►
From YouTube: OKD Working Group Meeting 03-15-2022
Description
The OKD Working Group's purpose is to discuss, give guidance to, and enable collaboration on current development efforts for OKD, Kubernetes, and related CNCF projects. The OKD Working Group includes the discussion of shared community goals for OKD 4 and beyond. Additionally, the Working Group produces supporting materials and best practices for end-users and provides guidance and coordination for CNCF projects working within the SIG's scope.
https://okd.io
A
Okd
working
group
meeting
for
march
15th
and
we
are
on
the
new
time
change,
so
give
everybody
a
few
minutes
to
see
if
they
all
get
in
in
the
chat
is
the
md
agenda
which
I'm
gonna
share
on
the
screen
for
a
minute,
and
if
anybody
has
any,
if
I
can
figure
out
how
to
share
a
screen
on
this
screen
there
we
go
up
here
too
many
systems.
A
A
And
we
do
have
a
guest
speaker
today,
but
I
have
pinged
them
in
a
couple
of
channels
and
have
not
gotten
a
response,
so
that
is
the
micro
shift,
talk
which
was
rescheduled
from
two
weeks
ago
for
this
week,
but
if
sally
makes
it
we'll
you're
here
all
right
there
we
go
scully,
wonderful,
yes,
yep.
B
B
A
Okay,
so
if
everybody's
okay,
with
that
I'd
like
to
have
sally,
go
first,
so
that
we
can
get
the
get
the
presentation
on
microshift
out
of
the
way
and
sally,
how
long
do
you
think
you'll
need
for
this.
A
I'm
gonna,
probably
I
don't
know
15
minutes
a
minute.
Okay,
take
that
everybody's
okay,
with
that,
while
you're
listening
to
her
make
sure
you
add
your
name
to
the
hackmd
and
in
the
hackmd,
are
the
links
to
all
of
the
things
that
she's
showing
off
so
check
out
the
hack
md
so
sally,
I'm
gonna.
Let
you
take
it
away
and
all
right
share
your
screen
and
we'll
hear
everything.
Wonderful
about
micro
shift.
B
B
B
I
am
not
ready
yet
there
we
go
all
right
so
microshift,
I
don't
know
if
anyone
has
heard
of
microshift.
I
don't
know
how
many
people
are
in
this
meeting,
but
I'm
going
to
skip
down
to
the
slide
where
it
says
what
mic
shift
is,
but
basically
it's
to
manage
workloads
on
the
disconnected
far
edge
I'll
come
back
to
these
don't
worry
but
yeah
microsoft.
B
It's
an
explorative
project
created
by
the
edge
computing
team
and
the
office
of
the
cto,
so
the
emerging
tech
edge
computing
team
and
what
it
does,
what
you'll
all
be
interested
to
know
is
it
repackages
the
overshift
core
components
or
actually
the
okd
core
components
into
a
single
binary.
B
B
Think,
like
5g
iot
delivery,
drones,
satellites,
smart
cars,
there
are
micro
data,
centers,
embedded
systems
and
like
field
devices,
so
things
running
with
sketchy
internet
in
the
middle
of
an
oil
rig
or
something
a
ship,
a
satellite,
that's
where
the
microshift
was
designed
to
run
so
these
field
deploy
devices.
You
know,
pies
things
that
look
like
this.
You
got
it.
B
So
the
edge
computing
it
can
bring
the
processing
the
storage
closer
to
the
user
so
like
you
can
run
ai
algorithms
or
in
a
in
a
smart
car
or
monitoring
the
oil
and
the
gas
like
out
where
it's
being
collected.
You
know
running
a
program
on
a
satellite,
so
that's
that's
they're,
not
in
an
irregular
highly
available.
B
You
know
six
node
cluster,
like
these
edge
computing
is,
you
know
for,
and
devices
that
can't
run
openshift
or
kubernetes
basically,
but
you
still
many
times
would
love
to
have
the
the
experience
of
like
a
cloud
native
kubernetes
deployments,
all
the
things
that
you're
used
to
you
know.
Maybe
these
maybe
the
the
programs
might
run
in
the
in
the
edge
device
and
also
in
a
cluster
it'd,
be
nice
that,
if
you
wouldn't,
if
you
didn't
have
to
you,
know
re
reconfigure
or
rewrite
the
program.
B
So
that's
the
the
problem
that
microshift
has
been
designed
to
solve,
also
like
how
to
manage,
update,
transfer
data
to
and
from
the
remote
edge
and
again
still
use
that
tried
and
true
the
familiar
cloud
native
deployment
patterns
that
you
have
in
kubernetes.
B
So
these
devices
are
low
resource,
they're
disconnected
the
app
you
might
need
the
application
and
the
workload
management
separate
from
the
operating
system
as
opposed
to
how
we
run
okd
and
openshift.
Where
everything
is,
you
know
a
bundle
or
you
might?
B
You
might
run
it
in
like
an
rpm
os
tree
operating
system,
but
not
something
that
can
run
openshift,
not
even
in
so
a
microchip
can
be
deployed
as
an
rpm
embedded
in
an
like
edge,
relfer
edge,
which
is
rpm
os
tree
based
so
yeah,
so
the
problem,
so
the
world
is
being
instrumented.
That's
basically
like
the
era
that
we're
in
and
we
haven't
quite
figured
out
how
to
use
the
data.
We
can't
even
imagine
like
what
benefits
might
be
waiting
for
us
when
we,
when
we
can.
B
You
know
harness
and
and
use
the
data
like
things
like
health
and
environment,
and
you
know
business
opportunities
again
autonomous
cars
space
travel-
I
don't
know
so,
that's
nobody's
so
this.
This
is
the
the
problem
space.
The
error
that
we're
in
edge
computing
is
is
becoming
more
and
more
real
and
important
and
critical,
so
microshift.
It
gives
the
best
of
both
worlds.
B
Again
in
device
management
to
manage
the
operating
system
like
I'll
show
you,
microsoft
can
be
managed
with
system
d
and
also
those
kubernetes
cloud
native,
so
again,
openshift
kubernetes
okd.
B
Those
are
like
the
highly
available
stable
data,
centers
and
then
you've
got
the
other
end
where
you're
just
maybe
running
a
single
pod
man
container
on
a
on
a
tiny
device
that
would
just
be
like
podman
unreal
for
edge,
but
microshift
is
somewhere
in
between
where
you
might
want
to
run
a
deployment
some
services,
but
you
don't
have
enough
resources
for
to
go
all
the
way
over
to
the
right
so
yep
again,
what
it
does
is.
It
brings,
brings
open
shift
and
back
to
a
monolith.
B
Although
it's
not
a
very
it's,
it's
a
very
tiny
monolith,
but
it
packages
everything
together.
So
let
me
break
that
down
and
show
you.
It
provides
an
all
or
nothing
start
and
stop.
B
Systemd
can
wrap
a
podman
command
which
I'll
show
you
and
it
and
it
starts
and
stops
within
a
few
seconds.
You
can
keep
a
podman
volume
around
to
keep
your
the
the
state
of
everything.
So
it
can.
You
know
start
right
back
up
where
you
left
off
and.
B
Let's
see
what
is
the
slides
trying
to
show
oh
yeah,
okay,
so
an
open
shift.
You've
got
your
operators
and
everything
is
highly
available
and
fully
managed.
That's
what
you
lose
with
microshift,
but
it's
it's
a
trade-off
for
being
able
to
run
it
in
these
edge
devices.
B
Yeah
openshift
is
meant,
you
know
to
scale,
and
microshift
is
meant
to
not
scale,
so
here
here's
the
architecture.
This
is
what's
kind
of
interesting.
So
in
the
microchip
binary
we
have
put
the
lcd
cube
api
controller
manager,
the
openshift
api,
which
makes
it
you
know
a
step
up,
not
really
step
up
it's
different
than
like
a
kind
or
a
mini
cube,
because
you
can
really
still
use
those
open
shift
resources
like
scc's
routes,
so
yeah
in
the
cubelet.
B
All
of
these
things
are
are
just
embedded
controllers
and
then
the
microstrip
designers
have
also
added
a
few
openshift
specific
components
like
the
service,
ca
pod
and
the
overchip
router,
so
things
that
that
you
know
very
opinionated,
they
felt
that
developers
would
want
they
they
also
put
it
put
in
there
yeah
again,
microsoft
is
is
usually
meant
to
run
with
podman,
so
you
pass
a
pod
man
volume
and
that's
what
holds
your
state
and
also
it
runs
in
in
concert
with
cryo
on
a
host
later,
I
will
show
you
that
microshift
aio
it
actually
even
embeds
cryo,
so
you
don't
even
need
to
have
cryo
installed
on
your
host
to
run
it,
but
for
production
that
that
wouldn't
be
anything
near
like
production
or
if
you
were
going
to
run
microsoft.
B
Production
you'd
want
cryo
on
the
host
as
a
systemd
service
and
then
microshift
on
the
host
as
another
system
b
service
and
here's
where
okd
comes
in
so
microsoft.
It
references
the
the
digest
and
it
references
the
digest
of
these
core
components
and
then
also
references
the
the
the
manifest
and
the
digest
of
these
extra
components.
So
these
I
I
think
we
call
it
the
core
controllers,
and
these
are
the
the
add-on
components
but
they're
they're
added
on
by
default.
B
They
are
yeah
their
vendor.
The
the
actual
code
is
vendored
in
from
a
specific
okd
release
and
then
the
manifests
are
are
added
and
referenced
from
a
specific
okay.
You
released.
B
So
again,
here's
a
little
flow
chart
that
that
decides
for
you,
whether
you
want
to
run
rel
for
edge
with
a
podman
container
royal
for
edge
with
microshift
or
over
to
the
openshift
side.
So
you
can
see
there
are.
B
I
can
share
these
slides,
but
it's
pretty
interesting
to
to
look
at
which
is
meant
for
where
so
there
are.
There
are
different
deployment
models
for
microsoft.
Again,
an
rpm
os
tree
like
ralph
for
edge.
You
might
just
embed
the
rpm
in
the
operating
system
and
and
run
it
like
that,
or
you
can
run
podman
on
on
any
operating
system
that
can
run
padman
with
systemd.
B
Yeah,
so
with
systemd
and
podman.
What's
interesting
is
you,
you
have
start,
stop
and
restart
very,
very
easy,
but
also
podman
has
an
auto
update
feature
so
in
in
the
podman
command,
which
I'll
show
you
in
a
bit.
You
can
set
auto
update,
equals
registry,
and
then,
whenever
there
is
a
new
image
digest
in
the
registry,
it
will
automatically
kick
off
a
new
microsoft,
pod
and
and
that's
how
you
can
up
that's
it's
very
easy
to
update
or
go
back.
B
We
won't
watch
this
now,
but
I
will.
I
do
have
a
link
for
it
later.
B
Yeah
I'll,
I
might
I'll,
show
a
few
minutes
of
a
demo
at
the
end,
but
here
this
is
what's
very
interesting
for
all
of
us,
us
developers,
microsoft,
all-in-one,
a
super,
convenient
way
to
test,
say
an
and
overshift
deployment
that
you
might
be
developing.
It's
just
a
really
quick
and
easy
way
to
get
up
and
running
with
a
with
a
cube
environment.
B
B
Oh
okay,
that's
it!
So
these
again,
I'm
gonna
share
these
slides
with
you.
I
really
recommend
that
you
check
out
each
of
these
links
if
you're
interested,
but
especially,
if
you
didn't
see
this,
if
you
didn't
see
the
ai
at
the
edge
with
microshift
devconf,
recording
it's
right
here,
it's
very
good,
but
this
is
this-
is
an
aio
dum
demo
that
I
put
together
that
I
will
share.
B
B
B
B
B
Okay,
you
can
see,
so
this
would
be
what
is
in
the
systemd
unit
file,
and
I
I
can
actually
pull
that
up
too
after
I
I
show
this,
but
this
is
basically
what
you
would
do,
so
the
port
forward
of
6443
is
just
so
that
you
can.
B
So
if
you,
if
you
port
forward
6443,
then
you
know
localhost
inside
the
container
is
the
same
thing
as
localhost
443
outside
the
container,
and
you
can
just
run
your
oc
or
cube.
Ctl
commands
against
the
cluster
running
that
makes
sense
for
the
aio.
You
definitely
have
to
run
privileged
and
you
might
have
to
turn
off
sc
linux.
B
So
that's
why
aio
is
not
meant
for
production,
but
it
is
meant
for
developers
who
don't
really
care
about
sc
linux
running
on
their
local
system,
or
maybe
you
do,
but
I
usually
turn
it
off
this.
This
again,
there's
a
link
to
it
and
you
can
watch
the
whole
thing.
It's
it's
it's
six
minutes,
but
I
will
show
you
just
microshift
running
and
can
first
of
all,
can
you
all
see
that
okay
or
is
it
way
too
small.
B
B
B
Okay,
so
I'm
going
to
copy
this
system
to
unit
file
from
microsoft
repo.
So
it's
just
github,
you
know
slash
red
hat
et
microshift
there
it
is.
You
can
find
it
in
the
repo.
I'm
just
copying
that
to
my
local
system
and
that's
it
I
haven't.
You
know
I
don't
have
anything
cloned.
I
have
nothing.
I'm
just
copying
the
unit
file
to
my
local
system
and
now
I'm
just
going
to
start
the
service.
B
And
you
can
see
that
I
have.
I
had
a
local
registry
running
so
just
ignore
this
registry
container,
but
you
can
see
that
microsoft
aio
this
this
registry
has
nothing
to
do
with
microshift,
but
you
can
see
I
have
aio
running.
So,
let's
see
what
it
says
and
I
have
a
podman
volume,
that's
saving
the
state
and
there's
upon
my
volume,
if
you
want
to
look
at
all
your
stuff
on
your
local
system.
B
Okay,
so
now
here
I'm
going
to
exec
into
that
microshift
container
and
let's
see
what's
in
there
inside
the
container
I'm
root
and
what's
very
convenient
about
microsoft.
Aio
is
that
baked
into
the
image
the
microshift
aio
image
is
oc
and
qctl.
So
you
don't
you
don't
need
to
have
oc
on
your
system.
You
don't
need
to
have
cryo
on
your
system,
it's
just
all
in
one
and
the
cube
config
inside
the
container
lives
here.
B
This
is
at
the
mount
point
also
for
the
podman
volume,
but
you
can
go
back
and
watch
this
demo
because
it
just
it
shows
you
everything
all
right.
So
I
you
can
see
it
was
only
10
seconds.
I
keep
stopping
it,
but
so
far
10
seconds
and
things
are
already
coming
up
and
I
didn't
this
was
starting
from
scratch
and
you
can
see
already
under
one
minute.
B
You've
got
the
the
embedded
components
such
as
cube
api
openshift
api
at
cd.
Those
are
all
just
embedded
in
the
binary,
so
you're
not
going
to
see
them
separate
like
when
you,
when
you
do
oc,
get
pods
they're,
not
separate
pods,
they're
part
of
the
microshift
binary.
B
So
what
you
do
see
is
the
ingress,
those
add-on
components,
oh,
which
of
service
ca
host
path.
We
we
just
set
up
host
path,
provisioning.
There
are
other
options,
but
yes,
so
now
you
can
see
one
minute.
It's
all
ready.
Now,
I'm
still
inside
the
container,
and
I
there's
also
cry
ctl
inside
the
container.
B
So
I
just
did
a
quick.
You
know,
let's
see
what
what
containers
are
running,
and
so
here
again
it's
it's.
What
it's
it
uses
flannel
for
networking,
but
these
are
all
the
the
containers,
the
underlying
of
the
pods
okay.
So
now
I'm
showing
you
I'm
outside
the
container-
and
this
is
how
you
connect
to
the
cluster
outside
the
container.
You
can
see
I'm
no
longer
root,
I'm
just
myself
so
here,
you've
cop.
B
This
is
a
podman
command
to
copy
from
the
microsoft
container
that
cubeconfig
and
I
copy
it
to
my
localhost
right
there
and
that's
why
you
port
forward
6443,
because
now
it's
just
you
know
it
doesn't
know
that
you're
not
inside
the
container
and
you
do
have
to
you
know,
fix
the
permissions.
But
now
you
just
it's.
Basically
you
have
a
cube,
config
and
you're
accessing
a
cluster,
so
you
can
see
that
so
I
just
wanted
to
prove
that
you
can
create
new.
B
You
can
create
deployments.
You
can
see
my
deployments
running,
I
can
scale
it
now
yeah.
This
is
what
I
wanted
to
show
you
so
now,
I'm
I'm
stopping
the
service,
and
you
can
see
that
there's!
No
there's
no
containers
like
again
this
is.
I
just
left
that
there
on
an
accident,
but
the
microscope,
aio
container
is
gone
and
now
I'm
going
to
start
it
back
up.
B
And
there's
all
my
pods
still
running,
oh
and-
and
I
want
to
show
that
the
test,
the
test
deployment,
you
know
I
started
and
stopped
it,
but
as
soon
as
I
restarted
it
again,
it
just
picks
up
from
the
podman
volume
where
I
left
off
and
to
clean
it
up.
So,
if
you're,
if
you
are
running
an
assistant
service,
you
you
do
need
to
stop
the
service.
That's
what
this
is
showing,
rather
than
just
I'm
stopping
the
container,
because
it
will
just
keep
restarting
because
that's
what
a
service
does
is
that
it?
B
I
believe
so,
yes,
so
to
clean
up
fully.
You
can
remove
the
volume
and
then
you
know
your
state
won't
be
there
the
next
time.
You
start
so
that's
it!
It's
just
super
convenient,
try
it
out
it.
It
literally
takes
two
minutes
to
run
and
let
the
team,
the
ai,
that
the
edge
team
know
what
you
think,
because
it's
still
like
very
new
and
we're
still
gathering
I.
So
I
can
tell
you
here
I'll,
stop
I'll
stop.
Sharing
now.
A
B
You
know
what
no
I'm
gonna
go.
So
there's
a
slack
channel
is,
and
I
don't
know
if
that's
on
there,
so
let
me,
let
me
see
if
it
is,
is
a
slack
channel
on
there
there's
a
blog,
oh
okay.
I
know
here
here
here
microsoft.io
the
docs.
If
you
go
to
the
community
page
microship.io
yep,
yep,
yep,
dot,
io
where's,
the
community,
oh
community,.
A
B
A
B
Before
I
answer
the
question,
I
just
want
to
say
that
I
was
working
on
microsoft
for
a
few
months.
My
I
have
moved
on
to
other
projects,
but
the
the
core
edge
team
is
still
very
much
involved
with
microsoft.
That
would
be
miguel
and
ricky,
and
you
can
find
them
on
the
slack
channel
very
easily.
A
Okay
questions-
and
they
are
both
talking
at
commons
in
kubecon,
for
me
on
microshift
to
give
the
top
as
well.
So
we'll
get
the
word
out
there.
So
there's
a
couple
of
questions.
Neil
was
asking
if
it's
possible
to
have
the
openshift
web
console
on
a
microship
deployment,
particularly
the
microshift
aio
is:
is
it
there
or
it
doesn't
or
is
it
too
much?
Was
it
one
of
not
non-core
things.
B
Sorry,
I
didn't,
can
you
can
you
just
say
that
that
question
one
more
time,
because
I
can't
see
the
chat
for
some
reason.
A
Yeah,
so
if
you
stop
sharing
your
your
screen,
then
then
it'll,
let
you
see
the
chat,
so
it's
like
life,
so
it
basically
the
we
have
the
openshift
web
console
and
they're
wondering
about
sneaking
that
into
the
aio
version
of
microshift
and
leroy
is
asking.
A
B
Yeah,
those
add-on
components
are
the
ones
that
that
the
team
thought
they're
not
really
add-on
because
they're
they're
by
default,
but
you
can
add,
on
you,
can
experiment
and
add
on
other
things.
We,
the
the
the
the
philosophy,
is
to
keep
it
as
small
of
a
footprint
as
small
as
possible.
So
unless
there's
a
really
good
reason,
they're
not
going
to
add
it
on
by
default.
A
So
sally,
I
think
I
think
we
we
have
a
lot
of
good
information
here.
We
also
have
a
few
other
things.
Vadim
is
there
anything
that
we
should
be
asking
that
we're?
Not
that
you
want
to
make
sure.
E
B
Yes,
microshift
runs
on
pi4,
there's
a
there's,
a
very
big
group
of
there's,
a
very
good
big
group
of
people
working
on
it.
There's
some
really
cool
demos
coming
out
on
the
pi.
It's
a
it's
a
main
yep
and
gpu
enabled
also
lovely.
E
B
That's
a
really
good
question,
so
the
references
are
included.
The
images
are
are
not,
but
for
fully
disconnected
there
is
last.
I
checked
they
were
we're
just
finishing
it
up.
How
to
the
images
come
come
tart
up
and
all
you
do
is
like
unpack
them
with
a
podman
command.
It's
super
cool.
If
I
knew
right
where
it
was,
I
would
I
would
find
it,
but
so
it
is
possible.
B
B
B
It
yeah
yeah
and
those
are
those
I
think
are
included
as
like
a
separate
rpm.
So
it
doesn't,
it
doesn't
bloat
the
the
actual
image,
but
if
you,
if
you
want
wanted
to
run
like
that,
you
can
include,
you
know
install
that
rpm,
which
is
just
the.
A
Images
and
and
for
those
interested
in
raspberry
pi,
is
that
also
under
the
microshift.io
website.
Is
there
a
link
somewhere
there
to
the
raspberry
group?
I
think
there
is
definitely.
B
Yep,
if
you
go
on
the
slack,
so
microsoft
has
its
own
slack
org
and
it's
it's
there
in
the
docks.
So
if
you
go
there,
there's
a
whole
channel
for
arm
support.
A
B
I
did
an
alright
overview,
but
definitely
look
at
ricky
and
miguel's
devconf
presentation,
because
it's
it's
great
yeah.
C
Yeah,
so
this
like
sounds
pretty
awesome,
especially
so
with
fedora
core
os.
We
kind
of
we
kind
of
float
every
everywhere
from
like
single
node
pod
man
to
running
okd
on
top,
but
we
have
a
lot
of
you
know
like
you
said
this
is
a
use
case
very
much
in
between
where
people
like
some
of
the
features
of
the
kubernetes
platform,
but
they
don't
necessarily
want
or
have
the
resources
to
install
a
full
okd
installation.
C
I
think
you
know
bringing
this
to
the
fedora
coreos
community
would
be
something
that
would
really
be
popular.
My
only
question
is,
I
know
you
mentioned
this
experimental,
which
you
know.
A
lot
of
these
projects
are
like,
for
example,
if
fedora
core
os
typically
is
more
of
a
set
it
and
forget
it
type.
So
if
they
were
to
run
you
know
the
micro
shift
alden
one
configuration
we
would
want
to
give
them
some
way
to
like
automatically
update
it.
So
it's
you
know
it.
C
B
B
So
the
microsoft
binary
is
provided
as
an
rpm
gotcha
and
then
you
can
run
you
can
run
the
and,
and
that
includes
the
unit
file
for
microshift.
So
you
can
run
that
just
barely
bare
on
your
host
the
microshift,
but
you
can
also
run
the
systemd
service
that
wraps
the
podman
command.
C
B
F
C
B
A
And
I
see
that
jamie
has
has
joined
us,
our
other
co-chair
and
in
the
interest
of
time
sally.
Thank
you
ever
so
much
for
this
and
please
thank
the
entire
team
for
getting
this
work
today.
I
will,
it
really
is
huge.
I
think
I've
waited
nine
years
for
this,
so
this
is.
This
is
pretty
pretty
cool
I'll,
do
whatever
I
can
to
help
you
build
this
community
out.
This
is
this
is
yeah.
B
But
like
it
doesn't
have
a
real
place
yet
so
it
just
it's
it's
new
and
we
don't
know
where
it's
going
to
end
up,
but
yeah.
B
A
We're
pretty
happy
about
this,
so
I'm
going
to
go
back
to
the
regular
agenda
and
the
next
thing
on
the
regular
agenda
here
for
those
of
you
who
are
following
it
is
the
okd
release,
updates
and
vadim
and
christian
are
both
here
so
tell
us
about
dirty,
pipe
and
anything
else.
We
need
to
worry
about
betty.
E
Sure,
a
week
ago
we
released
took
a
d410.
This
was
based,
which
is
roughly
similar
to
the
ga
version
of
ocp.
There
are
still
few
patches
waiting
to
be
merged.
We've
seen
a
problem
with
the
clustered
city
operator,
which
mistakenly
marks
nodes
as
a
insufficient
disk
space,
or
rather
disk
speed.
E
There
are
workarounds
for
all
these.
We
haven't
seen
any
catastrophic
failures.
John
14
has
reported
a
problem
with
the
staff
mount
in
the
registry,
we're
still
investigating.
What's
up
with
that
and
this
weekend,
I'm
going
to
release
another
food
sand
version
of
the
upgrades.
The
problem
is
that
it
contains
a
kernel
update,
picks
for
the
dirty
pipe
vulnerability,
which
allows
five
users
to
rewrite
read-only
files.
E
E
We
will
add
this
part
of
announcement
that
you
need
to
make
sure
that
your
nfs
won't
break
and
read
more
details
on
the
bugzilla
before
the
next
release
and
we'll
include
other
fixes
coming
from
fedora.
Another
important
support
hand
release
is
that
we
have
finally
upgraded
the
door
35
and
we'll
be
following
the
fedora
course
table.
E
We
also
updated
the
system,
installer
config
maps,
to
make
sure
that
you
can
install
410
with
that,
and
now
we
need
to
update
our
documentation
to
mention
a
new
way
to
run
single
node
clusters
using
system
installer.
This,
unfortunately,
has
to
be
hosted
on
your
site.
We
cannot
use
the
hosted
version
of
assisted
installer
on
consolerealhead.com,
but
it's
fairly
simple
really,
and
we
will
also
update
the
documentation
to
mention
that
the
bare
metal
api
is
finally
supported.
E
I
haven't
seen
any
reports
that
it's
actually
working,
so
if
anyone
has
the
luxury
of
redfish
I
track,
and
all
things
like
that,
I
would
like
to
test.
Okay.
That
would
be
very,
very
appreciated.
E
I
believe.
That's
all.
We
have
for
the
actual
release
of
dates,
we're
also
working
on
coreos
layering,
which
will
simplify
our
builds
and
would
enable
people
to
layer
their
own
configuration
settings
and
the
rpms
onto
their
custom
disks
as
if
it
was
a
standard,
build
config.
But
all
of
that
work
is
still
highly
experimental.
We're
waiting
for
a
critical
piece
in
mco
to
land
before
we
can
start
rolling
this
out
yeah,
I
believe.
That's
it.
A
D
Just
to
quickly
add
to
that,
maybe
dusty
has
some
more
info
on
that
too.
The
the
chorus
layering
is
planned
for
4.11,
so
for
the
4.10
time
frame
that
will
land
in
at
least
not
in
the
same
version
of
eddie
until
then,
but
yeah.
D
I
think
that
that's
going
to
bring
with
it
a
few
big
improvements
both
on
the
usability
side,
as
well
as
on
the
on
our
ai
and
testing
side,
because
we'll
be
trying
to
to
move
an
okd
end
to
end
test
into
fedora
core
os,
essentially
to
have
okd
enter
and
test
it
for
each
fedora
coreos
change,
which
hopefully
we
currently
only
do
this
discreetly
and
we
don't
have
continuous
testing
really
for
that.
D
So
hopefully
that'll
improve
our
yeah
just
how
we
test
things
a
lot,
and
hopefully
we
can
avoid
breakages
to
update
with
that
in
the
future.
C
Yeah
real
quick
for
the
nfs
issue
that
vadim
mentioned.
If
we,
if
I
understand
that
correctly,
it
only
happens
for
certain
like
nfs,
like
server
nas
products
that
exist,
so
I'm
hoping
that
it.
I
don't
think
it
is
something
that
affects
everybody
who
uses
nfs.
C
I
think
it's
only
if
you
happen
to
have
one
of
these
cunas
or
qnap
nas
devices,
then
you
would
be
affected,
but
hopefully
not
everybody
who
uses
nfs
would
hit
an
issue
I
mean
otherwise,
there's
no
way
people
are
running
the
kernel
like
a
newer
kernel
and
not
complaining
about
this.
A
All
right,
so
I
don't
see
timothy
here
and
the
next
thing
up
is
usually
the
fedora
core
os
update,
so
maybe
dusty.
If
there's
anything
go
for
it.
C
Yeah,
I
don't
have
anything
too
specific
other
than
obviously
that
new
kernel
is
coming
to
stable
and
they
mentioned
it
earlier.
We're
gonna
start
rebasing
our
next
stream
onto
fedora
36
here
in
the
next
week
or
so,
and
that's
coinciding
with
the
fedora
36
beta.
So
you
might
be
able
to
use
that
as
an
opportunity
to
get
some
early
testing
in
on
the
fedora
36
bits.
A
And
so
the
next
thing
up
do
I
see
brian
innis
on
for
doc
updates.
F
Brian
is
not
able
to
to
make
it
today,
but
I
can
jump
in
with
a
couple
of
the
things
that
we
have
from
that,
so
the
code
of
conduct
is
now
up
and
congratulations
and
thanks
to
all
the
people
that
helped
contributing
towards
the
code
of
conduct
and
we're
gonna
start
filling
in
details
for
operator
wants
and
wishes
on
christian's
original
issue
in
the
repo
which
dates
back,
I
think
to
like
january
or
february
of
last
year,
or
something
like
it's
been
around
for
for
a
while.
F
So
the
idea
is
that
folks
should
start
having
conversations
on
that
issue
within
that
issue
about
your
wants
and
needs
and
desires
for
operators
using
the
forthcoming
operator
catalog
for
reworking
the
okay,
the
base
repository
we're
going
to
start
just
creating
prs
to
align
with
vadim
and
other
folks
sort
of
signing
off
on
the
proposed
changes.
As
we
move
to
the
new
repo.
F
Multiple
people
have
been
added
as
owners
of
the
new
okd
dash
project
repo.
So
there's
now,
probably,
I
think
a
dozen
people,
brian
myself,
bruce
diane,
so
the
usual
suspects
are
there
and
we
want
to
make
this
accessible
to
folks
and
start
moving
there,
then,
at
the
next
docs
meeting
we're
going
to
get
very
specific
with
our
transition
plan
to
it.
Another
thing
that
came
up
is
website.
Styling
brian
is
working
with
brandon
on
improving
the
visibility
and
accessibility
of
the
okd
website.
F
The
new
okay
website
get
the
getting
the
color
scheme
together
and
properly
tweaked
and
then
also
basically
we're
gonna
talk
about
matrix
and
make
a
decision
because
folks
are
having
a
hard
time
registering
in
matrix.
So
we
may
scr
actually
scrap
the
idea.
If
anyone
in
this
group
has
feedback
on
matrix
and
has
been
able
to
successfully
register
and
has
found
it
useful
and
thinks
okd
should
be
using
it.
F
Please
share
with
us
in
the
documentation
group
your
experiences,
because
three
people
in
the
documentation
group
have
had
issues
trying
to
register
with
matrix.
D
Yeah,
sorry,
jimmy
quick,
quick
question:
have
they
registered
with
the
fedora
matrix
instance
or
which
one
because
I
I
have
multiple
matrix
accounts
like
with
the?
What
is
it
riot?
Are
they
the
original
matrix
one
then
there's
one
from
right,
so
this.
F
Is
supposed
to
be
a
room
hosted
on
the
fedora
one,
and
so
there
apparently
so
brian,
for
example,
is
getting
when
he
tries
to
use
his
gmail
account.
Your
organization
is
not
approved
to
use
some
sort
of
message
along
those
lines.
I
wish
brian
we're
here
to
provide
more
info,
but
maybe
we
need
to
clarify
the
instructions
a
little
bit.
F
D
I'll
get
back
to
you
on
on
that
because
for
me
it
works
and
I
can
even
use
my
my
mozilla
matrix
account
to
access
the
fedora
rooms.
So
I
don't
know:
okay.
F
Yeah
sure
so,
let's
go
through
issues
real
quick
see
what
is
new
and
fun
and
exciting
the
ovn
kubernetes
bugs
working
with
external
ips.
F
E
On
this,
simple
contact
accessory
we're
still
discussing
this,
so
there
is
a
relay
feature
or
rather
ocd
feature
to
easily
deliver
subscriptions
to
relate
notes,
that's
great
and
absolutely
useless
foreign.
There
is
a
setting
how
to
disable
it,
but
we're
still
discussing
should
we
own
the
whole
config
map.
What
are
the
implications
of
us
setting
this?
E
So
once
we
clear
this
with
the
inside
of
radio
folks,
we
can
easily
add
this
as
as
a
config
map
during
the
next
update,
it
would
be
automatically
applied
and
the
alert
would
be
gone.
So
it's
fairly
easy
to
fix.
The
problem
is
that
we
don't
know
all
the
consequences
of
this
just
yet.
E
F
Okay
and
speaking
of
discussion,
so
there
is
in
the
discussion
section
that
conversation
with
john
about
the
nfs
and
so
there's
a
an
error,
and
we
should
probably
mention
this
in
the
meeting,
because
other
folks
might
have
this
issue.
So
this
is
in
discussion.
1153
john
interpreted
the
error
as
to
mean
in
our
back
issue
initially,
but
actually
it's
from
the
storage
file
system.
It's
it's
the
nfs
issue
and
this
it
was
causing
the
builder
to
fail.
F
Basically-
and
so
folks
should
check
that
out
to
get
clarification
that
this
has
to
do
with
the
storage
and
not
with
the
builder
account
service
account
permissions.
F
Let's
see,
that's
it
for
discussion
items
and
issues
so
operator
status.
Did
we
talk
about
that?
Yet
do
you
want
to
does
do
either
of
you
want
to
provide
an
update?
If
you
haven't
already,
we.
E
Don't
have
anything,
unfortunately,
so
the
we
have
all
the
infrastructure
in
place.
Now
the
hard
part
is
to
get
a
buy-in
from
the
teams
so
that
they
would
start
deciding.
Should
their
operator
be
in
the
community
repo
or
should
they
move
to
okd
specific
repo?
Should
it
just
be
created
in
the
okd
specific
repo
since
410
has
been
released,
they
would
have
more
time
to
actually
get
this
done
and
we'll
start
pinging
them.
E
D
I
think
we
will
see
some
movement
on
that
soon.
Now
that
4.10
is
out,
the
the
stress
level
is,
is
a
bit
lower
for
everybody,
so
I
think
we
will
now
we'll
have
better
chances
for
the
teams
to
go
ahead
to
look
at
actually
building
part
of
kt.
A
Is
there
any
outreach,
vadim
and
christian
that
we
should
be
doing
that?
I
should
be
doing
maybe.
D
I'll
I'll
revive
that
internal
chat,
we
have,
with
the
operator
hub
folks,
see
that
we
can
kind
of.
A
If
we
could
get
something
set
up
and
then
at
kubecon
eu,
I
know
both
you
and
vadim
are
going
to
be
there
and
daniel
messier
will
be
there
and
maybe
some
of
the
other
opera.
Maybe
we
can
just
put
our
heads
together
and
get
a
a
road
map
put
together
at
that
point,
hopefully
before
me,
but
that's
that
would
be
nice
to
move
that
forward
as
well.
F
F
Okay
and
christian,
did
you
wanna
touch
briefly
on
the
provider
onboarding
stuff.
D
Yeah,
just
very
briefly,
I
thought
it
might
be
interesting.
We
have
internally
created
documentation
at
first.
It
was
just
geared
towards
our
developers
within
within
red
hat,
but
we're
going
to
open
that
up
and
it's
public
now
a
kind
of
an
onboarding
guide,
how
to
get
new
platforms
to
run
openshift,
and
that
is
not.
D
Actually,
it
is
kind
of
geared
towards
the
platform
providers,
so
they
can
onboard
openshift
themselves
and
add
support
themselves
without
having
to
involve
red
hat,
at
least
at
first
there's
kind
of
a
tiered
support
model
in
the
works
and
that
all
of
that
applies
to
okd
as
well,
though,
and
we've
had
internally,
we've
had
two
folks
enable
openshift
are
getting
openshift
to
run
on
the
vulture
cloud
as
well
as
on.
D
I
think
digital
ocean
kind
of
just
following
the
steps
there,
both,
which
obviously
aren't
supported
in
any
way,
but
just
for
folks
interested
in
running
okd
on
on
infrastructure
that
isn't
already
supported.
Officially,
that
is
gonna,
be
the
place
to
look
at
what
what
to
do
and
how
to
proceed.
There,
it'll
it'll
kind
of
be
geared
towards
ocp
towards
the
providers
themselves.
To
to
then
add
official
support
along
the
way,
but
yeah
all
of
that
applies
to
okd's
well
on
the
technical
level.
D
So
if
you
want
to
kind
of
try
to
install
okd
on
another
platform,
that
would
be
a
repository
where
a
lot
of
information.
F
A
So
I
I
just
had
a
quick
question
for
two
questions:
what
is
this
vulture
cloud
that
you
you
speak
of?
I
haven't
heard
of
it
before
and
can
you
put
a
link
to
that
in
I
haven't,
haven't,
seen
them
and
there's
a
bazillion
clouds
out
there.
So
it's
good
to
know
a
new
ones
there
or-
and
I
had
also
heard
that
alibaba
cloud
and
azure
stack
we're
now
documented
in
the
openshift
docs
or
michael
burke.
There
was
a
little
thread
on
that
vadim
you
are
on
and
thank
you.
D
Yeah,
that
was
that
was
a
new
cloud
for
me
as
well.
I,
a
colleague
of
mine,
did
that
in
our
hack
week
and
yeah
he
got
it
to
run
cool.
A
So
the
other
I'm
just
curious.
The
alibaba
and
the
other
azure
stack
hub
are
those
going
to
magically
appear
in
the
okd
op
docs
dot
io,
or
is
there
something
we
have
to
reach
out
in
the
docs
group
with
michael
burke
to
make
sure
they
show
up.
E
D
Do
we
have
fedora
coros
images
on
both
of
those
on
on
alibaba
and
azure
stack
up.
E
C
We
have
both
the
images.
Unfortunately,
we
don't
have
access,
at
least
for
alibaba.
We
have
azure
access.
I
don't
know
about.
Is
your
stack
to
be
honest
with
you,
but
we
don't?
We
don't
have
community
access
right
now
for
alibaba,
so
we're
not
uploading
or
testing
every
release,
but
that's
that's
kind
of
like
a
a
manpower
problem
and
an
access
problem
like
with
enough
manpower,
probably
talk
to
the
right
people
to
get
proper
access,
but
we
just
we're
spread
a
little
thin.
C
E
To
actually
test
this
I'll
try
to
do
this
next
week,
but
nobody
has
requested
alibaba
and
azure
stockhop
to
okay.
Specifically,
so
that's
what
we
get
for
free.
A
Okay,
so,
if
anyone's
listening
to
this
recording-
and
they
wanted
either
of
those
things
reach
out-
and
let
us
know
the
other
thing
that
I
just
wanted
to
drop
in
the
last
60
seconds
is
over
a
year
ago,
we
did
sort
of
a
configuration
and
deployment
summit
for
okd
where
everybody
walked
through
it.
And
I
think
at
this
juncture
I'm
you
know-
maybe
some
the
vulture
folks,
the
digital
ocean
folks,
and
maybe
it's
time
to
revisit
that
as
something
to
bring
the
okd
community
together
again
and
then
to
expose
these
new
docs.
A
If
I
can
see
a
few
thumbs
up
there
in
the
chat,
if
we
could
organize
something
for
that,
probably
post
kubecon
eu
in
june
ish
that
I
think
that
would
be
a
lovely
time
to
to
do
a
push
around
that
and
again.
That
would
be,
I
think,
virtual,
but
a
way
to
do
that
and
then
create
find
the
panda
logo
the
latest
one
and
give
away.
A
You
know
t-shirts
and
swag,
or
something
like
that
for
people
to
do
that
and
you
do
it
in
conjunction
with
the
docs
groups,
push
to
get
updated
guides.
So
part
of
you
know,
so
I
think
that
I
think
the
timing
is
right
now,
with
these
new
docs
being
out
there
so
the
weekend
dusty,
we
can
work
with
you
to
make
sure
that
you
know
maybe
june
july
time
frame.
A
So
we
can
work
on
that,
but
yeah
cool
and
my
last
question
for
vadim
and
I
haven't
checked
because
I've
been
offline
for
three
days.
Did
we,
when
were
you
able
to
use
the
twitter
handle
to
do
an
quick
announcement
on
the
latest
release.