►
From YouTube: SIG - Storage 2023-06-19
Description
Meeting Notes:
https://docs.google.com/document/d/1mqJMjzT1biCpImEvi76DCMZxv-DwxGYLiPRLcR6CWpE/edit#
A
Right,
I
guess
we
won't
have
a
huge
Forum
today,
but.
A
A
A
Okay,
so
this
is
like
an
old
override
we
had
and
apparently
it
only
supports,
host,
assisted
clones
or
snapshot
clones,
so
that
needs
to
be
fixed.
A
A
A
A
A
B
A
A
I
guess
we
have
this
one
here.
A
A
Right
so
this
is
about
somebody
trying
to
use
generate
name
for
the
data
volume,
but
that
is
at
least
with
clones.
That's
impossible
to
secure
with
our
current
approach,
where
we
provide
tokens
for
for
cloning
from
a
certain
PVC.
A
A
It
will
leave
some
kind
of
vulnerability
or
forget
the
exact
wording
for
for
these.
C
I,
don't
know
like
I
see
that
you
opened
a
PR
and
I
mentioned
this
issue
in
that
PR
and
I
propose
to
add
a
test
case
to
test
this.
So
I
honestly
think
that
that's
the
best
thing
we
can
do
right
now
just
to
have
a
test
to
cover
this.
C
Yeah
I
would
say
so.
Maybe
let
Michael
add
something
here,
since
he
knows
more
about
the
security
implications
of
this.
A
A
A
A
Oh
and
there's
one
more
thing
here,
a
couple
of
meetings
ago
Michael
was
saying
that
we
started
using
the
read
ahead
filter
that
may
be
a
little
dangerous,
specifically
in
this
case
since
it'll
end
up
providing
to
scratch
container
memory
or
something
like
that,
and
that
that
is.
That
may
be
why
we
get
the
disk
pressure
condition.
I.
D
A
D
So
yeah
I'm,
actually
we
did
fix
it.
D
In
MBD
kit,
but
there's
no
there's
no
bugs
so
we
can't
I
mean
we
need
a.
We
need
a
bug
file
before
we
can
backboard
it
to
rail.
If
you,
if
you
want
the
fixing
rail.
A
D
It's
not
in
any
just
copy
the
cover
the
link.
First
of
all,
so
that's
the
Upstream
commit,
so
it
is
up.
The
fix
is
Upstream,
but
I
believe
that
that's
like
only
in
the
development
version
at
the
moment,
if
that
it
might
not
even
be
in
that
Okay.
So
that
means
it
will
get
into
rail,
oh,
like
9.4,
or
something
if
we're
lucky.
D
A
Yeah
I'm
a
little
hesitant
to
just
start
pulling
it
into
released
versions.
That's
because
it
was
only
an
S3
problem
and
I
think
we
don't
advertise
the
S3
source
Downstream.
We
just
kind
of
had
a
Community
member
contribute
this,
but
I
can't
remember
exactly
why,
but
we
don't
advertise
this
too
much
I
mean
it's
documented,
Upstream
yeah.
D
So
S3
servers
that
should
have
traditionally
been
a
bit
weird
and
they
they
used
not
to
be
able
to
support
range
requests,
which
meant
that
basically,
they
just
wouldn't
work
at
all,
but
actually
Amazon
have
added
support
for
range
requests
fairly
recently,
so,
but
nevertheless
I
mean
you're
right.
If
you
just
do
nothing,
then
it
will
eventually
go
upstream
and
it'll.
You
know
it'll
be
in
the
Upstream
version
and
you'll
get
it
that
way.
It's
just.
If
you
want
to
fix
it
in
Rel
that
don't
worry
about
it.
B
A
By
the
way,
Upstream
we
do
the
Centos
stream
nine.
Would
that
also
get
this
commit
in.
D
A
And
let's
give
the
this
person
here
a
chance
to
reply
before
we
start
complicating
this
with
the
bugs
and
backboards.
A
A
A
A
Basically,
you
read
write:
one
spot
is
means
that
you
can
mount
a
volume.
A
volume
can
only
be
mounted
by
one
pod
as
opposed
to
read.
Write
ones,
which
is
a
port,
could
be
a
PVC
could
be
mounted
by
the
same
node
multiple
times,
but
now
they
came
up
with
this.
Stricter
version,
which
is
PVC,
can
be
mounted
by
a
single
pod.
It
may
may
work
good
with.
A
A
A
B
Think
as
far
as
I
remember,
it
was
not
supported
in
kubernetes
125,
maybe
later,
but
even
if
you
try
to
just
create
a
PVC
with
this
access
mode,
the
kubernetes
will
reject
it.
125,
maybe
later
yeah.
D
A
Okay,
so
this
is
about
following
the
write,
a
framework,
observability
practices,
Prometheus
practices
and
renaming
this
metric,
which
I,
don't
think,
is
being
used
or
advertised.
It's
just
like
an
internal
thing.
A
But
yeah,
if
somebody
wants
to
use
it,
I
think
we
use
it
to
just
report,
progress
for
host
assisted
clones
and
that's
about
it.
Nobody
should
know
about
it.
Otherwise,
but
yeah.
That's
what
this
issue
is
about
and
it's
well
groomed,
there's
a
jira
card,
so
I
don't
think.
There's
anything
to
do
here.
A
A
And
he's
being
tagged
here
so
I'm
not
going
to
bug
him
I'm,
pretty
sure
he
he
introduced
fix
for
this
by
doing
the
static
provisioning
thingy
for
for
backup
and
restore
vendors.
B
So
created
the
way
to
use
this
PV.
Oh
it's
for
it's
not
for
clones,
for
airport,
right
or.
B
B
That
can
be
used
here,
but
anymore.
B
A
B
B
B
B
A
Yeah,
let's
see
if
the,
if
this
is
working
for
them,
if
not
and
keep
going.
A
And
let's
see
yeah
we
had
Michael
asked
if
nginx
had
request,
buffering,
enabled.
A
And
we
talked
about
this
I
believe
or
did
did
we
Michael
stack?
This
guy
is
basically
asking
for
making
one
of
the
search.
That's
not
configurable,
not
rotatable
they're,
asking
it
to
be
rotatable,
so
I
guess
we
can
weigh
that
suggestion.
I
think
they
have
the
right
direction,
but
I
will
hold
off
and
let
Michael
bless
them
with
a
green
light.
A
A
Right
then
I
guess
we
will
end
here
and
thanks
for
helping
groom
the
issues
and
see
you
in
two
weeks.