►
From YouTube: TGI Kubernetes 049: Flannel (CNI)
Description
Come hang out with Kris Nova as she does a bit of hands on hacking of Kubernetes and related topics. Some of this will be Kris talking about the things she knows. Some of this will be Kris exploring something new with the audience. Come join the fun, ask questions, comment, and participate in the live chat!
A
A
As
we
start
poking
around
it
flannel,
but
anyway,
more
on
that
later
and
I
actually
have
some
flannel
mountain
pictures.
I
took
for
the
episode
today
and
we
can
look
at
those
a
little
bit
later
as
well.
But
first
it's
my
favorite
time
of
the
week,
which
is
like
this
is
my
first
day
back
in
Seattle,
and
it's
really
rad
that
my
first
day
back
in
Seattle
is
a
day
where
I
get
to
do
my
favorite
thing
ever,
which
is
to
tell
all
of
you
wonderful
people.
Hello,
so
without
further
delay.
A
Let's
go
look
in
this
chat
that
we
had
here.
Okay,
so
we
had
somebody
join
about
30
minutes
early
and
I
wanted
like
like
do
we
have
a
prize
for
someone
who
joined
30
minutes
earlier,
like
who's
who
gets
the
first
hello
every
week,
we
should
like
totally
make
it
a
thing
to
call
them
out.
So
this
week
our
first
hello
came
from
oh
bina
or
do
hello
hefty,
oh
and
then
Olaf
says
dang
I'm,
not
the
first
to
say
hello,
maybe
next
week
Olaf
but
still
hi.
A
So
a
big
shout
out
to
him,
he
really
helps
bring
this
thing
together
and
he's
kind
of
like
the
man
behind
the
curtain.
So
thanks
for
all
your
help,
George
and
thanks
for
listening
to
me,
rant
for
30
minutes
before
the
episode
every
Friday
when
I
do
a
ttak.
So
next
we
have
Tim,
says
watch
Simon,
says
hi
George
says
in
about
one
minute:
he
has
the
show
notes
which
I
have
pulled
up
and
we'll
look
at
in
just
a
second
the
Madi.
A
It's
always
great
to
see
you
Madi,
like
still
one
of
our
like
longtime
attendees
like
you're,
always
here
and
you're,
always
happy,
and
it's
always
great
to
see
you
at
Maddy,
John,
gillies
hide
from
Phoenix
or
hi
from
Berlin,
Rory
McCune
says
yay
for
not
dying.
All
right,
I
didn't
even
get
injured
and
my
hands
doing
really
great,
like
I,
can
actually
show
it
on
TV
I
can
out
I
can
like
actually
bend
it
all
the
way.
So
that's
really
cool
I
read
for
no
injuries
amino
hi
from
London
I'm,
not
gonna.
A
Try
to
pronounce
that
name
because
I
know
I'm
gonna
say
it
wrong,
but
hi
from
Turkey
Lou
Maddy
says:
did
you
go
looking
to
go
for
con
Chris?
If
so,
how
was
it?
Yes?
I
did
go
to
go
for
con
and
I
got
to
spend
a
lot
of
time
talking
about,
go
and
kubernetes
with
a
lot
of
people
and
played
a
little
bit
of
rock
and
roll
with
the
Gopher
con
band.
It
was
a
really
great
time
if
you
guys
have
never
been
a
go
over
con.
A
It
is
hands-down
my
favorite
conference
to
go
to
it'sit's
really
like
going
and
seeing
all
of
our
friends.
Everybody
goes
there
and
even
if
people
don't
have
presentations,
they
still
make
it
a
point
to
go
in
the
hallway
track.
It's
probably
the
most
beneficial
hallway
track.
I
I've
ever
been
to
in
my
life,
gopher
Kaunas
great
conference
and
I
make
it
a
point
every
year
to
go
no
matter
what
so
I
had
a
great
time,
and
it
was
great
to
see
everyone
again
and
they'll.
Go
for
konban
is
also
always
fun.
A
So,
let's
see
bob
says
someone
who
comes
30
minutes
early
does
not
have
enough
to
do
I,
don't
know,
maybe
they're
just
joining
early
and
they
just
say
hi
and
they're
still
doing
other
things
concurrently
Carl
morning
from
New
Zealand
save
it
second
favorite
thing:
Death
Star,
Landing
demos,
yes,
the
Death,
Star
Landing
demos.
From
two
weeks
ago,
before
I
went
on
vacation,
we're
really
rad.
Still
my
favorite
demo
I've
done
here
on
ttak
Jason
de
Tiberias.
It's
good
to
see
you
Jason
helped
me
out
earlier
in
the
city.
A
Austria
life
cycles,
slack
channel
for
everything
we're
gonna
be
going
over
today,
so
Jason
gets
to
see
what
all
of
my
weird
questions
are
going
to
somehow
get
glued
together
to
form
a
complete
thought
here.
Gus
says
good
evening
from
Hamburg.
After
some
weeks
without
live
tea,
gik
could
attend
again
good
to
see
you
Gus.
Next
we
have
Carlos
Ola
from
Havana
Ola
Carlos
Rob
Robinson
got
my
work
done
early
today,
so
I
really
get
to
watch
today.
Welcome
Rob
I
have
an
extra
beer
for
us
here
at
hefty.
A
Oh
and
congratulations
on
getting
your
work
done
earlier.
Let's
see
Bob
fry
leg
says:
welcome
back
Chris.
It
was
cool
to
meet
you
at
Disney
back
in
April,
I
I
know
it
was
not
wintertime.
I.
Remember
that
much
so
yeah.
It
was
good
to
meet
you
too.
Let's
see
Vikram
hi
from
Goa
India,
it's
1:30
a.m.
here,
oh,
like
round
of
applause
for
Vikram
for
joining
in
the
middle
the
night.
Thank
you
very
much
for
joining
hi
from
Chicago
North
burbs.
What's
up
I,
so
speaking
of
Chicago
I
was
supposed
to
do
my
can't.
A
So
I
am
trying
to
now
try
to
find
a
different
conference
in
Chicago
to
kind
of
come
back
and
have
like
a
Redemption
presentation,
because
I've
been
waiting
to
give
that
talk
for
about
six
months
and
I've
worked
really
hard
on
it.
So
hopefully
we
can
find
like
another
conference
or
a
meet-up,
or
something
in
Chicago
and
I
can
come
out
and
hang
out
with
folks
and
I
still
give
the
you
can't
have
a
cluster
bleep
without
a
cluster
talk.
So
next
we
have
chrome
fire.
So
a
stupid
question:
why
go?
A
Why
not
rust
or
something
different
I
there's
a
that
is
I
mean
that's
a
loaded
question
for
one
so
loaded
questions
here
would
be.
It
would
be
appreciated
not
to
ask,
but
if
you
must
know
that
was
my
favorite
programming
language,
because
it
compiles
to
a
statically
linked
binary
I.
Think
it's
simple
for
users,
I
think
the
standard
library
is
simple.
Kubernetes
is
written
in,
go
and
I
like
the
way
that
concurrency
and
lingo
and
later
in
the
episode,
we're
learning
about
the
future
of
go
and
go
to
and
I
think
that
is
also
exciting.
A
So
I
love
go
and
that's
why
anyway,
I
hide
from
Seattle
good
to
see
you
Edie
and
'la
Maddie
you're,
going
to
fly
spirit
airplanes
next
week.
I
bet
and
Abu
says
hello
from
Bangladesh
and
on
that
note,
I
finally,
caught
up
we're
gonna
pause
there
with
the
hellos
I'm
gonna
jump
over
and
we're
gonna
start.
Looking
at
some
of
the
this,
we
can
kubernetes
and
some
of
the
other
stuff
that
came
out
of
go
freak
on
and
talking
a
little
bit
about
high
level
stuff
Before.
A
We
jump
into
flannel
for
the
the
rest
of
the
episode.
So
I'm
gonna
put
a
little
marker
here
next
to
a
boo
from
Bangladesh
and
let's
jump
over
to
my
screen
cool.
So,
every
week
we
do
this
hack,
indie
thing
where
we
have
this
live
mark
down
on
the
left.
That
folks
can
come
to
an
edit
George
put
a
link
earlier.
If
you
want
to
come
in
and
add
any
notes
throughout
the
episode
feel
free
to
George
and
I
can
approve
them
and
they'll
ultimately
get
added
to
github
repository
and
then
over.
A
A
This
markdown
file
every
week
and
then
we
kind
of
like
sorted
out
afterwards
looks
like
George's,
adding
the
link
right
now
and
then
also
this
remember
last
time,
I
choked
a
bunch
of
this
like
we
just
started
getting
this
tea
at
the
office
and
it's
super
sugary,
so
I
just
drink
of
this
all
day
and
I'm
like
like
a
high
in
sugar
all
day.
So
it's
really
nice,
okay,
so
Cuba
corn,
stuff
going
on
here.
Okay.
A
A
So
let's
talk
about
what
happened
this
week
and
maybe
even
a
little
bit
of
last
week
the
week
before,
because
I
wasn't
here
so
the
first
one
we
have
is-
and
this
is
my
first
time
looking
at
a
lot
of
these
articles,
so
we're
going
to
kind
of
try
to
figure
them
out
together.
A
lot
of
folks
have
been
contributing
articles
like
this.
So
if
you
find
one-
and
you
want
to
add
one-
please
do
and
we'll
actually
look
at
it
live
and
I'm
not
really
going
to
look
at
it
beforehand.
A
So
we'll
kind
of
learn
about
it
together.
So
if
you're
free
to
share
one
and
contribute
your
thoughts
on
it
as
we
look
at
it
together,
live
on
TGI
K
every
week,
so
this
says
introducing
horizontal
pot,
auto
scaling
for
Amazon
eks.
Okay,
so
in
this
diagram
looks
like
we
have
two
pods
and
we
have
some
sort
of
deployment
with
some
sort
of
scale,
imagery
that
I
don't
really
understand
what
that
is,
and
it
says
metric
server,
API
and
horizontal
pod
autoscaler,
okay,
I
see
what's
going
down
here.
A
So
this
is
a
pod
autoscaler,
not
a
node
autoscaler,
meaning
that
if,
for
some
reason
your
software,
you
can
set
up
using
this
metric
server
API.
If,
for
some
reason
your
software
has
detected
that
it
needs
more
software
resources
and
you
happen
to
have
resources
available
on
your
node
pool.
This
eks
out
of
pod
autoscaler
will
come
in
and
actually
scale
your
deployments
for
you
automatically
in
create
more
replicas
of
your
software
and
then
distribute
incoming
traffic
across
them
horizontally,
and
this
is
cool
because
you
don't
have
to
worry
about
it.
A
One
of
the
great
examples
I
always
like
to
use
for
the
horizontal
pod
autoscaler
is
an
example
from
when
I
was
working
at
an
e-commerce
shop,
and
we
had
to
do
all
of
this
stuff
manually.
So
every
year
for
the
holidays,
we
would
get
a
flood
of
traffic
it
like
on
Black,
Friday
and
Cyber
Monday,
where
people
would
come
online
to
the
website
and
we
tried
to
actually
re-implement
something
like
this
in
our
own
horizontal
pot.
A
A
scaler
in
this
case
that
we
have
from
here
at
the
folks
at
Amazon
would
solve
this
problem
for
us
and
say
we're
detecting
an
onslaught
of
traffic.
Let's
go
ahead
and
scale
our
software
horizontally
and
distribute
the
load
accordingly,
and
hopefully
that's
decreasing
the
amount
of
server
runtime
areas
that
the
users
experiencing,
while
they're
trying
to
buy
all
of
their
wonderful
holiday
presents.
So
this
is
cool.
A
Eks
has
their
own
implementation
here,
and
it
says
why
was
HP
not
supported
previously,
so
you
can
read
a
little
bit
about
the
history
here
and
you
can
see
what's
coming
up
next
and
as
one
of
the
organizers
for
sick
AWS.
Brandon
here
has
been
one
of
our
longtime
attendees
and
it's
really
nice
to
see
you
that
this
is
all
kind
of
coming
together
and
we're
like
coming
out
with
articles
now
about
all
the
cool
stuff.
That's
going
on
in
eks.
A
So
next
I'm
gonna
skip
this
one,
because
this
one
is
a
huge
one
that
I
want
to
get
to
at
the
end,
looks
like
the
Maddie
had
a
question
any
idea.
What
criteria
you
can
pick
to
auto
scale,
your
AWS
compute
instances,
I,
don't
look
at
the
criteria
just
had
a
metric
server,
but
I'm
assuming
this
has
all
got
to
be
runtime
resources,
so
everything
from
compute
to
memory
to
disk
disk
but
I
didn't
know
that
the
HPA
implementation
and
upstream
Cooper
and
I
used
to
finds
all
of
this
stuff
for
us.
A
So
you
could
go
and
upstream
kubernetes
can
actually
see
what
is
available
there
and
then
also
in
general.
Like
scaling
and
deployment
is
a
relatively
trivial
task
in
kubernetes,
so
it
actually
wouldn't
be
to
impossible
to
implement
some
sort
of
your
own
autoscaler.
That
could
run
arbitrary
metrics
on
your
end,
I'm
I'm,
pretty
sure
the
HPA
supports
this
today
with
adding
your
own
arbitrary
hooks,
but
regardless,
if
not
it's
it's
pretty.
It's
pretty
simple
API
call
and
there's
commands
baked
in
take
you
back
tool
to
help
you
with
that,
as
well.
So
good
stuff.
A
Here
from
our
friends
at
Amazon,
so
next
we
have,
the
machines,
can
do
the
work
of
the
work,
a
story
of
kubernetes,
kubernetes,
testing,
CI
and
automating.
The
contributor
experience
that's
a
really
long
title,
so
it
looks
like
this
is
an
article
from
Arin,
Creek
and
Berger
and
Benjamin
elder
two
folks
at
Google.
Large
products
projects
have
a
lot
of
less
exciting,
yet
hard
work.
We
value
time
spent
automating
repetitive
work
more
highly
than
toil
okay,
so
this
is
cool.
So
looks
like,
let's
see
what
the
work
is
here
that
we
are
talking
about.
A
Initially,
we
focused
on
the
fact
that
we
need
to
support
the
sheer
volume
of
tests
mandated
by
the
complex
system
of
kubernetes
real
world
failure.
Scenarios
had
to
be
exercised
by
into
entire
workflow
triage
project
health.
Ok,
so
this
just
looks
like
it's
talking
about
the
contributor
experience,
work
that
goes
into
the
kubernetes
project,
so
for
folks
at
home
we
talked
about
proud
like
a
month
or
two
ago.
This
is
a
really
cool
piece
of
software
here
that
came
out
of
upstream
kubernetes.
A
That
allows
us
to
interact
with
github
in
cool
ways
and
give
us
some
more
functionality
and
github
that
we
wouldn't
have
before
just
by
having
a
various
commands
here.
So
the
way
that
this
works
is,
you
would
add
a
comment,
and
you
can
include
things
like
a
slash
hook
or
slash,
plank
or
slash,
okay
to
test
and
there's
a
couple
of
other
ones,
and
that
gives
users
a
sort
of
a
new
command-line
interface
to
give
up
comments
to
interact
this
backing
piece
of
software.
A
So
I
think
what
this
blog
is
is
sort
of
like
highlighting
all
of
the
work
that
they
contribute.
Your
experience
notes
have
done
behind
the
scenes
and
how
we've
actually
used
kubernetes
to
help
kubernetes,
which
is
really
exciting
and
another
great
example
of
how
kubernetes
can
be
used
to
help
and
build
itself
moving
forward.
So
hats
off
to
the
contributor
experienced
folks
for
this.
This
is
great
stuff.
A
So
next
we
have.
Oh
this
one
looked
cool
I,
remember
seeing
this
one
earlier,
it
says
endoscope
snoop
around
inside
your
kubernetes
pods,
so
it
says
today
I
released
endoscope.
This
is
a
tool
that
solves
a
couple
of
simple
problems,
so
in
general,
like
as
it's
somebody
who
wrote
a
book
in
a
technical
author
like
this,
was
much
easier
for
me
to
like
grok
right
off
the
bat
than
like
this
whole
art.
A
These
types
of
problems
is
been
interesting,
so
having
a
tool
that
is
sort
of
just
does
one
thing
inspecting
a
body
doing
it.
Well,
it's
super
handy
and
let's
see
if
I
can
just
get
this
up
and
running
in
like
the
next
five
seconds,
and
if
so,
we
will
totally
try
to
use
it
on
a
pod
today.
What
we're
looking
at
flannel!
So,
let's
see
how
do
we
ping
I
just
want
to
see
how
to
install
it?
Is
there
a
release?
A
A
We
need
to
move
forward
container
I,
don't
see
how
to
install
this
and
I,
don't
see
clone
or
download
and
I
don't
see
any
releases.
So
sorry,
scope,
we're
gonna,
try
to
grab
a
copy
of
you
later
and
maybe
we'll
try
it
on
next
week's
episode.
But
that
looks
cool
thanks
for
the
the
share
there.
Next
we
have
weave
flux
version.
1.6
is
released
again
single
sentence
right
here
at
the
top
plus
one.
This
release
improves
feature,
doesn't
have
some
new
goodies
like
reg,
X
tag,
filtering
and
multiple
sink
paths
have
fun
okay.
A
So
this
is
a
new
copy
of
weave
flux.
So
weave
is
a
company
based
out
of
London
I'm,
really
close
with
a
lot
of
their
folks.
They
do
a
ton
of
work
in
upstream
I
met
a
lot
of
them
in
upstream
and
we've
been
in
network
for
years
and
I.
Think
in
the
future,
we're
gonna
look
at
weave
net,
which
is
a
CNI
implementation
similar
to
the
ones
we're
looking
at,
and
here
we've
flux.
A
We
have
the
get
ops
operator,
so
we've
fluxes
this
whole
implementation
of
get
ups,
which
is
this
really
cool
thing
that
Alexis?
Since
I'm
going
to
focus
it,
we
haven't
been
pushing
forward
which
is
sort
of
using
git
as
your
source
of
truth
and
having
sort
of
this
declarative
model
and
get
and
get
as
your
database,
which
is
easy
for
developers
and
operators
to
interact
with,
and
then
this
weave
flux,
operator,
kind
of
goes
and
reconciles
the
state
moving
forward.
Doing
a
lot
of
Handy
arbitrary
things
like
are
convenient
for
kubernetes
software
engineers
and
operators.
A
So
we
flux
is
really
rad.
We
could
probably
do
a
whole
episode
on
weave
flux
and
I
believe
it's
upstream
open
source
yeah.
It
is
so
here's
the
source
code
here.
So
we
could
talk
about
weave
flux
and
then
this
is
just
a
new
release.
1.6
that
says
it
improves
some
existing
features
and
a
some
new
goodies
like
reg,
X
time
filtering
and
multiple
seam
paths,
so
exciting
new
release
and
good
to
see
that
this
really
cool
get
ops.
Declarative
piece
of
software
is
moving
forward,
so
hats
off
to
our
friends
at
weave.
A
Coming
up.
Next,
we
have
what
do
we
have
here?
Ambassador
o
39
released
and
oh
I
thought
this
was
like
a
scene
CF
ambassador.
This
is
a
completely
different
infested,
er.
Ok,
it
says
we
released
him
basa
der
point,
39
ambassador
as
an
open
source,
API
gateway
built
on
the
Envoy
proxy
for
kubernetes.
What
a
wonderful
sentence
here!
This
release
removes
the
stats
D
container
by
default
when
initially
installing
Ambassador
the
stats
D
container.
It's
in
packets
to
non-existence
dusties
sync
service.
Ok,
so
this
is
really
cool.
A
So
this
is
a
new
API
gateway
and
we
have
a
new
version
of
it
as
well.
I
wanna
see
the
source
code.
Here
you
can
get
impostor
running
with
a
single
docker
command.
You
can
install
it
via
helm.
Upgrading
an
ambassador.
Do
we
see
github
anywhere
on
here
was
scrapped
for
it.
Nope
I
always
like
looking
at
the
source
code,
but
this
looks
cool
I
would
be
interesting
in
trying
this
out
and
again.
A
If
we
don't
already
have
a
copy
of
ambassador
in
the
tgia
issue,
tracker
and
let's
check
and
see
so
TJ
K
AB
do
t
GI
K.
Let's
go
to
the
issue
tracker
and
let's
look
for
Ambassador,
okay,
cool.
So
we
do
have
it
and,
of
course,
lumati
always
one
stuff
had
ahead
of
the
game.
Speaking
of
l'm
a
team,
I
saw
that
you
had
some
questions.
I'm
gonna
go
back
in
just
one.
Second,
let
me
pull
this
up.
Okay,
let's
see
what
folks
have
been
saying.
Allah
Matty
says
any
idea.
A
What
criteria
we
already
talked
about,
that
chrome
fire
says
rust
for
Mozilla
in
Kotla
Anita
from
jet
frames
like
the
same,
but
way
simpler.
Sorry
for
that,
but
I'm
like.
Why
does
it
need
to
be
so
complicated
is
chrome
fire,
the
same
person
who
asked
about
go
yeah?
They
are
okay,
chrome,
fire.
I
am
very
excited
to
learn
about
your
opinions
on
programming
languages
and
would
love
to
read
an
article.
If
you
could
share
one
with
us,
we
would
happily
take
a
look
at
it
in
one
of
the
others.
A
We
can
convert
ideas
about
pros
and
cons
of
different
languages
and
how
you
feel
about
them.
So
Michael
goodness
good
to
see
you
Michael
goodness
George
says
github
data
wire,
Ambassador,
George,
I.
Think
if
you
could
add
that
to
the
notes,
that
would
be
handy
and
Todd
Lyons.
Maybe
click
on
one
of
the
issues
should
be
in
the
git
repo
and
get
to
the
source
from
that.
Ok,
so
let's
go
back
here.
A
So
we
looked
at
Ambassador
and
George
Airy
added
that-
and
it
says
debug
ago
application
in
kubernetes
from
IDE
and
see
what
this
thing
is.
I'm
curious.
What
IDE
this
is
as
a
developer
is
always
useful
to
be
able
to
develop
an
application
with
its
own
IDE.
When
you
application
only
works
with
the
kubernetes
api,
you
can
simply
launch
your
application.
What
is
this
thing
going
on,
though,
so
build
the
application?
The
application
I
want
to
debug
is
a
Cassandra
operator.
A
A
What
is
the
this
text
template?
This
is
helm,
isn't
it
okay,
yeah,
so
they're
making
us
to
play
with
helm,
and
then
it
says
to
the
ploidy
operator
in
debug
mode.
You
can
just
do
this.
Configure
the
IDE
I
use
GOG
land
or
go
in
now
to
debug
my
go
programs,
but
it
works
similarly
with
others,
and
it
has
this
thing
called
remote
debug
and
you
can
okay
cool.
A
So
next
we
have
so
George
suggested.
We
do
this
power
line,
go
which
I'm
gonna
look
at
this
last,
and
so
we
skipped
over
this
earlier.
So
let's
do
this
one
now.
So
this
is
going
to
so.
This
was
a
really
big
announcement.
Go
for
cotton
this
year
and
it
says
on
August
28th
yesterday,
at
our
annual
go
contributor
summit,
attendees
got
a
sneak
peak
of
preliminary
drafts
of
possible
design.
Sir
changes
of
air
handling
and
generics.
That's
right.
Everybody
live
tgia,
a
2018.
A
The
go
team
is
talking
about
generics
and
actually
had
a
working
example
and
gave
folks
a
sneak
peek
of
what
it
could
look
like
for
goto.
So
this
is
monolith,
monumentally
huge
and
I.
Think
a
lot
of
people
in
the
NGO
community
are
excited
about
this.
Solving
generics
is
a
very
hard
problem,
especially
when
you
get
down
to
the
nitty
gritties
of
compiling
the
code
and
how
you
go
about
reasoning
about
the
code
and
how
you
deal
with
memory
as
you're
reading
about
the
code
and
as
always,
with
the
go
team.
A
Whenever
we
look
at
an
implementation
to
a
solution,
it's
always
very
elegant
and
slick.
So
this
is
a
really
good
opportunity
for
you
to
learn
about
a
really
complex
problem
and
how
a
programming
language
will
approach
solving
this
problem.
So
this
is
going
to
be
very
exciting
to
follow
along
as
we
look
at
it
looks
like
folks
in
the
chat
are
saying
things.
Michel
goodness
says:
welcome
back
Chris
just
in
time
for
a
long
weekend.
A
Lu
Maddie
says
got
a
favorite
going
to
feature
and
looks
like
cookie
C
says:
go
is
Co
21
surgery,
he
okay
cool.
So
let's
go
back
here
and
let's
look
at
George's
suggestion
for
a
power
line,
go
cool
being
so
I
think
this
is
supposed
to
be
like
a
new
shell
I'm,
a
very
big
bash
advocate,
because
a
lot
of
the
times
I've
noticed
that
getting
too
much
working
here
creates
a
dependency
on
your
specific
bash
profile
and
especially
doing
a
lot
of
demos
and
things
like
that.
A
I
am
moving
from
computer
to
computer
a
lot
and
I
like
try
to
solve
the
problem
of
how
do
I
like
store
my
bash
RC.
You
know
my
bash
stuff
up
in
the
cloud
somewhere,
so
I
can
like
easily
move
into
a
computer
and
that
just
always
proved
to
be
a
problem
because
things
like
DNS,
depending
if
I
was
like
on
site
with
a
client
or
something
may
not
work.
A
The
way
is
intended
or
certain
websites
might
be
blocked
so
I,
ultimately
after
years
and
years
of
trying
to
customize
him
about
char
C
and
make
it
as
portable
as
possible
decided
that
it
actually
makes
more
sense
just
to
learn
good
ol
bash
and
just
be
comfortable
in
bash,
with
the
way
it
ships
and
I
found
that
to
be
like
super
efficient
for
me,
but
I,
told
George.
I
would
check
it
out
and
he
said
that
it
actually
might
be
rainbow.
A
So
we'll
give
this
the
30
second
try
and
see
if
we
can't
get
go
power
line
shell
up
and
running
for
the
rest
of
the
episode
and
see
if
we
can't
get
me
even
more
confused
as
we
look
at
flannel,
so
it
says
a
power
line
like
prompt
for
bash
Z
shell
and
fish
virtual
in
minute.
Nick,
shell
installation
uses
an
C
color
codes,
precompiled
binaries
go
get,
there's
a
go,
get
command,
so
it's
written,
go
that's
cool
by
default.
If
you'll
be
in
go
Ben,
okay,
we're
gonna,
see
what
happens
here.
A
A
So
how
is
everybody
this
week
this
week?
I
would
so
the
one
thing
I
usually
like
to
do
when
I
do
go,
get
is
like
to
do
a
verbose
mode,
so
I
actually
see
what's
going
on,
but
we're
pretty
blind
to
that
which
I
don't
always
like
to
see,
but
I
bet
now.
Do
we
have
a
power
line?
Dot
go!
Oh
I,
don't
even
know
what
that
is.
So
how
do
we
install
this
thing?
I'll
be
following
to
your
bash,
RC
or
bash
profile
on
a
Mac.
A
So
let's
try
this
and
then
I
can
always
comment
it
out
if
needed,
no
I'm
not
going
to
open
up
my
bash
RC
on
TGI
K.
So
we
get
to
look
at
my
lovely
face
for
a
second
while
I
edit,
my
bash
RC
here
to
see
if
we
can't
get
this
up
and
running
so
one
sec.
Folks,
Emacs
I'm,
gonna
kind
of
tell
you
what
I'm
typing
here
ours,
it's
a
bachelor,
underbar
profile
is
actually
the
one
I
want
to
edit.
A
Do
you
do
and
go
all
the
way
down
to
the
bottom?
Oh
yeah
I
definitely
do
have
secrets
in
here
and
the
passwords
and
all
kinds
of
interesting
stuff.
We
don't
want
to
show
in
the
air
okay.
So,
let's
scroll
down,
where
do
you
want
to
add
this?
Okay,
so
I
have
this
big
block
here
my
badger
I
see
you
ready
to
find
a
bunch
of
functions
as
I've.
Seen
of
that,
so
paste
that
in
there
save
it
and
let's
get
this
back
over
here
and
I
will
switch
back
over
in
just
one
second.
A
And
screen
and
face,
let's
see
what
happened
here
so,
let's
source
my
badge,
okay,
this
looks
rude
I'm
already
intimidated
by
this
there's
a
lot
of
information
going
on
here
and
a
lot
of
screen
real
estate
being
taken
up
by
a
lot
of
things.
I,
don't
really
understand.
What's
going
on,
it
looks
like
it
kind
of
expands
our
directory
here
so
I'm
in
a
home
directory
may
the
computer
name
is
Nova
in
directory
Nova,
which
is
user,
/k,
Nova
tilde
for
home
I'm.
Assuming
then
go
then
don't
know
what
this
is.
A
Everything
has
a
question
mark,
so
that's
kind
of
terrifying
github,
and
then
this
is
like
where
we
are
in
my
my
go
pass
here.
It's
unique
on
food,
just
what
Jason
says,
okay,
so
let
me
close
out
of
slack
really
quick.
It's
taking
up
a
lot
of
resources,
okay,
I'm
going
to
actually
turn
this
off.
Really
quick,
I,
don't
know
if
I'll
be
able
to
handle
this
on
TDI,
okay!
Well,
I
am
looking
at
debugging
flannel,
which
we're
gonna
be
doing
a
lot
of
debugging.
A
So
having
a
little
bit
of
screen
real
estate,
there
will
be
handy
so
one
second
again,
while
I
scroll
down
and
turn
all
this
stuff
back
off.
Bear
with
me,
I
feel
like
somebody
should
like
come
up
on
stage
and
tell
a
joke
when
I'm
editing
my
profile
here,
hon
TGA
kay,
but
bear
with
me
one
second:
do
you
do
okay?
So,
let's
find
my
functions.
A
A
Okay,
so
George
says
I
think
you're
missing
the
power
line,
font,
okay,
yeah
so
yeah
again
like
the
the
terminal
stuff,
is
cool
and
like
if
you
really
are
going
to
be
spending
a
lot
of
time
as
a
software
engineer
and
that
stuff's
important
to
you
I
think
it
makes
sense.
I,
just
like
all
of
my
code
is
very
like
on-the-go
and
very
demo,
II
anymore,
so
having
something
like
this
usually
just
ends
up
taking
up
more
time
solving
concerns
for
me.
So
let's
try
a
new
one.
Okay
here
we
go
so
we're
back.
A
Let's
get
this
over
here:
animal
zoom
in
good
old
Bosch
and
let's
go
back
to
comb
BAM,
okay.
So
without
further
ado,
let's
talk
about
flannel
and
CNI
and
as
we
do
that
I'm
gonna
sort
of
start
up
a
cubic
corn
cluster
using
some
commands
I
have
here
and
then
we
are
going
to
actually
create
the
cluster
without
any
CNI
implementation,
rule,
look
at
the
diamond
set
and
we'll
get
flannel
up
and
running
and
we'll
kind
of
SART
poking
you're
on
it
flannel
and
then,
if
folks
have
questions
along
the
way.
A
A
That's
configured
properly
for
your
CNI
implementation
was
actually
really
important,
like
with
Celia.
We
knew
we
had
dependencies
on
the
kernel
and
with
calico.
We
knew
that
you
know
it's
pretty
easy
to
install
I
worked
out
of
the
box
with
Cuba
corn
and
that's
what
most
cubicle
and
cluster
shipped
shipped
with,
but
even
then
getting
everything
kind
of
down
and
correctly
still
took
a
little
bit
of
time.
A
I
was
looking
forward
to
flannel,
because
I
everything
I've
heard
about
flannel
and
every
time
I've
used
flannel,
it's
been
very
cut
and
dry,
it's
very
simple
and
not
sort
of
makes
it
quite
elegant
because
of
its
simplicity.
It
may
not
be
the
most
secure
thing
in
the
world
and
we're
gonna
look
a
little
bit
about
that
later,
but
it
installed
a
sort
of
out
of
the
box
like
charm,
mostly
the
one
thing
that
I
found
about
flannel
that
I
wanted
to
share
with
folks.
A
Let's
close
a
lot
of
this
stuff
and
we're
gonna
go
into
my
notes
here:
let's
scroll
up,
exploring
flannel
okay,
so
it
says
deploy
cluster,
which
will
start
that
just
from
the
second.
But
I
wanted
to
point
this
out
as
we're
deploying
our
cluster.
We
originally
deployed
a
cluster
where
we
did
not
specify
this
flag
for
cube
admin
in
it.
So
I
did
this
earlier
today
and
then,
if
I
actually
looked
at
the
flannel
pods
after
they
got
up
and
running
I
got
this
error
here
used
to
scoot
this
over.
A
So
we
can
actually
see
this
a
little
bit
better.
That
said,
error
registry
network
failed
to
acquire
lease,
node
yada,
yada
yada,
and
then
it
ultimately
shut
down.
So
I
went
on
this
journey
to
figure
out.
How
do
you
turn
on
pod,
Network
cider
and
what
I
should
define
it?
As
so,
what
I
did
was
I
found
this
piece
of
documentation
and
I?
Actually,
wanna
pull
up
the
flannel
Doc's
right
now,
flannel.
A
A
A
A
In
knit
thing
here,
I
tried
to
actually
paste
this
right
after
the
dash
dash
config
part
of
cube
admin
right
here
in
this
space
and
tried
to
bootstrap
my
cluster
and
actually
got
a
bunch
of
errors
saying
that
Cuba
admin
does
not
support,
adding
other
options
if
you
are
also
defining
it
config.
So
this
led
me
on
this
journey
earlier
today
that
Jason
type
D
tiberius
helped
me
out
with
which
was
figuring
out
how
to
map
cube
admin
and
knit
flags
to
various
directives
in
the
cube
admin
config
file.
A
So
we
can
use
clean
off.
So
in
order
for
us
to
get
a
cubic
or
clusters
started,
let's
go
back
to
our
documentation
and
we
have
these
commands
that
I
can
copy
pasta
verbatim
here.
In
my
terminal,
I
am
in
the
local
Oh
49
directory
for
TDI
k
for
this
week's
episode
and
if
I
just
paste
this
command
in
here
we
create
this
cubical
state
file
and
then
I
can
come
in
here
and
I
can
run.
A
This
apply
command
and
this
is
going
to
give
us
a
cluster,
that's
already
for
flannel,
but
does
not
have
flannel
installed
so
we'll
let
this
run
in
the
background.
Also
I
really
love
keep
a
corn
for
your
moments
like
now,
where
I
just
want
to
just
tweak
how
my
cluster
starts,
and
this
makes
it
very
easy
to
do
live
on
the
air.
This
is
you
know,
pat
myself,
on
the
back
for
this
one.
Anyway,
let's
go
and
let's
map
this
pod
networks
cider
flag
to
go
back
and
look
at
this.
A
You
know
file
again
to
this
directive
here.
So
how
I
did
that
was
I
found
this
cube
admin,
API
Docs,
so
I'm
looking
in
the
API
Docs
here-
and
this
is
just
go
doc.
You
can
build
these
automatically
based
on
documentation
in
your
code
and
if
you
document
your
code,
according
to
the
Golding
specification,
you
can
get
this
sort
of
like
page
for
free.
So
this
is
a
really
handy
way
for
you
to
get
documentation
on
your
code
for
free
in
the
case
of
cube
admin,
&
kubernetes
code
base.
A
This
is
actually
really
handy,
because
this
gives
us
a
more
visual
representation
of
the
actual
source
code
that
is
cube
admin.
So
I
wanted
to
find
this
pod
Sider.
So
the
first
thing
I
did
is
I
grabbed
for
cider
and,
of
course,
there's
no
responses
and
I
was
like
okay,
so
we're
gonna
have
to
dig
a
little
bit
deeper,
so
as
I
dug
deeper
I
then
found
where
is
it
I
think
it's
this
page?
No,
it's
not!
That
page!
Is
it
this
one
I
want
to
find
the
documentation
on
a
cube
admin
in
it.
A
So
let's
even
use
google,
it
cube
admin
in
it
and
I.
Think
yeah.
Here
it
is
okay,
so
this
is
where
I
started
to
kind
of
like
get
excited
where
I
thought
I
was
onto
something
I
came
in
here
and
I.
Looked
at
this
in
a
habit
like
this
whole
big
long,
config
file,
and
if
you
remember
ours
is
about
a
kilobyte.
This
is
significantly
bigger
and
this
sort
of
defines
all
of
what
I'm,
assuming
are
the
defaults
for
keep
admin
and
talks
about
all
the
different
ways.
You
could
potentially
configure
it.
A
So,
of
course,
as
I'm
looking
at
trying
to
figure
out
this
where
to
go
using
flannels
with
kubernetes
pod
Network,
cider
I
figured
the
string,
CIDR
would
be
unique
enough
to
where
I
would
be
able
to
come
in
and
grep
for
that
here
and,
of
course,
I
found
cluster
cider
and
exclude
ciders
and
I
found.
Cluster
cider
is
under
cubed
proxy
and
I
was
like.
A
Oh,
maybe
the
pod
Network
cider
is
passing
something
to
queue
proxy,
so
we
went
down
that
rabbit
hole
and
it
looked
very
similar
to
what
I
wanted,
but
it
turned
out
that
this
cluster
cider
configuration
was
actually
not
what
we
were
looking
for,
the
Droid.
We
were
looking
forward
to
use
a
Star
Wars
reference
is
actually
down
here
under
networking
and
it's
called
pod
subnet.
A
So
this
is
a
really
interesting
example
of
where
folks
in
kubernetes
have
decided
to
name
a
flag,
a
very
different
name
than
what
we
would
call
it
in
a
camel,
manifest
or
animal
configuration
file.
This
is
potentially
confusing
for
users.
It
certainly
was
for
me
and
I
would
have
preferred
if
it
went
from.
You
know
the
hyphenated
case
directly
to
the
camel
case
verbatim,
so
that
we
can
make
a
clean
translation
and
easily
find
it.
A
But
that
was
not
the
case
so
anyway,
how
I
ultimately
found
it
was
asking
me
to
slack
and
then
after
I
asked
him
slacked
and
Jason
helped
me
out.
I
came
in
and
went
to
the
cube
admin
documentation
and
went
into
networking,
pulled
up
networking
and
found
pod
subnet,
and
it
says
pod
subnet
is
this
some
that
used
by
Potts
and
that's
of
course,
what
we
wanted
to
find
because
of
the
way
flannel
works
and
all
of
its
simplicity.
A
You
tell
flannel,
what's
pod,
said
not
to
use
and
then
flannel
is
going
to
set
up
expanded.
We
do
not
have
to
do
this
with
the
other
c9
providers,
so
I
think
at
the
end
of
our
CNI
series
here
it
would
be
really
help
handy
to
have
like
a
big
like
pros
and
cons.
Maybe
I
need
a
pros
and
cons,
but
like
differences
between
each
of
the
CNI
providers
and
all
the
weird
nuances
we
discovered
along
the
way.
A
So
maybe
that
can
be
an
artifact
from
the
CNI
series
that
we've
been
doing
for
the
past
month
or
so
here
on
TV,
okay,
so
anyway
we
have
that
defined
and
we
set
up
our
cubic
horn
cluster
and
if
everything
went
well.
Yes,
we
should
have
this
lovely
lime-green
output
here
at
the
bottom
and
we
can
now
SSH
into
our
master
node.
A
So
I'm
gonna
get
a
few
terminal
tabs
set
up
here,
really
quick
wanting
to
our
master
and
wanting
to
our
node,
which
is
going
to
serve
as
our
workhorse,
which
is
where
old,
we'll
be
able
to
see
all
of
the
flannel
stuff
happening.
So,
let's
open
up
a
new
tab,
let's
zoom
in
that
looks
good
and
let's
Association
two
and
we'll
suit
up
so
we're
now
in
the
master.
Here
you
want
to
open
up
a
new
tab
and
let's
go
into
Amazon
and
let's
get
the
name
of
our
node.
A
A
So
in
this
case,
we're
going
to
do
one
two
at
this
is
our
node
IP
address
and
we'll
say
yes
and
we'll
say
a
pseudo
bash,
ok
cool!
So
now
we
have
master.
Now
we
have
node,
and
now
we
have
our
local,
my
macbook
here
that
we're
using
as
well
so.
The
first
thing
I
want
to
point
out
for
folks
at
home
is
after
we
installed
this
key
popcorn
cluster.
A
Without
a
C&I
provider,
we
can
do
a
tag
at
nodes
or
no
for
short,
and
we're
actually
going
to
see
that
the
status
is
not
ready,
and
if
we
did
as
described
on
these
nodes,
we
would
get
some
errors
and
if
we
ssh
into
one
of
our
nodes-
and
we
ran
our
favorite
debugging
command
in
the
world-
journal
cuddle
fu
cubelet.
We
would
in
fact
see
that
the
network
plugin
is
not
ready
and
c9.
A
Config
is
uninitialized,
and
we've
seen
this
in
the
previous
two
episodes
that
we
usually
kind
of
get
here
as
our
default
starting
place.
So,
let's
install
a
flannel,
actually
wait
before
we
install
flannel.
Let's
deploy
a
pod
that
doesn't
work
so
that
we
can
watch
the
flame
I'll
fix
that
pod,
so
I'm
gonna
do
my
famous
kay
run
engine
X
image
in
the
next
man
that
I
use
all
the
time.
A
Oh,
let
me
run
that
on
my
local
Kay
run
engine
X
image
engine
X
and
for
the
episode
I'm
gonna,
create
this
alias
Oh
am
I,
ready
there,
yeah,
okay,
so
I
have
this
alias
called
kdump,
which
is
essentially
kdump,
is
equal
to
KI
Bechdel,
get
all
all
namespaces
and
I'm
here
on
K
dump.
This
is
just
like
list
everything
in
the
cluster
which
I
have
been
using
this
more
and
more
recently
and
I
kind
of
really
like
the
idea
of
just
listing
everything
in
the
cluster,
especially
for
a
demo
like
what
we're
doing
today.
A
This
gives
us
a
really
good
if
overview
of,
what's
running
in
a
cluster
and
usually,
if
you're
gonna
look
up
a
pod,
you're
also
going
to
be
looking
up
its
corresponding
deployment,
or
maybe
the
service
that's
attached
to
it,
or
the
demon
set
that's
attached
to
it
so
being
able
to
kind
of
dump.
Everything
in
the
cluster
is
handy
and
it
seems
like
keystrokes
I've
always
had
to
be
like
Kagan
Pio.
A
This
namespace,
okay,
I
got
my
pod,
ok,
good
service,
namespace,
okay,
now
I
got
my
service
or
I
could
just
get
all
that
one
command
and
kind
of
pieces
together
as
needed.
So
it
is
like
a
list
everything
route
command,
which
is
potentially
dangerous,
but
it's
read-only,
so
I
feel
like
it's
not
that
dangerous,
and
it's
handy.
So
you
know
if
you
want
to
save
a
little
bit
of
time,
having
an
alias
like
this,
that
works
for
you
might
be
of
use.
And
let's
see
what
folks
in
chat
are
st.
really
quick.
A
It
seems
like
calico
and
flannel
or
kind
of
default
providers,
so
much
so
that
you
can
combine
flannel
and
calico.
It's
called
canal,
yes
and
Michael.
A
So
now,
if
we
do
a
giggity,
oh,
we
can
see
that
our
pot
is
pending
and
if
we
do
a
describe
on
it,
I
feel
like
we've
done
this
bunch
before,
but
I
like
to
kind
of
compare
apples
to
apples.
We
can
of
course
see
that,
can
you
describe
yo
new
genetics,
warning
field,
scheduling
default
schedule
or
zero
of
two
nodes
are
available
because
our
cubelet
isn't
registering
as
available
because
we're
missing
a
scene
I
provide
her.
A
A
So
if
you
go
back
to
this
documentation
here,
which
is
if
you're,
if
you're
trying
to
find
the
cube
admin,
which
is
how
cubic
corn
creates
clusters
documentation
on
creating
a
flannel
scene,
I
am
limitation.
Your
cluster.
It
was
actually
kind
of
hard
to
figure
out
the
queue
Bechdel
install
command
for
this.
If
you
come
down
here,
it
says
older
version
of
kubernetes
and
it
has
like
this
legacy
ml
file
here,
but
actually
finding
the
one-liner
anywhere
up
in
this
section.
I
couldn't
really
find
it.
So
that
was
kind
of
confusing
for
me.
A
So
what
I
ended
up
doing
was
exploring
the
github
repo
and
found
the
one-liner
I
was
looking
for.
So
we
scrolled
down
and
we
have
Quebec
tool,
apply:
eff,
raw
github,
user
content,
core
OS,
final
master,
documentation,
cube,
flannel,
dot,
yellow
and,
as
we
all
know,
it
would
not
be
TGI.
K,
unless
we
looked
at
some
yamo,
we
can
look
at
he
actually
ate.
A
So
the
first
thing
we
do
is
we
configure
our
back
big
round
of
applause?
We
all
love
roll
base
off
control
in
our
clusters
and
it
looks
like
flannel
does
a
good
job
at
defining
a
handful
of
various
cluster
roll
rules
and
of
course
we
have
a
corresponding
cluster
roll
binding
set
up
in
keep
system.
This
is
particularly
important
in
CNI
to
have
some
sort
of
our
back
in
place
here,
because
we
are
dealing
with
things
in
the
keep
system
namespace.
So
so
having
this
in
place
is
very
critical.
A
Then
we
create
a
service
account
again.
It's
called
flannel
and
it's
in
the
keep
system.
Namespace
and
then
we
have
this
config
map
and
let's
see
what
sooner
I
can
fig
map.
We
have
this
JSON
file
and
it
says
we're
gonna
create
this
interface
CPR.
Oh,
so
let's
actually
go
here
and
just
do
a
quick
see
what
we
have
running
already.
Okay,
so
we
have
earth
or
eath
0
and
docker
0.
We
know
Dockers
writing
so
there's
our
docker
interface
and
we
have
ether
or
SS
0.
Okay,
let's
do
a
quick
vote
in
the
chat.
A
Let's
do
number
1
if
you
think
it's
pronounced
eath
and
let's
do
number
two
if
you
it's
pronounced,
so
that
is
going
to
look
like
I'm
going
to
put
this
in
the
chat,
one
eise
to
s,
interesting,
to
see
how
you
guys
pronounce
it
anyway.
I'm
gonna,
say
s
for
the
rest
of
the
episode,
because
it's
short
for
Ethernet
or
Ethernet.
Oh,
my
gosh
everybody's
coming
in
and
Bodeen
like
I
love
watching
this
most
people
are
voting
for
what
it
looks
like.
Okay,
so
we're
in
st.
E's,
we'll
say
e
on
the
episode.
A
Then,
okay,
so
we
create
this
new
interface
called
C
BR
0.
We
tell
we're
gonna
use
a
plug-in
of
type
flannel
and
we're
going
to
set
a
hairpin
mode
equal
to
true
and
is
default
gateway
equal
to
true
and
we'll
see
a
little
bit
more.
What
that
means
in
a
moment,
and
then
we
have
some
net
conf
Jason,
where
we
use
this
network
and
our
back
end
type
is
DX
lands.
We're
gonna,
look
pretty
deep
into
the
final
source
code,
a
little
bit
later,
I'm
already
getting
the
feeling.
A
This
is
gonna,
be
a
kind
of
a
longer
episode,
so
go
for
a
cup
of
tea.
If
you
are
interested
because
we're
gonna
actually
look
at
the
the
flannel
plugin
and
actually
the
flannel
daemon
and
potentially
make
it
code
change
to
them
and
run
some
flannel
commands
and
see
what
happens
so
anyway.
We're
gonna
learn
more
about
the
different
types
of
backends
in
flannel.
We're
VX
LAN
is
the
most
common
in
order
to
learn.
Why,
in
this
case
of
this
particular
implementation
is
flannel
y
VX
is
actually
not
as
scary
as
most
folks
think.
A
It
is
particularly
because
all
the
information
we
would
use
multicast
for
in
the
past
is
already
provided
for
us
as
a
node
object,
so
we
don't
even
need
to
use
multicast
and
we
only
use
the
X
land
for
encapsulation.
So
it's
actually
a
pretty
solid
implementation
of
VX
land.
Now
that
all
of
the
multicast
noise
is
out
of
the
way
and
thanks
Duffy
for
helping
us
learn
that
one
earlier
today,
so
the
part
of
the
daemon
set
that
kind
of
struck
me
as
interesting
was
the
amount
of
daemon
sets.
We
were
deploying.
A
So
if
you
come
down
here,
we
have
this
demon
set
called
cube.
Flannel
amd64,
it's
already
I'm,
like
ok,
AMD,
64
bit.
Architecture
sounds
good
to
me
and
I
like
went
through
and
read
this
whole
demon
set
and
we'll
look
at
the
demon
sent
in
a
second.
But
what
I
wanted
you
to
see
is,
as
we
keep
scrolling,
we
found
this
Akkad
even
set.
This
one
is
called
arm
64,
which
of
course,
we're
not
running
an
ARM
processor
in
Amazon,
and
then
I
kept
scrolling
aquit
that
I
found
this
other
demon
set.
A
This
one,
of
course,
is
called
flannel
des
arm
and
I
kept
scrolling,
and
this
other
demon
set,
which
was
GS,
3900,
X
and
then
I
kind
of
like
was
like
okay.
So
we're
deploying
a
lot
of
different
architectures
I,
wonder
which
one's
gonna
win
or
what's
going
on
here
and
we're
gonna,
look
at
that.
What
actually
happens
after
we
do
our
Q
back
to
a
pipe.
So
let's
go
ahead
and
clear
a
screen
BAM
and
we
have
nope,
don't
want
that.
A
Let's
grab
our
llamo
URL,
which
is
here
and
we
can
do
aq
Bechdel
apply
minus
f
this.
You
know
that
we
just
have
done
sweep
so
there's
our
cholesterol
or
cholesterol,
binding
our
service
account
for
flannel
and
the
keep
system
namespace,
and
then
we
have
all
of
these
deeming
sets
for
all
these
different
architectures
created.
So
using
our
handy
dandy,
kdump
command,
I'm,
actually,
I'm
gonna
create
a
different
terminal.
That's
gonna
be
a
little
bit
smaller.
A
Just
so
I
can
do
my
K
done
command
here
and
I
think
it'll
print
a
little
Neely.
So
folks,
if
you're
watching
that
TV
you
might
on
a
TV,
you
might
want
to
stand
up
and
go
on
a
little
closer
to
the
TV.
So
you
can
see
this,
but
if
we
run
a
Kadem,
this
is
presented
very
neatly
on
my
screen
and
it
doesn't
look
too
terribly
small,
hopefully
for
folks
at
home,
so
we
have
where
our
demon
sets
here.
A
So
we
have
deployments
here,
which
is
this
is
our
Internet's
deployment
we
created
that
is
implicitly
or
inherently
broken,
and
we
have
all
of
these
demon
sets
here
and
if
you
look,
we
have
0
desired
0,
current
and
0
already.
So
it
looks
like
these.
These
sort
of
came
in
and
configure
themselves
and
detected
the
architecture
and
said
we
actually
don't
need
to
do
anything.
So
now
we
have.
These
demon
sets
running
that
are
effectively
no
ops,
which
seems
a
bit
weird,
but
the
amd64
did
actually
go
in
win
and
I'm
curious.
If
the.
A
If
we
look
at
our
demon
sets
if
they
actually
define
0
or
if
they're
updated
after
the
fact
I
guess,
we
don't
define
it
right
now.
The
folks
at
home
want
to
go
and
look
and
see
if
weird
of
how
many
replicas
we're
defining
that
would
be
handy.
Anyway.
Let's
go
back
to
our
Kadem
community
here,
so
we
have
our
demon
set
for
ambi
64.
We
have
two
pods
that
are
current
and
two
pods
that
are
running.
So
this
is
pretty
signing.
Remember
earlier,
I
mentioned
flannel
is
a
pretty
simple
program.
A
If
we
actually
pulled
the
logs
for
our
pods
on
the
node,
we're
actually
able
to
see
some
exciting
things
happen,
so
how
we
want
to
do
that
is
we
want
to
do
keg,
EPO
namespace
cube
system
Oh
wide,
and
we
want
to
find
our
flannel
pod
DUS
amd64
running
on
what
was
our
keg
get
node
wide,
so
our
master
is
5233.
Oh
we're
not
going
to
be
able
to
map
that
here.
Oh
yeah,
we
are
so
our
master
is
zero,
zero,
86!
So
mapping
that
up
here
to
zero
zero
86.
A
We
can
now
get
our
flannel
pod
name
here.
So,
oh
no,
we
want
to
do
the
node
just
kidding,
so
we
want
this
flannel
pod
here.
Okay,
that's
the
one!
You
want
copy
that
wait.
There
we
go
now,
it's
being
copied
and
Kay
logs
namespace
cube
system,
minus
F
BAM,
it
can
be
Tom
says
it
can
be
a
cool
feature
if
you
have
a
mixed
CPU
arc
cluster.
That's
a
really
good
point,
anything
about
that
where
you
would
have
multiple
nodes
or
running
different
type
of
architectures.
A
You
could
deploy
this
sort
of
ambiguous
daemon
set
or
the
set
of
daemon
sets
for
different
architecture
is
a
little
sort
of
Reason
about
where
they
need
to
be
ran.
That's
pretty
cool
I
haven't
thought
about
that,
but
that
makes
a
lot
of
sense
where
they
would
have
done
that
way.
So
anyway,
looking
at
the
flannel
pod-
and
it
keeps
this
namespace-
we
can
see
that
yes,
flannel
is
in
fact
using
IP
tables
to
configure
some
things
behind
the
hood.
But
let's
see
what
else
we
know
is
doing
here.
A
So
in
this
case
we're
gonna
go
through
the
logs
kind
of
one
by
one
it
created
a
subnet
manager.
It's
installing
signal
handlers
which
every
good
program
should
deserves
a
good
signal
handler
and
if
you're
gonna
write
it
yeah
I
feel
like
I
saved
this
all
the
time.
If
you're
gonna
write
a
signal
handler,
you
better
make
it
POSIX,
compliant
or
POSIX
compliant
another
round
of
voting
for
people
if
they
say
POSIX
are
probably
POSIX
and
then
the
back
and
type
is
V
excellent,
so
I
guess
now's
a
good
time.
A
Just
look
at
the
various
types
of
back
ends
in
playoffs,
so
let's
go
back
to
Chrome
and
let's
find
the
flannel
source
code,
so
he
okay.
So
this
is
a
new
button
that
should
I
could
get
help
and
it's
been
driving
me
absolutely
crazy.
Everytime
I
come
to
this.
Repo
I
have
to
hit,
show
all
files,
and
it
doesn't
remember
that
so,
if
I
like
navigate
away
from
this
and
like
like
go
to
the
issue
tracker
and
then
come
back,
let
me
refresh
this.
Of
course.
It's
not
gonna!
Do
it
now
there
it
goes.
A
So
that's
been
an
extra
mouse
click
just
to
see.
What's
going
on
in
the
repository
here.
Probably
because
it's
so
long,
but
who
knows
why
weird
github
magic?
Okay,
so
here
in
the
backend
directory,
you
can
see
we
have
all
of
these
variable
backends,
and
these
are
familiar
protocols
for
anybody
in
the
DevOps
scene,
you're,
probably
already
recognizing
ones
like
the
X
Lion,
an
IPSec
and
UDP.
A
And
then
we
have
this
type
of
network
that
has
an
in
to
you
that
returns
an
int
and
you
can
get
a
subnet
leaves,
and
you
can
sort
of
call
run
and
pass
in
go
context.
So,
regardless
of
the
type
of
back-end
you
want,
a
button
looks
like
flannel
can
use
various
different
protocols
and
will
be
able
to
call
run
on
them
and
pass
any
good
context
at
runtime
and
I.
Of
course,
earlier
went
into
the
source
code.
Here
and
validated
that
in
fact
was
what
was
going
on.
A
So
in
this
case
we
are
saying
that
we
are
using
a
network
type
X
LAN,
so
VX
LAN
config,
and
we
have
some
configuration
here
and
then
we
wrote
a
subnet
file
to
run
flannel
subnet
in
and
we're
running
the
back
end.
It
says
waiting
for
all
go
routines
to
exit
which
this
is
actually
in
the
main
functions,
so
that
everything
else
is
happening
in
the
go
read
the
routine
concurrently,
and
this
is
still
back
almost
closer
to
the
top
of
stack
at
main.
A
So
the
first
thing
we
see
is
we
delete
some
IP
tables
rules.
We
add
some
IP
tables
rules
and
this
is
really
handy.
I,
remember,
you're,
debugging
calico
is
a
little
bit
more
challenging
to
figure
out
what's
going
on
in
iptables
here
we
can
see
them
a
little
more
concretely
and
we
can
start
to
get
an
idea
of
what
the
flannel
demon
is
doing
for
us
behind
the
scenes.
A
So
what
I
want
to
look
at
now
is
gluing
together
the
flannel
plug
in
to
this
and
then
actually
looking
at
how
the
cube
was
calling
the
flannel
plug
in
and
then
we're
going
to
talk
a
little
bit
about
well
anyway.
Let's
just
start
there
and
we'll
see
where
we
go
okay.
So
what
I
want
to
do
now
is
open
up
our
node
here
and
go
into
our
uped
C&I
Ben,
and
here
we've
looked
at
this
directory
in
a
lot
of
previous
episodes.
A
A
We
have
all
of
these
binaries
and
I
went
on
another
little
like
experimental
journey
this
morning,
because
I
remember
learning
in
a
previous
episode
when
we
did
calico
that
these
binaries
came
from
installing
this
package,
apt-get
install
kubernetes
C&I
and,
of
course
it's
gonna
say
it's
already
installed,
and
this
came
from
this
change
directory.
Let's
see
what
does
it
mean
fun
to
use
sources,
I
want
to
say
sources
that
D
and
C.
Is
it
apps
sources,
yeah
sources
list
paddy.
A
So
here
we
have
this
kubernetes
list
and
you
can
see
we
have
this
kubernetes
xenial
main
repository
defined,
and
that
is
what
actually
gave
us
the
Cooper.
Now
you
see
and
I
packaged
so
I
was
like
I
want
to
see
where
this
is
coming
from.
Where
do
these
binaries
actually
get
generated,
and
where
is
the
source
code
for
all
of
these?
And
how
do
we
have
this
sort
of
official
plug-in
library
that
I
don't
understand
where
it
comes
from
and
if
I
wanted
to
contribute
to
it?
How
would
I
go
about
doing
that?
A
So
what
I
found
was
this
cool
organization
called
container
networking
on
github
and
in
container
networking
there's
this
repository
called
CNI?
This
is
how
I
should
have
started
off
our
CNI
I
have
a
series
in
kubernetes.
If
you
get
a
chance-
and
you
have
five
minutes
of
time-
go
and
read
this
line
by
line
it'll
be
one
of
the
most
important
things
you
do,
and
it
really
does
a
great
job
at
explaining
what
CNI
is
how
it
works
and
why
it's
relevant,
and
it
actually
has
a
really
great
list
of
third-party
plugins.
A
So
if
there's
any
of
these,
that
folks
want
to
see
a
tgia
on
I'm
happy
to
do
a
TG
I
can
on
it,
and
here
is
what
I
consider
the
most
complete
list
anywhere
on
the
internet,
and
then
it
talks
about
how
you
can
contribute
to
C
and
I.
But
what
I
wanted
to
point
out
is,
if
you
go
to
the
Container,
networking
or
I,
didn't
look
at
the
repos.
A
Excuse
me
plugins
that
the
cubelet
will
actually
execute
and
will
somehow
communicate
back
up
to
the
broader
daemon,
in
this
case
the
flannel
DD
man,
which
were
in
a
moment
with
information
about
building
upon
network.
So
me
being
the
hacker
that
I
am
I
came
in
and
I
said:
okay,
let's
figure
out
what
these
are
compiling
to.
So
I
found
this
directory
been,
which
should
we
just
create
all
these
binaries
and
you
could
do
a
file
on
it
on
flannel
you'll,
actually
notice.
It
is
a
Linux
executable.
A
So
if
my
goal
Ian's
messing
up,
no
know
why
I
did
that?
Okay,
so
if
you
actually
try
to
run
flannel
on
my
macbook,
it's
gonna
yell
at
me
and
says,
cannot
execute
binary
file
because
it's
on
the
wrong
archetype.
So
how
I
have
been
developing
this?
You
come
in
to
our
readme
here,
scroll
down
quite
a
bit.
A
Doo-Doo-Doo
I
can
run
this
command
and
actually
get
a-goin
latest
container
running
and
I'm
going
to
map
my
container
networking
plugins
directory
to
go
source,
github,
calm,
container,
networking
plugins
on
the
container
and
if
I
go
inside
of
the
container
to
go
source,
github,
comm,
container,
networking
plugins.
You
can
now
see
that
there
is
this
Bend
directory
and
if
I
go
into
Ben
I
can
actually
know
execute
flannel
and,
of
course
this
is
the
same
behavior
we
would
get
if
we
ran
it
here
on
the
actual
server
in
AWS.
A
So
let's
go
to
opt
C
and
I
Ben
and
let's
execute
flannel,
and
you
can
see
this
corresponds
to
this
and
if
I
pull
up
my
IDE,
we
now
have
the
minimize
this
one
and
this
one.
We
know
how
the
source
code
for
the
flannel
plug-in
here
in
my
IDE.
We
can
run
and
develop
very
quickly
in
a
container,
and
then
all
we
have
to
do
is
copy
that
up
to
the
cloud.
A
A
So
here
in
the
cni
plugin
repository
in
the
plugins
directory,
there's
a
subdirectory
called
maida
and
inside
of
maida
we
have
flannel,
and
here
you
can
see,
we
have
flannel
dot
go,
and
this
is
where
the
rubber
meets
the
road.
This
is
actually
the
layer
of
software
that
the
cubelet
will
execute
whenever
you
create
a
pod
in
kubernetes
using
flannel,
which
of
course,
this
is
very
exciting,
because
we
couldn't
create
a
lot
of
pods
in
kubernetes
and
we
can
see
what
this
whole
thing
is
doing.
So
again.
A
This
is
code
that
came
out
of
core
OS
now
part
of
Red
Hat,
and
this
is
all
available
in
the
upstream
container
networking
organization,
so
I
came
in
and
I
started
looking
through
this
and
I
found
that
there
was
odd
this
missing
function.
Here,
which
mapped
very
cleanly
to
this
whole,
like
environmental
variables,
missing
output
that
we
get
and
I
started
to
kind
of
get
excited
because
I
found.
Finally,
where
all
of
the
C&I
implementation
ease
stuff
is
coming
from.
A
So
as
we
scroll
down,
we
can
see
that
there's
a
lot
of
functions
here,
but
the
one
I
want
to
point
out
is
all
the
way
down
here
at
the
bottom.
It's
called
main
and
it
says
to
do
implement
plug-in
version.
So
right
now
we
just
returned
version
all
and
if
you
look
at
a
skeleton
and
plug-in
main
you,
we
pass
in
function
up,
function,
pointers,
but
a
reference
to
a
function,
called
command,
add
command,
get
in
command
delete
and
if
we
go
look
at
the
plugin
main
here,
it
says.
A
It
accepts
callback,
functions
for
add,
get
delete
and
version,
and
you
pass
those
in
here
as
well
for
command,
add
command,
get
and
command
delete,
and
if
you
go
and
you
actually
look
at
the
cni
specification,
which
is
here,
you
can
actually
see
where
it
defines
the
get
add
and
delete
define
in
c,
and
I
which
we
can
look
at
that
here
in
a
second,
that's
just
a
spec
and
I
I
don't
even
think
this
is
the
right
posit
or
e
for
it.
Let's
see,
maybe
a
nice
back.
A
This
is
the
1v1,
so
there's
get
here.
They
are
here.
So
this
defines
what
ads
do
you,
what
delete
you
and
what
good
should
do?
So,
let's
add
this
to
our
our
notes
here:
doo
doo
doo,
new,
exploring
flannel,
so
I'm
gonna.
Do
the
C&I
spec
that
the
flannel
plugin
implements
is
here,
okay,
cool,
so
the
first
thing
that
jumped
off
the
page
when
I
was
going
through.
All
of
this
in
figuring
out
about
ad,
get
and
delete.
Seeing
I
functions
was
when
we
look
back
at
our
flannel.
Go
our
command.
Get.
A
Has
this
big
to
do
that
says,
implement
and
it
just
returns
an
error
that
says
not
implemented
so
I,
don't
think
the
flannel
plug-in
actually
implements
get
so
I,
don't
know
if
that's
a
problem
or
if
we
need
that
or
not
but
I'm.
Imagine
it's
really
important.
Since
some
folks
got
together
and
wrote
up
some
documentation
that
says
you
should
implement
it.
So
in
any
case
something
could
potentially
be
looking
for
information
from
the
flannel
plugin
and
is
going
to
get
an
error
that
says
not
implemented
instead
of
any
meaningful
information
along
the
way.
A
So
that
was
the
first
bit
of
worry.
That
I
had
noticed
here
in
the
source
code
of
flannel
and
then
I
saw
a
command
delete,
looks
like
it
was
fleshed
out
and
actually
does
some
things
and
then,
more
importantly
than
anything
else,
I
found
this
ad
command.
That
starts
right
here
when
I
did
before
the
episode
as
I
came
in
and
I
added
this
big
snippet
down
here
at
the
bottom.
That
says,
let's
look
at
C
and
I
on
T
GA
case.
A
So
all
I
did
was
I
pulled
the
container
ID
out
of
the
input
that
the
cubelet
is
passing
to
DC
and
I
plug-in
in
this
case,
it's
flannel
after
I
defined
the
container
ID
I
then
put
together
this
string
that
I
call
file.
That's
in
the
temp
directory,
it's
prefaced
with
the
prefix
C
and
I,
and
then
we
pass
in
the
container
ID.
A
So
let's
go
ahead
and
build
this
and
do
this,
which
for
me,
but
like
the
hacker
in
me,
is
like
finally
I
get
to
actually
see
how,
like
this
whole
thing
like
weird
system
gets
glued
together
and
flannel
made.
All
is
possible
by
being
a
very
quick,
very
dirty
example
of
how
to
do
this.
So,
thank
you
for
keeping
things
simple,
flannel,
it's
my
favorite
type
of
software
to
work
with.
So
in
this
case
we
are
going
to
go
up
a
directory
and
we
are
going
to
run
our
build
script.
A
Sh
build
that
Sh
I
think
we
already
ran
this,
but
for
good
measure.
We're
gonna
go
ahead
and
run
it
again.
It
looks
like
we
got
an
error
here,
Linux
unexpected
operator,
on
line
5.
Maybe
we
can
open
up
PR,
let's
see
what's
going
on
here
line
5.
If
you
name
is
equal
to
Darwin,
then
oh
okay.
So
this
is
why
it
generated
a
Linux
binary
which
actually
ended
up
working
in
our
favor.
A
Since
that's
what
we
need
anyway,
so
interesting
syntax
over
there
that
turned
out
to
be
a
good
air
and
now
we're
generating
all
of
these
binaries.
So
on
our
node,
which
is
here,
we
can
exit
out
of
our
SSH
command
and
let's
go
into
our
command
where
we
disabilties
binaries
that
are
mapped
back
to
our
local
filesystem
from
our
container
over
that
volume
that
we
passed
into
docker
run
so
go
source.
A
Yes,
we
can,
but
in
this
case
I
want
to
be
able
to
show
how
we
could
do
that
through
the
cubelet
and
through
the
queue
Bechdel
create
pods
command,
see
the
full
system
in
place.
But,
yes,
you
could
very
easily
to
get
your
local
workstation
up
and
running
and
invoke
the
C&I
plugin
locally.
If
you
wanted
to
just
by
defining
those
simple
commands,
thanks
for
the
good
vikrum,
so
s
copy
Ben
wait.
Where
are
we
already
already
it'd
been
so
flannel
bun
at
this?
A
This
is
the
syntax
press
copy
for
just
drop
it
off
in
my
home
directory
just
to
add
a
simple
colon
to
the
end.
So
you
do
that
and
we
just
copied
that
up
to
our
home
directory.
So
now
we
can
SSH
back
into
our
node.
Remember
this
red
node
is
our
ambassador.
This
is
where
all
of
our
work
will
be
scheduled
and
the
fact
that
we
only
have
one
note
in
our
kubernetes
cluster
is
making
this
whole
exercise
much
easier.
A
Otherwise
we
would
have
to
map
the
pod
to
the
node
and
then
Association
to
that
node
and
then
see
all
this
other
stuff,
but
by
only
having
one
node,
we
make
this
whole
thing
much
easier.
Okay,
so
what
we
want
to
do
now
is
go
to
sudo
up
and
let's
move
this
flannel,
and
this
is
like
the
malicious
hacker
coming
in
and
hacking
your
scene
hi.
All
your
C&I
are
belong
to
us,
then
flannel,
and
if
we
list
that
directory
see
my
vengeful
flannel,
you
will
see
the
user
and
group
is
Ubuntu
Ubuntu.
A
This
command
that
was
created,
it
looks
exactly
the
same,
but
if
we
go
to
slash
Tim
and
we
list,
we
can
see
that
we
have
some
files
here.
Let's
create
some
pods
exuberant
unease
and
actually
see
what's
what
happens
behind
the
scenes.
So
we
want
to
do
that
by
going
back
to
our
remember.
This
is
a
container
running
on
my
macbook,
so
we're
gonna
eggs
out
of
this
container
and
we
should
be
able
to
be
hey
apo.
We
see
that
nginx
is
running.
A
We
can
edit
our
engine
next
deployment
by
typing,
hey
edit,
deploy
nginx
where
we
have
replica
account
set
to
one.
You
can
use
K
scale,
but
in
this
case
I
just
like
to
do
things
a
little
more
and
we
scroll
down
here
to
our
replicas
equal
to
one
and
let's
go
ahead,
and
let's
do
replicas
equal
to
ten
to
see
what
happens
there.
So
we
do
that.
We
go
back
to
our
node
like
please
should
be
able
to
list
and
huzzah.
A
A
So
that's
exciting
to
see
how
flannel
is
starting
to
interact
with
the
various
containers
under
the
hood
here
and
how
the
cubelet
is
calling
out
to
the
flannel
plugin
tool
and
remember
the
whole
point
of
CNI.
Well,
the
two
main
points
of
C
and
I
are
both
to
enforce
the
what
am
I
trying
to
say
here:
network
policy
in
kubernetes
and
also
to
build
the
pod
Network
in
this
case,
flannel
is
only
building
the
pod
Network.
A
In
forest
network
policy,
you
can
use
calico
at
the
end
of
the
episode
we're
gonna
look
at
Canal,
which
is
this
wonderful
hybrid
of
both
flannel,
which
we're
like
today
in
calico,
which
we
looked
at
a
few
weeks
ago,
and
that's
how
the
three
is
this
sort
of
thing
together
and
we'll
look
at
this?
Really
cool
diagram
and
I
might
even
draw
a
diagram
too,
if
you
guys
are
lucky
okay.
A
That's
not
going
to
be
pretty
well
I
wanted
to
be
able
to
map
our
container
IDs
here
to
the
container
IDs
and
temp,
but
we
might
not
be
able
to
do
that
elegantly
because
of
the
amount
of
output
here
well,
either
way.
The
cubelet
is
passing
on
the
container
ID
to
the
scene,
I
and
then
expects
the
scene
I
plug-in
to
do
something,
and
then,
of
course,
the
flannel
daemon
is
going
to
go
ahead
and
take
action
and
create
what
it
needs
to
create
in
order
for
those
networking
normals
to
exist.
A
So
let's
go
back
and
let's
actually
tale
the
logs
of
the
flannel
demon
as
we
mutate
our
pods
and
see
if
we
can't
get
the
logs
to
do
some
interesting
things
for
us
along
the
way.
The
two
things
we're
gonna
be
looking
at
for
is
iptables
mutations
and
roundtable
mutations
due
to
flannel
doing
its
magic
behind
the
scenes
as
a
cubelets,
the
plugin
and
then,
as
the
demon
responds
to
that.
A
So
how
we
want
to
do
that
is
we
want
to
get
the
pod
in
our
cube
system,
namespace
board
flannel,
which
we
need
to
do
a
know
wide,
because
we
want
the
one
on
the
node,
which
we
said.
The
node
was
this
one
hundred
204.
So
this
is
the
name
of
the
pod
we
want
and
we
could
do
K
logs
name
of
the
pod
namespace
cube
system,
and
this
is
starting
to
look
cleaner
and
cleaner.
A
Let's
do
a
app
okay,
so
can
folks
at
home.
Can
you
swim?
You
zoom
out
a
little
bit
there
that
looks
pretty
good
okay,
so
we're
just
looking
at
log,
so
not
super
important.
If
you
can't
read
exactly
every
one
of
these
little
characters,
really
all
that
you
need
to
see
is
that
it
doesn't
move
when
we
do
make
a
change,
and
we
can
also
look
at
on
the
node.
What
is
it
IP
route
show
I.
Think
is
our
command.
A
Let's
try
this
again
and
we
can
see
that
we
actually
have
some
route
table
rules
to
find
it
as
well.
So
as
we
create
nodes
and
kubernetes
which
we
can
do
by
coming
into
amazon
dudu
and
changing
our
auto
scale
group,
we
can
actually
watch
see
and
I
sort
of
reason
about
all
this
and
make
changes
to
our
underlying
system.
For
us,
which
is
what
flannel
is
doing
so
auto
scale
groups-
oh,
it's
dude,
Amazon's
console
just!
A
Does
this
thing
in
like
really
weird
times
where
it
like
zooms,
all
the
way
up
where
you
can't
see
anything?
So
if
you
didn't
know
that
trick,
there's
this
button
over
here
that
you
press
and
it
like,
helps
you
out
and
whatever
it
looks
like
it.
Nothing's
loading
really
weird
glitch
I've
noticed
it
for
like
over
a
year
and
Amazon.
You
wonder
why
nobody's
ever
reported
that
anyway.
So
let's
go
to
our
node,
let's
edit
this
for
yes
G,
let's
edit
this
for
our
yes
G.
A
A
Okay,
so
that
doesn't
seem
to
be
working
right
now
we
can
come
back
and
try
it
here
a
little
bit
and
then
I
wanted
to
really
quick
since
we're
already
an
hour
and
15
minutes
into
the
episode
talk
a
little
bit
about
the
differences
between
calico
and
flannel
and
canal,
and
then
hopefully
we
can
demonstrate
some
IP
table
mutations
as
we
create
pods
and
define
some
things
in
kubernetes
Duffy
says
you
could
collapse
the
two
below
the
window.
The
UX
is
rough.
Oh
Brad
Brown
agrees.
A
A
Amazonas
hard,
okay,
so
three
three
and
three:
let's
come
over
here
and
let's
save
this
Duffy
says
so
many
times
that
has
burned
me
same
here,
zzz
thanks
for
your
help,
folks,
Brad
and
Duffy.
Okay.
So
now
we
should
be
able
to
come
to
our
instances,
and
hopefully
we
should
see
some
some
new
instances
coming
up
here
as
we
scale
our
cluster
okay,
we'll
check
here
in
a
moment,
but
let's
go
make
sure
we
have
everything
kind
of
back
here
at
the
ranch
ready
to
go.
A
A
Making
these
bottom
squares
a
little
bit
smaller,
which
is
different
than
the
diagram
in
the
github
repo,
because
I
want
to
talk
about
all
of
the
different
things
that
each
of
these
components
doing
so
the
first
one
is
with
canal
you
get
calico,
which
is
going
to
do,
which
we
know
does
both
Network
policy,
so
I'm
going
to
say
network,
and
it
also
does
actually
network
policy
calling
that
and
that's
going
to
be
confusing.
Let's
call
this:
let's
make
this
a
bit
bigger.
A
A
Network
policy
won't
be
doing
pod
network
and
we're
actually
using
flannel
to
do
our
pod
network,
which
is
actually
significantly
simpler
than
how
calico
doesn't
because
flannel
just
sets
up
a
single
bridge
for
everything
and
then
routes
everything
through
that
bridge,
whereas
calico
does
it
a
little
bit
more
in
a
more
complex
way
and
if
you
actually
look
at
the
underlying
implementation,
there's
a
lot
going
on
there.
So
you're
sort
of
exchanging
this
like
complexity
for
simplicity,
and
you
get
this
hybrid
solution
of
canal.
Where
you
have
this
wonderful
implementation
of
network
policy
with
calico.
A
Remember
that
calico
actually
goes
above
and
beyond
kubernetes
network
policy
and
actually
defines
its
own
network
policy
in
a
similar
way
that
see.
Liam
did
but
you're.
Also
getting
this
very
simple,
very
elegant
implementation
of
flannel
behind
the
scenes
as
well,
which
is
one
of
the
reasons
why
canal
even
exists,
and
is
this
really
good
hybrid
solution
of
flannel
that
we're
looking
out
today
in
calico
that
we
looked
at
in
the
past?
A
And
if
you
look
at
providers
like
cops
in
Cuba
corns
and
a
lot
of
the
major
cloud
providers
getting
canal
up
and
running
on
them
is
not
impossible
and
maybe
in
the
future
or
at
the
end
of
the
episode
or
the
end
of
the
series.
We
can
look
at
canal
as
a
CNI
implementation.
But
for
this
episode,
I
kind
of
wanted
to
do
the
two
bare
components
like
the
to
primitive
components
and
then
just
talk
about
how
canal
is
just
basically
a
configuration
layer
that
configures
them
on
top
of
each
other.
A
A
A
And
it
looks
like
we
have
some
nodes
up:
let's
go
back
to
our
terminal
and
we'll
go
here
which
we
know
is
my
local
macbook
zoom
in
a
little
bit
and
we
can
do
k
get
nodes
and
we
can
see
that
we
have
more
nodes
to
find
and
let's
go
and
let's
see
what's
going
on,
we
have
a
broken
pipe
here.
That's
interesting!
Okay!
So
if
we
do
an
IPO,
let's
see
two
up.
A
First,
you
know
IP
route
show
you
can
see
that
we've
actually
got
new
routes
defined
as
new
nodes
come
up,
which
is
very
exciting,
because
now
we're
actually
mutating
the
route
system
or
the
route
file
ohmygosh
route
table
on
her
local
node.
To
talk
to
the
other
nodes
in
our
cluster
as
they
came
up
and
if
we
look
at
our
IP
tables
rules
here,
I
don't
see,
anything
has
changed.
A
So
let's
go
back
to
our
auto
scale
group
and
let's
just
change
this
back
to
one
so
actions
edit
our
yes,
she
changed
you
back
to
one,
and
we
should
very
shortly
be
confident
that
all
of
our
pods
are
back
to
running
on
either
the
same
node
we
were
on
before,
hopefully
or
a
new
node,
which
we
will
SSH
into
as
well.
And
if
we
look
at
the
source
code
here
for
a
flannel,
this
is
the
flannel
demon.
That's
actually
going
to
be
mutating
the
IP
tables
rules,
as
we
edit
a
service
tom,
says.
A
Think
I
was
able
to
get
an
IP
tables
mutation
by
adding
a
host
network
in
one
of
the
services,
but
if
not
I'm
already
give
that
a
go
and
see
what
happens
and
if
not,
then
we
can
hopefully
try
to
find
an
example
later
downstream
on
another
episode,
where
we
we
do
some
matting
and
actually
see
VIP
tables,
doing
the
magic
translation
for
us
from
going
from
one
pod
to
some
arbitrary
rule
outside
of
the
cluster,
which
is
good
to
know.
Thank
you
for
the
a
good
pointer
there.
A
A
Okay,
so
those
instances
are
still
up,
so
we
still
have
pods
for
finals.
So,
let's
give
it
a
few
more
moments
and
let's
see
if
we
still
have
our
instance
here,
we
do
not.
So
let's
go
back
to
Amazon
and
see
what's
going
on
in
Amazon,
we'll
have
to
find
our
new
one.
That's
left
over
I'm,
assuming
its
first
in
first
out
with
aSG's,
which
is
a
really
good
question.
A
So
tom
says
the
pod
network
is
static.
It's
the
big
/
16
range.
Each
node
gets
allocated
a
smaller
range
by
default,
a
/
24.
So
let's
SSH
Ubuntu
at
blah.
You
have
a
new
IP
address.
Let's
see
go
up,
let's
make
sure
we
have
some
containers
running.
We
do
and
let's
go
back
and
let's
run
this
command
again,
I'm
much
shorter
than
before.
A
So
now
the
rescue
/
Nettie's
is
finally
catching
up
and
let's
look
at
cube
flannel
running
on
our
new
node,
which
is
this
pod
k,
logs
paste
name,
space,
cube
system,
f,
bob
says:
asp
policy
by
default
kills
the
old
first
I'm.
Assuming
you
mean
old
notes.
First
and
it's
configurable
Tom
says
the
nat
rules
are
just
saying
if
he
packet
us
from
inside
this,
like
16
and
Dustin's
for
outside
the
/
mattad,
okay,
so
Tom.
That
makes
a
lot
of
sense.
A
Basically,
what
tom
is
saying
is:
if
it's
going
from
the
broader
slash
to
16
to
the
smaller
slash
24,
then
we
need
to
do
network
outlook,
network
address
translation
and
that's
where
the
IP
tables
rules
comes
in.
To
actually
do
that
network
translation
for
us
so
that
we
can
route
into
and
out
of
those
two
subnets.
What
does
he
need
to
know
involved
confirms?
Yes,
he
was
talking
about
news.
Okay,
so
I
really
want
to
do
this
because
we
trying
to
do
in
calico.
A
If
I,
think
of
an
easy
way
to
do
this
other
than
was
it
K
exposed
connect,
cool
expose.
What
is
the
syntax
here?
You
must
provide
one
or
more
resources.
I
might
not
be
able
to
remember
how
to
do
this
off
the
top
of
my
head,
but
it
would
be
really
handy.
A
We
might
not
have
time
to
do
it
this
week.
Let's
see
it
like
if
we
could
Google
this
and
like
the
next
like
five
seconds,
if
we
can
queue
Bechtel
expose
deployments,
exposing
an
external
IP
address,
I
think
this
is
what
we
won't
do
here
we
go.
This
is
exactly
what
we
want.
I
knew
there
was
a
command
for
this
okay,
so
let's
go
back
so
keep
back
to
expose
deployment.
So
the
name
of
our
deployment,
which
is
engine
X,.
A
Yeah
Duffy
got
it
as
well
and
Tom
says
if
anyone
is
interested
in
the
nitty-gritty
details
of
how
flannel
does
VX
LAN
I
document
in
the
top
of
the
go
file
in
the
flannel
repo.
Thank
you
for
that
Tom.
We
can
look
that
here
to
second
and
Duffy
is
continuing
with
our
expose
deployment,
which
I
think
I
got
here
in
front
of
me.
So
I
think
we're
good
we're
gonna
go
forward
with
this
type
load.
Balancer
named
recall
this
tgia
engine
ex-service
couldn't
find
port
via
the
port
flag.
A
A
A
Thank
you
for
your
hard
work,
Tom
and
all
C&I
engineers
for
that
matter,
because
we
wouldn't
be
where
we
are
today
without
you,
yeah
absolutely
you're.
Welcome
to
okay,
so
still
trying
to
work
on
iptables
rules
here
open
to
ideas.
If
anybody
wants
like
like
the
goal
here,
we
just
want
to
see
the
a
flannel
demon
at
an
IP
table
rule.
Let's
go
back
and
look
at
our
pods
and
services
and
see
what's
going
on,
do
do
so
kay
get
service.
A
A
A
Let's
actually
do
this,
let's
not
save
it.
Let's
K
delete
service.
What
was
it
TGI
K
engine
X
service-
and
let's
do
this
again,
but
instead
of
typing
people
to
load
balancer
list,
you
type
it
go
to
house
port,
and
so
what
happens
here?
Then
we
can
try
cluster,
your
IP
as
well.
Yeah
duffy!
That's
all
we're
looking
for
close
to
write,
P,
external
name,
no
port.
Why
did
I
say
host
port
I
feel
like
I,
always
do
that.
Thank
you,
Tom
yeah!
A
Well,
these
names
are
interesting
because
they
make
sense
in
the
implementation,
but
it's
kind
of
hard
and
confusing
for
users
upstream
so
again,
like
kubernetes,
is
doing
this
delicate
dance
of
trying
to
get
the
abstractions
and
the
name
is
right
and
we
get
it
right,
sometimes
and
other
times
it
can
be
confusing.
But
in
this
case
node
port
is
the
E
string.
We
were
looking
for
and
if
he
says
it,
cuz
it
doesn't
need
to
write.
This
whole
network
is
the
rule
that
exists.
That's
what
I'm
thinking
Guffey,
but
again
we
can.
A
We
can
poke
at
this
on
a
later
episode
as
well,
when
I
have
some
more
time
to
prepare
a
better
network.
Address
translation
example,
I'm
kind
of
like
just
trying
this
here
at
the
end,
because
we
had
a
little
bit
of
extra
time.
It
looks
like
tom
agrees
with
Duffy
still
nothing
here,
I'm
gonna
say
that's
good.
Let's
maybe
Duffy
you
can
work
with
me
and
we
can
get
an
example
of
using
IP
tables
to
do
some
Madi
and
either
with
flannel
or
maybe
even
canal
or
a
different
scene,
I
provider.
A
I
think
this
is
good
for
today.
Flannel
is
a
pretty
bare-bones
implementation
and
we
ever
able
to
kind
of
glue
everything
together
and
learn
about
how
flannel
works
and
learn
about
VX
land
behind
the
scenes
and
how
it
doesn't
use
multicast.
So
being
that
we're
an
hour
and
30
minutes
into
the
episode
already
I'm
gonna
do
the
thing
where
I
go
back.
To
my
face
and
I
say,
thank
you.
A
These
last
few
minutes
are
kind
of
like
the
fun
time
where
we
get
to
say
goodbye
to
everyone
and
thank
everyone
for
joining,
and
so
one
of
the
things
I
always
do
at
the
end
of
an
episode
is
I
always
have
this
filler
moment
like
right
now,
where
I'm,
talking
and
folks
say
goodbye
and
ask
questions,
and
you
need
like
a
minute
or
two
to
kind
of
like
fill
it
with
some
information.
So
in
this
case
I
thought
what
better
than
to
look
at
pictures
of
my
vacation.
A
While
we
have
these
last
extra
like
minute
or
two
of
stuff
to
talk
about
so
in
this
case,
I
have
pulled
up.
Some
pictures
from
my
Instagram
I
picked
this
one
in
particular,
because
I
am
wearing
flannel
and
I
go
back
to
my
screen
here
and
and
we're
talking
about
sales
today.
But
this
is
me
ice
climbing
in
the
flannel
dress,
because
that's
what
I
do
on
a
vacation.
A
It's
a
german
word,
and
if
you
can't
really
tell
here,
but
this
whole
crack
on
the
upper
right
side-
is
about
the
size
of
a
cruise
ship
and
several
hundred
feet
of
solid
ice,
and
you
can
see
it
from
seattle
and
it
looks
like
a
little
teeny
tiny
line
near
seattle,
but
you
get
up
next
to
it,
and
it's
actually
this
this
monolithic
crack
that
we
had
to
walk
along
where
the
the
ice
had
broken
so
anyway.
These
are
pictures
from
my
vacation.
I
had
a
great
vacation,
I'm
excited
to
be
back
to
work.
A
I
feel
really
good.
I've
gotten
a
lot
done
already
this
week
and
we're
gonna
have
a
lot
of
fun
in
the
upcoming
tik
episodes.
So
let
us
know
if
you
have
any
ideas
for
other
CI
implementations
you
looked
at.
If
there's
something
we
miss
along
the
way
that
you
would
like
to
see
big
shout
out
to
Tom
thanks
to
everybody
for
joining,
it's
been
a
wonderful
episode
on
flannel
and
C&I,
and
hopefully
we
got
to
learn
a
little
bit
about
the
kubernetes
release
process
and
how
all
of
this
C&I
stuff
kind
of
fits
together.
A
So,
let's
see
what
we
have
going
on
in
chat
tom
says
great
explanation
of
lanolin
canal
tom
says
thanks.
This
thinks
Chrissy
was
very
interesting,
become
says
thanks,
Michael
I
guess
is
going
back
to
AWS
cloud
provider.
He'll
see
you
later
Michael
and
thanks
Tom
for
the
awesome
and
Vikram
says:
AWS
VP,
CCNA
yeah,
that's
one
of
the
ones
that
we've
been
working
on
in
Sydney,
AWS
or
actually
I
shouldn't,
say:
we've
been
working
on,
but
the
folks
at
Amazon
I've
been
working
on.
A
That
would
make
a
good
one
as
well,
and
we
can
learn
how
the
cloud
providers
specific
implementation,
II
bits
are
relevant
to
the
networking
in
kubernetes.
That
might
be
a
good
lesson
to
learn.
Looks
like
Duffey
also
agrees
yeah.
It
would
be
a
good
one,
so
maybe
we
can
see
that
one
up
I
know
we
wanted
to
do
weave,
which
I
think
we
might
do
that.