►
From YouTube: Kubernetes SIG-Windows 20210824
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
Hello,
everybody
and
welcome
to
the
august
24th
iteration
of
the
sig
windows
community
meeting
for
kubernetes.
As
always,
these
meetings
are
recorded
and
uploaded
to
youtube
so
be
sure
to
adhere
by
the
cncf
code
of
conduct.
Let's
jump
into
some
announcements
for
today.
First
announcement
is
that
kubecon,
north
america
registration
has
been
open
for
a
little
bit.
There's
a
couple
of
details
here:
it's
still
planned
to
be
a
hybrid
event.
So,
even
if
you
don't
plan
on
attending
virtually
or
in
person,
you
can
attend
virtually
here.
A
There's
a
lot
more
details
about
how
all
the
safety
precautions
that
they're
taking
for
the
in-person
event.
If
that
still
happens
on
the
page
too,
I'm
being
very
cautious
about
that.
So
I
encourage
everybody
to
kind
of
take
a
look
and
see
if
you
can
fit
in
either
the
in-person
or
virtual
option
into
your
schedule.
A
There's
a
couple
of
sig
windows
talks
for
doing
the
maintainer
talk
and
the
two
topics
that
we're
going
to
cover
are
the
host
process,
containers
that
we've
been
doing,
and
then
the
sig
windows,
dev
environment,
that
jay's
and
other
folks
have
been
working
very
hard
on,
and
then
I
haven't
looked
taking
a
look
at
the
full
agenda,
but
there
is
a
talk
about
how
service
meshes
work
on
on
windows.
That
might
be
interesting
to
folks
too,
and
there's
a
lot
of
other
interesting
there's,
always
a
lot
of
other
interesting
talks
going
on.
A
So
take
a
look
at
that
next
announcement
is
the
123
release.
Schedule
is
up,
I
believe
they
finalized
this
yesterday
or
are
saying
that
the
start
of
the
release
is
today
or
is
yesterday
important
deadlines
that
are
coming
up.
Our
enhancement
freeze
is
september
9th,
which
is
in
a
little
over
two
weeks.
So,
if
you're
working
on
an
enhancement,
I
encourage
you
to
kind
of
work
towards
getting
that
cap
or
that
enhancement
approved.
Another
interesting
different
differentiation.
This
time
around
is
that
they
are
the
enhanced.
A
The
production
readiness
team
is
wanting
to
have
a
soft
freeze
on
september,
2nd
there
that's
a
group
of
four.
I
believe
four
individuals
now
who
are
reviewing
pretty
much
all
of
the
kepts
for
production
readiness
criteria,
so
there's
limited
bandwidth
there
so
the
earlier
that
this
gets
on
the
production,
readiness
reviews
team's
radars,
the
better,
if
anybody's,
having
trouble
getting
review
traction
from
this,
please
let
me
or
any
of
the
other
needs
leads
know
and
we'll
work
towards
getting
that
sorted
out.
A
I
see
that
jay
added
an
announcement
saying
that
calco
is
not
working
in
the
windows
dev
environment.
That
is
good
news.
I
think
we
can
definitely
get
we
could.
We
should
showcase
that
sometime
and
yeah
jay
we
should
plan
on
doing
another
demo
of
the
sig
windows
tools
stuff
at
the
community.
Meeting
coming
up
too
sometime
doesn't
have
to
be
today,
but
I
think
there's
been
a
lot
of
great
progress
made
there.
A
A
Now
we
can
go
into
some
of
the
discussions
around
caps
coming
up,
which
I
will
do
I'll
talk
about
the
host
process.
Containers
first,
since
I
think
that's
going
to
be
a
shorter
discussion
here
or
update
here,
there's
a
draft
pr
to
open
this
up
or
to
push
this
to
beta
in
123..
A
As
I
think
I've
mentioned
on
the
previous
community,
calls
that
I
think
most
of
the
work
in
the
host
process.
Containers
is
still
going
to
be
in
outside
of
kubernetes
components
now,
but
we
would
like
to
try
and
progress
this
to
beta
to
get
more
to
make
it
easier
for
users
to
enable
and
give
us
feedback
on
and
then
we'll
see
what
that,
how
that's
happening
or
how
that
works
out
later.
A
A
Ravi,
unfortunately
isn't
able
to
attend
today
so,
but
I
think
that's
important
enough
that
we'll
cover
this
anyway,
so
ravi
set
up
a
meeting
on
yesterday
morning
with
a
bunch
of
different
stakeholders.
Here,
there's
representation
from
signo
sigoth,
sig
windows
and
api
server,
folks
and
a
whole
bunch
of
other
folks
to
discuss
kind
of
to
settle
on
a
method
for
how
to
identify
windows
pods,
at
least
in
terms
of
how
policy
and
some
of
the
admission
controllers
will
act
on
for
windows
pods.
A
A
So
we've
talked
about
this
a
number
of
times
in
the
segment
of
community
meetings
before
and
I
think
we
were
kind
of
going
back
and
forth
between
using
label
labels
like
the
labels
and
the
os
node
selector
and
runtime
classes.
A
So
one
thing
that
kind
of
came
out
of
this
is
that
derek
carr
from
signode
was
pretty
adamant
that,
in
that,
at
least
for
the
foreseeable
future,
that
pods
in
kubernetes
will
all
run
containers
of
the
same
operating
system.
A
So
the
os
field
on
the
podspec
will
reflect
that
operating
system,
and
there
was
a
kind
of
a
number
of
reasons
why
that
decision
was
made,
but
the
biggest
one
is
that
there's
just
so
many
unknowns
about
how
mixed
containers
in
the
same
pod
would
work,
and
without
kind
of
going
to
that
now
there
were
so
many
unknown
questions
that
I
think
everybody
agreed
that
keeping
the
pod
as
a
single
representing
the
containers
from
a
single
os.
A
A
A
number
of
different
people
saying
hey
like
I
set
the
os
field
and
the
pod
spec,
and
I'm
seeing
this
strange
behavior,
because
this
one,
this
these
components
in
kubernetes
or
these
kind
of
subprojects
aren't
looking
at
this.
Yet.
So
how
do
we
like
just
some
fallout
from
that?
So
it
might
be
a
couple
releases
until
all
of
the
different
kubernetes
components
and
everything
are
kind
of
using
the
same
os
pod
spec,
or
they
always
feel
them
the
pods
back
to
identify
the
pods.
A
That's
probably
all
I'm
going
to
say
on
this
right
now,
but
I
definitely
want
to
open
this
up
for
another
set
of
discussion
or
like
right
now.
I
won't
go
too
much
more
into
the
details
of
what
was
discussed
at
that
meeting,
because
people
can
kind
of
review
all
the
updates
in
the
cap.
C
Yeah
mark
my
biggest
concern,
as
I
was
listening
to
that
meeting
yesterday,
was
that
it's
exactly
what
you
said.
I
think
folks,
once
they
see
this
field
they're
going
to
set
the
field
and
not
set
the
note
selector
or
anything
else,
and
then
wonder
why
they're
part
and
land
correctly,
so
something
for
us
to
watch
out
for
or
make
sure
that
we
clearly
call
this
out
in
our
in
the
dark.
C
But
the
other
thing
I
was
thinking
about
is
the
reason
we
reach
this
wanting
to
have
a
way
to
identify.
Pods
was
because
of
some
work
that
was
happening
in
psp
land
and
that
was
going
to
break
windows
if
they
don't
take
windows
into
account
now.
But
we
forgot
to
discuss
that.
I
feel
in
the
meeting.
So
is
this
all
going
to
line
up
or
is
there
going
to
be
a
window
where
we
might
kind
of
like
windows?
Pods
might
get
a
little
screwed.
A
No,
I
I
think
that
that
is
all
going
to
line
up
so
jordan
liggett,
who
was
on
the
call
yesterday
was
he
is
one
of
the
the
main
kind
of
people
driving
that
new
pod
security
admission
stuff
forward.
A
So
he's
and
he's
been
working
very
closely
with
ravi
on
getting
on
making
sure
that
this
cap
specifically
addresses
all
of
those
concerns.
A
So
what
arvind
was
mentioning
was
there
in
122
a
new
or
the
replacement
for
pod
security
policy,
went
into
an
alpha
state
and
I
believe
the
name
for
that
is
just
the
pod
security
admission.
So
that's
a
new
built-in
setup
like
admission
controller
that
can
be
enabled
that
will
enforce
policies
for
pods
coming
in
the,
especially
with
the
host
process.
Containers
and
just
as
windows
containers
have
been
involved,
there's
more
and
more
kind
of
differences
in
how
policy
needs
to
be
enforced
for
windows
and
linux
containers
and
the
alpha
implementation
of
that
pod
security.
A
Admission
kind
of
hunted
trying
to
figure
that
out.
So
the
ask
from
the
folks
who
were
driving,
that
was,
that
sig
windows
work
with
signod
and
all
the
other
stakeholders
to
figure
out
how
to
solve
that
problem,
how
to
identify
windows,
pods,
that's
where
this
kept
was
born,
or
that
was
one
of
the
motivating
factors
for
creating
this
cup,
and
so
yes,
this.
This
does
help.
A
That
os
field
is
specifically
to
have
policies
and
different
admission
components
in
the
api
server
be
able
to
identify
if
the
pod
is
for
windows
or
not,
and
you
know,
do
whatever
checks
it
needs
and
then
block
admission
of
the
pod
to
the
cluster.
A
The
default
will
be
an
undefined
value,
and
that
would
be
to
support
like
backwards
compatibility
for
prospects
and
across
you
know,
deployments
for
the
for
prospects
that
are
targeting
clusters
older
than
whenever
this
lands,
which
is
hopefully
at
123..
A
The
default
to
linux,
which
I
think
is
the
right
move,
because
otherwise
everybody
would
need
to
update
their
podspec
immediately
to
be
able
to
deploy
into
a
123
124
cluster,
because
there
is
no
default
value.
The
scheduler
can
be
maybe
influenced
by
this,
but
should
not
you
take
this
as
authoritative.
A
So
this
the
so
that's
kind
of
where
the
that
stands
for
the
defaulting
and
if
the
scheduler's
not
taking
this
pod
spec
field
into
consideration
it,
you
can
really
assume
that
most
of
the
other
components
in
kubernetes
are
not
going
to
as
well.
A
Yes,
that
is
kind
of
being.
I
don't
think
that
there's
any
plans
to
make
it
be
to
default
it,
there
may
be
plans
to
make
it
be
required
in
the
future.
So
at
some
version
of
kubernetes
there
they'll,
like
one
of
the
checks
to
admit
the
pod
will
be.
Is
this
field
set
just
like
you
know,
metadata
like
the
pod
name
and
a
couple
of
other
fields.
D
A
A
Yep,
I
think
that
ravi
is
still
making
a
couple
of
last
final
updates
to
the
cap,
but
anybody
who's
interested,
please
take
a
look.
This
is
going
to
be
big
and
potentially
destabilizing
for
a
very
short
time.
A
A
So
most
clusters
won't
see
an
impact
here
when
that
goes
when
the
pod
security
mission
features
go
to
beta
until
they
actually
start
using
it,
then
at
that
case,
or
at
that
point,
then
they
should
have
a
good
understanding
if
all
of
these
components
work
and
be
able
to
kind
of
turn
that
out
without
having
any
issues.
A
James,
you
were
in
that
discussion
too.
Is
there
anything
else
that
you
think
was
discussed?
That
would
be
worth
noting
here.
E
I
think
you
covered
very
well.
I
the
one
thing
it
like
once
we
add
a
new
field,
then
we
can
start
to.
You
know
begin
to
reject
things
at
the
mission
time
based
on
whether
or
not
it's
windows
or
linux,
there's
a
lot
of
things
that
are
in
the
security
context
that
are
specific
to
either
one,
and
some
of
them
are
overlapping,
and
I
think
that
that's
something
that
is
probably
won't
happen
in
the
first
round
of
this,
but
it
is
probably
a
good
value.
A
Okay,
I
added
this
agenda
item.
There
is
a
discussion
going
on
right
now
in
the
community
about
what
the
optimal
length
for
code
freeze
should
or
for
the
coding
duration
should
be
that
I
encourage
everybody
to
chime
in
on
if
they're
they're
interested
in
this.
So
I
believe
that
the
current
that
the
123
milestone
has
a
four-week
gap
between
enhancement
and
code
freeze,
and
there
are
a
lot
of
folks
who
are
saying
that
that's
usually
generally
not
enough
time.
A
Two
of
like
four
weeks,
is
a
pretty
short
coding
milestone
for
a
three
for
a
four
month
development
cycle.
A
People
would
argue
that
development
and
coding
can
actually
happen
before
then
and
is
encouraged
to
do
so
for
for
prototypes
and
kind
of
other
exploratory
work,
and
that
four
weeks
is
really
for.
You
know
getting
high
quality
reviews
and
integration.
D
Yep,
it
may
be
helpful
for
others
and
probably
me
forgetting
what
code
freeze
are
we
talking
about.
So
what
is
this
code
freeze?
This.
A
A
So
if
we
look
at
the
schedule
here,
enhancement
freeze
is
september
9th
and
then
did
they
not
list.
A
Which
seems
like
it's
more
than
four
weeks
looks
like
yeah
that's
more
than
four
weeks.
So
I'm
not
sure
where
that
four
weeks
came
from.
D
A
E
A
Weeks
until
the
release-
oh
okay,
I
read
that
it's
about
december
7th.
Okay,
so
I
guess
this
is
yeah.
All
of
the
different
dates
are
kind
of
being
discussed
in
there,
but
yeah.
It's
basically
like
where
should
code
freeze
be
for
any
given
release?
Should
it
be
earlier
in
the
release
to
give
more
time
for
stabilization,
and
you
know
test
freeze,
or
should
it
be
later
on
the
release
to
give
more
time
to
get
implementation
prs
or
just
other
pr's
merged?
What's
kind
of
the
sweet
spot
to
make
everybody
happy
with
that?
A
So
some
of
the
discussions
in
there
or
that
were
discussed
in
conversations
that
led
up
to
that
issue
being
created,
were
that
in
previously
releases
having
code
freeze
very
near
the
end
of
the
release,
didn't
actually
help
kind
of
spread
out
the
the
load
of
reviews,
and
they
still
saw
all
of
like
a
majority
of
the
code,
prs
land
very
close
to
the
code
freeze.
A
So
some
folks
are
saying,
because
there's
kind
of
a
history
of
that
happening,
we
should
have
code
freeze,
be
earlier
to
give
more
time
for
stabilization
because
folks
tend
to
you
know,
work
just
near
the
do
most
of
the
work
near
the
deadlines,
if
you're
interested
in
that
or
if
you've
been
impacted
by
kind
of
having
prs
slip
because
of
either
not
getting
review
bandwidth
or
the
code
freeze
period.
Being
the
the
coding
code
freeze
being
too
early
in
a
milestone,
feel
free
to
comment
on
that
issue.
A
Right,
that's
all
I
see
on
the
agenda
today.
Does
anybody
have
anything
else
they'd
like
to
talk
about?
Should
we
go
into
the
pairing
session
a
bit
early
I'll
leave
it
up
to
you
guys.
B
Well,
I
just
wanted
to
say
thanks
to
everyone
for
doing
the
work
on
the
windows
pod
admission
stuff.
I
haven't
been
like
participating
in
that,
but
it's
super
important
because
I
just
I
hit
a
bug
every
day
this
today
I
hit
a
csi
bug
and
I
was
like
well
what's
the
right
way
to
do
this,
we've
got
taints
and
we've
got
to
change
the
way
we
do,
and
so
it's
like
I,
I
really
would
I'm
really
excited
to
see
something.
A
Yeah
next
time,
ravi
is
on
the
call.
I
want
to
give
him
a
huge
thank
you
for
driving.
This
he's
been
kind
of
having
a
lot
of
conversations
both
in
the
cup
and
offline
with
folks,
and
this
is
a
very
kind
of
cross-cutting
feature
enhancement
that
which,
and
sometimes
it's
difficult
to
get
consensus
across
so
many
different
cigs,
so
he's
been
putting
a
lot
of
very
important
work
into
this.
A
B
Well,
thanks,
let's
see
who's
here
I
don't
see.
Let's
see,
I
see
oh
actually,
a
few
people,
I
see
a
meme
and
friedrich,
both
they're,
probably
sticking
around.
Let's
see
who
else
decides
to
stick
around
claudio,
let's
see
if
we
get
claudio
today,
yeah
I'm
going
to
seek
destiny
meeting
today.
So
oh
he's
leaving
us
I'm
going.