►
From YouTube: TGI Kubernetes 059: Exploring CNAB with Kubernetes
Description
Come hang out with Kris Nova as she does a bit of hands on hacking of Kubernetes and related topics. Some of this will be Kris talking about the things she knows. Some of this will be Kris exploring something new with the audience. Come join the fun, ask questions, comment, and participate in the live chat!
A
Hello
and
welcome
to
TGI
K
live
from
the
hefty
owe
studios
in
lovely
downtown
Seattle,
where
we
have
a
lovely
view
of
my
favorite
mountain
right
on
the
the
other
side
of
the
screen
here,
hi
how's
everybody
doing
today.
It's
good
to
see
everyone,
so
we
like
to
start
off
and
we
like
to
see
who's
all
joining
us
today
in
the
the
YouTube
chat,
so
folks
can
join
in
live
and
they
can
participate
in
the
chat
and
help
me
out
if
I
get
stuck
or
I
need
help
along
the
way.
A
So
it's
just
a
lot
of
fun
and
one
of
the
first
things
we
do
is
be.
It's
been
a
little
bit
of
time
and
tell
people
hi
who
are
who
are
joining
us.
So
it
looks
like
bob.
Was
our
first
chat
this
week.
I
think
bob
got
here
pretty
early
before
we
even
started
it's
good
to
see.
You
Bob
looks
like
he's
joining
from
Hollywood
and
coming
for
a
cute
Cod
next
week,
so
I
think
that's
exciting.
Cube
con
is
next
week
here
in
Seattle.
A
So,
if
folks
want
to
to
get
together
or
have
any
questions
about,
Seattle
I
live
here,
Joe
lives
here
our
offices
here,
if
we
know
a
thing
or
two
so
feel
free
to
hit
us
up,
and
we
can
help
you
out
along
the
way
and
we'll
talk
more
about
Q
con,
hear
it
a
little
bit.
So
we
have
a
decent
good
to
see
you
again.
A
We
have
George
I,
can't
I,
think
it's
something
Jersey,
so
I
think
that's
Spanish
for
New
Jersey,
but
somebody
who
can
speak
Spanish
or
whatever
language
that
is
can
probably
deter
it
better
than
I
can
Shawn
Smith
good
to
see
you
Shawn
wants
to
know
who's
going
to
keep
Khan
we.
Actually
we
should
do
that.
A
Really
quick
in
the
chat,
real
quick
do
a
plus
one
if
you're
going
to
be
at
cube
con
and
maybe
introduce
yourself
and
say
hi
and
some
folks
just
get
an
idea
of
who,
from
the
TGI
K
audience
which
is
from
all
over
the
world,
is
going
to
be
here
in
Seattle
hanging
out
learning
about
kubernetes
next
week
at
the
the
conference,
and
that
looks
like
we
have
Philip
from
Germany,
we
have
to
leap
from
Paris.
We
have
somebody
from
France,
so
we
have
a
really
good
European
representation
here
or
I.
A
Guess
I,
don't
I,
don't
know
if
everybody's
in
the
European
Union
anymore.
That
stuff
is
confusing
to
me
anyway.
George
is
here
so
George
is
helping
us
out
so
hi
everyone.
This
is
George
I'll,
be
helping
Chris
today
and
as
usual,
we
have
a
hack
MD,
which
will
pull
that
up
here.
In
a
second
start,
going
through
some
of
the
links
and
some
of
the
exciting
updates
for
the
week
Olaf
hi
from
Denmark,
we
have
Antoine.
Also
from
Paris
we
have
Roy
from
Toronto
Sayid
I
lost
my
spot
where'd,
you
go
Sayid
hi
from
London.
A
We
have
Leonardo
from
Brazil
Francisco
se
team
Cisco
from
Chicago
Logan
Square
hi
from
Austria
Washington
DC,
Phoenix,
Oh
Todd,
says
my
first
cube.
Khan
is
next
week,
can't
wait
if
I
find
you
or
Chris
you
get
beer
or
whatever
beverage
might
be
on
me
yeah.
So
we
would
love
to
see
you
feel
free
to
come
up
to
myself
or
to
Joe
I'm
gonna
go
ahead
and
sign
Joe
up
for
this
cuz.
This
is
just
what
I
do,
but
we'll
be
around
we'll
be
hanging
out.
A
The
Hep
C
Oh
booth
I
have
a
lot
of
stuff
going
on
I
know.
Joe
also
has
a
lot
of
stuff
going
on.
So
if
you
see
us
in
the
hallway
and
want
to
like
stop
and
say
hi
or
grab
a
selfie
or
just
check
in
and
meet
us
and
shake
shake
some
hands,
we
would
love
to
meet
you.
We
love
meeting
people
who
who
tuned
in
for
TDI
K,
and
would
it
be
a
great
opportunity
to
meet
you
so
don't
be
shy,
come
up
and
and
track
us
down.
A
If
you
need
to
hide
from
Phoenix,
we
have
a
lot
of
plus
one.
So
it
looks
like
we
have
Bob
send
Todd
Mike
got
a
minus
one
in
a
sad
face:
poor
Mike,
Shawn's
gonna
be
a
cute.
Con
Muhammad
says.
Can
anyone
please
guide
me
it's
my
first
Muhammad
if
you
need
help
I'm
sure,
there's
folks
here
who
could
offer
some
mentorship?
A
If
not
kubernetes
community
offers
some
mentorship
and
if,
if
there's
anything,
I
can
do
feel
free
to
to
ping
me
and
I'm
happy
to
help
as
well
hi
from
San
Jose
good
morning
from
oh,
we
have
more
one
Sayid
and
Wally.
Both
are
ones
that's
released.
All
the
sad
faces
are
so
sad.
No
hi
from
Finland
Suresh
is
with
a
one
hello
from
San
Francisco,
hello
from
Brazil
hi
from
Portland,
so
for
all
of
our
ones.
A
From
around
the
world
we
do
have
the
CN
CF
and
you
know
III
helped
kind
of
start
this
a
little
bit
and
especially
help
grow
it
to
where
it
is.
Today
we
do
have
a
diversity
and
inclusion
scholarship,
which
could
help
offset
some
of
the
cost
from
traveling
around
the
world
if
you
meet
any
of
the
criteria.
So
if
you
want
to
talk
more
about
that-
or
you
think
you
might
be
eligible,
don't
be
shy,
we
can
get
you
signed
up
for
the
next
cute
con
and
hopefully
get
you
out
to
a
cute
con.
A
Okay,
so
Mohammed
says
the
cube
cut
schedule
is
overwhelming
any
tips.
Mohammed
I
usually
do
the
hallway
track
and
see
what
people
are
talking
about,
and
that's
how
I
pick
my
conferences.
So
that's
my
like
secret,
Nova,
cube
Khan
strategy
is
I
kind
of
just
hang
out
and
talk
to
folks
and
then
usually
I
just
noticed
that
more
talks
seem
exciting
than
others,
and
then
those
are
the
ones
that
get
my
attention.
Also
I
go
and
I
talked
to
a
lot
of
my
friends
in
the
community
and
see
what
they
are
talking
about
beforehand.
A
So
let's
just
go
back
over
to
the
screen
in
my
face-
and
here
is
our
hack,
AMD
and
Walid
says:
would
you
say
that
cube
con?
Us
is
the
best
or
are
they
just
different
between
the
European
and
the
Chinese?
So
a
little
bit
of
history
I
think
cube
con
started
here
in
the
United
States.
This
is
the
second
time
I
have
been
to
keep
Kahn
in
Seattle.
My
very
first
cube
con
was
in
Seattle
two
years
ago.
I've
been
to
two
or
three
of
the
European
ones.
A
Now
the
European
ones
are
a
ton
of
fun.
This
year
was
the
first
year
we
did
keep
con
China
I
did
not
go,
but
I
heard
amazing
things.
I
think.
One
of
the
things
you
just
have
to
be
aware
of
is
a
conference
is
localized.
The
content
of
the
conference
is
going
to
be
localized
to
what's
important
to
that
region.
A
So
if
the
the
technology
in
China
is
something
that
makes
sense
to
you
or
something
that
you're
using
a
lot,
that
might
be
an
interesting
conference
to
check
out,
but
there
is
going
to
be
some
localization
going
on
for
each
of
the
conference's
as
well
as
far
as
US.
First
European
I
would
say,
like
their
value
is
a
wash
they're
the
same,
but
you
do
see
a
slightly
different
localization,
based
on
what
folks
in
the
EU
are
doing
versus
what
folks
in
the
u.s.
are
doing.
So
just
you
know
be
aware
of
that.
A
But
you're
gonna
have
a
great
time,
no
matter
which
one
you
go
to.
So
if
you
can
get
to
any
of
them,
make
it
a
point
to
to
get
out
there?
Oh
and
it
looks
like
somebody's
typing
in
the
HEC
indeed,
so
this
is
cool.
Cuz
people
can
can
type
real-time.
This
would
be
a
good
place
to
show
the
stand.
Oh
okay,
so
George
is
reminding
me
before
we
we
get
started.
We
actually
have
a
really
cool
toy
that
we
wanted
to
show
today.
A
So,
let's
see
if
I
can
switch
over
to
our
docket
camera,
so
George
can
you
give
like,
in
the
chat,
really
quick,
a
little
bit
of
history
about
what
this
cam
came
from
and
why
we
got
it.
But
I'll
just
talk
about
my
experience
with
the
stamp
today
so
I'm
sitting
at
my
desk,
getting
ready
for
TGI
K
and
all
of
a
sudden
Jo
runs
up
to
me
with
a
big
white
box
and
he's
like.
Oh
my
gosh.
A
So
it's
an
official
hefty
oh
container
ink
hold
everything
so
anyway,
we
were
playing
with
this
earlier
and
actually
I
tried
to
get
one
on
my
arm,
which
is
super
bruised,
as
you
can
see,
but
anyway,
I'm
we're
gonna,
do
one
real
quick.
Why?
Because
I
just
want
folks
to
see
how
actually
really
awesome
this
stamp
is
and
I
think
it's
gonna
be
out
the
contributors
summit,
so
we
can
stamp
various
kubernetes
things
and
make
them
kubernetes
official
for
anyone
who
wants
to
play
with
the
kubernetes
stamp.
Ok,
so
George
says
so.
A
The
kubernetes
logo
is
in
the
main,
repo
it's
an
SVG
file,
so
I
just
uploaded
it
to
stamp
and
Sons
and
name
is
stamp
for
us,
we'll
be
using
this
to
stamp
swag
bags
at
Q
con.
Ok,
so
if
you
want
a
swag
bag
stamp
or
you
want
some
papers
like
fancy,
business
papers
stamped
or
you
just
want,
like
your
arm
or
your
leg
stamped,
come
see
us
at
the
contributor
summit
or
I'm,
assuming
we'll
also
have
it
at
the
hefty
o
booth,
and
we
can
give
you
in
kubernetes
stamp.
So
without
further
ado.
A
A
So
anyway
come
check
out
the
awesome
kubernetes
stamp
that
Jorge
got
for
us
good
idea.
George
soon
says:
are
you
gonna
have
the
snare
that
you're
booth,
I'm
assuming
we
are
I
mean
this
is
kind
of
the
first
time
we're
talking
about
it
but
like
yeah?
Why
not
right
I'm
say
it
says
we
should
have
cubic
on
UK.
Next
year,
since
we're
not
gonna
be
part
of
the
EU
anymore
ya
sayyid,
we
can
totally
propose
that
too.
This
means
you
often
see
what
they
think
I
know.
A
A
lot
of
these
conferences
are
scheduled
pretty
far
in
advance
like
up
to
a
year
or
over
a
year,
sometimes
just
because
booking
conference
centers
and
things
and
the
other
whole
insurance
policies
that
go
into
it
so
like
we
should
talk
more
if
you're
serious
about
getting
involved
and
maybe
starting
on
another
one
or
worst
case
scenario.
We
could
definitely
put
together
a
kubernetes
themed
conference
and
just
kind
of
do
it
independently.
So
there's
an
option
as
well,
but
I'm
sure.
A
A
lot
of
folks
here
have
ideas
and
would
be
interested
in
talking
to
you
about
that
and
I
can
connect
you
with
some
of
my
friends
in
London
and
in
the
UK
who
have
like
started
conferences
from
scratch,
and
you
know
have
gone
a
couple
years
and
they're
pretty
successful
now,
so
they
might
be
able
to
help
out
and
point
you
in
the
right
direction
as
well.
While
you've
said
school
salmon
says
best
half
I've,
seen
in
2018
help.
A
You
assess,
let's
hope
she
doesn't
use
up
all
the
ink
I
just
got
my
tattoo
like
redone,
so
like
I'm
already
using
up
most
of
the
ink
everywhere.
Okay,
so
let's
go
back
and
let's
look
at
aren't
how
Kim
D
cuz
we
got
a
lot
to
go
over
and
we
haven't
even
started
talking
about
scene,
AB
and
duffle
yet
which
won't
get
too
I
promise.
Okay.
So
let's
do
our
Week
in
Review
here
so
first
things.
A
A
The
first
one
is
the
official
release
notes,
so
these
are
relevant
to
to
you
if
you
want
to
actually
come
and
read
every
little
detail,
along
with
the
actual
commits
in
the
original
author
of
the
commit
or
pull
request
for
each
of
these
features-
and
this
goes
into
great
detail.
So,
if
you're
really
curious
and
want
to
get
down
into
the
nitty-gritty
of
what
changed
in
this
release,
this
is
the
ultimate
source
of
truth.
So
this
is
a
fantastic
resource,
but
most
folks
are
kind
of
more
interested
in
a
little
bit
higher
layer.
A
So
that's
where
this
kubernetes
IO
blog
release
announcement
comes
in,
and
this
kind
of
high
levels
everything
it
kind
of
puts
it
into
perspective.
So
the
first
thing
you
want
to
like
notice
here
is
a
simplified
kubernetes.
Cluster
management
with
cube
admin
and
GA,
like
we've,
been
waiting
for
this
for
a
long
time,
I
know
Tim
and
a
lot
of
folks
from
sick
cluster
lifecycle
have
been
working
on
this
and
cube.
A
Admin
is
finally
GA,
and
this
opens
the
door
to
a
ton
of
folks
who
have
been
wanting
to
adopt
cube
admin,
but
the
the
the
GA
barrier
has
prevented
them
from
adopting
cube
admin.
So,
like
big
shout
out,
we
finally
made
it
good
job
everyone,
and
we
should
totally
like
send
everybody
who
helped
work
on
making
this
GE
GA,
like
I,
have
to
do
a
swag
bag
or
something
to
say
thanks
for
it.
A
This
is
that
same
paradox,
but
with
our
same
paradigm,
but
with
storage.
So
this
is
exciting
as
well
that
we're
finally
starting
to
standardize
storage
because
I
know
that's
been
confusing
for
a
lot
of
folks
along
the
way.
Also
core
DNS
is
now
replacing
cube.
Dns
cube,
DNS
has
been
it
been
great.
It's
been
there
since
I
started
working
in
kubernetes
I
know
some
folks
have
had
some
issues
with
it
and
I
think.
A
A
lot
of
people
are
relieved
that
we're
finally
moving
to
Cordina
says
this
is
going
to
help
ease
over
a
lot
of
the
DNS
related
problems
that
we've
been
seeing
in
kubernetes.
So
this
is
another
exciting
one
as
well,
and
then
you
can
come
down
here
and
you
can
actually
see
there's
some
some
other
features
if
you
want
to
come
and
check
them
out
so
congrats
for
folks
on
the
1.13
release.
Okay
next
place-
oh
so
George
put
us
here.
A
This
would
be
a
good
place
to
show
the
stamp
I
actually
did
it
before
1.13,
but
that's,
okay,
okay!
So
this
next
one
is
the
CDE.
So
I
don't
want
to
go
off
on
too
much
of
a
tangent
here,
but
I
I
definitely
couldn't
sleep
the
other
night
and
spent
about
three
hours,
thinking
through
the
API
servers,
source
code
and
looking
through
all
the
different
commits
and
actually
understanding
what
was
going
on
here
and
how
this
whole
thing
actually
happened.
A
So
there's
some
really
great
articles
out
there,
that's
sort
of
like
high-level
at
for
folks
but
I'm,
going
to
give
you
like
the
real,
quick
and
dirty
what
happened
and
what
does
this
mean
for
you
and
I'm
gonna
kind
of
like
go
through
and
show
you
a
little
bit
of
the
the
history
here.
So
this
is
the
the
announcement
on
the
discussed.
Kubernetes
I
know
that
just
mentioned
the
vulnerability.
This
person,
liket
I,
want
to
say,
I,
never
know,
I
always
know
how
to
read
their
name,
but
I
don't
know
how
to
pronounce
it.
A
So
this
person
is
the
one
who's
kind
of
been
driving.
It
has
been
answering
most
of
the
questions
in
the
the
github
issue
here,
which
we
can
see
this
tracking
issue
here,
and
so,
when
I
wanted
to
find
out
more
about
the
CVE.
This
is
definitely
where
I
came
and
where
I
started.
So,
if
you
notice
the
title
here,
it
says
proxy
request,
handling
and
cuvee.
A
You
probably
should
go
and
upgrade
your
cluster
immediately,
because
this
is
a
fairly
serious
bug
and
this
is
just
affects
the
kubernetes
api
server
and
if
you
want
to
start
doing
a
little
bit
of
the
history
here,
you
can
come
through
and
read
all
this.
But
what
I
want
to
point
out
is
where
we
changed
the
title
right
here,
so
it
says
like
it
or
legit
changed
the
title
from
proxy
connection
gets
stuck
on
air
in
response.
So
this
is
the
first
thing
you
need
to
understand.
A
So
this
can
translate
to
remote
code
execution,
because
if
you
can
schedule
a
pod
or
even
exact
into
a
pod,
you
basically
can
do
whatever
you
want.
So
an
estas
says:
there's
a
good
command
allowing
you
to
check
if
your
setup
is
vulnerable
or
not
in
the
issue.
Okay,
so
there
might
be
a
command
down
here
that
somebody
pasted.
This
is
a
pretty
long
issue
track
issue
here.
So
if
you
want
to
come
and
come
and
read
it,
you
can
I
got
to
about
here
the
other
day,
and
these
are
all
new.
A
Ok,
we'll
show
you
the
tool
that
somebody
built
and
that
can
also
help
you
as
well.
So
anyway,
if
you
get
to
the
cubelet
api
server,
you
pretty
much
get
root
because
it
uses
the
API
servers
TLS
to
authenticate
and
the
API
server
is
basically
able
to
control
and
command
the
cubelet.
So
if
you
have
those
TLS,
creds
you're
pretty
much
able
to
do
whatever
you
want.
So
this
is
a
relatively
scary
CDE.
A
Fortunately,
we
had
it
fixed
and
patched
relatively
soon,
and
we
have
upgrade
stories
already
available
so
yeah,
that's
the
the
TLDR
on
the
CVE
of
earlier
this
week.
I
think
we're
going
to
talk
about
it
a
little
bit
at
the
panel
next
week
that
I'll
be
on
and
then
in
general.
If
you
want
to
talk
about
it
more
feel
free
to
come.
Stop
me
or
Joe.
Joe
is
much
more
involved
into
the
security
side
of
things,
so
he
can
probably
speak
a
little
bit
more
to
so
how
this
happened
and
what
would
she
do?
A
Architectural
II
moving
forward
to
prevent
things
like
this
from
happening.
I
just
wanted
to
kind
of
explain
it
to
folks,
so
they
got
an
idea
of
what
actually
is
going
on
here
in
estas
says:
affected
configuration
section.
Has
it
so,
let's
see
if
we
can
grab
for
the
affected
configuration
okay,
so
here
is
a
the
command.
You
can
run
to
see
I.
Think
if
you
could,
if
it's
exploitable
or
not,
let's
see
what
this
says
like
the
metric
servers
that
are
directly
accessible
from
the
kubernetes
api
servers
network.
A
Okay,
so
yeah
feel
free
to
come
through
and
check
this
out,
and
then
this
is
just
a
natural
segue
into
this
test
tool
here,
which
you
can
run
and
it'll
actually
give
you
like
a
yes/no.
Is
your
cluster
vulnerable
or
not
Jordan
links
in
one
line,
your
key
Bechtel
command
to
show
the
aggregated
api's
are
enabled
to
which
part
of
the
issue,
although
not
all
of
it,
also
I,
think
the
anonymous
ox
flag
has
to
be
turned
on
on
the
API
server
as
well.
A
So
yeah,
it's
a
pretty
niche
issue,
but
just
being
aware
of
like
what
could
happen
and
then
using
a
tool
like
this
to
determine
if
your
cluster
is
vulnerable
or
not.
In
any
case,
it's
good
practices
to
keep
your
clusters
upgraded.
So
you
know,
upgrading
to
the
most
recent
version
is
a
good
idea,
regardless
of
a
code
for
ownable
or
not
okay.
So
that's
the
CVE
TL
DR.
Let's
see
what
we
got
next
cubed
X's
90
days
of
production
on
e
KS,
oh
cool.
A
This
looks
like
Pokemon
I,
don't
know
what
this
is,
but
I
want
to
play.
Pokemon
now,
90
days
of
AWS
eks
in
production,
oh
cool,
so
this
is
talking
about
the
first
90
days
of
somebody's
experience
using
Amazon's
eks
in
production.
I
spent
a
lot
of
time
talking
about
uks
last
week.
I
did
two
presentations
at
reinvent
with
my
buddy
Chris
Heian,
who
works
at
AWS
I
learned
a
lot
about
eks
cuddle,
I
learned
a
lot
about
UK,
yes,
and
how
they
built
in
or
architected
everything.
A
So
this
would
be
a
good
read
for
a
lot
of
folks.
I
talked
to
you
last
week,
I
reinvent
to
come
through
and
get
the
first
60
days
deep
dive
into
what
it
takes
to
get
a
kubernetes
cluster
up
and
running.
I
know
there
was
a
lot
of
concerns
about
like
oh,
how
do
I
get
my
API
server
logs
or
what
happens?
How
do
I
turn
the
audit
logs
on,
or
does
this
integrate
with
cloud
watch?
A
And
so
there
was
a
lot
of
questions
around
the
sort
of
user
experience
here
and
I
think
this
will
probably
highlight
a
lot
of
that
for
folks.
So
if
you
want
to
come
and
get
a
heads
up
on
that,
this
is
a
good
place
to
start
it
looks
like
people
are
in
the
chat.
Let's
see
what
they're
saying
also
I'm
gonna
nonchalantly
drink
out
of
my
head.
Do
muck
here,
I
guess:
I
can
lower
this
a
little
bit
there
we
go
while
I
read
the
chat.
A
Sorry,
I
swallowed
it
the
wrong
way.
It's
like
it's
I
eat
says:
does
it
affect
hosted
solutions
like
gke
I,
don't
know
exactly
how
GK
has
it
a
cluster
setup
I'm
assuming
the
folks
at
GK,
considering
a
lot
of
the
people
who
work
on
the
API
server
and
probably
were
hands-on
with
the
the
PR
as
it
came
through,
have
already
reacted
to
this,
and
gke
probably
has
a
story
and
a
great
path
for
folks.
Also,
one
of
the
advantages
of
running
manage
kubernetes
is
when
things
like
this
happens.
A
A
So
you
like,
what
are
the
top
10?
Let's
see
what
these
are?
Okay,
so
there's
kubernetes
ingress,
Cortinas,
Prometheus,
okay,
so
it
looks
like
there's
a
lot
of
cool
blog
articles
here,
so
this
is
just
probably
an
overall
good
resource
for
folks.
Okay,
so
that's
cube,
X
or
cute
did
I
say
that
right,
cubed
x,
yeah,
cubed,
X's,
okay,
so
this
next
one
is
a
ton
of
fun.
Sorry,
so
hep
tio
Ark
is
our
backup
and
recovery
tool.
And
then
this
is
like
the
you
know,
don't
say
anything
but
there's
a
good
chance.
A
We
might
be
doing
a
TGI.
Hey
live
on
Hef
New
York
next
week.
If,
if
sort
of
the
the
Kosmos
are
in
alignment,
so
come
see
me
or
Joe,
if
you're
interested
in
learning
more
about
arc,
we
can
do
some
demo.
You
know
the
booth
and
we'll
have
a
lot
of
folks
at
TGI
K
like
carlesha
here
who
work
on
the
source
code.
It
could
tell
you
more
about
arc,
but
what's
it
more
important
to
that
is
this
issue
in
the
engineering
world.
A
We
all
know
that
that
naming
things
is
quite
possibly
the
most
difficult
thing.
We
ever
do
in
our
careers
and,
as
hefty
o
is
going
through
our
acquisition
into
VMware.
We
have
discovered
that
there
is
a
different
backup
tool
that
we're
already
has
called
arc
spelt
with
a
Q.
So
in
order
not
to
confuse
hefty
Oh
arc
with
VMware
Arc,
we
decided
that
we
want
to
name
rename
hefty
Oh
arc.
A
I
guess
the
two
rules
are
here:
it
needs
to
be
a
proper
English
word
and
it
needs
to
be
a
nautical
theme
and
then
also
know
like
constructive
names.
Only
please
know
boaty,
mcboatface
etc.
Thank
you,
I
tweeted
about
this
I
know,
there's
been
some
other
tweets
about
it.
If
you
have
any
ideas
and
you
want
to
go
into
the
pool,
feel
free
to
come
and
add
your
idea,
there
is
already
a
ton
of
these
and
I
think
somewhere
in
here,
yeah,
there's
62
more.
A
That
github
will
hide
and
you
can
load
all
of
those
and
it's
just
a
ton
of
people
naming
things
so
in
general.
I
was
thinking
about
this
earlier
today,
if
you're,
just
naming
a
tool
in
kubernetes,
there's
actually
probably
some
good
ideas
here.
So
this
is
probably
a
good
like
naming
thread
just
a
bookmark
in
case
you
ever
die
right
in
a
tool
that
you
need
a
nautical
themed
name
for,
because
there's
a
lot
of
exciting
names
here
from
a
lot
of
different
people
around
the
the
industry.
A
So
this
is
fun
and
if
you
have
any
ideas
feel
free
to
come
at
them.
Okay,
last
but
not
least,
the
up
bound
folks
announced
crossplane.
So
I
love
doing
these.
So
Jorge
added
this
one
I've
never
looked
at
it
before
till
now,
so
you're,
getting
like
the
the
virgin
eyes.
Look
at
whatever
this
new
thing
is.
Today
we
are
introducing
crossplane
the
open-source
multi-cloud
control
plane.
I
still
don't
know
what
it
is.
A
A
So
this
looks
exciting
if
it
is
what
I
think
it
is
and
see
with
crossplane
a
developer
writes
a
portable
config
and
it's
certainly
not
concerned
about
the
cloud
provider.
So
this
is
kind.
My
sequel
instance
name
WordPress,
okay,
so
I
see
what's
going
on
here.
This
is
very
similar
to
what
we
were
doing
in
sig
was
a
sig
cluster
catalog,
something
catalog
it's.
What
some
of
my
old
homies
at
Microsoft
and
Deus
were
working
on,
which
was
basically
writing
a
generalized
abstraction
for
various
commonly
services,
and
then
you
could
sort
of
change
the
backend.
A
So
in
this
example,
you
would
actually
define
this
sort
of
ambiguous,
my
sequel
definition
and
then,
regardless,
if
you
were
running
in
AWS
or
Azure
Google
Cloud,
it
would
sort
of
bring
to
life
their
managed,
my
sequel
service,
behind
the
scenes
for
you,
and
we
would
do
all
that
running
on
kubernetes.
So
this
is
a
exciting
service.
Abstraction
is
what
it
looks
like
I'm
sure,
there's
probably
some
service
discovery
baked
in
here.
If
I
had
to
guess.
Okay,
so
that's
cool.
A
If
you
want
to
come
check
that
out
since
as
multi-cloud
resource
operator,
so
yeah,
that's
what
I
think
multi
I
think
multi-cloud
resource
operator
is
another
way
of
saying
a
certain
like
an
ambiguous
service,
abstraction
operator
that
brings
these
services
up
and
manages
them
in
different
clouds.
Okay,
so
let's
see
what
we
got
going
on
here
so
next
we
have
reference
links.
We
got,
let's
do
cube
con
announcements
and
then
we'll
jump
into
Sina.
A
A
If
you
want
to
go,
watch
Joe's
episodes
on
them,
but
gimble
is
a
more
advanced
management
system
that
allows
you
to
do
some
interesting,
Multi
cluster
things
on
top
of
hefty
Oh
contour,
which
is
an
ingress
controller
built
on
the
Envoy
proxy,
which
our
friends
over
at
lyft
helped
with
the
Envoy
proxy,
and
we
took
advantage
of
that
in
the
road
or
really
slick,
ingress
controller
called
hep.
Do
con
for
big
hats
off
to
my
my
homeboy
Dave
of
down
down
under
who
who
did
a
lot
of
work
there.
A
So
thanks
for
your
hard
work
there,
Dave
and
so
anyway,
if
you
want
to
come
to
and
office
hours
and
talk
more
about
the
future,
the
project
and
the
pipeline
moving
forward
and
get
involved
and
understand
it
feel
free
to
join
octopi.
Oh
Yahoo,
Japan
folks,
along
with
us
at
hefty
Oh
Thursday
at
12:15
at
our
booth
at
p8,
so
make
sure
you
bookmark
p8,
because
that's
where
tjk
live
is
gonna
be
at
cute
con
next
week.
So
here
is
all
the
next
one
down.
A
I'm
gonna
skip
mine
because
all
like
brag
about
myself
at
the
end,
this
is
a
really
cool
page.
It's
hello,
Jeff
do
calm
and
you
can
see
here.
It's
got
our
booth
eight
and
you
can
come
see.
There's
me
on
a
mountain
and
Joe
in
front
of
some
screen
and
it
just
says:
come
join,
TGI
K
live
and
you
can
see
our
kubernetes
training.
That's
already
sold
out
by
the
way,
so
big
round
of
applause
to
our
training
folks
and
then
here's
all
of
our
pepto
nyan
sessions
here.
A
If
you
want
to
come
see
what
we
got
going
on,
there's
a
lot
of
exciting
ones.
So
we're
doing
a
set
cluster
lifecycle.
It
update
with
Robert
Bailey
and
Tim
st.
Clair
I've
got
two
in
here:
Craig
McKee,
our
CEO
has
one
so
make
sure
you
come
and
check
his
out
and
Kate
has
a
really
cool
one
and
we've
been
sort
of
the
past
couple
of
weeks
at
Ft.
A
Oh
we've
been
sort
of
test
driving
our
presentations
with
each
other,
so
I've
seen
a
lot
of
these,
and
these
are
actually
really
solid
presentations,
so
so
come
check
these
out.
So
last
but
not
least,
if
you
want
to
come
check
mine
out,
I've
been
working
on
this
talk
for
over
about
a
year
now
and
I
actually
haven't
given
it
anywhere.
A
So
this
will
be
the
first
time
I've
ever
given
this
talk,
and
it's
called
you
can't
have
a
cluster
bleep
without
a
cluster
and
it
talks
about
the
complexity
levels
of
kubernetes
and
how
it's
easy
to
sort
of
get
caught
up
in
some
of
that
and
then
talks
about
whether
or
not
that's
worth
it
along
the
way.
I
did
a
really
solid
interview
yesterday
morning,
pretty
early
our
time,
but
was
able
to
talk
to
some
of
our
friends
over
at
solando
about
one
of
the
incidents
they
got
into
using
some
really
really
common
kubernetes
patterns.
A
So
we're
gonna
explore
some
real
live
user
stories
and
talk
about
how
easy
it
is
to
get
caught
up
in
some
of
this
stuff
and
talk
about
like
really
clever
ways
of
getting
yourself
out
of
these
sticky
situations.
So
if
you
want
to
come,
learn
more
about
refactoring
and
getting
yourself
out
of
out
of
a
cluster
bleep
for
lack
of
a
better
term,
this
will
be
my
talk
giving
next
weekend
cute
con
as
well.
Okay.
A
The
contributors
summit
is
exciting,
I
think
it's
sold
out,
but
you
you
can
sign
up
for
it
beforehand
and
it's
just
an
opportunity
to
come
and
hang
out
with
folks
like
myself
and
Joe
and
all
the
contributors
to
kubernetes
and
just
have
open
discussions
about
kind
of
whatever
you
want
and
really
a
hammer
on
the
kubernetes
codebase
and
really
explore
multiple
options
of
moving
the
kubernetes
code
and
kubernetes
features
forward.
So
that's
a
cool
one
as
well
that
we
get
to
do
every
cute
con.
A
So
if
you
didn't
get
a
chance
to
make
it
this
year,
make
sure
you
sign
up
next
year
because
I
guess
these
things
are
selling
out
now,
which
is
exciting,
especially
when
you
go
back
to
the
first
one,
which
was
just
like
maybe
20
or
30
people
sitting
in
a
room
hacking
on
kubernetes
for
an
afternoon.
So
these
things
are
definitely
growing
so
excited
to
see
folks
at
that
one
okay.
A
Okay,
first
things:
first,
we
should
talk
about
the
C
NAB
spec,
so
earlier
this
week
we
saw
this
big
announcement
from
our
friends
and
he
was
Microsoft
and
Google
and
terraform
all
right,
I'm,
sorry,
Microsoft,
docker
and
terraform,
not
Google.
Anyway.
You
can
come
here
to
the
scene,
AB
dot,
IO
website,
and
this
is
actually
kind
of
a
walk
down
memory
lane.
A
For
me
back
when
I
worked
at
dais,
we
had
all
of
this
very
similar
branding
on
a
lot
of
our
websites
and
I
got
to
kind
of
see
it
again
this
week,
so
that
was
exciting.
But
anyway,
this
talks
about
scene,
AB
and
kind
of
what
it
is.
It's
a
scene.
Ab
is
cloud
agnostic,
it
delivers
apps
it's
signed
and
secured,
and
then
it
talks
about
this
tool,
duffle,
which
we're
gonna
learn
more
a
little
bit
later,
yeah
so
brought
to
you
by
and
Microsoft
docker
friends
at
bitNami
and
our
friends
at
hash
Ecore.
A
A
It's
interesting
to
see
the
choice
that
they
got
together,
sort
of
on
their
own
built
this
and
then
released
it
to
the
community
instead
of
kind
of
the
other
way
around
getting
folks
involved
firsthand
like
we
do
in
kubernetes,
upstream
and
kind
of
building
it
out,
but
it's
it's
really
fleshed
out
and
you
can
come
through
and
you
can
actually
read
the
the
spec
here
gets
pretty
granular,
defining
everything
and
I've
seen
a
lot
of
tweets
this
week
about
like
okay.
So
what
is
C
NAB?
What
does
it
mean
to
me?
A
How
do
I
make
sense
of
it
and
so
I
kind
of
want
to
help
like
bring
a
lot
of
this
to
life?
So
C
NAB
is
a
specification
that
defines
how
you
could,
if
you
choose
to
use
it
begin
to
start
packaging
applications
and
doing
this
in
a
standardized
way.
So
one
of
the
the
phrases
that
really
resonated
with
me
is
it's
like
we're
still
doing
the
same,
like
basic
tasks.
We've
done
the
whole
time,
we're
just
now
standardizing
how
we're
actually
gonna
go
and
perform
some
of
these
steps.
A
So,
as
you
go
through
and
you
start
reading,
the
spec
you'll
realize
let's
actually
start
here,
and
we
can
look
at
this-
you
can
you'll
actually
go
through
and
you
can
realize
that
these
are
things
that
you're
doing
and
it
just
now
with
C
NAB.
You
can
actually
start
to
standardize
that
and
so
that
you're
doing
at
the
same
time
for
every
application.
A
So
you
get
some
familiarity
of
how
you're
actually
gonna
package
your
app
and
then
it
also
includes,
from
this
whole
PGP
signing
that's
supposed
to
sort
of
give
you
a
little
bit
of
confidence.
So
long
as
you,
you
trust
the
person
who
signed
the
package
that
this
package
is
actually
an
authentic
package
that
you
can.
You
can
go
ahead
and
run
so
C
NAB
is
extremely
generic
and
I.
Think
that's
part
of
the
design
behind
it
is
that
you
can
do
anything
with
it.
A
It
doesn't
matter
what
cloud
you're
running
on
it
doesn't
matter
what
type
of
program
you're
using
for
it.
It's
sort
of
just
this,
like
a
generic
way
of
performing
these
same
steps
that
you
do
with
a
lot
of
application.
Installation
tools,
so
we're
gonna
do
like
I'm
not
going
to
go
through
the
whole
spec
here,
but
I'm,
just
gonna
kind
of
read
the
important
parts
to
kind
of
get
folks
thinking
and
in
the
right
direction
here.
So,
let's
start
with
chapter
1,
the
cloud
native
application
bundle
core,
so
the
summary
section
is
actually
pretty
good.
A
So
it's
a
format.
It's
a
package
view
format
for
a
broad
range
of
distributed
applications,
so
here
we're
seeing
broad
range
of
distributed
applications
again.
This
thing
is
supposed
to
be
super
generic,
so
you
can
kind
of
use
it
anywhere.
Devops
says
anyone
leveraging
this
for
a
bare-metal
Cates
deploys
DevOps
what
or
a
DevOps
e
I
guess
would
be
how
you
pronounce
your
name.
What
is
this
the
word
this
in
your
your
question:
there
anybody
eleventeen!
What
for
bare-metal?
Are
you
talking
about
C
Navi?
A
Are
you
talking
about
something
else,
so
the
bundle
definition
is
a
single
file
that
contains
the
following
information.
Okay,
so
a
bundle
is
sort
of
maps
to
a
single
application
or
a
single
package,
so
we're
trying
to
go
through
and
make
a
bundle
in
a
second
and
we're
gonna
have
like
a
hello
world
application.
A
That's
actually
just
kind
of
like
echo,
some
some
font
out
to
our
terminal
and
that's
gonna
sort
of
be
analogous
to
starting
an
application,
and
all
of
that
is
defined
in
this
thing
called
a
bundle,
dot,
JSON
and
we'll
actually
look
at
what
a
bundle
dot.
Json
looks
like
here
in
a
second
and
then
it
goes
through,
and
it
talks
about
how
you
can
sign
and
have
unsigned
bundles,
which
we'll
look
at
that
when
we
start
running
it
and
it
talks
about
thick
and
thin
bundles,
which
I
didn't
really
understand.
A
These
off-the-cuff
but
I
think
it's
just
the
difference
between
how
much
stuff
goes
into
one
of
these
bundles.
So
then
it
talks
about
the
approach,
and
some
key
turns
that
you
need
to
know
and
again
already
there's
a
lot
that
you're
needing
to
learn
in
order
to
kind
of
croc
what
a
bundle
is,
but
there's
a
bundle
of
JSON
there's
also
a
bundle.
That's
seen
AB
and
all
of
these
are
just
basic
maeda
information,
so
it
just
describes
things
that
are
gonna
be
relevant
to
your
package.
We
sort
of
saw
like
a
very
similar
pattern.
A
When
we
saw
helm
there
was
like
a
value
sea
animal
that
would
allow
you
to
define
things
like
the
maintainer,
the
maintainer,
x'
email
address,
or
perhaps
like
a
unique
version
number
or
version
string.
So
we're
seeing
a
lot
of
that
same
that
same
pattern
here
and
then
the
scene
AB
definition
as
well,
and
then
I
guess
as
we
move
forward
as
we
move
forward.
A
Okay,
so
we
can
go
through
them.
We
can
actually
look
up
all
of
these
different
bundles
and
look
up
the
spec
and
we
can
learn
about
all
the
different
files.
We're
gonna
probably
understand
that
a
lot
easier,
but
I've
seen
it
hands-on,
instead
of
actually
reading
about
it.
So
we're
gonna
skip
past
this.
For
now,
I
really
want
to
go
over
the
bundle
JSON
in
the
invocation
image,
and
then
we
can
look
at
signing
and
provenance
as
well
and
we'll
get
some
we'll
get
hands-on
with
it
here
in
a
second
okay.
A
So
actually,
let's
go
to
the
bundle,
dot
JSON,
first,
okay,
so
the
bundle
dot
JSON
file
here
is
an
example
of
it.
So
you
can
see
here
we
have
a
schema
version.
We
can
give
it
a
name.
We
have
a
version
number
there's
this
arbitrary
description.
We
have
a
list
of
maintainer
objects
with
name,
email
and
URL,
and
then
this
is
the.
A
From
that
conversation
mixed
in
with
my
own
opinions,
mixed
in
with
some
inference
since
I'm,
making
after
working
I
used
to
work
with
these
folks
back
when
we
were
days
so
I
kind
of
like
remember
a
lot
of
the
talk
around
Helms
sort
of
the
ideas
that
were
floating
in
on
the
office
then
and
I'm,
seeing
some
of
that
brought
to
life
here.
So
it's
kind
of
like
a
hybrid
of
all
three
of
those
those
inputs
coming
out
into
gik
right
now,
so
anyway,
invocation
images.
A
This
is
where
you
actually
go
and
you
to
find
a
specific
container
image
that
you
want
to
run.
It's
called
an
invocation
image,
because
this
is
the
thing
that
starts
a
thing
literally,
it's
some
layer
of
software
running
in
a
container,
that's
responsible
for
doing
something
else,
and
that's
pretty
much
all
we're
doing
with
with
scene
AB
in
these
invocation
images.
If
you
notice
here,
we
actually
have
a
list
of
images,
so
we
could
actually
copy
this
and
we
could
like
added
print
image
below
it
and
I
think
we're
still
hammering
out
the
details
on.
A
You
know
how
that's
going
to
be
executed
linearly
and
what
happens
if
one
of
these
invocation
images
fails
or
exists
non
zero
along
the
way.
So
you
know
being
aware
that,
like
we
do
define
a
lot
of
flexibility
here
and
with
a
lot
of
the
flexibility
and
the
complexity
comes
a
lot
of
an
opportunity
for
things
to
kind
of
like
make
a
lot
of
assumptions
and
might
be
a
little
bit
confusing
along
the
way.
A
Let's
look
this
up
open
containers
initiative,
so
you
would
have
to
treat
it
just
a
little
bit
differently
if
it's
docker
and
so
I
think
that's
what's
going
on
here
with
this
image
type
and
then
you
can
come
down
here
and
you
can
define
images
as
well
and
I.
Think
the
big
difference
between
these
two
is
actually
to
be
honest.
I,
don't
know
the
difference
between
these
two.
A
A
Okay,
these
are
all
things
that
I
would
concern
myself
with,
if
I
needed,
to
give
my
application
to
somebody
else
to
run.
If
I
had
a
small
web
service
running
on
my
my
local
computer
and
I
needed
to
go
like
you
know,
packaging
this
up
and
give
it
to
a
friend
down
the
street.
Some
of
the
things
that
I
would
need
to
concern
myself
with
would
be
like.
Does
this
thing
come
with
credentials
and
if
so,
how
do
I
safely
transport
those
or
like?
A
How
do
I
define
which
OCI
compliant
image
do
I
want
to
actually
use
to
bring
my
thing
to
life
and
actually
boots
strap?
My
my
application
and
then
I
can
include
some
of
this
maida
information
as
well
for
good
measure
in
case
anything
goes
wrong
and
they
need
to
track
me
down
later
so
we're
starting
to
see
how
this
is
really
just
an
abstraction
for
commonly
used
things
and
avenues
in
which
we
would
run
an
application.
A
A
What's
the
difference
between
thick
and
thin
and
here's
how
a
thick
bundles
looks
notice
the
invocation
and
images
fields
reference
the
underlying
document,
docker
image,
manifest
Andre
says:
what's
the
difference
or
what's
the
overlap
between
scene,
AB
and
helm,
Andre
we're
gonna,
look
at
how
scene
AB
can
install
a
helmet
art
here
in
a
little
bit
and
kind
of
see.
Now.
A
I
can
pretty
much
do
anything
here
in
a
little
bit
as
well
anyway,
so
there's
thick
and
thin
and
I
guess
the
invocation
image
and
images
fields
reference
the
underlying
docker
manifest,
so
we're
actually
gonna
look
at
building
one
of
these
and
kind
of
what
it
looks
like.
Okay,
I
still
want
to
figure
out,
okay,
so
here's
invocation
images
and
here's
images.
This
is
what
we
want
to
read
to
figure
out
the
difference
here.
Okay,
the
invocation
images
sections
describe
the
images
that
contains
bootstrapping
for
the
image
okay.
A
So
this
is
like
a
bootstrapping
thing,
which
I
think
is.
The
intention
here
is
to
run
some
software.
That
brings
other
software
up.
So
this
Andre,
this
kind
of
is
like
alluding
to
your
helm.
Question
like
an
invocation
image
could
be
an
image
that
simply
runs
like
a
helm,
install
or
Kubek
tool
apply
f.
This
is
just
something
that
sort
of
starts
something
else.
The
image
list,
let's
see
here,
the
bundled
adjacent
Maps
image
made
a
data,
a
name
origin,
tab
placeholders
within
the
bundle.
This
allows
images
to
be
renamed.
A
Relabeled
a.replace
during
the
sea
map
bundle
build
operation.
Ok,
so
I
think
this
is
just
an
arbitrary
way
of
like
including
other
images
into
our
build,
so
that
we
can
reference
them
along
the
way.
So
this
is
like
I
can
kind
of
thinking
of
this.
It's
like
the
vendor
directory
and
go
but
for
container
images.
So
we
can
start
to
like
define
other
images
that
are
going
to
be
relevant
to
our
bundle
and
install
them
so
I'm
imagining
here.
A
Let
me
actually
like
draw
this
out
really
quick,
because
this
is
getting
kind
of
complex
where's,
my
doc,
cam,
ok
and
we'll
use
a
pen,
so
I
think
what
the
logic
here
would
be
like.
Let's
say
we
have
here's
image
1,
and
then
we
have
images
2,
&
3,
and
this
is
going
to
be
our
invocation
image,
and
this
is
going
to
be
just
our
image
list
here
and,
let's
say
I'm
trying
to
think
of
a
good
example.
Okay,
yeah,
let's
say
we
were
deploying
some
sort
of
controller
to
Cooper
Nettie's.
A
A
It
could
do
a
key
Bechtel
apply,
it
could
do
a
helm,
install
it
could
do
a
case
on
it,
install
I,
guess
that
would
just
be
chaos.
It
could
do
a
lot
of
things
and
this
is
sort
of
arbitrary,
so
the
is
flexible
as
a
programming
language
of
your
choices.
Is
this
flexible
as
this
invocation
image
could
be
so
these
other
two
images
can
then
be
referenced
from
this
first
invocation
image
and
like
maybe
the
second
one
here
is
a
controller
that
would
go
and
actually
set
up.
Like
the
namespace.
A
A
So
this
would
be
like
the
deployment
that
actually
reads
and
runs
based
on
this
previous
one.
So
I
guess
this
would
also
have
si
RDS
as
well
if
we
were
doing
the
CID
controller
model
here.
So
this
is
an
example
of
how
we
would
use
an
invocation
image
to
like
first
configure
our
cluster
and
then
come
in
and
actually
like,
run
a
controller.
So
again
you
see
how
just
arbitrary
this
thing
is.
It's
like
super
generic.
A
You
can
do
in
this
invocation
image
and
then
really
all
see
NAB
does
it
just
just
says
if
you
want
to
run
this
thing,
you
just
use
this
other
tool
to
run
it
and
that's
how
it's
gonna
run
it
so
anyway,
that's
sort
of
what
is
going
on
here
with
let's
go
back
to
this
view
here
and
that's
what's
going
on
here
with
images
and
invocation
images,
so
hopefully
that
sort
of
clarifies
the
twofer
for
a
lot
of
people
and
then
I
think
we
have
parameters
here
which
again
this
is
another
abstraction
for
arbitrary
configuration
where
you
can
go
and
you
can
sort
of
inject
key
value
pairs
into
different
parts
of
your
bundle
about
Jason
I'm,
assuming
this
sort
of
behaves.
A
Accordingly,
so
I
think
that's
what's
going
on
here
with
parameters,
but
we'll
we'll
keep
that
in
mind
as
we
move
forward
and
I
think
that's
probably
a
good
starting
place.
Oh
let's
go
into
credentials
so
again.
This
is
where
we're
starting
to
cross
into
the
security
territory
that
security
realm
of
things
Sina
actually
gives
us
an
opportunity
to
bundle
credentials
up
into
our
packages.
So
this
is
good
and
bad.
A
It's
good
because
you
can
come
in
and
you
can
sort
of
make
things
easier
for
folks
and
you
can
have
credentials
embedded
into
your
bundle
as
you
go
and
use
seen
a
ver
like
duffle
to
install
it,
but
also
anytime.
We
have
credentials
hit
anywhere,
there's
a
there's,
a
concern
of
of
those
credentials
getting
somehow,
and
so
you
know
we
talked
about
this
when
we
did
vault
about
using
dynamic
credentials
and
how
we
can
pull
things
arbitrarily
and
they're
created
at
runtime
when
we
need
them
and
destroy
it
immediately
afterwards.
A
So
looking
at
a
credential
path
like
that,
might
also
be
an
option
for
folks
as
well,
but
I
think
with
scene
AB.
We
can.
We
can
embed
these
if
that
makes
sense
for
our
use
case,
also
custom
actions
so
we'll
get
into
this
when
we
look
at
run
a
little
bit
later,
but
you
are
able
to
sort
of
implement
even
more
arbitrary
logic
other
than
the
built
in
scene.
Ab
steps
along
the
way
for
managing
your
application.
A
So
there's
a
there's
a
good
example
we're
gonna
look
at
later,
but
I
think
you
can
basically
define
any
action
you
want,
so
we
could
have
like
right
now
we
have
by
default
scene,
AB
supports
install
upgrade
and
uninstall,
but
we
could
have
like
we
could
do
like
a
duffel
or
any
scene
AB
tool.
We
can
do
duffel
run
check
and
maybe
check
is
this.
A
This
arbitrary
action
that
only
makes
sense
for
this
one
specific
package
and
all
check
does
is
just
like
make
sure
the
file
system
has
all
the
dependencies
in
place
or
we
could
do
any
sort
of
arbitrary
action
we
wanted
to
there,
and
so
you
can
really
extend
and
expand
the
scope
of
what
what
scene
app
can
do
so
again,
super
generic
we're
just
solving
the
same
problems.
We
did
with
package
management
before
we're
just
doing
it
in
a
standardized
way.
Now
so
that's
kind
of
handy.
A
Ok,
so
let's
go
back
up
a
layer,
we're
getting
kind
of
off
into
the
spec
here,
but
if
you
want
to
come
through
and
read
more
about
all
of
the
different
spec
files
and
signee
and
exactly
how
all
that
works,
I
encourage
you
to
to
come.
Read
this.
If
C
now
looks
like
something
that
makes
sense
for
you
and
your
team,
especially
the
bit
around
signing
and
provenance,
we
can
look
at
this
for
a
second.
But
if
we
went
through
the
whole
spec,
we
would
spend
the
entire
TGI
K
just
going
through
the
spec.
A
But
this
talks
about
how
every
image
in
an
invocation
image
field
in
the
bundle
Jason
must
have
a
digest
field,
which
basically
means
that
it
contains
a
unique
digest
for
for
the
image.
So
that
is
sort
of
handles
is
sort
of
making
sure
that
the
image
is
often
taken.
It's
the
one
that
we
we
want
to
run
and
then
it
talks
about
how
we
will
actually
go
and
create
a
digest
of
an
object
and
then
I
think
we
sign
it
yeah.
A
We
do
it
ggp
sign
here,
so
you
can
go
and
read
about
the
PGP
standards
and
how
they
work.
Pgp
is
pretty
straightforward.
It's
been
around
since
I've
been
using
UNIX
and
basically
the
way
it
works.
Is
you
you
encrypt
something
and
then
based
on
a
number
of
different
keys
that
you
code
or
you
could
or
couldn't
share
you
can
not
encrypt
it
on
the
other
end
as
well.
So
it's
one
of
those
things
that
it's
like
as
strong
as
you
make
it
and
as
strong
as
as
many
people
know
about
it
and
use
it.
A
So
that's
sort
of
like
the
beauty
and
simplicity,
but
also
a
little
bit
of
the
concern
around
PGP
as
well.
Okay,
so
every
one
of
our
packages
is
going
to
get
signed
and
it's
going
to
get
a
PGP
signature
attached
to
it.
As
we
see
here
and
you'll
see
that
this
is
the
actual
like
bundles
JSON
and
then
it's
delimited
by
a
newline
and
we
actually
get
our
PGP
signature,
which
we're
going
to
look
at
when
we
create
our
first
bundle.
A
A
We've
been
looking
at
this
one,
the
scene
AB
spec,
but
now
we
want
to
go
and
you
want
to
check
out
duffel
and
then
also
you
might
want
to
just
quick
note.
There's
this
bundles
repository
here,
which
this
is
like
the
new
charts
repository.
These
are
all
of
the
bundles.
That
already
exist
that
allow
you
to
do
things
with
scene
AB
like
here's
one
for
aks,
so
you
could
actually
go
and
and
set
up
an
add.
A
Your
kubernetes
service
kubernetes
cluster,
using
duffel,
which
is
great
and
I,
think,
might
be
a
more
convenient
for
some
folks
based
off
of
some
of
the
other
tools
that
are
out
there
today.
So
you
can
come
in
and
you
can.
You
can
check
a
lot
of
this
stuff
out
and
we're
gonna
look
at
one
of
these
later
when
we
do
a
run.
So
anyway,
here's
duffel
and
you
can
go
and
you
can
see.
There's
a
duffel
dot
essay
just
like
there's
a
he'll
miss
a
CH
and
it's
got
the
same
like
day--is
branding.
A
That
makes
me
so
happy
from
way
back
when
when
I
lived
in
Boulder,
and
so
you
can
see
that
duffel
is
brought
to
you
by
Microsoft
and
docker
and
you
can
get
duffel
and
it
just
talks
about
it's
a
simple
command-line
tool
that
interacts
with
scene
app
so
yeah
again.
The
whole
point
here
is
that
duffel
is
just
a
reference
implementation.
We
can
learn
from
it.
A
So
while
the
lead
says
I
might
use
duffel
to
install
a
helmet
that
installs
an
operator-
yes
Waleed
I
think
that's.
One
of
you
can
actually
see
some
examples
like
that
in
the
bundles
repository
I
just
showed
you,
where
you're
actually
seeing
that
you
could
use
duffel
to
implement
scene
AB
to
install
a
helm
char.
That
then,
would
install
an
operator
that
would
be
a
workflow
that
you
would
see
see
here.
So
that's
a
good
way
of
thinking
about
it.
Okay,
so
duffel!
A
Well,
it
says
DC
nav
installer,
but
it's
I
think
it's
supposed
to
be
just
like
a
reference
implementation.
So
actually
before
we
start,
let's
go
in
and
let's
download
duffel.
So
we
have
four
releases
you
can
see
here
we
have
binaries
if
you
want
to
go
ahead
and
it's
download
the
binary
when
I
first
did
this
I
grabbed
the
duffel
Darwin
amd64
one
but
then
I
I
noticed
there
was
a
few
things
in
the
the
duffel
source
code.
A
I
had
to
tweak
really
quick,
so
I
opened
up
some
PRS
and
thanks
to
bacon
gobbler
in
the
shell
for
emerging
it
I
miss
you
guys,
Matt
I,
miss
you
a
lot.
It
would
be
great
to
catch
up
with
both
of
you,
two
at
Q
Khan,
bacon
cobbler.
If
you
want
to
go
gobble
up,
some
bacon
I'm,
currently
eating
meat
and
I'm
on
a
big
bacon,
kick
so
I'm
down
to
go,
get
some
BLTs
or
whatever.
A
So
anyway,
if
you
want
to
come,
and
you
want
to
run
the
binaries
as
they
are
here,
go
for
it,
but
if
you
want
to
follow
along
you're,
probably
going
to
want
to
build
from
master,
because
a
lot
of
these
changes
went
through
today
or
yesterday,
and
that's
going
to
be
allowing
you
to
do
exactly
what
I'm
doing
here
on
the
screen.
So
how
we
do
that
is
we're
going
to
go
into
my
go
path:
we're
gonna,
go
into
source,
github,
calm,
Deus,
labs,
duffel
and
I.
A
Think
it's
make
yeah
it's
okay,
so
it's
make
bootstrap
build
is
what
we
want
to
run
in
order
to
actually
compile
a
duffel
binary.
So
if
you
notice
here,
we
should
have
this
ven
directory
and
we're
gonna
go
ahead
and
hold
on
hefty.
Oh,
this
is
George
I'd
need
to
EOD.
Please
feel
free
to
continue
to
submit
notes
and
links.
If
you
see
me,
AQ
Khan
mention
your
tak
listener
and
I'll
have
a
TGI
K
sticker
for
you.
Ok,
so
actually
this
reminds
me
George.
A
We're
gonna,
do
a
raffle
giveaway
today,
so
before
we
get
into
a
compiling
duffel,
let's
go
ahead
and
do
like
our
TGI.
Okay,
like
big
raffle,
sweepstakes,
crazy
diamond
platinum,
gold,
whatever
giveaway
for
the
week,
I
really
feel
like.
We
need
like
the
Gong
back
here
again
or
something
like
we
need
like
some
sort
of
like
crazy
lights.
Like
me,
like
flashlights,
on
our
offer,
I,
don't
know
how
this
works,
but
yeah
anyway.
So
the
secret
word
this
week.
A
If
you
go
to
the
hacking
D
I'll
tell
you
the
secret
word:
I'm
gonna
make
you
wait
for
it
up
at
the
top
of
the
hacking
D
there's
this
link
here,
it's
Jade
hefty
Oh,
hep,
dot,
io
t
JK
roll
call.
You
can
open
this
up.
It's
got
404
word
because
I
added
a
bracket
to
the
end,
you
can
open
this
up
and
you
can
actually
submit
and
you
can
get
you
can
submit
to
win.
Tgi
K,
swag
I,
don't
know
if
it's
first-come,
first-serve
or
if
it's
totally
random.
A
But
if
you
want
to
do
this
now's
the
time
and
we'll
send
you
off,
you
can
actually
like.
You
can
put
a
note
in
here.
I
think!
Oh
no,
you
can
pick
I
agree
to
receive
additional
communication
from
hep
D.
Oh,
if
you
want
anything
specific
like
if
you
want
a
signed
copy
in
my
book
or
anything
if
you
win
feel
free
to
email
me
and
I
can
do
my
best
to
make
sure
that
happens.
But
the
secret
word
for
this
week,
I'm
not
even
gonna,
say
I'm
gonna,
write
it
down.
A
Okay,
so
that's
the
secret
word
and
if
you
want
to
enter
to
win
the
hefty
of
sweepstakes,
you
totally
can
and
we
will
send
I
keep
getting
my
hotkeys
off
and
we
will
send
a
send
some
swag
your
way.
Okay,
so
there's
that
giveaway
as
well.
Let's
go
back
to
my
UNIX
terminal
here
where
everybody
wants
to
be
so
we
have
the
spin
directory,
which
is
where
this
will
get
compiled
to
and
we
can
run
make
bootstrap
bill.
A
Actually,
let's
do
this
first
get
status,
you
can
see
we're
on
branch,
master
and
I
can
do
get
pull
up
stream
master
and
hopefully
there
hasn't
been
any
changes.
Yeah
there
hasn't
been
any
changes
so
now
I
can
view
my
make
bootstrap
build,
and
this
is
going
to
get
me
a
brand
new
duffel
binary
here
in
my
math
book,
I
read
ear
and
us,
so
this
is
going
pretty
quick,
but
the
first
time
you
run
it
you're
actually
gonna
have
to
check
out
a
bunch
of
code
and
the
dependencies
and
get
everything
hammered
out.
A
Basically,
all
that
happened
was
as
I
move
to
the
duffel
binary
into
user
local
bed
and
then
I
have
this
TGI
K,
alias.
That
puts
me
into
my
ghost
source:
github
cons,
FDOT,
gik
path.
So
anyway,
I'm
here
in
TGI,
K
I'm
in
episode,
59,
which
is
our
TGI
K
repo.
We
use
every
episode
which
can
be
found
at
hep,
do
comm
/t
g
IE
k
or
I'm
sorry
/.
What
am
I
doing?
Github.Com
/
hep
do
/t
GI
k
there.
A
It
is
so
we
will
up
to
upload
all
of
the
the
code
we're
about
to
write
together
to
this
repo
in
this
episode's
directory
and
we
create
one
for
ever.
Every
episode,
we're
on
episode,
59,
so
you'll
see
that
one
coming
soon
as
soon
as
we
finish
our
episode
here-
okay,
so
we're
here
in
directory
59.
We
shouldn't
have
anything
in
here
except
for
this
empty
notes,
file
that
I
just
have
here
in
case.
We
need
to
write
anything
down.
A
George
says
another
door
here
from
Melbourne
having
breakfast
good
to
see
you
other
George
from
Melbourne
and
let's
go
ahead
and
let's
do
the
duffel
examples.
So
I
want
to
actually
go
back,
go
source,
github.com,
Deus,
labs,
duffel
and
we
can
go
in
and
we
can
pull
up,
Deus
labs
duffel
and
we
can
go
through
and
you
can
actually
see
in
this
readme
here
this
great
example
of
how
to
do
like
a
hello
world
with
duffel.
A
A
Okay,
so
first
thing,
I
noticed
and
I've
already
done
this
before
so
I
kind
of
already,
like
sanity,
checked
a
lot
of
this,
but
the
first
thing
we
notice
is:
it's
created
this
directory
in
my
home,
this
directory
in
my
home
directory
hidden
directory
duffel
and
we've
put
bundles
logs
plugins
claims
and
credentials
they're
all
stored
in
my
home
directory,
which
I
keep
the
majority
of
my
home
directory
in
a
private
get
repository.
So
this
will
be
a
new
addition
to
that
as
we
move
forward
if
I
choose
to
keep
using
duffel.
A
A
This
is
very
similar
to
how
helm
does
things
a
little
cash
local
information
in
your
home
there
as
well,
and
that
makes
it
somewhat
convenient
for
folks
anyway,
we
can
do
a
build
and
install
your
first
bundle
so
to
build
our
first
bundle,
which
I
guess
it's
important
to
call
out
the
two
big
steps
in
duffel,
and
this
is
Cena,
because
duffel
implements
scene
AB,
our
first.
You
build
your
package
thereafter,
your
packages
belts.
A
Excuse
me,
you
install
it
and,
after
your
after
it's
been
installed,
that's
basically
the
same
thing
as
a
run,
which
is
a
bit
confusing
because
there's
a
run
command
which
we're
going
to
talk
about
that
later.
But
all
you
need
to
know
is
when
we
do
finally
get
to
this
duffel
install
down
here.
This
is
actually
how
we're
going
to
to
actually
run
our
invocation
image.
A
Okay,
so
duffel
build
examples,
hello,
world
and
I'm
doing
this
inside
of
the
the
duffel
repository
so
I'll
do
this
duffel
build
again!
If
you,
if
you
aren't
running
for
master,
there's
a
chance
you
might
get
an
here.
Basically,
all
we
had
to
do
is
add
this
line
to
the
docker
file,
which
is
run
apk
update,
which
would
make
sure
that
our
docker
image
was
up-to-date
and
that
we
were
able
to
do
this
ad.
You
bash
without
getting
any
indicee
errors.
A
Okay,
so
we've
built
our
first
hello
world
bundle
and
now
we
can
actually
go
and
we
can
do
a
duffle
bundles
list,
and
this
list
is
gonna.
Look
super
familiar
one
second
I'm
like
reorganizing
my
taskbar
down
here.
This
list
is
gonna,
look
super
familiar
to
anybody,
who's
ever
used,
helm
or
docker
or
cubic
dole,
or
any
of
the
sort
of
lists
functions
in
our
go
command
line,
ecosystem
that
we're
all
familiar
with.
So
duffle
bundle
list.
Okay,
so
you
can
see
that
yeah.
All
caps
like
this
line
here
is
really
what
gives
it
away.
A
So
you
can
see
we
have
hello
world
and
we
have
tgia
app.
Both
of
these
are
me
kind
of
goofing
off
earlier,
so
we're
gonna
make
another
one
we'll
call
it
like.
Tgi
K,
live
or
something
and
we'll
add
a
different
bundle
to
our
sort
of
list
here
and
here's
that
digest
that
we
talked
about
earlier,
which
is
this
unique
digest
of
this
bundle
so
that
we
know
it's
authentic
and
then
you
can
also
see
if
it's
a
PGP
signed
or
not
along
the
way.
Okay,
so
those
are
our
bundles
that
we
have
today.
A
So
now
we
can
do
this.
Duffel
credentials
generate-
and
this
is
actually
gonna
put
together,
like
it's
going
to
generate
some
creds
for
us
to
use,
but
inside
of
our
hello
world
application.
So
this
is
an
example
of
how
we
can
actually
generate
and
store
credentials
in
our
duffel
bundle
that
we
can
then
ship
later
and
later,
we're
gonna
talk
about
some
of
the
other
cool
things
you
can
do
with
with
duffel
and
see
now,
I
think
it's
just
duffel.
A
A
A
Let's
go
ahead
and
cut
that
out
to
the
screen,
and
you
can
see
that
it's
just
created
this
empty
credentials
file,
regardless,
probably
important
to
tell
people
that
restoring
credentials
in
their
home
directory
just
so
that
there's
some
awareness
of
where
those
are
living
on
their
file
system.
So
anyway,
we've
created
this
credentials
here
and
let's
go
back
to
our
duffel
repository
and
let's
move
on
with
our
little
example
here.
So
next
we
can
do
this.
Duffel
install
hello
world
hello,
world
demo.
A
So
if
we
actually,
let's
do
a
duffel
install
help
before
we
do
anything
else,
so
duffel
install
h-help.
So
this
is
super
verbose,
which
is
really
convenient,
really
handy.
Thank
you
for
this
and
it
says
it
installs.
The
scene
app
bundle,
this
installs
a
scene,
a
bundle
with
a
specific
installation
name
once
the
install
is
complete,
this
bundle
beacon
can
be
referenced
by
the
install
name.
So
here
you
see
this
example
and
we're
pretty
much
going
to
mirror
this
one,
but
in
the
example
they
gave
us
a
minus
C.
A
Let's
go
ahead
and
see
what
that
minus
C
does
okay.
So
this
is
where
we
pass
in
our
credentials
and
it
says,
specified
the
creds
to
use
inside
of
the
sina
bundle.
This
can
be
a
credential
list
name
or
a
path
to
a
file,
so
I
think
in
this
case
we're
gonna
use
the
name
of
that.
Credential
ya
know
file
we
just
looked
at,
which
is
like
it
gives
it
like
an
arbitrary
name
in
the
cache
somewhere
and
that's
how
you're
gonna
get
that
credential
name
there.
One
second
espresso
time.
A
Also,
if
I'm
talking
really
fast
I'm,
sorry
I
haven't
had
caffeine
all
week.
This
is
my
first
caffeine.
All
week,
I
decided
to
just
get
really
espresso
it
out
for
TGI
K,
so
I
hope
that's
okay
with
folks.
So
anyway,
it
looks,
can
we're
our
screen
and
let's
go
ahead
and
run
hope,
not
tech
credentials.
Let's
run
this
command
from
our
readme
here,
let's
copy
pasta,
this
thing
again:
okay,
duffel
install
HelloWorld.
We
give
it
a
name.
It
says:
executing
install
action,
HelloWorld,
install
action,
action,
install
complete
for
HelloWorld
that
mohamad
hello,
Chris
novo.
A
What's
the
difference
between
Helmand
Buffalo
Thanks,
so
duffel
is
an
abstraction
that
can
run
home
or
literally
anything
else.
So
you
can
use
duffel
like
basically
like
a
makefile
or
like
a
shell
script
or
something
to
to
wrap
it
up.
You're
just
running
everything
in
a
standardized
way,
and
it
gives
you
an
abstraction
for
like
packaging
credentials
and
signing
it
along
the
way.
So
yeah
duffel
is
just
like
the
first
step
in
running
an
application.
Okay,
so
anyway
it
says
action
installed.
A
A
Okay,
go
into
examples,
then
go
into
hello
world
and
then
here's
where
we
start
to
get
our
first
glimpse
into
where
duffel
and
Cena
sort
of
fit
together.
Okay,
so
first
you'll
notice
we
have
a
duffel
Jason,
which,
if
we
cut
that
out
this
is
all
of
the
duffel
made
a
layer
that
describes
the
underlying
abstraction
that
is
scene
AB.
So
this
duffel
dad
Jason,
is
only
relevant
if
you
choose
to
use
duffel
for
your
scene,
a
V
implemented,
and
then,
if
we
look
in
here,
we
have
a
scene
AB
directory.
A
So
we
go
into
that
directory.
We
can
see
that
we
now
have
app
and
docker
file,
so
the
scene
AB
spec,
actually
starts
here
everything
above
this
and
that
higher
level
directory.
Is
it
just
yet
another
abstraction
on
top
of
our
already
abstracted
scene,
AB
spec
implementation
here.
So
here,
if
we
look
at
our
docker
file,
we
can
cut
out
our
docker
file.
A
Suresh,
says
I.
Think
duffel
is
similar
to
ansible
playbook
bundle.
Openshift
folks
are
working
on
it
to
deploy
application
in
the
case
or
openshift
good
observation
there,
Suresh
okay.
So
here
we
have
a
very
simple
Alpine
latest
docker
file.
This
is
the
magic
line
you
need
to
add.
If
you're
for
hello
world
isn't
working,
you
need
a
run.
Add
this
run.
Apk
update
line-
and
you
can
see
all
it
does-
is
just
copies
the
dockerfile
and
it
copies
the
app
and
it
just
says
just
go
ahead
and
execute
run.
A
A
So
this
is
where
the
invocation
part
of
the
whole
thing
starts
is
this
is
the
the
run
is
a
uses
it
shebang
line
to
execute
itself
if
it's
an
interpreted
language,
otherwise
we
just
assumed
run,
is
an
executable
binary,
somehow
like
a
statically
linked
by
an
area
like
something
you
would
get
from
go
and
then
that's
gonna
go
ahead
and
invoke
whatever
software
we're
trying
to
install
with
duffle
and
scene
app.
So
anyway,
if
we
look
at
run
by
default,
we're
gonna
notice
that
it
is
a
shell
script.
A
So
the
reason
that
we
can
call
it
run
without
run
dot
sh
without
a
file
extension
at
the
end
is
because
of
this
first
line
here,
which
is
called
this
shebang
line
and
the
way
that
UNIX
works
is
it's
going
to
use
this
first
line
to
interpret
this
files
using
not
bash,
but
actually
shell?
That's
what
this
sh
is
right
here
and
you
could
actually
do
like
you'll
see
some
people
will
do
like
then
Python
and
then
you
could
write
a
Python
file
here.
A
You
could
do
then
Ruby
or
wherever
the
Ruby
executable
is
on
your
file
system,
and
then
that
will
tell
you
next
to
interpret
it
accordingly.
So
that's
how
duffle
is
able
to
just
execute
this
arbitrary
file
called
run,
so
anyway,
we
could
turn
on.
We
could
turn
on
expert
mode
if
we
wanted
to
here
I
like
to
say
set.
My
zo
Pikeville
is
a
shell
script
on
expert
mode,
but
we
will
we'll
keep
that
turned
off
for
now.
A
Basically,
all
that's
going
to
do
is
it's
going
to
exit
if
anything
goes
wrong
instead
of
just
throwing
in
air.
So
here's,
where
uses
like
the
where
the
rubber
meets
the
road
for
free,
duffel
and
scene
AB,
so
Hal
Cena
of
works,
is
it
passes
in
this
action.
Environmental
variable
here
called
scene
of
action
and
remember
earlier
we
looked
at
it
could
be
it
looked
at.
You
could
either
be
installed,
upgrade
or
uninstall.
A
So
those
are
the
three
things
we
have
concern
ourselves
with
and
then,
if
you
look
here
in
this
bash
script,
we
we
take
the
scene
AB
action
which
is
passed
in
as
an
environmental
variable,
and
then
we
do
a
switch
on
it.
So
in
bash
a
switch
is
executed
using
this
case
statement
and
then
it
can
either
be
install
uninstall
upgrade
downgrade
or
this
is
default
here,
and
so,
if
we
run
install,
remember
we
did
a
duffel
install
earlier.
A
What
duffles
going
to
do-
and
those
this
is
like
the
magic
here
is
duffel-
is
gonna
set
scene,
AB
action
equal
to
install
and
then
do
a
shell,
exec
and
exact
whatever
is
in
run
so
basically
we're
just
wrapping
up
command
and
line
command
line
injection
with
a
bunch
of
arbitrary
rules
and
those
rules
are
basically
we're.
Gonna
set
scene,
AB
action
and
then
we're
gonna
just
hope
that
your
program
has
this
like
action
associated
with
it
and
will
respond
differently,
based
on
whatever
we
set,
this
environmental
variable
to
also
notice.
A
We
can
get
various
parameters
in
here
that
we
can
use
to
change
the
behavior
of
our
script
or
our
program,
and
we
also
get
the
scene
AB
installation
name
passed
in
if
we
want
to
use
that
as
well.
So
really,
what
we're
seeing
here
is
all
all
scene,
app
is
doing
is
is
just
standardizing
a
way
of
basically
wrapping
up
arbitrary,
install
logic
here,
so
this
is
instead
of
a
been
SH
file.
This
could
be
a
make
final.
This
could
be
a
ruby
file.
A
This
could
be
a
python
file
as
long
as
that
file
responded
to
this
variable.
It
could
be
anything
so
really
all
we're
doing
is
we're
just
standardizing
like
the
way
I
usually
think
about
a
make
file
and
that's
what
we're
doing
with
duffle
and
bundle
or
I'm
sorry
with
duffel
and
c
now,
okay,
so
anyway,
we
see
it
that
go
to
install
action
here
and
if
we
close
this
and
we're
not
gonna
save
it,
you
can
see
here.
A
If
we
scroll
up,
where
did
it
go,
did
I
lose
my
duffel
install
nope
here
does
install
action
right
here,
so
this
is
that
bash
script
running
inside
of
the
container
that
could
install
action
and
that
install
action.
So
this
is
where,
like
this
is
how
generic
this
thing
is.
You
can
literally
do
anything
with
it.
If
it's
a
shell
script,
you
could
do
a
helm,
install
you
could
do
a
key
Bechdel
install
you
could
do
you
could
start
a
java
program.
You
could
zip
up
a
file.
A
You
could
like
download
all
your
kubernetes,
it's
an
awesome
where
you
could
do
literally
anything
you
wanted.
So
that's
sort
of
what
duffle
and
see
now
we're
gonna.
Let
us
do
so.
In
this
case,
all
we
did
was
just
echo
out
an
arbitrary
string.
Okay,
so
let's
write
a
bundle:
okay,
so
we'll
go
here
and
we'll
go
back
to
our
hack
MD
and
we're
actually
gonna
write
a
bundle
and
we'll
stick.
A
This
in
the
TV
I
gave
T
GI
k
repo
once
we
get
done
so
here,
I
add
a
little
Langford
somewhere
reference
links
here
you
go,
build
your
first
scene,
a
bundle.
So
if
you
want
to
go,
this
is
actually
a
really
great
piece
of
documentation.
That's
gonna
allow
you
to
create
your
first
two
scene,
a
bundle
so
we're
gonna
go
through
this
together
and
we're
going
to
do
this
in
the
TGI
K
repo.
A
A
And
of
course,
if
we
want
to
cat
out
scene
ab
cat,
Chi,
GI
k
live
scene,
AB
app
run,
you
can
see
here
it's
a
very
simple
shell
script,
very
similar
to
the
last
one
we
just
looked
at
in
the
hello
world,
and
here
we
have
install
and
uninstall
so
actually
I.
Think
according
to
this
spec,
this
is
not
a
valid
scene.
A
Ab
inflammation
I
think
the
spec
says
it
must
employ,
like
all
capital
must
that's
like
a
keyword
in
the
spec,
and
it
defines
like
main
must
and
it
sort
of
talks
about
what
all
those
things
mean.
I
think
it
must
implement
upgrade
as
well.
So
if
somebody
wants
to
quote
me
on
that
and
keep
me
honest,
I
feel
free
to
drop
it
a
link
in
the
chat
or
leave
a
comment
on
the
YouTube
video
after
this
is
done,
but
I
think
that's
what
the
spec
says
so
anyway.
A
So
we
have
action,
equals
install
and
action
equals
uninstall,
and
then
we
have
like
hey
I'm,
installing
things
and
hand
uninstalling
you
things
and
that's
all
it
does
okay,
so
we've
got
our
like
scaffolding
of
our
first
bundle
here.
So
now
let's
go
and
let's
oh
yeah
and
see
this-
is
it
just?
Did
this
naturally
for
us
as
well
I
do
love
all
of
the
engineers
over
at
my
old
days.
Squad
I
feel,
like
a
lot
of
us,
think
a
lot
the
same
so
anyway.
A
They
went
ahead
and
suggest
you
just
to
go
ahead
and
cut
that
out,
so
you
can
get
a
familiarity
with
it
as
well.
Okay,
so
for
this
example,
we're
going
to
modify
the
run
file
to
act
on
environmental
variables
that
I
have
been
set
by
the
scene,
AB
runtime,
okay,
so
it
says:
let's
go
ahead
and
let's
like
copy
this
hello
world
into
our
run,
okay,
so
yeah
basically
what's
happening
here-
is
we're
creating
arbitrary
actions.
A
So
let's
just
go
ahead
and
copy
this
and
we're
gonna
echo
this
into
our
run
file
here.
So
let's
go
back
to
our
Emacs
command,
I
think
I'm
still
in
the
run
directory
right,
no
I'm.
Not
so
where
are
we
change
directory
to
gik
live
scene,
AB,
app,
max
run
and
we'll
go
ahead
and
just
paste
this
thing
in
sorry,
I
have
a
ton
of
like
add-ons
with
my
Emacs,
so
takes
forever
to
open
okay.
So
there
we
are
we'll
save
this.
A
This
is
where
the
invocation
image
comes
into
play
and
the
invocation
image
is
actually
going
to
be
this
dockerfile
that
duffel
just
created
for
us
and
that's
just
going
to
basically
execute
run
here
and
again.
You
can
see
how
flexible
this
is,
because
you
can
actually
come
and
change
your
docker
file.
A
Just
like
you
could
change
any
docker
file
to
do
whatever
you
want
this
just
sort
of
by
default,
standardizes
that
it's
going
to
be
this
file
or
executable
called
run,
and
that's
what
you
should
always
like
sort
of
do
when
you
want
to
execute
a
container.
So
basically,
all
that's
doing
is
just
standardizing.
How,
like
you
know
it's
offering
an
opinion
of
best
practices
for
like
how
you
would
run
a
program
inside
of
a
container,
and
in
this
case
it's
just
saying
we're
gonna
do
that
by
executing
this
file,
or
this
binary
called
run
okay.
A
So
we
can
see
that
concretely
in
our
terminal
here
by
caddying
out
TGI
kale
I've
seen
AB
docker
file
and
you
can
see
here
again
make
sure
you
have
this
run.
Apk
update,
I
just
got
here
this
earlier
today.
So
if
you,
if
you're
running
an
older
version
of
duffel
you're
gonna,
have
a
bad
time
so
just
make
sure
that's
in
your
docker
file
or
you
can
just
paste
it
in
your
docker
file,
it's
fine
too!
A
So
anyway,
it
says:
let's
go
ahead
and
once
and
build
the
bundle
and
remember,
there's
two
steps
and
getting
your
package
running
with
duffel
and
the
sea
nav.
First
we
build,
then
we
install
so
to
build.
We
do
duffel
build
and
in
this
case
I'm
not
gonna
do
the
dot,
because
I'm
actually
gonna
go
a
layer
above
so
we
are
here
at
O
59,
so
I'm
gonna
do
duffel
build
and
then
I'm
gonna
actually
pass
in
the
folder
that
I
want
it
to
build
and
that
way
I
can
have
like
multiple
packages.
A
Here
in
my
50
nine
example
folder,
if
I
wanted
to
okay,
so
we're
gonna
do
duffel
build
and
you
can
see
all
it
does
is,
is
basically
just
wrapping
a
docker
build.
This
is
super
familiar
if
you've
ever
seen,
docker
and
you
can
see
it-
runs
everything
in
our
docker
file.
It
doesn't
alpine
latest
run
an
apk
bill
that
copies
the
docker
file
and
then
it
copies
C
NAB
app
the
whole
directory
into
our
container,
and
then
it
basically
tells
it
by
default.
A
Excuse
me,
by
default
run
this
miss
run
executable
or
this
run
file
again
and
then
at
the
very
end
it
says
successfully
built
bundle,
TGI,
K
live
so
get
a
little
bit
of
friendly
output
here
and
I
think
this
is
actually.
This
is
duffle
output
and
this
is
the
docker
build
library
output.
So
you
can
see
like
the
arrow.
Here
is
a
little
bit
different
than
the
arrow
here,
so
you
can
see
how
we're
there's
the
two
different
bits
inside
of
the
the
go
programmer
interacting
with
each
other
a
bit.
A
So
it's
probably
a
bad
word
to
use
there,
but
you
guys
see
what
I
mean
okay.
So
next
we
have
duffel,
show
hello
world,
and
then
you
got
to
make
sure
you
add
this
minus
R
as
well
or
you're,
not
going
to
see
your
PGP
signature
here.
So
when
we
built
it,
we
actually
generated
a
PGP
signature
for
it
behind
the
scenes,
and
we
can
see
that
now
by
running
this
duffel
show
command
so
to
run
our
duffel
show
command,
we're
actually
gonna
run.
A
This
is
the
name
and
the
tag
of
our
image
that
we're
gonna
run
so
duffel
show
tgia,
live
zero
dot,
one
dot,
zero
okay,
so
this
is
running
it
without
the
minus
R
and
then
you
want
to
run
it
with
the
minus
R
and
then
you're
gonna
get
the
line
delimited,
PGP
signature
here
at
the
end.
To
verify
that
this
is
in
fact
pgb
sign,
meaning
that
this
right
now
live
on
two
gik
when
I
did
my
duffel
build.
A
This
is
a
unique
PGP
signature
for
this,
build
that
we
can
authenticate
against
later,
if
needed,
to
to
verify
that.
Yes,
in
fact,
you're
running
the
same
duffel
build
that
I
was
running
here,
live
on,
TG
I
can
I
created.
So
that's
one
of
the
value
ads
of
of
seen
a
band
of
duffel
okay.
So
now
we
can
watch
it
work,
so
we
can
actually
do
a
duffel,
install
and.
A
You
can
see
that
it
runs
a
hello
world
and
then
here
we
have
our
install
action
again.
So
this
is
where
I
got
a
little
bit
confused
earlier
cuz,
naturally
you
say:
oh
cool
I
was
able
to
run
my
install
action.
I
want
to
run
that
again,
so
my
first
thought
was
that
I
would
do
a
duffel
run,
but
that's
actually
not
what
double
duffel
run
is
used
for
I.
A
Think
the
mentality
here
was,
you
do
an
install
and
that
invokes
an
image
that
installs
something
and
once
it's
been
installed,
it's
sort
of
this
ephemeral
one
time
installation
case
and
you
should
never
have
to
reinstall
it
again.
If
you
do,
you
should
give
it
a
different
name
and
duffel
run
is
actually
how
you
would
run
these
arbitrary
actions
like
status
and
like
check
that
we've
been
talking
about
earlier
in
the
episode
so
to
run
this
command
again,
it's
a
little
counterintuitive,
but
you
actually
want
to
say
duffel.
A
You
want
to
use
install
again
and
you
just
want
to
give
it
a
different
name,
and
you
want
to
say
we
can
say
hello,
world,
underbar
and
then
we'll
just
give
it.
The
same
image,
name
and
now
you'll
see
that
it's
actually
going
to
run
our
program
again
and
if
I
tried
to
run
this
a
second
time
without
changing
the
name,
you
can
see
a
claim
with
hello.
A
So
anyway,
that's
sort
of
building
our
first
duffel
bundle,
and
so
it's
interesting
here
is.
If
we
actually
go
into
my
and
open
up
goal
into
IDE,
you
can
see
it's
gonna
index
over
here,
really
quick.
We
can
come
into
TGI
K
live,
we
can
go
into.
Let
me
open
this
up,
so
folks
can
see.
We
can
go
into
scene
AB,
we
can
go
into
app
and
we
can
go
into
run
and
because
install
this
is
basically
a
shelf
script.
We
can
put
whatever
we
want
to
in
here.
So
I
could
get
secrets.
A
A
So
the
idea,
then
being
that
like,
if
you
wanted
to
use
helm
to
install
an
operator
instead
of
typing
helm,
install
you
would
type
duffle
build
and
duffle
install,
and
you
can
do
this
pack
to
the
solid
but
duffle,
but
it
would
basically
just
run
home
for
you
so
anyway.
That's
what
this
install
action
does
for
you.
So
again.
This
is
like
very
similar
to
if
you've
ever
written
a
makefile
and
you've
done
like
a
naked
stall
or
make
bill
door
and
make
it
clean.
A
I
think
these
actions
are
sort
of
borrowed
from
the
idea
of
like
animate
make
target
at
least
that's
how
I'm
thinking
about
them.
In
my
head,
it's
like
commonly
used
verbs
that
do
like
commonly
used
actions
and
then
there's
an
ability
to
sort
of
like
define
arbitrary
ones.
Just
like
you
can
define
your
own
make
target
and
that's
where
the
duffel
run
command
comes
in
so
again
we're
doing
the
same
types
of
things.
A
We've
been
kind
of
doing
this
whole
time,
but
now
see
now
offers
other
way
to
standardize
that
so
that
we
can
come
together
and
just
start
interacting
with
our
applications
in
a
standardized
way.
What
you
choose
to
do
with
duffel
or
with
C
knob,
is
totally
up
to
you.
It
can
literally
do
anything.
This
is
just
a
standardized
way
of
wrapping
that
up
in
a
generic
way,
so
that's
sort
of
the
the
breakdown
of
duffel
and
how
you
would
use
it
and
how
you
would
get
an
application
up
and
running
I.
A
Don't
really
need
to
do
a
helm,
install,
although
I
guess
I
could
just
for
grins,
actually
do
I
have
how
I,
don't
even
think
I
have
comm
installed
on
here.
I
do
know
because
I
have
an
older
version
of
helm
where
the
are
Becky
stuff.
Is
it's
a
little
wonky,
so
we
could
do
a
key
Bechdel
install.
Let's
install
contour,
contour
install.
A
Let's
do
you
have
to
yeah
hep
do
contour,
so
we're
actually
just
gonna
hack.
This
really
quick
just
to
show
how
you
could
install
something
in
kubernetes
with
seen
happen
with
duffel.
So
there's
an
install
line
down
here,
BAM,
add
contour
to
your
cluster.
That
looks
like
we
have
a
question
here:
Anastos
as
to
bad
actions.
Don't
describe
state
that
stuff's
taken
yeah,
that's
a
really
good
point.
The
actions
don't
necessarily
describe
an
intended
state.
It
just
says
an
action
that
we
hope
works.
Then
I
think
how
many
I
guess
contour
deployment
our
Mac.
A
Our
back
here
is
what
we
want
to
do
so.
I
think
this
one-liner
is
gonna,
install
contour
for
us
and
I
spun
up
a
kubernetes
cluster
before
the
episode.
So
let's
do
K
get
our
good
old
can
get
po4.
Folks
at
home,
ia
leus,
keep
Bechtel
or
K
is
equal
to
Q
Bechtel,
so
I
can
do
instead
of
québec
I'll
get
pods.
I
can
do
yes.
These
are
all
the
all
the
same
command
just
I'm,
doing
it
the
short
way.
Okay,
oh
also
I
learned
that
cane
trick
from
Deus.
A
Speaking
of
all
of
my
friends,
ideas,
so
I
think
it
was
created
the
first
time.
I
saw
it,
but
it
was
I.
Remember
it
was
in
Boulder.
The
first
time
I
saw
that
so
anyway,
let's
copy
our
contour
install
mine,
BAM.
Let's
go
back
here
and
let's
delete
all
of
this,
and
let's
just
do
our
contour
line.
So
now
we
can
do
our
duffel
build
tgia
live,
so
it
built
it,
and
now
we
can
do
a
duffel,
install
we'll
call
it
contour
and
we're
gonna
use
this
invocation
image
here.
A
Q
Bechtel
not
fun,
oh
because
it's
running
in
a
container
okay
yeah.
So
we
would
have
to
like
first
install
Q
Bechtel
in
this
container,
and
then
we
would
have
to
use
the
the
duffel
credentials
and
pass
our
credentials
from
my
host
system
into
the
container.
And
then
after
we
have
Q
Bechtel
installed
and
we
have
connect
all
configured.
A
Okay,
so
we're
not
going
to
do
that
today,
because
it's
already
an
hour
and
25
minutes
into
the
episode,
but
I
think
for
folks
at
home.
If
you,
if
you
played
with
a
container
before
you
understand
how
you
would
be
able
to
actually
do
a
cubic
double
install
or
a
helm,
install
using
an
invocation
here,
an
invocation
image
here
in
with
duffle
and
machine
AB,
so
George
says
how
about
helm,
extensions
to
implement
scene
AB
and
automate
bundle,
file,
creation
for
existing
home
charts.
A
Honestly
George
I,
don't
know,
I'm,
not
a
helm,
expert
and
I
am
not
even
super
familiar
with
what
a
helm
extension
is.
So
maybe
somebody
else
here
in
the
end,
our
live
studio
audience
can
give
a
little
bit
more
color
on
helm.
Extensions
Antoine
says
very
interesting.
Thank
you.
Okay,
so
I'm
gonna
go
back
up
and
pull
up
my
beautiful
face
with
my
lovely
purple
hair
and
my
wonderful
platon
shirt
on
today.
Oh
my
god,
my
lips
are
super
dry.
A
If
anybody
has
any
questions,
real,
quick,
we're,
gonna
kind
of
start
to
wine,
the
episode
down
now
so
usually
this
takes
me
about
five
minutes
to
to
wine
the
episode
down.
So
if
you
have
any
questions,
drop
them
in
the
slack
or
not
in
slack
in
the
the
YouTube
chat,
while
I
have
everything
spun
up
I'm
happy
to
try
anything.
If
there's
anything,
you
want
to
see
if
you
have
any
questions
or
you
want
to
ask
my
opinion
on
anything
now
is
a
good
time,
I'm
happy
to
answer
it.
Otherwise,
it's
been
a
great
episode.
A
I
hope
we
learned
a
lot
about
scene,
AB,
the
spec
and
duffl
one
of
many
possible
implementations
of
the
scene,
AB
spec,
and
how
we
can
use
it
to
standardize
a
package
installation
or
like
a
package
package
deployment.
I
guess
the
one
thing
that
I
wanted
to
point
out
here,
and
this
is
where
the
look
at
the
bits
come
from
that
I
mentioned
earlier.
I
kind
of
forgot
about
this.
So
put
your
questions
in
now
and
I'm
going
to
show
one
more
thing:
real,
quick,
so
screen.
There's
my
screen.
A
Sorry
I,
like
some
of
my
lips
on
the
screen
so
now,
I'm
gonna,
like
white,
bulb
this
and
dried
spit
off
of
my
lips,
yeah
I'm,
a
software
engineer
you
can
tell
so
we
can
do
duffel
and
we
can
actually
see
oh
here.
It
is
again
the
scene,
AB
installer.
This
could
be
a
scene
app
installer.
We
see
we
have
a
lot
of
different
sub
commands
here.
So
far
we
looked
at
build
and
I
just
want
to
show
folks
a
couple
of
other
things.
We
can
do
a
duffel
list.
A
You
can
see
all
of
the
bundles
I've
installed.
You
can
do
a
duffel
claim
claims
list
and
you
can
see
all
the
claims
I've
installed.
You
can
do
a
duffel
build
list
in
yo,
just
kidding
finding
duffel
config
file,
I'm
sure
where
that
arrow
came
from
anyway
there's
all
you
can
come
and
poke
around.
We
did
duffel
install,
we
did
duffel
in
it,
but
what
I
was
alluding
to?
Let's
do
that?
A
Let's
clear
a
screen
here
and
run
this
again
is
import
and
export,
so
basically
import
and
export
basically
is
the
same
as
tar
and
on
tar.
So
you
can
actually
tarah
your
your
duffel
bundle
here
and
not
like
a
like
a
unique
artifact
that
you
could
then
pass
around
like
you
could
stick
that
on
the
thumb
drive
if
you
wanted
to,
and
you
could
pass
that
around
to
somebody
else
and
you
could
then
do
an
import
and
import
that
later
and
then
this
also
reminds
me
of
this
other
important
feature.
A
I
wanted
to
point
out
along
the
way.
Is
this
concept
of
a
kubernetes
driver
so
here
in
I'm,
sorry
like
it's
just
on
the
fly,
thinking
and
I
was
going
to
talk
about
this
earlier,
but
I
forgot
to
mention
it
so
just
a
few
more
minutes
and
then
we'll
wine,
the
episode
down.
Okay,
so
there's
a
kubernetes
driver.
If
you
come
back
to
the
hacking
D
there's
a
PR,
it
doesn't
work
yet,
but
they're
actively
working
on
it.
Let's
see,
where
is
this
thing
the
kubernetes
duffel
driver?
A
So
there's
this
pull
request
here,
and
here
is
wait.
Did
that
not
oh
I
think
just
the
the
link
is
off
there?
We
can
look
at
fix
that
up
afterwards,
anyway,
we're
working
on
this
kubernetes
driver
and
you
could
pass
the
dash
dash
driver
kubernetes
to
use
the
driver
and
I
think.
Basically,
you
could
do
a
duffel
install
kubernetes
and
instead
of
like
executing
run,
there
would
be
yet
another
abstraction
on
top
of
this.
That
would
allow
you
to
like
basically
run
this
thing
in
kubernetes,
instead
of
running
it
locally.
A
Martine,
sighs,
thank
you
for
the
intro
I,
like
your
makefile
analogy,
very
welcome.
Okay.
So
unless
anybody
has
any
other
questions,
it's
been
real.
I
love
hanging
out
here.
It's
good
to
see
everyone
we'll
see,
you
I,
don't
think
we're
gonna
do
a
TGI
K
next
week,
because
we're
gonna
be
at
cube.
Con,
so
well,
I
mean
we're.
Gonna
have
TGI
K
live
next
week.
Why
that
cube
con
that,
unfortunately,
will
not
be
live-streamed.
So
it's
totally
like
an
ephemeral.
A
If
you're
there,
you
get
to
see
it
and
if
you're
not
we're
sorry
we'll
try
to
get
something
more
next
time,
so
we'll
see
next
week
here
in
Seattle
and
then
I
think
we'll
be
back
the
week
after
for
TGI
K
as
usual.
So
let
us
know
what
you
want
to
see.
You
drop
an
issue
in
ping
me
or
Joe,
we're
happy
to
do
episode.
So
whatever
you
want
and
let's
see
what
folks
in
that
chat,
are
saying.
A
As
we're
saying
goodbye
to
all
of
our
friends
result
says:
thanks
for
a
great
episode,
Anna
Stas,
as
one
could
stick
whatever
into
Deb
package,
with
install
upgrade
uninstalled
triggers
and
do
the
same
thing
or
rpm
or
our
for
that
matter,
assign
them,
etc.
Honest
oz
brings
up
a
fantastic
point:
I'm
an
arch
linux
girl.
So
ARA
you
are
the
arch
user
repository
and
even
some
of
the
other
arts
repositories,
like
the
our
do.
A
Basically,
the
same
thing
when
I
was
looking
at
this
all
I
could
see
was
if
you're
familiar
with
even
free
PSD
package,
if
you're
familiar
with
like
the
make
package
command
and
arch
or
any
of
the
other
like
Debian
rpm
files,
they
all
sort
of
do
the
same
sort
of
like
thing
of
standardizing.
How
you're
gonna
build
something
it
just
passes
in
environmental
information,
and
then
we
just
expect
whatever
your
program
is
to
respect
those
as
you
like.
A
If
you
want
to
go,
explore
the
FreeBSD
ports,
you
can
see
that
PKG,
basically,
is
another
standardization,
just
like
scene
ab
for
defining
how
you're
gonna
do
this
kind
of
stuff
and
that's
how
all
the
FreeBSD
ports
work.
So
if
you
want
to
install
don't
install
docker
on
FreeBSD,
because
just
don't
but
yeah,
if
you
want
to
install
like
Emacs
on
FreeBSD,
you
will
actually
be
running
a
very
similar
program,
similar
to
duffel.
A
That's
going
to
then
run
some
other
arbitrary
logic,
that's
responsible
for
actually
installing
Emacs
and
then
each
of
those
ports
maintainer
keep
up
with
it.
So
you
already
see
patterns
very
similar
to
this
all
throughout
the
Linux
ecosystem
as
well.
This
is
just
sort
of
like
the
cloud
native
II
version
that
sort
of
extends
the
OSI
model
and
uses
images
instead
of
executables.
So
that's
the
big
difference
here
so
bob
says
planning
to
buy
several
rounds
at
uconn.
A
See
you
next
week,
Olaf
says
quite
interesting:
nice
walk
through
George
other
George
says
thanks
great
to
have
breakfast
watching
TV,
ok,
good,
to
see
you
George
great,
to
see
everyone
thanks
for
a
great
episode,
we'll
see
everyone
at
cube
con
next
week
and
we'll
see
everybody
back
here
live
from
the
hefty
with
Studios
the
week
after
for
another
exciting
episode,
our
60th
episode
of
T
gik.
So
thanks
again,
everybody
have
a
good
week.
I
will
talk
to
y'all
later.