►
Description
Join Christian Hernandez, GitOps Extraordinaire, for a journey through how to achieve GitOps in any number of ways. The occasional Red Hatters and special guest will join us too.
A
Good
morning,
good
afternoon
good
evening
and
welcome
to
another
edition
of
the
newly
renamed
get
ops
guide
to
the
galaxy
christian,
I
am
chris
short
executive
producer
of
open
shift.
Tv
christian
hernandez
is
the
get
out
extraordinaire
christian.
You
want
to
talk
about
the
the
name
change
here.
B
Yeah
yeah,
so
kind
of
I
want
to
start
off
by
kind
of
giving
a
little
announcement
a
little
little
thing
that
we're
going
to
be
doing
here,
we're
rebranding.
So
it's
it's,
but
it's
not
like
new
coke
right.
It's
it's!
The
joke!
We've
actually
been
making
internally
right,
so
we're
getting
a
new
name.
It's
gonna
be
called
get
out's
guide
to
the
galaxy
same.
B
You
know
same
content,
same
feel
same
everything
else,
we're
actually
just
doing
kind
of
a
little
a
little
little
bit
of
a
rebranding
right,
and
this
is
actually
good
news,
as
a
lot
of
you
don't
know
is
that
we
were
actually
doing
this
kind
of
as
kind
of
off
the
cuff
chris
right
we
were.
B
Whole
the
whole
twitch
thing,
the
whole
thing
was
actually
just
not
even
within
the
within
the
the
cl.
You
know
without
cloud
platforms
bu,
but
actually
just
within
our
team
yeah
and
it's
actually
grown
so
much
that
red
hat
corporate
is
picking
it
up.
So
now
it's
actually,
you
know
there's
actually
it's
actually
real.
So
it's
kind
of
interesting
it's
going
to.
A
A
B
Yes,
that's
right
and
part
of
that
is
a
it's
a
rebranding
right,
and
you
know
this.
You
guys
are
getting.
You
know
it's
officially
official,
the
next
episode
right.
I
figured
I
just
kind
of.
B
Actually,
I
just
got
a
message
that
actually
doing
the
marketing
stuff
they're
actually
starting
to
promote
it
right
now,
as
we
speak,
so
it's
actually
pretty
cool
is
actually
wheels
are
in
motion.
So
for
those
of
you
who
tune
in
live,
I
decided
to
give
you
a
little
bit
of
a
you
know,
fair
warning
and
a
little
bit
of
some
good
news
on
our
end,
so
yeah
no.
A
That's
good
news:
it's
yeah!
We
we've
taken
this
idea.
You
know
we're
all
stuck
at
home.
We
need
to
do
something
and
it's
grown
into
something
that,
like
the
main
marketing
teams,
that
red
hat
are
starting
to
appreciate.
So
that's.
B
You
got
you
guys
got
such
a
buzz
that
you
know
started
off
with
the
level
up
hour
and
they
also
picked
up
andrew's
admin.
Asking
admin
show
now
they're
picking,
ara
show
up.
So
it's
you
know
really.
They
they
started
grabbing
some
of
the
buzzword,
some
of
the
ones
that
were
causing
the
biggest
buzz.
So
thank
you
to
all
to
all
of
you
who
watch
and
yeah
so
cool,
and
so
then
I
I
actually
pretty
excited
to
for
the
name
getups
guide
to
the
galaxy
right.
B
B
B
All
right
so
yeah
this
this
this
topic
yeah.
When
do
we
get
swag?
Actually
it
would
be
nice
to
get
swag.
That's
gonna,
be.
B
You
yeah
it'd,
be
it'd,
be
cool
to
get
some
swag.
So
thank
you
so
yeah.
So
the
the
topic
today
right,
you
know
I
I
kind
of
wanted
to
do
a
back-to-back
show,
but
it
didn't
work
out
that
way
and
actually
was
it's
not
like.
It
was
a
bad
thing
that
didn't
work
out.
B
That
way
we
had
the
get
ups,
the
official
get
ops
operator
for
openshift,
so
the
openshift
git
ops
operator
one
tech
preview,
so
we
just
had
to
do
a
show
about
it
right,
so
we
so
I
kind
of
sandwich
that
into
these
two
topics,
so
this
today's
topic
is
machine
configs
right
so
before
we
talked
about
machine
config,
the
machine
config
operator
right,
so
machine
sets
and
machines.
B
You
know
how
to
how
to
handle
those
kind
of
in
the
get
ops
friendly
way
where
we
kind
of
explored
that
a
little
bit,
and
I
was
going
to
do
a
machine
configs
specifically
on
back
to
back,
but
we
had
bows
on
doing
that.
So,
if
you
guys,
I
think
it's.
I
think
this
is
the
bitly.
Hopefully
that's
ability
so
in
case.
B
Yes,
it
is
for
now
didn't
catch
that
show
go
ahead
and
we
were
just
talking
about
bitly
right
and
it
was
like
it
does.
Does
all
this
work,
so
I
guess
it
does
so
go
ahead.
Go
I
put
the
link
in
the
chat.
If
you
didn't
catch
that
episode,
you
can
go
ahead
and
watch
that
you
know
or
catch
any
other
past
episodes.
So
I'm
gonna
kind
of
do
what
am
I
doing
here
there
we
go.
I
hope
this
is
the
right
desktop.
I
always
oh.
B
Yeah
yeah,
so
hopefully
you
see
my
slides.
I
I'm
looking
at
the
preview
over
here.
While
I'm
looking
at
chat.
It
looks
like
the
side,
the
right
the
right
screen
came
up,
so
so
we're
gonna
talk
about
machine
configs
and
get
ops
right.
B
So
I
think
I'm
going
to
go
again
an
overview
of
the
the
machine,
config
operator
and
machine
configs
and
kind
of
just
bring
it
all
together
and
then
I
have
an
example
of
of
some
things
right
like
keyboard
time,
like
we
always
talk
about,
so
I
try
not
to
bore
all
of
you
with
a
bunch
of
slidewear,
but
I
think
it's
important
to
kind
of
understand.
What's
going
on.
First
before
we
start
doing
start
hacking
away
right.
B
So
in
the
previous
episode
I
talked
about
the
cloud
api
right
and
the
and
the
machine
config
right
how
in
in
a
in
in
a
completely
automated
way.
How
are
we
bootstrapping
some
of
these
nodes
in
order
to
be
become
part
of
the
kubernetes
cluster
right?
And
so
then
we
have
this
concept
of
the
the
machines
and
machine
sets
similar
to
what
we
have
with
deployments
and
replica
sets
and
pods
right.
B
So
there's
a
there's,
a
hierarchical
thing
coming
out
where
we
have
a
machine
set
that
controls
any
number
of
machines
and
those
machines
that
turn
into
a
node
right
right,
and
so
you
know
you
have
a
machine
set
controls,
a
machine
and
what
is
a
machine
right?
So
a
machine
is
just
kind
of
declaratively
say
how
how
is
a
node?
B
You
know,
how
do
I
build
a
node
right
or
how
do
I
you
know
the
definition
of
what
a
node
is
so,
for
example,
it'll,
say
things
like
you
know:
eight
cpus
16
gigs
of
ram
128
gigabyte,
hard
drive
right.
So
it's
kind
of
you
know
it
kind
of
just
says
all
right.
I
want
you
to
build
me
a
vm
right
in
most
cases,
most.
A
B
Yeah
most
cases
of
these
parameters
right
and
then
you
control
the
scale
that
way
right,
so
a
machine
set.
You
can
say
I
want
three
of
this
type
of
vm.
B
Up
then,
then
we
have
to
turn
it
into
a
node
right.
So
that's
that
relationship
right
got
a
machine
set
that
builds
a
machine
and
oh
shari's.
Here
nice,
hello,.
B
B
Make
like
cards,
like
you
know
like
like,
like
membership
cards,
he'll
he'll
be
like
one
right
like
he'll,
have
the
number
one
so
so
I'm
glad
you're
watching
so
yeah,
it's
great
to
have
martin.
B
So
yes,
that's
right,
he's
great
he's
he's
a
great
guy,
and
so
then
you
know
I
have
like
five
machines
and
then
I
want
them
to
be
nodes
right,
but
once
the
the
node
is
up,
we
need
a
way
to
you
know,
configure
it
right,
and
so
this
is
where
the
machine
config
comes
into
place
right.
So
we
have
a
there's,
a
concept
in
core
os
called
ignition
right
and
I'm
gonna
try
not
to
get
too
too
far,
because,
like
you
can
you
can
do
a
whole
show
about
like
machines.
B
But
just
to
summarize
ignition
sets
up
the
node
and
it
runs
once
on
boot
on
the
first
boot
right.
So
if
you
could
think
about
cloud
init
cloud
init
yeah,
but
it
runs
once
and
another
big
difference
is
that
it
runs
in
init
ram
right
in
it
ram
fs,
so
it
runs
even
before
pid
1
does
and
the
idea
behind
that
is
because
core
os
is,
you
know,
quote
unquote
immutable.
So
I'd
like
to
do
the
the
and
what
andrew
did
in
his
show
is.
I'm
doing
air
quotes
immutable.
B
You
know,
because
you
do
kind
of
change
it.
It's
not
you
know,
it's
not
immutable
doesn't
mean
read-only.
So.
A
B
Down
to
that
level,
yeah,
it's
a
hyperdimensional.
What
do
you
call
it.
B
You
know
it's
rings
within
rings,
right,
yeah,
but
so
ignition
runs
once
on.
First
boot
never
runs
again
and
its
only
job
is
to
set
up
the
the
operating
system
in
in
terms
of
configuring
it.
So
that
is
what
machine
configs
is
based
on
right.
So,
as
you
see
here,
actually
you
don't
see
it
here.
You'll
see
it
in
my
config
right.
B
You'll
do
you'll
see
a
spec
ignition
version,
blah
blah
blah,
but
this
is
how
you
this
is
how
one
openshift
configures
the
node
and
two,
how
you,
as
an
administrator
or
whoever
write
a
sre,
make
changes
to
the
operating
system
or
add
additional
functionalities.
So
we
have
you
know
you
do
things
like
create
ssh
keys.
You
know,
write
files
out,
insert
kernel
argument
and
whatever.
D
B
And
so
we
have
the
machine
config
operator
who
the
whose
job
is
to
manage
two
things
is
the
machine,
config
controller
and
the
machine
config
server
right,
so
the
machine
config
controller,
it's
responsible
for
spinning
up
machines
and
then
the
machine
config
server
is
responsible
for
writing
out
the
configurations
and
so
and
then
there
is
a
daemon
set
to
run
on
all
nodes,
so
all
nodes
on
masters,
workers
infra,
whatever
right
it's
on
all
nodes
and
it's
a
machine,
config
damon
and
what
its
job
is
to
essentially
say:
hey,
make
sure
this
hash
matches
this
hash
right.
B
B
So
I
like
to
think
so
I
mean
I've
been
working
with
openshift.
For
you
know,
for
a
long
time
I
mean
at
first
it
was
kind
of
a
paradigm
shift
right
because
I
came
from
the
you
know.
I
came
from
the
two
world
right
openshift
two
going
from
two
to
three
was
a
paradigm
shift,
but
I
you
know
that
wasn't
easier
for
me
for
whatever
reason,
but
for
three
to
four:
it
took
a
little
while
and
then
after
a
while.
I
actually
don't
really
manage
the
os
a
lot
like
I.
B
Yeah,
like
I
maybe
debug,
something
that
I
can't
see,
but
those
are
few
and
far
between,
but
I
understand
there's
you
know
people
who
are
like
okay.
Well,
we
need
a
specific
user
for
compliance
purposes.
All
right.
You
know
that
that's
something
you
can
do
right,
but
yeah
yeah,
as
braided
silver
said
three
to
four
is
super
different,
like
that's
like
a
whole
you're
talking
about
operators
and
like
that's
a
whole,
you
know
another,
you
know
thing
so,
but
yes,
you
can.
You
can
use
ignition
to
create
a
user's.
B
You
know
that
that's
what
it's
that's,
what
it's
job
is
to
do
right,
create
users,
if
you
actually
oh
I'll,
put
in
the
chat
later.
I
don't
know.
If
chris
you
want
to
look
for
it,
you
can
look
at
the
ignition
spec.
If
you
just
google
ignition
core
os
spec,
I
got
it
I'll
find
it.
You
guys
will
see.
You
know
all
the
things
that
you
can
do.
It's
actually
pretty
cool.
So
so
yeah
again
we
can
just
rabbit
hole.
B
Just
this
one
slide
right,
and
so
this
is
so
there's
so
there's
the
machine
configs
right.
So
there's
like
things
like
etsy
password,
right,
sshd,
motd,
right,
crony
like
you
have
like
you,
know
your
individual
configurations
and
then
there's
this
concept
of
what
we
call
a
machine,
config
pool
right
and
it's
actually
doing
exactly
what
it
says.
It
just
pulls
together
a
machine
all
your
machine
configs
into
one
blob,
and
it's
just
basically
you
know
doing
a
you
know,
says:
hey.
B
You
know
this
file,
this
file,
this
file,
this
file,
this
file,
this
file
right
and
it'll,
just
as
actually
one
big
config.
So
what
ends
up
happening
is
that
the
machine
config
that
gets
applied
is
actually
that
one
file
that
one
rendered
worker
that
one
pool
not
individual,
not
individual,
so
it
doesn't
process
each
individual
file.
It
just
takes
those
individual
files
that
you
gave
it
and
it
just
gives
it
one
big
file
that
it
does,
and
so
that's
and
then
there's
so
by
default.
B
There's
two
of
them
when
there's
one
for
the
control
plane
and
there's
one
for
the
workers,
and
that's
it
right,
you
can,
you
know,
create
pools
and
stuff
and
we'll
we'll
go
exploring
a
little
bit
here.
B
D
B
Would
you
will
do
it
so,
especially
like
you
said
chris
when
you're
running
this
on
like
bare
metal
or
like
physical?
When
you
know
you
have
to
add,
like
kernel
arguments,
to
see
a
specific
device
right,
you
know
the
show
actually
was
was
started
by
william
caban.
I
don't
know
if
you
know
him
he's
the
chief
architect
for
the
telco,
guys
telco
vertical
red
hat,
and
he
obviously,
if
you're
in
telco,
you're
doing
a
lot
with
hardware.
So
you
have
to
add
some
of
these.
You
know
configurations.
B
One
thing
you
need
to
keep
in
mind
is
that
you
can
actually
shoot
yourself
in
the
foot
and
it
doesn't.
The
machine.
Config
pool
doesn't
do
like
a
merge
right.
It
doesn't
do
like
a
smart,
merge
right
so
like
in
this
example.
If
you're
looking
at
the
right
hand,
side
you'll,
see
that
there's
50,
motd
and
then
51
motd.
D
B
One
wins
so
it
doesn't
like
take
the
the
one
you
have
before
it
and
the
one
you
have
after
it
do.
A
weird
merge
doesn't
do
that,
and
so
just
keep
in
mind
that
you
know
the
last
one
wins,
and
so
you
know
we
and
we
don't
stop
you
from
doing
that
right.
We
don't
stop
you
from
you
know.
I
think
eric
jacob
says.
Like
you
know,
you
want
to
cut
your
foot
off
with
the
spoon
we
don't.
We
don't
stop
you
from
doing
that.
B
D
A
Yeah
waleed
is
trying
to
like
his
security
team
is
doing
that
thing
where
we
need
a
user
on
your
box
to
run
nessus.
So
we
can,
you
know,
miss
standards,
iso
standards
whatever,
and
that's
it's
it's
like
a
common
thing
right
and
you
basically
tell
people
it
needs
to
run
in
a
container
container,
because
guess
what
none
of
the
stuff
you're
looking
for
is
probably
going
to
be.
A
Different
place
like
red
hat,
core
os.
D
A
B
B
D
B
Takes
a
while
for
for
enterprises
to
kind
of
just
make
that
journey
through
the
paradigm
shift,
so
so
the
machine
config
server
essentially
so
what
ends
up
happening
is
that
these
this
rendered
worker
this
hash
right.
This
glob
is
what
is
used
to
create
an
ignition
file,
so
this
ignition
file
gets
gets
paired
up
with
your
rel
core
os
image
and
gets
merged
together
to
create
the
vm
right,
and
so,
when
the
the
vm
boots
up
on
the
red,
coreos
image,
it'll
say:
hey
a
machine.
B
Can
click
server,
give
me
the
rendered
worker,
hash
and
I'll
use
that
to
configure
myself.
So
so
it's
pretty
straightforward,
but
it's
kind
of
you
have
to
kind
of
just
think.
You
know
outside
the
box
a
little
bit
for
how
we
were
setting
up
these
these
nodes.
So
so.
A
A
B
I
think
actually
and
andrew,
and
I
actually.
A
A
A
So
if
you
haven't
watched
kirsten
on
the
channel
before
she'll
be
on
in
the
clouds,
the
first
episode
of
in
the
clouds
starting
not
next
week
the
week
after,
I
think
I
forget
it's
the
4th
of
the
11th.
But
she
did
do
a
great
presentation
for
that
already
and
I'm
trying
to.
B
Yeah
yeah,
I
know
she's
she's
great
anytime.
I
have
those
kinds
of
questions.
B
A
So
compliance
operators
are
what
you're
looking
for
as
far
as
the
thing,
and
while
you
know
that,
but
I
need
to
figure
out.
B
A
A
A
So
yeah
we're
trying
to
build
these
suspects
cis
benchmarks
they're
in
open,
s-cap
stuff
too
right
like.
D
B
A
So,
okay,
I
can
give
you
the
compliance
roadmap
like
for
four
six.
We
had
stig
yes,
we're
working
on
cis
and
fisma
partial
fisma,
moderate
partial,
the
first
half
of
this
year,
like
pci
dss,
iso,
2701,
hippa,
fisma,
moderate
and
the
australia
essential
8
long
term
to
be
determined
well.
D
B
Extras
in
the
back
yeah,
exactly
plus
after
the
thank
you
there's
like
you
know,
40
more
slides.
B
So
so
yeah,
so
just
to
kind
of
close
this
up
here,
the
machine
config
server.
The
idea
is
to
massively
make
identical
nodes.
B
Essentially,
so
you
got
that
one
hash,
that's
spread
across
all
your
existing
workers
and
new
workers,
and
you
know-
and
you
don't
have
to
worry
about
it,
so
this
is
kind
of
like
the
conversation
of
like
where
does
like
get
ups
come
into
play,
so
you
have
the
the
rendered
worker
hash
and
that
actually
gets
updated
automatically,
and
this
is
the
this
is
kind
of
the
same
conversation
that
we
had
again.
B
If
you
look
at
past
episodes
with
the
the
operator
right,
the
operator,
you
know
get
ops
in
operator
world
the
exact
same
thing:
it's
like
your
your
point
of
demarcation
should
be
things
that
you
control
and
not
what
operators
control
right.
So,
if
operators
control
things,
you
probably
should
keep
your
hands
off
of
that
everything
else
that
you
used
to
interact
with
the
operator.
You
can
actually
put
that
and
get
right
so
and
that's
the
kind
of
the
balancing
act
that
you
have
between.
B
What's
you
know
what
what
you
put
in
git
and
what
what
you
don't
write
and-
and
I
think
the
you
know-
that's
kind
of
the
idea-
also
that
I've
been
going
with
and
and
so
as
gerald
newton
said
it
before,
for
those
who
don't
know
he's
an
architect
in
our
in
our
canada
team.
In
one
of
one
of
my
favorite
canadians
says
you
know,
this
is
a
journey
so,
like
my
opinion,
will
change,
and
I
think
I
think
that's
very
true.
B
My
opinion
will
change,
but
for
right
now
my
opinion
is
that
you
have
you
let
the
operators
operate
and
everything
else
how
you
interface
with
that
is,
is
how
you,
how
you
work
inside
of
git,
with
the
get
ops,
workflow
so
kind
of
closing
up
the
the
machine.
Config
daemon
actually
prevents
drift
right,
because
so,
if
there's
like
a
change
or
something
else,
machine
content,
config
damon
will
reconcile
that
and
then
reboot
your
nodes.
B
I
keep
saying
reboot
your
notes,
because
most
changes
require
your
nodes
to
be
rebooted
right,
like
if
you're
gonna
make
like
you're,
adding
kernel
arguments.
You're,
that's
gonna
need
a
a
reboot
right.
Some
things.
Don't
right
like
changing
the
ssh
key,
I
think
that
for
4.7,
changing
ssh
key
now
doesn't
doesn't
trigger
reboot,
but
most
things
do
so
and
that's
important
in
a
git
ops
world
right
again,
yeah.
A
A
A
Explain
it
all,
but
it's
not
like
this
is
gonna
change.
Your
auditor's
mind
kind
of.
B
Yeah
yeah
exactly
yeah,
so
so
yeah.
So
it's
gonna
act
on
drift.
It
does
a
reboot,
that's
important
because
in
a
get
ups
world
and
I'll
explain
why
in
the
example
right,
so
you
know
os3
updates
right
with
core
os.
That's
you
know
something.
You
know
I
again
another
whole
another
show
we
can.
We
can
talk
about
osg
updates.
C
B
Yeah,
so
you
know,
updates
happened
the
same
way
right.
I
was
actually
going
to
take
this
slide
out
because
it
actually
has
more
to
do
with
something
else,
but
I
see
the
thing
yeah
yeah,
so
this
has
to
do
with
updates
and
when
updates
happen,
it's
rebooting
the
servers
and
you
know
blah
blah
blah
kind
of
update
the
ignition
reboot.
The
servers
that
sort
of
thing
right
same
thing
happened
with
the
machine
config
name
and
it'll
update.
B
You
know,
write
out
the
files
reboot
the
servers
connect
to
openshift
and
there
you
go
right.
So
sorry
I
powered
through
some
of
the
last
slides.
You
guys
can
take
a
look
at
that.
You've.
D
B
C
B
You
can
you
can
take
a
look
at
those
right,
so
I
will
oops.
I
didn't
mean
to
do
that.
I
do
want
to
share
my
screen.
Yeah.
B
Yeah,
let's
exit
this,
there
we
go
and
so
so
yeah.
Let
me
what
do
I
there
we
go.
I
remember
that
you
can
move
this
thing.
Oh
yeah,
there
we
go
and
move
it
over
here
because
yeah
toss
it
off
the
side
yeah.
So
I
have
a
machine
config
example
here.
Right
so
is:
is
this
big
enough?
Should
I
make
it
a
little
bigger
or.
B
There
we
go
yeah
pretty
soon.
Well,
everyone's
has
all
the
these
big
screens
now
that
everyone's
remote
right.
B
You
can't
eat
it
right,
yeah
exactly
so,
like
you
know,
if,
if
I'm
like
putting
stuff
like
at
200
at
some
point,
I
go
okay,
yeah!
No,
that's!
I
need
glasses
anyway,
so
I
have
a
a
sample
of
machine
config
right
machine
config,
I'm
going
to
target
all
the
workers.
This
is
what
this
label
is.
It's
like
other
workers.
I
want
you
to
write
this
file
out.
I
want
you
to
write,
you
know
foo
and
foo
other
right.
B
So,
as
you
can
see
here,
I
have
this
thing
called
files
and
you
can
just
kind
of
load
all
the
all
the
files
right
in
one
file
right,
I'm
using
version
3.1
for
the
ignition.
So
if
I
drop
over
here,
let
me
see
oc
version
make
sure,
okay
yeah,
so
I'm
connected
to
this
cluster.
I
do
oc
get
mc
mc.
This
is
a
machine
configs
right
and,
as
you
can
see,
these
machine
configs
has
all
the
configurations
that
you
need.
B
B
I
want
to
add
this
ssh
key
right,
and
this
is
the
you
know,
based
on
ignition
and
if
let
me
clear
this
here,
but
the
oc
get
mc
you'll
see
that
there's
other
ones
like
kubelet
container
runtime,
you
know
blah
blah
blah,
and
but
these
are
all
like
glommed,
together
into
what
we
call
machine,
config,
poles
right.
We
have
one
for
the
master
and
one
for
the
worker.
B
So
if
we
get
she
config
pool
worker
this
oyama,
this
is
essentially
everything
right.
It
says:
where
is
it
here?
It'll
tell
you
yeah
machine,
config,
selector
everything
with
the
role
worker.
You
know
I
want
you
to
have
you
know
zero,
zero
worker.
I
want
you
to
machine
config
between
the
runtime.
I
want
you
get
machine
configured
generated
registries,
blah
blah
blah
right.
B
This
is
like
the
list
of
of
a
machine
config
pools
to
use
right,
yeah
and
then,
if
I
curl,
let's
see
if
I
can
remember
this
andrew.
D
B
B
You
may
have
to
help
me
out
with
this
so
https
api.
So
first
let
me
figure
out
what
my
api
is.
A
B
B
Yeah
copy
paste,
yeah
so
copy
this.
I
forget
what
the
port
is.
Two
two
three,
you
know
what
let
me
just
google
it
you.
A
A
C
A
B
D
B
B
It
says,
or
something
like
that,
let's
just
look
at
the
dock
right
installing
on
on
bare
metal.
Let's,
let's
do
that
because.
B
Porch
there
we
go,
I
see
where
is
the
there.
We
go
two
two
six
two
three
and
that's
the
machine.
Oh
it's
internal
only
so
I
might
not
be
able
to
get
this.
B
Yeah,
I
might
be
able
to
get
this.
I
could.
B
I
could
I
could
look
at
my
nightlys.
B
All
right
cool
and
then
that's
actually,
let's
go
back
to
the
slides,
because
I
think
I
have
it
in
the
slides
here.
B
It's
one
of
these
slides
config
worker,
okay,
so
it's
a
config
worker
there
we
go.
Let
me
jq
this
because
so
that's
the
relationship
here
right,
so
it
is
the
machine
config
pool.
So
if
I
do
oc
get,
let
me
clear:
this
oc
get
mcp
worker
right.
So
this
this
guy
here
in
the
end,
turns
out
to
be
this.
You
know
ignition
file
right
and
so,
which
is
the
one
big.
You
know
blah
of
everything
that
gets
configured.
This
is
managed
by
the
operator
for
the
mission
config
operator,
so.
B
You
wouldn't
managed
you
wouldn't
manage
the
machine
config
pools
in
a
git
ops
way.
You
would
manage
anything
additional
that
you're
just
adding.
So
this
is
the
this
is
the
example
I'm
going
to
be
going
through
here.
So
I
have
this
machine
config
that
that
basically
writes
out
two
files
right
and
it
writes
out
two
files
on
our
workers
going
back
here.
Let's
go
back
one
here,
but
I
have
all
this
other
stuff
with
it
right.
So
what
happens
when
you
apply
a
machine?
B
Config
right,
I
said
it
a
few
times
during
during
the
slide
overview.
Is
that
the
nodes
reboot
right,
the
nodes
reboot?
So
what
happens?
If
you
are
applying
a
bunch
of
kernel
updates
and
you
reboot
the
server
while
it's
rebooting
right
you're,
you
basically
corrupt
your
your
os
essentially-
and
this
is
the
problem
actually
me
and
william
were
trying
to
try
to
figure
out
because
he
had
this
thing.
B
Where
he's
applying
things
in
such
a
way-
and
he
goes,
how
would
you
do
this
in
a
get
ops
fashion
and,
and
the
answer
is
actually
hooks
resource
hooks
right
so
again,
if
you
guys
haven't
seen,
we
did
an
episode
on
resource
hooks.
Is
that
there's
a
pre-hook
there's,
there's
a
there's,
you
know
the
the
sink
and
then
there's
a
post
hook
right.
B
So
as
you're
as
I'm
running,
this
is
essentially
what
what
I'm
doing
is
that
I
am
doing
a
job,
I'm
doing
a
post
sync
job
right
and
I'm
deleting
it
right
after
because
I
don't
need,
I
don't
need
it
after
it's
done
and
what
I'm
doing
is
I'm
essentially
I'm
waiting
for
my
machine
config
pool
to
reach
a
certain
condition
right
or
where
it's
just
updated.
B
So
what
I'm
doing
is
that
I'm
applying
the
machine,
config
pull
and
I'm
essentially
waiting
until
all
nodes
reboot
and
come
back,
I'm
doing
it
for
the
worker,
I'm
not
actually
doing
anything
to
the
master,
but
I
added
the
master
anyway,
and
actually
I
just
I
see
an
error
here.
This
won't
be
good.
Let
me
there
we
go.
B
So
the
master!
Actually,
this
comes
back
quick
because
the
master
doesn't
do
anything
here.
In
order
to
do
this,
I
have
I
have
to
do
an
oc
wait
and
I
have
to
create
an
actual
service
account
for
this.
This
is
like
goes
back
to
I
need
to
create
a
service
account.
Then
I
need
to
create
the
rbac
that
specifies
the
specific
api
extensions
and
I'm
just
doing
a
get
list
right.
So
this
and
then
for
this
machine.
Config
right.
I
just
need
a
read-only
guy
here.
B
So
when
I
run
customize,
it'll
it'll
load
him
in
this
fashion
and
but
then,
since
I
have
a
a
where's
my
there,
it
is
since
I
have
a
hook
right,
it
will
run
this
machine
config
it'll,
wait
until
all
nodes,
reboot
and
then
and
then
it'll
report
healthy.
B
So
if
you
have
multiple
things
that
you're
doing
you
can
kind
of
do
this
in
a
cascading
fashion
right,
so
you
think
you're
not
just
applying
all
kinds
of
stuff
all
at
once,
triggering
many
reboots
you
could
you
know
one
corrupt,
your
os,
especially
if
you're
doing
machine
configs
machine
configs.
You
can
actually
really
shoot
yourself
in
the
foot.
Like
I
said
before,
yeah
we
don't
you
know
it's
like
it's
like
a
rm-rs
like
slash
like
you
know,.
B
Right,
yes,
yeah,
yeah,
and
so-
and
this
is
like
less
less
of
a
big
deal
in
the
cloud
right
because
you
just
you
know,
create
another
machine
set
and
then
you're
up
and
running,
but
like
if
you're
doing
it
on
bare
metal
yeah
like
wiping
out
the
disc
and
trying
to
re-boot
that
yeah,
it's
not
fun,
it's
not
a
fun.
I
mean
it
doesn't
bring
me
joy,
yeah,
it's
easier
than
you
know.
You
know
back
into
v3
days
when
you
have
a
whole.
You
know
rel
that
you
have
to
rebuild.
B
B
B
If
your
data
center
is
downstairs,
so
I
have
argo
up
here
there
we
go,
I'm
using
4.6.
I
actually
tested
this
on
4.7,
but
I
was
like
I'll
just
use
4.6
for
now,
yeah
smart.
B
Actually
I
have
this.
Where
is
it
yeah
repositories?
I
need
to
add
the
repositories
there.
We
go
repository
url
and
that
should
be
enough
cool.
B
So
for
those
who
haven't
spent
time
playing
with
argo
again
at
this
repo,
you
can
play
with
argo,
it's
kind
of
a
little
mini
lab.
You
can
use
crc
crc
works
on
it.
I
tried
doing
it
on
the
playground.
It
technically
does
work
as
long
as
you're
patient
enough
for
waiting,
because
there's.
B
B
Know
grab
yourself
some
tea
sit
down.
You
know,
you
know,
turn
off
your
phone.
Like
it's
gonna.
You
know.
B
It
works
on
crc;
it
also
works
on
any
openshift
cluster,
so
cool,
let's
create
a
new
app.
Let's
call
this:
what
are
we
calling
this
chris.
B
We
used
to
do
whatever
like
we
did
like
for
spaceballs
characters
and
star
wars.
Characters
I
think
be
now
now
we're
just
let's
just
call
it
just
just
make
it
up:
yeah
yeah,
so
we'll
do
a
manual
sync
just
kind
of
just
to
see.
What's
going
on?
Oh
that's!
Another
thing:
if
I
do
an
oc
get
mcp
right
notice,
I
didn't
have
to
specify
a
name.
Space
is
because
this
is
like
a
like
a
global.
It's
a
cluster-wide
thing.
B
So
so
repository
my
examples
and
then
I'm
gonna
do
I
forget
what
I
called
it:
testmc,
okay,
good
job
using
octocat.
B
Yes,
whoever
did
I
don't
know
who
someone
I
remember
it
was
during
a
show.
Someone
said
they
want
to
use
octocat
and
now,
like
I'm,
a
big
fan.
B
A
B
B
There's
a
yeah
there's
like
this
little
ghost
here.
It's
like
it's
missing,
it's
a
ghost.
Instead,
so
here
I
have
a
machine,
config
notice,
how
I
don't
have
my
job
there
yeah,
because
it's
it's
a
temporary
object
right.
So,
let's
click
on
sync,
let's
cross
our
fingers.
C
B
Right,
it's
still
in
the
syncing
phase
right,
so
it's
it's
healthy,
but
it's
not
100
ready
because
what's
going
to
happen
here,
if
I
go
back
and.
B
Correct
if
I
do
oc,
get
machine,
config,
right
notice,
how
now
I
have
my
my
worker
foo.
B
Right,
if
I
do
oc,
get
yaml
right
I'll
have
it
has
like
all
the
stuff
that
I
have
in
my
repo
right.
So
that's
cool.
If
I
do
oc
get
pods
in
the
argo
cd
namespace
notice,
how
there's
two
two
jobs
running?
B
Let's
do
get
jobs
oops,
so
the
the
worker
one
is
waiting
still
waiting
right.
Waiting
to
complete
the
master
got
done
right
away
right.
That
was.
B
It
says
waiting
to
converge
right.
The.
B
If
I
do
oc
get
nodes,
it's
because
I
don't
have
to
update
the
work,
the
masters.
So
if
you
remember,
if
you
go
back
to
the
mco,
the
mc
I
say
I'm
just
targeting
workers,
I'm
not
targeting
masters,
so
it
says
right
there,
I'm
just
so.
You
know,
there's
no
need
to
update
the
the
masters
protect.
B
Yeah
protect
your
master,
that's
right
here,
you
notice,
it
says
ready
scheduling,
disabled
so
what's
happening
is
the
machine.
Config
is
going
on
and
rebooting
all
of
these
guys
and
then
writing
out
the
file
and
rebooting
writing
out
the
file
rebooting
right,
and
so
this
is
what
the
worker's
doing
so.
C
B
A
B
Yes
correct
so
here
I
don't
know
why
I'm
getting
this
error,
but
this
is
like
a
a
false,
negative,
plus
negative
right.
D
A
D
B
And
so
so
yeah,
so
here,
if
I
do
an
oc
get
yeah
the
log.
So
that's
what
it's!
Oh,
the
worker!
Okay!
So
it's
done
or
was
done?
Oh
so
you
know
this
is
funny.
This
is
what
happens
and
I'm
not
actually
william's
on.
B
So
I
was
actually
working
with
this
with
william
a
little
bit
in
the
past
few
days
because
the
nodes
are
rebooting,
like
my
argo
cd
instance
goes
away,
so
that's
cool,
and
so
I
have
to
wait
until
it
comes
back
there.
We
go
because
you
know
it
has
to
cordon
all
the
all.
D
B
Yeah
so
well
yeah,
so
well
this
well
well!
This
is
going
here
yeah,
so
I
did
notice.
I
did
want
to
call
out
their
that
they
are
changing
the
names
right,
we're
no
longer
going
to
be
using
master.
We
were
waiting
for
the
upstream
right
for
them.
B
B
D
D
B
Definitely
I'll
go
ping
ping
chris
he's
a
cncf
ambassador.
So
that's
what
I
do
guess.
B
D
B
Exactly
every
friend
I
always
do
change
root
host
and
I
do
bash
because
I
don't
like
sh.
So
if
I
do
hear
etsy
foo
there
we
go,
you
see
it
wrote
my
file
out
right
and
I
do
cat
foo
yeah
git
ups
is
fun,
it's
exciting.
Hopefully
I
don't
have
that
other
thing
on
here.
A
D
B
The
emoji
right
with
the
burning
guy
that
would
be
exactly
so
yeah,
so
this
is
so.
This
is
just
gonna
take
a
while
because
it's
just
I'm
just
gonna
do
that
rolling
thing.
But
the
idea
of
this
here,
as
as
we're
getting
more
and
more
for
those
of
you
who
are
newly
tuning
in
I
definitely
recommend
going
to
see
other
shows
because
as
we're
getting
more
and
more
further
along
in
this
journey,
there's
going
to
be
more
and
more
complex
deployments
and
I'm
going
to
be
using
things
like.
B
If
I
go
back
here
to
the
worker,
I'm
gonna
be
using
things
like
sync
waves
and
sync
hooks
and
deletion
policies.
Right-
and
you
know,
as
you
know,
things
things,
getups
are
so
new
things
aren't
get
ups
friendly,
all
the
time
in
the
beginning,
especially
right
for
brownfield
deployments
or,
if,
like,
if
you're
doing
refactoring
or
if
you're.
Just
if
you
know
everyone
has
techdid
right.
B
Yeah
yeah,
even
my
old
applications
that
I
test
with,
I
have
there's
like
tech
dead
like
I
never
you
know
never
thought
that
you
know
I
would
be
deploying
it
this
way.
So
you
have
to
do
more
and
more
things
like
this
and
as
we
progress
things
will
get
more
and
more
friendlier.
B
Obviously,
there's
things
you
can
do
things
that
are
kind
of
hacks
like
apps
of
apps
right
and
there's
and
that's
the
show.
I'm
gonna
do
a
complete
show
about
apps
of
apps.
Essentially
it's
an
argo
cd,
app
that
deploys
other
argo,
cd,
apps,
nice
and
there's
just
you
know
some.
B
Yeah
yeah,
it's
very
meta
right,
especially
since,
and
I'll
go
over
this
in
depth
in
that
episode,
but
largo
cd,
the
the
top
thing
in
argo
city,
is
project.
I'm
sorry,
it's
applications
in
an
open
ship.
The
top
thing
is
project
right,
so
they
in
in
in
our
inargo
cd.
The
concept
of
project
exists,
but
it's
not
the.
B
It
doesn't
sit
on
top
of
the
entirely
then
like
in
open
shift
or
in
kubernetes
that
namespace
and
project
does,
and
it
makes
sense
right
because
your
project
could
be
made
up
of
different
name
spaces
across
multiple
clusters.
So
it
makes
sense
why
projects
are,
but
you
have
to
kind
of
just
think,
change
your
paradigm
thinking
a
little
bit
yeah
and
so
yeah,
so
that
was
kind
of.
Like
me.
Pontificating
about
you
know,
watch
some
of
these
past
shows
where
I
do
some
of
these.
B
When
I
explain
some
of
these
things
and
going
forward,
I'm
going
to
be
doing
some
of
these
more
advanced
things.
I
want
to
call
them
advanced,
but
you
know
progressing
in
the
journey
right
of
just
syncing,
just
syncing,
yaml,
right
or
just
deploying
a
helm
chart
right,
because
that's
like
the
first
step
in
a
long
process
is
you
know:
infrastructure
has
code
right,
that's
step,
one
I'm
putting
everything
in
get
and
I'm
syncing
it
in
get,
and
then
the
and
then
there's
like
the
process
behind
that
right.
B
In
this
you
know
operations
by
pull
requests
and
then
there's
like
triggers
and
stuff
like
that,
so
I'm
going
to
be
talking
about
in
future
episodes
about
tecton
and
doing
the
ci
part
of
it
right
because
a
lot
you
know,
if
for
those
of
you
been
watching
for
a
while,
I've
been
doing
a
lot
with
cd
but
haven't
really
touched
ci
and
I
think
that's
a
very
important
part
of
it.
B
So
yeah
I
do
have
some
shows
planned
about
tecton
and
about
you
know
using
tekton
with
argo,
and
you
know
doing
the
whole
process
of
of
essentially
get
ops
right
where
maybe
maybe
I'll
have
chris.
You
know
chris
you've
been
you've,
been
doing
fun
stuff
with
ocs
now,
maybe
now,
maybe
now
maybe
I'll
get
you
involved
I'll
say
maybe
I'll
have
chris
short,
do
a
pr
against
my
repo
and
we'll
go
through
the
process
of
like
okay.
He
wants
to
make
changes
right,
the
cluster
I'm
managing.
B
B
Right
so
so
yeah
so
cool.
So
I
know
you
me
chris.
We
have
almost
a
hard
stop
at
the
top
of
the
hour
right,
so
we
got
yeah.
We.
A
Do
have
to
jump
to
an
we
have
a
meeting
with.
B
Another
guy
we're
actually
episode
no
was
about
a
future
episode
right.
We
have
actually
a
lot
of
cool
things
planned.
A
part
of
this
whole.
You
know
going
corporate
thing
is
that
we
actually
had
to
plan
out
our
episodes
right,
so
we
had
to
plan
out.
You
know
for
the
for
the
marketing
folks,
our
episodes-
and
this
is
like
one
of
the
plannings
that
we're
doing
next
episode.
I
think,
like
the
first
official
episode,
maybe
I
should
wear
a
tie
or
something
we're
going
corporate.
Oh.
A
B
A
blazer
or
like
a
tie
that
has
like,
like
galaxy
stuff
on
it
right
like
the
space
planets
and
oh.
B
You
go
that's
right,
yeah,
we'll
we'll
we'll
get
we'll
get
that
going.
So
there
any
questions
here
or
any
any
fun
discussion
points
here.
A
Hit
that
link
that
I
just
posted
I'll,
do
it
again,
hang
on
bang
get
up
yeah.
B
A
Same
thing,
so
it's
funny
you
created
that
and
I
was
like
I
saved-
that
for
the
official
product.
Nah
christian
doesn't
care
yeah
yeah,
exactly.
D
A
B
Yeah
so
like
it's
well,
you
know
what's
funny
and
you
know,
since
we
have
some
time
a
little
bit
and
I'll
talk
about
the
I
have
the
email,
christian
christian
at
redhat.com
and
every
once
in
a
while,
like
you
know,
like
another
christian
from
red
hat
will,
like
will
like
say,
we'll,
send
a
test
email
to
christian
redhat.com.
B
D
B
B
Yeah
see
if
that's
taken,
yeah
and
see
if
you
can
get
that,
I
bet
it
is
yeah.
So
it's
so
yeah
so
kind
of
the
same
thing:
right,
red
hat,
slash
bit,
ops
taken!
So
sorry,
you
gotta,
you
gotta
it's
kind
of
like
a
squatting
right.
It's
kind
of
the
the
domain
squatting.
So
the
except
I
accept
red
hat
points
right.
So
our
internal.
B
There
you
go
so
all
right
cool,
so
I
don't
have
anything
else,
and
I
know
we
have
a
hard
stop
here
there
there's
not
any
questions
here.
No,
I
think,
that's
it.
That's
it
yeah.
This
was
a
tough
subject
to
cover
such
a
short
time.
The
idea
is
that,
just
to
recap,
don't
be
touching
the
machine
config
pools
because
that
gets
updated
right,
oc
get
mcp
those
get
up
those
get
handled
by
the
operator
operators.
B
You
know
you're
gonna
get
bad
times.
If
you
try
to
operate.
C
B
That
gets
managed
by
the
cluster
itself.
Any
additional
ones
you'll
definitely
want
to
manage
in
a
get
ups
way
like
like.
I
did
here
so.
A
Yeah
appreciate
it,
thank
you
so
stay
safe
out
there.
We
are
actually
off
tomorrow,
the
whole
company's
taking
a
day
off
because
of
the
current
times.
We're
in
so
thank
you
very
much
for
including
us
in
your
day.