►
From YouTube: KBE Insider (E4): Maciej Szulik
Description
We talk to Maciej Szulik, Software Engineer, Red Hat, about what it’s like being a SIG-lead and his work on Kubernetes CLI. KBE Insider, hosted by CNCF Ambassador Chris Short, lets you reach people deeply involved with Kubernetes, hear what they have to say, and interact with Kubernetes experts from across the globe.
What is KBE Insider?
We feature Kubernetes thought leaders and talk about different topics to get you thinking inside and outside of the box.
Learn more at https://www.kubernetesbyexample.com/community/kbe-insider
A
A
A
A
Good
morning,
good
afternoon,
good
evening,
wherever
you're
hailing
from
welcome
back
to
another
kbe
insider
show,
I
am
chris
short
host
with
the
most
of
this
thing.
We
call
red
hat,
live
streaming.
I'm
joined
by
a
special
guest
host
today,
steve
speicher,
as
well
as
our
special
guest
machek
shulik,
but
you
know,
and
machek
is
a
great
contributor
to
the
community.
I
lost
the
page
with
all
his
descriptions.
All
of
a
sudden,
the
tabs
which
are
rooney
hang
on.
B
Thank
you
hi
good
morning,
everyone,
I'm
gonna,
talk
about
some
highlights
here,
as
I
do
on
on
all
episodes,
except,
I
guess
gordon
did
a
really
really
good
job
last
last
month,
so
I
do
have
a
lot
to
uphold,
but
security
has
been
a
big
issue.
I
think,
with
kubernetes
in
the
last
couple
of
months
and
one
of
the
a
couple
of
the
articles
that
I
want
to
highlight.
B
There's
a
new
tool
that
wants
to
save
open
source
from
supply
chain
attacks,
sig
store,
will
make
a
code
signing
free
and
easy
for
software
developers
providing
an
important
first
line
of
defense.
This
is,
I
think,
a
really
really
good
first
step
in
in
in
you
know,
defending
those
attacks
and
then
there's
a
nsa,
cisa
kubernetes
hardening
guidance,
which
also
identifies
the
common
areas
of
kubernetes
security
risk,
says
supply,
chain,
malicious
actors
and
insider
threats.
It
aims
to
educate
engineers
to
avoid
common
misconfiguration
issues
and
safeguard
applications.
B
The
guidance
suggests
that
supply
chain
risks
are
hard
to
mitigate
and
can
emerge
in
the
container
building
cycle
or
infrastructure
provisioning,
especially
in
cloud
environments,
and
then
we
have
helga
labas
coming
in
talking
about
how
to
secure
kubernetes
as
it
becomes
mainstream.
This
is
an
actually
an
interview
with
the
ceo
of
arma
who
talks
about
securing
kubernetes
systems.
What
makes
them
susceptible
to
cyber
attacks
and
what
should
organizations
expect
when
deploying
them?
He
answers.
You
know.
B
Attackers
are
looking
for
targets
and
how
do
they
choose
their
targets
by
a
combination
of
key
parameters,
the
value
of
the
target
and
how
easy
it
is
to
attack
it.
So
after
talking
about
this
stuff,
obviously
we
need
to
have
a
way
of
knowing
if
our
kubernetes
network
security
strategy
is
solid,
and
then
I
think
there
are
four
critical
questions
that
must
be
asked
to
understand
where
these
vulnerabilities
persist
and
where
steps
need
to
be
taken
to
ensure
adequate
protection
within
your
container
network.
So
before
you
decide
anything,
ask
these
five
questions
to
yourself.
B
Does
your
network
inspection
achieve
complete
visibility?
What
isn't
protected
by
your
security
deployment
or
service
mesh?
What
are
the
limitations
of
your
existing
web
application?
Firewall
protection?
Are
you
addressing
security
drift
and
how
fast
can
your
kubernetes
security
mitigate
threats
again
very,
very
important
theme
in
the
world
of
kubernetes?
B
Now
I
will
drop
in
the
links
for
for
the
for
these
specific
opinion,
pieces
and
and
news
articles
that
I've
addressed
right
now
and
then
going
in
what
are
the
main
drivers
and
challenges
of
container
technology
today,
obviously,
security
being
one
of
the
main
challenges,
they're
related
to
the
application
container
technology,
they
limit
it's
its
adoption,
there's
a
lack
of
internal
alignment
and
experience
in
kubernetes
management
that
are
also
named
among
the
key
barriers
to
adoption
main
drivers
are
increasing.
B
Number
of
enterprises
are
opting
in
for
the
powerful
deployment
options
and
visibility
over
complex
deployments,
efficient
distribution
of
workflows
across
clusters,
resources
and
accelerated
software
delivery
powered
by
kubernetes.
But
despite
the
challenges,
the
idea
of
a
simplified
and
automated
service
delivery
continues
to
drive
the
deployment
of
kubernetes
across
across
the
world.
Then
we
wanna
highlight
the
five
devsecop
devsecops
open
source
projects.
B
Again,
you
can
go
in
and
look
at
this
article
to
learn
more
about
these
projects,
but
teams
that
embrace
the
devsecops
approach
make
security
an
integral
part
of
the
entire
application
lifecycle,
and
these
specific
open
source
projects
aim
to
help
that
claire
six
door
cube
linter,
open
policy
agent
and
gatekeeper
and
falco.
B
So
I
will
again
drop
all
of
these
links
into
the
chat
feel
free
to
go
and
check
those
out.
Come
back
to
kubernetes
kbe
news
page.
Every
week
we
have
great
articles
coming
up
today
as
well
and
giving
it
back
to
you
chris
and
steve.
A
Thank
you,
mina
awesome
and
yes,
security
has
been
a
huge
issue.
Lately
my
check
take
it
easy
mina.
A
C
It
is,
let's
start
that
I
was
a
sixth
cli
lead
for
almost
four
years
now,
and
I
said,
was
because
last
week
I
officially
stepped
down
from
the
6th
july
chair
role
in
6th
july.
We
have
a
division
of
what
a
chair
does
and
what
a
tech
lead
does.
C
So,
theoretically,
all
of
us
are
wearing
both
hats,
but
over
time
when
we
want
to
appreciate
someone
else-
or
I
will
be
slowly
stepping
down,
but
I
want
to
help
with
the
technical
side
of
things
I'm
giving
away
the
organizational
hat
and
will
take
care
of
the
technical
stuff,
especially
that
I
have
a
lot
of
knowledge
that
most
importantly,
historical
knowledge
and
decision
that
we
that
we
did
over
the
past
years-
and
I
know
that
the
other
chairs
and
tech
leads
were
asking
me
to
be
around
to
help
them,
because
that
historical
knowledge
is
sometimes
helpful
for
resolving
conflicts
and
situations
which
are
basically
on
a
daily
basis.
C
So
that's
that
matters
yeah
the
context
why
we
did
this
this
way
or
the
other
way
in
the
past.
Have
we
tried
to
look
into
this
or
something
else?
And
yes,
we
usually
have,
but
the
decision
from
the
past
was
that,
because
there
are
those
other
stuff
that
might
interact,
we
have
to
make
this
hard
decision
of
doing
this
or
or
differently.
C
So
this
definitely
saves
a
lot
of
time.
When
I
can,
when
I
can
look
it
up
in
my
head
somehow
I
don't
know
how
I
managed
to
to
to
keep
a
hold
of
this
many
information.
But
somehow
I
do
that,
but
I
think.
C
C
6
july
varies,
but
I
think
it'll
be
somewhere
between
10
and
20
people
that
are
constantly
on
our
well.
Currently
we
have
this
many
meetings
that
we
are
meeting
every
week
because
there's
the
official
six
cli
meeting
is
every
other
week
and
that's
that's.
In
the
other
weeks
we
are
doing
box
crops
and,
just
recently
katrina
started
doing
customized
box
crops.
So
no
matter
what
wednesday
there's
usually
a
six
july
meeting,
whether
that
will
be
box
crop
or
customized
crop
or
a
regular
meeting,
it's
all
in
the
calendar.
D
C
Right
so
I
was
part
of
the
sig
apps.
Basically,
since
the
initial
days
when
I
started
working
on
cube
because
my
my
initials
to
my
original
story
with
kubernetes
started
with
jobs.
Well
at
the
time
it
was
called
actually
schedule
a
job,
so
that
was
the
idea
of
adding
something
like
crons
in
linux.
If
you're
familiar
with
linux
systems,
you
know
that
there
is
an
ability
to
schedule
some
tasks
at
any
given
point
in
time.
C
C
If
I
remember
correctly,
but
since
then
I
was
jumping
the
train
in
couple
of
places
and
if
you
look
at
my
contributions-
and
I
I
don't
know
what
I
was
doing-
but
I
was
looking
for
something-
and
I
was
looking
for
what
I
did
what
I
touched,
I
touched
very
different
places
in
the
cube
ecosystem
and
even
though,
on
a
daily
basis,
the
team
that
I'm
leading
at
red
hat
is
overlooking
both
six
july
sig
apps
and
also
it's
like
scheduling.
C
But
thankfully
I
have
amazing
folks
working
with
me
that
are
handling
the
six
scheduling.
I
don't
have
to
do
it
because
my
mind
would
blow
what
I
would
have
to
look
at
the
third
sig,
but
even
still,
I'm
also
participating
in
sig
api
machinery
and
trying
to
to
look
into
what
they
are
cooking,
both
from
seagap's
perspective,
because
controllers
are
interacting
with
api
one
way
or
the
other.
A
lot
of
primitives
that
makes
the
api
machinery
is
working
on
is
being
used
heavily
in
both
sick
apps
and
sex
cli.
D
C
Well,
that
was
an
interesting
turn
of
events.
C
I
was
basically
invited
to
a
conference
that
was
happening
in
southern
poland,
pretty
close
by
where
I
was
living
in
a
very
small
city
nearby
and
a
friend
of
mine
asked
me,
oh
there's
an
open
source
days
happening
in
biansko
biawa.
That
was
like
seven
years
ago
in
march.
If
I
remember
correctly-
and
I
was
like
oh
yeah-
I
I
promised
to
go
with
you
on
a
conference
a
couple
months
before
and
but
I
couldn't
make
it
so:
oh
yeah
I'll
join.
Also.
C
There
was
a
time
when
I
was
a
couple
months
after
switching
my
previous
previous
job
to
the
current
one
at
the
time,
and
I
was
like
very
disappointed
by
the
pick
that
I
did
like
literally
after
a
week
of
working
there
I
was
like
yeah,
that's
not
the
place
that
I
want
to
be
in.
C
Well,
it
happens
and
I
went
to
the
open
source
days
and
I've
met
my
wonderful
friends
and
coworkers
until
today,
volta
who's,
currently
in
charge
of
hr
in
czech
republic
and
mikhail
vertig
and
me.
How
is
a
staff
engineer
in
openshift
until
this
day-
and
he
was
my
team-
lead
for
a
very
very
long
time,
and
I
consider
him
and
my
friend
so
and
we
started
chatting
and
it
was
like.
C
Oh,
it
would
be
so
cool
to
be
able
to
work
with
you.
There
was
one
little
myth
at
the
time.
Is
that
openshift
back
then?
That
was
seven
years
ago
was
at
the
version
two
that
was
written
in
ruby
and
I'm
being
titanista.
I
was
like
yeah,
that's
not
my
game,
so
I
applied
for
two
positions.
Actually
one
was
for
openstack
and
other
one
was
for
openshift
and
because
of
being
and
having
my
heart
with
python,
I
cared
more
about
the
open
stack
role
more
than
the
the
open
shift.
C
It
turns
out
that
I
didn't
get
the
openstack,
because
I
was
missing
some
addition:
a
proper
virtual
machine
knowledge,
but
I
got
the
openshift
role
soon
after
openshift
started
working
on
v3
and
we
switched
from
ruby
to
go,
and
I
was
like
oh
yeah,
that's
fine,
because
I
work
with
java
before
I
work
with
c.
So
switching
from
from
ruby
over
to
go
was
pretty
was
pretty
exciting
for
me
actually,
and
that's
how
I
landed
over
at
red
hat,
I
did
touch
the
ruby
codes
for
quite
a
while.
C
I
think
I
was
one
of
the
last
person
that
was
still
maintaining
v2.
I
think
folks
that
were
joining
red
hat
after
me
did
not
maintain
the
v2
already
because
they
were
already
jumping
into
v3
and
go
based
solution.
So
how
was
it.
D
Shift
that
you
that
have
happened
out
worked
out
for
you,
I
mean
you
worked
out
for
the
team
overall.
So
it's
great
to
hear
the
one
thing
that
I
think
is
an
interesting
story.
Hearing
folks,
like
you
work
upstream
so
much
to
the
community,
is
that
there's
a
lot
of
pieces
there
that
are
kind
of
hard
to
pull
together,
but
at
the
same
time
you're
managing
delivering.
D
I
won't
call
it
downstream,
but
you
know
a
thing:
that's
taking
those
bits
from
the
upstream
and
then
downstream
china
products,
I'm
dealing
with
the
hass
releases,
so
you're
working
with
many
versions
of
cube
or
cube
c
cubes
cuddle
cube
ctl,
whatever
you
want
to
call
it
right
and
and
have
to
deal
with
those
challenges.
So
I'd
be
kind
of
interested
to
hear
your
story
there.
C
Okay,
so
before
I
jump
into
that
one,
let
me
straight
up
one
thing
about
the
cube:
cuddle
cube
ctl,
whichever
I'm
gonna
use
both
interchangeably.
C
I
love
it,
although,
although
a
couple
years
back,
if
you
are
familiar
cube,
cuddle
had
a
has
a
logo
and
we
struggled
with
it
and
talking
with
phil
and
sean
at
the
time
who
were
leading
six
cli
well
are
still
until
today
we
figure
out
that
maybe
something
like
cuddle
fish
for
cube
cuddle,
which
is
cuddling
the
cube
logo.
C
If
you
haven't
checked
the
logo,
if
you
go
to
kubernetes,
keep
cuddle
on
github
you'll,
see
the
our
logo
proudly
presented
on
the
front
page,
but
both
names,
even
though
we
went
with
the
cuddle.
Both
names
are
perfectly
okay
and
I've
seen
lots
of
questions
debits,
and
it's
actually
something
that
we.
C
We
are
being
asked
almost
every
single
time
when
we're
talking
about
six
eli
during
kubecons
for
the
past
three
four
years,
I
would
say-
and
now
going
back
to
your
original
question,
I
must
admit
that
the
fact
that
cube,
decided
to
switch
from
four
to
three
releases
a
year
was
a
significant
improvement.
From
my
point
of
view,
because
if
you're
thinking
about
just
cube,
you're
thinking
about
past
four
releases,
currently
three
releases,
but
for
me,
as
you
said,
that
means
double
the
digit.
So
it
was
eight
releases
a
year
or
six
releases.
C
Currently
because
for
me
my
life
cycle
looks
like
this.
I'm
done
with,
let's
say
kubernetes
122,
which
was
released
a
couple
weeks
back
and
I'm
jumping
immediately
into
into
openshift
four
point
wherever
4.9,
which
will
be,
which
is
based
on
on
kubernetes
122
and
that
will
be
released
in
a
short
while
and
then
immediately.
I
need
to
jump
on
the
track
and
start
working
on
123
already
and
we
will
be
slowly
preparing
for
another
version
of
openshift.
C
But
thankfully
I
have
an
amazing
team,
both
upstream
in
six
cli
as
well
in
the
sig
apps.
That
does
a
lot
of
the
work
and
can
help
me
with
pretty
much
delivering
any
and
any
single
feature,
whether
that's
downstream
or
upstream.
C
Yeah,
so
with
open
source,
the
story
goes
back
to
python
and
all
the
way
back
to
my
to
my
university
years
like
20
years
ago,
or
something
along
those
lines.
I
took
a
class
on
python
and
I
was
like
yeah
well
ma,
not
sure.
C
If
that's
something
for
me,
a
couple
months
went
by
and
I
had
an
internship
and
during
the
internship
I
got
to
work
with
python
heavily
and
that's
where,
where
where
I
fell
in
love
with
python
and
over
the
years
I
figured
out
well,
the
community
here
and
with
the
specifically
the
python
community
was
delivering,
was
providing
me
with
this
amazing
tool
for
free.
So
I
figure
out
that
I
want
to
give
back
something
and
my
initial
contributions
were
to
python
itself.
C
I
think
I
did
a
couple
prs
to
python
itself,
specifically
imap
and
smtp
libraries
over
time
also
helped
with
box
python
work,
which
is
the
bug
tracker
for
python,
and
that's.
I
think
that
that
was
the
initial
story
where
I
started
with
open
source.
I
was
doing
as
much
as
I
could
in
my
free
time
and
I'm
trying
still
to
be
active
in
python.
Although
life
work
and
everything
else
is
not
always
in
line
with
with
my
willingness
to
work
on
python
stuff,.
C
Once
in
a
while,
I
wouldn't
say
that
I
don't
have
a
time
I
every
single
time,
I'm
working
on
something
simple,
that
I
want
to
scrape
data
or
somehow
analyze
the
data,
I'm
going
to
reach
out
for
python
every
single
time
that
I'm
I'm
doing
something
like
that.
C
Over
the
past
years,
whenever
I
was
preparing
some
kind
of
a
demo
for
openshift
or
presenting
some
ideas,
I
was
always
preparing
a
an
application
and
that
application
always
reuse
python
under
the
covers.
Just
because
I
wanted
to
give
it
a
try
in
the
past.
In
the
early
days
when
we
started
shipping
v3,
I
was
also
involved
in
source
to
image,
which
is
the
build
technology
for
for
openshift,
and
I
was
the
primary
owner
for
for
the
python
builder.
C
I
kick
off
that
one,
so
I've
always
tried
to
use
whatever
I
built
and
make
sure
that
the
experience
that
I'm
feeling
is
actually
legit
and
whether
I
should
improve
something
and
make
it
better
or
whether
it
the
ux
simply
to
say
is-
is
reasonable
for
for
a
regular
user.
So.
A
D
The
one
thing
that
I
know
if
you
want
to
maybe
jump
back
into
kind
of
the
what's
happening
in
the
cli
space
around
kubernetes
and
sig
cli.
I
don't
know
if
you
want
to
spend
a
little
time
about.
You
know,
talk
about
the
plug-in
model
like
exploration,
around
crew
and
then
kind
of
integration
with
customize
and
any
plug-in
ecosystem
kind
of
throwing
a
broad
statement.
There
sort
of
like
cli
topics
so
kind
of
curious.
C
Right
so
6cli
itself,
we
have
actually
three
main
sub
projects
that
we
are
overlooking.
You
did
mention
customize,
and
I
I
also
mentioned
earlier
today
that
we
are
doing
box
crops
and
one
box
crop
is
actually
tomorrow.
C
It's
around
6
p.m,
central
european
time
and
it's
around
noon.
Eastern
time,
9
a.m,
pacific!
C
C
There
are
cases
where
we
are
trying
to
simplify
a
lot
of
stuff
for
customize,
because
it
was
a
problem
for
some
time
where
customize
moved
forward,
and
before
that
we
decided
that
we
want
to
ship
cube
ctl
with
customize
embedded
and
the
fact
that
customize
went
so
far
in
with
features
and
capabilities.
C
We
were
left
in
cube
cuddle
with
a
pretty
old
customize
and
the
dependencies
unfortunately
made
the
problem
even
harder
for
us
to
upgrade.
So
we
had
to
refactor
a
little
bit
of
customize
to
to
be
able
to
update
the
version
and
jeff
did
an
amazing
job
here
and
worked
tirelessly
to
bring
the
necessary
changes
into
customize
and
then
update
the
customize
in
in
cube
cuddle.
So
that's
on
that
end
on
the
next
project,
crew
and
the
entire
plug-in
model.
C
C
We
look
at
other
tools,
namely
git
and
other
binaries,
how
they
implement
their
own
plug-in
models,
and
we
came
up
with
the
current
plug-in
implementation
that
your
plug-in
it
has
to
just
have.
It
just
have
to
have
a
prefix
of
cube
cdl
and
that
will
make
it
a
plug-in
to
cube
cuddle
out
of
that
acmet
and
friends
figure
out
that
it
would
be
nice
to
have
something
to
manage
the
plugins
for
for
cube
cuddle.
That's
how
the
crew
started.
C
It
thing
and
it's
pretty
popular
and
we're
very
happy
to
have
crew
on
board
and,
lastly,
which
is
a
pretty
new
addition
to
this.
Sexy
like
sub
project,
is
koi.
It's
a
project
initially
started
by
ibm
and
driven
by
nick,
especially
which
is
a
gui
approach
to
kind
of
like
a
wrapper
to
cube
cto.
It
has
a
much
richer
capabilities
of
presenting
the
output
of
the
cube
cutout
commands.
C
C
It
has
a
live
preview
of
let's
say
if
you
start
watching
pods,
and
it
allows
a
little
bit
more
freedom
around
sorting
and
formatting
the
the
output
of
the
cube
title
commands.
So
there
are
pretty
interesting
stuff.
And,
lastly,
because
you
did
mention
the
plugins
during
the
the
work
that
we
did
on
plugins,
we
extracted
a
library
called
cli
runtimes
and
that
exists
on
github
other
kubernetes,
where
we
are
providing
authors
of
the
plugins
with
a
lot
of
the
primitives
for
printing
data
for
reading
configuration,
etc.
C
D
Do
you
have?
Is
there
a
place
listing
kind
of
common
or
popular
plugins
that
exist.
A
I
mean
I'm
on
the
crew
website
right
now.
There's
154
plugins,
I'm
not
sure.
C
My
favorite,
I
would
probably
call
out
to
debug,
which
was
which
originally
started
as
a
plug-in,
but
we're
currently
in
a
process
of
pulling
debug
into
the
as
a
default
command
in
cube
cuddle.
It's
it's
rather
lengthy
process.
If
you're
a
plug-in,
it's
obviously
in
you
can
have
a
little
bit
faster
iteration
of
your
releases.
C
If
you're
in
a
in
a
core
the
process,
is
you
just?
You
basically
have
to
follow
what
cube
does,
but
on.
On
the
other
hand,
what
is
something
that
we're
we've
been
working
for?
C
So
if
you
look
under
main
kubernetes
kubernetes
repository,
there
is
a
staging
directory
and
if
you
drill
down
you'll
notice
that
there
is
a
cube
cuddle
directory,
that
means
we
are
publishing
the
contents
of
that
direct
directory
into
a
separate
repo.
The
goal
for
that
was
that
we
can
and
we
ensure,
that
the
libraries
that
are
used
within
the
staging
repo
are
not
using
any
of
the
dependencies
from
the
main
kubernetes
kubernetes
repo
and
that
eventually
we
will
be.
C
C
Challenges
are
still
ahead
of
us
for
how
to
release,
because
if
you
look
at
how
cube
currently
releases,
it
is
basically
publishing
all
of
the
artifacts
from
a
single
repo.
I
was
talking
with
sig
release.
I
think
that
was
last
week
or
two
weeks
ago
about
us
wanting
to
publish
cube
cuddle
code
or
basically
cube
cuddle
artifacts
from
a
separate
repo.
C
Maybe
shipping
cube,
cuddle
faster
than
cube,
then
cube
itself
is
because
that
was
one
of
the
goal.
If
we
move
to
separate
repo,
we
will
try
eventually
cut
the
cord
for
releasing.
Obviously,
there
are
some
challenges
coming
from
that,
because
currently
we
are
required
to
support
plus
minus
one
version,
which
is
the
default
policy
for
all
of
cube.
C
If
we
start,
for
example,
publishing
cube
ctl
every
month,
that
means
we
need
to
make
sure
that
the
support
matrix
is
not
plus
-1,
but
we
will
be
supporting
about
four
or
five
releases
back
and
forth.
So
there's
a
lot
of
maybe
not
necessarily
code
change
is
required,
but
there's
a
lot
of
discussion
that
needs
to
happen
around
processes,
mostly
how
to
proceed
with
this
approach.
D
Sounds
very
promising
and
you're
kind
of
curious.
You
know
like
a
lot
of
work,
that's
going
on
in
there,
so
appreciate
it
from
you
and
all
the
your
team
and
the
community
members
that
are
doing
it.
I
was
kind
of
curious,
as
I
think
about
like
if
I
was
a
plug-in.
If
I
wanted
to
develop
a
plug-in
like
either
you
know.
How
would
I
look
at
what's
available
and
I
think
we
talked
about
that
and
and
talk
about
what
do
I
do
to
get
started?
You
talked
about
this.
This
sdk
that's
available.
D
C
Right,
so
we
also
thought
about
that
one,
and
there
are
a
couple
resources
available.
First
of
all,
a
shameless
plug
with
huan.
We
did
a
presentation
during
one
of
the
past
cube
cons
about
how
what
it
takes
to
write
a
plugin.
C
C
Additionally,
within
the
main
kubernetes
again
staging
repo,
we
are
publishing
a
a
repo
that
has
a
sample
cli
plugin
and
if
I
remember
correctly,
the
repo
is
literally
called
sample,
cli
plugin,
similarly
to
how
there
is
one
for
sample
controller
and,
I
think,
maybe
even
a
simple
api
server.
There
is
one.
C
So
if
you
go
to
github
slash
kubernetes
sample
cli
plugin,
it's
a
very
minimal
plugin
that
allows
you
to
switch
namespaces
permanently,
but,
most
importantly,
it
shows
how
to
write
a
plugin
and
how
to
reuse
the
libraries
that
we
are
shipping.
The
cli
runtimes
I
mentioned
before
how
to
build.
On
top
of
kubernetes
api
kubernetes
client
go
to
achieve
the
necessary
stuff
to
build
your
simple
plugin.
D
Sense
thanks,
I
guess.
D
I
was
just
thinking
through
some
of
the
other
pieces
of
of
the
seal.
You
mentioned
customize
or
anything
you
see
kind
of
coming
down
the
road
as
other
cli
integrations.
People
are
or
kind
of
core
features
that
people
are
trying
to
work
their
way
in
as
far
as
or
subproject.
C
That's
an
interesting
question
honestly:
I
haven't
seen
anything
new
in
that
territory,
although
at
the
same
time
with
this
many
duties
that
I'm
dealing
with
and
prs
and
approvals
and
whatnot,
both
upstream
and
downstream,
I'm
not
very
closely
following
the
area
of
either
cli
or
controllers,
and
it's
always
takes
me.
Well
sometimes
it
takes
me
by
surprise,
but
if
people
are
showing
up
either
for
sig
apps
or
60
like
with
something
new,
then
yes,
I
will
be
aware,
but
nothing
like
that
showed.
D
Up
sounds
like
a
pretty
full,
pretty
full
plate
there,
so
yeah
the
plug-in
model
really
allows
for
allows
for
anything
to
happen
at
this
point
too.
So
that's,
yes,
that's
true
sounds
like
that's
the
right
thing
out
there
so
curious
a
bit
more.
Oh,
you
talked
a
little
bit
about
your
involvement
in
sig
apps
early
days
as
far
as
jobs-
and
I
know
kind
of
recently
become
the
co-lead
of
of
sig
apps.
C
So
yeah
a
lot
of
the
so
equally
as
with
6
eli,
where
there's
a
lot
of
moving
pieces
going
on,
there's
a
lot
happening
in
the
sega
apps
area
as
well.
Most
importantly,
we're
trying
to
align
some
of
the
controllers
by
adding
the
capabilities
that
were
previously
available
in
other
controllers,
for
example
the
ability
to
say.
C
Oh
during
a
rollout,
I
want
to
have
this
many
parts
unavailable,
which
is
something
that
we
had
since
always
in
deployments
or
daemon
sets
we're
currently
adding
similar
capability
to
stateful
sets
so
that
before
stateful
says
we're
always
going
one
by
one
pod.
Now
you
will
be
able
to
pass
a
little
bit
of
greater
unavailability
rates.
So,
for
example,
you
you.
D
C
Be
able
to
move
faster
with
your
with
your
upgrade.
C
There
are
other
issues
that
we're
overlooking
from
segap's
point
of
view
as
well,
the
biggest
one
that
we're
that
we're
looking
at
in
the
very
long
term
is
we're
trying
to
unify
the
statuses
of
all
the
controllers.
C
C
The
reason
for
that
is
because
each
of
those
controllers
were
written
by
a
by
a
completely
different
person,
so
everyone
had
a
different
opinion
how
the
status
should
look
like
the
biggest
downside
of
that
is,
if
you're
building
tools
on
top
of
the
controllers,
you
have
to
write
a
logic
that
will
know.
Oh
I'm
dealing
with
a
deployment.
This
is
how
I
should
interpret
the
status
if
I'm
dealing
with
a
stateful
set.
C
Well,
the
logic
has
to
be
different,
so
we're
trying
to
figure
out
a
way
how
to
combine
the
current
statuses
in
all
the
controllers
and
make
them
somehow
unified
so
that
you
will
be
able
to
just
write
one
one
implementation
and
that
will
have
the
necessary
information
whether
your
workload
is
just
starting
or
it's
progressing,
whether
it
it
is
done
or
it's
like
running,
and
that
will
depend
there
are
various
different
cases,
because
if
you
think
about
it,
most
of
the
workload
controller,
so
stateful
set
deployments
daemon
sets
their
end
state
is
that
they
are
running.
C
So
we
need
to
figure
out
those
common
statuses
somehow
and
present
them
in
a
unified
way
to
users,
so
we're
slowly,
working
on
on
an
enhancement
for
kubernetes,
where
we
will
try
to
combine
those
statuses
and
then
eventually,
slowly
over
time.
C
We
will
be
implementing
I'm
positive
that
during
the
implementation
phase,
even
though
we're
already
spending
a
couple
of
weeks
or
even
months,
looking
at
the
statuses
and
trying
to
figure
out
with
something
reasonable,
I'm
positive
that
as
soon
as
we
start
implementing
those
additional
edge
cases
will
pop
up
and
we'll
have
to
modify
the
initial
requirements
that
we
put
ourselves.
D
Yeah,
that
sounds
like
a
pretty
pretty
decent
task,
and
I've
run
into
this
multiple
times
we're
trying
to
build
experiences
around
extensions
and
trying
to
get
the
status
of
what's
going
on,
and
it's
a
bit
challenging
to
write
that
kind
of
common
tool
to
to
roll
that
up.
One
thing
is
kind
of
curious
like
where
what
is
sig
apps
is,
you
can
say,
apps
you
put
anything
under
apps
in
a
sense.
D
So
how
do
you
define
the
scope
of
what
really
goes
into
sig
apps
or
how
is
it
defined
as
far
as
the
everything?
That's
is
it?
I
know
you
mentioned
workloads
kind
of
aspects
of
of
kubernetes,
but
I
don't
know
if
you
talk
a
little
bit
about
what
all
what
all
happens,
there
when's
the
decision
of
keep
putting
it
to
other
cigs.
C
Well,
that's
a
that's,
a
very
good
question,
so
I'll
probably
refer
to
the
sega
charter.
C
So
basically,
every
special
interest
group
within
kubernetes
has
a
its
own
charter
as
as
as
it
sends
it
basically
lists
who
is
the
chair?
What
are
the
sub
projects
and
what
basically
we
do
and
what
are
our
responsibilities?
C
So
if
you
look
at
the
sig
abstractor,
we
are
saying
that
everything
from
controllers
all
the
way
up
to
that
is
running
on
top
of
the
platform
is
considered
as
part
of
the
sega
apps.
So
there
are
multiple
topics
that
went
through
sega
apps
controllers
are
obviously
the
most
primary
one.
C
I
would
call
it
that
way
so
whenever
you
want
to
discuss
any
changes,
whether
to
api
or
functionality,
to
one
of
the
core
controllers,
the
sega
apps
will
be
the
place,
although
some
of
the
controllers
are
primarily
owned
by
a
different
sig,
so,
for
example,
endpoints
or
services
those
will
be
owned
by
the
by
the
networking.
Sick,
sick
apps
will
be
mostly
controller.
So
all
the
stateful
sets
daemon
sets
replica
set
replication
controllers.
C
All
of
that,
and
then
everything
on
top
of
that
is
running.
There's
there
was
a
lot
of
work
around
and
we
still
have
a
sub
project
called
an
application
which
is
actually
in
a
grouping
primitive
for
a
set
of
workloads
together.
C
Just
recently,
we
had
a
very
interesting
presentation
about
operator
for
higher
level
like
over
operator.
That
is
overlooking
dependencies
between
deployments.
That
was
last
monday.
If
I
remember
correctly,
the
recording
is
up-
and
that
was
pretty
interesting-
and
I
remember
that
the
person
that
was
explaining
the
the
project
they
mentioned,
that
they
are
working
on
open
sourcing.
The
solution
currently
so
there's
a
hope
that
there
will
be
more
stuff
like
that
available.
C
If
you
look
in
the
past,
a
helm
was
for
a
very
long
time.
One
of
the
primary
topics
during
sig
apps
calls
and
probably
a
couple
other
topics,
and
it
was
sometimes
hard
or
overwhelming,
but
I
think
at
this
point
in
time
the
majority
of
the
segaps
calls
are
devoted
to
the
controllers.
C
If
there
are
no
topics,
we
started
doing
box
crops
and
prs
crops
and
go
through
issues,
because
there's
there's
quite
a
big
backlog
of
the
issues
that
we
have
against
the
controllers
and
we're
slowly
going
through
through
those
and
we're
trying
to
make
sure
that
the
people
people's
voices
get
hurt.
D
Yeah,
that
was,
I
got
involved
in
caps
a
long
time
ago,
and
we
jokingly
refer
to
it
early
days
as
sig
helma
because
of
the
so,
let's
dominate
this
almost
a
topic.
What
are
they
was
gonna
say
is
like
if
you
look
at
the
the
github
page
talk
about
cig
apps,
it's
one
of
the
things
I
think
is
great
about.
It
is
the
non-goals
kind
of
part
of
what
it
describes
it
doesn't
endorse.
D
One
particular
ecosystem
tool
does
not
pick
which
apps
run
on
top
of
kubernetes
does
not
recommend
one
way
to
do
things
or
things.
So
I
think
that's
really
helps
clarify
what
the
group
is
there
to
do.
So,
even
to
the
point
of
the
app
definition,
I
know,
there's
the
the
label
recommendations
that
that
the
cigars
actually
oversees,
as
well
so
overall
kind
of
kudos
to
a
complicated
topic.
I
think
that
that
sega
has
worked
pretty
well
to
handle
over
the
years
as
far
as
scope
of
applications.
A
So
you
know
we
only
have
a
whopping
15
minutes
left
and
obviously
we
don't
have
to
take
the
whole
hour
if
we
don't
fill
it.
But
what
do
you
think
are
some
of
the
unique
challenges
of
kubernetes
today
and
you
know
people
starting
out
the
things
the
sharp
edges
they
might
catch
themselves
on
potentially
right
like
if
they're
getting
going
with
kubernetes.
C
That's
that's
a
that's
a
very
interesting
question
for
me.
Personally,
I
think
the
biggest
issue
is
the
volume
of
the
changes
and
something
that
I'm
personally
struggling
is
how
to
keep
up
with
all
of
the
changes.
All
of
the
requests
for
reviews.
C
I
know
that
there
are
multiple
issues
and
pull
requests
with
my
name
on
it
and
whenever
I'm
talking
with
people
during
kubecons
or
during
sig
meetings,
I'm
always
asking
them
to
reach
out
to
me
on
slack,
because
my
github
notifications
and
my
email
are
way
off:
charts,
yeah
and
I'm
always
promising
myself
to
keep
up
with
those,
and
it
happens
a
couple
every
I
don't
know
every
couple
of
months,
I'm
gonna,
okay,
I'm
gonna
clean
my
inbox,
I'm
gonna
go
to
all
the
way
to
zero
and
and
then
only
two
three
days
later
or
I
don't
know
something
happens-
that
there
will
be
other
topics
that
I
need
to
deal
with
for
two
three
days.
C
C
I
don't
know
a
couple
hundred
emails
and
figure
out
which
I
care
about
and
which
don't
so
that's,
unfortunately,
a
big
problem
for
me
personally,
that's
why
I'm
always
always
asking
if
you
care
about
your
pr,
please
reach
out
to
me
directly
on
slack,
I
don't
mind
if
you
haven't
heard
from
me,
because
you
ping
me
once
or
twice.
If
you
haven't
heard
from
me
paying
me
again
in
a
week,
I
will
respond.
C
C
I
don't
mind
honestly,
I
don't
mind
because
there's
life
there's
so
many
things
going
on
in
parallel
that
I'm
it
just
might
slip
my
attention
or
plainly
forget
about
stuff,
so
I
don't
mind
being
pinked
again
and
again
about
prs
or
reviews
that
yeah
that's
how.
D
Couldn't
imagine
yeah
yeah
could
imagine
your
inbox
and
the
backlog
you
have
there
is.
I
I
used
to
use
some
of
travel
dead
time
to
like
kind
of
catch
up
on
those
things
and
don't
have
that
anymore
so,
but
also
don't
have
travel
dead
time
so
anyways.
The
the
thing
that
I
was
thinking
of
sort
of
much
is
like
kind
of
that
involvement
with
the
community
and
how
you've
adjusted,
because
I
think
back,
I
remember
in
the
in
the
2019
in
san
diego
at
kubecon,
and
we
you
know
we're.
D
I
think
the
three
of
us
are
probably
the
same
height
like
we're
all
pretty
tall
and
we're
like
talking.
You
know,
there's
people
walking
by
and
just
hanging
out
there
between
the
exhibit
hall.
That's
such
a
great
way
to
connect
with
people
with
kubecon
coming
up
in
north
america.
Again,
I
was
kind
of
curious
how
you
have
you
adjusted
to
engaging
with
the
cube
community
and
then
more
of
a
virtual
presence
or.
C
So
since
day,
one
I'm
every
mode
at
red
hat,
but
as
we
were
talking
with
chris,
I
do
enjoy
meeting
people
in
person
in
the
early
days.
I
have
a
pretty
big
red
house
office
in
czech
republic,
which
is
two
two
and
a
half
hour
drive
from
where
I
live.
I
was
visiting
the
office
every
single
month
just
for
a
day,
but
that
was
nice
and
even
though
I'm
an
introvert-
and
I
prefer
sitting
at
home-
you
know
close
by
with
just
my
monitors
in
front
of
me.
C
So,
even
though
we
are
stuck
at
homes
for
the
past
almost
two
years,
I
do
miss,
keep
going
I'll,
be
missing
it
even
more
in
two
weeks,
if
I
remember
correctly
at
the
beginning
of
october,
I
can't
join
folks
in
in
la,
but
I
would
love
to
be
around
because
it
is
just
nicer
to
talk
with
people.
I
think
most
of
the
communication
most
of
the
discussion
can
happen
and
that
that's
not
a
problem
either
through
slack
or
zoom
that
works,
but
the
bonding
part.
C
C
Or
transportation
in
detroit,
exactly
I
mean
literally
anything
and
most
often
that's
not
even
work
or
project
related
that
what
makes
a
huge
difference
and
even
though
kubecons
did
a
pretty
well
job
with
virtualizing
those
events.
It's
not
the
same.
I
do
miss
the
interaction
where
I
can
see
stand
in
front
of
the
people
and
talk
with
them.
Ask
the
questions
we
literally
did.
C
C
It
is
not
that
easy,
and
even
though
there
are
slacks
there
are
some
virtual
chats.
It
just
doesn't
work
that
way.
The
ability
that
I
can
come
to
a
person
ask
the
question,
poke
them
and
or
have
most
importantly,
the
hallway
conversation-
that's
invaluable,
so
I
I
do
miss
that
part
and
even
though
I
I
usually
attended
kubecon,
both
in
in
north
america
and
then
in
europe.
That
was
enough
for
me
for
a
year.
C
A
So
yeah
it's
a
good
point,
I'm
flying
out
next
saturday
to
cubecon
and
yeah,
like
I
remember,
being
in
san
diego
and
like
at
the
contributor
summit
and
like
there
was
all
kinds
of
technical
issues
and
then,
like
you
know,
it's
much
easier
to
say:
hey
you
don't
know,
get,
let's
just
sit
down
and
run
through
it.
Real
quick
right
like
this
is
the
bare
minimum.
You
need
to
know
now,
you're
a
good
contributor
and
like
having
that
face-to-face
discussion.
Where
there's
you
know,
body
language
and
everything.
C
A
It's
a
lot
easier
to
interpret
exactly
the
work.
That's
happening
right
like
that's
it's.
D
C
C
Finally,
being
an
introvert,
I
actually
said
during
all
of
the
keynote
sessions,
and
actually
I,
if
I
remember
correctly,
the
keynote
sessions
were
the
only
ones
that
I
actually
attended,
because
the
the
remaining
ones
I
usually
end
up
talking
with
folks
in
the
corridors
or
in
the
both
halls,
or
you
know
basically
wandering
around
and
eventually
just
popping
in
for
for
my
session
or
one
or
two
other
sessions.
So
the
keynotes
were
like
the
ones
that
you
can
actually
find
me
on
and
then
the
ones
where
I'm
presenting
others.
C
Well,
I
usually
try
to
set
up
my
schedule
somehow,
oh
yes,
these
are
the
stuff
that
I
want
to
see.
I
probably
don't
see
I
don't
know
like
20
30
of
what
I
checked
was
like
yeah.
I
wanna.
I
wanna
check
this
one
out,
yeah.
A
A
A
Rapscallion
reeves
at
least
most
people
at
those
conferences,
tend
to
be
introverts
too
so
you're
kind
of
amongst
your
own
people
and
then
yeah
tanah,
three
points
out
acoustics
for
the
exhibition
hall
in
san
diego
was
awful.
If
anybody
remembers
that
it
was
just
constantly
loud
in
this
big
domed
space,
with
music
playing
in
the
background
and
20
000
of
our
favorite
friends
or
whatever.
I
can't
remember
the
attendance
numbers,
but
it
was
just
loud.
C
I
mean
I
remember
the
I
remember
when
we
were
in
london.
I
think
that
was
the
first
kubecon
in
europe
and
there
was
like
a
hundred
and
something
people
we,
we
barely
had
like
two
or
three
rooms,
just
a
little
bit
of
people.
Berlin
was
pretty
much
similar
and
then
it
just
grew
exponentially
over
the
years.
That
was
crazy.
C
C
I
spoke
with
many
people
and
it's
not
as
easy,
or
they
are
just
not
willing
to
to
do
so
at
this
point
in
time.
So.
A
Yeah
now
I
was
just
talking
to
a
friend
on
twitter,
a
few
minutes
before
the
show
started
before
we
got
on
air
and
it
was
like
yeah.
No,
they
can't
come
because
they're
in
the
uk-
or
you
know,
berlin
or
whatever
and
yeah
the
the
lack
of
international
folks
is
going
to
be
very
obvious
right,
like
it'll
feel.
Very
you
know
us-based
right
like
as
opposed
to
a
international
conference
where
people
kind
of
gather,
but
with
two
minutes
left,
there's
no
questions
in
chat
for.
Oh,
there
is
one
question
in
chat.
A
I
don't
want
to
ask
sorry,
what's
the
best
way
for
random
people,
slash
developers
to
help
out
with
cube
projects,
I
have
my
opinion,
but
I'd
like
to
hear
yours
or
steve's
for
that
matter.
C
Honestly,
I
always
say
that
it's
easier
to
show
up
during
one
of
the
calls,
whether
that
will
be
sexy,
live
or
sig
gaps,
especially
the
ones
that
are
going
through
box
crops.
So,
for
example,
we
will
be
going
through
customized
box
crop
tomorrow
or
there's
a
60
li
box
crop
in
two
weeks
from
from
tomorrow.
C
C
That's
that's!
Usually
my
my
simple
answer.
D
Yeah,
I
mean
that's,
I
think
also
the
contributions
are
valuable
across
the
board,
so
talk
about
like
getting
started
early
and
looking
at
some
of
the
setup
instructions
might
be
wrong,
helping
fix
those
up
opening
bugs,
for
you
know,
issues
you
see
for
different
things
that
seem
a
little
off.
So
all
those
things
are
a
good
way
to
get
started
and,
like
I
think
one
time
I
started
was
I
wasn't
even
a
go-coder
and
I
fixed
one
of
the
the
cli
issues
just
because
the
new
lines
were
screwed
up.
D
A
A
D
A
A
C
A
To
answer
your
questions
exactly
definitely
and
yeah,
so
thank
you,
machek.
Thank
you,
steve
for
guest
hosting.
Thank
you
audience
for
attending.
I
really
appreciate
everybody
here
on
this
call
live
stream
out
there.
Thank
you
very
much.
It's
good
to
talk
yeah.
Coming
up
later
today
we
have
the
call
for
code
for
racial
justice,
we'll
be
talking
about
take
two.
It's
a
project
that
will
help
folks.