►
From YouTube: TGI Kubernetes 160: Exploring kube-vip
Description
Notes: https://tgik.io/notes
Come hang out with Naadir Jeewa as he explores something new in the Kubernetes ecosystem. Hang out as we explore something NEW for the first time.
Continuing the CNCF sandbox series, this week we will be looking at kube-vip! (https://kube-vip.io/)
A
A
A
Let's
get
started
well,
let's
wait
for
some
people
to
turn
up
and
get
started.
Just
drop
your
names
in
the
chat
say
hi.
Let's
see,
I've
got
Alex
here
from
North,
California
and
Berkeley.
How
you
doing.
A
Yeah
so
today
we're
gonna
be
looking
at
Cube
whip.
It's
a
little
project.
That's
going
to
be
that
provides
High
availability,
kubernetes
servers
and
load
balancer
services
just
be
warned.
This
is
going
to
be
a
lot
less
polished
than
last
time,
since
the
pressure
of
having
a
guest
on
is
not
here,
got
krkr4
hi
from
Scottsdale
Phoenix
Martin
from
Netherlands.
How
you
doing.
A
And
yeah
so,
but
as
ever,
we've
got
the
notes
if
anyone
wants
to
add
stuff
or
take
or
even
help
out
adding
notes
as
we
go
along.
So
we've
got
I'll
throw
that.
B
A
Links
there
we
go
especially
interested
in
any
news
that
you
think
that's
interesting
today.
This
week,
when
they're
lost
a
couple
of
weeks,
anything
new
and
anything
exciting
you've
seen
in
Cloud
native
landscape
like
to
talk
about.
C
C
A
A
Well,
you
can
really
see
the
brightness
change
so
between
tabs
all
right.
Let's
have
a
look,
so
one
thing
that
I
saw
this
week
is:
oh
I
should
probably
share
my
screen.
That
would
help
hi
Philip
there
you
go.
A
One
thing
that
I
thought
that
was
pretty
exciting
is
swap
support
in
kubernetes
Alpha,
so
spent
the
last
couple
of
years
telling
people
never,
you
know,
don't
ever
run
with
swap
on
a
kubernetes,
and
now
we
have
Alpha
support.
So
Ellen
hashman's
done
great
job
here.
To
have
a
look:
let's
have
a
look
through
the
proposal,
so
what
we're
gonna
do
here?
A
So
it's
probably
worth
thinking
about
it,
because
we've
spent
a
lot
of
time
in
the
kubernetes
Community
saying
you
know
swap
is
bad,
so
I've
not
had
a
chance
to
go
through
this
myself
so
like.
Let's
have
a
look
at
seeing
what
the
deal
is.
Maybe
so
kubernetes
doesn't
support
the
use
of
swap
memory
and
Linux
difficult
to
provide
guarantees
and
then
count
for
pod
memory
utilization
when
swap
is
involved
so
initially
swap.
Sport
was
always
out
of
scope,
so
got
some
motivations
here.
A
So
no
demonstrators
who
want
swap
available
for
node
level,
Performance,
Tuning
and
stability,
reduce
Noisy
Neighbor
issues,
yes,
fair
enough
and
application
developers
who
could
benefit
from
using
swap
memory
so
yeah.
So
a
couple
of
people
have
done
this
right.
So
when
they've
enabled
Swap
and
the
host
system,
and
then
they
might
have
disabled
to
check
so
I
think
you
can
you've
always
been
able
to
I
think
Force
use
Kubler
on
Swap,
and
we
use
that
in
kind,
for
example.
Right
so
where
you
don't.
A
Your
desktop
laptop
is
always
going
to
be
running
with
swap
of
some
sort,
but
you
want
to
be
able
to
run
your
nested
kubernetes
like
for
your
developer
environment.
So
there's
always
been
a
way
to
force.
Enable
kubernetes
to
work
with
swap
is
on
rather
than
error,
but
it
does
it
actively
take
swap
into
consideration
for
memory
decisions
yeah.
So.
A
But
then
we
also
won
it
so
I
guess.
The
use
case
is
really
like
improving
reliability
really.
So
if
you
do
have
a
badly
badly
behaved
application,
that's
scheduled
and
kubernetes
that
you
can
so
you
can
have
it
swapped
a
disk
and
not
have
it
bring
down
the
rest
of
the
stuff.
So
this
is
what
this
design
does.
So
we
had
some
API
changes
that
add
to
the
kiblet
configuration
so
Eric's.
What
what
face
is
that
that's
yeah,
we'll
see
how
it
goes.
It's
Alpha
support
right.
A
It
seems
interesting.
Definitely,
let's
see
where
this
goes:
okay,
yeah,
so
I
think,
as
the
other
part
of
this,
that
I've
seen
is
a
memory
quality
of
service.
That's
been
added,
so
there's
the
ability
to
set
different
lights,
so
you
could
say
that
these
applications
absolutely
can't
run
and
win
Swap
and
some
applications.
A
Yeah
they're
happy
to
be
swapped
out
so
giving
a
lot
more
of
that
sort
of
the
stuff
that
we
normally
have
for
our
applications
on
the
desktop
or
server
where
we
are
able
to
provide
hints
to
the
operating
system
about
whether
or
not
it
should
be
swapped
or
not
like
exposing
that
in
the
scheduler,
so
I
don't
even
adjusting
to
see
how
it
goes
be
see
how
see
where
we
go
with
that.
The
other
thing
I
just
want
to
mention.
I
mentioned
this
last.
A
The
other
week
is
a
lot
of
the
kubernetes.
Maintainers
are
beating
the
drums.
A
I
know
so
latest
versions:
cat
Cosgrove,
so
there
are
apis
being
removed
from
kubernetes
122,
not
stable
ones,
the
beta
ones
so
yeah.
So
if
you're,
using
crd
betas
validating
web
hook,
configurations
mutating
web
configurations
csrs,
if
you're
deploying
like
operators
or
like
Helm,
charts
and
or
building
stuff,
you
need
to
make
sure
that
any
and
you
are
thinking
of
moving
to
kubernetes
122.
You
need
to
make
sure
that
you
don't
see.
A
We
won
beta
ones
of
any
of
these
types
of
resources,
otherwise
they're
not
actually
going
to
work
they're
just
going
to
stop.
Don't
don't
those
apis
do
not
exist
in
122.
You
have
to
use
the
v11
so
start
reviewing
your
applications.
If
you
haven't
already
if
and
make
sure
you're
using,
we
won
lands
and
if
you
are
writing
operators
or
using
any
operators
or
stuff
built
with
Cube
Builder
controllers,
kubernetes
controllers
software
is
whatever
language.
A
You
prefer
make
sure
that
they're
all
using
the
latest
V1
apis
because
they
are
not
gonna
work
yeah
in
122,
which
comes
out
next
month.
You
have
been
warned
all
right.
So
today
we
are
going
to
look
at
Kubrick,
so
full
disclosure
on
this
one.
A
It's
developed
by
was
originally
developed
by
Dan
finan.
It
was
a.
We
were
colleagues
together
at
Pepto,
then
VMware,
and
this
is
like
originally
started
as
a
project
that
you
built
we're
like
trying
to
help
some
customers
out
and
develop,
deliver
High
availability
communities,
Cubit
became
its
own
thing
and
we
started
using
it
in
VMware
in
for
our
stuff
and
I
think
comfortable
other
folk
use.
A
It
I
think
Google
use
it
and
quite
a
few,
quite
a
lot
of
like
generally
people
who
are
you
working
on
on-premise
stuff
and
very
similarly
to
the
conversation
we
had
the
other
week
around
Tinkerbell
about
the
use
cases.
A
So
it's
one
of
these
things
where
you
want
to
have
a
high
availability
control
plane
and
you
want
to
load
balance,
multiple
kubernetes
control,
plane
instances
and
you
want
to,
and
you
don't
have
a
expensive
load
balancer
to
do
that.
For
you,
you
don't
or
you
don't
want
to
go
to
the
hassle
of
setting
up
another
server.
That
is
doing
that
which
might
be
its
own
failure.
Point
like
H
and
H,
a
proxy
or
and
still
went
boy
or
something
like
that.
A
So
Cubit
was
a
little
project
to
do
that
or
just
got
some
comments
in
here.
A
I
got
some
comments
from
Eric
as
well
from
and
Martin
so
doc,
Enterprise
now
MK
enabled
swap
on
kubernetes
nodes
by
default.
That's
interesting
and.
C
A
That's
about
right,
yeah,
yeah,
so
I'm
familiar
with
Kubrick,
but
I
haven't
used
it
for
a
very
long
time.
I
haven't
actually
used
it
outside
of
being
fully
automated,
so
we
are
just
going
to
be
how
we
look
at
it
from
scratch.
Yes
mounted,
then
so
just
go
through
the
little
environment
that
we're
using
so
I've
copied.
I
basically
have
use
the
I've.
Basically
I
haven't
changed
their
moment
that
got
from
two
weeks.
A
Three
two
three
weeks
ago,
when
we
were
looking
at
Tinkerbell,
so
I
have
the
same
sandbox
machine,
which
is
we're
just
going
to
be
SSH,
from
which
I've
renamed
in
me
sphere
to
tgik
sandbox,
but
it's
DNS
name
is
Tinkerbell
sandbox
and
that's
sitting
on
IP
I,
actually
literally
just
cloned
it
now
and
and
I
was
killing
time
waiting
for
real
the
disc
to
get
copied,
and
it
has
so
I'm
gonna
now
I'm
going
to
turn
it
on
and
that
is
gonna
come
up
with
an
IEP
Clash.
A
So
I
probably
sort
that
out
right
now
before
we
go
any
further
right.
So
like
they're,
both
they're
going
to
be
unhappy.
Let
me
just
turn
this
one
off.
A
So
we're
gonna
basically
install
Q
A's
on
these
team
machines
and
make
their
make.
These
two
are
highly
available.
Good
Job
Link
now
I
could
do
this
through
cluster
API,
for
example.
A
I
could
do
this
through
panty
kubernetes
grid,
and
that
would
be
automated
and
it
does
both
of
those
do
you
use
Cube
rip
underneath
it,
but
that
would
be
cheating
so
we're
going
to
do
this
not
completely
the
hard
way,
because
that
would
take
a
long
time
more
time
than
we
got
so
we're
going
to
use
Kube
ADM,
but
we're
gonna
deploy
the
cube
root
bits
manually,
hopefully,
basically
by
copying
what
plus
the
API
does
but
doing
it
manually.
So
we
can
figure
out.
A
C
A
The
White
House
name,
we'll
call
it
a
sandbox.
You.
A
C
A
All
right
we're
doing
Linux
101
today,
Trust.
C
C
C
C
C
A
Switch
today
and
we're
going
to
be
doing
that
to
fiddle
around
with
bgp,
so
just
going
to
check
that
we've
got
everything
we
need
here.
So
we've
got
a
mono3
VLAN
103,
which
is
what
that
should
be
on.
A
That
should
be
connected
to
some
ports.
A
Got
address
and
we've
got
yeah,
so
this
router
is
on
103.1
in
that
VLAN
we
have
some
pools.
A
We
have
that
ports
which
are
wired
up
to
these
vsphere
esxi
hosts
here,
and
they
should
have
so
it's
using
this
Tinkerbell
Network,
which
I
haven't
renamed
or
done
anything.
Weird
we've
got
two
VMS
on
it.
A
C
C
C
A
Come
back
to
this
in
a
minute,
I
think
what
we'll
do
is
I
might
steal
one
of
the
details,
which
I
think
are
mostly
sitting
around
doing
not
much
at
these
days
yeah,
why
not
yeah?
C
A
C
A
It's
got
me
a
classic
fitting
more
than
one
day
away.
This
has
happened
to
me,
yeah
standard
I'm
sure
there
is
some
services
that
I
vaguely
care
about
on
this,
but
nothing
I
can't
rebuild.
Why
don't
Snapchat
asks
for
the
easiest
thing
like
I
think
at
least
bring
this
back
and
see
what,
if
it
whatever
it
was
doing.
A
They
need
to
snapshot
no
matter
right,
so
we're
gonna,
download
cubeadm.
First
of
all,
so
let's
get
that.
C
B
A
So
if
you're
not
familiar
with
keyword,
idiom
you're
using
other
community
stores,
Cube
IDM
is
just
there.
Cli
that
can
deploy
xcd
API
server,
core
DNS,
Coupe
proxy
I
work
in
control.
Plane
runs
them
all
as
static
pods,
so
stackpot
anything
you
drop
in
Etsy
kubernetes,
slash
manifest
we'll
run
as
a
pod.
A
Hopefully
this
is
pretty
certain.
This
machine
was
never
running
kubernetes
in
first
place,
which
is
fine
yep.
So
it's
not
so.
We've
got
a
machine
here,
so
everyone
is
a
high
and
highly
availability,
highly
available
control
plane
to
take
this
one
as
well.
A
So
the
important
thing
to
note
is
like
these:
two
machines
are
on
a
different
network
in
Destiny.
They
are
on
the
same
network
as
the
esxi
hosts
and
the
recenter.
So
we
definitely
do
not
want
to
break
the
networking
today
and
otherwise
things
will
be
become
interesting
but
yeah
so,
but
we
should
be
right.
A
So
what
we
want
to
do
so
we
want
to
create
control
plane,
but
we
want
a
provision.
So
what
so?
If
you
think
about
the
let's
see
if
I
can
get.
B
A
Working
so
my
drawing
is
not
very
good,
but
you're
gonna
have
to
put
up
with
it,
so
we'll
try
it
just
because
I.
C
A
A
So
we're
messing
up
with
this
blocks
called
scaffil,
so
just
for
your
interests,
scaffold
is
named
after
scaffold
Pike,
which
is
a
mountain
in
the
Lake
District.
All
my
servers
are
generally.
My
machines
are
named
after
mountains
in
Europe.
So
that's
what,
where
that
comes
from
that
scaffold,
is
on
192
once
I
mean
2.168.
A
A
A
And
we'll
give
that
236
just
for
some.
If
we
can
so
we
could
provision
a
kubernetes
control
plane
by
default
in
Cube.
Adm
is
going
to
create
a
control
plane
endpoint
with
T5
235,
which
we
don't
want.
It's
going
to
create
that,
but
that's
not
going
to
be
highly
available.
We
want.
We
want
a
1A
like
a
t37
or
something
I
should
draw
knees
at
the
bottom.
That
would
have
been
helpful
and
then
want
the
traffic
to
go
to
either
one
of
these
two,
but.
A
A
We
want
our
virtual
IP,
basically,
so
we're
going
to
use
we're
going
to
give
cubeadm
we're
going
to
hard
code
it
to
use
a
virtual
IP
and
then
we're
going
to
get
Cuba,
which
is
Coupe
virtual
IP
to
be
that
virtual
IP
and
figure
out
how
that
works
along
the
way,
so
that
that's
that's
the
bad
drawing
for
the
moment.
There
might
be
more
basically
see.
C
A
It
goes
yeah
so.
A
C
A
Wow,
okay,
we'll
see
where
we
go
with
that
control
playing
with
up
layer,
2
or
btp
layer
three,
so
we
can
actually
do
either
in
this
scenario,
we'll
go
to
start
off
with
a
little
d
r,
which
is
the
easiest.
A
Simplest
thing
doesn't
require
any
additional
setup
so
just
been
just
denote,
though
you're
you're
not
going
to
be
able
to
use
this
in
Cloud
environments
right,
you're,
not
able
to
use
the
r
player
2
in
AWS,
for
example,
or
Azure.
Actually,
you
can
technically
use
it
I
think
if
you
have
a
lot
of
money
and
can
speak
to
someone
high
up
in
AWS,
you
might
be
able
to
use
it.
But
generally
you
can't
bgp
layer.
Three.
A
There's
some
hacky
ways
to
do
that
in
public
Cloud,
but
at
the
end
of
the
day
a
lot
of
the
routing
is
managed
through
infrastructure
apis.
A
So
you
would
need
some
way
of
translating
bgp
to
infrastructure
routing,
so
AWS
does
support
bgp,
but
only
over
a
VPN
tunnel
to
a
data
center,
not
ins
internally,
I,
don't
think
so
yeah.
So
you,
the
only
way
you
can
only
be
able
to
play
around
with
this
is
like
with
actual
infrastructure.
A
So
you
could
do
it
on
the
Raspberry
Pi
those
are
fairly
doable
and
then,
if
you
want
to
do
bgp,
then
you
need
to
have
like
a
sum
switch,
whether
or
not
that's
maybe
connected
to
the
Raspberry
Pi's.
That
can
do
that
or
some
root
some
router.
That
can
do
that.
So
I
happen
to
have
a
primary
that
does
pgp
it's
not
the
one,
that's
directly
connected
to
the
internet,
so
it's
the
switch
for
the
for
the
flat
and
then
there's
a
another
PC
that
access
to
router.
A
That's
then
connected
to
the
DSL
modem,
yeah,
so
control
plane
using
either
leader
election
or
raft
as
we'll
go
through
those
two.
So
I
didn't
know
it
did
raft
separately.
So
we'll
go
through
that.
So
leader
election
is
the
one
mode
that
we
use
in
cluster
API.
A
So
this
is
what
we're
going
to
do:
we're
going
to
be
deploying
cubadm
as
a
static
pod
to
start
off
with
and
then
we're
gonna
deploy,
Cube
whip
again
on
top
of
the
newly
created
cluster
to
give
us
load
balancer
services,
and
we
might
take
a
look
at
like
what's
the
difference
between
this
and
say
something
like
metal
lb,
she
might
be
an
interesting
thing
and
then
finally,
we've
got
this
one
here,
which
we
won't
be
playing
around
today.
A
A
So
this
is
like
this
is
how
you're
punching
holes
through
firewalls
like
a
PlayStation
or
a
game
like
you
know,
old
school
Skype
might
have
done
or
your
favorite
torrent
engine
or
something
like
that
back
in
the
day,
I
think
I
I
assume
most
people
do
not
turn
on
new
PMP
these
days,
so
I
don't
really
have
have
it
enabled
or
even
the
ability
to
turn
it
on.
So
that's
that
yeah.
A
So
that's
what
we're
going
to
be
doing
so
we're
good,
so
we're
going
to
install
qbip
as
a
static
pod.
So
the
easiest
way
that
I
know
to
do
that
is
to
rip
off
that
configuration.
We
use
in
cluster
API,
vsphere,
so
I
know
it's
hidden
inside
this
cluster
template.
A
Yeah,
if
you
want
to
learn
about
class
API
this
previous,
there
are
previous
episodes
on
that.
So
if
you
are
from
new
cluster
API,
then
oh-
it's
not
in
here!
Oh
no.
A
So
we've
got
this
embedded
manifest
that
we're
going
to
pull
out.
A
But
get
rid
of
this
crop,
so
this
stuff
is
in
here
because
the
her
template
is
programmatically
generated.
A
C
B
A
A
192.168.192.337,
let's
just
check
that's
not
in
use
by
anything
foreign.
B
C
A
All
right,
we'll
use,
we
use
zero,
three
four.
So
what
have
we
got?
Let's
just
check
what
we've
got
this
release
so
IPv6,
so
we
might
have
a
playground
with
IPv6,
we'll
see
where
we
go
get
our
tea.
This
release
we
implements
DHCP
in
previous
failed
interfaces,
allows
for
so
that's
interesting,
so
you
could.
A
You
can
get
the
we
could
get
the
VIP
address
from
DHCP
itself.
Should
we
do
that.
A
Let's
just
stick
with
static.
Why
not
right?
We
got
that
so
zero.
Three
four
is
the
latest
that
I
seem
to
be
able
to
pull
from
Dr
hub.
So.
C
A
Got
the
art
mode
enabled
VIP
leader
election:
let's
go
we'll
have
a
look
at
what
that
is
in
a
minute:
880,
VIP
interface.
That
is
probably
not
what
I
want
all
right.
Let's
just
check
that.
C
C
C
A
For
those
who
don't
know
so,
those
instructions
that
I
just
followed
from
the
community's
website
just
installs
a
systemd
unit
for
cubelet,
which
just
goes
into
it
infinite
Loop
because
it
doesn't
have
any
configuration
so
Cube
ADM
is
going
to
write
a
whileibcubelet.config.yaml
to
make
cubelet
work.
C
A
A
A
So
we're
doing
all
that
there
we
go
so
that's
the
one
we
want.
We
want
advertise
address,
we're
going
to
change
that
advertise
address.
C
C
C
C
A
A
Oh
yeah
and
I
pretty
have
swap
on
this.
There
you
go.
C
Yeah
yeah.
A
Ip
tables
does
not
probably
is
not
to
play
well
with
that
so
kind
of
sorted
swap.
C
A
A
number
of
available
CPUs
is
less
than
one.
That
is
true,
and
why
don't
we
fix
that
before
we
go
any
further.
A
C
B
C
C
A
A
A
C
A
You
yeah
I
suspected,
we
might
not
have.
We
might
have
a
bad
time
with
cool
party
if,
without
those
foreign.
A
A
The
machine
is
TV5,
tv7
is
what
we
want,
but
now
that
you
say
that
I
will
check
this.
That's
so
that's
the
address
that
we
wanna
exercise.
A
C
C
A
We'll
see
what
happens,
rock
is
still
supported
for.
A
Scheduler
controlling
manager,
images
and
then
it's
gonna
instantiate
the
control
plane
also
doing
that.
I
might
just
have
a
quick
check
around
those
other
machines,
so.
A
C
A
Okay,
so
okay,
let's
dive,
we
should
have
been
paying
attention
a
bit
more,
so
we
will.
A
Anyone
know
a
way
to
perform
all
these
Kate's
installations
via
terraform
I,
don't
know
specifically
with
terraform
but
I'm
sure,
there's
ones
that
do
that
I
know:
chaops
stamp
used
to
be
able
to
Stamp
Out
terraform,
but
I
think
they
might
have
moved
away
from
that
in
later
releases.
A
Betting,
Google
I
know
people
who
mix
their
form
with
class
API,
for
example.
This
is
not
how
you
would
normally
install
kubernetes
right.
So
we're
doing
this
specifically
to
do
that.
So
we
had
a
problem
here
and
we're
gonna
have
a
look.
Why
so?
Yes,
I
need
it.
A
And
it
blew
away
the
Manifest
directory,
which
is
where
it
had
the
cubelet
configuration.
So
let's
just
put
that
back.
C
A
C
A
C
A
Yeah
and
my
maker
is
potentially
off
topic,
but
beside
cluster
bit
API.
What's
the
best
way
to
automate
these
installations,
so
I
don't
know
I,
think
chaos
is
pretty
good.
These
days
and
I
know,
it's
got
support
for
quite
a
few
things,
and
not
just
AWS
these
days.
So
we'll
take
a
look
at
that
yeah
so
and
Rio
mentioned
k3s
as
well.
So
it's
that's
a
sort
of
slimmed
down
kubernetes
distribution.
So
you
might
want
to
look
at
that.
A
And
Mia
mentions
using
terraform,
Liber
and
cloud
in
it
to
orchestrate
these
things
yeah,
so
that's
very
similar
to
what
cluster
API
is
doing
anyway.
So
I
think
those
are
generally
the
way
to
go.
You
want
to.
You
want
to
be
using
ideally
playing
around
with
immutable,
orchestrating
machines
in
such
a
way
that
your
Building
images
with
everything
baked
in
rather
than
installing
them
on
the
fly
like
I'm
doing
now,
which
is
you
know
prone
to
failure.
A
It
might
not
download
things
off
the
internet
correctly,
like
pre-bake
as
much
as
you
can
and
then
like
have
the
ability
to
spin
out
machines
based
on
images
using
something
like
cloud
in
it
to
give
that
initial
bootstrap
data,
and
that's
what
like
think
about
like.
A
If
we
look
look
the
other
week
where
we
looked
at
think
about
that
also
is
that's
another
way
of
achieving
that
without
sort
of
cloning
hard
disks,
but
having
the
ability
to
write
a
disk
image
to
a
machine
as
it
boots
up
and
doing
that
in
an
automated
way.
So
anything
you
can
do
around
that,
and
you
can
do
that.
You
can
wrap
that
in
tail
form.
A
You
can
wrap
Cube
ADM
in
terraform
as
well
right,
but
yeah
you
don't
what
you
don't
want
to
do
in
this
situation
is
like
start
up
with
a
very
bare
machine,
say
like
just
a
plain
in
this
case
a
fedora
32
or
on
Ubuntu
20a4
and
go
through
those
manual
installation
steps.
You
want
to
have
that
as
much
sort
of
ready.
A
Already
by
the
time
you
turn
the
machine,
especially
if
you're
operating
in
the
cloud
right,
because
then
in
those
scenarios
you
you
often
want
to
scale
out
your
infrastructure
as
quickly
as
possible,
and
you
don't
want
them
to
spend
20
minutes
downloading
software,
so
the
quicker
those
machines
can
turn
on
get
working
the
better.
A
So,
let's
just
check
we've
got.
We
still
do
not
have
c
groups
installed,
so
let's
just
make
sure
we've
got
that
I'm
sure
there's
another
way
to
do
that.
A
A
A
A
C
B
C
C
B
B
C
A
Correct
Alex
got
comment
from
Alex
I,
guess:
I'm
old
school
musician
with
shell
Scripts.
So
that's
for
an
intro,
Kate's
class.
Yeah
I
think
it's
reasonable.
If
you're
teaching
cabernets
you
wanna,
you
don't
want
to
fully
automated
process
that
hides
like
what's
actually
happening
like
we're
doing
here
right,
so
you
don't
perfectly
makes
perfect
sense
to
okay
through
manually
and
show
that
yeah
people
weren't
gonna
know.
Oh,
oh.
Yes,
they
need
to
be
over
the
spot.
Yes
secret.
Three
two
is
on
and
we
don't
want
that
for
certain
versions
of
kubernetes.
A
If
you
just
provide,
we
could
go
through
the
plus
API
quick
start,
but
I
would
hide
a
lot
of
what's
happening
and
just
it
would
then
still
keep
it
for
us
and
it
would
just
be
there
and
like
that.
We
don't
learn
anything
well.
We
don't
learn
much
from
that,
be
a
nice
demo.
I
guess
foreign.
A
We
are
now
in
the
early
and
we're
now
in
the
mid
2010s
and
have
doctor
running
and
let's
see
if
we
can
get
kubernetes
circuit
right
in
it,
config
all
right.
Let's
just
check
that
kubernetes
manifest
all
right.
So
let's
do
reset,
let's
make
sure
everything's
zero
it
out.
Let's
make
sure
we
put
this.
C
A
A
Philip
yeah,
we
would
play
shell
with
ansible,
yet
fair
enough
is
that
with
using
Cube
spray
or
your
own
great
ansible
and
krk4,
we
use
egas
Easy
Peasy
fair
enough
right.
Finally,
we
have
a
kubernetes
control
plane,
but
we
did
not
get
the
result.
We
want
it's.
We
wanted
the
237,
not
the
TV5,
so
I'm
sure
there's
actually
something
else
we
need.
That
is
not
what
we
want.
We
want
it
to
get
the
t37.
A
All
right,
so
we
do
have
a
working
kubernetes
cluster,
but
we
don't
have
the
high
availability,
so
I
can
provision
another
control,
plane
machine,
but
we
don't
have
high
availability
because
we're
at
our
everyone's
Cube
config
is
going
to
point
at
this
tp5.
That's
what
the
certificates
advertised
for.
So
it's
not
actually
going
to
give
us
what
we
want.
So
this
we
need,
you
can
get
a
control
plane
endpoint.
So
if
anyone
knows
offhand
with
control,
plane,
endpoint
actually
ends
up
in
that.
Otherwise
we
will.
A
A
So
it's
gonna
wipe
out
hcd
get
the
certificates.
We
haven't
really
done
much.
We
keep
it
up
to
us.
I'm,
not
gonna,
worry
too
much
around
IP
table
as
well.
A
Okay,
it
looks
like
we,
we
are
closer
to
what
we
want.
So
we've
got.
We
can
kind
of
see
it
here,
API
service
serving
Set
1096.
Oh
I,
guess
that's
an
accident,
it's
probably
something
with
Docker,
but
he
didn't
need
that
at
all.
Who
cares?
We've
got
the
host
iPad
there
and
then
we
got
the
rip.
So
these
are
all
going
to
be
in
the
subject
to
alternate
names
that
IP.
This
has
now
worked
right.
So
if
we
just
think
about
what.
A
It's
also
been
many
years
since
I've
used
one
though
so.
This
is
the
tablet
that
I
bought
recently,
and
this
is
the
first
chance
I've-
probably
got
to
use
it.
So
there.
B
A
A
Okay
cool,
so
we've
got
Kibler.
A
Api
server
pubert
cubelet
is
chatting
to
that
API
server,
but
on
that
237,
so
the
white
Cube
ADM
works.
It's
it
spins
up
the
xcda.
It
generates
bunch
of
certificates.
Basically,
so
it
generates
CA
certificate
for
kubernetes
CA
cert
for
xcd
the
front
proxy.
A
Something
else
generates
client
certificates
for
API
server,
to
connect
to
xcd
client
certificate
for
Kubler.
To
connect
to
no
it
doesn't
connect
doesn't
actually
does
not
use
a
client
certificate
for
Kubler.
It
then
generates
a
service
account
token,
with
bootstrap
token
hands
that
to
Kubler
for
Kubler
to
then
connect
to
the
API
7
register
itself,
so
reset
control,
plane,
endpoint
2.237,
so
the
Kubler
config.
If
we
take
a
look
in.
A
Was
if
we
saw
at
the
beginning
it
was
just
the
system:
D
was
just
restarting
cublex.
Cubelet
was
exiting
because
there
was
no
config
and
was
just
and
then
systemd
would
wait.
10
seconds
then
restart
it.
A
So
kubernetes
generates
this
comfy.yaml,
but
that's
not
actually
config
that
I'm
thinking
about
I'm
actually
thinking
about
just
another
one.
Isn't
it
there's
the
cube
config
to
it?
Oh
no.
This
is
the
great
one.
A
Any
good
drawing
tablet
and
Pen
I
am
using
something
like
the
XP
pen,
I'm,
just
not
very
good
drawer
and
I'm
using
and
I'm
also
using
the
OneNote
web
as
well.
So
it
doesn't
have
all
the
pressure
sensitivity
so
that
that
is
the
Badness
is
not
the
tablet.
The
Badness
is
me
right.
So
we
have
this
cubeconfig.
A
Yes,
it's
got
server.t37,
so
initially
it
would
have
started
off
with
a
bootstrap
token.
Cable
at
10
creates
a
certificate
signing
request
to
puts
the
certificates
signing
quests
on
the
API
server
and
then
kubernetes
controller
manager,
signs
that
Certificate
request.
Coverlet
then
downloads
that
certificate
and
gets
going.
A
So
it's
continually
connecting
over
this
endpoint.
So
we
know
this
endpoint
works
now
and
and
also
I.
That
means.
A
I
can
ping
it
from
here
from
my
machine,
so
I
am
also
not
on
the
same
network,
so
I'm
on
to
put
disconnect
from
that
VPN.
Don't
need
to
be
on
that.
C
A
That's
that's
interesting,
I
didn't
realize
it
was
doing
that
I
seem
to
be
on
the
same
network
20
times
10
times
some
I
think
I'm.
On
the
same.
So
technically,
my
I
think
my
IP
address
is
one
of
these
is
well.
It's
10.3.6
210
through
220
I.
Think
so
what
what's
happened
there
is
the
network
card
I've
got
installed
in
my
desktop.
A
Right
so
I'm
on
a
different
network,
so
I'm
on
a
10.3.6
network.
My
network
card
is
got
a
bunch
of
virtual
functions
and
for
some
reason,
they're
all
on
they're
not
supposed
to
be
so
I'm.
One
of
these
IP
addresses
wait.
I
suppose
you
should
be
able
to
tell
from
the
roots
so.
A
Oh
yeah,
that's
like
that's,
no
help
so
yeah,
okay,
fine,
I,
I!
Guess
it's
Ian,
emp4so
fo,
the
one
that
isn't
the
virtual
function.
So
it's
this
one
10.3612
okay,
so
that
that's
the
one
I'm
on
mostly
that
can
also
be
other
IP
address.
Okay,
so
they're,
segregated
layer,
T
networks
and
then
that
my
microtic
router
is
sitting
in
between
is
routing
between
those
two.
So
this
endpoint
is
now
working,
it's
being
rooted
correctly,
which
is
great
it's
what
we
want.
So
let's
have
a.
A
Let's
have
a
quick
look
at.
What's
happened
here,
so
we've
got
must
have
an
IP
address.
Yes,
we
do
so.
We've
Kubrick
has
added
the
237
address
to
this
interface,
which
means
it's
now
responding
to
up
requests
right.
So
this
is
what
we've
been.
A
This
is
the
art
mode
that
we
started
off
with
so
what
we?
What
we
have
is
when
I
ping
from
my
machine.
A
Ferno's
got
better
ideas
for
like
app
on
Linux
than
this.
That
would
be
helpful.
That
might
be
good
in
future,
so
we've
got
oh
God.
A
And
I
believe
this
is
called.
This
is
on
VLAN.
A
A
A
And
that's
a
DOT
two
three
five
and
up
t37,
so
whenever
I'm
pegging
to
two
feet
to
t35
I'm
selling,
IP
packet
to
103.6.1
with
destination.237,
this
microdick
router
knows
to
root
that
traffic
to
VLAN
192.
When
it
gets
to
this
point,
it
then
sends
out
an
up
message.
A
Up
who
is
dot
237
and
this
scaffold
machine
is
this
running?
I
am
t37
with
Mac
address,
whatever
there
is
in
the
in
whatever
it
is
in
the
vsphere,
so
it's
responding
with
the
you
know:
dot
t37.
It
exists
on.
A
On
this
address,
so
both
of
these
addresses
are
coming
from
this
Mac
address
and
then
that
microdick
router
knows
the
forward
packets
2.237.
So
that's
the
standard
sort
of
up
method,
so
just
got
oh
yeah,
thanks
ymo.
If
you
can
find
Noel
suggested
that
scally
draw
I
just
might
make
a
note
of
that
somewhere.
Try
expandable.
A
Oh
ATL
does
that
IP
Command
come
with
your
OS,
so
that's
the
standard
IP
tools
for
Linux,
so
there
used
to
be
the
ifconfig.
Oh
I
mean
if
config's
still
there,
but
IP
is
the
IP
utils
V
version
two,
so
that
all
has
all
the
proper
AP
resets
for
it
does
it
unifies
a
configuration
of
layer,
2
stuff
around
tunneling
rooting,
like
all
of
the
major
networking
features
the
Linux
can
be
configured
through
that
IP
Command
these
days,
so
yeah,
that's
just
what
that
is
yeah.
So
it's
the.
B
A
Version
of
ifconfig,
I,
guess
and
Critter
I
do
have
Creator
installed.
That's
I
might
try
that
next
time
yeah
one
though
it's
definitely
worked
good
on
Windows
I
have
to
say,
but
it's
been
many
years
so
I
used
to
when
I
was
a
student.
I
had
I
had
one
note
so
Anna,
oh
I
had
a
tablet
with
that.
It
was
pretty
good
then,
but
obviously
on
the
web,
one,
it's
pretty
Limited,
so
that's
kind
of
what
Kubrick
is
doing
so
the
other
part
of
this.
A
How
does
Kubrick
know
that
it
can
use
this
IP
address
because
you
might?
What
you
have
is
two
machines
so
we'll
see
if
we
can
get
there
I?
Might
it
might
fail
me
to
get
that
going
we'll
get
we'll
might
hijack
that
other
machine
so
that
other
machine
is
called
akka.
A
So
going
back
to
my
problem
that
the
early
on
this
evening
so
I
have
two
machines
that
we
advertise
the
same
IP
address
and
then
networking
broke
right.
So
you
can't
really
do
have
that.
So
this
one's
dot,
two
three
five
I'd
forgotten.
What
this
Echo
is:
it's
something
dot
just
for
sake
of
arguments,
dot,
two
three
six
and
then
we've
got
this
VIP,
which
is
dot
two
three
seven.
We
only
want
one
of
these
machines.
A
A
So
this
Ackers
two
three
six
is
scaffolds
tp5.
We
only
want
one
of
these
machines
to
be
dot
two,
three,
seven
or
any
one
time
so
Kubrick
has
two
different
modes
in
which
it
operates.
So
we
go
back
to
that.
A
Not
not
these
two.
A
Go
back
to
the
dots
Maybe
right,
so
leader,
election
or
raft,
so
we
have
to
actually
just
use
the
leader
election
mode,
so
that
link
has
taken
me
to
kubernetes
client
go
so
if
you've
ever
you
the
client
go.
Is
there
is
a
package
you?
If
you
hear
anyone
in
the
kubernetes
community
say
client
go,
is
a
package
for
written
and
go
that
those
that
wraps
the
apis
for
kubernetes,
it's
a
bunch
of
and
gives
you
the
ability
to
interact
with
kubernetes
I
had
a
bunch
of
utility
packages.
A
One
of
these
utility
packages
is
leader
election.
So
this
leader
election
package
is
able
to
use
kubernetes
to
do
this
sort
of
standard
leader
election
process
where
and
I
believe
it
works.
People
can
keep
me
honestly,
but
I
believe
it
sets
say
Con
well,
we
can
have
a
look.
It
sets
up,
we'll
have
a
look.
Look
in
a
minute
sets
up
a
config
map
and
then
has
is
creates
a
lock
on
that
config
map
and
whoever
is
owning.
A
It
has
to
do
a
menu
on
that
config
map
and
if
they
fail
to
do
that,
then
the
other
host
can
take
over.
So
it
does
rely
on
kubernetes
itself,
so
what's
happening
in
Cuba
is
the
API
server
comes
up
as
soon
as
the
API
server
is
running
locally,
so
this
is
the
interesting
bit.
The
API
server
is
coming
up
locally.
Cubelet
has
not
yet
registered,
but
qvip
is
configured
to
talk
local
on
localhost
to
that
API
server
and
use
that
immediately
for
leader
election.
A
A
A
's
dropped
a
admin
cubeconfig
in
here
so
before
we
go
any
further.
Let's
just
make
life
slightly
easier
for
us
ourselves
and.
A
C
C
A
A
Core
DNS
is
not
running
because
we
need
to
put
some
CLI
I,
see
it
cni,
so
we
need
to
put
container
network.
So,
let's
just
quickly
install
I,
think.
A
So
it's
just
install
Android
could
be
anything.
It
doesn't
really
matter
just
one.
That's
it
not
installed,
okay,
so
that
core
DNS
should
come
up
in
a
minute.
It's
not
important
for
this
okay.
This
is
this.
If
I
do
keep
config
map
and
Cube
system,
then.
C
C
C
A
Right,
so
it's
not
a
config
man.
That's
my
mistake!
So
it's
actually.
There
is
a
lease
object,
so
we
can
have
a
look.
Let's
have
a
look
at
that
one
there
you
go
so
I've
learned
something
new
today
didn't
realize
it
was
specific
resource,
for
this
makes
sense
better
than
using
config
map,
I
guess
so
yeah,
so
kubits
acquired
it
at
a
certain
time,
every
15
seconds.
It's
gotten
renew
it
by
that
time.
A
A
C
A
Let's
set
cdl's
installed
and
let's
install.
A
C
C
A
A
A
Right
so
the
other
thing
we
need
to
do
is
we.
We
need
to
do
something
with
Cube
EDM.
My
memory
says
to
me,
so
it's
another
area
that
would
normally
be
automated
by
cluster
API
or
any
any
of
the
other
consumers
is.
We
need
to
generate
this
token.
A
C
A
C
C
A
We
also
want
to
put
the
debate
manifest
in
here
as
it's
a
static
plot.
A
Okay,
so
that's
a
sort
of
new
pre-shared
key
that
we
have
for
for
joining
control
plane.
So
we
now
do
odium,
join
192,
168,
192.237-6443.
B
A
And
then
we'll
do
this
all
again,
but
with
bgp
we'll
see
how
that
one
works.
A
So
whilst
that's
happening
well,
let's
do
some
setup
for
the
bgp.
So
let's
have
a
look
at
Key
roof
again,
it's
probably
this
moment
where
we
need
to
go
to
the
docs,
probably
because
right.
A
Potentially
asked
by
the
way,
even
for
this
one,
the
cubadium
config
is
with
the
same
rip.
Initially,
yes,
because
Cube
rip
is
going
to
wait
for
valued
certificate
and
then
attempt
to
be
a
leader
election
and
it
will
fail
and
we
already
have
a
machine-
that's
connected
to
the
right
place.
A
A
A
Yeah
and
tracing
crash
loop
back
off,
okay,
let's
maybe
some
weeks,
what's
taking
a
risk
running
entree
on
the
main
branch,
so
probably
shouldn't
have
done
that
anyway,
not
important
for
the
purposes
of
this
one
just
yet
what
we
might
do
is,
let's
see
how
this
bgp
works
because
I'm
interested
in
that
one,
but
we
need
to
do
some
setup.
So,
let's
we've
got
a
bunch
of
configuration
options.
Let's
go
now
to
Twitter.
A
A
There's
still
some
bits
of
this
that
I
don't
fully
understand
that
do
that
oh
I
really
did
not
want
my
address
to
just
pop
up
on
the
screen
like
that.
Anyway,
that's
Jesus,
Christ,.
A
Okay
so
disable
that
automatic
filling
of
addresses
not
helpful
a
remote
address,
so
we're
going
to
give
it
actual
IP
address
of
one
of
these
machines
I'm
going
to
give
it
a
remote
super
bgp
expert
I'm.
Just
going
to
give
this
a
random
number,
3001.
C
A
And
then
we've
got
instance
in
the
this
address
is
65530,
so
we
are
going
to
configure.
A
News
when
advertising
bgp
addresses,
we
can
keep
that
as
default.
C
A
Six
five
five
three
zero,
so
it
needs
to
be
string
quoted
and
we
don't
have
any
password
yeah
we're
not
under
we're,
not
advertising
bgp
roots
on
the
internet,
so
that
we
should
be
safe,
ish
enough,
so
I
think
that's
all.
We
need
to
do
so
we'll
find
out.
If
this
will
work,
I
guess
so
we're
going
to
stick
with
leader
election
or.
C
A
We
try
the
raft
and,
let's
let's
so,
how
does
the
raft
stuff
work
so
I
guess
the
other
mode
for
Cuba
is:
has
its
own.
A
Raft
election
so
I'm
not
sure.
A
Doesn't
seem
to
be
instructions
that
present
about
how
to
enable
it
so
just
be
just
make
everyone
aware
so
Dan's,
where,
like
some
of
this
is
not
the
documentation's,
not
all
there
at
the
moment,
so
we'll
improve
pivots
just
become
part
of
the
cncf
sandbox.
A
So
it's
going
to
improve
over
time,
so
some
of
the
bits
missing
so
that
we
don't
so
we'll
skip
over
that,
because
I
don't
see
how
to
use
it
at
the
moment,
we'll
stick
with
the
kubernetes
leader
election,
but
we
will
try
out
the
bgp,
as
that
seems
to
be
there
and
we
seem
to
have
all
the
bits
available
to
do
that.
What
we're
going
to
do
now
is
with
this
cluster
is
we're
gonna
activate
in
reset
both
of
these
boxes.
They're
all
gonna
go
two.
C
A
And
hopefully,
once
I've
got
this
b2p
one
we'll
play
around
with
that.
The
load
balancer
bits
which
are
and
then
we'll
call
it
a
day.
A
A
Which
cluster
am
I
writing
lower
till
just
running
a
plane
playing
kubernetes
v1213,
so
it
just
started
with
the
cube
ADM
CLI.
So
there's
no,
no
particular
flavor
or
distribution
just
straight
up
from
kubernetes.io.
Nothing
special.
A
Philip
metal
would
be
still
not
considered,
production
ready
or
seems
Cube
rip
is
much
more
when
it's
used
in
cluster
API,
yeah
I
yeah
we'll
come
on.
Come
on
to
that.
If
I
think
that's
I,
don't
know
if
it
metal
will
be,
has
been
around
for
longer
because
has
joined
the
cncf
sandbox
and
it
has
been
used
in
products
such
as
time
to
kubernetes
grid.
A
So
so,
but
at
the
moment
most
I
think
most
people
using
qubit
for
using
it
for
the
API
server,
low
Bouncer
and
the
stuff
around
load
balancer
for
services
is
neural,
whereas
for
metal
will
be
that's
where
what's
always
been
used
for
so
I
think
Mel
will
be
still
a
reasonable
solution.
Maybe
the
future
is
too
bit,
but
I
think
is
where,
where
we're
going.
A
A
A
I
think
production,
ready
and
in
the
world
of
kubernetes
means
a
lot
of
different
things
to
lots
of
different
people.
A
A
C
A
Then
we
already
SS
h10
quite
a
couple:
PS,
oh
yeah,
so
we
are
using
containerdy,
not
proper
good.
A
Okay,
we're
using
both
I
do
not
see
Cube
bit
running
because
I
seem
something
went
wrong
with
our
configuration.
A
A
Yeah
so
queen
of
it
must
have
died.
Yes,
there
you
go.
A
And
I
don't
even
have
Vlogs
for
it,
which
is
fantastic.
Let's
helpful,
exited
immediately.
C
A
C
A
Oh
God,
if
anyone's
got
any
ideas,
I
am
open
to
them.
Let's.
A
With
Docker
logs,
it
works
better.
Oh
there
we
go
starting
a
pgp,
actually
we're
actually
in
dog
invalid
router,
ID
format.
Okay,
fine.
C
C
A
C
A
A
A
Okay,
and
in
fact
it
might
not
make
any
sense
because
it's
always
just
gonna
Arc
the
237,
so
it's
gonna
be
more
important
when
we
set
up
the
load
balance
provider.
So
we'll
just
do
that
been
going
for
two
hours,
so
we'll
we'll
spend
another
another
half
hour
and
then
we'll
call
it
done.
People
people
want
to
stick
around
right.
So.
A
A
A
Is
that
that
break
we'll
revert
this
back
to
up,
but
we
will
set
up
cubic
again,
but
this
time
as
the
load
balance
boy,
so
we'll
install
a
cni
that
actually
works
not
not
and
Trail
off
the
main
branch,
we'll
put
a
release,
a
working
release
on
and
then
install
Cubit
as
the
demon
set
on
top,
where
it's
providing
these
load
balance
services.
And
in
that
case
we
will
use
bgp.
A
C
C
A
A
A
A
Okay,
why
don't
we
to
look
at
their
load,
bands
and
stuff-
maybe
we'll
figure
it
out
at
the
end
and
then
test
the
failover
Okay
so.
C
A
Th
we're
just
going
to
go
with
a
single
control,
plane
note,
which
is
advertising
via
P,
so
what
we
want
to
do
because
this
is
still
this
can
still
be
a
useful
thing
even
on
a
single
control,
plane,
instance
or
but
more
like
so,
if
you're
in
a
Data,
Center
and
you're,
you
do
not
want
a
low
and
you're
deploying
lots
and
lots
of
services.
A
You
do
not
want
machines,
adsizing,
a
whole
bunch
of
art
requests
all
over
the
place,
so
bgp
is
a
much
better
way
of
managing
so
the
deployment
of
services
and
making
those
services
and
pods
rootable.
A
A
Okay,
so
we're
gonna
have
a
look
at
this.
Oh,
we
need
to
install
the
cni
right
so.
C
A
Okay,
so
we'll
wait
for
that:
it's
got
money,
so
don't
don't
just
install
your
own
files
off
the
internet.
Normally
I
just
have
to
know
that
one
so.
A
Don't
do
as
I
say
and
don't
do
as
I
do
peace
right.
So
we've
got
the.
A
Okay,
so
what's
it
gonna
do
in
sourcing
Cube
system?
So
that's
I!
Guess
it's
been
considered,
so
they
considers
itself
a
provide.
A
cloud
provider
of
sorts
I
mean
this
argument
today.
It
shouldn't
should
always
use
its
own
namespace
rather
than
possibly
polluting
the
cube
system.
One
yeah!
That's
that's
right!
So
what
we'll
do
is
we'll
install
this?
Does
it
seem
to
have
many
other
options
than
that?
So
let's
have
a
look
at
the
do
any
configuration
around
it
that
uses
a
config
map.
A
To
put
a
config
map
in
the
cube
system
and
put
some
information
around
service
will
take
an
address
based
upon
its
name
space
pool.
These
would
look
like
the
following:
okay
interesting:
how
do
we
configure
that
so.
A
A
Okay:
let's
see
how
this
works
so
I
guess
it's
going
to
use
the
art,
then
I
suppose
right,
we'll
see
right.
C
C
A
Yeah,
that's
why.
A
Let's
reset
this
again
on
so
another
thing:
there's
another
thing:
I've
forgotten
from
plus
API,
so
we
should
have
said
set
the
Pod
and
service
cidrs,
which
we
did
not
so
Andrea
doesn't
know
what
to
use
and
therefore
broke.
So
that's
that's
pretty
normal
all
right.
So,
let's
deploy
that
qubit
with
the
bgp
again.
So
I
think
this
is
what
we're
supposed
to
be.
C
C
C
Is
not
so
which
I
use.
C
B
A
A
A
Okay,
got
there
in
time:
okay,
fine,
so
we've
got
we're
back
to
where
we
were
so
now
we
are
going
to
install.
C
A
C
A
C
A
C
C
C
C
A
A
So
that
two-bit
cloud
provider
doesn't
have
the
tolerations
for
control
plane,
so
it's
it
didn't
actually
start
yeah,
so
I
think
I
might
not
have
been
sharing
my
screen
for
a
bit,
so
yeah
potentially
noticed
so
yeah.
If
we
moved
to
paint
for
the
control
plane,
we've
got
a
nginx
running.
A
I've
got
a
service,
so
I
had
put
a
service,
but
it
was
stuck
in
pending,
and
that
was
because
the
qubit
cloud
provider
didn't
have
the
Toleration
tank.
So
hopefully.
A
A
To
rip
to
actually
do
the
work,
so
the
way
this
works
is
cubic
cloud
provider
creates
a
is
creating
this
com
config
map
for
keyboard.
To
then
actually
do
the
work,
so
the
cloud
provider
actually
is
sort
of
sits
as
a
a
intermediated
between
kubernetes
and
whatever
is
doing
the
actual
work.
So
I
assume
that
I
need
to
give
Kubrick
permissions.
A
C
A
Okay
so
I
don't
think
well,
my
quality
day
is
going
going
for
two
and
a
half
hours,
so
in
theory
had
we
got
this
working
then
we
would
have
got.
What
would
have
happened
is
Cuba
would
have
told
my
router.
So
this
is
the
difference
between
up.
So
how
do
we
use
the
up?
The
service
IPS
that
we
could
advertise
would
have
to
be
in
the
same
IP
address
range
because
of
this
layer.
A
3
network
is
conductable
wire
wired
the
host,
that's
one
in
Kubrick
that
knows
how
to
root
it
to
the
pod.
So
that's
why
we
use
bgp.
So
in
the
bgp
scenario,
cubic
can
tell
the
router
if
you
want
to
root
traffic
to
this
IP
address
Global
IP
address
range
that
we
had
set
up,
because
the
192
168
64.0
24
then
send
all
send
that's
rootable
by
me.
So
what
would
actually
happen
is
when
I
ping,
that
my
router
will
then
contact
this
scaffold
host
as
a
router
saying.
A
Can
you
forward
traffic
onto
this
network?
So
this
allows
you
much
greater
scalability
around
like
building
out
your
services,
but
they
don't
have
to
have
conflicting
IP
address
space
with
your
nodes.
So
this
is
what
it's
why
you're
going
to
see?
A
So
if
we're
looking
at
this
versus
Metal
will
be
I,
think
one
of
the
compute
conclusions
we
can
reach
about
this
is
there's
probably
some
work
to
be
done
in
terms
of
getting
the
documentation
what
to
scratched
or
filling
in
some
of
the
details
around
what
is
doing
what
so
we
know
that
so
metal
will
be,
does
much
of
the
same
similar
kind
of
bits
and
pieces.
So
it
does
this
bgp
pairing.
A
It
has
a
sort
of
standardized
architecture
around
performance
around
using
top
of
rack
routers
to
to
optimize
traffic,
because
you
don't
want
again
with
bgp.
You
don't
want,
like
loads
of
very
big
root
tables
floating
around
your
data
center,
so
the
ability
to
use
top
of
rack
routers
to
minimize
the
number
of
hops
and
routing
table
complexity
is
important.
So.
A
There's
definitely
a
lot
more
flexibility,
potentially
with
Kubrick.
Having
that
up
support
having
things
like
upmp
DHCP
support,
allow
opens
up
the
ability
for
these
sort
of
small
Edge
scenarios
in
a
way
that
metal
lb
is
very
much
focused
on
data
center.
So
I
think
over
time,
we'll
see
Cube
rip
come
up
an
equivalency,
we'll
see
these
docs
improved,
but
yeah
we've
failed
to
get
where
we
wanted
today,
but
I
think
it's
it's
coming
up
to
midnight
for
me,
so
I'm
going
to
call
it
a
day.
A
I
think.
Thank
you
very
much.
I
think
it's
it's
great
like
Kubrick
we're
using
it
today
for
API
server
load
balances.
It's
a
no-brainer!
You
want
to
use
that
today.
It's
the
easiest
way
to
bring
up
high
availability
control
planes
in
the
art
mode.
It's
it's
sort
of
just
works
and
in
order
scenarios
that
you're
gonna
want
to
do
it
through
that
mechanism,
you're
going
to
have
layer,
2
networkings
that
op
scenario
works
fine.
A
So
if
you're
in
a
cloud
provider
you're
going
to
use
the
load,
balancer
plus
constructs
provided
by
those
infrastructures,
you're
going
to
use
Network
load
balances
for
AWS
Etc,
so
we'll
call
it
a
day
thanks
to
everyone
coming
I'm
sure
someone
will
be
around
next
week.
Yes,
thanks,
everyone
see
you
later
bye.