►
From YouTube: AMA Panel: Upstream This!
Description
Chris Anisczyk (CNCF) Dan Walsh, (Cri-o), Gary Brown, (OpenTracing/Jaeger), Paul Morie, (OSB/Service Catalog), Christian Posta (Istio) - moderated by Michael Hausenblas (Red Hat)
A
A
There's
a
reason
why
these
books
are
here.
What
can
I
tell
you,
but
you
will
figure
it
out
all
right.
Welcome
to
the
upstream
panel.
My
name
is
Michael
hausenblas
I'm,
a
developer
advocate
at
Red,
Hat
I
have
to
earn
it
and
we
have
an
awesome
team.
Here.
We
have
a
Christian
here
we
have
Chris
here
we
have
our
very
own
Paul
here
you
already
know
we
have
Gary
here
and
we
have
been
here
who
you
also
know
from
early
on.
You
probably
remember
right:
you
have
your
swear
jar
still
around.
A
A
C
Hi
I'm
Christian
post
I'm,
a
chief
architect
of
cloud
application
development
at
Red,
Hat
I
work
closely
with
our
customers
to
help
them
build,
distributed
systems.
I,
guess
we're
calling
that
micro
services
DevOps
all
that
all
those
buzzy
word
type
things
I
have
a
background
in
integration
and
messaging
I
was
a
contributor
to
projects
like
patchy,
ActiveMQ
and
a
little
bit
of
Kafka
and
I
enjoy
working
on
open
source
and
helping
our
customers.
So
what's
that
the.
C
Sto
is
a
an
implementation
of
a
architectural
pattern.
We're
calling
service
mesh
that
moves
some
of
the
more
complicated
distributed
systems
patterns
that
we
have
typically
associated
with
language
frameworks
or
centralized
orchestration
intentions
and
so
on
into
a
decentralized
set
of
infrastructure,
cool.
E
Name
is
Chris
Anna,
zyk
you'll.
Excuse
me:
I
just
got
off
the
plane
so
trying
to
revive
myself
here,
but
I
have
the
fun
job
of
running
the
cloud
native
computing
foundation,
so
I
serve
as
CTO.
There
I'm
not
sure
people
are
familiar
with
the
organization,
but
projects
like
kubernetes
Prometheus.
You
know
you
know
essentially
live
inside
this
foundation,
where
we
support
these
projects
under
a
neutral
setting
where
a
bunch
of
companies
come
together
without
worrying
that
one
entity
controls
everything.
So
we
put
on
cube
con
cloud
native
con
and
so
on
in
previous
lives.
E
I've
worked
on.
You
know,
Fedora
Gentoo
done
a
lot
of
stuff
in
the
JVM
worked
on
Eclipse
a
long
time
ago,
so
I've
been
involved
in
open
source
for
quite
a
while.
So
it's
kind
of
fun
kind
of
being
in
the
in
the
foundation
neutral,
neutral
party
setting
these
days
instead
of
working
for
a
company
and.
E
Does
everyone's
welcome
joined
we,
you
know,
we
especially
love
end
users,
so
for
us
you
know.
Obviously
we
have
a
lot
of
vendors
involved
since
they
were
kind
of
some
of
the
progenitors
of
a
lot
of
these
projects,
but
we
definitely
love
seeing
companies
using
you
know
Prometheus
or
companies
that
scale
and
we'd
love
to
have
her
and
user
share
kind
of
there.
There
are
horror
stories
away
from
vendors
just
amongst
themselves
so
but
feel
free
to
reach
out
to
me.
If
you
have
questions
on
that,
if.
E
E
F
So
I
work
in
addition
to
Service
Catalog
I,
also
work
on
multikill
ester
at
Red.
Hat
I
have
a
team
actually
that
works
on
both
Service
Catalog
and
multi
cluster
before
I've
actually
been
working
on
open
shift
since
open
shift
v1
and
it's
it's
been
a
quite
a
journey.
Things
have
changed
pretty
significantly
before
Red
Hat
I
worked
in
equities
trading
and
health
insurance,
enrollment
awesome.
A
G
Yes,
I'm
Gary,
Brown,
I'm
principal
software,
engineer
work
for
middleware
Management
Group
in
Red
Hat,
the
main
area
that
I
work
on
with
some
others
is
distributed
tracing
technologies.
So
for
almost
two
years
now
thing
we've
been
involved
in
a
project
called
open
tracing,
which
is
one
of
the
projects
under
the
CN
CF
foundation
and
more
recently,
and
they
open
sourced
the
project,
which
is
an
open
trace
of
native
distributed
system
called
Jaeger,
and
that
was
open
source
in
April
last
year
and
more
recently
in
December.
That
also
became
a
CNC
F
project.
A
G
B
A
It
for
troubleshooting
performance,
awesome
I,
have
a
first
very
easy
question
and
then
I
hand
over
to
you
dear
audience,
so
prepare
yourself
warm
up
so
what
first
open
source
project
you
were
active
in
any
kind
of
government,
it
doesn't
matter
and
any
kind
of
like
it
doesn't
have
to
be
code
or
whatever
any
the
first
open
source
project
you
contributed
to
were
active
in.
Let's
start
in.
A
C
A
I
J
K
I'll
have
some
sto
questions.
I
was
just
wondering:
is
it
so
ready
to
actually
roll
out
and
to
put
into
play
so
I've
been
playing
with
it
in
my
own
name
space
with
a
demo
app
that
comes
with
it,
but
I'm
just
wondering
about
putting
it
into
our?
You
know
our
debri
integration
environment
and
then
do
I
go
beyond
that.
C
Okay,
so
I'll
take
that
first
I
would
say
you
should
be
playing
with
it.
Maybe
pio,
seeing
it
exploring
how
it
works.
I
would
not
put
it
into
production
right
now.
I
think
I
think
there's
still
a
little
bit
more.
That
has
to
happen
in
terms
of
hardening
in
terms
of
performance
in
terms
of
stability
and
security
that
need
to
go
into
into
place.
First.
K
K
Also
with
the
steo
I
noticed,
while
installing
it
it
seems
to
have
it's
watching
for
events,
I've
noticed
that
I
targeted
it
for
my
own
own
space,
but
it
seems
to
be
creating
secrets
in
all
of
the
namespaces,
so
I'm
just
kind
of
wondering.
What
does
it
actually
do?
You
know
like
what
is
the
impact
of
installing
it
so
I
see
these
secrets
appearing
everywhere,
and
people
asking
me
questions
what
the
hell
is.
This
do
doing
I'm,
just
wonder
if
there's
other
things
and
it's.
K
C
So
sto
has
has
a
component
in
the
control
plane,
that's
responsible
for
certificate
management
and
certificate,
distribution
and
rotation,
and
we
use
that
internally
to
to
build
features
like
mutual
TLS
between
services
and
from
from
that
perspective,
there
are
going
to
be
certificates,
there's
going
to
be
secrets
installed
into
the
different
namespaces,
where
your
applications
might
be
deployed
for
the
purposes
of
mutual
TLS.
Those
should
be
mounted
into
the
different
pods,
but
if
you're,
seeing
other
random
stuff
and
I'm
not
not
totally
sure,
maybe
could
open
an
issue.
A
L
A
D
E
Since
yeah
CN
CF
is
technically
a
non-for-profit,
you
know
501
C
6
organization
under
the
Linux
Foundation,
so
it
is
a
neutral
entity
based
on
US
law,
so
like
every
all,
the
IP
developed
and
associated
work
is
forever.
You
know
will
be
part
of
you
know
a
not-for-profit
like
like
CN
CF,
so
by
law.
You
know
all
that
work
is
neutral.
E
Then
we
have
bylaws
associated
with
the
organization
that
basically
dictate.
You
know
how
participation
is
done,
which
levels
a
membership
you
know
governing
boards,
technical
boards
and
user
boards
and
so
on
and
those
are
all
kind
of
baked
in
when
we
formed
the
organization.
But
essentially
the
rules
were
done
in
a
way
where
we
tried
to
give
everyone
a
voice
from
our
end
users
to
our
technical
people
and
to
the
people
that
actually
are
writing
the
kind
of
the
bigger
checks
to
the
fund
kind
of
bootstrapping
organization.
I.
E
Hope
that
answers
your
question,
but
each
of
our
projects
within
CN
CF
we've
taken
an
approach
where
they
get
to
kind
of
define
their
own
governance
and
in
pendants
in
some
way
we
don't
force
integration
amongst
projects.
You'll
see
projects
like
Jaeger,
Prometheus
and
Corinna
tees,
all
kind
of
differently
define
how
they
run
all
they
need
to
really
have
is
a
published
governance
document
and
fair
way
to
elect
additional
maintainer.
That's
all
we
require
of
our
projects,
which
is
very
different
from
other
kind
of
foundations.
L
G
Yeah
I
mean
I,
don't
know
the
working
detail,
but
I
mean
the
from
what
I
understand
the
you
know.
One
of
the
core
principles
is
being
able
to
propagate
certain
information
from
an
upstream
service
downstream,
so
that
you
can
then
add
value
to
the
information
you
recording
locally
and
in
open
tracing
there's
a
concept
called
baggage.
The
is
primarily
intended
to
do
that
season,
as
well
as
propagating
the
trace
context.
Information
between
services-
you
can
add
your
own
information,
so
I
think
the
pivot
tracing
negative.
G
They
provide
agent
technology
that
will
kind
of
work
out.
What
needs
to
be
done
for
you,
so
I
think
the
same
kind
of
mechanisms
could
to
be
built
on
top
of
open
tracing
and
I
mean
it's
part
of
the
open
tracing
project.
We
also
have
a
contra
repo
that,
where
there's
a
large
number
of
instrumentation
your
framework,
instrumentation
Sun,
and
we
have
the
beginnings
of
a
Java
agent
project
there.
So
maybe
that's
something
that
we
can
add.
You
know,
on
top
of.
A
Thank
you,
okay,
quick
one
from
my
side,
if
you
compare
infrastructure
stuff
like,
for
example,
cryo
monitoring,
the
system
level
and
so
on.
On
the
other
hand,
at
level
stuff,
different
kinds
of
programming,
languages,
middleware
stuff,
and
so
on,
which
one
your
opinion,
if
you
have
one
you
don't
have
to
answer,
but
if
you
have
one
which
one
is
more
important
and
or
covered
in
context
of
qualities
or
CN
CF
right
now-
and
maybe
you
know
what
you
change
is
something
lacking.
C
A
E
Potentially
an
answer
I
mean
you
know
from
my
perspective,
Elise
I'm
also
involved
in
other
initiatives
out
there
there's
something
called
the
open
container
initiative,
which
I
also
helped
spin
up
in
parallel
with
CN
CF,
but
that's
mostly
focused
on
container
standards.
In
my
opinion,
you
know
my
hope
is
that
the
infrastructure
stuff
eventually
becomes
more
boring
right.
You
know
it
just
like
it
sits
there.
You
know
kubernetes
essentially,
is
gonna,
be
you
know.
E
The
analogy
we
like
to
use
is
like
POSIX
of
the
cloud
or
Linux
of
the
cloud
right
like
it's
just
going
to
be
the
default
distributed
systems
API
that
every
cloud
supports
that
you
know
applications
will
actually
take
advantage
of.
So
in
the
future
app
developers,
app
developers
probably
will
not
care.
You
know
how
the
internet
structure
is
laid
out.
So
to
me,
I
see
the
a
player
becoming
more
exciting
in
terms
of
how
we
actually
write
apps.
E
Now
that
we
kind
of
have
this
communities
being
POSIX
of
above
the
cloud
for
lack
of
a
better
analogy.
So
that's
my
perspective
at
least,
but
I've
been
in
the
thick
of
this
standardization
and
making
kubernetes
ooh.
You
know
pretty
much
available
in
all
different
cloud
scenes
for
the
last
couple
of
years,
so.
E
F
So
my
own
personal
theory
is
that
I
I'm
calling
this
the
quantity
theory
of
importance.
There's
only
100%
importance,
total
right
and
the
things
that
you're
working
with
say
as
a
developer
are
important
to
you
day
to
day
and
sorry
Dan.
But
unfortunately
you
work
in
an
area
that
is
becomes
important
to
people
when
it
breaks,
and
so
you.
F
A
A
B
I
would
one
of
the
things
I
think
it's
interesting
is
I.
Think
there's
a
constant
sway
between
you
know.
For
the
first
couple
years
when
I
was
working
on
containers,
there
was
such
a
focus
on
devs
and
ops
was
just
total
afterthought,
and
so
last
couple
years,
I've
been
more
concentrating
on
the
ops
side,
saying
you
know:
how
do
we
make
these
things
more
stable
and
you
weren't
here
for
my
earlier
talk,
but
my
goal
is
to
make
the
ops
side
boring.
B
You
know
because
it
just
works,
and
so
I
tend
to
agree
that
we
need
to
continue
to
work
on
the
dev
side.
What
I
want
to
see
on
the
dev
side,
though,
is
to
lose
the
focus
on
doing
this,
and
you
know
engineers
are
too
concerned
about
building
containers
and
do
anything.
Can
you
know
the
if
the
primary
focus
of
developers
is
on
doing
containers
we
sort
of
lost?
B
You
know
the
primary
focus
on
the
developers
should
be
on
building
his
app
right,
but
building
is
you
know,
cell
phone,
when
I'm
building,
building
the
equivalent
of
cell
phone
apps
and
getting
micro-services
to
that
level?
I
think
you
know
when
we
get
to
service
and
and
some
of
this
other
stuff
that
that'll
hopefully
happen,
but
right
now,
I
see
too
many
people
say
you
know
how
do
I
get
access
to
the
darker
socket
or
how
do
I
get
access?
How
do
I
build
the
darker
flowers?
What
the
hell
are
you
doing?
European.
C
C
On
the
ops
changed,
but
the
way
we
build
and
design
and
architect
those
applications
on
this
infrastructure
has
changed,
also
and
I.
Think
as
we
start
to
make
the
lower
levels
boring
we're
going
to
start
to
move
up
and
say:
oh
well.
Well
now,
we've
got
to
tackle
these
distributed
systems
problem
that
this
level
at
the
application,
level
and
I
think
there's
a
lot
of
opportunity
for
improvement.
I.
A
A
I
Trust
me
I
do
do
need
to
read
it
and
I've
got
a
very
broad
question,
but
I
think
applies
to
the
whole
panel
and
how
do
you
keep
up
with
everything
that's
going
on
in
the
container
space?
I
know
that
for
myself,
I
get
an
email
every
day
from
someone
in
my
organization
saying
what
do
you
think
about
technology,
X
and
I'm
curious
as
to
how
you
manage
this
challenge.
A
E
E
But
it's
hard
to
have,
like
you
know,
I'm,
not
a
security
person,
so
I
have
really
no
idea
how
container
security
you
know
works
right,
so
I
think
you
know
long
plane
rides
are
good
ways
to
catch
up
on
things
and
diving
deep
on
the
projects
that
you
kind
of
care
about
or
Havoc's.
You
know
background
I'm.
A
Aware
that
I'm
not
on
the
panel,
but
it's
part
of
my
job
and
I,
do
it
I
believe
it's
a
full-time
job
right,
you
could
just
it
all
they
just
consuming
stuff,
but,
like
you
also
do
hangout
and
Twitter
a
lot
and
slack
whatever
you
catch
up
with.
You
know.
Have
you
seen
that
I'm
using
that
and
it's
probably
a
really
good
way
like
filtered?
Let
others
do
the
filtering
and
you
do
the
filtering
in
your
domain,
for
others
newsletters
or
whatever
recently
became
quite
popular
again.
Yeah.
E
J
I
H
Hi,
so
a
lot
talking
about
technology,
a
bit
that
concerns
me
more
with
financial
services
is
the
whole
enterprise
workflow
side
of
things,
I
think
it's
probably
question
for
Paul,
more
than
anything
the
service
catalog.
And
how
do
you
actually
decide
what
kind
of
recommendations
you've
got
from
a
security
perspective
or
how
do
I
know
what
I
can
put
in
my
production
cluster?
How
can
I
a
lot
of
effort?