
type
is
VX
land
and
there's
an
end
point
Mac,
v6
or
so
we'll
come
to
what
the
endpoint
mark.
Prefix
is
a
little
later
or
buddy
century,
or
maybe
I
can
give
a
quick
overview
right
now.
F
So
essentially,
because
Windows
works
at
Elle
to
the
remote
max
have
to
be
fixed,
while
the
packet
is
being
sent
because
on
the
remote
host
it
works
at
the
l2
level,
unlike
networks
which
are
three
so
essentially
the
max
have
to
be
fixed,
which
is
why
we
have
to
P
create
the
max
which
is
the
head
for
democracy.
That's
just
a
little
bit
of
detail,
but
I'll
go
into
it
more
again
in
the
demo.
So
these
are
the
new
configs
that
you
have
now.
F
The
way
that
it
works
is
the
the
you
know
the
way
that
Xander
works
in
general,
when
it
is
that
you
plate
actually
runs
and
the
cubelet
actually
runs
and
talks
to
the
master
and
gets
a
subnet
for
the
node
right.
So
the
cubelet
has
to
run
first
now,
just
a
slight,
so
I'm
going
to
basically
be
running
the
cubelet
and
then
I'm
going
to
be
running
the
and
then
I'm
going
to
be
running
flannel
right,
and
so
once
the
couplet
is
run,
and
it's
got
the
subnet
for
this
node.
F
We're
final
we'll
run,
get
the
information
for
the
node
and
basically
configure
the
network
on
the
node.
Now
one
thing
which
I
have
done
is,
you
can
see
you
have
created
like
a
fake
Network.
You
can
see
here.
I've
created
is
192
Network.
The
reason
I've
done,
that
is
to
put
the
Ethernet
adapter
into
the
VX
annette
more
so
that
it's
kind
of
ready
for
other
networks
will
be
created.
F
You
know
so
I've,
given
you
know
the
windows
team
s,
feedback
to
figure
out
how
to
set
this
move
on
without
creating
any
network,
and
the
reason
this
is
done
is,
if
you
don't.
You
know,
when
you
create
the
first
network,
the
ethernet
adapter
moves
from,
or
you
know
like,
just
being
a
channel
adapter
to
being
a
virtual
Ethernet,
adapter
and
so
the
main
and
after
also
gets
cycled,
and
so
all
the
connections
and
all
that
you
have
with
tubulin
and
all
they
all
fake.
And
then
you
know
my
DHCP
someone.
F
F
F
F
So
you
can
see
here
which
created
a
bunch
of
endpoints
for
the
other
nodes.
I'll
show
you
what
that
means.
So
you
can
see
that
this.
The
name
of
this
endpoint
is
10240
1
110
and
the
ID.
My
other
node
is
actually
in
the
1
dot
or
network,
and
this
one
is
in
the
0
dot
or
network.
So
it's
set
the
network
up
and
it
set
up
the
remote
end
points
on
both
machines,
and
so
once
that
is
done,
I
think
actually
I
already
have.
F
E
F
F
Okay,
here
you
go
so
I'm
just
going
to
create
two
pods,
so
I'll
create
RS
a
pod
on
this
machine
and
a
pod
on
this
machine,
and
then
let's
look
at
what's
going
on,
so
you
can
see
that
it's
creating
container
for
both.
So
my
my
VMs
are
quite
slow,
so
it
just
takes
a
few
seconds
to
create
and
hopefully-
and
if
you
look
at
the
cube,
CTL
output,
you
can
see
that
it's
doing
stuff.
F
F
And
boutot,
so
cluster
networking
is
up
with
overlay
network
set
up
between
the
two
two
VMs.
So
that's
it.
That
was
my
demo.
It
works
it's
easy
to
set
up
fairly
easy,
not
as
easy
as
Linux
and
the
PRS
are
out.
The
host
local
I,
Pam
PRS
nearly
is,
or
is
ready
to
get
checked
in,
is
waiting
for
the
maintainer
to
approve
it
a
flannel.
The
key
open
issue
is
the
integration
testing
other
than
that
they're
breaking
it
up
into
smaller
pieces,
and
it
should
be
out.
D
F
I'm,
just
passing
yeah,
so
I'm
passing
this
prefix.
So
the
reason
I'm
passing
this
prefix
is
he
fixes
that
on
or
the
way
that
the
overlay
network
works
on
Windows?
Is
that
the
no
that
is
sending
the
packet
needs
to
know
the
destination
Mac?
So
when
I
configure
this
remote
endpoint,
so
let
me
show
you
do.
G
F
H
I
can
talk
to
it
a
little
bit
in
the
meanwhile
so
Windows.
Basically
in
holy
network,
we
don't
RF
at
all,
so
we
basically
intercept
the
ARP
and
we
try
to
resolve
the
Mac
using
control
path.
I
think
pretty
much
Linux
also
does
the
same
thing.
The
only
thing
differences
in
Windows
when
we
are
sending
in
this
nation
packet.
H
You
need
to
fix
the
destination
Mac
before
you
send
it
out
from
the
host
the
source
host
and
in
Linux
I
think
they
fix
it
in
the
destination
host
before
giving
it
to
the
container,
but
in
Windows
you
have
to
do
it
on
the
host.
So
a
you
have
to
list
all
the
remote
endpoints
that
you
have
on
the
cluster
to
the
source
guy
so
that
it
can
fix
the
Mac
and
send
it.
H
So
that
is
the
reason
why
the
remote
endpoints
has
to
be
done,
so
the
orchestrator
usually
or
like
talker
or
anybody
who
is
doing
only
should
be
able
to
know
where
there's
remote,
endpoint
and
directly,
they
put
the
remote
in
point,
but
in
flannel
I
think
they
don't
have
that
flexibility.
So
what
Rakesh
has
done
is
he's.
H
Basically,
giving
a
prefix
and
saying
here
is
this:
subnet
here
is
a
prefix
and
I'm
gonna
allocate
this
Mac
for
in
a
round-robin
mechanism,
so
go
ahead
and
put
that
all
the
remote
in
for
all
possible
to
more
endpoints
at
the
beginning,
so
that
when
the
packet
is
trying
to
send
from
the
source
flow
state,
basically
queries
the
control
path
and
say
asks
who's.
This
IP
and
then
the
back
is
given,
and
then
we
put
the
Mac
and
sent
the
packet
up
so.
F
You
can
see
you
highlighted
this
remote
end
point
which
is
configured
and
you
can
see
that
it's
got
a
MAC
address
which
is
oae
to
a
and
followed
by.
Actually
the
IP
address
bits,
and
so
this
is
the
IP
address
that
we
pinged
from
this
machine.
So
essentially,
like
then
I
said
it
needs
through
the
MAC
address
in
order
to
send
the
packet
there.
Two
ways
in
which
you
can
do
this.
F
You
can
either
learn
the
MAC
address
when
the
container
is
created,
but
then
every
time
a
container
is
created,
all
the
other
nodes
would
have
like
provision
of
the
more
10.4
that
container.
You
can
try
to
provision
this
when
the
node
is
created,
which
is
what
I'm
doing,
but
then
you
have
to
create
it
for
all
possible
IPs
right,
which
is
why
you
can
see
on
this
notepad.
D
A
E
I
A
A
E
I
There
may
be
a
little
bit
more
to
adding
it
to
an
existing
cluster
because
it
does
the
bootstrapping
well
they've,
moved
it
to
the
queue
it
now.
So
that
may
be
possible.
I'm,
not
sure
I've
been
used,
I've
been
testing
with
the
cube,
ATM
creative
question
and
then
I
just
need
some
config
Maps
for
secrecy.
Oh
so.