►
From YouTube: APAC Hybrid Cloud Kopi Hour (E5) | Managing Kubernetes Clusters in a Hybrid and Multi-Cloud World.
Description
Red Hat Advanced Cluster Management (ACM) is a unified platform for managing Kubernetes clusters across multiple clouds and on-premises environments. ACM provides a wide range of features for managing clusters, including policy-based governance, centralized monitoring and observability, automated operations, and self-service provisioning.
Join us for a deep dive (with demos!) into the power of multi-cluster management from some of Red Hat ANZ’s best: Wayne Dovey, Simon Delord, and James Blair!
00:00 Stream begins ...
03:04 Guest intros
06:20 Hybrid cloud statistics and conversation
15:24 Simon presents an ACM Overview!
31:49 Wayne demos ACM and Ansible!
52:20 James demos Submariner!
A
A
Hello,
hello,
hello
and
welcome
to
the
latest
fifth
episode
of
the
APAC
hybrid
Cloud
copy
hour.
I
am
so
excited
to
be
back
with
our
show.
I
wanted
to
again
just
remind
everyone
of
the
link
to
the
playlist
where
we've
got
previous
shows
and
as
I
always
do
remind
you
why
we
call
this
the
Kopi
hour.
Kopi
is
a
traditional
coffee
beverage
that
you
find
in
Southeast
Asia.
A
It
is
delicious
I
have
my
official
Kopi
cup
that
is
Nescafe
in
there,
but
that's
okay,
because
I
am
not
in
Singapore,
so
I
do
that
and
the
other
exciting
thing
I
want
to
kind
of
call
out
is
today
starts
and
kicks
off
the
FIFA
Women's
World
Cup,
so
for
our
participants
today,
who
are
all
located
across
Australia
and
New.
Zealand
is
kind
of
exciting.
We've
got
games
in
Sydney
and
in
Auckland
and
a
few
other
places
I
think
Wellington
has
them
too.
So
that's
super
exciting.
Now.
A
B
B
Very
excited
to
be
joined
by
some
of
our
esteemed
colleagues
interesting
talk
today,
we
are
all
going
to
be
diving
into
you,
know:
managing
kubernetes
deployments
at
scale,
and
these
colleagues
of
ours
they'll
talk
to
a
lot
of
our
customers
and
hear
about
all
the
challenges
our
customers
face
and
present
to
them.
You
know
some
sort
of
Simplicity
in
all
the
management
and
things
and
how
they
go
so
really
excited
to
be
part
of
this.
One
yeah.
A
That's
a
great
introduction
and
that's
what
I
love
about
the
show
is
that
we're
able
to
bring
in
these
these.
You
know,
colleagues
of
ours
who
are
are
working
directly
with
customers,
so
you
know
are
seeing
it
directly
as
it's
happening.
So
let's
actually
introduce
everyone.
We
could
say
a
quick
hello,
I'm
going
to
go
alphabetically
by
last
name,
so
I
think
I've
got
this
right.
So
first
up
is
James.
Blair
he's
a
specialist
solution
architect
here
at
Red,
Hat
based
in
New,
Zealand,
say
hi
James,
good.
A
E
Guys
yeah
great
to
be
here
and
of
course,
you
know
also
such
a
topical
subject
that
we're
approaching
today
I
think
a
lot
of
the
customers
we
deal
with
have
so
many
challenges
with
not
only
new
tech
but
just
sort
of
figuring
out
the
landscape,
so
hopefully
with
redx
help.
We
we
help
to
simplify
this
and
sort
of
have
a
real
good
picture
and
you
know
get
away
from
the
buzzwords
and
actually
show
this
off.
E
I
myself
have
been
with
red
hat
for
eight
years,
so
it's
been
quite
a
journey
and
if
I
think
back
August
and
we
originally
chatted
at
Red
Hats-
and
we
were
talking
about
openstack
now
the
funny
world
is,
we
all
do
things
on
openshift,
but
kubernetes
seems
to
be
the
flavor
of
the
day,
even
though
openstack
is
still
pretty
good
and
used.
Well,
you
know
by
a
few
customers,
I
think
things
have
changed.
You
know
it's
evolved.
A
E
Questions
and
ironically,
I
didn't
work
much
on
openstack
anyway,
so
it's
a
funny
word
but
I
mean
I
was
part
of
the
first
sort
of
team
to
do
implementation
of
openshift
version
three.
If
people
know
that
version
and
of
course
yeah
there
was
version
3.001,
it
might
have
been
the
first
cut
that
I
actually
deployed
at
a
customer
for
a
proof
of
concept.
Interesting
yeah,.
A
Well,
and
that's
the
thing
so,
we've
got
people
here
who
have
are
have
their
hands
on
the
technology.
Who
can
show
us
the
technology,
but
I
want
to
start
by
something
I
like
to
do
is
I
like
to
dive
into
these
various
surveys
that
they
take
of
the
industry
and
so
flexera
released
the
2023
state
of
the
cloud
report,
so
I'm
digging
through
it
and
I
find
the
the
easier
one
to
look
at
is
the
the
number
of
companies
that
use
multiple
public
clouds
right.
A
So
we
have
quite
a
lot
using
multiple
public
clouds,
16
as
well
go
on
a
single
Cloud,
so
now
I
find
that
really
interesting
and
I
thought.
So,
if
they're,
using
multiple
public
and
private
clouds
and
and
they're
trying
to
manage
these
things.
That's
what
got
me
thinking
about
this
show
and,
of
course,
I
work
at
red
hat
and
I'm
aware
of
our
Technologies
I
thought.
So
how
do
customers
and
how
does
the
world
perceive
using
this
stuff?
So
the
next
thing
I
decided
to
do
was
well.
A
Obviously
is
I
asked
Bard
right,
I
said:
I
didn't
go
with
chat
GPT,
because
I'm
I'm,
a
little
alternative
here,
I
went
for
Bard
and
I
asked
the
question:
how
many
companies
use
multiple
clouds
right,
I
want
to
tap
into
the
AI
zeitge
guys
and
what
I
love
about
the
response
here?
I,
don't
know
it's
a
glorified
search
engine
or
there's
something
happening
here,
but
what
I
love
about
the
response
here
is
that
the
common
reasons
are
performance,
cost
flexibility
and
security,
and
the
challenges
are
basically
complexity,
cost
and
security.
A
So
I
I
found
that
funny,
because
the
reasons
are
the
same
right,
so
it's
kind
of
like
I'm.
What
does
that?
What
that
must
do
for
people
when
they're
sitting
down
going
this?
This
is
this
is
complicated.
How
am
I
going
to
handle
this?
So
then
I
decided
to
look
at
one
more
interesting
statistic:
I
dug
deeper
into
the
survey
and-
and
they
had
a
thing
about
like
what
what
services
are
growing
and
becoming.
You
know,
challenges
for
Enterprises
everything
is
going
down
which
I'm
really
happy
to
hear
right.
A
So
the
message
is
getting
out
there.
Hybrid
cloud
is
happening,
but
one
thing
went
up:
managing
multi-cloud,
it
went
up
from
72
to
80
percent,
so
organizations
are
having
to
deal
with
all
this
they're
embracing
all
this
and
it's
becoming
a
challenge
for
them
and
I
found
that
really
interesting.
It
got
me
wondering
and,
and
I
was
thrilled
to
think
I.
Have
this
group
of
people
to
tell
me
about
this?
Is
you
know
how
are
customers
dealing
with
that?
They,
they
they're,
embracing
multiple
clouds,
they're
embracing
hybrid
they're,
embracing
multi
Cloud.
A
So
how
are
they
doing
it?
And
that's
you
know,
that's
where
we
that's
that's
where
we
get
that
we.
This
is
a
complex
landscape.
So
how
do
our
customers
navigate?
Something
like
this,
and
you
are
the
group
to
tell
me
and
show
me
how
that
happens,
and
we
have
some
prepare
content.
But
if
you
know
you
guys
are
hitting
this
each
day
and
I'm
just
curious
what
what
comes
top
to
mind
when
you
walk
in-
and
you
say
to
the
customer
I
know
you
want
to
use
15
different
clouds
or
whatever.
E
I
think
from
from
our
point
of
view,
it's
a
little
bit
of
a
conundrum,
because
it's
such
a
landscape
of
choice
for
customers-
and
you
know
you
look
at
the
cncf
landscape.
For
instance,
it's
like
oh
wow,
you
know
kind
of
trying
to
disseminate.
What's
supported,
what's
stable,
what's
what's
what's
the
options
I
mean
I
was
I?
E
Was
this
admin
in
the
UK
and
I
was
dealing
with
like
large-scale
environments,
and
the
challenge
for
me
was
trying
to
figure
out
how
to
solve
this
problem
in
the
easiest
way
and
get
it
supported,
as
well
as
making
sure
I've
got
skilled
people
to
support
me.
So
exactly
the
same
challenges
exist
now,
I
think
we're
just
doing
things
a
little
bit
smarter
and
a
little
bit
more
laser
focused.
So
having
vendors
like
red
hat,
who
you
know
deal
with
these
things,
I
think
that's
the
biggest
reason
I
get
called
to
talk
to
customers.
E
F
D
That's
right,
if
I
can
jump
in
on
this
one
and
see
what's
interesting,
is
I
find
very
different
type
of
angles:
I
work
with
lots
of
different
customers
with
the
government
sector,
the
mining
sector,
the
financial
sector
so
Banks
and
insurances
the
Telco
as
well.
Right
then
drivers
for
some
of
them,
maybe
not
drivers
for
the
others.
I've
got
customers
that
actually
are
all
in
Cloud
one
to
bring
stuff
back
in
on-prem,
because
it's
too
expensive
or
they
find
there's
some
security
Bridge
somewhere
that
are
sovereign
key
problems.
D
I've
got
customers
that
the
only
one
thing
they
have
is
to
move
anything
away
from
the
on-prem
data
center
to
the
cloud
environment
and
then,
after
that,
they
look
at
the
typically
the
business
continuity
type
of
solutions.
For
that.
That's
where
the
multi-cloud
sometimes
comes
in
right,
so
there's
different
angles
and
then
asking
the
main
problem
for
that
is
really
around
the
visibility,
the
technology
to
do
to
do
that.
D
If
you
want
as
smoothly
as
possible
and
compliance
the
compliance
component
of
sadosing
in
terms
of
governance,
how
do
I
make
sure
that
what
I
deploy
complies
with
my
access
controls?
My
regulation
that
I
don't
deploy
the
wrong
payload
in
the
wrong
environment.
Those
type
of
things
right.
These
are
typical.
The
problem
I
see
engineering
with
customers,
yeah.
C
One
very
quick
thought
I
mean
the
bottom
line.
I
kind
of
see
is
kubernetes.
Adoption
just
seems
to
inevitably
mean
multi-cluster
for
anyone.
That's
going
that
direction
and
if
you're,
if
you're
in
that
world,
it
seems
to
be
a
constant
state
of
flux,
whether
it's
new
clusters
needed
to
come
up
and
it's
a
life
cycle
challenge,
whether
it's
a
migration
from
A
to
B
and
it's
and
it's
a
connection
connectivity
challenge,
it's
just
inevitable.
C
E
But
also
I
mean
one
one
observation
I'd
like
to
put
put
forward
is
that
you
know:
we've
seem
to
be
moving
away
from
this
big
massive
kubernetes
openshift
clusters
to
these
sort
of
sort
of
more
kind
of
smaller
clusters,
and
that's
obviously
fueled
this
desire
to
have
a
management
control
plan
for
these
clusters.
So
that's
also
changed
the
way
that
people
work
with
things
and
I
mean.
E
For
me,
the
the
biggest
sort
of
discovery
of
over
the
last
couple
of
years
has
been
the
get
Ops
pattern
that
we're
adopting,
and
for
me,
that
kind
of
brings
in
consistency
and,
of
course,
you
know
we're.
We
can
show
a
little
bit
of
that
today
of
what
that
means.
I
know:
there's
a
lot
of
stuff
going
on
with
get
Ops
I
feel
it's
I.
A
I'm
yeah
and
I
will
I
do
want
to
see
more
I'm
curious
when
you
say
that
you
talk
about
the
move,
is
towards
smaller
clusters.
Is
that
coming
out
of
a
a
need
for
security
to
have
stricter
or
multi-tenancy
like
to
try
to
keep
our
customers
deploying
things
in
different
spaces
like
that,
or
it's
just
purely
around
management
that,
having
all
you
know,
a
large
cluster
isn't
isn't
smart.
E
E
Which
path
do
you
take?
Do
you
give
you
know
the
team
their
own
cluster
as
soon
as
they
stop
the
technology
starts
becoming
a
little
bit
easier,
consistent
and
cheaper.
Then
you
know,
of
course
the
you
know.
One
cluster
per
team
makes
sense,
so
we're
getting
there
I
think,
there's
stuff!
That's
coming
in.
E
C
At
the
at
the
other
end
of
the
spectrum
is
the
The
Edge
side
of
thing
as
well,
like
kubernetes,
is
our
operating
system
for
for
everything
we
do
these
days,
and
people
are
getting
so
familiar
with
that
tooling
and
with
that
approach
that
they
just
want
to
take
it
further
and
further
out
into
into
new
domains
and
that's
how
it
proliferates
out
to
the
edge-
and
you
know
why
can't
we
have
tiny
clusters
that
are
super
efficient.
You
know
and
use
that
exact
same
tooling,
all
the
way
out.
Yeah.
D
So
we've
seen
some
of
the
sectors,
for
example
mining
telecommunication,
a
lot
of
distributed
architectures
with
iot
aggregation
or
specific
functions
running
in
disconnected
State
I.
Don't
need
to
be
able
to
call
back
Central,
home
and
stuff
like
that.
So
there's
there's
some
good
points
around
the
the
proliferation
of
like
your
proliferation
of
VMS,
your
proliferation
of
communities,
clusters
as
well,
potentially
for
those
type
of
scenarios
where
you
need
to
scale
hundreds
or
thousands
of
endpoints
typically
and
manage
them.
A
And
let's
So
Okay,
so
we've
seen
the
server.
This
is
the
biggest
challenge
right
now,
a
red
hat
has
an
offering
Simone
I.
Think
probably
now
would
be
a
great
time
if
you
want
to
take
us
through
some
of
kind
of
as
an
example
of
you
know,
of
what
is
out
there
to
actually
why
we
have
all
these
clusters.
How
do
we
manage
this?
How
do
we
do
this
in
a
easy,
an
easy
way
all.
D
D
All
right
so
yeah
so
I
think
we've
talked
a
little
bit
now.
The
the
multi-cluster
management
challenge
is
like.
Why
do
we
have
so
many
clusters,
like
James
mentioned,
could
be
a
distribution
of
function
between
Dave
prod
segmentation
of
those
functions.
Geographical
redundancy
across,
like
your
your
Productions
environment,
like
Wayne
mentioned.
D
Maybe
it's
a
new
way
of
doing
tenancy
model
right,
distributed
clusters
for
different
teams
to
simplify
the
tendency
of
those,
but
the
main
problem
is
what
was
relatively
easy
to
do
for
a
single
cluster
which
is
effectively
on
the
left
in
terms
of
provisioning
cluster,
deploying
your
applications
in
there
making
sure
there's
no
configuration
drift
on
the
cluster.
You
can
patch
and
maintain
it
all
the
time.
As
you
increase
number
of
clusters,
this
becomes
more
and
more
cumbersome
and
difficult
right
in
terms
of
like
how
do
you
consistently
provision
this
cluster
across
the
infrastructure
you're?
D
After
because
you
may
be
looking
from
an
on-prem
capability
to
a
cloud
capability
right,
it
depends
where,
where
you're
going
to
build
those
ones,
how
do
you
make
sure
you
can
enforce
a
set
of
policies
and
governance
rules
across
those
environment
to
make
sure
that
you
don't
deploy
and
not
the
dev
app
in
production,
and
vice
versa,
that
you
have
a
set
of
standard
operating
environments
for
your
clusters,
making
sure
they
they
meet
your
access,
controls,
your
regulatory
requirements
and
so
forth?
Right
and
then,
once
you
have
this
Fleet
of
clusters
to
manage?
D
How
do
you
easily
troubleshoot
and
see
what's
happening
within
the
environment
in
terms
of
like
the
metrics
for
the
the
consumption
of
the
node?
What's
happening
in
the
initial
resources
deployed,
how
they
deploy
those
type
of
things
and,
like
we
said
we
can
scale
to
like
potentially
some
of
the
distributed.
Telco
architecture
is
blocking
thousands
of
endpoints
right
for
that.
So
you
need
to
have
a
way
of
providing
a
single
pane
of
glass
across
everything
and
make
making
sure
you
can
deploy
at
scale
a
set
of
application.
D
You
can
easily
audit
and
comply
to
your
specific
requirements
around
this
environment,
so
that's
pretty
much
the
challenges
associated
with
the
multi-cluster
management
at
scale
right.
So,
in
the
context
of
the
that
problem,
we
have
a
set
of
Solution
on
the
Reddit
side
of
things,
but
our
main
product
for
this
one
is
called
ACM
Advanced
cluster
management
for
kubernetes
that
provide
four
key
components
for
the
multi-cluster
capability.
First,
one
is
the
multi-cluster
lifecycle
management.
How
you
create
import,
manage
clusters
patch
them
upgrade
them
right
as
part
of
the
life
cycle
moving
forward.
D
The
second
one
is
rent
is
really
around
the
policy
driven
governance
risk
and
compliance.
How
you
make
sure
that
your
clusters
comply
with
a
set
of
rules
defined
around
whatever
would
be
your
business
requirements
or
legal
requirements
or
whatever
needs
to
happen
within
your
environment
right?
How
do
we
enforce
a
set
of
rules
and
policies
across
that
across
those
clusters?
D
E
I
think
you
know
one
of
the
things
that
we
find
you
know
with
all
this
sort
of
functionalities.
The
observabilities
tends
to
get
a
little
bit
ignored,
so
I
think
there's
a
lot
of,
especially
in
the
community
space.
A
lot
of
like
assumption.
Okay,
you
know,
kubernetes
is
a
standalone
thing
and
it's
got
its
own
observability
and
alerting.
But
you
know
how
do
you
aggregate
that?
E
How
do
you
make
sure
you
have
a
single
place
to
sort
of
you
know
view
that
you
know
I'll
show
I'll
be
showing
that
in
in
my
section,
but
the
crucial
part
is
like
also.
The
overestimation
of
an
actual
cluster
is
becoming
a
massive
concern,
so
how
much
compute
memory?
Because
all
this
costs
money?
Are
you
actually
spending
on
this?
And
and
how
can
you
actually
kind
of
move
towards
a
phenops
way
of
working
so
understanding?
You
know,
ownership
of
costs
and
that
sort
of
stuff,
yeah.
A
See
that's
another
question
I
had
that
is
around,
and
especially
in
this
climate.
Is
that
partly
what's
driving
the
the
need
for
more
multi-cluster
management
right,
we're
cutting
costs,
but
the
customers
are
demanding
more
from
from
anyone
from
everyone.
So
you
got
to
do
stuff
better
and
faster
and
be
more
Innovative,
but
with
maybe
less
yeah,
and
so,
when
you
can
put
all
this
stuff
together
and
manage
something
from
a
single
spot
or
you
know
from
a
more
consistent
method
that
must
be
a
driving
force
right
and
and
you've
kind
of
confirmed
that.
D
C
D
C
D
All
right
so
the
security,
so
you
can
see
I
think
we're
going
to
go
through
some
of
the
Demos
in
there.
But
the
idea
is,
you
can
define
a
set
of
policies
to
typically
there's
multiple
layers
to
it
right
from
a
security
perspective,
but
from
an
ACM
perspective
from
a
cluster
and
feed
management
level,
you
can
define
a
set
of
policies
to
provide
a
soy
compliant
cluster,
so
it
is
a
standard
operating
environment.
So
what
I
see
a
lot
of
my
customers
really
Define
through
a
set
of
policies?
D
Hey
this
cluster
must
be
configured
in
this
way.
Connect
to
this
user.
Add
these
users
and
groups
syncing
to
the
ad
environment,
connect
to
the
storage.
This
way
we
need
to
deploy
by
there
for
all
these
Network
policies
around
the
environment.
This
type
of
function
right
so
effectively
cacm
as
a
way
of
driving
the
compliance
around
that
you
can
also
like.
D
When
was
explaining
github's
everything,
so
they
find
a
set
of
security
components
as
part
of
ACM
and
sync
them
through
git
right
through
through
the
github's
approach,
so
they
find
them
in
git
and
sync
them
to
your
cluster
using
ACM.
As
well,
there's
a
different
layer
for
it,
which
is
a
different
set
of
product
for
more
than
management
of
deployment,
time
and
runtime
capabilities
of
workloads
on
the
on
the
cluster,
which
is
another
product
called
ACS
Advanced
cluster
security
and
typically,
we
would
see
that
both
products
work
hand
in
hand
to
provide
this
end-to-end.
D
E
Yeah
I
think
we
spoke
about
this
previously
guys.
I
think
it'd
be
great
to
do
a
bit
of
a
section
on
ACS
and
security.
How
that
translates
to
you
know
kind
of
these
kind
of
use
cases,
and
you
know
kind
of
the
standards
that
you
guys
can
set
towards
so
I
mean
I.
In
my
experience,
doing
CIS
benchmarking,
for
instance,
it
was
really
hard
tools
like
ACS
help
you
to
sort
of
not
only
get
a
snapshot
view
of
your
compliance
requirements,
but
also
the
remediation.
E
D
Right
I've
got
a
demo
on
this
one
in
friendships
that
are
on
ACM
driving
to
their
plan.
The
deployment
of
the
compliance
operator
running
the
checks,
your
tour
navigation
and
then
the
results
being
automatically
imported
into
ACS
to
see
the
coverall
components
of
the
Clusters
like
that.
So
it's
a
nice
band
know
if
you
want
of
those
those
capabilities,
provides
effectively
awesome.
B
From
a
Telco
point
of
view,
as
well,
ACM
and
ACS
are
being
used
quite
significantly,
especially
where
you
have
Network
functions
deployments
where
you
know
you
want
to
have
security,
not
just
on
the
data,
but
also
in
transit
and
in
on
the
network
capabilities.
So
there
are
some,
you
know
very
good
use
cases
and
something
some
very
powerful
things
in
ACS.
That
kind
of
enable
you
to
do
that.
So,
yes,
I
can
have
another
session
on
that
completely
yeah.
E
And
I
think
it'd
be
good
to
cover
things
like
ebpf
and
how
that's
sort
of
changing
the
kubernetes
landscape.
You
know
a
lot
of
people
talk
about
service
mesh.
What
is
what
is
that
and
I
mean
ambient
service
match
versus
the
new
stuff
using
ebpf?
That's
very
exotic,
because
it
means
no
side,
cars
using
APF
technology
and
it's
pretty
great
stuff.
Yeah.
B
Saad's
question
did
bring
about
a
very
important
Point
clusters.
These
days
have
become.
You
know,
one
object
one
unit
and
you
know
now
managing
soy
on
that
entire
unit,
and
you
know
how
ACM
can
do
that
was
I.
Guess
a
lot
of
customers
and
a
lot
of
you
know.
People
are
interested
in
I
know
we
have
a
demo
coming
up,
but
you
know
I
just
wanted
to
put
that
thought
out
there
cool.
D
Thank
you
all
right,
so
from
a
business
benefit
perspective.
Typically,
you
increase
the
developmental
production
or
you
accelerate
the
deployment
of
your
applications
across
your
environment
and
it's
always
consistent
using
the
heat
of
the
approach.
Obviously,
you
reduce
cost
as
well.
There's
some
cost
optimization
benefits
in
the
context
of
managing
those
clusters
at
scale.
You
have
a
central
view
of
everything
you
have
a
console
to
handle
a
whole
Fleet
of
environment
as
opposed
to
having
to
go
and
Connect
into
each
of
the
environments
separately.
D
The
application
availability
is
an
interesting
one
because,
as
part
of
the
tools,
we
are
able
to
deploy
an
application
across
multiple
clusters,
for
example.
So
in
the
context
of
the
deployment
of
application
in
HF,
for
example,
you
can
use
tools
like
ACM
to
drive
this
type
of
deployment
of
workloads
to
make
sure
this
is
a
critical
failure
on
one
of
your
clusters.
D
The
application
is
already
available
on
the
second
cluster
right,
so
you
can
Define
set
of
patterns
that
see
my
customers
have
deployment
patterns
based
on
the
type
of
rtu,
RPO,
so
recovery,
time,
objective
and
point
objective
for
their
applications
and
put
them
into
different
type
of
tier.
If
you
want
and
decide
to
deploy
an
application
to
one
or
multiple
clusters.
D
Based
on
that-
and
the
last
point
is
really
around
the
compliance
right,
you
can
write
policies,
you
can
Define
policies
and
quickly
see
whether
anything,
Bridges,
a
policy
bid
for
a
configuration
of
the
cluster
across
maybe
data,
manipulation
and
management
onto
the
cluster.
There's
a
lot
of
different
options
from
which
you
can
have
a
look
at
it
from
a
compliance
perspective
from
typical
use
cases
and
I
should
quickly
stop
on
that.
D
There's
a
set
of
use
cases
around
the
on
the
left
inside
the
life
cycle,
management
of
the
Clusters
in
the
Middle
Ground
around
the
policy
and
policy
enforcement
and,
on
the
right
hand,
side
run
the
department
of
application
right
so
typically
managing
clusters,
but
not
just
openshift.
We
have
customers
that
have
different
flavors
of
kubernetes,
typically
kseks
gke
or
the
IBM
Community
solution
as
well,
and
we're
able,
with
a
tool
like
ACM,
to
manage
and
scale
those
Fleet
right
and
typically
what's
interesting.
D
C
So
sorry
to
jump
in
for
a
second
I
just
have
an
anecdote
from
some
exploration
earlier
today.
I
was
tinkering
around
with
v-cluster,
which
is
a
very
cool,
little
open
source
project,
but
I
actually
I
deployed
a
virtual
cluster
inside
an
openshift
cluster
and
then
used
like
imported
the
virtual
cluster
into
ACM.
When
the
host
cluster
was
already
managed
by
ACM,
and
it
worked
so
anyway,
I
don't
know
what
the
use
case
is
for
that.
Yet,
but
it's
it
was
cool.
C
No,
no
so
so,
we'll
probably
talk
about
hosted
control
planes
a
little
bit
more
at
some
point.
But
v-cluster
is
a
super
lightweight
cluster
virtualization
approach
effectively.
All
it
is
is
two
pods
I
think
to
get
a
to
get
a
virtual
cluster
running
inside
a
namespace
on
an
existing
cluster
and
all
I
had
to
do
was
just
grab
the
good
config
from
that
virtual
cluster,
give
it
ACM
and
it
it
Managed
IT.
Oh.
A
A
B
Think
you
bring
about
a
very
important
Point
August,
you
know
in
large
organizations
Enterprises
from
leadership
point
of
view.
They
don't
want.
You
know
their.
You
know
their
resources
and
Engineers
to
be
focused
on
one
cloud
and
this
overarching
view
of
managing
all
these
clouds.
Well,
you
know
their
teams
specifically
work
work
on
bringing
applications
online.
You
know
put
bonus
on
that.
So
that's
that's
a
really
good
point.
D
All
right,
maybe
I'll,
skip
quickly
because
I've
seen
Wayne
and
James
an
awesome
job
at
presenting
some
of
those
like
management
of
open
shift
policies
and
application
at
scale
I'm
just
going
to
talk
a
little
bit
quickly
on
some
of
the
typical
customer
use
cases
I
see
over
the
last,
like
I've
seen
over
the
last
three
three
years.
Basically
so
one
of
the
first
one
is
really
around
driving
infrastructure
and
consistent
creation
of
standard
operating
environment
as
kubernetes
clusters.
D
The
second
point
is
where
you
run
the
standardization
of
those
clusters
right:
typically,
role-based
access,
Tripoli
storage
integration,
automated
integration
into
third
party
tooling,
like
CM
logging
and
anything
right.
That's
that's
the
idea.
How
do
I
drive
when
I
deploy
those
clusters?
I
kind
of
make
sure
that
by
default,
I
deploy
all
those
components
and
integrate
into
them
as
well.
D
The
third
one
is
really
around
the
single
pane
of
glass
for
visibility
right
to
be
able
to
have
a
view
across
the
whole
Fleet,
and
one
that's
interesting
is
the
first
one
is
like
really
the
migrate
applications
between
different
environments,
so
I
want
to
rebalance
two
different
clouds.
I
want
to
be
able
to
migrate
from
an
existing
environment,
to
a
different
type
of
environment
right
and,
like
I,
said
the
migration
could
be
due
to
rebalancing
activity.
It
could
be
due
to
like
disaster
recovery
and
business
continuity
as
many
reasons
for
it.
D
A
Spot
it's
perfect
right,
so
it
really
gives
us
a
picture
of
the.
Why
you
know
of
everything
of
why
we're
doing
this,
what
it,
what
can
do
and
yeah
as
we've
teased
throughout
this?
Let's
actually
see
it.
Let's
prove
it
right,
let's,
let's
take
a
look
at
what's
actually
possible
and
that's
where
we're
going
to
bring
Wayne
in
with
this
demo.
I
mean
you're,
not
just
here
for
your
demo
man,
you
know
we're.
A
E
Thanks
August,
so
one
of
the
motivators
for
doing
this
actual
Piece
of
My
Demo
was
customers.
Primary
use
case
was
to
sort
of
get
a
handle
of
their
eks
and
AKs
and
clusters,
and
you
know
this
whole
talk
about
the
single
planet
gloss
and
the
single
place
to
manage
it.
This
is
a
great
example
of
how
you
can
use
the
tooling
that
red
hat
provides
to
sort
of
bring
that
you
know,
under
your
view,
understand,
what's
going
on
and
actually
doing
some
more
advanced
sort
of
use
cases
around
it.
E
So
you
look
over
here.
I'm
logged
into
ACM,
as
someone
mentioned,
So
within
ACM.
Of
course.
Now
the
first
thing
I'm
worried
about
is
the
the
Clusters
under
management.
So
here's
a
good
example
of
three
clusters.
Of
course,
the
one
the
local
one
is
the
local
host,
the
local
ACM
and
the
other
two
are
AKs
and
EQ,
so
wow,
okay,
that's
pretty
cool
I've,
really
got
a
view
of
you
know
some
Cloud
provided
ecos
and
managed
services
and
AKs
manage
services.
So
how
did
this
happen
now?
E
One
of
the
crucial
things
is
with
ACM
is
very
extensible,
so
we
have
integration
to
ansible.
So
in
this
example,
what
I
did
was
from
ansible
automation
platform,
which
is
our
our
ansible,
offering
our
portal
to
drive
an
interval,
workflow
I
created
a
bunch
of
templates
and
the
templates
you'll
see
they're
pretty
basic,
but
the
idea
is,
you
know,
I'm
able
to
create
either
a
new
case,
an
AKs
cluster,
and
you
know
you
can
pass
sort
of
certain
variables
credentials.
You
can.
E
You
know,
have
all
that
stuff
securely
stored
and
you'll
see
in
this
example
I'm
using
a
GitHub
repo,
which
I
can
probably
you
know,
kind
of
share.
Essentially
this
is
ansible
and
kubernetes,
so
it
allows
you
to
build
any
kind
of
ansible,
sorry,
any
kind
of
kubernetes
cluster
using
ansible
playbooks.
E
A
E
Then
you
know
simple
thing
of
me:
just
importing
my
AWS
and
Azure
credentials,
and
from
that
you
know,
of
course
it's
stored
securely
inside
and
Sport
National
platform
and
then,
if
you
look
in
and
say
like
my
projects,
this
is
a
link
to
the
repo.
So
that's
my
my
repo
that
I
thought
and
essentially
you
know
you've.
E
You
now
have
access
to
start
creating
you
know
those
actual
clusters
through
the
template
piece,
so
I
really
like
it's
not
complicated,
I
think
that
a
little
bit
of
magic,
that's
missing
in
here
is
the
connection
between
ansible
automation
platform
and
the
access
to
this
openshift
cluster
to
actually
kind
of
import
these
clusters
to
ACM.
So
you
know
that's
in
that
project.
It
gives
you
that
capability
and
that
allows
you
to
then
now
kind
of
pull
in
those
under
management.
So
we
would
have
seen
from
Simone's
slide
deck.
E
There's
like
this
Hub
and
spoke
principle
that
we
try
to
follow
so
the
Hub
being
this
HUD
cluster
spokes
in
these
managed
clusters-
and
you
know
once
we've
imported
them.
We
can
start
doing
some
cool
stuff.
You
know
so,
let's,
let's
start
off
and
think
about
okay,
what
can
I
do?
Of
course
I.
Can
you
know
sort
of
view
details
about
these
clusters?
I
can
find
out
what
you
know.
What
the
node
makeup
is
what
the
instance
type
all
that
sort
of
stuff
very
searchable.
E
E
All
these
lovely
kind
of
Prometheus
metrics
and
you
can
see
I
didn't
do
much
I,
just
pretty
much
in
you
know,
kind
of
deployed
that
with
the
ansible
animation
platform
and
now
I
have
detailed
access
to
what's
going
on
in
these
clusters
and
again
this
is
really
good
for
me
to
sort
of
understand
my
usage
patterns.
So,
as
you
can
see,
I've
got
this
really
in
red
now
saying
overestimation.
What
does
that
mean?
It's
like
well
clearly,
I
haven't
got
enough
workloads
running
on
here,
there's
too
much
compute
power
and
not
enough.
E
B
So
it's
a
very
good
point
when
I
mean
it
also,
you
know
comes
down
to
cost
optimization
and
you
know
towards
all
the
organization
thinking
in
terms
of
sustainability
right
where,
if
there's
work,
there's
compute
running
and
if
you
don't
have
workloads,
maybe
turn
them
down.
So
this
is
great,
certainly.
E
I
think
you
know
one
of
the
things
that
we
found
is
people.
You
know,
build
this
massive
cluster
and
then
start
up
with
workloads,
and
they
wonder
why
you
know
things
are
costing
so
much.
They
don't
have
proper
visibility,
so
I
think
from
a
simpler
simplest
point
of
view.
This
you
know
having
an
indication
on
how
this
looks
through
through
ACM
is
brilliant.
So.
D
And
then
you
can
hook
that
in
into
an
event
driven
type
of
architecture,
for
example,
publishing
notifications
around
alarming
and
thresholds
to
a
broker
like
Kafka
or
whatever,
and
get
sector
in
into
to
drive,
for
example,
to
scale
down
the
cluster,
for
example,
or
drive
a
tool
like
NC
world
to
do
something
around
shutting
down
some
of
those
components
right,
there's
lots
of
cool
stuff.
You
can
fully
automate
entirely
based
on
that
right
entirely
and
one.
C
Of
the
win,
wonderful
use
cases
that
I
haven't
actually
played
with
personally
yet,
but
I
was
just
reading
about
the
other
day.
Was
you
know
normally
if
we
deploy
a
cluster,
you've
got
some
level
of
metrics
collection
and
that
sort
of
thing
happening
locally
on
that
cluster,
but
with
ACM
I
I
haven't
taken
with
it
yet,
but
apparently
you
can
fully
offload
the
metrics
collection
from
those
Maybe,
smaller
optimized
Edge
clusters
and
just
have
that
Central
Hub
cluster.
C
E
E
And
you
know
what's
the
scalability
around
this,
so
one
of
the
main
drivers
for
ACM
is
to
help
use
cases,
and
you
know
we've
sort
of
got
up
to
if
I'm
not
mistaken,
sort
of
around
the
two
and
a
half
thousand
you
know
kind
of
manage
clusters
remember
to
almost
3
000
I
think
is
the
new
version,
so
something
like
that,
it's
it's
pretty
pretty
powerful.
So
as
far
as
scalability
is
concerned,
it's
it's
possible.
You
know.
D
And
you
can
make
a
hierarchical,
we
call
the
herb
of
Hub
as
well
so
ways
of
providing
scaling,
and
you
have
like
dozens
of
endpoints
managed
by
an
instance.
An
aggregational
release
density
is
effectively
together,
but
I
mean
this
is
like
for
large,
like
with
it
like
talking.
Those
large
North
America
can
provide
those
right,
yeah.
E
E
Insane
so,
okay,
so
moving
along
one
of
the
things
that
I
probably
wanted
to
dive
into
was
around
sort
of
governance
that
someone
spoke
about.
So
that's
really
good,
because
I've
created
a
whole
bunch
of
policies.
Now
the
policies
that
I've
created
can
go
against
a
guideline,
so
nists
800
or
whatever
you
want
to
go
for
and
you'll
see,
there's
a
whole
bunch
of
policies,
I've
created
on
here
relating
to
the
actual
Hub
cluster
itself,
and
quite
a
few
cool
things.
E
E
Simple,
just
to
sort
of
illustrate
things
I'm
going
to
go
ahead
and
sort
of
create
a
policy
around
say
like
tests
namespace,
for
instance,
so
I
want
to
I
want
to
do
like
a
namespace
correction
on
all
these
clusters
and
I'm
just
going
to
call
it
yeah
the
default
namespace
to
store
it
there
and
I'm
gonna
say
enforce
it.
Okay,
so
that
means
it's
going
to.
You
know,
go
ahead
and
apply
this
and
sorry.
E
If
I
go
back
to
the
policy
templates,
what
I
want
to
do
is
say:
namespace
must
exist
and
I'm
going
to
add
in
here.
The
namespace
is
just
staging
in
this
case
or
something
whatever
it's
just.
It's
just
arbitrary,
so
then
go
ahead
and
do
that
so
new
placement
rule,
so
placement
rule
pretty
much.
You
know
kind
of
where
you
want
to
put
things
how
you
want
to
put
things
on
all
the
different
clusters-
and
you
know,
I-
have
something
called
the
cluster
set.
E
So
I
can
start
grouping
these
clusters
together
and
make
sure
that
I
have
the
ability
to
you
know
kind
of
execute
on
that.
So
you'll
see
that
all
the
Clusters
have
gone
into
the
default
cluster
set
so
that
way,
I'm
able
to
you
know
kind
of
assign
them
okay.
So
that's
really
good
and
I'm
going
to
add
a
label
expression.
So
in
this
case
I'm
going
to
say
you
know,
vendor
is
equal
to
the
uks
America's
clusters
and
not
the
openshifts
one,
and
why
that
and
then
submit
it.
E
So
essentially,
what
that's
going
to
do
now?
It's
going
to
go
ahead
and
if
my
my
test
works
right,
it's
going
to
go
ahead
and
apply
this
against
those
clusters,
and
that's
that
way,
I
can
actually
start
doing.
You
know
like
more
policies.
I
can
add
certain
things.
I
can
you
know,
take
things
away,
so
you
get
a
get
a
feel
for
it.
Now
I
can
start
bringing
these
clusters
under
management.
D
And
Wayne
see
me
not
what
you've
done
for
the
cluster
import.
You
can
also
hook
some
automation
tool
as
part
of
that
right,
so
you
can
also
drive
that
with
an
NC
World
set
of
policies,
so
in
case
of
a
bridge
of
the
policy
there's
also
some
some
extra
function,
the
nc4
could
go
and
do
raise
a
ticket
in
itsm
or
whatever.
You
need
to
do
with
that.
For
example,
totally.
E
Totally-
and
you
know
this
that
way
exactly
that,
so
there's
a
whole
kind
of
automation,
Suite
that
you
can
integrate
into.
In
my
example,
you
know.
Obviously,
I've
got
the
automation,
Hub
kind
of
integrated
there.
I
can
do
things
so
yeah
you're
right.
So
any
kind
of
use
case
you
think.
Okay,
maybe
that's
not
githubs.
Maybe
I
need
to
integrate
that
to
sort
of
an
answer
or
Playbook
stuff
like
that.
You
can
do
so.
The
next
thing
I'm
going
to
show
you
guys,
is
creating
an
application.
E
A
E
No
I
think
probably
a
lot
of
the
CLR
people
that
I'm
one
of
them
myself
will
be
like.
Why
are
you
doing
this?
For
the
uis?
It's
a
full
illustration.
You
know
I
think
we
we
want
to
show
you
guys
how
this
works.
I
think
a
lot
of
people
probably
fall
asleep
if
they
just
see
a
lot
of
CLR,
but
at
the
same
time
I
can
do
all
of
this
and
see
a
lot.
There's
nothing!
Stopping
me
cool,
so
I'm
going
to
do
like
a
simple
WordPress
kind
of
application,
again
yeah.
This
could.
D
D
E
E
Wordpress's
name
and
I'm
just
going
to
choose
this.
This
version
so
again,
I've
have
something
called
a
placement
rule
or
a
cluster
set,
so
I'm
just
going
to
go
for
the
default
and
I'm
going
to
call
this
environmental
so
equal
to
Dev
labeling.
So
what
that
allows
me
to
do
is
I
can
go
ahead
and
deploy
an
application,
but
I
can
decide
whether
or
not
I
want
it
on
a
certain
cluster.
E
So
I'll
go
ahead
and
add
that
quickly
this
I'll
go
now
and
sort
of
deploy
in
a
ready,
State
and
you'll
see
that
the
application
won't
be
deployed
yet
because
I
don't
have
any
of
those
labels
sets
so
I'm
I'm
thinking
to
myself.
Okay,
well,
I
want
to
test
this
first
on
on.
You
know
kind
of
the
E
case
side.
So
let
me
go
ahead
and
label
and.
E
So
so
now
I
want
to
say:
okay
put
it
on
the
actual
cluster
and
if
I
go
back
to
the
application,
you
can
see
already
if
I
filter
by
subscriptions
the
WordPress
one
has
got
one
remote.
So
that's
great,
so
it's
already
started
to
kick
off
the
actual
application
deployment
and
hopefully,
after
a
short
amount
of
time.
I
should
see
this
on
my
eks
cluster.
So
let
me
let
me
jump
over
to
that
and
I'm
sure.
A
few
of
you
have
probably
seen
the
lovely
AWS
console
and
maybe
played
around
with
EK.
E
So
I
have
an
introduction
or
you
know
done
something
with
it,
but
it's
always
good
to
see
this.
You
know
happening
and
what
I've
actually
done
so
having
a
look
at
this
cluster,
if
I
click
under
resources
and
I
go
to
probably
namespaces,
all
of
a
sudden
I
see
the
WordPress
any
space
created
there.
That's
that's
fantastic!
So
I've
got
an
application
deployed,
I'm
able
to
potentially
even
like
connect
to
that
application.
A
E
Which
is
great,
so
we
we're
actually
saying
sort
of
like
a
more
of
a
you
know,
a
real
world
use
case
where
people
would
need
to
manage
applications.
They
need
to
do
stuff
and-
and
of
course,
I'm
just
going
to
probably
then
remember
who
it
is
either.
It
is
I'm
looking
for
the
load,
balancer
endpoint.
So
let's
go
to
this
and
see
what's
what's
happened
so,
but
I
have
WordPress
deploy.
E
So
this
is
this
is
pretty
simple:
I
know
it's
I'm
trivializing
it
there
might
be
more
complex
applications,
but
I've
got
a
place
of
starting
with
a
nice.
You
know
kind
of
demo
there
next
thing
I
want
to
do
now
is
I
want
to
go
back
to
my
clusters
and
I
want
the
same
for
my
AKs
cluster.
So
let's
do
that
same
exercise
where
our
labeling
in
the
pastor
itself
and
remember
I
met
its
environment
is
Dev.
You
could
make
it
anything
you
want
to
and
I'll
save
it
up
so
just
before
I.
E
E
This
is
real
stuff
cool,
so
applications
again,
it's
automatically
picked
up
too
and
if
I
go
back
to
there,
let's
give
it
a
couple
of
moments.
It
probably
needs
a
refresh.
Hey
I've
got
a
good
place,
so
there
you
go.
It's
like
I've
got
this
consistency.
I've
got
the
same.
You
know
kind
of
hidden
there.
These
objects
I'm
able
to
deploy
that
it's
really
showing
you
the
power
of
you
know
this
get
up
sort
of
pattern
and
the
ability
to
do
that.
So
same
methods,
I
think
it's
pretty
quick.
F
E
F
A
No,
but
it's
looking
good
right,
I
mean
we
can
see
it
there.
We
can
see
it
coming
up
and,
as
you
said,
there's
more
complexity
here
right.
You
know
you're
you're
banging
out
these
this
demo
and
it's
perfect
for
for
what
we're
needing
to
look
at
and
obviously
there
you
go,
you
get
there,
but
it's
really
fascinating
to
see
this
and
and
like
I
said
using
these
two
consoles.
This
is
the
reality
for
for
our
developers
today,
right
they're,
bouncing
across
clouds
yeah.
E
Yeah
I
mean
they
I
think
the
the
typical
conversation
I
have
is
around.
You
know
people
now
looking
towards
moving
to
States
on
a
cluster
like
how
do
we
manage
State
and
there's
ways
of
doing
this
with
various
open
chip
technology,
but
I
think
for
the
moment
this
is
illustrating,
like
a
simple
use
case,
on
on
a
simple
application
itself,
so
yeah
give
that
a
couple
of
moments
I
think
it's
probably
still
starting
up
the
power
of
doing
this
doing
this
as
a
live
demo.
C
A
very
quick
mention
on
cognitive
burden
as
well,
though,
when
you're
in
this
kind
of
world
you've
got
these
different
control
planes
going
on
having
one
way
or
one
sort
of
view
into
that.
That's
consistent,
irrespective
of
what
those
other
control
plans
look
like
that's,
even
though
it's
a
user
interface,
it's
kind
of
a
big
deal,
because
even
I
just
noticed
that
then
yeah,
you
know
as
you're,
flicking
tabs
between
AWS
and
zura.
It's
just
this
subtle
back
of
the
mind
kind
of
thing.
E
Think
for
me,
it's
more
like
you
put
all
your
kind
of
skills
and
ability
into
learning
good
Ops
patterns,
yeah
and
then
those
sort
of
things
will
thrill
to
Rob
and
especially
if
you've
got
things
like,
you
know,
kind
of
a
controller,
that's
able
to
talk
to
multiple
platform,
okay,
so
yeah
I,
think
I.
Think
I've,
given
a
quick
overview
of
ACM.
There's
a
lot
more
to
this
tool.
E
A
E
E
A
A
C
F
C
Maybe
we
still
want
to
move
the
rest
of
the
application
and
have
some
scaling
out
on
clouds
yeah,
so
maybe
in
about
10
minutes
or
so
hopefully,
maybe
a
little
less
than
that
I'm
going
to
attempt
to
make
it
the
simplest
possible
example
of
of
a
progressive
migration.
So,
let's
see
see
how
we
go
I'll.
C
C
You
can
find
it
so
ACM.
Here's
our
dashboard
to
keep
things
as
simple
as
possible.
I've
just
got
two
clusters
here:
they're
both
in
AWS
and
if
we
jump
to
our
cluster
list,
we
will
see
them
there.
There
we
go
now
yeah
challenge
being.
How
do
we
connect
these
clusters?
How
do
we
progressively
Migrate?
How
do
we
do
it
in
a
secure
way?
This
is
where
I
need
to
introduce
a
project
called
Submariner
and
Advanced.
C
Cluster
management
has
some
pretty
awesome,
features
to
integrate
with
Submariner
out
of
the
box
and
kind
of
make
this
process
easy,
because
under
the
hood
there
is
a
whole
lot
of
complexity
going
on
so
Wayne
briefly
mentioned
the
concept
of
a
cluster
set
I'm
going
to
head
over
to
the
clustercept
tab
and
just
point
out:
I've
got
a
cluster
set
here
called
Submariner
and,
as
you
think,
about
sort
of
connecting
different
kubernetes
clusters,
you
need
to
sort
of
think
about.
You
know
how
should
those
be
logically
grouped?
C
How
should
those
be
sort
of
logically
be
managed
as
one
collection
and,
in
my
case,
I'm
trying
to
keep
it
as
simple
as
possible
and
I've
just
got
these
two
clusters
in
one
class
to
see
it.
So
if
we
have
a
look
at
it
here,
we
go
and
I
just
want
to
point
out.
We've
got
a
status
down
the
bottom
for
Submariner
add-ons
and
a
tab
up
here,
but
our
multi-cluster
Network
status
is
healthy,
that's
good!
So
if
we
have
a
look
at
submarinet
add-ons
here,.
F
C
Correct
yeah
there
was
one
gotcha
I
ran
into
with
one
parameter.
So
after
I
did
the
initial
you
know
click
and
source
of
Mariner
add-ons.
My
connection
status
didn't
turn
to
healthy
and
I
had
to
set
one
parameter
for
load
balancer
to
True
after
reading
a
little
bit
of
documentation,
so
yeah
one
little
gotcha,
but
other
than
that
I
did
it
through
ACM.
Now,
obviously,
you
can
just
drive
it
all
through
githubs
through
code.
C
C
F
C
C
So
we've
got
a
web
front
end
and
a
redis
backend,
and
if
we
have
a
look
at
these,
we
can
see
it's
running
on
our
local.
You
know
on-premise
cluster
or
for
each
one
as
as
Wayne
was
kind
of
showing
before
we
can
go
and
look
at
the
topology,
and
we
can
see
all
of
the
resources
that
are
application
has
there
is
one
special
resource.
I
need
to
point
out,
though,
for
our
redis
app.
C
C
C
B
C
C
There
we
go
so
August,
you
should
see
a
terminal
coming
through
yeah
cool,
so
Wayne
mentioned
the
idea
of
a
placement.
Earlier,
a
placement
rule
we're
going
to
have
a
look
at
a
placement
rule
for
guest
book
in
the
ACM
resources
there
is
a
placement
rule
resource
and
all
we're
going
to
do
is
change
a
single
line.
So
we
can
have
a
look
at
this
and
see
and
the
specification
we
have
a
cluster
selector
looking
at
labels,
where
the
name
is
local
cluster
easy.
A
C
C
C
So,
okay,
we've
still
got
our
application,
but
we
can
see
it's
now
remote.
Let's
have
a
look,
we'll
go
and
look
at
our
topology.
We
can
see
everything's
green
everything's
happy
again,
let's
go
over
to
the
actual
cluster
and
this
is
our
remote
cluster
and
we
can
see
our
pods
are
over
here
now
our
three
front-end
replicas.
F
C
E
F
A
B
D
Right
and
then
you
block
that
through
a
set
of
policies,
you
can
do
that,
there's
a
set
of
tools.
You
can
use
ACS
or
ACM,
plus
the
automation
component
for
it.
So
there's
a
lot
of
luck.
You
know,
like
Wayne
was
mentioning
a
set
of
policies
to
criminal
spaces.
You
can
apply
a
set
of
policies
to
control
as
well.
Some
of
the
placement
within
the
application,
as
well
so
still
support.
The
migration
effort,
like
James,
was
demonstrating
for
some
of
the
components
of
the
application
and
restrict
the
migration
of
other
capabilities
in.
E
Well,
I
think
also,
what's
important
to
note.
You
know
our
experience
with
a
lot
of
customers
has
been.
You
know
if
you
don't
set
up
these
guard
rails
for
people
using
these
platforms,
we
tend
to
find
you
know
ghosts.
It
gets
chaotic
it's
out
of
control
so
like
having
these
policies
having
the
way
to
kind
of
manage
this.
It
helps
it
to
scale
because,
inevitably
we'll
want
to
be
supporting
sort
of
like
an
SRE
methodology
and
we
have
managed
Services
ourselves.
I
know
that
does
so.
A
Scale
really
and
I
mean
the
managed
service
call
is
important,
because
that
SRA
team
is
managing
an
enormous
amount
of
clusters
behind
Rosa
and
arrow
and
OSD,
and
so
they
are.
They
are
really
learning
what
is
needed
and
so
we're
getting
this
best
practices
coming
from
our
Engineers
going
into
our
products
going
Upstream
going.
You
know
it's
it's
it's
everywhere
and
it
makes
a
huge
difference.
I
love
the
example.
You
gave
Simone
with
the
fat
fingers
right
because
it
happens,
and
developers
are
in
that
spot
thing
out.
D
A
No,
that
was
that
was
amazing.
Right
I
mean
we've.
We've
been
able
to
build
on
understanding
some
of
the
industry
issues
and
seeing
the
solutions
out
there,
but
actually
seeing
how
they
work
and
there's
so
much
more
here.
I
know
that
there's
just
a
ton
more
that
could
be
talked
about.
You
can
layer
in
things
like
ACS.
So
if
it's
cluster
security
for
kubernetes
there's
so
many
things,
we
can
add
it's
just
it's
just
fascinating
to
me
and.
D
The
fact
that
the
security
is
embedded,
the
refunction,
like
you
know,
James,
was
presenting,
like
you,
have
a
specific
function
instead
of
communities
of
CRS
right
associated
with
the
export
of
a
specific
service
and
the
importable
services
as
well
right.
So
it
means
you're
in
control
of
security
can
be
in
control
of
what
you
can
export
and
not
export,
and
even
that,
if
you
step
up
this
component,
we
can
apply
a
set
of
policies
to
block
those
deployment
device.
Yes
or
some
of
the
policing
governance
in
ACM
as
well
right.
D
A
F
A
Talked
about
right,
so
it's
it's
there!
It
needs
to
be
there.
There's
reasons.
Fort
sums,
government
regulations,
some
might
just
be
simply.
It
makes
more
sense
to
be
in
multiple
clouds,
and
so
it
we
we
joke
at
your
expense,
because
it's
always
fun,
but
that
you
know
that
you
know
about
people
making
mistakes,
but
it
is
really
just
about.
It
is
just
best
practice
and-
and
this
keeps
that
in
line
so
wow
I
mean
that's
quite
a
collection
of
things
and
we've-
we've
we've
been
in
here
over
an
hour
and
I.
A
Think
that
is
spectacular.
What
I
do
want
to
do
is
make
sure
that
if
there's
any
links
and
stuff
we'll
go
ahead
and
load
those
into
the
into
the
notes
and
in
under
the
video,
because
there's
some
great
stuff-
and
you
can
reach
out
to
these
guys-
they're
always
excited
to
talk
to
you
to
understand
whether
it's
a
customer
case
or
just
Upstream
stuff.
A
C
Last
words
that
that
was
about
the
simplest
Submariner
example
you'll
ever
see
and
I'm.
Just
picking
up
on
what
you're
saying
there
is
a
whole
lot
more.
You
can
do
a
whole
lot
more
use
cases
for
that
connectivity
and
and
yeah
for
any
any
kiwis
that
they
want
to
have
a
chat.
Yeah
Wellington
based
yeah,
get
in
touch
boys,
always
Keen.
To
talk
about
this
stuff.
E
No
thanks
guys
I
think
this
is
a
really
good
opportunity
to
sort
of
like
collaborate.
I
think
one
of
the
things
I
do
love
about
working
at
redhead
is
just
you
know
the
open
source
open
the
way
we
approach
things
and
share
things,
and,
crucially
everything
we
do
is
always
I'm.
Looking
forward
to
the
the
the
kubernetes
event
in
August
I.
Think
if
you've
inspired
me
to
sign
up
and
I
think
I'm
going
to
go
check
that
out,
because
I
think
it's
important
for
us
to
talk
to
the
community.
E
B
I
first
like
to
thank
our
presenters
work
insightful
show,
we've
had
and
not
one
but
two
demos.
How
good
is
that
like
and
both
of
them
are
so
fantastic
I'm,
just
blown
away
really.
Thank
you.
A
lot
of
things
were
covered
and
I
know.
You
know,
people
have
questions
and,
like
all
of
you
said
you
know,
if
you
have
any
questions
reach
out
to
these
folks,
then
they
talk
to
customers
everyday
day
in
day
out.
They
have
answers
and
yeah.
Thanks
again.
D
A
A
You
can
actually
see
folks,
probably
involved
here,
but
all
of
our
red
hat
Associates
are
going
to
many
are
going
to
be
attending
and
answering
your
questions
so
there's
a
link
there
I'll
put
that
in
the
notes
and
of
course,
if
you're
looking
for
other
shows-
or
you
want
to
keep
track
of
us,
we're
on
the
streaming
calendar
to
you
can
easily
find
us
and
keep
in
touch
with
everything
that's
going
on
there,
and
that
is
a
very
exciting
end
to
another
copy
hour.
So
with
everyone.