►
From YouTube: TGI Kubernetes 041: Traefik
Description
Come hang out with Kris Nova as she does a bit of hands on hacking of Kubernetes and related topics. Some of this will be Kris talking about the things she knows. Some of this will be Kris exploring something new with the audience. Come join the fun, ask questions, comment, and participate in the live chat!
A
Hey
welcome
to
tgia
this
week.
Everybody
one
o'clock
here
in
Friday
afternoons
live
from
the
FTO
studio.
We
a
do
a
live,
interactive
version
of
exploring
kubernetes
and
we
always
focus
on
some
specific
tool
in
the
open-source
community
and
we
talk
about
what
happened
in
kubernetes
over
the
past
week
or
so
last
week.
I
was
out
and
Joe
is
on
vacation,
so
we
took
a
week
off
and
we
are
we're
back
this
week.
So
it's
good
to
see
everyone
and
we
like
to
do
the
first
part
of
the
episode
here.
A
So
this
episode
is
like
specially
for
you,
Tarun
says
hello,
Chris,
hope,
you're,
feeling
better
yeah,
so
I
guess
real,
quick
speaking
out
would
be
feeling
better
and
it
looks
like
we
had
Shawn,
say:
I,
hope
your
your
hand
is
healing
up
nicely
so
not
last
weekend,
but
the
weekend
before
I
was
in
a
mountaineering
accident
and
I
injured
my
hand.
So
that's
why
I
was
unable
to
come
and
do
tak,
because
I
would
be
typing
with
one
hand.
A
So
this
week,
I've
got
like
some
tricks
to
help
me
navigate
terminal
with
like
one
and
a
half
hands
so
I'm,
like
almost
back
to
my
full
normal
UNIX
terminal
skills.
Are
you
here
and
we'll
talk
more
about
that
a
little
bit
later,
so
other
folks
are
saying
hi.
So,
let's
see
what
we
who
we
all
have
here.
This
really
is
like
my
favorite
part
of
tgia.
So
we
said:
how
do
you
love
maddie?
A
We
saw
Sean
Jo
soo
good,
to
see
you
too
rune
orissa
hi
to
you
Carlos
good,
to
see
you
hello
from
Havana.
We
have
somebody
named
gift
in
hello
from
Maine
good
to
see
you
Felix
norm
is
here
hello
from
London
Marco,
our
friend
good,
to
see
you
again:
Marco
Roy
goose
from
Germany
Craig
Nicholson
from
Elena.
A
A
If
you
had
the
day
off-
and
it's
like-
oh
it's
Thursday,
but
it
kinda
feels
like
Monday
but
for
some
reason,
also
kind
of
feels
like
Friday,
so
interesting
holiday,
Tim
good
to
see
you
welcome
to
hep,
do
a
happy
Friday.
We
have
Daniel
from
Edmonton.
We
have
hai
from
Oulu
Finland.
We
had
the
moons
like
the
one
place
in
Europe.
A
I
haven't
been
that
I
really
really
want
to
go
to
hi
from
Norway
Samuel
hi
from
Brazil
Michael
sings
says:
hey
still,
not
sure
how
I
feel
about
architecting,
so
back
story
on
the
word
architecting,
as
we
found
out
on
Twitter.
That's
actually
not
necessarily
proper
English
to
use
that
word
so
I
think
the
proper
vernacular
to
use
is
architect
to
architect.
One
will
architect
something
one
is
not
architect
the
aimed
something,
but
in
software
engineering,
I
think
architecting
is
pretty
common.
A
A
So
let's
learn
about
what
happened
in
kubernetes
this
week
and
then
we'll
jump
into
a
traffic.
A
little
bit
later
looks
like
you
still
have
some
folks
in
the
chat
over
on
the
side.
Saying
hello,
so
I'll
come
back
and
check
on
you
in
a
little
bit
and
let's
see
what's
going
on
in
our
handy-dandy
repository,
so
for
folks
that
don't
know
we
created
the
hefty
ot
gik
repository
like
a
month
or
two
ago
like
it's
been
we've
been
using
it
for
a
while
we're
ready
up
to
136
stars
which
translate
to
invisible,
github
points.
A
That
mean
absolutely
nothing
and
we
do
a
directory
for
every
episode
here
in
our
episodes
directory
and
this
week
we
are
on
episode,
41
wow
I
can't
believe
we
would
have
already
done.
41
TGI,
K's
I
feel
like
I,
still
remember
the
tweet
that
Joe
put
out
when
kept.
You
first
started
what
he
was
doing,
the
very
first
T
gik
like
I,
don't
even
think
it
was
called
TGI
K,
then
I
think
it
was
just
like
afternoon,
kubernetes
with
Joe
so
anyway
exciting
to
see
that
already
up
to
40.
A
A
But
it's
here
for
folks,
if
you
want
to
check
it
out,
the
traffic
documentation
actually
has
a
cooper
net,
a
specific
user
guide
and
we'll
probably
be
going
through,
maybe
1/2,
to
3/4
of
the
actual
examples
here,
and
it
works
pretty
well
and
we're
gonna
do
a
lot
of
this
live,
but
you
get
like
the
québec
tool
will
apply
minus
F
statements
as
you
go
through
the
docs.
So
this
is
really
interesting
if
you
want
to
learn
about
traffic
and
learning
about
some
of
the
kubernetes
resources
along
the
way.
A
There's
some
good
examples
and
we'll
talk
a
little
bit
about
sort
of
some
do's
and
don'ts
of
the
examples
we
see
here.
The
one
thing
I
really
like
about
the
documentation.
Is
it
actually
shows
you
the
amyl
here
and
then
it
gives
you
the
québec
to
apply
statement
below
so
there's
still
a
chance
that
this
might
do
something:
that's
not
highlighted
in
the
documentation,
but
as
long
as
we're
you're
cross-checking.
A
A
Next
up,
we
I'm
gonna,
totally
totally
toot.
My
own
horn
here
on
TGI
K
I
wrote
this
tool
for
for
ami
called
cracks
and
I
actually
found
out.
It's
actually
been
really
handy
for
me
if
we're
using
kubernetes
with
only
one
hand
why
my
hands
been
totally
repairing
and
over
the
past
week
or
so,
and
I'm
gonna
spend
maybe
five
minutes
doing
a
quick
demo,
we'll
use
it
live
during
the
tea
gik
today
and
then
I
just
want
to
show
you
folks
at
home
how
the
code
is
implemented.
A
Somebody
asked
me
recently
for
an
example
of
a
great
link
to
list
and
go
and
we're
totally
using
and
abusing
linked
lists
and
go
in
in
this
example.
So
we're
gonna
have
a
quick
little
go
one
at
one
moment
where
we
can
look
at
how
to
write
a
linked
list,
but
really
quick.
If
you,
if
you
have
a
working
kubernetes
cluster
up
and
running
you
can
you
know,
take
it
notes.
A
We
all
know
that
okay,
as
my
alias
for
queue
Bechdel-
and
we
know
that
you
know
short
for
nodes,
so
that
was
just
a
cube
actor
nerds
command.
But
now
that
I
know
I
have
a
working
kubernetes
cluster
and
my
cube
config
is
set
up
I.
The
program
cracks
actually
vendors
in
the
cube,
config
parsing
libraries
from
kubernetes
and
will
read
your
cute
config
automatically,
and
you
can
run
it
and
it's
this
interactive
Explorer,
where
you
can
actually
go
in
and
see
all
the
resources
running
in
your
kubernetes
cluster.
A
So
like
right
now
we
have
a
very
basic
cluster
I,
just
spun
it
up,
40
gik
today,
so
there's
not
really
anything
interesting
going
on
right
now,
but
after
we
do
you
like
install
traffic
and
we
can
actually
get
some
stuff
inside
of
our
cluster,
we'll
be
able
to
come
in
and
explore
it.
So,
just
to
give
you
a
quick
example,
we
can
like
go
to
keep
system
and
we
can
see.
Oh,
we
have
these
deployments
here.
We
have
a
couple
of
daemon
sets
here.
A
Our
navigate.
Give
me
two
seconds:
I'm
gonna
turn
my
volume
down.
Do
you
do
output?
It
mute?
Let's
see
if
that
works
for
us
or
not.
So
anyway,
we
can
go
and
get
explore.
Deployments
and
daemon
sets.
Let's
go
into
this
demon
set
call
will
do
with
a
deployment,
will
do
keep
control
and
we
can
come
in
here.
We
can
do
get
pods
and
we
can
see
there's
a
pod
there,
and
then
we
select
a
pod
and
then
I
can
like
edit.
The
pod
I
can
get
logs.
A
I
can
like
shell
exactly
directly
into
the
pod
and
like
actually
navigate
the
pod
and
then
I
can
like
get
out
of
here
and
then
it
brings
me
back
to
my
menu
and
then
when
I'm
finally
done
exploring
kubernetes
I
can
control
sea
and
eggs
that'll
the
whole
thing.
So
it's
a
lot
easier
for
a
person
with
one
hand
or
a
person
who
doesn't
want
to
do
like
I
can't
get
pio
every
five
seconds
to
kind
of
navigate.
A
The
resources
in
their
cluster
and
then
perform
some
commonly
used
tasks,
so
how
the
whole
thing
works
is
if
you
go
into.
Let
me
pull
up
the
code
here.
You
go
into
the
source
code.
We
have
one
package
that
you
need
to
concern
yourself
with
and
it's
called
Explorer
and
we
have
this
interface
called
explorable
and
it's
got
lists,
run
prompt,
execute
and
kind,
and
then
every
one
of
the
different
layers
of
the
kubernetes
resources
implements
an
explorable
interface.
A
So,
like
let's
do
a
deployment
here,
you
can
see,
we
have
a
list
and
we
have
a
run
prompt
and
we
have
execute.
And
if
you
look
up
at
the
top,
we
have
a
pointer
to
a
previous
item
and
we
have
previous
Explorer,
which
is
a
not
necessarily
a
pointer
but
a
reference
to
another
explorable
interface.
So
we
like
build
all
of
these
different
kubernetes
objects
together
and
then
I
was
a
user.
A
You
can
go
in,
you
can
navigate
from
one
to
the
other
and
you
can
go
up
or
you
can
go
down,
which
is
exactly
how
a
linked
list
works
so
getting
to
see
like
linked
lists,
applied
to
mapping
out
kubernetes
resources
and
go
pretty
exciting
stuff
and
pretty
easy
to
grok
as
well.
So
if
anybody
wants
to
contribute
feel
free
to
open
up
the
PR,
it's
pretty
simple
code
days
and
we
hope
to
see
contributions.
A
So
thanks
for
checking
that
tool
out,
let's
see,
let's
go
back
to
our
TGI
K
repo
here,
so
the
next
one
I
feel
like.
If
you
were
on
Twitter
at
all
this
week,
you
totally
saw
tweets
asking
for
proposals
in
China
and
for
cube
con
China
and
I
feel
like
here
until
you
I
K.
We
have
like
totally
a
global
audience
like
every
time
we
do.
This
I
feel
like
there's,
there's
like
people
from
all
over
the
world.
A
A
Think
I've
mentioned
this
once
or
twice
for
a
cube
con
Seattle
and
I
just
love
coming
to
this
website,
because
it's
got
a
picture
of
Mount
Rainier
and
then,
if
you
look
right
here
above
the
Inn
and
Convention
Center,
that's
that's
Liberty
Ridge!
That's
the
ridge!
Ayah
I
fell
on
when
I
broke
my
hand
a
couple
weeks
ago.
So
this
is
like
really
close
to
home
for
us
here
in
Seattle,
and
it's
gonna
be
really
exciting
for
us
at
FDA,
so
I'll
be
submitting.
Cfps
made
a
lot
of
other
people
will
as
well
same.
A
Piece
of
advice
goes
out
there.
If
anybody
wants
some
help
or
somebody
to
look
at
it
feel
free
to
ping.
Me
I'm
happy
to
spend
a
few
hours
on
a
Saturday
looking
at
your
CFPs
and
giving
you
some
pointers
along
the
way.
So
we
have
two
CFPs
out
there
for
kubernetes
specific
conferences
and
last
but
not
least,
this
was
kind
of
an
exciting
week
because
we
finally
released
1.11
so
congrats
to
the
release
team
I
usually
make
it
a
point
to
at
least
scroll
through
and
look
and
kind
of
just
see.
A
What's
been
going
on,
I've
been
out
of
the
release
loop
for
the
past
couple
of
versions,
because
I've
been
so
busy
with
other
things,
but
there's
a
really
good
resource
here.
If
you
want
to
go
and
read
the
the
change
logs
and
see
what
what
the
new
version
of
kubernetes
has
in
store,
I
know,
we
were
expecting
a
lot
of
things
for
CR,
DS
and
I.
Think
some
some
other
features
moved
out
of
alpha.
But
you
can
come
in
here
and
you
can
see.
A
I
know
the
dynamic
cubelet
configuration
was
a
huge
one,
getting
that
moving
to
beta
that
allows
you
to
dynamically
configure
your
cubelet,
so
they
don't
have
to
restart
it.
So
you
can
reload
configuration
and
you
don't
have
to
restart
the
cube,
which
is
pretty
handy.
Here's
a
CRT
stuff.
You
can
now
define
multiple
versions,
so
yeah
kubernetes
is
growing
and
getting
like
better
harder,
faster,
stronger,
every
version,
so
hats
off
to
the
release
team
and
it
looks
like
we
had
a
lot
of
people
in
chat.
A
So
I'm
gonna
spend
a
few
a
few
minutes
here,
catching
up
on
chat
and
see
what
folks
have
been
saying.
So
we
had
some
more
hellos.
We
have
greeting
from
Poland.
We
have
somebody
from
France
Germany,
see
folks
from
all
over
the
world.
I
love
it.
So
much
greetings
from
Cologne
Leonardo
says
cracks
is
cool.
Marco
says
it
looks.
Amazing
Shawn
says
can't
wait
for
September
to
find
out.
If
my
CFP
gets
accepted,
Aaron
says:
what's
the
medium
to
reach
out
for
help
with
a
CFP
Aaron
feel
free
to
you
can
tweet
at
me.
A
A
A
Like
did
you
do
it
this
morning
or
when
did
you
get
the
the
def
ensure
problem
that
you
mentioned
because
I
know
we
had
somebody
open
up
the
pr
to
remove
the
vendor
directory
and
I
riad
a
bit
so
that
go
get
would
work
anyway,
hello
from
Turkey
with
engine
good
to
see
you
in
one
piece.
Thank
you
I'm.
Mostly
here.
All
seven
of
my
fing
are
working
well.
Diego,
hello
from
Norway
Aaron
says
thanks
Leonardo
Chris,
any
tips
to
start
to
learn,
go
laying!
Oh!
This
is
such
a
great
question.
Yeah.
A
Actually
we
can
add.
There's
this
thing
called
the
tour
of
go.
This
is
where
I
love
to
tell
people
to
go,
and
if
you
haven't
check
this
out,
you
should
totally
come
and
check
this
out.
It's
kind
of
interactive
and
the
best
part
is
it
uses
over
here
on
the
right.
You
get
this
like
real
time,
editor
that
you
can
actually
click
run
and
you
can
actually
go
in
and
run
and,
like
you
know,
you
can
change
this.
A
Like
hello,
I'll
say
hello,
Nova
I
can
come
here
and
I
can
run
this,
and
what's
going
on
here
on,
the
right
pane
is
we're.
Actually
vendor
een
like
in
an
iframe
I'm,
assuming
I,
think
it's
go.
Playground
is
what
it's
called
and
you
can
use
this.
This
is
really
handy,
especially
like
for
folks
like
who
right
go
professionally
at
work.
You
can
come
in
and
you
can
like
make
your
own
little
hello
from
TGI
K.
A
You
can
like
make
your
own
go
program
and
I
can
run
it
and
it'll
like
rate
for
the
remote
server
and
then
actually
execute
my
code
and
if
there's
like
a
syntax
error
to
yell
at
me,
but
more
importantly,
I
can
do
share
and
if
you
look
up
here
at
the
top
I
now
have
this
like
number
or
this
like
hash
and
I,
don't
see
if
I
can
drop
this
in
Chad
I
think
I
can
no,
no
everybody
can
go
see.
The
program
I
wrote.
So
it's
a
really
handy
way
to
share.
A
Go
programs
to
like
demonstrate
a
bug
or
maybe
you're
confused
by
something
or
there's
some
weird
behavior
of
the
go.
Compiler
seems
to
be
doing
so.
This
is
a
really
great
way
for
you
to
share
code
with
someone
that
they
can
come
and
look
at
and
understand.
What's
going
on
and
then
run
it
right
here
in
their
browser
and
they
don't
have
to
have
their
go
environment
set
up.
Also,
if
you're
learning
go
another
good
one
that
a
lot
of
people
don't
know
about
is
go
played
out
space.
A
So
this
is,
somebody
came
in
and
took
what
we
just
looked
at
and
like
it
turned
it
up
a
notch,
and
now
you
get
like
real-time
in
the
right
side.
If
I
like
select
like
foots
and
print
line
and
stuff,
you
get
like
real-time
documentation
in
the
right
pane,
but
you
still
get
all
the
same
convenience
of
being
able
to
run
your
program
and,
of
course
this
one
says:
concurrency
is
not
parallelism,
which
is
a
famous
quote
from
Rob
Rob
Pike,
which
I'll
try
to
find
the
video
for
that
one
there's
a
video!
A
Actually,
you
can
just
do
right
now,
I'm
going
to
add
all
this
stuff,
the
repo
Rob
hike
concurrency
is
not
parallelism,
parallelism
BAM!
What's
that
this
did
TJ
okay,
so
this
is
another
great
resource
for
folks
who
want
to
write,
go
and
learn
about
go
concurrency.
So
let's
go
back
here
and,
let's
add
a
few
links,
and
you
guys
all
know
I
like
to
to
cheat
and
edit
these
files
directly
and
github.
It
just
makes
a
little
bit
quicker
over
here
on
the
air.
A
Okay,
so
here
is
the
Rob
Pike
video
that
everybody
who
writes
go
I
feel
like
should
watch,
and
here
is
the
tour
of
go
that
gives
you
like
a
step-by-step
first.
You
need
to
learn
this
and
then
we're
gonna
go
over
loops
and
then
we're
to
go
over
concurrency
and
we're
going
to
go
over
assigning
variables,
and
it
kind
of
like
goes
through
the
process
of
learning
everything
you
need
to
go
through
about
go
down
here
at
the
bottom,
as
you
like
can
go
through
the
slides
here.
A
So
this
is
like
kind
of
like
a
working
textbook.
You
can
go
through,
so
we
want
to
share
this
link
as
well,
and
we
also
want
Gil
played
out
space,
because
this
thing
is
just
really
rad
cool,
so
there's
some
intro
to
go
links
for
folks
if
you're
interested
in
learning
more
those
are
kind
of
where
I
started
and
I
found
a
lot
of
people.
Other
people
who
have
started
there
have
had
a
lot
of
luck
as
well.
Let
me
commit
those
changes,
cool
Sean
says:
oh
I
didn't
know
about
go
play,
dot.
A
Space
Fernando
says
damn
this
looks
cool
or
darn.
This
looks
cool
and
Leonardo
says
nice,
ok,
yeah!
So
if
any
of
folks
have
any
other
questions,
there
are
some
great
resources
there
and
feel
free
to
share
your
own
resources
either
in
the
repo
or
you
know,
pull
folks
aside
offline
and
let
them
know,
but
anyway,
those
are
some
great
places
to
to
start
with
go.
So,
let's
go
back
to
our
repo
here
and
I.
A
Think
that's
all
we
that's
all
we
had
for
this
week
in
kubernetes,
like
I,
said
it
was
a
kind
of
a
quiet
week,
so
we
got
to
look
at
corrects
a
little
bit.
We
learned
about.
Can
you
start
it
with
go
and
we
got
to
see,
learn
about
some
CF
peas
and
we
saw
the
new
one
11
release
and
without
further
ado
BAM?
A
What's
learning
about
kubernetes
ingress
today,
ok,
so
I
guess
it's
probably
important
to
kind
of
start
off
with
like
let's
just
look
at
traffic
in
general
like
what
is
this
thing?
So
if
you
come
in
and
read
the
docs
here,
it
says
it's
a
modern
HT
TP,
reverse
proxy
and
load
balancer.
That
makes
the
ploy
microservices
easy
and
to
me,
when
I,
when
I
read
that
what
I
think
of
is
traffic
sort
of
acts
as
like
our
first
line
of
defense
to
incoming
HTTP
requests,
and
it's
very
specific
to
the
HTTP
protocol
so
like.
A
A
So
that's
the
first
thing
that
I
start
to
think
of
what
I'm
thinking
about
you
know.
What
is
traffic?
Is
it's
an
HTTP,
something
and
then
I
read.
It
says
it's
a
reverse
proxy
and
load
balancers,
okay,
so
a
reverse
proxy
kind
of
like
works
like
a
normal
proxy,
except
instead
of
approx
data
to
a
server
with
a
different
name
or
it's
an
approximate
to
to
a
server
internally.
It's
gonna
like
spread
it
out
horizontally
to
arbitrary
endpoints.
A
So
anyway,
that's
how
I
started
to
think
about
traffic
when
I
first
started
to
look
at
this
yesterday,
a
little
bit
and
I
kind
of
went
through
and
I
like
here's,
a
nice
little
diagram
here,
where
you
see
incoming
traffic
for
all
of
these
different
domains,
and
you
see
how
they're
all
getting
routed
to
different
servers
on
the
backend
here
and
you
hear
things
like.
A
Oh
it
supports
different
orchestrators,
which
means
you
know
it
can
support
docker,
swarm
or
May
so
sort
today,
we're
going
to
look
at
it
with
kubernetes
and
really
all
that's
happening
is
we're
just
using
various
Orchestrator
primitives
to
map
our
requests
so
like
in
the
long
long
ago.
Before
we
had
orchestration,
you
would
just
map
one
of
those
requests
to
like
a
server
or
an
IP
address,
or
a
domain
name
internally,
and
we
don't
have
to
do
that
anymore,
because
now
we
can
have
an
Orchestrator
that
can
like
spread
our
resources
out
for
us.
A
So
we
can
map
those
directly
to
some
sort
of
primitive
that
our
Orchestrator
gives
us
in
the
case
of
kubernetes
we're
going
to
be
mapping
those
two
services,
so
I
came
down
here
and
I
said:
okay,
what's
you
know?
What
are
the
big
features
that
they're
advertising
for
traffic
on
the
homepage?
The
first
thing
that
I
thought
was
really
exciting
was
continuously
updates.
A
To
respect
this
new
configuration
right
here,
it
tells
us
that
traffic
is
going
to
do
that
dynamically.
So
that's
pretty
exciting.
It
supports
multiple
load,
balancing
algorithms
so
like
load,
balancing
algorithms
are
how
we
we
decide
which
place
to
send
traffic
to
for
load
balancing
across
more
than
one
resource
on
the
back
end
and
like
a
really
common
one
is
round-robin
where
you
just
go
one
at
a
time
and
then
start
the
cycle
over
again,
but
there's
different
algorithms
that
allow
you
to
spread
your
load.
A
That,
like
makes
sense
a
different
scale,
so
it
looks
like
traffic.
Is.
It
supports
different
algorithms
there
as
well
other
than
that
it
looks
like
it
says.
It's
got,
HTTP
support
with,
let's
encrypt
to
me.
That
seems
like
a
pretty
unique
feature
here.
A
lot
of
egress
controllers,
like
kind
of
like
don't
concern
themselves,
would
TLS
as
much
so
if
this
gives
us
any
tooling
to
make
TLS
easier,
that's
gonna
be
pretty
rad
along
the
way
as
well
and
then
down
here.
A
We
look
at
all
the
different
supported
providers,
so
we
have
docker
and
we
have
dr.
swarm,
which
I
think
docker
was
originally
what
traffic
was
built
for
so
curious
to
see
if
and
how
this
changes
as
we
running
on
kubernetes,
but
it
looks
like
it
also
supports
meso
sand,
rancher
and
console
and
Eureka,
and
if
yes,
and
like
a
ton
of
other
different
providers
on
the
backend-
and
it
looks
like
all,
it
does-
is
kind
of
do
one
thing
and
do
a
well
it
balances
and
reverse
proxies,
which
is
ready.
A
A
Looks
like
Aaron
had
a
question.
One
annoying
thing
with,
let's
encrypt
is
that
you
can
really
easily
get
rate
limited
for
a
week
on
your
shoe
inserts,
so
I
think
what
Aaron's
trying
to
say
here
is
as
you're
creating
more
and
more
certificates.
The
lots
encrypt
service
only
allows
you,
as
a
single
user,
from
a
single
IP
address
to
create
so
many
certificates
a
week.
So
if
you
were
like
trying
to
make
more
than
five
certificates
a
week,
let's
encrypt
would
say
no
I'm.
Sorry,
that's
too
many
certs
for
you
this
week.
A
So
that's
like
something
you
have
to
be
mindful
of
so
this
just
because
it
says
it
supports.
Let's
encrypt
doesn't
mean
you
can
like
write
some
script
and
like
TLS
all
the
things
and
make
a
million
certificates,
and
it's
gonna
work
great,
like
you
still
have
to
like
either
pay
for
certificates
or
respect
the
the
limit
that,
let's
encrypt
the
free
version,
lets
you
get
and
I,
don't
know
if
it's
five
requests
a
week
or
not
I
thought
it
was
eight
I
want
to
say.
A
If
somebody
wants
to
cool
that,
let
us
know
that
would
be
helpful
and
without
further
ado,
let's
start
looking
at
kind
of
what
we're
gonna
do
today,
we're
gonna
go
through
the
user
guide
and
then
I
eventually
want
to
get
this
application.
That
I
built
for
my
velocity
keynote
last
month
up
and
running
and
we're
gonna
use
traffic
as
a
way
to
load
balance
to
our
a
stateful
application.
A
A
First
thing
we
want
to
do
is
we
want
to
configure
our
back
I
feel
like
looking
at
our
back
rules?
It's
like
such
a
classic
part
of
TGI
K,
but,
like
all
good
documentation.
This
is
where
we
start,
and
it's
really
nice
to
see
the
folks
at
traffic,
starting
out
with
a
security
minded
posture
while
showing
us
how
to
run
traffic
in
kubernetes.
So
the
first
thing
we
do
is
we
define
some
of
our
back
rules.
A
We
have
resources
that
were
opening
up.
We
have
services,
endpoints
and
secrets,
so
endpoints
here
is
the
first
one
that
kind
of
jumps
off
at
me.
If
you're
not
super
intimately
familiar
with
how
kubernetes
services
work.
There's
this
underlying
primitive
that
most
folks,
don't
even
know
exists,
called
an
endpoint.
That
sort
of
magically
is
created
whenever
you
create
a
service,
and
it
looks
like
traffic
might
be
doing
something
with
the
endpoints
directly
and
bypassing
the
higher-level
service,
abstraction
so
curious
to
see
how
that
whole
thing
works
as
we
explore
traffic
a
little
bit
further.
A
We
have
get
list
and
watch
so
we're
able
to
delete
to
get
certain
pieces
of
information
about
these
resources
were
able
to
list
them
and
are
able
to
watch
them
and
ultimately
respect
them.
As
dynamic
configuration
comes
through
over
our
watch,
which
is
how
controllers
and
operators
work
that
we
looked
at
in
some
of
the
previous
episodes.
So
we're
opening
up
the
extensions,
API
group
and
we're
saying
ingress
and
again
we
have
get
lists
and
watch.
So
those
rules
seem
pretty
sane
to
me.
A
I
think
the
only
one
that
I'm
just
curious
about
is
why
we're
opening
up
endpoints.
So
hopefully
we
can
find
any
answer
to
that
as
we
drill
down
into
the
code,
it's
actually
a
good
one.
This
thing:
next
we
have
a
cluster
rule
binding
and
we're
saying
the
traffic
egress
controller
and
we're
going
to
be
running
in
the
cube
system.
Namespace.
A
So
the
way
English
controllers
work
is
you
want
the
ers
controller
bit
to
be
running
in
cubes
system
and
then
you
can
actually
have
different
ingress
rules
that
live
in
different
namespaces
and
based
on,
where
you
put
the
namespace
or
the
rules
in
a
different
namespaces.
The
ingress
controller
does
different
things.
So
there's
a
little
bit
of
like
wonkiness
going
on
there,
but
I
will
do
a
real
time
example.
So
you
can
sort
of
see
the
different
behaviors
as
we
go
through
it.
A
So
I
have
already
gone
through
and
manually
checked
all
of
the
CMO
yesterday
and
what
we
see
here
is
actually
what
we're
gonna
get.
So
I'm
gonna
go
ahead
and
cheat,
and
just
do
this
straight
cue
back
to
all
apply
minus
F
in
sort
of,
like
trust
that
the
the
folks
over
at
traffic
haven't
maliciously
changed
their
UML
from
you
know,
noon
yesterday
to
today
I,
don't
think
that's
the
case,
but
hopefully
we
don't
get
our
cluster
totally
compromised.
A
So
we
can
grab
our
queue
back
to
apply
a
command
and
when
you
run
this
command,
it's
going
to
show
us
what
it
does
and
we
can
sort
of
do
a
quick
lazy
validation
that
we're
actually
getting
the
resources
that
the
the
yanil
on
the
webpage
tells
us
we're
getting.
So
we
can
paste
that
in
and
it
says
yes,
we
created
a
cluster
role
in
a
cluster
rolled
binding
and
those
are
the
names
that
were
defined
on
the
web
page.
So
this
so
far
so
go
looks
alright.
So
we've
opened
up
our
back.
A
A
Nolan
says
it's
20
a
week:
okay,
so
with
let's
encrypt,
you
can
do
up
to
20
TLS
times
a
week,
which
is
a
lot
more
than
five,
but
you
can,
when
you
five
re,
issuances.
Okay,
so
you
can
reissue.
You
can
revise
one
five
a
week,
welcome
from
Boston,
Elric
and
Sean
says
or
not,
even
that
they
changed
it,
but
they
it
got
compromised
me.
It
got
changed
okay,
so
we
just
created
our
Beck
rules
or
our
Beck
rules
and
our
cluster
rule
binding.
A
A
So
a
little
bit
different
strategy
there,
I'm
gonna
go
with
deployment
just
because
that's
what
I
install
this
with
yesterday
before
I,
even
read
this
part
and
I
like
to
kind
of
push
the
boundaries
of
the
documentation
a
little
bit
as
well,
so
we're
going
to
do
deployment
today.
So
here
we
have
our
service
account,
which
one
of
there's
two
of
them
defined
here:
okay,
so
yeah
this
top
one
here.
This
is
the
deployment
objects,
and
we
can
look
at
both
of
these
as
well
and
do
a
compare
and
contrast.
A
But
this
top
one
is
the
one
that
we're
actually
going
to
be
installing.
So
we
create
a
service
account
and
keep
system,
and
then
we,
the
very
next
resource
we
define,
is
our
deployment,
and
this
looks
pretty
straightforward.
This
is
a
relatively
short
deployment
definition
like
if
you,
if
you
look
at
a
lot
of
deployments
like
I,
do
you'll
know
that
some
of
them
are
like.
You
know
several
hundred
lines
long.
So
the
fact
that
we
can
kind
of
get
this
all
on
one
screen
is
pretty
pretty
convenient,
pretty
nice
and
so
yeah.
A
So
we
give
it
a
name.
We
tell
it's
gonna
run
in
the
cube
system.
Namespace
remember
this
is
an
ingress
controller,
so
it
needs
to
run
in
cube
system
labels,
we're
going
to
give
it
the
Kate's
app
label
and
the
traffic
ingress
lb,
we're
gonna,
say
replica
equal
to
we're,
giving
some
labels
to
match
on.
We
have
a
template
here
again,
giving
it
the
same
labels
that
we
see
all
over
kubernetes
deployments.
A
A
service
account
name
we're
gonna
map
that
to
the
service
account
we
created
above
grace
period
equal
to
one
minute
and
then
here
are
containers.
This
is
usually
like
the
first
thing:
I
look
at,
but
I
kind
of
like
to
go
through
everything:
40g,
okay,
yeah
we're
gonna,
just
pull
the
the
docker
hub
traffic.
It
image
we're
going
to
call
it
traffic
ingress,
alt,
B
and
we're
gonna
be
listening
on
port
80
and
it's
gonna
be
HTTP.
A
We're
gonna,
give
it
a
couple
of
arguments
here:
API,
kubernetes
and
log
level
is
equal
to
info
and
then
last
but
not
least,
we're
gonna
create
this
service,
and
the
service
has
the
selector
case,
F
equal
to
traffic,
ingress
lb
and,
of
course,
that's
going
to
map
to
our
deployment
buff.
So
now
we
have
service
and
we
have
that
mapping
to
deployment
and
real
quick.
Because
of
this,
the
way
that
kubernetes
does
the
string
matching
between
services
and
deployments
or
services
and
daemon
sets
or
stateful
sets
or
whatever.
A
It
happened
to
me
yesterday,
while
I
was
practicing
this
before
t
tik
having
this
ability
to
see
that
mapping
would
be
super
handy,
so
something
we
want
to
get
into
cracks
downstream.
But
anyway,
this
looks
good.
You
know
looks
like
it's
going
to
do
our
match
for
us
and
we
come
down
here
and
we
look
at
our
daemon
set.
We
can
see
this
looks
pretty
straightforward.
A
You
see
here,
yeah
traffic
deployment
amel
will
copy
that
and
we
can
come
in
and
we
can
apply
this
to
our
company's
cluster
you're
back
to
apply
minus
half.
So
we
created
our
service
account,
that's
good!
That's
what
we
looked
at.
We
created
our
deployment
and
we
created
a
service
for
it
and,
let's
just
really
quick,
do
a
quick
cracks
and
we
can
see
an
AR
keep
system
namespace.
We
should
now
have
yeah.
So
we
have
this
deployment
called
traffic
ingress
controller
and
we
can
go
and
we
can
get
pods.
A
It
doesn't
look.
Okay,
have
any
pods,
yet
I,
wonder!
Maybe
there's
a
bug
in
my
tool
here.
Let
me
see
if
we
can
I
can't
get
pods
namespace
cube
yeah.
So
it
looks
like
there's
a
bug
in
the
way
we're
doing
we're
looking
up
pods
but
either
way.
Here's
our
here's,
our
pod
and
I
bet
we
can
get
logs
on
this
thing.
Kay
logs
namespace,
cube
system,
BAM
and
yeah.
There's
our
log
level
info
and
we
can
do
a
F
to
follow
this.
A
And,
yes,
we
do
have
our
traffic
ingress
controller
up
and
running,
but
I
don't
think
we
have
any
numerous
rules
yet
so
how
you
can
check
and
see
if
you
have
any
ingress
rules
to
find
us
if
we
do
take
it
IMG
writing
short
for
us
and
we
can
just
go
ahead
and
we'll
do
all
namespaces
just
to
see
if
we
have
anything
to
find
in
our
cluster.
Sorry,
you
guys
are
gonna
have
to
watch
me.
A
A
Okay,
so
we
just
installed
that
controller.
The
controller
is
up
and
running.
We
don't
have
any
ingress
rules,
so
the
controller
has
nothing
to
do
so.
Let's
go
ahead
and
see
what's
next,
okay,
so
yeah,
it
said
check
the
pods,
which
we
just
try
to
do
that,
naturally,
anyway
and
yeah,
here's
their
cue,
Bechdel
namespace
keep
system
get
pods,
which
I
basically
ran
this
command,
just
a
shorthand
version
of
it,
and
it
showed
us
that
we
should
have
the
traffic
ingress
controller
running
in
the
cube
system
namespace,
which
we
were
able
to
verify.
A
A
Mini
human
I
absolutely
have
to
I'm
always
a
big
fan
of
actually
running
up
in
a
cloud
provider
somewhere
because
you
usually
get
like
the
load
balancers
and
you
get
the
physical
or
persistent
volumes
and
persistent
volume
claims
and
as
you're,
actually
looking
at
running,
like
the
full,
complete
feature-rich
components
in
kubernetes
running
in
a
cloud
with
a
configured
cloud
provider
usually
gives
you
a
little
bit
more
under
the
hood,
but
then
just
trying
to
run
it
locally
in
mini
cube.
So
when
I
first
started
working
in
kubernetes,
I
always
use
mini
cube.
A
Now
that
I
like
been
doing
it
for
a
couple
years
like
I,
always
just
do
it
up
in
the
cloud
and
I
know
that
that
way,
I'm
gonna
get
a
real
life
environment
and
I'm
gonna
get
real
life
configuration
and
we
don't
have
to
mess
around
with
any
of
the
local
like
hacking,
Etsy
host
or
any
of
that
stuff
along
the
way.
We're
actually
gonna
give
it
a
real
domain
and
do
the
same
the
real
way
so
yeah.
It
says
we
should
be
able
to
curl
our
mini
cube,
IP
and
get
a
404.
A
We
don't
have
that
yet,
but
I
bet,
let's
see,
I'm
wondering
what
our
service
looks
like
somewhere,
hey
get
SBC
I'm,
trying
to
see
how
we
can
also
get
to
a
404
here
locally
as
well,
but
instead
of
doing
it
locally,
actually
doing
it
with
a
public
Internet.
So
instead
of
curler
mini
keep
IP.
We
want
to
get
pods
and
cube
system.
A
I'm
wondering
let's
do
all
namespaces
I'm
wondering
where
the
dashboard
pot
is.
It
may
not
be
deployed
yet,
but
there
is
a
dashboard
that
should
come
on
with
traffic
as
well.
Let's
see
what
we
have
here
here
are
all
the
pods
running
in
my
cluster,
so
every
kubernetes
dashboard
but
I
don't
see
like
a
traffic
dashboard.
A
So
let's
try
to
just
hit
the
the
traffic
universe
controller,
as
is
so
how
we
can
do
that
is
if
we
look
at
our
service
defined
up
here
in
our
deployment,
we're
doing
type
equal
to
note
port
so
really
quick
way.
We
could
hack
this
really
quick
and
actually
get
a
load
balancer
in
front
of
our
service
to
actually
hit
that
pod
without
doing
like
a
port
for
it
or
anything.
It's
just
to
change
this
to
type
load
balancer.
So
let's
do
that
really
quick!
A
A
Okay
looks
like
suresh
is
agreeing
with
me
that
I
using
low
balance
or
type
service
as
well
so
right
now,
it's
node
port,
so
we're
going
to
edit
this
service
and
how
we're
gonna
do
that.
Maybe
okay,
edit
SVC
paste
in
the
name
of
our
service
name
space,
cube
system,
it's
gonna,
open
it
up
in
the
best
text,
editor
Emacs
and
we're
gonna
come
in
and
we're
gonna
scroll.
The
way
down
here
to
the
bottom
under
type
is
equal
to
node
port
and
it's
camel
case
with
a
capital
L.
A
This
is
just
one
of
those
like
tribal
knowledge.
Things
like
I
just
know
this,
because
they've
done
this
so
much,
but
you
can
just
change
this
to
type
load.
Balancer.
What's
really
cool
is
we
can
save
an
edit?
And
now,
if
I,
do
okay
get
service,
name
space,
cube
system,
I
know
that
I'm
gonna
want
to
add
this
Oh
wide
flag
to
the
end,
because
my
a
record
for
Amazon,
where
I'm
running
kubernetes
it's
going
to
be
super
long.
A
So
this
is
gonna,
tell
Kubek,
told
not
to
shorten
that
and
do
the
ellipses
thing,
and
it's
actually
gonna
give
us
the
full
of
your
boats
name
of
our
load
balancer
after
it
creates
it.
So
let's
do
K
get
SVC,
and
here
is
our
big
long,
publicly,
resolvable
name
for
our
load,
balancer
and
folks
at
home.
Don't
try
to
hit
that
yet
we're
gonna
get
you
a
friendly
domain
name
downstream
here
in
a
few
minutes
and
that's
what
folks
can
start
playing
with
this,
so
I
should
be
able
to
come
here.
A
We're
gonna,
give
it
a
few
seconds
to
kind
of
catch
up.
I'll
close
some
of
this
go
stuff
and
at
some
point
we
should
be
able
to
to
get
a
404
and
another
way
would
be
able
to
do
that
is
actually
opening
up
port
forward
on
port
80
localhost
to
our
pot
as
well.
So
if
this
doesn't
work,
we
can
try
that
second
approach,
but
I
want
to
make
sure
we
can
get
to
where
we
are
in
the
documentation.
A
Where
we're
getting
this
404
page,
not
sound
yeah,
and
that's
what
they're
doing
here
I
if
they're
saying
use
the
node
port,
if
you're
using
it
important,
but
we're
not
gonna,
do
that
we're
actually
trying
to
get
a
real
load
balancer.
So
why
is
I
wonder
if
it's
present
how
many
egress
rules,
let's
move
forward
and
see
what
we
can
do
see
if
we
can
get
this
404
by
adding
small
rules
and
actually
getting
that
controller
to
kind
of
come
to
life
a
little
bit
more?
A
So
the
next
thing
I
want
to
do
is
we're
gonna,
add
in
ingress
to
the
cluster.
So
here,
if
we
look
at
our
Inger
s,
this
is
one
ingress
rule
to
find
down
here
under
spec,
which
is
this
little
blog
down
here
and
earlier
I
mentioned.
Basically,
you
give
it
a
port
which
can
either
be
a
port
number
or
you
can
do
things
like
web
or
HTTP,
and
you
give
it
a
host
and
you
give
it
a
service
name
and
then
way.
A
A
Okay
for
all
of
my
ingress
rules,
what
services
it
meant
to
and
sort
of,
navigate
throughout
the
kubernetes
resources
based
on
these
soft
links
between
the
resources,
so
we
can
go
ahead
and
we
can
apply
this
ingress
rule
here
and
that's
going
to
map
to
the
service
that
we
just
open
it
up
with
service
type
load.
Balancers.
Let's
see
what
this
does:
okay
cool,
so
it
created
a
new
service.
A
A
Namespace
cube
system
we'll
see
that
we
now
have
two
traffic
services
yeah
exactly
okay,
so
we
have
the
ingress
service
and
we
have
the
traffic
web
UI.
So
I
think
we
we
did
this
backwards.
I
think
we
want
to
change
our
web
UI
to
service
type
load.
Balancer
Gabrielle,
says
I.
Think
the
ideal
is
to
have
some
nodes
for
ingress.
If
you
have
50
nodes
and
don't
use
up
to
50
pounds
for
traffic.
Also,
if
you
use
well
cárdenas,
you
can
point
it
to
getting
breast
nose.
A
Okay,
so
Gabrielle
is
just
saying
why
we
would
want
to
use
a
daemon
sets.
The
deployment
for
traffic
run.
Yes,
ingress
controller,
so
really
quick.
Let
me
meet
at
these
two
services
and
get
them
to
where
we
want
them
and
flip
out
these
service
types
between
the
both
of
them.
So
we
can
do
K
at
it
SEC
on
namespace,
cube
system
and
come
down
here.
A
So
this
is
type
cluster
IP
and
we
want
to
come
down
here
and
we
want
to
say
this
is
now
type
load
balancer
and
we
want
to
save
&
exit',
and
then
we
want
to
do.
Let's
see
if
I
can
find
it,
here's
our
other
one.
This
is
our
ingress
service
and
we
want
to
change
this
back
to
Newport,
damn
I'm,
so
we'll
scroll
down.
A
So
I'm
learning
that
you
mechs
using
meta
and
control
with
my
broken
finger
is
actually
really
hard.
Just
you
know
if
anybody
wants
to
poke
fun
of
me
for
using
Emacs
now's
a
good
time,
okay.
So
now,
let's
do
our
a
wide
command
that
we
did
a
second
ago,
and
we
can
get
this
new
a
record
now,
let's
go
see
what's
going
on
here.
A
Erin
says
you
max:
gave
Richard
Stallman
carpal
tunnel
I,
don't
know
if
he
actually
has
carpal
tunnel
I
totally
believe
it
also
for
folks
at
home.
If
you
read
my
book,
there's
totally
a
really
hilarious,
Richard
Stallman
quote
hidden
in
there,
where
he
talks
about
using
compilers
to
compile
themselves
and
we
compared
that
to
infrastructure.
So
if
you
like,
Richard,
Stallman,
trivia,
there's
a
buried
gem
and
cognitive
infrastructure,
it's
on
page
72,
that's
a
good
one
as
well.
Okay!
A
A
And
for
those
of
you
who
don't
know
we're
not
gonna
be
using
mini
cube,
I
have
a
domain
that
I
use
just
for
demos
and
to
be
hilarious.
It
is
fabulous
so
we'll
point
DNS
over
as
soon
as
we
get
this
for
or
for
working.
We
still
want
to
keep
our
traffic
web
UI
and
service
port
web
and
we'll
keep
this
on
our
root
path
here,
which
we're
going
to
play
with
this
a
little
bit
later,
when
we
look
at
how
we
can
use
traffic
to
to
map
different
endpoints
to
different
services
internally.
A
A
If
use
kubernetes
in
amazon,
you
can
do
dig
plus
short,
and
you
can
actually
just
give
it
the
not
the
HTTP,
but
just
the
the
a
da
record
here,
and
you
should
be
able
to
get
a
public
IP
out
of
it
and
might
still
be
waiting
for
for
dns
to
resolve.
Another
way
you
can
do
it
is
to
get
you
can
go
and
use
ping
as
well.
A
We
got
here
unknown
host.
Oh,
who
knows
why
I
messed
up?
That's
why
BAM,
okay,
so
there's
our
public
IP
address!
So
now.
Let
me
open
up
I'm
gonna.
Do
this
off-screen,
because
this
is
my
personal
AWS
account
and
I.
Don't
want
you
guys
to
see
all
the
crazy
stuff
I
have
running
in
my
personal
Amazon,
it's
just
my
blogs.
A
So
we
want
to
go.
Let
me
pull
up
my
my
record
here
and
then
I'll
scoot
back
over
to
the
other
screen.
Okay,
so
we
want
fabulous
there.
It
is
okay,
so
now
who's
that
and
that
and
I
can
go
Bam,
Bam,
okay,
cool,
so
for
fabulous,
not
half.
My
personal
Amazon
account.
We
can
paste
our
new
IP
address
in
I
hang
out
for
a
few
seconds.
A
But
we
can
come
back
and
try
to
refresh
this
in
a
second
and
at
least
get
the
traffic
dashboard
up
and
running,
and
then
we
can
look
at
how
we
can
actually
use
kubernetes
ingress
with
a
real
DNS
name
to
map
back
to
a
service
and
that
service,
ultimately
not
being
through
pod,
and
one
of
the
things
I
wanted
to
kind
of
demonstrate.
Why
we're
waiting
for
DNS
here
is
I
can
split
my
screen,
zoom
in
on
this
one.
A
So
we
want
this
ingress
controller,
so
we
do
K
logs
BAM
name
space
system,
and
then
we
want
to
do
a
minus
F
along
the
way,
as
well
so
minus
F,
cool
and
then
over
here
on
the
right.
If
we
do
K
get
Eng
name
space
cube
system,
we
can
edit
this
thing
really
quick
and
it's
cool.
Cuz
it'll
actually
show
you.
This
is
running
and
fabulous
staff
here
and
we
can
do
K
edit
in
the
name
of
it,
which
is
tra
EFI
web.
A
We're
gonna
change
our
service
port
from
web.
We'll
change
this
to
80
and
we're
to
do
we'll.
Do
/,
TG
I
came
here
so
now
we
can
create
this
arbitrary
endpoint
I
mean
it
should
do
the
mapping
for
us
so
we're
now
mapping
the
traffic
web
UI
service.
That
points
to
the
traffic
UI
pod,
our
deployment
rather
than
maps
to
a
pod
to
the
/t
gik
in
point
fort
fabulous
dot
F.
So
we
should
be
able
to
see
this
over
here
on
the
Left.
We
should
have
seen.
A
Maybe
what
this
was
it
did.
It
just
happen,
really
quick,
what's
a
timestamp
on
this,
so
this
is
20
47,
so
yeah
I
think
this
is
the
one
I
think
these
two
records
here
are
the
ones
from
when
we
just
edit
to
this
ingress.
So
now,
if
we
go
to
fabulous
tap,
we
want
to
do
in
our
incognito
browser,
which
is
here.
A
Cf
DNS
is
working.
It
live.
Demos
are
always
hard
either
way.
We
can
just
get
our
a
record
for
now.
Why
we're
waiting,
Oh
Timo
says
it
already
happened,
so
maybe
I'm
just
not
it.
Maybe
my
DNS
records
here
at
the
office
just
aren't
as
cool
as
your
DNS
server,
wherever
you
are
in
the
world.
Okay,
so
/tj
is
not
working,
but
if
we
go
here,
it
looks
like
it'll.
Do
the
forwarding
for
us
and
then
I'm
wondering
am
I
fabulous
dot.
F
is
not
reloading.
A
A
Should
be
able
to
come
down
here
and
change
this
back
to
our
root
directory
bam
and
bam,
yep
and
then
it
says
our
service
was
reloaded
here.
We
got
to
see
that
happen
real
time,
and
then
we
come
back
and
poof.
Now
it's
it's
back
here
as
well,
so
we
would
actually
be
able
to
come
in
and
edit
multiple
ingress
rules.
A
A
A
So
we
had
about
60
seconds
for
seven,
real
and
and
then
I
bet
we
can
get
the
the
fabulous
down.
Half
/t
gik
employ
marking
as
well
and
Daniel,
says
for
the
record
right
now.
Your
load
balance
service
is
directing
all
traffic
to
the
dashboard.
Not
the
normal
entry
points.
I
Daniel.
Can
you
elaborate
on
that
a
little
bit?
A
Are
you
just
saying
that
right
now,
whenever
somebody
hits
route,
it
gets
forwarded
to
slash
dashboard
and
Nicholas's
and
a
alias
would
be
a
better
idea.
Okay,
good
tips,
everybody
thanks
for
letting
us
know
and
I
think.
If
we
go
back
and
look
at
the
traffic
dashboard
here,
we
should
be
able
to
poke
around
and
see
what
else
we
have
up
and
running
we're
waiting
for
DNS
and
bam.
A
So
here's
traffic
as
well.
Okay,
an
angel
says
it's
working
for
him
now
so
yeah,
just
DNS
was
story
of
my
life.
So
here
this
was
pretty
cool.
I
got
to
come
in
and
check
this
graph
out
yesterday
and
as
fabulous
staff,
Connie
comes
online
and
people
start
making
more
requests.
We
can
actually
get
some
some
pretty
interesting,
charts
and
graphs
here
that
traffic
is
configuring
for
us
as
great
ingress
rules.
So
it
looks
like
here
just
recently.
A
We
started
to
see
some
some
traffic-
oh
yeah
and
Gabrielle,
says
yeah
I
get
your
traffic
dashboard
yeah.
So
don't
expect
this
is
horrible
practice.
Folks,
don't
don't
do
this
at
home?
I'm
literally
just
doing
this,
because
it's
tjk
and
I
know
that
folks
at
home
are
gonna
have
fun
with
it,
but
anyway
it
looks
like
you
can
come
in
and
you
actually
check
out
the
traffic
dashboard,
which
is
pretty
handy,
Aaron,
says.
Dc
names
are
problematic
that
you
can't
have
any
other
record
for
that
hostname
interesting,
okay,
perfect!
A
A
I'm
wondering
if
there's
some
like
weird
happiness
where,
because
it
looks
like,
if
you
go
to
the
root
for
fabulous
F,
it
automatically
affords
you
slash
bored
so
I'm
wondering
if
the
actual
traffic
web
UI
is
just
trying
to
forward
you
slash
bored
and
that's
why
it's
not
working
I
know
your
application
and
your
your
interests.
Paths
have
to
kind
of
agree
or
you
can.
You
can
run
into
some
interesting
behavior
there
so
anyway,
this
is.
This
is
kind
of
like
a
getting
traffic
up
and
running,
really
really
simple
in
in
kubernetes
and
I.
A
Think
we
had
a
lot
of
folks
ask
for
yeah
an
angel
just
says:
I,
believe
traffic
redirected
dashboard,
regardless
of
the
path
so
yeah
I.
Just
just
think
that
we
want
our
ingress
in
our
application
to
agree
here
and
I.
Think
the
one
other
thing
I
wanted
to
look
at
was
getting
TLS
up
and
running
and
then
I
wanted
to
try
to
actually
run
multiple
applications
in
kubernetes
using
traffic
in
multiple
arrest
rules,
and
we
can
look
in
doing
that
and
it's
like
it
lasts
10
or
15
minutes
or
so.
So.
A
A
Bam
and
you
see
that
yeah
I
did
reload
itself
dynamically
yeah
an
angel
is
a
green.
Yes,
it
does
he's
had
that
before
okay,
so
this
is
interesting
lesson
for
ingress.
You're
gonna
have
to
be
as
an
operator
you're
gonna
have
to
sort
of
design
your
applications
in
such
a
way
that
your
application
endpoints
are
going
to
map
to
the
actual
endpoints
that
your
defined
you
and
your
ingress.
A
So
there
needs
to
be
a
little
bit
of
orchestration
that
goes
on
between
the
two,
which
totally
makes
sense,
especially
because
in
your
application
you
can
start
to
do
like
301
redirects
and
actually
manipulate
the
HTTP
protocol
directly
from
your
application
as
well.
So
you
just
want
to
make
sure
that
you're
you're
kind
of
keeping
your
ducks
in
a
row
and
having
your
ingress
rules
and
your
raising
points
and
your
different
applications
sort
of
agree.
A
So
if
we
wanted
to
have
a
/t
gik
in
point,
we
would
totally
want
to
have
an
application
that
supported
that,
and
then
we
could
map
between
the
two.
So,
let's
see
if
we
can
get
another
application
up
and
running
on
route
and
then
we
can
keep
the
dashboard
on
/
dashboard
and
then
we
should
be
able
to
go
to
fabulous
on
F
C,
our
regular
application
and
then
go
to
such
dashboard
and
actually
get
our
our
a
traffic
dashboard
as
well
and
actually
route
between
two
different
services.
A
So
how
we're
gonna
do
that
is
here
in
the
TTI
K
repo
I
mean
go
to
so
tilde.
It's
like
the
hardest
character
for
me
to
type
right
now.
So,
like
pat
myself
on
the
back
for
getting
that
tilde
him,
it's
a
ghost
source,
github.com
hep,
t,
OT,
gik
episodes
o
41
boom
and
then
here
in
stateful
manifest.
I
have
put
together
some
manifest
for
this
application.
I
built
using
buffalo
called
stifle
app
and
I
demoed.
A
This
live
on
stage
at
velocity
calm,
and
this
is
a
really
handy
application
because
it
demonstrates
stateful
workloads,
kubernetes,
but
even
more
exciting
than
that
is.
You
can
totally
use
this
application
for
a
live
demo
and
folks
can
contribute
to
the
application
and
their
state
will
be
preserved,
but
they
can't
do
anything
malicious.
So
how
the
application
works
is
after
we
get
it
up
and
running.
You
can
authenticate
with
github.
The
only
permission
we
ask
for
is:
we
want
to
be
able
to
see
you
your
username
and
then
after
you
authenticate
with
github.
A
We
just
add
your
username
to
the
list
of
other
users
who
have
logged
in
and
then
your
username
gets
showed
up
on
the
screen,
and
you
can
use
that
in
your
demo
and
you
don't
have
to
worry
about
folks
doing
anything,
crazy
or
malicious
to
your
demo.
While
you're
doing
it,
you
just
get
their
github
name
and
that's
all
they
can
contribute
to,
but
folks
still
feel
like
they're
a
part
of
the
application
as
well.
So
we're
gonna
try
to
get
this
up
and
running
into
multiple
application,
routing
with
traffic
in
kubernetes.
A
But
we
can
look
at
everything
else
in
this
directory
here
and
I
put
these
together
just
to
give
basic
examples
of
how
to
run
a
stateful
application
in
kubernetes.
So
the
first
thing
we
want
to
do
is
we
want
to
create
a
new
service
and
then,
after
we
create
a
new
service,
we're
gonna
append
an
ingress
rule.
So,
instead
of
installing
the
default
ingress
demo,
we're
actually
going
to
go
manually
write
a
new
restaurant
for
it.
So
let's
get
our
service
in
our
deployment
in
our
database
up
and
running
before
anything
else.
A
So
we
want
to
do.
K
apply
minus
F,
stateful
manifest
this
one
takes
the
longest,
the
Postgres
database.
So
this
has
got
a
ton
in
it
and
this
is
going
to
bootstrap
Postgres
for
us-
and
this
is
god,
config
map.
It's
got
a
secret,
it's
got
a
PVC,
a
service,
a
deployment
and
it
Maps
the
deployment
to
the
PCB
created.
So
we
actually
get
like
some
really
interesting
behavior
here
and
we're
actually
able
to
preserve
state
over
a
PVC
over
time.
So
again,
this
is
just
a
demo,
app
I
use
arbitrarily.
A
So
anyway,
let's
install
purpose
Postgres.
So
after
we
install
Postgres,
we
need
to
go
and
we
need
to
manually
create
this
database.
So
how
we
do
that
is
I.
Have
this
one-liner
here
that
will
exact
into
a
pod
and
run
the
database
create
command.
So
we
do
that
container,
not
found.
I
bet,
it's
still.
Yeah
I
just
came
up.
Okay,
so
yeah.
This
will
create
database.
Here
is
what
we
want
to
see.
Okay,
so
now
we've
created
a
database,
and
now
we
want
to
scale.
A
We
want
to
scale
or
state
or
not,
receivable
yeah,
our
sample
set
from
0
to
1
and
the
reason
we
created
the
database
forest
is
because
the
application
is
smart
enough
to
say
once
the
database
has
been
created
if
I
schedule
a
pie,
the
pot
actually
configures
the
the
schemas
for
everything
else
that
needs
along
the
way
as
well.
So
we
can
go
here
and
we
can
scale
this
from
0
to
1
and
that
will
do
a
lot
more
database
hackery
for
us
deployment,
not
sounds.
A
So
that
was
pretty
straightforward
and
let's
go
back
to
let's
go
here.
Let's
look
at
our
ingress,
ty
Hamel,
to
see
what's
going
on
here,
so
we
had
this
in
/
state,
which
is
one
of
the
API
endpoints
that
buffalo
built
for
us
and
we're
just
gonna
delete
that
so
that
we
can
think
about
this
holistically
before
we
actually
write
a
new
interest
rule
in
our
existing
ingress
record
in
the
cube
system
namespace
and
it's
going
to
point
to
our
stateful
app
service
and
what
we
want
to
do.
A
A
A
Do
we
not
have
ksdc?
So
what
what
default
/
staple
app
service
is
telling
us
is
in
the
default
namespace.
There
should
be
a
service
called
stateful
app
service,
so
we
can
see
what's
in
the
default
namespace
by
doing
K
get
service
here
and
we
should
have
no,
we
don't
have
a
stateful
app
service.
What's
going
on
here.
A
Did
this
not
stateful
app
service?
Okay,
let's
apply
the
service.
Really
quick,
I
guess
I
mean
I
skipped
that
step.
Okay,
apply,
f,
stateful
manifests
service,
don't
you
be
on
so
let's
go
and
look
and
see
what
traffic
is
doing.
Yeah.
We
have
traffic
happy
traffic.
So
now
what
happens
when
we
go
to
fabulous
Donna
have
with
a
/.
So
it's
supporting
us
to
dashboard.
This
is
interesting.
Behavior
here,
so
ingress
and
kubernetes
has
always
been
fun
to
say
the
least.
I
know
whether
there
folks
think
about
it.
A
A
State
will
have
ingress.
Oh
yeah
Mon,
and
here
we
want
to
go
BAM
so
I'm
wondering
why
this
is
not
routing
Aaron,
says
fun
yeah.
So
it's
interesting
because,
like
one
of
the
things
here
that
you,
if
you
haven't
kind
of
made
this
mental
jump,
yet
you
can
see
that
the
whenever
you
define
a
path
and
ingress,
you
can
set
this
to
anything.
A
You
want,
and
it
would
be
totally
possible
for
us
to
have
two
ingress
rules,
either
in
the
same
namespace
or
in
different
namespaces,
both
pointing
to
the
same
paths
and
how
does
kubernetes
know
which
one
to
choose
so
there's
like
some
fundamental
wonkiness
going
on
with
ingress
so
like
it's
always
been
one
of
those
primitives
that
I've
kind
of
like
taken
with
a
grain
of
salt.
Anyway,
let's
try
to
get
our
application
up
in
resolving
on
the
host
the
host
of
route
in
point:
4,
fabulous,
dot,
F
I.
What
Daniel
says?
A
Please
see
my
previous
commentary.
Your
interesting
get
applied
on
the
dashboard
entry
points
which
the
load
balancers
service
from
traffic
web
UI
to
the
main
load.
Balancer
service
you
created.
First,
your
ingress
is
didn't
get
applied
to
the
dashboard
entry
point,
switch
the
load
balancer
service
to
the
mainland,
balancer
service,
I
I
think
I
see
what
you're
saying
Daniel.
Can
you
get
SVC?
Let's
do
all
namespaces
here.
A
Now
I'm
going
to
close
out
of
this
one
really
quick,
give
us
a
little
more
wiggle
room.
Okay,
so
where's
our
main
load,
balancer
service,
I,
don't
really
understand
what
you
mean
by
that,
but
here's,
our
traffic
web
UI
traffic,
ingress
service,
so
I
think
what
Daniel
was
trying
to
say
here
is.
We
should
be
mapping
our
ingress
to
the
traffic
ingress
service
and
not
to
the
traffic
web
UI.
So
let's
do
our
getting
dresses
again
and
sexually
see
this
is
matyoo.
So
no,
we
don't
want
the
animal.
A
A
So
now
what
happens?
If
we
go
here?
Okay,
it's
that
still
not
working
so
now,
I
think
what
we
need
to
do
is
we
need
to
get
our
ingress
rules
configured
properly
to
actually
route
to
our
main
application
and
how
we
can
even
just
check
and
see
if
our
application
is
up
and
running
and
happy
real,
quick
as
we
can
just
do
a
port
forward
to
just
see
that,
yes,
the
application
is
happy
and
it
alleviate
that
concern
as
we're
debugging
the
rest
of
kubernetes
here.
A
A
A
A
A
Okay
and
then
remind
me
at
the
end
of
the
episode-
and
we
can
go
over
that
little
bit
more
I-
want
to
get
this
this
egress
stuff
out
of
the
way,
and
then
we
can.
We
can
wrap
up
okay,
so
now
we're
getting
the
error
14
connection
with
used.
Let's
look
and
see
what
our
service
is
doing
for
this
okay
and
we
have
steep
web
service.
A
So
we
could
change
that
to
load
balancer
as
well
and
I
think
that's
going
to
be
a
workaround,
but
for
the
the
ingress
service
we
we
definitely
want
to
reconfigure
that
to
use
the
the
traffic
load
balancer
service
and
then
rewrite
the
ingress
rule
in
the
cube
system.
Namespace
I
think
is
the
the
plan
of
action.
We
want
to
take
care
and
we
might
not
be
able
to
get
this
set
up
today.
We're
just
totally
cool
I
haven't
actually
done
this
before
so
we're
kind
of
doing
this
live
a
little
bit.
A
So,
let's
see
what
we
can
do
here
so
can
get
SVC
all
namespaces
and
we
have
our
traffic
ingress
service
and
we
want
to
do
K
get
hang
o
and
Josie
said.
My
first
message
didn't
come
through
Josie.
You
feel
free
to
tweet
at
me
or
send
me
a
message
if,
if
you
want
or
you
can
even
open
up
a
like
a
PR,
an
issue
was
a
question
and
I'm
happy
to
follow
up
after
TGA
k
as
well.
A
Okay,
so
the
first
thing
we
want
to
do
is:
let's
rewrite
our
universe,
rule
so
they're
all
in
the
same
object.
So
let's
go
to
ticketing
in
our
default
namespace,
and
we
want
to
oh,
oh
this
thing.
So
I
think
that
was
our
most
recent.
Oh
yeah
Mille,
yes,
and
we
want
to
add
this
rule
to
K
edit
era
list.
Uk
get
ingress,
namespace.
A
A
And
we're
gonna
add
a
new
rule
down
here
at
the
bottom.
Do
this
keep
our
status
over
here
host,
fabulous
dot
off
I,
don't
think
we
need
to
find
a
host
twice,
but
we'll
keep
in
there
for
good
measure,
and
then
this
is
going
to
go
to
the
staple
app
service.
Awesome.
Let's
see
what
this
does.
Okay!
So
now,
let's
go
to
our
traffic
UI
and
see
if
we
have
we
should
have.
Why
is
it
still
only
say
in
dashboard
here
interesting
stuff?
I,
wonder!
If
was
that
it
one
more
time
to
see
what
happens?
A
I,
wonder
what
it
looks
like
now
that
we
we
got
it
Oh.
For
some
reason,
the
rule
didn't
right:
Oh
Josie
says
first
message:
hey
Chris!
First
of
all,
thank
you.
This
awesome
demo,
ever
since
I
found
out
about
hefty,
oh
I've
been
lugging
every
single
thing
you
guys
do
from
where
I
sit.
This
culture
looks
fabulous
thanks
for
the
the
feedback,
Joe
sue,
it's
always
happy
to
hear
that
folks
are
enjoying
what
we're
doing
here.
I
help
you
know
in,
and
the
kubernetes
open
source
for
that
matter.
A
A
A
First
see-
and
now
it's
like
whenever
refreshing,
we're
getting
like
conflicting
results
here,
so
we
have
two
front
ends:
/
bored
and
yeah
I,
don't
know.
What's
going
on
with
you,
I
hear
I
keep
skipping
around.
This
is
interesting:
behavior,
okay,
but
yeah.
We
have
fabulous
F
with
a
slash
and
well,
it
keeps
going
back
and
forth,
but
we
have
both
the
slash
and
the
dashboard.
A
A
F,
okay
yeah,
so
this
is
this
is
what's
going
on
to
the
dashboard
here,
so
we
have
server
configuration
reloaded
and
it
says
service
not
found
stateful
ops
service,
ok,
because
we
rewrote
it
in
to
keep
system
namespace
and
the
cube
system.
Stateful
app
service
is
in
a
different
name,
space.
Ok,
so
this
is
what
I
kind
of
wanted
you
to
get
to
with
ingress
is
in
namespace.
So
if
you
define
an
egress
rule
in
one
namespace,
it
needs
to
map
to
a
service
in
the
namespace.
A
Otherwise
the
egress
controllers
not
gonna,
be
able
to
do
the
mapping
there
accordingly.
So
when
you're
defining
ingress
rules,
you
know
not
only
need
to
make
sure
that
the
application
agrees
with
the
ingress.
In
point
you
to
find
you
need
to
make
sure
this
service
is
in
the
same
namespace
and
therefore
that
the
deployment
or
stateful
center,
whatever
is
also
in
the
same
namespace,
and
that
I
feel
like
there's
one
more
thing.
I
was
about
to
say:
ok,
anyway,
get
those
two
things
and
there's
a
good
good
start
for
it,
and
so
let's
move
it.
A
A
A
Okay,
so
this
one
looks
good:
it's
our
state
flop
service
running
in
the
same
namespace,
listening
to
port
80
on
every
path.
Let's
see
what
the
dashboard
has
to
say
now:
okay,
so
fabulous
dot,
F
and
fabulous
after
dashboard
routing
in
between
two
different
namespaces.
Then
let's
go
to
fabulous
F
just
with
a
slash,
it's
still
forwarding
to
the
dashboard
wow.
This
is
so
weird
what
is
going
on
here.
Let's
try
look
at
these
logs
again.
A
A
A
Router
it's
trying
to
route
to
the
service
whatever
so
a
little
bit
more
of
a
Rabat,
City
I
think
would
be
helpful
here
and
let's
look
at
our
ingress
rules
again
and
just
do
one
more
say:
an
80
check
actually
like
our
services
again
well,
do
all
namespaces
and
just
do
one
more
sanity
check
and
see
that
everything
here
looks:
okay,
okay,
so
we
have
traffic
ingress
service
and
the
web
UI.
So
the
web
UI,
oh
okay,
I,
think
I
see
what's
going
on
here.
So
right
now
we
have
the
web
UI.
A
That's
pointed
to
our
external
IP,
not
our
Travis,
even
Gress
service.
So
let's
edit
these
two
services,
any
point
DNS
here
in
the
last
couple
minutes
and
see
if
we
can
get
this
thing
working
because
if
you
remember
early
in
the
episode
we
we
switched
him
back
and
forth
to
get
the
UI
up
and
running.
So,
let's
edit
this
okay
and
we
want
to
do
k
edit
SVC
ingress
service
and
huge
system.
A
And
then
I'm
gonna
draw
a
picture
here
at
the
end,
so
you
folks
can
see
the
different
namespaces
and
how
the
ingress
rules
and
the
universe
controller
all
kind
of
come
together
to
route
traffic
accordingly
with
traffic
okay.
So
anyway,
here
is
our
type
new
port
type
load.
Bouncer
that
looks
good
and
let's
do
the
web
UI
as
well
looks
like
folks
are
giving
pointers
for
ho
zo
as
well.
Thank
you
for
that,
and
I
still
have
my
note
here
to
talk
a
little
bit
about
that
at
the
end.
A
A
That
and
that
also
explains
why
our
rules
weren't
getting
respected.
Okay.
So
now,
if
you
take
it
service
Aldi
here,
I
can
just
pull
it
up
here,
all
namespace
Oh
why'd.
We
should
have
here's
our
Amazon
lb
for
ingress
service.
So
take
this.
Do
our
dig
plus
short
on
it,
wait
for
Dina's
to
do
its
thing
and
then
we'll
reset
fabulous
staff
and
see
if
we
can
route
between
the
root
directory
and
the
slash
dashboard
directory
between
our
application
and
our
traffic
dashboard.
So
let's
try
teen
ass
one
more
time.
A
A
Oh
also,
they
redid
the
Amazon
dashboard.
So
this
is
pretty
handy
for
folks
at
home.
If
you
use
Amazon,
you
can
click
this
little
pushpin
up
here
at
the
top,
and
you
can
totally
come
in
and
be
like.
You
know
what
I
I
want
to
use.
Eks
and
I
want
to
use
I
use
that
a
lot
so
I
can
actually
drag
like
arbitrary
things
up
here
to
the
top,
and
then
you
get
them
whenever
you're
up
here.
A
So
instead
of
like
clicking
here,
something
like
that,
I
can
always
get
to
be
PCs
or
I
can
always
get
to
easy
too.
So
it's
kind
of
nice.
You
can
kind
of
customize
your
commonly
used
shortcuts
there
at
the
top
I
thought
that
was
pretty
handy.
So
here
on
the
left,
we
can
go
to
load
balancers.
We
should
have
a
whole
list
of
load
balancers
here
configured
and
a
99
EBD,
a
99
EBD,
okay,
good!
So
look
it's
resolving
now
we're
getting
our
404
and
I
bet.
A
A
A
A
Recenter
that
get
our
logs
here:
okay,
logs
traffic-
so
we're
following
this-
we'll
get
some
space
here.
So
we
can
see
everything
new
as
it
comes
in
and
then
here
we
can
do
K
get
SEC
all
namespaces
and
we
don't
need
to
do
a
wide.
So
we
and
we
can
kind
of
do
like
spread
it
out
a
little
bit
here.
Okay,
let's
use
here
to
read
my
zoom
out
a
little
bit
there
yeah.
A
Let's
try
that
okay,
so
that's
fairly
easy
to
read
so
now,
I
have
a
list
of
services
and
we
have
our
logs
and
we
can
look
at
interest
rules
here
in
a
second.
But
let's
do
new
incognito
windows
so
that
our
browser
cache
isn't
getting
in
the
way
and
let's
do
BAM.
Okay,
finally
got
our
ingress
up
and
running
the
way
we
wanted
to,
and
it's
routing
our
root
directory
to
this
wonderful
demo,
stateful
application
and
I
bet.
If
we
go
to
fabulous
daf,
slash,
dashboard
hah,
we
get
a
traffic
dashboard.
A
No
providers
found
don't
know
what
this
means,
but
we're
really
really
close,
we're
just
an
exciting,
ok
and
then,
let's
poke
around
at
the
state.
Flap
a
little
bit
so
you
guys
can
see
what's
going
on
here
and
then
we
can
look
at
some
logs
and
then
all
sort
of
draw
that
diagram
and
I
think
we
want
to
go
over
hazuki's
cluster
a
little
bit
and
then
it's
already
been
in
our
20
minutes.
That's
probably
to
push
us
well
in
through
an
hour
and
30
minutes
for
the
episode.
A
So
we
might
have
to
do
another
episode
where
we
look
at
I.
Tell
us
with
traffic
or
maybe
even
just
tell
us
in
general-
and
you
know
traffic
only
one
of
many
options.
We
go
over
in
a
tgia
kepis
ode.
So
let
us
know
what
you
think
in
the
the
tgia
issue:
tracker
40
us
and
what
would
be
meaningful
for
you
and
your
team
I
know.
Tls
is
one
of
those
things
where
it's
like.
It's
finicky
get
set
up
right
and
it's
not
easy
to
live
demo,
especially
with
a
rate
limits
and
let's
listen
crypt.
A
A
So
the
first
thing
you
do
would
be
the
demo
application
here,
as
you
can
log
in
with
github
and
I'm
totally
gonna
log
in
just
so
I
can
show
you
folks,
what's
going
on
we're
in
an
incognito
browser
which
is
might
not
already
logged
in.
So
when
you
pull
up
me
here.
This
is
cool
because,
if
you're
a
member
of
the
kubernetes
organization
they
make
you
you
have
to
have
this
multi-factor
off
setup,
which
I
think
is
pretty
handy.
A
So
if
I
do
log
in
with
github
okay
awesome,
so
it
looks
like
folks
at
home
are
already
interacting
with
this
application.
So
we
have
Myka
and
Aaron
and
looks
like
mykos
found
the
secret,
where
you
can
actually
hit
the
add
record
button
a
few
times
and
actually
get
your
name
to
come
up
there
and
I
can
say
like
no
Myka
I
want
to
destroy
one
of
your
records,
but
anyway
this
is
just
a
handy
application.
It's
got
rainbows,
you
know
let
folks
at
home
contribute
in
a
safe
way.
A
That
you
know
is
never
going
to
be
malicious
in
your
demo,
so
we
have
ingress
working
with
fabulous
staff
and
a
route
which
comes
to
our
stateful
application
demo,
and
then
we
can
go
to
slash
dashboard
and
we're
hitting
most
of
the
traffic
dashboard
here,
but
it
looks
like
they're
still
like
for
some
reason.
Still
not
wanting
to
resolve
angel
says
for
the
slash
dashboard
you
might
have
to
strip
paths
haven't
personally
bred.
It
myself,
though.
Okay
now
Paul's
talking
to
hosszú
about
the
author,
read
book
and
stuff.
A
Okay,
so
I
think
I'm
wondering
if
like
we
can
go
to
fabulous,
just
got
a
flush.
No,
so
there's
probably
something
going
on
here
with
the
way
that
the
traffic
dashboard
is
doing
its
own
internal
rowdy
and
we're
gonna
have
to
figure
that
out.
So
we
could
actually
map
it
to
the
slash
dashboard
interests
rule
so
really
quick.
Let's
do
one
more
look
at
our
different
interest
rules
and
how
the
ingress
controller
runyan
in
the
cube
system.
Namespace
is
routing
both
ingress
rules
and
different
namespaces
to
different
services
in
corresponding
different
namespaces
as
well.
A
So
how
we
want
to
do
that
is
ka-ching
all
namespaces
give
to
us.
Perminov
is
defined
so
I
bet.
We
can
do
this
and
we
can
just
do
Oh.
Yeaaaah
won't
get
all
of
them
yeah.
We
totally
can
so
the
first
one
we
have
here,
I
mean
I
sort
of
just
like
select
this
top
line.
So
you
kind
of
see
a
line
in
the
screen.
Is
this
one
that
is
going
to
the
stateful
app
service
on
the
route
path?
A
And
if
we
come
up
here
to
the
main
of
data,
you
should
be
able
to
see
that
it's
in
the
namespace
default
here
a
few
folks
at
home
can
see
my
mouse
or
not.
Then,
if
we
go
down,
we
can
find
another
ingress
to
find
hit
here
with
one
rule
that
says:
slash
dashboard
on
port
80
in
the
name,
space
cube
system.
A
So
the
traffic
dashboard
by
default,
with
Herning
in
the
cube
system,
namespace,
which
may
or
may
not
be
the
best
idea-
and
you
probably
should
never
expose
that
publicly
like
I
just
did
here-
live
on
2g,
okay
and
that
is
going
to
route
to
the
slash
dashboard
back-end
and
then
we
think
there's
something
going
on
with
the
traffic
UI
and
that's
why
it's
not
resolving
this
/
bored
path
that
we've
divined
here
and
for
so
it's
resolving,
but
for
some
reason
the
application
isn't
happy.
A
So
maybe
we
can
open
up
an
issue
with
traffic
and
say:
hey
what's
going
on?
How
could
we
run
your
dashboard
publicly
as
well
as
running
another
application
on
route
as
well,
because
I
think
that
was
kind
of
the
intent
of
giving
a
D
slash
dashboard
in
point
there?
Okay,
so
without
further
ado,
let's
draw
a
picture:
let's
see
how
we
do
this
I'm
gonna
go
to
my
doc,
camera
sweet!
So
here's
the
C
I
actually
didn't
really
take
a
note.
So
we're
going
to
like
look
at
this
later.
A
So
all
I
crossing
over
here
and
then
I
actually
I
have
a
sharpie.
So
I
can't
like
actually
draw
with
a
sharpie
today.
So
what
we
have
is
we
have
two
big
name:
spaces
in
kubernetes,
so
we're
gonna
draw
two
big
name
spaces
kind
of
clearing
here,
so
this
one
is
going
to
be
keep
system
and
this
one
is
going
to
be.
Let's
see
if
I
can
scoot
this
up
yeah
there
we
go
keep
system
and
this
one's
going
to
be
our
default.
Namespace,
okay,
and
so
here
we
have.
A
We
have
a
traffic
ingress
service,
which
this
is
going
to
be
our
main
entry
point
to
our
cluster.
We
also
have
a
traffic
UI,
so
tra
these
aren't
the
real
names,
but
this
is
kind
of
like
how
anything
you
know
them.
I
had
so
we
have
a
traffic
UI
service,
I'll
just
do
SPC
here
and
then
we
also
have
our
ingress
controller
and
we
have
one
ingress
rule
so
I'm
going
to
do.
Inga
rule
four
slash
dashboard
here,
No.
A
So
then,
in
our
default
namespace
we
have
I'm
like
stepping
off
the
treadmill
here.
So
I'm
like
going
down
a
little
bit.
We
have.
What
do
we
have?
We
have
our
state
flap
service,
so
I
was
going
to
do
stateful
SVC,
we
have
no
controller
and
we
have
one
ingress
rule
for
slash
and
then,
of
course,
we
have
I'm
gonna
put
a
big
star
down
here
at
the
bottom.
We
have
our
app
running
in
both
we
have
the
application
run.
A
You
know
it's
a
deployment
for
a
state
flap
in
the
default
namespace
and
we
have
our
our
traffic
UI
running
as
also
as
a
deployment,
and
you
keep
system
you
space,
but
today
after
there
at
the
bottom
is
so
anyway,
our
egress
controller.
Let's
go
ahead
and
draw
that
here
is
able
to
take
data
incoming
HTTP
request
from
the
internet.
So
here
this
was
just
going
to
be
the
internet
and
it's
able
to
route
to
both
namespaces
based
on
arbitrary
endpoints.
A
So
we
can
really
start
to
use
kubernetes
namespaces
to
define
like
full
feature,
rich,
complex
endpoints
for
application
and
point
them
between
various
namespaces
in
our
system.
So
if
you
wanted
to
have
like
an
authentication
service
that
runs
in
its
own
namespace
or
if
you
wanted
to
have
like
a
user
lookup
API
that
runs
in
its
own
namespace,
you
can
really
start
to
pull
your
application.
Apart,
have
very
small
micro
services
that
sort
of
hey,
there's
one
broader
micro
service,
that
look
and
feel
like
one
broader
service,
but
really
behind.
A
The
covers
are
very
small,
discreet,
independently
namespace
services
running
inside
of
kubernetes.
So
that's
that
was
the
idea
behind
for
ingress
and
I.
Guess
a
little
bit
of
the
back
story
on
ingress
is
we
didn't
always
have
ingress
and
in
fact,
if
you
look
at
like
the
work
I
did
when
I
worked
at
Deus
I
think
was
like.
A
Over
a
year
ago,
we
actually
had
like
our
own
engine,
X
router,
that
we
called
each
router
that
sort
of
behaved
just
like
this
diagram
does
here,
but
without
actually
doing
it
a
declarative
way
in
kubernetes
and
I.
Think
the
folks
over
at
Red
Hat
had
one
as
well
and
I.
Think
even
the
folks
at
quo
us
used
to
have
one
as
well
and
everybody
was
kind
of
like
okay.
A
We
really
need
to
like
come
together
and
define
some
sort
of
like
way
of
defining
a
router
and
that's
how
ingress
was
born,
and
now,
let's
become
like
a
higher-level,
primitive.
It's
like
mating
in
the
core.
It's
totally
like
a
normal
common
part
of
kubernetes
that
wasn't
always
there
to
begin
with.
So
now
that
I
have
ingress,
we
can.
A
We
can
totally
start
doing
this
and
we
can
use
traffic
as
our
invest
controller,
to
look
at
these
different
ingress
rules
like
the
one
we
see
here
and
when
we
see
here
and
actually
do
the
dynamic
configuration
in
and
sort
of
act
as
our
reverse
proxy
load.
Balancer
and
router
between
the
two
I
think.
It's
important
to
note
that
in
each
case
we
have
a
replicate
count
of
one
for
each
of
our
applications
here,
but
if
we
did
want
to
scale
out,
let's
say:
actually,
let's
do
right
now.
A
Let's
totally
do
this,
let's
see
I
want
to
go
back
to
my
screen.
My
face
I
can
find
my
replicas
equal
to
one.
So
we
can
do
replicas
equal
to
this.
Let's
200,
why
not
yellow
so
I
just
scaled
up
if
I
do
take
it
P?
Oh,
we
should
see
it
whoa,
a
ton
of
steel
flaps
here
so
now
we're
just
horse
on
Thalia
distributing
fabulous,
Oh
turn
off
Siri
and
looks
like
a
ton.
A
More
people
have
already
can
contribute
it
to
the
statefulness
of
our
application
and
if
you're,
actually,
every
time
we
refreshing,
you're,
actually
probably
you're,
getting
spread
across
a
different
pot
in
our
clusters
horizontally
distributed
load
balancing
in
traffic,
which
is
pretty
cool
and
then
real,
quick.
Why
we're
here
we
can
totally
set
our
replica
count
equal
to
zero
I
think
this
is
just
kind
of
cool
for
folks
who
have
never
seen
this
before,
but
yeah.
You
look
and
you
can
see
over
here
on
the
left
of
traffic
ingress
controllers
totally
freaking
out.
A
A
Universe
controllers
still
routing
traffic,
but
it's
kind
of
yelling
at
us
so
like
we
could
totally
configure
Prometheus
or
whatever
else
to
respect
this
here
and
we
could
come
back
and
we
could
scale
it
back
to.
Let's
do
10
now
and
because
we're
using
a
PVC
in
kubernetes,
our
state
was
preserved,
so
you
should
be
able
to
come.
Our
service
is
now
fixed,
it
should
be
fixed
and
we
should
see
everybody's
names
at
home
as
soon
as
it
comes
back
online.
A
So
I
wonder
what's
going
on
here,
okay,
so
it
finally
reloaded
BAM
state
was
preserved.
Traffic
still
doing
its
thing.
Routing
Marco
says
this
is
a
great
episode,
great
job
Chris,
always
happy
to
learn
about
ingress
in
traffic,
thanks
for
the
feedback,
Marco
thanks
folks
at
home,
for
participating
here
in
the
state
flap,
and
thanks
to
the
folks
at
traffic
for
building
a
super
amazing
and
reverse
proxy
load
balancer
for
us
to
running
kubernetes
and
getting
the
kubernetes
resources
to
find
for
us.
A
So
it's
pretty
easy
to
get
up
and
off
to
the
races
with
traffic
running
kubernetes.
So
I
always
forget
to
do
this
on
every
episode,
but
I'm
gonna
check
my
notes
and
I'm
actually
going
to
switch
to
a
different
view
and
I
watched
Joe
do
this
and
he
does
it
like
so
like
it's
very
smooth
and
sneaky
every
time,
but
you
totally
like
always
tell
when
a
TVA
is
closing
out.
Cuz
like
you
come
to
this
view.
A
It's
like
here,
I
am
and
we're
talking
again
so
anyway,
there
is
a
question
in
chat
earlier
from
Mizzou
that
we
wanted
to
bring
up,
which
was
like,
let's
scroll,
haven't,
actually
read
the
question
here:
okay,
so
Josias
says:
hey
Chris.
First
of
all,
thank
you
for
this
awesome
demo.
Ever
since
I
found
out
about
Hecky,
oh
I've
been
loving
every
single
thing
you
guys
do
from
where
I
said
this
culture
looks
fabulous
and
I
think
before
then.
A
That
is
basically
like
the
white
book,
for
if
you
want
to
be
an
SRE
and
then
I
think
it's
just
getting
yourself
mentally
ready
to
use
the
skills
you
learn
as
a
software
engineer,
but
instead
of
writing
a
software
for
business
logic,
you're
going
to
be
writing
a
software
to
do
and
monitor
and
orchestrate
other
software,
which
is
exactly
what
kubernetes
is
and
does
is.
As
a
software
engineer,
I'm
now
writing
code
that
manages
other
code
and
the
other
code
that
I'm
managing
is
actually
what
makes
my
company
money
behind
the
scenes.
A
But
for
different
reasons,
and
because
of
those
different
reasons,
you
got
to
kind
of
have
a
fool
like
broader
spectrum
of
understanding
like
everything
from
different
protocols
to
how
systems
work
to
you,
like
do's
and
don'ts
of
system
orchestration
to
redundancy
problems
to
you
like.
What's
the
difference
between
failing
quickly
and
failing
slowly
and
there's
just
like
lifetime
of
learning
but
I,
think
starting
with
yesterday
book
is
a
great
great
resource.
I
think
poking
around
kubernetes
is
another
great
resource.
A
It's
just
a
matter
of
like
flushing
out
those
linked
lists
and
understanding
the
complexities
of
how
kubernetes
does
its
mapping
and
making
our
software
behave
reliably
in
the
same
way
that
kubernetes
does
and,
as
we
saw
on
the
episode
like
we've,
already
hit
our
first
bug
with
being
able
to
list
pods
based
off
of
their
corresponding
higher-level
application
abstractions.
So
there's
a
lot
that
a
lot
that
goes
into
it
and
a
lot
that
we're
gonna
have
to
take
into
consideration
and
it's
a
pretty
simple
pattern.
A
But
we're
gonna
have
to
take
this
simple
pattern
in
a
really
hard
net.
So
hopefully
over
the
next.
You
know
year
or
so.
We'd
see
the
the
program
take
off
and
we
can
use
it
in
Fiji
aka,
explore
kubernetes
and
help
us
key
bug
may
be
important,
so
Carlos
says
anyone
ever
run
into
an
edge
traffic
instance
off
cluster
configured
by
the
ingress
controller.
A
Not
sure
what
you
mean
by
that
I'm,
assuming
that
means
like
you're
running
traffic,
independently
of
your
kubernetes
cluster
I,
can
try
to
think
of
a
reason
why
you
would
want
to
do
that.
I
mean
I,
think
that
gives
you
like
a
separation
of
concerns
like
if
your
cluster
goes
down
at
least
your
front-facing
public
facing
endpoint
and
your
first
layer
of
software
for
your
system
stays
online.
A
So
maybe,
if
you
had
like
an
emergency
triple
redundant
backup
of
like
your
application
running
somewhere
else,
you
could
like,
in
a
in
a
pinch,
repoint
your
traffic
or
any
load
balancer
or
edge
proxy
for
that
really
matter
to
your
like
warm
back
up.
So
that
might
be
like
a
good,
a
good
pattern
as
like
a
really
really
hyper
aware
back
before
using
traffic
as
an
entry
point
free
application.
Hosszú
says
thanks:
Paul
says
mentally
preparing
for
the
whole
on
call
thing
is
kind
of
a
big
thing
for
us.
Are
you
as
well
yeah?
A
A
So
there's
a
lot
of
demanding
work
in
weird
times
that
come
with
me
in
an
SRE
need
to
be
mentally
prepared
for
as
well
I
mean
Carlos
has
got
an
on
premise:
load
balancer,
totally
reasonable
to
to
separate
your
load,
balancer
away
from
the
rest
of
your
application.
If
you
have
an
application
that
goes
down,
often
okay,
so
anyway
we're
new
to
the
recap:
everything
we
did
technically
and
then
we
get
out
of
here.
Let
you
guys
enjoy
the
weekend.
So
we
we
got
traffic
up
and
installed
and
running.
A
We
were
able
to
define
two
ingress
rules
in
two
different
namespaces
and
route
traffic
from
one
ingress
rule
in
one
namespace
separately
on
a
different
point
from
traffic
and
another
ingress
rule
in
a
different
namespace.
We
were
able
to
get
the
dashboard
up
in
writing.
We're
able
to
see
the
different
end
points
for
traffic.
We
were
able
to
simulate
a
round-robin,
round-robin
load
balance
and
we
were
able
to
break
that
and
bring
it
back
as
well
and
watch
the
traffic
logs.
A
You
know
detect
that
there
was
a
problem
and
bring
it
back
to
life
afterwards
and
actually
create
a
real
working
ingress
with
fabulous
AF
here
live
on
TGI
K,
and
that
is
my
introduction
to
traffic.
So
if
folks
have
any
questions
or
any
thoughts
on
the
episode
at
all,
please
let
us
know
we're
always
looking
for
new
episode
ideas
here
at
hefty
o4t
gik.
We
try
to
do
this.
A
Every
week,
we've
missed
a
few
weeks
from
crazy
mountaineering
accidents
or
vacation
and
or
one
sort
of
went
out
for
another,
but
we
will
definitely
be
back
next
week.
I
think
I'm
going
to
be
driving
again.
So
no
idea
what
we're
going
to
do
it
all
next
week
we
kind
of
like
pick
it
each
week
so
tweet
at
us.
Let
us
know
what
you
think.
Let
us
know
what
you
want
to
see
we're
happy
to
put
something
together,
we're
happy
to
do
a
demo,
we're
happy
to
to
do
what
we
can
to
help
you
out.
A
So
thanks
for
joining
everyone,
it's
been
a
fabulous
episode
and
we're
gonna
see
everybody
next
week
looks
like
Timo.
Has
one
more
question
here
and
let's
see
if
we
can
sneak
in
one
question
here
at
the
end
and
I
know,
there's
a
little
bit
of
lag.
So
I
give
folks
a
few
seconds
to
say
their
goodbyes,
so
Timo
says
Carlos
traffic
works
off
cluster
as
well.
You
need
a
bit
more
configuration
for
the
Kade
cpi-m
point.
A
The
tricky
part
is
probably
how
to
route
traffic
to
the
pods
yeah
and
using
a
tool
like
UPS
or
even
like
bring
your
own
DNS
provider.
You
could
totally
configure
that,
but,
like
Timo
hit
the
nail
on
the
head
here,
it's
just
going
to
be
a
little
bit
more
configuration
and
a
little
bit
more
tribal
knowledge.
You're
gonna
have
to
go
through.
Okay,
so
Jeffrey
says,
would
love
to
see
an
episode
when
the
best
tool
for
an
on-prem
cube,
deploy
I
would
love
to
do
that.
One
I
love
installing
kubernetes.
A
It's
one
of
my
favorite
things
to
talk
about
so
Roy
says.
Thank
you.
Carlo
says
thanks.
Tiago
thanks
great
job
credits,
helpful
audience
nice
to
watch
this
live
gift
says.
Thank
you
Aaron!
Thank
you!
Everybody
like
for
real!
It's
always
great
to
see
you.
You
helped
make
T
JK
what
it
is.
You
helped
us
debug
and
you're
here
with
us.
So
thank
you
so
much
for
joining
us
live.
It
really
helps
bring
life
to
this.
This
whole
thing.
It
helps
us
a
lot
as
we're
doing
it
here
live
on
screen.