►
From YouTube: CNCF Harbor's Community Zoom Meeting - Feb 8, 2023
Description
CNCF Harbor's Community Zoom Meeting
A
Okay,
we're
recording
hello.
Everyone
today
is
February
8th
and,
as
the
official
community
meeting
for
Harbor,
my
name
is
Julian
vasilev
and
I'm.
The
community
manager
for
Harbor
I
also
try
to
do
some
devrel
kind
of
stuff
recover.
For
those
of
you
who
don't
know
me
in
the
slack
I'm,
sorry
in
the
zoom
chat,
I'm
gonna
paste
once
again
the
link
to
our
community
meetings,
notes
and
I'm,
also
gonna
open
them
and
share
them.
A
So
we
can
all
see
what
we're
gonna
talk
about.
Alrighty.
A
All
right,
I
hope
EO
can
see
that
single
window
shirt
and
let's
see
what
kind
of
topics
we
have
for
today,
yeah.
So
a
few
updates
from
my
site.
First
before
we
begin,
our
community
maintainers
track
for
kipcon
was
accepted
for
kubecon.
So
congratulations.
A
There
will
be
the
two
maintenance
who's
going
to
represent
our
little
project
at
kubecon
to
the
maintenance
track.
Also
we
have
a
kiosk
boot
for
the
like
the
the
afternoons
for
the
three
days,
so
whoever
is
going
to
join
kubecon
is
more
than
welcome
to
take
some
some
time
to
spare.
On
the
boot
talk
to
people.
We
also
requested
to
have
a
community
sorry
project
meeting
at
kubecon
and
what
else.
B
A
Unfortunately,
all
the
others
Harbor
rented
talks
were
rejected,
but
that's
that
kubecon
is
facing
again
a
record.
A
record
number
of
cfps
submitted
so
I
think
it's
just
super
hard
for
everyone
to
to
judge.
I
can
say
that
because
I
was
part
of
the
the
team
who
made
the
discussions
on
the
community
and
track
101
and
we
had
like
double
then
the
last
time
in
Europe,
so
it's
just
insane
yeah.
So
for
this
one
I'm
gonna
open
the
floor
for
everyone
else.
A
A
By
the
way,
that's
open
for
everyone
else
who
wants
to
do
the
Montana
Mentor
thing,
so
we
were
accepted
with
four
projects.
I'm
gonna
show
that
in
a
second
let
me
let
me
see
if
I
can
find
that
link
super
quick.
A
So
we
have.
We
were
applied
with
four
with
four
four
projects
and
they
were
all
accepted
or
project
ideas.
A
You
can
see
them
over
here,
so
we
practically
translated
some
some
of
the
most
common
issues
that
we
can
see
opened
by
the
community,
some
more
complex
regex
for
the
application
rows,
an
effort
to
kick
off
a
golang,
AP,
client,
API
client
and
to
the
next
one,
was
to
implement
an
overview
of
the
CV
per
project
or
the
whole
power
instance
and
the
last
one
was
the
robot
accounts
implementation.
So
they
can
have
a
full
full
access
to
the
API.
A
So
there
was
an
issue
by
adding
us
to
the
Linux
Foundation
Mentor
mentee
program,
and
we
have
an
extra
week
because
they
screwed
up
something
to
be
added
in
the
list.
So
if
you
want
to
be
part
of
the
mentor
list,
we
have
listed
right
now,
Vadim
and
Yan,
and
for
some
I'm
listed
as
well.
But
if
you
want
to
do
the
mentoring
stuff,
you
can
open
the
link
over
here.
A
I'm
gonna
place
that
in
the
in
the
community
meetings-
and
you
can
see
how
you
can
sign
up
so
with
that
some
stuff
popped
up
last
week
when
we
were
discussing
some
stuff
and,
for
example,
this
proposal
to
be
able
to
implement
something
that
we
spoke
with
Tom
once
or
twice
a
global
disable
or
enabled
public
repositories
per
the
whole
instance.
A
A
Unfortunately,
that
brings
me
to
another
topic
which
is
Roger
is
not
the
PM
anymore
from
our
site
for
Harbor.
I
cannot
share
more
news
about
this
one
or
reasons,
but
I'll
keep
you
posted.
What's
gonna,
what's
gonna
happen
in
the
future
with
the
row
of
PM,
so
that
said,
anyone
else
I'm
speaking
too
much
today,
so
I'm
going
to
shut
up
and
leave
the
floor
for
everyone
else
to
talk
about
some
issues
or
something
that
we
want
to
have
discussed.
I
can
see
Tom,
you've
added
something
they
want
to
take
it
away.
C
Yeah
I
can
quickly
I
have
to
go
in
about
20
minutes,
but
I
can
quickly
run
through
this.
C
So
one
thing
we've
noticed
is
that
basically,
because
this
is
kind
of
a
schedule-
basically
a
Cron
job,
for
running
vulnerability,
scans
right,
so
we
use
Travian,
R
setup,
which
I
would
imagine
most
people
do,
because
it's
quite
easy
and
we've
got
it,
set
up
to
do
daily
scanning
and,
as
we
see
the
amount
of
artifacts
in
the
registry
increasing
over
time,
we
see
kind
of
the
the
queue
for
scanning
getting
longer
and
longer
and
longer,
and
it
also
has
quite
an
effect
on
the
performance
of
the
database.
C
So
you
know,
CPU
usage
on
the
database
generally
throughout
the
day
is
kind
of
like
nominal
right
like
quite
low,
and
then
it
comes
to
vulnerability
scanning
time
and
suddenly
it's
basically
sitting
at
100
for
hours
and
as
more
artifacts
get
added
yeah.
That's
only
going
to
get
worse
and
worse
and
worse
and
I
can
imagine
it
kind
of
spreading
into
a
workouts.
At
some
point
and
I
wrote
up
this
proposal
because
it
kind
of
seems
to
me
that
it
could
potentially
be
done
in
a
different
way.
C
The
the
vulnerability
is
getting
like
the
scheduled
kind
of
thing.
So
at
the
moment,
it's
basically
a
crown
job
that
says:
okay
at
this
time
go
and
just
scan
everything
which
obviously
has
some
issues
as
stuff
gets
bigger
potentially,
and
this
is
kind
of
what
I'm
proposing
potentially,
instead
of
doing
it.
That
way,
it
could
be
like
a
continuous
job.
That's
looking
at
okay!
C
When
was
this
image
last
scans,
you
can
kind
of
set
goals
like
you
know,
we
want
to
have
images
scanned
every
24,
48
whatever
hours
and
then
there's
a
basically
a
constant
running
process
that
looks
at
when
was
this
image
last
scanned?
Should
I
scan
it
again
now,
yes
or
no
to
kind
of
so
there's
a
kind
of
constant
background
hum
of
scanning,
rather
than
kind
of
just
this
all-in-one
thing.
Obviously
it
has
some
implications
because
then
you've
got
more
constant
load
over
time.
C
You
can
probably
get
quite
still
spikes
and
then
it's
a
bit
harder
to
predict
when
the
spikes
will
be,
at
least
with
the
current
setup.
You
know
okay.
Well,
we
know
that
there's
always
going
to
be
a
spike
at
this
time.
When
trivia
starts
its
thing
but
yeah,
that's
basically
the
proposal,
I'm,
not
sure
I,
don't
know
if
it's
a
good
idea.
This
is
kind
of
just
a
kind
of
what
popped
into
my
head.
C
When
we
were
looking
at
this
thing,
because
at
the
moment
we're
looking
to
have
to
to
increase
our
database
instant
size
purely
to
account
for
this
Spike
that
we
notice
the
rest
of
the
day,
we
don't
really
have
a
huge
amount
of
consistent
usage,
yeah.
D
C
Yeah,
unfortunately,
we
we
didn't
look
too
closely
at
the
using
RDS
and
the
default
RDS
logging
is
not
great,
so
we've
realized
that,
after
the
fact,
so
we're
going
to
be
increasing
the
instance
type,
no
matter
what
so,
when
we
do
that,
we're
going
to
enable
the
kind
of
slow
log,
slow
query,
logging
and
all
that
kind
of
stuff,
so
that
we
can
kind
of
get
better
insight
into
it.
C
D
It
depends
on
on
the
workloads
right,
so
it's
more
depending
on
the
what
type
of
workloads
they
are
and
operations
they
are
so
that
you
know
you
need
to.
Currently
you
need
to
opt.
You
need
to
see
what
is
the
database
load
and
to
optimize
for
different
scenarios,
but
there
is
no
to
my
notice,
there's
no
documentation
on
that.
A
E
So
you
mean
database,
optimization
or
or
yeah.
A
E
Yeah
yeah,
actually
we
did
some
code
change
and
and
produced
by
release
to
to
resolve
some
bottleneck
that
reported
by
the
community
users
and
our
customers.
I
can
share
some
experience
from
one
of
our
internally
Enterprise
user.
They
set
up
the
post
postgres.
E
The
the
HRA
cluster
works
well
on
at
their
site
and
and
we
did
some
tuning
on
their,
they
have
a
DBA
database
that
I
mean
to
help
them
to
figure
the
bottleneck
of
their
the
database
instance
to
as
some
memory
or
or
or
enlarge
the
database
connection
size
account
and
yeah.
F
A
We
should
because
that's
not
the
first
time
when
we
have
someone
saying
hey
our
database
is
super
struggling
with
the
with
the
loads.
What
we
can
do
so
maybe
we
can
think
about
it,
like
stream,
aligning
it
into
like
to
take
experience
from
VMware,
continuous
Solutions
and
now
NS
and
and
combine
it
into
one
document
and
you'd
be
like
yeah.
We
don't
guarantee
the
best
performance
out
there,
but
if
you
do
these
simple
steps
that
will
give
you
a
bit
more
right.
Yeah.
C
Yeah
yeah
I've
been
kind
of
encountering
this
because
now
we've
been
using
it
for
a
while,
so
we're
encountering
kind
of
more.
You
know
day
two
operations
kind
of
stuff,
and
it's
it's
more
like
the
devil,
is
in
the
details
right
so,
for
example,
you
know
we're
using
S3
for
artifact
storage
and
what
we're
noticing
we've
got.
Versioning
enabled
we're
noticing
kind
of
overtime.
C
You
know
the
amount
of
storages
kind
of
climbing
quite
intensely
so
like
what
would
be
really
nice
is
if
we
had
a
kind
of
community
kind
of
contributed
to
page
with,
for
example,
just
implementation
guidelines
like
use
at
your
own
risk,
but
this
is
kind
of
from
our
experience.
We've
noticed
this
kind
of
stuff,
like
S3,
enable
a
lifecycle,
roll
to
expire,
non-current
versions
after
X
amount
of
days
and
blah
blah
blah.
That
kind
of
thing
I
think
it
might
be
handy.
E
A
By
the
way,
I
still
don't
have
the
book,
but
I'm
still
writing
my
copy
by
the
way,
but.
E
G
The
way
Tom,
what
is
the
current
version
that
you
you
gotta
use?
I
mean
Hubble
version.
C
I
think
we're
pretty
up-to-date
I
think.
Let
me
just
grab
my
card
I
think
around
two
seven
at
the
moment
or
something
that's.
G
Or
team
member
have
done
some
performance
Improvement
either
in
the
Circle
I
mean
tuning
the
circle
or
doing
some
color
change
to
improve
the
performance.
So
just
so
curious.
What
is
the
version
you
are
using?
So
if
you
use
still
see
there
are
some
performance
or
issue,
maybe
you
can
open
a
ticket
and
put
some
details
on
that.
So
we
can
do
some
investigation
to
see
the
code
change.
You
needed
to
support
that.
C
Yeah,
my
gut
feeling
is
it's
just
the
amount
of
the
amount
of
scanning
that's
happening,
but
we're
gonna.
What
I'll
do
is
once
we've
enabled
the
slow
log
slow
query.
Logging
then
we'll
have
some
more
data.
Unfortunately,
we
need
to
basically
reboot
the
instances
to
do
that,
so
we're
gonna
we're
trying
to
delay
that
a
bit
until
we
actually
upgrade
the
instances,
but
once
I've
got
that
I'll
create
an
issue
for
it.
C
Okay,
yeah
yeah,
we're
on
version
we're
using
Helm
chart.
So
one
ten
two
at
the
moment
so
I
think
that's
pretty
recent.
D
C
G
E
So
I
appreciate
that
you,
you
can
okay
happy
issue
and
provide
some
fundings
or
details,
database,
usage
or
or
something
else.
You
know
CPU
memory
yeah.
So
then.
A
By
the
way,
I
mentioned
a
book
and
if
you
don't
know
I'm
not
on
mute
right,
we
have
that
book
out
from
from
young
one
and
and
I'm
sorry.
But
I
cannot
read
that
name
properly,
so
I'm
not
going
even
to
try
so
congratulations
of
the
book.
Yet.
E
B
A
Let's
put
this,
so
you
can,
if
you're
interested,
you
can
get
a
copy.
Okay.
A
D
There
quota
checking
yeah,
so
thank
you
so
much
a
minor
Improvement
here
I
checked
the
code.
D
E
I
have
a
review
of
this
VR
already,
but
since
the
the
change
will
impact
the
quarter
and
the
push
scenario,
so
I
like
to
take
more
time
to
do
some
more
deep,
deep
dive
or
investigation
on
this
far
since.
D
E
The
the
change
is
not
big,
but
the
the
impact
that
the
push
scenario.
This
is
the
one
or
the
most
important
scenario
of
Harbor,
so
yeah
I
have
already
talked
with
the
another.
A
maintainer
Who
wrote
the
code
on
the
code,
so
yeah
I
will
follow
up
this.
This.
A
E
D
E
Yeah
yeah
the
change,
the
current
logic
to
intercept
the
the
approach
request
for
manifest
and
Broad.
This
is
the
quite
important
part
of
Harbor,
so
we
should
be
sensitive
for
this
PR
I
I
will
not
approve
that
before
I.
I
totally
understand
that
the
change
and
the.
B
E
All
the
scenario
that
I
I
can
think
about
that
yeah.
So,
yes,
it
will
take
time.
D
Yeah,
okay,
I
understand
yeah,
because
I
didn't
understand
it
correctly.
What
it!
What
is
the
change,
because
the
only
changes
is
here
at
the
function
here?
No,
that's
the
test
function,
that's
the
no!
It's!
This
initiate
a
lot
of
thought.
D
Well,
this
is
the
test
function,
so
it
doesn't
it's
this
one
here
in
YouTube,
go
because
it
doesn't
really
remove
the
checks
check
against
current
used
resource
and.
E
A
These
guys
that
are
trying
to
to
use
this
to
everything.
Can
you
can
you
record
this
one
we're
taking
a
look
at
this
one
together
once
these
guys
that
put
it
their
private
key
to
the
certificate
in
the
epr.
A
D
A
D
E
B
A
And
if
you
can
take
a
look
practically,
they
want
to
as
part
of
the
CI
they
want
to
integrate
Harbor
into
so
it's
part
of
our
CI
to
spin
up
a
cover
in
their
environment.
So
we
can
do
the
tests
on
live
machines
and
then,
when
the
pr
is
closed,
they're
going
to
destroy
the
instance,
so
this
stuff,
like
the
the
quarter
testing,
we
can
have
them
more
easily
up
and
for
user
kind
of
testing.
So
if
you
can
take
a
look
at
this,
one
sounds
cool,
so
yeah
I'm
not
voting
problems.
F
A
One
it's
just
it's
just
interesting
PR,
which
is
not
related
to
the
project,
but
from
user
and
contributor
perspective,
it's
going
to
be
useful
right
now,.
E
I
I
saw
him.
I
saw
hey,
created,
several
pull
requests
for
different
open
source
projects.
E
So
I
I
mean
that
the
we
can
monitor
their
action
to
see
whether
they
decide
to
accept
that
yeah,
because
that
it
seems
that
they
wanted
to
automatizing
their
product
right.
Yeah.
A
E
Yeah
within
the
CNC
community,
so
so
we
can
see
other
teams.
F
E
A
Mean
Ryan
I'm,
sorry
man,
some
are
you
gonna
dance
or
what
you're
gonna
do.
E
I
was
send
your
link.
A
Okay
and
I'm
gonna
add
it
into
the
community
meeting
all
right
any
other
topics,
if
not
I
I,
want
to
give
the
time
we
have
two
new
folks
on
on
the
call
to
present.
D
This
no
regarding
the
issues-
and
there
is
one
issue
not
discussed
the
stable
kind
of
the
first
one.
It's
it's
yours,
like
oh
yeah,
I,
think
you
missed
it
right.
Yeah.
B
A
I
think
we
I,
maybe
I
I-
was
thinking
about
mentioning
it.
Thank
you
very
much
anyway.
There's
a
proposal
to
team
Samantha
Global
enabled
disable
Anonymous
success.
So
if
you
can
take
a
look
at
this
one.
D
D
I
think
I
would
like
to
add
to
this
proposal
something,
and
it
is
related
to
you
know,
a
few
vulnerability
reports
that
we
received
recently
with
these
false
positives
that
we
got
and
and
I
think
this
will
address
this
issue
so
because,
when
you
have
the
possibility
to
make
projects
like,
if
you
go
to
the
description
and
in
The
Proposal,
because
the
proposal
just
says
like
Anonymous
access,
disabling
it
but
I
think
if
we
can
make
it
like
a
bit
like
a
git
gitlab
scroll
down
scroll
down
to
tianon
mentioned
this
and
I
think
it's
really
good
idea.
D
So
if
we
would
have
something
like
this
in
Harbor
right,
like
restricted
visibility,
levels
like
private
internal
public,
and
this
would
allow,
for
example,
the
internal
users
to
access
the
the
images
or
public
or
private.
So
this
would
make
you
know,
obviously,
projects
projects
and
also
the
the
whole
registry,
private,
internal
or
public
and
I
think
this
would
be
a
great
Improvement
in
in
Harbor.
If
this
must
be,
this
would
would
be
existed.
A
Yeah
and
Tom
left,
but
we
were
having
a
chat
with
him
and
he
said
that
his
first
job
when
he
arrives
at
work,
is
to
open.
F
A
And
to
see
how
many
public
repositories
there
are
created
and
to
go,
and
after
the
folks
who
created
them
to
close
them,
because
that
can
bring
some
some
issues
and
if
we,
as
far
as
you
understand
that
bank,
if
we
implement
this
thing,
that
issue
go
away
right.
E
Yeah,
but
the
per
tianist
or
Commerce,
it's
it's
not
related
with
the
this
proposal.
I
I
believe
so
the
the
title
of
the
sphere
is
enable
disable
Anonymous
access
provide
three
states
opinion
for
both.
F
D
E
D
Internal
right,
yeah,
I
I,
would
Pro
I
would
yeah
I
would
actually
favor
the
proposal
from
tianon
and
then
I
either
changed
it
124
or
close
it
and
create
a
new
one,
so
create
a
new
one
and
close
124
or
accept
124
under
the
condition
it
is
implemented
like
tianan
suggested.
So
it
depends
how
we
How
We
Do
It.
A
We
all
agree
that
that
such
functionality
is
needed.
We
can
close
this
one
and
all
the
interested
parties
in
this
one
to
implement
it.
We
can
like
set
up
an
hour,
oh
just
to
figure
out
which
direction
we
want
to
go
and
to
craft
out
the
the
new
proposal.
What
do
you
think?
D
A
H
A
Okay,
so
Vadim,
are
you
gonna,
take
this
one
or
yeah.
B
E
It
sounds
like
a
commercial
of
requests,
so
we
can
sun
up
to
the
use
a
group
to
let
them
know
on
whether
they
wanted
this
feature
or
not.
To
give
us
some
give
us
some
feedback
From
perspective
of
their
Enterprise
use,
so
so.
F
F
A
Good
okay,
but
then,
if
you
think,
I
can
help
out
with
with
this
one
just
drop
my
line:
okay,
okay,
yeah,
like
wording
it
out
or
whatever
you
think
I
can
I
can
be
in
Hope.
F
A
A
A
B
A
Okay,
so
I'm
gonna
link
also
that
thing
to
the
to
our
community
meetings
and
until
when
I'm
doing
this
one
I'm.
Sorry,
if
I'm
mispronouncing
your
name
but
first
can
you
can
you
introduce
yourself
please.
H
Definitely
so
hi
everyone
I'm
part
agrawal
I'm
pressing,
my
undergrad
at
idbhu
from
India
and
I've
worked
on
open
source
project
like
vectil
and
other
communities
like
bar
data
and
CNC
and
Peters
I'm,
currently,
an
Outreach
in
Mentor
at
Bechtel
and
I'm,
looking
forward
to
apply
for
reject
application
project
at
Harbor.
A
Nice
did
you,
did
you
apply
through
the
the
the
mentoring
program
or.
A
A
Yeah:
okay,
because
yeah
as
I
said
in
the
very
beginning,
there'll
be
some
delays
in
the
process
of
approving
all
the
applications
and
stuff.
So
welcome
and
I
think
you
also
submitted
some
some
PR
study
to
the
website
right.
A
Folks
over
here,
so
practically
that's
the
the
core
team
that
works
on
on
Harbor.
Of
course,
there's
some
some
missing,
but.
B
A
I
cannot
promise
we'll
respond
right
away,
but
yeah
we'll
be
around
so
yep
welcome
and
yeah
Tom
left,
but
I
can
I
can
I'm
not
sure
if
everyone
else
has
seen
Tom
but
Tom
is
from
the
the
Netherlands
Railway
system
and
they
have
adopted
Harbor.
A
A
So
yeah
I'm
not
trying
to
take
his
words
out
about
yeah.
That's
that
is
pretty
much
what
we
chatted
about
yeah.
So
with
that
I.
Don't
have
anything
else
for
today:
I'm
gonna
work
on
the
kubecon
organization,
so
we
can
have
some
swag,
some
yeah
we
can
do
some
breakfast
or
even
dinner
depends
on
the
amount
of
people
that
we
can
get
there.
And
what
do
you
think
that
I
can
get.
G
Planning
we
have
a
new
Milestone
named
Peach
of
Reed
right
at
that
time.
The
Dell
me
stone.
There
is
February
6th,
so
I
think
we
have
already
reached
that
page
so
say.
Payload
for
to
the
latest,
release
will
be
I
mean
to
be
finalized.
We
were
not
introduce
any
new
functionality,
it's
except
that
is
a
big
issues
or
other
important
functionality
impact
the
ticket.
So
that's
something
I
want
to
share
in
this
meeting.
So.
G
Problem
I
will
add
that.
A
B
A
So
whatever
new
stuff
comes
in
to
be
targeted
for
two
nine
or
right.
H
A
All
right,
okay,
anything
else,
folks,
anything
that
needs
public
attention
and
we
want
to
discuss
it.
A
Okay
with
that,
thank
you
very
much.
It
was
in
my
eyes
it
was
very
protective
meeting,
so
welcome
to
the
new
folks
on
board
and
talk
to
you
in
two
weeks
right.
Thank
you
bye-bye.
Thank
you
bye.
Thank
you.