►
From YouTube: TGI Kubernetes 184: kpack
Description
Join Cora Iberkleid and Whitney Lee as they explore kpack (https://github.com/pivotal/kpack) for building OCI-compliant container images at scale.
A
B
B
C
A
A
A
A
A
A
D
C
A
Yeah
go
ahead:
israel,
hi
hi,
so
my
name
is
whitney.
I'm
relatively
new
to
tech.
I
went
to
a
a
boot
camp
in
2019
I
graduated
in
october
of
2019
and
at
the
boot
camp
I
learned
full
stack
web
development,
so
I
actually
wrote
my
very
first
line
of
code
in
january
2019.
I
graduated.
I
worked
really
hard
that
year.
I
graduated
10
months
later
and
then
I
immediately
got
a
job
as
a
cloud
developer
where
I
didn't
use
any
of
that
web
dev
knowledge
at
all.
A
I
have
a
certifiably
medium
amount
of
kubernetes
knowledge,
because
I
have
a
kcna
certification
and
I'm
an
advocate
here
at
vmware
and
I'm
I'm
honestly
meant
to
represent
new
learners
and
and
make
myself
vulnerable
and
be
here
and
let
everyone
know
that,
like
they're,
not
the
only
ones
trying
to
wrap
their
head
around
this
new
material,
it's
hard
to
learn,
and
but
it's
fun
too,
and
rewarding
and
there's
so
many
great
people
in
the
kubernetes
community,
such
as
cora.
A
F
C
E
Yes,
so
yeah,
so
I'm
cora
iverkleid.
E
And
this
is
my
second
time
co-hosting
tgik,
so
I'm
really
thrilled.
E
So
I
guess
we've
got
we're.
Gonna
follow
the
normal
format,
which
is
a
little
bit
of
news
of
the
week.
There's
a.
C
Hackmd
link,
which
I
guess
you
should
share
that
yeah.
A
E
A
Yeah,
I
my
I
have
a
son
who's
22
years
old,
so
I
had
him
when
I
was
20
and
it's
been
very
rewarding
to
be
a
parent.
I'm
all
done
now.
I've
been
there.
Did
it
he's
a
he's,
an
adult
who
lives
in
in
california
he's
graduated
college,
but
I
feel
like
in
my
life
I
missed
out
on
global
travel.
That's
the
big
thing
I
sacrificed
by
being
a
mom
instead
of
yeah,
so
I
hope
to
make
up
for
that
this.
C
World
packs,
if
there's
anything
specific
you
want
to
get
out
of
today,.
E
That
we
can
spend
extra
time
on,
let
us
know
and
yeah,
so
the
hackmd
link
is
there.
A
Started
with
that,
we're
gonna
take
turns
announcing
things.
So
if
you're,
a
kubernetes
contributor
with
kubernetes,
is
switching
over
to
easy
cla
and
so,
according
to
a
github
issue
that
was
brought
to
my
attention,
the
migration
is
scheduled
to
happen
this
coming
weekend.
So
if
you
have
any
cla
issues
now,
you
know
why
I
don't
know
what
you
do
about
it.
Hopefully
they
get
the
github
issues.
E
A
So
I've
done
a
little
bit
of
fixing
up,
just
as
I
learned
from
I
I
okay
so
for
this
job
I
felt
like
I
wanted
to
understand
all
the
vocabulary
around
kubernetes,
so
I
actually
went
and
like
made
flash
cards
of
all
of
the
glossary
entries
so
that
I
could
get
my
work
up
my
vocabulary
and
understand
at
least
the
gist
of
what
everything
is.
A
C
A
E
All
right
so,
the
next
thing-
oh
yeah
yeah.
There
was
an
argo
cd
vulnerability
that
I
don't
know
all
the
detail
about
it,
but
I
know
that
it's
by
way
of
home,
like
somehow
helm,
was
opening
up
a
vulnerability
with
argo
cd
that
was
kind
of
like
a
day,
zero
vulnerability,
and
so
it
was
discovered,
I
believe
yesterday,
but
there's
already
a
patch
for
it.
So
if
you're
using
argo
cd
make
sure
you
go
out
and
grab
that
patch
and
patch
your
systems
that
sounded
important
enough,
it
does.
A
And,
according
to
last
week,
in
kubernetes
developments,
the
release
engineering
published
an
emergency
extra
update.
So
I
actually
don't
know
what
any
of
this
means,
but
the
word
emergency
made
me
feel
like.
I
should
include
it
here.
A
C
A
E
Will
so
it
works
a
little
bit
different,
so
the
idea
the
purpose
of
kpac
is
to
build
containers
from
code.
It
works
a
little
differently
than
canonical,
so
we
will
see
it's
not
a
silly
question
at
all,
so
I
would
say
I
don't
know
if
I'm
saying
your
name
right
but
rajasthan.
E
If
we
don't
have
a
good
answer,
if
you,
if
you
don't
feel
like
that,
question
was
answered
after
we
start
looking
into
kpoc
a
little
bit
more,
then
let's
bring
that
question
back
up
at
the
end.
E
I
think
mechanical,
I'm
trying
to
remember,
as
I'm
saying
this
if
caniko
relies
on
a
docker
file,
if
it's
using
your
doc,
I
think
I
think
chemical
requires
you
drop
your
docker
file
and
then
builds
your
app
from
the
docker
file
and,
if
that's
the
case,
then
kpec
does
not
require
docker
files,
and
it
has
a
much
more
sort
of
like
a
very
structured
approach
which
we'll
we'll
explore.
So
I
think
that
we
will
answer
that
question
in
more
detail
as
we
go
through
this.
E
That
was
perfect,
cool,
so
yeah.
So,
speaking
of
so
we
have
the
argo
cd
vulnerability
and
we
have
this
other
super
onerous
sounding
statement
that
if
you
use
these
extensions,
you
should
upgrade
so
so
we
thought
it'd
also
be
worth
mentioning
that
there
is
a
project
called
alpha
omega
that
was
created
to
to
design
a
secure
global,
open
source
supply
chain,
and
that
was,
I
think,
that
might
have
been
already
announced
back
in
october.
E
But
but
I
think
it
was
google
and
maybe
microsoft,
that
committed
more
money
to
it,
so
that
so
it
was
kind
of
like
raised
again
this
week.
I
think
I
was
raised
against
this
week
in
in
some
of
the
you
know,
kubernetes
sort
of
like
weekly
newsletter,
so
there's
a
link
there
to
also
oh,
and
also,
if
you
follow
that
link,
so
the
hack
md
link
is
in
the
chat.
E
So
definitely,
if
you
want
to,
if
you
want
to
find
the
links
that
we're
showing
on
the
screen,
you
can
go
to
the
hack,
md
link,
which
is
right
here
and
so
there's
a
webinar
if
you're
interested
in
that
topic,
if
you're
interested
in
learning
about
what
they're
thinking
of
in
terms
of
designing
this
concept
of
a
global,
so
open
source
secure
supply
chain,
there
is
that
webinar
on
february
16th.
Coming
up
that
you
can
join.
E
So
kpack
itself
does
not
use
maven
or
gradle
plugins,
but
the
technology
that
it
uses
to
build
an
image
can
also
be
accessed.
So
kpec
is
kind
of
like
an
alternative.
Kpac
is
is
sort
of
like
think
of
it
as
a
portal.
You
know
it's
something
that
allows
you
to
use
the
back
end
mechanism
and
this
for
spring
boot.
The
maven
and
gradle
plug-ins
are
alternatives
to
k-pac,
so
they
will
build
ultimately
the
same
image
as
k-pac
but
k-pac
itself.
A
Another
piece
of
news:
are
you
finished
with
your
piece
of
news
with
the
alpha
omega
cool,
so
just
a
reminder
that
the
call
for
papers
for
the
cncf
hosted
collated,
co-located
events
at
kubecon
and
cloud
native
con
europe
this
year
are
due
soon
they're,
due
in
10
days
on
february,
14th,
so
get
to
writing.
Yeah.
A
C
We'll
help
you
we
can.
We
can
help
with
your
abstract,
whatever,
whatever
you
need
to
get
the
courage
up
to
do
it.
E
All
right
and
then
the
last
piece
of
news
before
we
get
started
on
kickback
is.
C
Just
that
this
I
mean
these,
these.
E
Documentary
actually
came
out
in
january,
but
I
think
the
the
second
part
was
announced,
maybe
late
last
week,
so
we
thought
it
was
worth
mentioning.
So
if
you
are,
you
know
this
weekend,
if
you
don't
have
plans
and
you
can't
find
something
to
watch
on
on
netflix
there's
a
cheaper
documentary
by
honeypot-
that's
really
good!
E
On
kubernetes
with
you
know,
a
lot
of
the
hosts
that
you
see
here
regularly
regularly
on
tgik
are
being
are
interviewed
as
part
of
that
documentary
to
kind
of
tell
the
story
of
of
how
it
started
and
the
thought
that
went
into
it
and
how
things
happened.
So
it's
very
nicely
done
and
highly
recommend
it.
E
So
that
being
said,
I
think
we
should
get
started
on
kpop,
so
yeah.
So
thank
you,
rochester,
london
and
alex
alexander
for
for
the
questions
so
far
again
yeah.
So
let's
get
started.
E
Why
would
you
use
a
pack
so
k-pack
for
it's
a
project
that
was
created?
I
think
it
was
2018-ish
cloud-native
build
packs
were
created
in
2018,
which
is
a
way.
A
sort
of
a
very
structured
way
of
generating
oci
images
and
kpac
was,
is
one
tool
that
you
can
use
in
order
to
leverage
cloud-native
build
packs
to
generate
images,
so
the
project
itself,
I
believe,
also
dates
back
to
2018..
E
In
fact,
joe
bida
did
a
tgik
episode
on
kpac
a
couple
of
years
ago,
and
so
what
we're
going
to
try
to
I
mean
we'll
cover
the
topic
as
as
in
in
its
entirety
anyway,
but
probably
in
the
section
where
we're
doing
hands-on
stuff
we'll
try
to
probably
do
things
in
a
way
that
leverage
things
that
were
released
since
joe
did
the
last
episode,
so
you'll
see
something
a
little
bit
different
from
from
the
last
one
but
yeah
so
yeah.
E
E
Have
you
used
kpac
or
there's
also
a
cli
called
pack
you
can
use,
or,
as
alexander
mentioned
gradle
and
maven
plugins,
if
you're
using
spring
boot.
Those
are
all
different
ways
to
use
cloud
native,
buildbacks
and
kpak
is
the
one
that's
oriented
towards
really
like
high
scaling
high
scale
situations,
because
kpac
is
something
that
you
install
into
a
kubernetes
cluster,
so
it
can
operate
at
scale
and
it
can
operate
centrally
and
serve
a
lot
of
developments.
Development
teams
or
a
lot
of
developers
and
it'd
be
easily
managed
by
operations
team.
E
Essentially,
so
it
hits
all
those
kind
of
like
use
cases
as
it
leverages
cloud
into
build
packs
to
build
ocr
images
in
a
really
structured
way.
So
does
that
make
sense?
Yes,.
A
E
The
use
for
k
back
so
I
think
so
one
aspect
of
a
person
who
would
be
interested
in
using
kpac
is
a
person
who's
interested
in
building
images
in
a
in
a
in
a
more
structured
in
a
better
way
like
docker
files,
and
I
can
see
you
know,
several
people
in
the
chat
are
saying
they
use
docker
files.
A
lot
of
people
have
dropper
file
templates.
Their
company
has
created
docker
files
yeah
so
that.
E
Are
familiar
with
so
if
you
have
an
application
and
you
have
to
build
an
image
you're,
you
know.
The
first
thing
you
might
think
of
is
to
build
a
docker
file,
build
kit
and
java,
also
yeah,
okay,
yeah,
and
so
the
thing
is
that
every
docker
file
that
you're
using
is
like
a
script
that
you
wrote
by
yourself
right,
like
you're,
already
maintaining
your
code,
you're
already
maintaining
your
app.
E
If
you
add
a
docker
file
to
your
git
repository,
that's
one
more
piece
of
essentially
custom
code
that
you
have
to
maintain
it,
and
and
as
alexander
is
saying,
for
example,
in
his
case,
this
company
is
using
dockerfile
templates,
so
they
have
so.
In
that
case
there
are
organizations
that
have
you
know,
assigned
the
responsibility
over
docker
files
to
a
centralized
team
that
can
then
put
them
into
a
jenkins
or
something
like
that,
so
that
everybody's
using
the
same
ones
and
but
but
it's
still,
every
docker
file.
E
It's
still
a
custom
script
and
it's
still
gonna
be
different
from
the
ones
that
you
know
your
your
another
company
is
using
or,
or
you
know
anybody
else's
use,
because
each
one
is
one
that
you
wrote
so
cloud
native,
build
packs
was
an
attempt
to
solve
that
problem
of
saying
we
can
build.
E
We
can
first
of
all
there
we
can
build
better
practices
and
have
a
standardized
way
to
build
images
and
kind
of
like
make
it
part
of
the
system
that
you
that
things
will
work
out
of
the
box
and
that
they'll
be
easy
to
share
and
and
yeah
so
that
was
kind
of
like,
and
we
can
talk
about
sort
of
the
internals
of
cloud
native,
build
packs
and
it
got
rid
of
some
of
the
disadvantages
of
docker
file
like,
for
example,
when
you
build
an
image
with
a
docker
file.
E
If
you
want
to,
if
you
have
an
operating
system
vulnerability,
and
you
need
to
change
the
operating
system
in
your
image.
That
means
that
you
have
to
go
to
the
very
first
line
in
your
docker
file,
the
one
that
says
from
face
image
and
change
that
line
and
when
you
change
that
line,
because
your
docker
image
is
composed
of
layers
with
docker
file.
If
you
change
the
first
layer,
you've
got
to
throw
away
all
the
rest
of
the
layers
and
rebuild
the
image
which
is
slow.
E
E
The
code
right,
you
might
be
introducing
changes
inadvertently,
so
that
kind
of
thing
is
something
that
cloud
native
build
text
just
takes
a
very
different
approach
and
has
and
organizes
images
in
such
a
way
that
you
can
swap
out
layers
without
having
to
rebuild
the
whole
thing
they're
not
as
sensitive
to
like
the
order
of
the
commands
in
your
docker
file
and
things
like
that
and
and
then
there's
also
an
opportunity,
because
you're
just
reusing
logic,
that's
already
built
into
this
project.
Basically,
you
don't
have
to
write
yourself.
E
You
can
just
say,
like
let's
say
you're
in
java
right,
so
you
just
say
maven
package,
and
then
you
move
your
jar
file
jar
file
into
your
image
and
that's
that's
fine
it'll
work,
but
it
doesn't
have
any
like
extra
efficiencies
that
you
could
add
in
terms
of
maybe
memory,
management
or
or
layering
things
better
or
anything
that
you
would
build
into
the
app
you're,
probably
not
going
to
do
it
in
a
docker
file,
so
cloud-native
build
effects.
Give
us
a
much
more
sophisticated
way
to
build
images.
E
So
that's
so
that's
one!
So
I
guess
to
answer
your
question
like
one
reason
to
use
k-path
or
one
reason
to
use
anything
that
uses
file
native,
build
packs,
including
kpac,
is
that
you
want
to
build
better
images
and
you
want
less
responsibility
over
managing
a
customized
way
to
do
it,
and
then
why
k-pac
specifically,
because
your
alternatives
are
a
cli,
the
same
way
you
use
docker
build.
You
can
have
a
cli
experience
with
cloud-native
build
packs
or
if
you
like,
maven
package
or
gradle
build,
you
can
use
those.
E
You
can
use
those
commands
and
also
use
cloud
native
build
tracks
to
generate
an
image.
So
you
would
use
kpac,
because
you
have
the
use
case
where
you
need
to
support,
probably
a
larger
number
of
development
teams
who
are,
and
you
want
a
more
autonomous
way
where
you
can
just
install
something
in
kubernetes
that
will
be
watching.
So,
instead
of
the
imperative,
like
here's,
my
code,
I'm
going
to
drive
it
from
a
cli
command
you're,
you
can
install
something
that
is
going
to
be
polling.
All
of
your
git
repos
and
building
images
automatically.
E
So
all
you
have
to
do
is
a
git
commit,
and
then
this
this
operator,
that's
sitting
in
kubernetes,
watching
your
code
will
automatically
publish
an
image
to
a
registry
that
you
can
then
deploy
with
your
patched
argo
cd,
installation.
A
So
there
are
a
few
things
I'm
hearing
one
is
oh,
I
picture
like
a
dockerfile
being
like
like
a
parfait
or
something
with
a
glass
cup,
and
it
has
all
the
layers
of
deliciousness
and
and
then
like
a
build
pack,
doesn't
have
the
sides
so
like
if
you
were
able,
if
you
wanted
blueberry
jam
in
your
parfait
instead
of
the
raspberry
jam,
that's
there
and
if
you
had
a
dockerfile,
you
have
to
throw
away
everything
on
the
top
and
rebuild
your
parfait,
where
somehow,
with
k-pack
and
with
cloudy
to
build
packs,
you
can
just
remove
that
layer
and
generate
it.
A
And
then
keep
that
right.
I
just
want
to
drive
home
too
that
I
think
the
big
one
of
the
big
benefits
that
I
know
is
that
watching
and
I
don't
know
if
any
other
the
cloud
native
bill
pack
tools
do
this,
but
I
think
it's
so
cool
that
it
it.
It
pulls
the
get
repo
for
you.
So
you
not
only
do
not
have
to
to
maintain
a
docker
file.
A
You
don't
even
have
to
make
a
docker
file,
it's
just
watching
it's
just
watching
and
then
the
the
image
just
gets
built,
and
I
think
that
seems
like
a
huge
value
and
then
I
imagine
if
everyone's
making
their
custom
script
and
there
are
all
kinds
of
different
docker
files,
it
seems
possible
that
the
end
image
could
be
very,
not
very
different,
necessarily
but
not
standardized
yeah.
If
you
from
the
same
code
base,
you
could
build
different
docker
files
and
get
different
images
and.
E
E
C
Then
you're
the
operator
responsible
for
saying,
like
okay,
I'm
going
to
let
this
into
production
because
they
said
it
was
secure
enough.
You
know
like
who
knows.
A
E
So
so
a
couple
of
the
questions
cube
cuddle
exec
into
a
build
pack,
so
what
you
can
do
is
is
with
so
when
kate,
we
will
see
this
when
capec
is
building
an
image.
The
build
is
happening
inside
of
a
pod,
so
you
can
cue
cuddle
exec
into
that
pod,
if
you
need
it
to
as
long
as
that,
pot
is
still
up
right,
like
if
your
build
is
taking
long
enough
that
you
have
time
it's
just
a
pod.
E
Well,
having
said
that,
let
me
yeah
yeah,
because
it
has
it's
a
pod,
but
every
the
process
of
building
an
image
is
composed
of
like
different
steps,
and
each
step
is
happening
in
a
different
init
container.
So
I
guess
you
just
have
to
keep
cuddle
exec
into
the
right
container,
but
I
don't
yeah.
So
I
don't
know
if
you
would
need
to
do
that
very
often,
but
you
know
it's
a
bills
happening
in
a
pod
across
a
series
of
containers,
so
it's
no
magic
and
then
okay
back
work
behind
corporate.
E
I
mean
okay
you're,
installing
it
in
your
kubernetes
cluster.
So
as
long
as
you
know,
the
access
from
kpac
to
your
registry
and
to
your
get
source
code
is
all
behind
your
corporate
proxy.
Then
it
should
just
work.
It
doesn't
it's
just
it's
living
inside
your
kubernetes
cluster.
So,
however,
you
configure
your.
F
E
That's
a
good
question.
I'd
have
to.
We
have
to
look
up
so
the
do
you
mean
something
that
you
a
tool
that
you
can
use
on
your
windows,
machine
to
build
images
or
something
to
build
images
that
would
have
like
a
windows
operating
system
in
the
container
image.
Like
is
the
windows
as
the
the
machine
you're
working
on
or
what
you
want
in
the
image.
E
I
guess,
if
you
can,
we
can
keep
talking
about
that,
one!
Okay,
so
should
we
should
we
try
it
out
so
yeah
yeah.
E
So,
okay,
so
we
so
it's
just
a
kubernetes
project.
So,
like
anything
else,
you
have
to
cuddle,
apply
and
the
release
file
that
you
would
download
from
the
website,
but
because
we
because,
as
I
mentioned
joe,
did
an
episode
on
k-pop
a
couple
years
ago,
this
is
the
way
he
would
have
acquired
it
in
the
episode.
This
is
the
way
he
would
have
installed
it
in
the
episode
just
cute
pedal
apply
and
the
yaml
file
that
you
download
from
the
github
site
for
kpac.
E
So
what
we're
going
to
do
a
little
differently
is,
if
you're,
if
you've,
been
watching
recent
tgik
episodes,
you've,
probably
seen
timmy
and
josh,
and
others
talk
about
tonzu
community
edition
and
very
recently.
I
think
it
was
one
or
two
weeks
ago.
K-Pac
a
package
so
so
tons
of
community
edition
is
a
tool
to
provision
clusters
and
also
a
tool
that
helps
you
install
additional
applications
that
you
would
normally
you
know
need
on
your
kubernetes
cluster
right.
If
you've
heard
people
say,
kubernetes
is
a
platform
for
building
your
platform.
E
That
means
that
vanilla
kubernetes
is
not
enough.
Generally,
you
need
to
install
things
like
like
k-pak.
If
you
want
to
build
images
right
or
like
I
don't
know,
k-native
or
contour
different
projects
that
you
need
to
make
your
kubernetes
cluster,
more
full-featured
and
so
tons
of
community
edition
and
there's
a
link
in
the
chat
is,
is
a
tool
that
helps
you
build
up
that
cluster
and
so
kpat
was
recently
added
as
a
package
to
tanzu
community
edition.
So
we're
going
to
go
through
the
installation
using
that
approach.
E
Instead,
thanks
tom.
A
A
E
We're
gonna
do
this:
okay,
so
basically
okay!
So
so
what
do
we
have
on
so
on
your
computer,
so
so
whitney?
And
I
made
sure
that
we
have
a
cluster
running
that
wasn't
installed
with
tonsu
community
edition
right
now
there
shouldn't
be
anything
on
it.
So
if
you
do
a
first
of
all,
you
can
do
like
a
a
cube
tx
just
to
show
we're
pointing
at
a
cluster
or
cube
ctx.
I'm
sorry
so
we're
pointing
at
a
cluster.
So
the
one
that
we
provisioned
is
a
you.
E
Can
provision
different
kinds
of
clusters
with
community
sounds
of
community
edition.
It
can
be
a
you,
can
provision
a
cluster
on
a
public
cloud
like
aws
or
google
or
azure,
and
or
you
can
do
something
locally
on
your
docker,
so
we're
working
locally
on
on
whitney's
machine
on
docker
and
the
other
choice
you
have
with
tons
of
community
edition
is
to
configure
like
an
unmanaged
single
cluster
or
to
create
a
management
cluster
and
then
use
your
management
cluster
to
create
worker
clusters,
where
you're
actually
going
to
deploy
things.
E
B
B
E
E
Let's
see
any
other
questions.
E
Yeah,
I
don't
know
if
not
to
put
you
on
the
spot
tom,
but
if
you
know
more
about
the
tbs
versus
kpat,
I
think
there's
more
support
in
tbs
to
swap
out
the
os.
E
I
believe
that
was
a
thing
with
open
with
tbs,
so
tbs
for
those
who
don't
know
being
the
commercial
version,
so
kpac
is
the
open
source
version
and
tons
of
build
service
is
the
commercial
version
of
this
product.
So
it
is
everything
k-pac,
plus
a
few
extra
things
that
that
would
be
interesting
to
to
you
know,
organizations
but
not
essential
to
to
getting
value
out
of
kpac
if
you're,
if
you're,
not
looking
for
that.
E
Okay,
so
did
that
work?
Okay,
good!
Okay!
So
so
you
can
see
that
in
this
cluster
there's
we
don't
have
a
k-pop.
We
haven't
installed
paypal,
yet
there's
no
k-pac
name
space,
there's
just
regular
name
spaces
that
you
expect
out
of
vanilla,
kubernetes,
plus
a
couple
that
have
to
do
with
tons
of
community
edition
as
a
system,
so
the
core
stuff
and
the
tpg
system
which
helps
to
provision
clusters
and
then
this
package
repository
namespace,
which
it
holds
the
package
repository.
E
That
includes
kpop,
so
here
we
want
to
type
tanzu
package
available
list
command,
so
here
we're
just
asking
this
tanzu
community
edition
cluster
to
tell
us
what
packages
are
available
in
this
repository.
E
None
of
these
are
pre-installed
but
they're
available
for
us
to
install,
and
so
you
can
see
there
that
we
have
the
kpac
package
available
to
us
so
and
just
if
you're
gonna
try
this
at
home
I'll.
Just
warn
you
that
that,
if
you're
doing
the
standalone
cluster,
you
just
have
to
upgrade
your
package
repository
to
version
092
to
get
kpak
in
it.
Because
kpac
was
a
such
a
recent
addition
to
this
package.
Repository
that
you
just
gotta,
make
sure
there's
a
you
can
in
the
cli.
E
You
can
do
a
tons
of
package
repository
update
command
and
you
just
do
it
with
version
zero.
Nine
two!
Instead
of
zero,
nine
one,
which
is
what
is
in
there.
E
So
so
once
you
have
that,
then
what
we
really
wanna
do
is
go
to
the
tonsil
community
edition
website,
because
the
inside
the
instructions
that
we're
looking
at
on
the
screen,
which
are
the
ones
from
the
kpac
github
repo,
are
the
ones
to
normally
the
way
you
would
install
write
cupid'll
apply
this
yaml
file
to
any
cluster.
E
But
since
we're
going
to
do
this
with
tons
of
community
edition,
we
actually
want
to
check
the
tons
of
community
edition
documentation,
and
so
you
can
see
there
should
be
a
link
on
the
left
there
to
say
that
says:
packages
a
bit
lower
down
the
insta.
The
installation
on
this
page
refers
to
the
actual
installation
of
which
we
did
yeah.
So
now
we're
in
the
packages
section
and
we
can
find
a
contract
yeah.
So
here
so
now.
E
So
that's
the
other
nice
thing
about
tons
of
community
edition
is
that
it
gives
you
this
resource
with
information
about
all
of
the
packages
that
are
part
of
this
particular
package
repository.
So
it's
a
little
extra
help.
I
guess
in
terms
of
like
getting
you
to
to
help
install
so
so
one
thing
that
we
see
here
is
that
if
you
read
through
the
dock,
you'll
see
there's
no
prerequisites
for
kpap
it.
E
You
can
just
install
it
by
by
itself,
and
there
are
some
configuration
parameters
which
we
will
use
a
few
of
them
and
also
there's
this
mention
of
a
cli
right
somewhere
in
the
middle.
It
says
this
assumes
that
the
kpac
cli
has
been
downloaded.
E
So
that's
another
new
thing
that
I
I
don't
think
that
was
around
two
years
ago,
when,
when
joe
did
the
last
session
on
tgik.
So
I
would
say,
let's
start
by
installing
that
cli
actually.
E
E
To
convince
you
to
use
tomsu
standard
well,
one
great
way
to
figure
out
if
you,
if
you
want
to
be
convinced,
is
to
use
tonzu
community
edition,
because
tanzo
community
edition
basically
has
it's
like
an
unrestricted.
E
You
know
no
strings
attached,
oss
free
all
of
the
oss,
that's
part
of
of
sanzu
commercial,
so
it's
a
so
evaluating
tons
of
community
edition
is
a
great
way
to
to
figure
out.
You
know
if
you
want
to
go
along
with
those
suggestions
or
or
not
awesome.
Okay,
so
we've
got
the
kpcli
installed.
So
now
we
want
to
do
okay.
So
let's
go
back
to
the
documentation.
E
And
the
other
thing
we're
going
to
need
is,
of
course,
the
documentation
for
tons
of
community
edition
the
the
middle
one
yeah
okay.
So
if
you
scroll
up
just
a
little
bit
we'll
see
what
are
the
parameters
that
we
might
have
to
supply?
We're
not
going
to
be
using
proxy.
So
we
don't
need
the
bottom
three,
but
the
top
three
are
are
important,
so
we
want
we
need
a
default
repository
and
we
need
the
username
and
the
password
basically
right.
E
So
what
you
want
to
do
is
create
a
file
and
put
these
three
values
in
the
file.
A
E
A
Okay,
touch
is
the
right
word
right.
E
Yeah,
you
can
use
vi,
you
can
use
whatever
editor
you
want
and
so
yeah.
So
just
you
can
literally
make
sure
you
type
the
I
to
insert
yes,
okay
and
then
you
can
copy
and
paste
those
three
values.
E
And
so
that,
okay,
so
for
this
one
then
add
a
colon,
because
this
is
yellow
and
then
here
we're
going
to
want
to
put
your
so
we're
going
to
be
using
docker
hub
is
what
we
decided.
E
Yes,
okay.
So
then
it
would
be
your
like
yeah,
whatever
your
docker
hub,
wiggity
whitney,
was
that
your
or
you
could
just
actually
docker
hub
docker
hub
is
usually
the
default,
so
you
don't
even
need
that
when
it's
docker
hub,
if
it's
gcr
or
something
you
do
need,
but
you
could
literally
just
put
your
username
and
then
slash,
and
then
you
know
slash
something,
maybe
kp
or
something
tgik
is
fine
yeah.
E
This
is
for
this
is
what
kp
is
going
to
use
to
to
move
some
images
into
your
registry.
We
have
an
opportunity
to
specify
different
repository
names
later
that
are
going
to
go
underway
whitney,
but
so
this
is
one
okay,
okay,
then,
then
yeah.
So
then
the
next
value.
D
E
For
well
so
k-pac
is
a
per
cluster
installation.
So
if
the
question
is
specifically
about
like
how,
if
you
can
distribute
the
build,
because
basically
the
only
thing
that
back
is
doing
is
it's
looking
at
where
you
say
your
source
code
is
and
when
there
is
a
git
commit,
then
it
will
build
the
image
and
it
does
that
in
a
pod.
So
you
can
you
can
leverage
all
of
the
resources
within
your
cluster
to
do
that.
If
you
you
know,
you
can
create
the
the
resource
that
points
to
your
source
code.
E
You
could
create
them
in
different
name
spaces.
So
you
can
you
know
you
can
make
you
can
make
that
spread
out.
I
guess
somehow,
but
but
it's
not
gonna
spread
across
a
different
like
one
k
pack
is
not
going
to
reach
out
to
a
different
cluster
to
trigger
a
build
to
happen
on
a
different
cluster,
so
so
from
a
single
k
pack
perspective
no,
but
you
can
install
kpac
on
aws
or
on
vsphere
or
on
google
like
it
doesn't
care.
Just
you
just
need
kubernetes.
E
E
So
if
you
do
like
a
head
minus
n
two,
you
could
type
head
minus
n
minus,
oh
head
space,
minus
n
space,
two
and
then
the
name
of
the
file
and
that'll
just
give
us
like
the
top
two
lines
of
the
file.
Okay,
so
long
as
the
password
was
the
third
line,
we
should
see
okay,
so,
okay,
so
we'll
assume
the
third
line
so
would
have
been
kpop
kp
default
repository
password
and
and
what
you
actually
use
was
an
access
token.
Is
that
correct?
E
Yes,
that's,
correct,
right:
okay,
so
yeah,
better
practices,
if
you're
using,
if
you
know,
depending
on
on
your
registry,
what
it
gives
you,
but
for
docker
hub
in
particular,
you
know
we
can
use
access
tokens
instead
of
our
password.
So.
D
E
Now,
when
we
install
kpac,
it
will
read
this
information
and
it
will
populate.
Actually,
I
think
it's
a-
I
think
it
populates
a
configmap
so
that
I
think
the
kpcli
is
going
to
use
this
information.
So,
okay.
So
having
said
that,
let's
go
ahead
and
install
it,
so
the
installation
command
is
is
going
to
be
a
standard
command
for
when
you're
dealing
with
tons
of
community
edition.
E
E
But
but
you
could
also
yeah
so
under
packages
under
k-pac,
there's
only
going
to
be
one
version
of
payback,
some
other
some
of
these
other
products,
zero,
five
zero,
which
is
the
least
some
of
these
other
products,
have
different
versions
that
are
included
in
the
repository.
But
here
we
only
have
one.
So
we
can
go
ahead
and
say:
tanzu
package
install.
E
Are
we,
why
don't
we
do
a
tan
zoo
package
available
and
I
think
it's
a
list
and
then
type
kpak
kpac.community.tonzoo.vmware.com.
E
E
Yeah,
okay,
so
now
we
want
to
install
this,
and
so
it's
time
so
this
is
for
any
package.
There
was
like
a
list
of
12
packages.
You
saw
that
before
right,
something
like
that.
So
for
any
package
you
would
just
say
tons
of
package
install
kpac
in
this
case
we'll
name
it
kpac
and
then
you
say:
minus
minus
package
dash
name
and
then
you
can
copy
paste
that
kpak
community
onto
vmware
com,
not
the
virgin,
though
not
the
version
yet
nope.
E
Perfect
and
then
minus
minus
version
and
then
the
version
number
space
and
then
the
version
number
and
then
because
we
do
have
a
configuration
files,
then
we
want
to
say
minus
minus
values,
dash
file.
E
If
you
did,
if
you
did
the
install
the
regular
way
without
tons
of
community
edition,
like
you
can
see
here
in
the
output,
it's
saying
it
installs
a
package,
the
name
space
is
also
part
of
the,
but
I
think
it
does
like
so
the
service
account
and
the
secret
is
automatically
creating
those.
E
So
it's
just
like
payback
installation
is,
is
not
complicated
regardless,
even
if
you're
just
doing
the
regular
cue
cuddle
apply
in
the
release
file,
but
doing
it,
this
way
does
remove
like
one
or
two
steps
of
like
the
secret
in
the
service
account.
I
think
so
it's
a
tiny
bit
easier.
E
A
We
should
read
it:
the
config
options
have
proxy
settings,
but
corporate
proxies
tend
to
intercept
traffic
and
use
private
root
certificates
to
do
this
for
https
traffic.
So
is
there
a
way
to
add
this
root
certificate,
and
that
is
something
we
don't
know.
We're
hoping
that
our
friend
tom
from
yeah,
maybe.
B
E
If
tom
can
help
us
out
and
if
not,
we
can
do
a
little
more
digging,
but
I
feel
like
we're
going
to
get
the
best
answer
if
we
give
them
a
second
but
good
question.
A
I'd
be
interested,
so
I
would
like
to
talk
a
little
bit
about
just
for
people.
Maybe
who's
who
are
earlier
on
in
their
journey.
Like
me,
like
we
said,
kpac
is
a
tool
for
cloud
native,
build
packs,
but
what
are
cloud
native
build
packs
like
that's
what
I
think
we
should
maybe
go
into
about
a
little
bit,
because
I
found
cloud
native
build
packs
a
little
bit
difficult
to
understand
at
first
because
build
packs.
The
build
packs
are
called
build
packs,
but
also
build
packs.
A
A
Let's
go
to
the
buildpacks
website,
but
before
we
do,
we
have
some
more
conversation
in
chat.
So
tom
came
on
to
answer
martin's
question:
there's
actually
an
issue
to
add
a
certain
injection
web
hook
to
tce,
meaning
tons
of
community
edition.
I'm
currently
working
on
that,
but
I
don't
have
any
ta
yet
so
it's
coming
and
then
alexander
has
a
question
where.
E
Does
okay
yeah,
so
where
does
it
cash?
So
kpac
is
going
to
use
a
persistent
volume
claim
for
the
cash
for
a
build
so
that
if
you,
if
you
build
something
once
and
you
download-
let's
say
it's
a
java
app,
so
you
build
it
once
and
you're
going
to
download
the
jdk.
E
That's
not
going
to
go
in
your
image!
That's
going
to
go
to
production
right,
so
you
don't
want
to
have
to
download
that
jdk.
Every
time
you
build
so
that
has
to
be
cached
somewhere.
So
cape
back
in
particular
work
out.
We'll
cache
that
in
a
persistent
volume
claim
you
can
you
can,
if
you
didn't
want
that,
you
could
disable
that
feature,
which
just
means
that
your
builds
will
take
longer.
You'll
have
to
download
it
every
time,
but
it
uses
a
persistent
volume
claim
to
do
that
cool.
E
E
So
now
we
have
a
new
one,
we're
not
pointing
at
it.
We're
not
supposed
to
be
pointing
at
it.
That's
good,
but
there
is
a
kpak
one
and
you
could
do
like
you
could
do
if
you
want
to
do
a
cube.
Cuddle
get
pods
in
minus
n
k-pack,
for
example.
You
can
look
at
what's
what's.
E
Get
pods
minus
n
k
pack
yeah
more
builds
yeah
right
longer,
coffee
break
exactly
so.
Okay,
so
you
can
see
that
there's
a
couple
of
pods
running,
so
this
is
like
the
internal.
This
is
like
the
actual
product
right.
What's
whatever's
in
the
kpac
name,
space
is
like
what
was
installed
by
k-pap
for
the
product
itself.
We
won't
be
adding
stuff
to
that
namespace,
but
you
can
see
the
controller
is
there.
E
So
if
you
ever
really
like,
if
something
was
not
working
and
you
just
didn't-
you
thought
maybe
like
it's
an
error
within
kpac,
you
could
come
to
this
namespace
and
check
out
the
log
for
the
controller.
That
would
be-
maybe
maybe
maybe
something
would
you
know,
help
you
out
there
so,
but
we're
going
to
be
working
in
just
the
default
name,
space
to
actually
build
to
create
the
resources
that
are
going
to
build
our
application.
E
B
E
All
right
so
yeah,
so
I
think
that's
the
other
cool
thing
about
cloud-native,
build
packs
in
general
that
they
really
leverage
kind
of
like
the
latest
functionality
and
features
of
registries,
and
they
have
they
offer
a
pretty
sophisticated
sort
of
like
caching,
caching
capabilities
by
leveraging
the
fact
that
oci
images
are
really
manifest.
That
point
to
layers
and
and
that
oci
registries
can
enable
some
sort
of
advanced
caching,
and
so
the
cloud
native,
build
text.
Projects
in
general
tries
to
take
advantage
of
those
things.
E
So
it's
nice
to
see
even
newer
things
coming
up
in
that
sense.
Okay,
so
we
were
we've.
E
Your
opening
question
whitney
about
getting
more
into
cloud
native,
build
packs
in
general,
let's
so,
okay,
so
let's
do
those,
maybe
in
parallel,
maybe
as
as
we
move
forward
with
k-pac,
we
can
talk
about
what
does
that
mean
in
the
context
of
platinum
x
in
general,
okay,
yeah.
E
Okay,
so
so,
since
I
know
that
many
people
in
chat
have
mentioned
that
they
work
with
docker
files,
docker
files
are
always
the
right.
The
first
statement
in
a
docker
file
is
always
from
something
from
a
base
image
that
has
only
you
and
you
know,
some
kind
of
linux
or
whatever
or
from
a
base
image.
That
has
the
run
time
for
a
node
app
or
for
a
java
app
right.
You
can
choose
your
starting
point
and
you
can
go
to
docker
hub
and
maybe
see
what
their
like.
E
The
certified
images
are,
or
maybe
your
company
has
like
a
certified
one,
that
everybody
has
to
use
that
one.
So
in
the
case
of
cloud
native,
build
hacks,
so
yeah,
so
I
would
say:
yeah,
let's
open
up
those
two
pages
actually
build
paxa,
io
and
packet.
The
io.
E
I
mean
the
original
concept
of
build
that
build
packs
does
date
back
to
like
20,
I
don't
know
11
or
ish,
more
or
less,
but
the
cloud
native
version
that
is
kubernetes
native,
that
is
for
building
oci
containers.
Specifically
this.
This
project
came
up
with
this
idea
that
this
should
be
a
very
strong
that
this,
the
idea
of
building
oci
image
should
be
a
very
structured
approach
and
what
they
did
really
is.
E
They
came
up
with
a
couple
of
apis
and
they
said
we're
gonna
provide
an
api
for
somebody
who
will
for
anybody
who
wants
to
provide
like
modules
that
know
how
to
build
your
application
and
that
can
provide
those
base.
Images
that
you
need.
So
everything
that
you
expect
out
of
a
docker
file
right,
the
from
base
image,
and
then
your,
I
don't
know
your
maven
package
or
your
app
get
install
or
your
you
know,
and
somebody
mentioned
that
they
work
with
jib
one
of
the
things
that
jib
will
do.
E
So
one
of
the
things
that
jib
was
a
jib
was
a
tool
that
came
out
of
google
that
was
for
java
only,
but
what
it
did
is
it
would
you
would
do
it
would
you
would
compile
your
code
on
your
computer
as
normal,
the
same
like
a
maven
compile,
but
then
jib
would
take
all
those
class
files
and
instead
of
taking
the
jar
file
and
putting
it
into
an
image,
it
would
organize
your
class
files
and
say:
okay.
E
Well,
these
class
files
are
like
your
dependencies,
you're,
probably
not
going
to
use
those
very
often
you're,
probably
going
to
change
those
very
often,
and
then
it
had
some
other
kind
of
like
levels
of
of
what
it
predicted
to
be
like
what
you're
gonna
change
and
then
the
last
one
was.
This
is
your
actual
code
that
you're
writing
as
a
developer,
so
you're
probably
gonna,
be
changing
these
files
a
lot
so
it
so
it
what
it
did.
Is
it
moved
those
files
into
the
image
as
separate
layers?
E
Jib
doesn't
use
a
docker
file,
but
it's
as
if
you
had
a
docker
file
that
compiled
your
code
and
then
had
four
separate
copy
statements,
the
last
one
of
which
would
be
a
copy
of
your
actual
code
right.
The
first
one
would
copy
dependencies
and
so
on,
and
so
jib
kind
of
introduced
that
efficiency,
and
also
because
it
because
it
copied
things
as
separate
layers.
That
meant
that
if
you
only
change
your
code,
the
rebuild
is
faster
because
you
don't
have
to
re-uh
re-download
or
re-remove.
E
The
the
main
dependencies
you're
just
dealing
with
a
little
layer
and
also
the
application,
starts
up
faster
right.
An
app
that
starts
up
from
from
a
jar
file
is
going
to
be
a
little
slower
because
it
has
to
explode
that
jar
file
than
if
you
already
pre-explode
all
of
those
class
files.
So
so
the
efficiency
was
better.
So
jib
already
introduced
those
things.
So
you
could
do
that
manually
with
your
docker
file,
but
I'm
gonna
guess
you
know
like
they're.
D
D
D
E
E
E
P-A-K-E-T-O,
like
pac-butt
without
the
c
for
some
reason:
okay,
yeah,
so
okay,
so
the
bill
packs
project
just
came
up
with
this
idea
that
this
is
the
way
things
should
be
done.
Things
should
be
very
structured
so
that
an
image
doesn't
isn't
so
sensitive
to
the
order
of
the
layers
as
a
docker
file,
so
that
you
can
swap
things
out
so
that
we
take
advantage
of
the
of
the
latest
and
greatest
features
of
registry
caching
and
of
oci
image.
E
The
way
that
oca
images
are
composed
and
but
they
did,
but
the
project
itself
didn't
want
to
say
we
are
the
experts
in
how
you
build
the
java
app
or
we're
the
experts
and
how
you
build
a
node
app
or
even
like
we're
in
the
business
of
telling
you
which
base
image
of
you
know
maintaining
slas
on
vulnerabilities
in
in
your
base
image.
The
buildpacks
project
is
not
in
that
business.
Instead.
What
they
provided
was
an
api
and
said
here's
a
buildpacks
api.
E
Whoever
wants
to
be
in
that
business
go
ahead
and
implement
this
this
api,
so
pocketo
is
one
implementation
of
the
buildpacks
api,
and
so
they
provide
all
of
these
little
modules
of
software
that
each
know
you
know,
there's
one
module.
That
knows
how
to
do
the:
how
to
compile
a
maven
application,
there's
another
one
that
knows
how
to
deal
with
a
gradle
application.
There's
one
that
knows
how
to
download
jdk,
there's
one
that
knows
how
to
build.
E
That
is
that
from
statement
in
your
docker
file
right,
whether
it's
the
from
statement
where
you
might
build
your
app
or
the
front
from
statement
where
you
that
that
you
use
for
the
for
the
app
that
you're
actually
going
to
put
into
your
production
system
right
that
maybe
has
less
things
in
the
build
environment
where
you
look
in
cncf
lands.
So
walid
is
saying
where
you
look
in
cncf
landscape.
Things
are
getting
more
depth
and
breath
wonder
how
one
will
keep
up
with
all
of.
D
E
Actually
think
like
yes,
the
world
is
getting
there's
like
more
options
and
and
they're
all
getting
more
sophisticated
as
you're
saying
more
depth
and
more
breath,
but
I
also
think
they're
getting
easier
to
use.
You
know
sometimes
I
think
about
like
I
used
to
use
this
analogy
even
before
kubernetes
for
something
else,
but
I
think
it
applies
as
well
to
now,
which
is
like.
E
Do
you
remember
the
days
like
in
the
office
where,
like
you
would
have
like
an
old
cisco
phone
or
a
siemens
phone,
it
wasn't
impossible
to
use,
and
you
had
to
learn
to
use
like
the
red
like
how
to
look
up
somebody's
number
and
how
to
get
your
voicemail.
It
was
like
miserable
and
then
suddenly,
like
the
iphone,
comes
out.
E
Is
so
much
more
advanced,
it's
like
an
entire
computer
in
your
hand,
but
it's
easier
to
use
right,
like
the
user
experience
is
better.
So
I
think
that
the
same
thing
is
happening
in
cncf
and
this
whole
kubernetes
ecosystem.
Where,
if
you
look
at
I
mean
that's,
what
tons
of
community
edition
is
trying
to
offer
right?
E
It's
saying
we
recognize
that
the
cncf
landscape
is
there's
more
depth
and
more
breath,
but
we
want
to
make
it
easier
to
use
we're
going
to
give
you
packages
and
we're
going
to
give
you
a
list
of
things
that
this
is
maybe
your
first
go-to
and
we're
going
to
come.
You
know
sort
of
consolidate
the
documentation
and
I
think
that's
going
to
be.
I
think
that's
a
pattern
where
the
now
that
we've
figured
out
all
more
like
infrastructure
topics-
and
you
know
kubernetes
kind
of-
was
like
a
way
to
reinvent
all
that
stuff.
E
A
And
we're
talking
too
like
from
an
ops
perspective
and
setting
it
up
and
how
it
all
works,
but
like
once
it
is
set
up.
It's
watching
your
repo,
like
you,
don't
do
anything!
So
if,
if
it's
not
your
job
to
do
this
particular
piece
of
it,
then
it
magically
happens
in
the
background
for
you,
just
like
all
the
components
working
in
your
phone
that
you're
not
actually
thinking
about
right,
we're
wearing
our
operator
hats
right
now.
Yes,.
C
Friend,
well,
thank
you
ali
for
making
it
easier
for
the
developer.
E
So,
okay,
so
now,
if
you
were,
if
you're
just
a
person
on
your
computer
and
you're
you're,
not
you
don't
need
kpac,
you
don't
need
this
thing
to
be
running
in
a
cluster,
watching
your
repos
and
like
maybe
helping
other
developers,
you
could
just
use
cloud-native
build
plans,
which
is
what
we've
been
talking
about
with
the
cli
at
your
computer.
And
if
you're
going
to
do
that,
then
you
can
just
you.
Don't
never
have
to
wear
that
ops
hat
you
just
go
straight
to
the
developer
experience
and
you
can
type
instead
of
docker
build.
E
You
type
pack
build,
and
you
can
say
I
want
to
use
potato
build
pants
or
whatever
heroku
has
built
packs.
Google
has
built
blacks,
but
you
know
we're
vmware.
We
like
our
potential
so
also
open
source,
but
so
you
could
do
that
and-
and
you
would
build
an
image
using
this
very
structured
approach,
but
if
you're
using
kpac
you
have
to
you
have
to
do
an
extra
step.
It
does
take
like
one
step
from
an
operator
to
do
a
little
bit
of
configuration
that
you.
E
Avoid
if
you're
just
using
the
cli
experience
so
shall
we
do
that?
Let's
do
that?
Okay,
let's
do
that?
Okay,
so
basically
we've
installed
kpat
and
so
okay.
So,
as
we
mentioned,
we
we're
we
don't
wanna,
even
though
we
can't
use
the
keto.
The
default
paquetto
is
stuff
100
directly
from
kpac.
E
We
don't
also
don't
want
to
create
our
own
base
images
and
we
don't
want
to
create
our
own
logic
for
for
building
applications.
So
we
somehow
want
to
like
get
the
little
pieces
from
pocketo
and
make
them
available
to
ourselves
within
kpac.
So
we
need,
if
we
think
about
our
docker
file
as
like
the
base
images
right
the
front.
E
If
you
have
a
two-stage
docker
file,
you
would
have
two
from
statements
but
from
where
you're
gonna
do
your
your
your
app
build
and
the
from
where
you're
gonna
move
your
code
to
so
that
you
can
deploy
that
to
production
so
that
those
two
images
that
you
use
in
the
two
firm
statements.
That's
your
stack
right!
That's
that's
your
base
operating
system.
We
call
that
the
stack
so
we
want
to
create.
We
want
to
make
available
a
a
like.
E
E
Space
api
dash
resources
and
then
pipe
and
then
grep
for
grep
k-pac
without
the
minus
sign.
Oh
yeah!
Oh
sorry,
that's
just
I'm
just
having.
E
Yeah,
that's
perfect,
okay,
so
we
can
see
that
these
are
basically
the
custom
resource
definitions
that
kpac
is
installing
to
the
cluster.
So
these
are
the
things
that
you
have
to
work
with
so
since
we're
wearing
our
yeah
cluster
stores,
cluster
stacks
and
cluster
builders.
E
Exactly
so,
if
we're
wearing
our
operator
hat,
those
are
exactly
the
ones
that
we
care
about
cluster,
so
stack
so
stack
is
the
the
base
images
right,
so
our
cluster
stack
is
going
to
have
a
reference
to
the
images
that
on
which
an
image
on
which
we
can
do
actually
execute
the
build
of
our
app
and
then
a
an
image
that
we
can
use
as
like
the
base
for
that
runtime
image
that
we're
going
to
want
to
put
into
production.
So
that's
our
cluster
stack.
E
The
cluster
store
refers
to
the
modules
of
code
that
do
everything
else
that
you
would
write
into
a
docker
file.
So
also
you
would
have
you
know
you
have
a
docker
file
for
java
applications.
You
have
a
docker
file
for
node
applications
for
python,
because
each
one
of
those
has
to
have
different
instructions
in
it.
E
So
the
store
refers
to
the
store
of
build
packs
that
have
the
language
specific
knowledge
in
this
case
the
the
little
module
build
and
then,
when
you
have
a
stack
in
a
store
together,
that's
like
saying,
if
you
compare
again
to
the
stalker
file
idea,
that's
like
saying:
okay,
I
have
my
from
statements
and
I
have
all
the
other
statements.
So
between
those
two
things,
I
have
all
the
intelligence
that
I
need
to
build
my
application
image.
E
I
have
to
put
those
things
together,
so
you
put
them
together
in
what's
called
a
builder,
so
that's
what
you
can
either
make
a
builder
that
everybody
can
access
from
any
namespace
or
a
builder
that
will
only
be
accessible
within
a
particular
namespace.
So
hence
you
have
cluster
builder
or
just
a
namespace,
scoped
builder.
So
as
an
operator,
those
are
the
things
you
care
about.
E
B
A
A
Right
and
then
the
other
thing
I
I
I've
been
kind
of
thinking
of
an
analogy
for
all
of
this
stuff,
and
so
I,
I
think
of
like
a
test
kitchen
and
a
test
kitchen,
is
being
handed
a
complete
dish
of
food,
which
is
the
co.
The
source
code
and
the
test
kitchen
needs
to
reverse
engineer
that
into
a
recipe.
A
So
the
stack
is
the
the
equipment,
the
os,
the
equipment
they
have
to
work
with
in
their
test
kitchen,
the
store
is
pantries
different
pantries,
maybe
representing
different
types
of
cuisine,
and
so
the
ingredients
for
each
different
cuisine
are
available
in
that
kitchen,
you
need
to
let
the
kitchen
know
and
then
the
chef
who's,
reverse
engineering,
it
that's
the
build
pack
logic
that
the
like
the
process
of
figuring
out.
Okay
from
this
dish
of
food.
How
am
I
going
to
make
a
recipe.
A
B
E
So,
okay,
so
let's
okay,
so
let's
use
our
so
you
can
do
all
of
this
with
declarative.
Yet
you
could
write
yamo
for
your
stack
and
your
store
and
apply
that
from
a
git
repo,
that's
totally
fine,
and
maybe
what
you
would
want
to
do,
but
just
because
we
want
to
illustrate
this-
the
kpcli
on
this
particular
episode.
Let's
do
this
using
the
cli,
so
so
what
you
would
type,
let's
do,
the
let's
do
the
store.
First,
it
doesn't
really
matter
now.
E
One
thing
we
have
to
do
here
is
figure
out.
I
think
that
I
just
want
to
make
sure
that
we're
not
missing.
Are
you
logged
in
at
your?
E
Oh
yeah,
okay,
let's
look
at.
I
think
we
need
to
log
into
docker
at
your
cli.
So
let's
make
sure
that
you
do
a
docker
login.
E
So
we're
gonna
do
a
docker
login
and
you
can
do
minus
you
and
your
minus
you
wiggity
whitney,
and
it
should
prompt
you
for
your
password.
E
We're
good,
okay,
we're
logged
in
at
the
cli,
okay,
okay,
so
we
did
a
docker
login,
we're
all
logged
in
okay.
So
here
what
you
want
to
type
is
so
at
this
point
we're
going
to
use
the
kpcli
right.
So
we've
we've
installed
kpac
with
the
tanzu
cli,
because
we
were
using
tons
of
community
edition
and
the
tanzu
packages,
but
now
that
k-pac
is
installed
now
now
we
don't
need
the
tanzu
cli
anymore,
now
we're
just
in
cape
back
land
and
so
from
here
forwards.
E
It's
the
same
as
if
you
would
have
installed
it
with
cue
cuddle,
apply
and
created
the
yeah,
just
as
as,
if
you
would
have
done
it
with
cube
color
plan.
Basically
yeah
created
the
secret,
so
we'll
do
a
kp
space
cluster.
Let's
start
with
a
cluster
store.
E
I
I
don't
know,
but
I
have
it
all.
I
do
it
all
in
lowercase,
okay,
save
so
we're
going
to
basically
create
a
cluster
store
and
we're
going
to
call
it
something
that's
called
default.
E
E
So
we
want
to
say
minus
b
for
build
path,
and
at
this
point
we
want
to
reuse
the
ones
from
paquetto,
since
we
don't
want
to
rewrite
this
logic
and
so
paquetto
build
packs,
are
kind
of
mirrored
both
on
gcr
and
docker
hub.
So
we
can
say
gcr
dot,
io.
E
And
then
forward
slash-
and
let's
say
we
know
that
we
write
apps
in
java,
so
there
is
a
java
built
back
and
you
can
go
to
the
gcr
website
and
find
these
also.
We
were
on
the
paquetto
build
packs
website
just
a
second
ago.
All
of
these
build
packs
are
open
source,
so
they're
all
on
github.
So
oh
there's
information
on
all
of
this,
that's
very
accessible,
but
right
now
what
we
know
is
that
the
kiddo
build
packs
gives
us
this
met.
E
Even
though
it
takes
a
lot
of
little
modules
to
build
the
java
app
right.
There's
a
there's,
a
maven
one,
there's
a
spring
boot
one,
there's
a
tomcat
one!
There's
a
you
know:
jdk
one:
they
all
work
together.
They
all
do
a
little
piece
of
the
puzzle,
kind
of
like
micro
services
right
each
one
does
something,
but
they
work
together.
But
paquetto
gives
us
this
what
they
call
a
meta,
build
pack,
so
that
we
can
reference
them
all
together.
E
A
E
It
at
a
certain
point:
you've
got
to
make
a
call
about
like
how
granular
you
want
to
be
so
so
what
we're
going
to
do
here
is
say-
and
I
don't
know
what
apps
will
end
up
building
by
the
time
we're
done
with
tgik
today.
But
let's
say:
let's
get
prepared
to
maybe
do
a
java
app
and
a
go
application,
so
we're
not
going
to
use
python
and
ruby
and.net.
B
E
So,
in
the
other
scenario,
we
were
saying
right:
if
you,
if
you
wanted
to
skip
all
these
op
steps,
if
you're
just
using
the
pax
cli
you're
at
your
command
line
on
your
computer,
you
can
just
refer
to
the
paquetto,
build
x
builder,
that
has
already
the
java
and
the
node
the
python
all
those
languages.
So
we
are
already
reducing
the
size
of
that
builder.
C
E
I
don't
know
that
you
know,
I
think,
if
you,
if
you
were,
if
you
had
a
good
reason
to
say
I
don't
want
the
gradle
one
in
there,
I
only
want
maven.
You
could
do
that.
There's
no
one
to
say
that.
A
Yeah
and
then
I
would
say
too,
the
builder
is
used
to
actually
make
the
images,
so
you
don't
have
that
many
builders
stored.
You
may
only
have
one
builder
per
name
space
if
each
builder
can,
if
you're
working
mostly
all
in
java
apps
this
one
builder,
we're
making
should
be
able
to
build
all
the
java
apps,
not
just
a
certain
right.
So
it's.
A
E
A
if
you
create
a
cluster
builder,
then
it's
actually
a
single
builder
that
everybody
can
use
across
the
cluster,
but
because
these
builders
are
because
you
can
put
like
you
know,
java
build
packs,
go
build
packs,
and
maybe
you
have
your
own
wiggity
whitney
build
packs.
E
A
E
Yeah,
so
the
paquetto
is
going
to
include
your
right
now
we're
just
pulling
the
in
the
mod
the
modules
that
know
how
to
build
java
apps
and
we're
going
to
add
one
to
build,
go
applications
in
fact
yeah.
If
you
want
to
type
that
go
thing,
let
me
I'll
bring
up
the
url,
so
we
can
java
build
packs.
E
D
E
E
Now
enter
yeah,
okay,
so
so
and
in
the
meantime,
if
you
want
to
let
that
run
and
we
can
go
back
to
the
web
page
and
look
at
the
paquetto
website,
I
say
pokemon,
some
people
say
paquito,
I
don't
know,
but
you
can
kind
of
see.
Let's
call
the
whole
thing.
A
E
Tonight
so
yeah,
so
if
you
go
up,
maybe
try
going
to
github,
let's
see
where
it
takes
us,
okay,
so
here,
okay,
so
click
on
the
java,
one
for
example.
So
so
all
of
them
are
here
and
if
you
click
on
java
and
scroll
down
a
bit,
here's
all
the
different
individual
java
build
packs
that
are
part
of
this.
Like
meta
java,
build
pack
and
so
and
you'll
see
them
right.
There's
maven
is
in
there.
Gradle
is
in
there.
E
The
bellsoft
liberica
is
the
one
that
brings
in
the
jdk
and
the
jre
there's
a
spring
boot
one
that
does
some
special
stuff
if
you're
using
spring
boot.
E
So
you
know
different
stuff,
and
so
they
the
this,
the
process
that
the
project
itself
will
look
at
your
application
and
it
will
decide
which
ones
to
use
you
don't
have
to
decide
but
they're
all
there,
and
but
this
is
the
equivalent
of
like
you
know
you,
having
written
all
the
instructions
in
your
docker
file
to
to
build
a
java
application,
except
that
here
you're
kind
of
relying
on
the
team
behind
paquetto
buildpacks
for
their
language
expertise,
so
that
you
don't
have
to
do
that.
D
A
E
We're
gonna,
so
what
we're
gonna
do
is
we're
gonna
we're
gonna,
create
an
image
that
will
contain
all
of
these
and
that
when
the,
when
your
application
has
to
be
built,
that
image
will
be
used
to
create
a
pod.
So
all
of
these
things
will
be
in
that
pod,
but
the
process
will
then
choose
which
one
of
these
to
actually
apply
to
your
app
code.
E
F
E
Yeah
cool,
I
mean
yeah,
just
the
code
that
could
have
done
the
the
code
that
can
do
a
greater
one
for
for
a
gridlock
is
sitting
there,
but
it's
not
going
to
be
it's
also
not
going
to
be
in
your
runtime
image.
It's
only
going
to
be
in
the
build
image,
so
that
will
never
make
it
to
production,
and
then
we
have.
E
Why,
if
it
can't
decide,
then
you
probably
report
that,
as
an
issue
to
the
team,
there
should
be
a
reason
right
for
which
it
can't
decide
and
yeah
I
mean
if
there,
if
there's
a
case
where,
like
you,
think
that
there
is
enough
information
that
the
bill
to
actually
be
able
to
make
a
decision,
I
would
say
in
general,
that's
probably
an
issue
right,
it
should
be
able
to
pick,
and
if
it
doesn't,
it
might
mean
that
something
that
you're
doing
is
outside
of
what
these
particular
potato
build
packs
support
right.
D
C
E
They
only
know
how
to
do
what
they
know
how
to
do
right
with
the
code.
That's
in
there.
So
if
they
go
down
the
tree
and
they're
like
we,
we
looked
at
your
code
and
like,
for
example,
if
right
now
in
our
we've
only
chosen
the
go
builder,
the
go,
build
packs
and
the
java
build
tax.
If
you
submit
a
python
application,
it
won't
know
what
to
do,
and
so,
therefore,
it
will
just
tell
you
no
no
no
did
not
find
any
build
packs
that
match
your
code,
so
it
just
won't.
E
Do
it
basically,
okay,
so,
okay,
so
so
a
couple
things
just
happened
on
the
right
hand:
side
of
the
screen
we
said
hey
over
there
on
gcr
there's
this
java
meta.
A
E
Pack,
with
all
these
little
things
and
then
there's
also
a
go
meta,
build
pack
with
with
a
few
different
go
modules
that
we
want
and
what
what
kp
did
for
us
is.
It
said:
okay,
well,
I
know
you
want
these.
What
I'm
going
to
do
is
get
them
from
gcr
and
I'm
going
to
copy
them
into
your
docker
hub
because
you're
using
docker
hub-
and
maybe
that's
a
local
registry
inside
your
organization
right,
but
you
don't
want
to
have
to
be
going
out
to
gcr
all
the
time.
E
So
it's
actually
made
copies,
and
if
you
look
at
the
output
on
the
screen
when
it
made
the
copy,
because
we
just
said
hey,
I
want
basically,
we
said
we
want
the
latest
version,
all
right,
thanks
walid,
for
joining.
Thank
you
for
coming
yeah.
Well,
thank
you.
E
So
yeah,
so,
okay,
so
basically
what
we
said
is
I
want
the
latest
version
of
the
java
build
packs
and
I
want
the
latest
version
of
the
of
the
go
build
packs
right,
but
probably
within
your
organization,
you
don't
want
to
be
that
like
loosey-goosey,
because,
like
latest
tomorrow,
might
build
something
different
than
it
did
today
right
if
picado
build
packs
issues,
a
new
version
of
the
java
build
packs,
then
if
you
use
them
tomorrow
and
get
the
latest
there's
not
a
lot
of
like
reliability
there
so
for
something
like
kpac
you're
trying
to
avoid
those
kinds
of
scenarios.
E
So
what
kp
is
doing?
Is
it's
saying
I'm
going
to
copy
whatever's
latest
right
now
and
I'm
going
to
move
it
into
your
registry
which
in
this
case
is
docker
hub,
but
it
does
it
with
a
specific
shock.
So
now
from
now
on,
until
we
actually
update
our
store,
we
know
that
we're
using
what
was
latest
on
february
4th
at
5
23
pm
eastern
standard
time
right
so
and
so
actually,
if
you
go
now
to
your
docker
hub
website,
you'll
see
those
two
images
there.
A
Okay,
I
was
wondering
where,
where
it
says,
cluster
store
created,
where
is
the
cluster
store
resource,
so.
E
A
E
So,
okay,
so
so
we
called
it
default
right.
We
said
kp
cluster
source
save
and
then
we
named
it
so
there's
default.
E
And
there
you
can
see
the
images
that
that
are
in
docker
hub
in
your
account
wiggity
whitney
and
they
have
the
shaws
in
them
right.
So
this
resource
in
your
kubernetes
cluster
knows
about
those
two
images
that
are
now
in
docker
hub
instead
of
they're,
not
just
pointing
to
gcr
right
they're,
pointing
to
a
specific
sha
of
an
image
on
docker
hub.
E
So
if
you,
if
you
on
the
left-hand
side,
if
you
open
your
docker
hub,
we
should
see
that
hub
dot,
docker
yeah,
if
you
yeah
just
say
yeah
you
sign
in.
B
E
So
we
said
we
said
in
the
file
with
the
three
parameters.
When
we
installed
paper,
we
said
we
gave
it
wiggity
whitney
tgik.
So
that's
what
kp
is
using,
and
so
one
of
those
is
one
of
those
two
is
it.
Is
the
java
build
packs
and
the
other
one
is
the
no
the
go
bill
packs
I
don't
know
which
is
which,
but
that's
what
those
two
images
are
one
is
one
is
the
java
one
is.
B
A
E
Those
I
don't
know
where
that
info,
that
metadata
is
coming
from
they'll
they're
gonna
all
run
an
ubuntu
linux
images.
I
don't
know
where
it's
pulling,
that
metadata
out
of
to
say
that
compatibility.
It's
probably,
I
guess
it's
in
the
metadata
for
the
for
the
original
buildbacks.
E
So,
okay
now
so
we
have
all
of
the
statements
now
we're
missing
the
from
statements.
Right.
We
don't
have
our.
We
don't
actually
have
the
operating
system
yet
so
that's
called
a
stack.
E
So
so,
let's
do
that
and
again
we're
gonna
use
the
stack
from
paquetto
because
we're
not
we
don't
want
to
be
in
the
business
of
being
responsible
for
choosing
a
base
image
and
then,
following
up
on
whether
there's
vulnerabilities
and
how
we
have
to
patent
like
you
know
where
we
get
a
patch
we're
just
gonna
say
we're
trusting
paquetto
to
do
this
for
us
and
they
have
good
slas
and
so
we're
we're
good.
So
very
similar
commando,
the
last
one
we're
gonna
do
kp
cluster
stack,
save
and
then
let's
call
this
one.
E
We
can
call
it
whatever
we
want.
Let's
call
it
base,
for
example,
and
then
so
now
we
want
to
do
a
dash
dash,
build
image,
so
go
back
to
build
dash
image.
E
So
this
is
going
back
to
that
idea
of
a
two-stage
docker
file,
because
you
know
you
don't
want
like
if
you're
building
a
java
app
right,
you
need
a
jdk
to
build
your
app,
but
you
don't
want
a
jdk
in
production.
You
just
want
jre
in
production
right,
so
you
don't.
E
So
you
want
your
build
more
things
have
to
be
in
your
build
image
for
you
to
create
all
the
layers,
but
then
you
have
a
run
image
which
should
be
the
same
operating
system,
but
it
doesn't
have
to
have
all
of
the
things
so
we're
going
to
say
for
our
build
image
we
want
to
use.
I
don't
know
why
I
did
it
this
way,
but
this
one's
going
to
come
from,
like
I
said
they're
mirrored
right.
I
think
on
gcr
and
docker
hub
the
original
pocket
stuff.
E
So
here
we're
going
to
use
the
one
from
docker
hub
for
some
reason:
paquetto
build
packs.
All
one
word.
E
Slash
build
colon
bass,
dash
cnb
with
cloud
native,
build
packs,
so
we're
basically
saying
there
is
a
build
image
that
paquetto
build
packs,
provides
we're
going
to
use
that
and
we're
just
using.
They
have
like
a
base.
They
have
a
tiny
one.
They
have.
They
have
a
few
different
flavors
we're
just
saying,
like
kind
of
like
your
standard
base,
one
and
then
for
the
and
then
we
want
dash
dash,
run
dash
image
and
we
want
same
potato
build
packs.
All
one
word
forward.
E
So
so
this
this
is
our
docker
our
from
stuff.
So
the
from
statement
in
our
in
our
first
part
of
our
docker
file
would
be
that
build
image
and
the
front
statement
in
the
second
part
of
our
docker
file,
our
theoretical
hypothetical
non-existent
talk
about,
is
going
to
be
that
that
second
one.
But
now
now
we
have
the
two
from
statements
and
from
the
store
we
have
all
of
the
other
intelligence
that
you
would
have
put
into
your
docker
file.
E
So
once
you
have
these
two
pieces,
you
can
see
how
you
no
longer
need
docker
files
in
order
to
do
this,
and
and
and
yet
everybody
can
be
building
images
in
the
same
way
leveraging.
You
know
the
the
sort
of
expertise
that
went
into
all
of
the
nuances
about
you
know,
doing
java
images
or
go
images
or
whatever
in
a
good
way,
and
also
knowing
where
your
base
images
are
coming
from.
So
yeah
we
can
hit
enter
so
same
thing.
E
E
So
so
we
have
all
of
the
things
that
we
need
to
build,
but
we
don't
want
to
also
pull
down
four
different
images
right
or
we
don't
have
to
be
able
to
have
to
choose
like.
Oh,
I
need
the
build
image
with
the
go,
build
packs
for
this,
and
then
I'm
going
to
need
the
run
image
later
like
it's.
We
don't
want
pieces,
nobody
wants
pieces
of
things
right,
so
we
want
all
of
these
things
to
be
delivered
to
us
in
one
single
image.
That's
just
easier
to
use!
E
That's
what
there
is
not
only
that,
but
the
builder
also
has
an
extra
piece
of
software
yeah.
A
Can
I
can
I
try
to
say
it?
Can
I
try
to
do
it?
You
correct
me
if
I'm
wrong
the
builder
also
well,
it
contains
the
life
cycle
right,
but
it
also
needs
to
hear
the
order.
So
if
your
company
does
80
of
applications
in
java
and
20
of
applications
in
go,
then
you
want
it
to
look
for
java
first,
because
that's
going
to
save
time
in
the
long
run.
F
E
So
we're
going
to
do
the
order
on
a
in
a
file,
so
we
need
to
create
a
new
file.
Okay,.
E
E
And
then
it's
up
to
I
don't
know
we
can
have
a
popularity
contest.
Just
go
go
first
or
just
java
go
first.
You
choose.
A
A
E
So
let's
do
go
first,
yeah
yeah,
so
because
it's
a
separate
group,
you
yeah,
because
you
could
do
if
you
put
both
of
them
in
the
same
group.
It
would
never
build
right
because
no
application
would
satisfy
all
conditions
of
meeting
the
qualifications
for
a
go
app
and
the
qualifications
for
a
java
app.
So
you
need
these
to
be
two
separate
groups,
which
is
why
we
actually
need
to
specify
in
a
file.
If
you
only
had
one
group,
then
you
could
put
it
and
you
could
put
your
various
build
packs.
E
Let's
say
you
added
your
own
custom,
build
back
and
you
all
it
all
had
to
be
one
group.
You
could
put
them
all
in
one
in
the
command
line,
but
we
ne.
We
need
a
file
because
we
need
multiple
groups.
So
it's
either
going
to
be
an
app,
is
either
going
to
be
go
fit
the
conditions
for
go
or
it's
going
to
ignition
for
job.
So.
E
So
we
can
go
back
to
the
command
line,
and
and
now
we
can
do
a
kp
and
let's
make
it
a
cluster
builder
right.
This
is
for
everybody.
So
let's
do
cluster
builder
save
so
same
kind
of
syntax,
and
then
we
can
call
it
builder.
E
You
know
whatever
we
want
but
builder
and
then
we
say
minus
minus
tag.
So
here
we're
not
it's
not
automatically
going
to
put
this
in
that
same
tgik,
repo
that
has
all
of
the
like
sub
components.
Here
we
actually
have
the
the
liberty
of
putting
it
wherever
we
want,
so
what
we're
gonna
say
is
wiggity
whitney
like
we
still
want
it
in
docker
hub
right,
because
that's
what
we're
logged
into
wiggity
whitney,
slash
and
then
yeah,
you
can
say
cgi
caves
and
dash
builder.
Maybe.
E
We'll
have
it
one
level
up
from
all
the
components:
yeah,
okay,
cool
and
then
let
me
see
if
we
need
anything
else.
So
we
need
to
do
crepey.
Cluster
builder,
save
give
it
a
name.
Minus
minus
tag,
something
okay,
and
then
we
have
to
say:
okay,
well
we're
making
a
builder.
You
know
we
could
have
had
10
stats
in
10
stores
so
like
which
ones
so
we
want
to
say
minus
minus
stack
and
we
had
given
our
stack.
The
name
base.
D
A
E
A
E
E
How
do
you
check
jerry
and
go
version
of
face
images,
so
you
can
you
can
check
it
a
couple
of
ways.
One
is
to
check
the
docs.
So,
for
example,
if
you
click
actually
whitney
on
the
left,
if
you
click
on
bells
off
liberica,
the
third
one
down.
E
So
if
you
wanted
to
know
sort
of
ahead
of
time,
what's
what's
here,
you
can
you
can
read
about
like
through
the
documentation
for
the
build
pack,
you
can
find
some
information,
including
there's
actually
an
environment
variable
where
you
can
modify
it
yeah,
actually,
yeah,
probably
going
down
to
the
configuration
section,
is
good
okay,
so
this
particular
build
pack
includes
8
11
16
and
by
default
it's
going
to
use
11,
but
you
can.
When
you
build
your
image,
you
can
supply
environment
variables,
yeah
go
ahead.
A
E
So
there's
a
question
about
a
proc
file
which
I
feel
like
I'm
not
the
expert
on
profiles.
I
feel
like
it's.
It's
like.
E
I
I,
but
I
don't
know
if
it's
used
is
it
used.
I
think
there
is
a
profile
build
pack,
but
I
don't
know
if
there
if
it
was
more
of
a
heroku
concept,
and
I
don't
know
if
tom
is
still
here
or
somebody
else
is
still
here
who
would
know
if
this
was
more
of
a
a
heroku
like
a
hint
to
heroku
about
how
to
choose
build
packs
back
in
the
day
or
if
it's
something
more
native
to
a
certain
kind
of
application.
E
E
And
heroku
apps
included
a
proc
file
as
looking
on
their
website
that
specified
the
commands
that
were
executed
by
the
app
on
startup.
It
was
oh,
so
it
was
telling
you
how
to
start
the
app.
So
I
guess,
if
you
needed
to
do
that,
there's
there
is
a
profile
build
pack,
but
generally
these
build
packs
have
enough
intelligence
in
them
that
they
know
what
would
be
the
startup
for
like
a
java
application
or
what
would
be
the
startup
for
a
you
know,
python
application.
E
So
I
think
that
you
generally
don't
need
them,
except
maybe
special
cases,
in
which
case
you
would
look
to
the
profile
app
buildback,
which
is
more
maybe
for
those
edge
cases,
so
I
hope
amer
amigo.
I
hope
that
answers
the
question.
That's
what
I
can
tell
so.
E
E
Actually,
now
now,
like
imagine,
you're
at
a
company
and
you've,
your
kpac
operator
has
just
built
this
tgik
builder.
That
builds
go
apps
and
java
apps
now
you're
a
developer
and
you're
sitting
at
your
computer
and
you're
just
testing
stuff.
You
don't
you,
don't
actually
want
to
commit
code
to
github
and
have
this
kpak
thing.
That's
on
this
cluster
build
your
code.
It
seems
like
too
formal
you
want
to
do
something
more
local.
You
can
actually
do
a
docker
pull
on
this
tgik
builder
and
use
you
don't
have
to
do
the
docker
pill.
E
Pack
will
do
it
for
you,
but
if
you
have
the
pax
cli
installed
at
your
computer,
you
could
just
do
a
pack
build
and
point
to
this
wiggity
whitney
slash
tgik
builder.
You
don't
have
to
use
the
original
paquetto
one.
So
imagine
if
your
organization
had
put
maybe
a
little
bit
of
cust
one
added
one
custom
built
back
right
like
in
every
app.
We
need
to
include
this
license
file
as
as
part
of
the
the
package,
and
so
they
would
have
added
a
you
know.
E
So
in
so
it's
built
into
this
mechanism
of
build
packs
the
ability
to
share
across
an
organization
or
across
across
the
world,
if
you're,
using
the
default
page
text
and
that's
something
that
docker
is
lacking.
Docker
files
is
lacking.
It's
something
that
jib
is
lacking.
You
know,
so
this
is
very
powerful.
E
Just
the
ability
to
deliver
all
of
this
intelligence
packaged
into
an
oci
image
that
is
accessible
to
anybody
with
access
and
that
can
be
used
by
any
tool
that
is
compliant
with
this
model,
whether
it's
kpac
or
the
pax
cli
or
the
spring
boot,
maven
or
gradle
build
packs.
It
doesn't
matter
which,
which
is
the
end
user
experience.
All
of
those
mechanisms
can
point
to
this
builder.
E
Cool,
thank
you
so
much
so
all
right
so
whitney.
Where
are
we
going
next?
So
I
think
we
can
record
an
image
with
our
builder
exactly
so,
we
can
take
off
our
operator
hat
yeah,
okay,
yeah.
In
fact,
oh
before
we
do
that
if
you
want
just
on
the
command
line,
just
to
kind
of
show
that
point
if
you
type
path
inspect,
I
think
the.
C
Inspect
help
maybe
dash
dash
help
or
patent
inspector.
E
E
Cool,
so
we
should
see
our
java
build
packs
and
our
go
build
packs
and
we
should
see
if
we
scroll
up
yeah-
oh
yeah,
perfect,
okay,
so
yeah,
so
we
see
go
in
java.
Basically
do
we
and
we
see
the
order
right
thanks
to
conrad,
we
have
go
first
java.
Second,
and
then,
if
you
scroll
up
a
little
bit,
we
should
see
our
face
images.
E
E
Is
in
there
right,
the
life
cycle
is
that
generic
logic
that
actually
knows
how
to
use
the
build
packs,
because
right
now
there
has
to
be
something
that
knows
how
to
execute
each
build
pack,
one
after
the
other.
So
that's
the
life
cycle.
We
can
see
exactly
which
one
it
is,
and
so
you
can
see
here
this
combination
of
using
the
pax
cli
with
some
with
the
builder
you
used
in
k
back
the
fact
that
you
built
the
builder
using
kpac
doesn't
matter.
You
could
have
built
the
same
builder
using
the
cli
right.
E
It's
just
different
user
experiences
leveraging
this
cloud.
This
build
packs
project
basically,
but
you,
but
you
have
access
to
some
inspection,
because
the
pax
cli
has
some
good
inspection
capabilities.
So
here's
one
oh
yeah,
okay,
so
yeah
ivan,
says:
let's
build
something:
okay,
let's
build
something.
F
E
E
Let's
do
two
of
them:
okay,
let's
do
java
okay,
so
let's
do
so.
You
want
to
type
kpac
image,
create,
oh
sorry,
not
kpat.
I'm
sorry,
kp!
You
were
right,
you're,
right,
kpmg
and
then
whatever
name
you
want
to
give
the
app
it
doesn't
matter,
my
app
whatever
sunshine,
perfect,
minus
minus
tag,
and
here
you
want
to
give
it
the
wiggity
whitney
slash
and
then
you
know
call
it
sunshine.
So
we
know
what
it
is
and
then
we
want
to
say:
minus
minus-
and
here
you
could
say
either
builder
or
cluster
builder.
E
But
since
we
created
a
cluster
builder,
we
want
cluster
dash
builder
dash
builder,
just
just
to
keep
you
on
your
toes
yeah
cluster
dash
builder
watch
builder
and
then
here,
whatever
builder
name,
we
gave
it
tgik
builder.
E
Yeah,
which
was
also
cjik
dash
builder,
and
then
we
want
minus
minus
git,
and
so
let's
build
so
I
have
a
java
app,
so
you
could
type
space
https
poland
forward,
slash
forward,
slash
github.com
forward
slash,
we
can
do
cyberclyde,
no
spaces.
Yeah,
see
I
reply.
D
E
We
could
do
a
couple
of
things
here,
but
I'm
going.
Let's
put
the.
Let's
put.
Let
me
just
check
if
I
change
this
one
to
main
nervous,
so,
okay
may
and
yeah.
So
then
the
branch
so
then
minus
minus
get
dash
revision.
E
E
And
it
says:
okay,
we're
still
it's
still
working
on
it.
You
could
also
do
a
cube
cuddle,
get
I
think,
img
will
work
and
or
cnb
images
will
work
if
you
don't
have
to
go
through
the
kbc.
E
So
cue
proto
get
images
yeah,
not
images.
I
don't
think
images
work.
I
think.
Oh
it
does
work.
Oh
maybe,
okay,
you
know
what
I
think
you
have
services
where
you
have
to
differentiate
from
candidate,
okay,
awesome
and
then
okay.
So
what
happens?
So
if
you
let's
go
back
and
do
our
k,
api
dash
resources,
grep,
k
pack.
E
So,
okay,
so
remember
that
we
said
there
was
a
few
resources
that
are
interesting
to
operators
like
the
builder,
the
stack
in
the
store
so
now
as
a
developer.
Obviously,
we've
done
a
kp
image
create,
so
we
care
as
a
developer.
We
care
about
creating
the
image.
The
image
doesn't
actually
do
the
work.
The
image
is
just
there
to
say,
like
I
know
that
you
want
to
watch
this,
this
repo
got
it
every
time
that
there's
a
commit
yeah.
A
A
E
E
So
this
is
what
like
a
one-to-many
relationship
right,
one
git
repo,
many
built
images,
mm-hmm,
okay,
so
uh-huh!
So
you
have
your
singular
image
resource
in
kubernetes.
That
says
this
is
my
app
and
that
image
resource
is
going
to
spawn
every
time.
There's
a
git
commit
because
we
pointed
it
to
the
main.
You
can
point
it
to
a
specific
git
command
and
then
we'll
we'll
only
ever
do
that
one
build
branch,
anytime!
There's
a
git
commit
it's
a
once
many,
so
so
that
image
will
create
a
build
resource
for
every.
C
E
A
So
great
so
we
made
a
kpac
image
resource
and
that
kpec
image
resource
is
is
going
to
make
a
new
actual
application
image
every
time
that
main
the
main
branch
of
that
application
gets
changed.
A
E
E
How
does
kpac
depend
detect?
It's
actually
polling
like
every
five
minutes,
it's
actually
pulling.
It
has
information
about
the
last
commit,
and
so
it
goes
and
it
checks
it
compares
to
see
if
there
has
been
a
commit
in
the
next.
In
the
last
five
minutes,.
E
I
don't
know
tom,
I
know
that
it
wasn't
configurable
tom
can
correct
me
if
I'm
wrong,
if
that's
changed,
believe
that
it
wasn't
at
least
okay.
A
So
I
don't
remember
what
we
looked
at
before:
to
show
that
kpac
is
a
controller,
but
my
I
don't
know
if
this
is
correct
either,
but
what
my
very
limited
kubernetes
experience
is
that
anything
I
read
anytime.
I
read
something
as
a
controller,
I'm
I
think
that
it's
a
resource
that's
pulling.
Something
else
is
that
is
that
a
correct.
E
A
controller
is
something
that's
within
kubernetes.
It's
looking
at
cd
to
see
if
it
like
there's
it's
looking
for
things
that
are
that
tell
it
to
do
something
so
like
there
is.
The
controller
is
looking
for
an
image
resource.
So
when
you
as
a
developer,
say,
here's
apply
or
kp
image,
save
there's
it
got.
D
A
E
So,
okay,
so
now
so
so
now
that
we
know
that
we
create
one
image
and
that
one
image
can
create
many
builds,
we
could
do
either
a
kp
build
list
or
a
cube.
Cuddle
get
builds
the
if
you
use
the
kp
cli
you'll
always
get
better
output
because
it's
a
little
more
customized.
In
fact
exactly.
But
you
know
all
these
things
are
just
resources,
oh
okay!
So
oh
no,
all
right
we'll
have
to
figure
out
why
it
failed.
E
E
It's
whatever
we
called
the
image.
I
think
it
was
sunshine.
E
E
E
E
Like
the
middleman,
basically
the
image
says
you
you
go.
I
need
to
a
build
has
to
happen
so
it
says:
hey
build,
I'm
gonna
create
this
build,
you
get
the
work
done
and
the
work
is
actually
gonna
get
done
on
a
pod,
we'll
get
there
in
a
second.
But
let's
go:
let's
go
step
by
step,
so
you
want
to
do
couple
describe
build
and
there
should
only
be
one
build.
So
I
think
that
should
be
enough.
E
E
So
there's
something
wrong
in
our
pod.
So
yeah,
let's
see
so
it
did
successfully
pull.
E
F
E
Waiting
to
start
so
the
pot
is
not
initializing,
we
you
know,
maybe
it
is
worth
doing
getting
so
the
logs
okay,
so
I
don't
think
we're
gonna
see
so,
okay.
So
here's
a
couple
of
things
on
the
logs.
E
Let's
try
that
one
again,
so
I
can
show
you
something
okay,
so
you
can
see
that
oh
well,
it
says.
Okay,
you
can't
really
see
it
yet.
But
there's
like
an
initialization
error.
It's
almost
like
it's
having
trouble
getting
started,
so
I
don't
think
it's
gonna
work
to
get
the
logs,
but
you
could
try
a
kp
build
logs.
A
Since
it's
cluster
scope,
does
it
need
some
sort
of
authentication
or
anything.
E
E
E
Verifying
write
access
so
maybe
did
we
create
that
secret?
The
secret
should
be
called.
E
A
E
Step
yeah
so
describe
bill
describe
cluster
builder,
tgi,
cable,
okay,
that
makes
sense
yeah.
I
think
we
think
we
missed
a
secret.
E
Oh
wait,
would
it
be
here
or
would
it
be?
Let
me
see.
E
Where,
where
does
the
name
of
the
is
it
I
think
we
missed
the
secret
and
like
when
I
did
this
on
my
machine
earlier,
I
called
the
secret
reg
cred,
I'm
just
trying
to
figure
out.
If
that
should
be
the
name
of
the
secret
like
how
do
we?
How
can
we
verify.
E
You
do
okay
get
service
accounts
before
kpac
tries
to
start
the
build.
It
will
attempt
to
verify
right
access
to
your
repo,
but
what
should
so
yeah?
Let's
do
a
k
describe
kpac
default
essay.
E
But
even
with
kp
secret
create,
we
have
to
give
the
secret
a
name
right.
Should
that
just
be
regret
describe
service
again?
Should
that
secret
name
just
be
like?
How
do
we
know
what
the
secret
name
should
be,
or
it's.
E
This
is
so
what
so.
This
is
what
I
had
typed
before.
So
if
I,
if
we
do,
if
you
save
your
okay,
so
that
token
account
that
token
that
you
have,
can
you
save
it
environment
variable
called
docker
underscore
password,
not
that
token.
Sorry,
that
your
your
access
token
to
docker
hub
yes
screen.
If
you
just
create
environment
variable
all
capitals,
docker
underscore
password
equals
and
then
that
value
and
then,
if
you
want
to
take
that
off
screen,
then
we'll
have
that
underscore.
C
E
E
I've
been
using
reg
cred.
Is
there
any
way
tom
that
would
be
using
something
called
wrench?
Is
there
sorry
was
there
another
service
account
in
the
in
the
next
place.
E
Okay,
so
where
do
we
do
it
the
same
thing,
but
for
kickback
like
a
get
o
minus?
Oh
yama,
on
that
default,
essay.
E
R-E-G-C-R-E-D,
I
don't
know
if
this
makes
any
sense:
minus
minus
docker
hub,
okay,
so
space
wiggity,
whitney.
E
Yeah-
and
it
should
pick
up
so
that
should
pick
up
if
you
have
the
variable
docker
underscore
password
set,
it
should
create.
It
should
pick
that
up
automatically.
E
So
now
so
tom
would,
let
me
check
actually
the
one
on
my
machine.
D
E
So
how
what
do
we
have
to
delete
something
and
recreate
something
in
order
to
fix
that?
That's
the
question:
why
don't
we
try
to
for
now?
I
don't
know
if
this
would
work,
I
don't
see.
I
don't
really
see
the
links
for
why
it
would
work,
but
we
can
delete
and
recreate
the
image.
E
E
It
has
a
limit
to
how
many
times
it
tries
yeah.
If
you
look,
if
you
do,
if
you
do
a
describe
on,
I
think
the
bills
or
the
image
one
of
the
two.
It
should
tell
you
that
it
tried
like
10
or
20
times
by
default,
and
it's
like
could
give
up
his
build
history,
limit
yeah,
so
yeah.
So
we
could
delete
it
and
then
rerun
that
command.
E
E
D
E
You
did
delete
it
right,
yeah
delete
your
sunshine,
so
we
can
do
you
could
do
a
cape.
You
could
do
again.
A
kp
build
logs.
E
It
shouldn't
make
a
difference.
You
can
yeah,
I
mean
if
you
delete
it
and
recreate
it.
You
should
see
that
it's
gone
in
the
middle
okay.
The
world
would
also
disappear.
Also,
the
age
right.
The
age
is
56
seconds.
E
E
E
So
the
question
would
be:
are
we
are
we
100
and
and
if
you
do,
if
you
go
off
screen
and
do
like
an
echo
dollar
sign.
E
B
Yeah,
that's
what
so,
why.
F
E
So
the
yeah,
so
the
the
namespace
that
you
any
developer,
is
working
in
a
namespace
that
the
access
role-based
access
control
has
to
be
defined
in
that
name
space
so
that
the
the
pod
there
can
actually
log
into
docker
hub
and
publish
the
image
right.
The
pod
is
where
the
export
that
export
is
going
to
happen,
so
you
need
like
all
those
permissions
and
the
access
has
to
be
per
name
space,
so
we're
working
in
that
default
name
space.
So
we
need
some
service
account
in
this
name
space.
E
To
have
that
information,
and
I
guess
thomas
correct
that
it
added
it
to
the
defaults.
You're
saying
yeah
kpc
group
will
add
a
secret
to
the
default.
B
E
So
then,
I
guess
not
yeah.
I
haven't
used
it
before.
So
if
we
do
a
build
list,
a
kp
build
list
now
I
would
expect
to
see
two
builds.
E
E
That
it
would
be
kp
build
logs
and
then
the
name
of
the
image
sunshine
and
then
minus
b
space.
Two,
because
we
wanna
look
at
the
logs
for
the
second
build.
E
So
martin,
the
the
name
is
wiggity
whitney
sunshine.
When
we're
referring
to
the
image
the
tag
of
how
it's
going
to
be
published.
So
do
you
think,
are
you
saying
that
we
somewhere
didn't
write
that?
Oh,
oh,
I
see
what
you're
saying?
Oh,
not
good!
I
wait
good
eye
okay,
error,
verifying
right
access
to
wiggity
whitney
dash
sunshine,
okay,
yeah,
okay!
So
let's
go
back
and
let's
look
at
that
image
command
again.
It
should
be
tag
wiggity,
oh
my
god.
Okay.
F
Patch,
but
one
of
them
is
a
kp
image,
help.
F
E
E
Oh
because
it's
a
patch,
so
you
don't
need
all
that
information,
blah
blah
blah
whatever
you
can
also
just
delete
it
and
recreate
it.
It
might
be
easier
because,
yes,
this
is
a
patch,
you
don't
have
to
write
information
that
it
yeah
just
delete
it
wow.
I
might
have
taken
me
all
night.
I've
seen
that
do
I
need
to
do
like
the
b1
and
the
b2.
No,
no
just
the
image,
because
so
the
image
remember
that
one.
E
D
D
E
E
A
E
No,
I
don't
think
so.
Nice
cool
yeah,
so
awesome,
okay,
yeah!
So
wouldn't
you
want
to
talk
through
the
log
file.
B
A
E
A
E
B
A
A
Yeah
yeah
or
the
private
chat
in
in
our
outlook.
C
E
B
A
B
A
E
Okay,
so
so
two
things
you
could
do
using
tom's
advice,
you
could
do
a
kp
image
trigger
sunshine
and
it
will
rebuild
it
and
it
will
have
less
output
because
it
already
downloaded
all
of
those
java
libraries
so
that.
E
E
E
E
Somebody
had
asked
the
question
I
forgot
it
was
what
was
we
asked
the
question
about
the
version
of
java,
so
here
you
can
actually
see
from
your
log
file.
This
is
a
second
place,
so
you
could
you
know
we
said
you
can
go
to
the
docs
to
see
what
versions
of
java
are
there
here.
You
can
see
that
it
it
used
11
by
default,
but
also
the
java
buildback
in
particular,
is
very
good
at
this
telling
you
like.
Oh,
if
you
want
to
change
that,
that's
the
environment
variable
you
can
use.
B
E
So,
each
one
it's
it's
telling
and
then
so.
Every
one
of
these,
like
in
blue
potato
stiff
to
build
practical,
may
even
build
that.
So
this
is
the
stage
where
it's
like
applying.
First,
it
said
which
are
the
build
packs
I
need
to
do,
and
then
it
applies
each
one
on
the
code,
and
so
each
one
of
these
things
has
its
own
little
script
of
like
what
it
does.
So
you
can
see
here
also
for
the
maven
build
pack,
the
command
that
it's
running
is
minus
d.
E
Maven
test
skip
true
package,
so
it's
a
maven
package
basically
skip
tests.
If
you
wanted
it
to
do
tests,
you
can
set
that
environment.
Variable
bp
maven,
build
arguments
and
either
take
out
that
skip
testing
or
set
skip
test
to
false,
and
it
will
do
the
tests
et
cetera
and
then
the
process
types
are
there.
So
I
guess
it
doesn't
need
the
profile.
The
way
that.
F
E
Might
have
needed
it
spring
boot.
This
is
what
you
were
saying
about
the
slices.
This
is
what
jib
does
so
jim
introduced
this
just.
This
was
an
efficiency
that
you
got
out
of
the
box
with
jib
that
dockerfile
and
you
would
have
to
manually
do
a
dockerfile
which
was
to
pre-compile
your
code,
organize
it
into
layers
and
copy
them
as
separate
layers.
So
you
can
see
if
you're
creating
slices
where
the
dependencies
you
might
have
like
100
megabytes
of
spring
boot
dependencies
and
like
10
kilobytes
of
your
code.
E
You
only
have
to
recreate
that
that
one
layer-
and
this
is
the
export
right
where
it
says
I
don't
need
to
use
this-
build
image
in
production
that
has
the
jdk
or
the
whatever
go,
build
stuff
or
whatever.
We
just
need
the
app
layers
and
the
runtime,
and
then
we
should
be
able
to
see
this
on
your
docker
hub.
F
E
And
then,
just
as
we
did
so
here's
another
image
now
this
is
an
app
image
and
you
can
see
also
like
the
naming
convention
right
of
the
builds
b1
b2
with
the
name
stamps
with
the
time
stamp.
So
you
know
yeah,
okay,
just
as
we
did
before,
like
we
did
last
time.
Last
time
we
used
the
pax
cli
to
inspect
the
builder
image.
We
can
do
a
pack
inspect
for
this
image
from
the
command
line.
E
What
kind
of
sources
does
k-pac
support?
K-Pack?
I
know
that
you
can
also
pass
it
like
a
like.
It
doesn't
have
to
be
polling,
get
directly
like,
for
example,
if
you
were
using
some
other
tool
like
like
flux,
for
example,
has
something
called
the
get
repository
that
pulls
get
that
can
pull
a
git
repository?
You
can
pull
different
kinds
of
sources,
helm.
E
Repo
is
a
control
image
repositories
where
a
source
might
come
from,
and
then
so
you
could
have
a
resource,
or
maybe
you
had
like
something
before
take
back.
That
was
testing
code
and
you
wanted
to
pass
the
output
of
that
to
k-pac
paypack,
I
know
can
also
receive
not
just
the
plain
git
url
with
a
branch,
but
it
can
receive
either.
E
It
could
receive
like
a
blob
like
if
the
thing
before
it
had
downloaded
a
blob
that
had
all
that
source
code,
then
you
could
just
give
it
and
kpak
would
get
that
from
from
you
know,
wherever
that
it
was
stored,
whatever
claim
that
was
stored
on,
and
it
would
unzip
that
and
build
from
that,
but
does
it
build
from
something?
That's
not
originally
a
git
repo?
I
don't
I
mean
in
theory,
I
suppose
you
could
build
build
packs
that
process
things
that
aren't
code.
E
So
I
guess
thomas,
maybe,
are
there
examples
of
build
packs
that
are
built
to
operate
on
things
that
are
not
get
repos,
I
mean
it
doesn't
have
to
be
a
git
repo
right.
It
just
has
to
be
code,
but
the
build
packs
are
going
to
look
at
what
you
give
them
and
and
say
like
what
is
in
here.
If
it's
a
java
app
if
it's
the
structure
of
a
java
app
all
it
cares
about,
is
that
it's
a
like
a
set
of
files
that
represent
java
code,
it
doesn't
actually
an
s3.
E
So
yeah,
so
I
guess
and
if
it's
a
registry-
so
so
maybe
not
s3,
but
can
you
pick
multiple
buildings.
B
E
When
you
use
it
with
flux,
before
flux
will
produce
a
blob
and
then
you
would
use
it
with
the
blob
instead
of
the
repo
directly
yeah,
but
I
guess
not
s3
directly,
so
maybe
you
would
have
to
have
like
depending
on
what's
in
s3.
Maybe
you
would
have
something
like
a
flux
that
can
monitor
s3
and
when
it
sees
a
new
thing
in
the
bucket,
it
would.
F
E
E
So
here
so,
this
is
also
very
cool,
because
you
can't
do
this
with
an
app
that
was
built
with
a
docker
file
right.
So
what
do
we
know
if
so,
if
you're
an
operator
and
there's
a
bunch
of
images,
now
they're
not
just
sort
of
these
like
unknown
black
boxes?
Now,
you
can
look
inside
and
say:
oh,
I
know
exactly
what
was
used
to
build
this
and
there's
also
there's
a
second
level
of
information,
but.
B
E
Yeah
so,
but
I
think
what
happened
is
I
don't
think
that's
going
to
get
you
results
right
now,
yeah,
so
that
bom
flag
will
work
for
an
older
version
of
the
build
pack.
I
think
uh-huh,
but
your
build
packs
are
changing
so
that
so
bom
stands
for
bill
of
materials.
So
it's
going
to
tell
you
so
basically
the
inspect
told
us
information,
the
life
cycle.
The
life
cycle
knows:
what's
the
list
of
build
packs
I
used
and
what
versions
and
all
that
the
build?
E
What
the
builder
with
the
life
cycle
doesn't
know
is
what
the
you
know,
what
did
the
maven
build
pack
put
in
here
or
what
did
the
spring
boot
build
back
put
in
here,
or
what
did
the
python
build
pack
put
in
here
right,
the
the
so
for
that
you
need
something
called
bill
of
materials
which
is
information,
extra
information
about
what's
in
the
image
that
each
build
pack
has
the
opportunity
to
contribute
and
that
used
to
be
accessible
by
just
adding
minus
minus
bom.
But
what
happened
is
that
currently
what's
happening?
E
Is
that
the
bill
of
materials
process
for
is
becoming
more
structured.
So
it's
now.
It's
this
sbom
structured
bill
of
materials.
E
Just
like
we're
just
in
a
point
in
time
right
now,
where
it's
not
as
easy
to
get
it
with
a
single
command,
but
but
I
can
get
I
have
done
this,
so
there
is
a
way
to
get
it
okay,
so
it
takes
a
it'll,
be
a
little
typing.
So
let
me
actually
just
put
this
in.
E
E
E
A
E
That's
a
question
for
tom:
I
hope
so.
The
minus
minus
b
flag
be
replaced
by
like
a
minus
minus
sbom.
That
will
make
it
easy.
A
E
Now,
okay,
so
now
what
you
want
to
do
so,
okay,
so
the
command
that
you
ran
before.
If
we
look
at
it
more
carefully,
what
it
was
is
that
we
said
what
we
want
to
do
is
really
that
thing.
That's
kind
of
on
the
right
that
says:
docker
cp,
what
we're
trying
to
do
copy
this
layer
out
of
the
image
and
just
copy
those
files,
the
layer
in
the
image.
But
the
only
way
you
can
do
a
copy
on
docker
to
get
to
get
a
layer
out
of
the
image
is
to
run
the
image.
D
E
Ran
it
copied
this
layer
stopped
it
so
that
lay
so
now
on
your
disk,
you
should
have
a
slash
layer,
slash
structure,
build
material,
slash
launch,
so
we
could
do
a
cat
on
one
of
those
files,
okay,
so
cat
and
then
yeah.
You
should
have
a
lunch.
You
should
have
a
directory
called
launch
now
launch
our
layers,
lunch,
okay
and
then
just
yeah.
So
if
you
tab
you'll
see
how
many
files
are
in
there.
E
So,
for
example,
let's
look
at
the
spring.
Let's
look
at
the
bell
south
liberica
one
that
should
be
interesting.
Okay,
there
might
be
other
reasons
says
tom,
wise
cloud
native
build
text
moved
it,
but
that
is
one
thing
that
was
causing.
You
know
those
wanted
to
add
more
information,
okay,
so
yeah.
So
as
tom
is
saying
one
of
the
reasons
it
changes
because
yes,
yes,
yes,
we
can
show
that
as
well
in
a
second
so
yeah,
so
you
have
to
keep
going
keep
tapping
until
you
get
to
the
file
name.
E
So
let's
do
jre.
Let's
say
so
remember
this
is
the
runtime
image.
It's
not
the
builder
image,
so
there's
no
jdk
in
here
right.
Just
this,
but
now
we
can
see
it's
exactly
so
as
an
operator.
Suddenly,
I'm
like
I
know
if
I
know
what's
in
here,
it's
java,
jre
version
1101
from
you
know,
whoever
this
is
from
like
right.
You
know
exactly
what
it
is
as
opposed
to
not
knowing
and
or
everything
built
by
every
different
docker
file
being
different
right.
The
other
one
that's
interesting
here
is
the
spring
boot
one.
A
A
E
And
I
think,
because
of
json
you
can
also
do
I
don't
know
if
you
have
jq,
but
if
you
can
do
yeah
after
you
get
after
you
find
the
springboot
one.
You
can
do
a
pipe
and
then
jq,
if
you
have
to,
if
you
want
to
do
bindings
or.
B
E
A
E
E
B
E
And
actually
you
can
do
it
because
that
image
is
public
on
whitney's
docker
hub.
So
you
could
do
a
dive
on
the
image
yourself
right
now.
Okay,
so
let's
do
dive
and
then
wiggity
whitney.
E
I
don't
think
and
yeah.
E
And
then
I
would
hit
control.
U
hit
tab
once
saying
that
you're
on
the
right
hand,
side.
Okay,
I
think,
are
you
on
the
right.
A
B
E
E
So
now
you
can
just
kind
of
like
hit
down
and
you
can
see
the
structure
of
the
images
of
every
layer
is
really
well
structured
and
they're
all
uniform,
which
is
part
of
what
makes
it
possible
to
not
be
so
sensitive
to
order
as
a
docker
file
would
be
these.
Are
you
can
see
that
here's
a
layer
added
by
the
the
bellsoft
liberica
build
pack
right,
et
cetera,
like
they're
all,
and
so
that
thing
we
were
talking
about
the
layers
of
the
app
itself
is
probably
a
little
lower
down.
E
I
would
guess
that
it's
a
19
bit
the
one,
that's
19
megs
that
one
probably
that
is
all
yeah.
Those
are
all
the
spring
boot
dependencies
and
if
you
would
just
jar
it
all
up
and
like
like
in
maybe
you
know
most
of
docker
files,
if
you
just
jar
it
up,
you
would
have
like
you
know:
19
megs,
plus
your
242
kilobytes,
plus
zero
kilobytes
from
snapshots,
plus
your
10
kilobytes
of
your
code.
E
But
if
you
do
it
this
way,
you
change
a
little
code
and
that's
the
only
thing
that
changes.
That
is
that's
the
only
that's
also
retransferred
over
the
network,
to
your
registry
or
from
your
registry
to
where
you
need
the
image.
That's
huge.
A
A
E
Yeah
we
can
rebase
okay,
so
so
rebasing
means
it's
the
equivalent
of
like
what.
If
you
realize
that
your
operating
system
is
bad
and
you
have
to
change
the
front
statement
in
your
docker
file,
you
just
have
to
rebuild
the
whole
image,
so
we
don't
want
to
do
that.
We
want
a
better
way,
and
so
what
that
looks
like
in
kpac,
let's
say,
is
okay,
so
we're
so
we're
getting
our
we're.
We
kind
of
like
outsourced
our
concern
about
the
os
to
paquetto
right.
E
We
got
we're
getting
the
stack,
the
operating
system
from
paquetto,
so
we
would
expect
that
when
there's
some
issue
with
the
operating
system
like
a
heartbleed
or
spectre
or
whatever
one
of
those
big
deals,
that
the
paquetto
team
is
going
to
get
into
action
and
issue,
a
new
version
of
the
of
the
stack
and
all
we
have
to
do
is
go,
get
it
and
then
patch
our
systems
right,
but
patching
our
systems.
Really.
In
this
case,
we
don't
want
to
have
to
rebuild
all
the
images.
E
E
So
in
order
to
simulate
that
we
want
to
change
our,
we
want
to
use
the
kp
command
to
change
our
store.
So
let's
do
that.
So
we
do
kp
cluster
stack,
save
and
then
remember.
The
name
of
our
stack
was
base,
and
so
we
say
minus
minus,
build
image
and
build
image.
What
we
had
before
was
potential
build
packs.
All
one
word.
E
E
E
And
so
that's
really
all
we
have
to
do
we
just
we
just
say:
hey
it's.
A
new
stack
and
k-pac
will
do
all
the
work.
It'll
say
like
oh
new
stack
that
affects
this
builder.
This
builder
was
used
for
this
application
and
so
for
this
application,
I'm
actually
going
to
go
and
update
the
metadata
the
manifest
of
the
app
and
say
this
thing
that
was
pointing
to
the
bad
os
layer
that
had
a
vulnerability.
F
E
The
statement
is
true
only
for
paquetto
provided
os
layers.
No,
this
statement
is
true
for
well
the
state
this
this
functionality
and
this
concept
comes
from
the
project
itself,
so
any
any
build
facts
that
are
compliant
with
the
build
packs.
Api
should
be
able
to
do
this,
so
this
is
a
project
concept
that
paquetto
is
merely
implementing.
E
Of
course,
you
know
you
have
to
paquetto
as
an
implementer
of
this
concept.
There
you
know
paquetto
is
guaranteeing
that
the
base
images
are
compatible
and
poquito's
doing
the
work,
but
that,
but
the
idea
and
the
requirements
comes
from
the
project
itself.
So
in
theory,
any
build
packs
should
offer
this
functionality
yeah.
The
the
idea
is
in
the
project
itself,
mm-hmm.
B
E
We
could
do
a
kp
build
logs
if
we
do
a
kp
build
list.
Actually
we
can
verify
how
many
builds
we
have
so
three.
So
we
want
to
say-
and
actually
you
can
already
see
you
see
how
it
gives
you
a
reason.
So
there
was
a
success.
There
was
a
reason
config,
which
was
the
first
time.
Then
we
did
a
kp
image
trigger.
E
E
B
E
Sorry,
so
you
just
want
the
name
of
the
resource
in
kubernetes.
Thank
you,
but
you
want
build
three,
oh
so
this
is.
Oh,
it's
gonna,
be
the
latest
one.
Oh,
that's
awesome,
oh
cool!
Oh,
so
you
don't
even
have
to
do
that.
Okay,
so
bill
bugs
gives
you
the
most
recent
one.
So,
but
you
can
see
this
is
you
know,
there's
no
analyze
detect.
E
You
know,
build
export,
restore
whatever
it's
just
rebase
and
completion,
and
but
it
published
a
new
image
to
the
docker
registry,
and
this
would
do
it
like
you
know,
to
all
the
if
you
had
a
thousands
of
images
that
you
had
created
and
this
kpak
installation
was
managing
all
of
them
within
you
know
a
few
seconds
or
a
minute
or
a
couple
minutes.
E
It
would
rebase
all
of
the
images
and
then
all
you
have
to
do
is
reapply
them
to
your
cluster,
which
is
the
most
efficient
way
to
get
rid
of
these
operating
system
vulnerabilities
as
compared
to
like
you
know,
kind
of
status
quo
in
a
non-image
in
a
non-container
based
environment.
You
would
have
to
coordinate
with
the
development
teams
take
down
the
operating
system.
E
F
E
A
E
I
know
there
was
a
question
earlier
by
somebody
about
maven
and
greedle,
so
the
equivalent
of
that
would
be
if
so,
if
we
had
cloned,
if
we
like
our
java
app
that
we're
building
here
now.
So
if
I,
if
we,
if
we
were
to
clone
that
onto
whitney's
machine
well,
we
could
either
do
you
know
we
are
we've
already
seen.
E
We
can
build
the
image
using
kpat,
we
can
also
clone
it
and
do
a
pack
build
or
we
could
clone
it
and
do
a
maven
spring
boot
colon
build
image,
and
it
would
be
this
oh
yeah,
oh
so
that
was
that
was
a
previous
question
right
yeah.
So
you.
D
E
Yeah,
if
we
were
to
clone
that
repo,
we
could
literally
do
maven
build
image
spring
boot,
build
image
or
or
the
equivalent
gradle
command,
and
it
would
use
the
same
cloud
native
build
text.
You
would
see
the
same
output
in
the
log
files.
You
would
use
that
you
know
you
could
use
either
wiggity
whitney
builder
or
the
keto
original
builder,
and
it.
B
B
E
So
yeah,
so
the
one
so
so
it's
very
different
from
kaneko
kaneko
doesn't
use,
but
what
I
didn't
wasn't
sure
is:
if
this
can't
go
use
docker
files,
if
that,
if
can
I
go
as
a
way
to
execute
a
docker
file,
that
canaco
is
a
tool
to
build
container
images
from
a
docker
file
inside
of
a
cluster,
okay,
so
yeah.
So
if
you're
using
canaco,
you
wouldn't
be
able
to
get
rid
of
all
of
your
docker
files,
it
would
just
be
a
way
to
instead
of
using
docker
build,
and
you
could
do
it.
E
Mechanical
would
basically
do
because,
when
you
do
a
docker
build
what's
happening
is
that
the
docker
build
cli
is
not
doing
the
work.
The
docker
cli
is
just
handing
the
your
source
code
and
your
docker
file
up
to
the
docker
demon
and
the
docker
demon
is
doing
the
work
of
ex
of
executing
every
line
in
your
docker
file
and
producing
the
image.
So
if
you're
in
a
kubernetes
cluster
that
doesn't
really
work,
because
you
don't
have
docker
there
to
do
that,
heavy
lifting
for
you
so
canaco
gives
you
that
sort
of
back
end.
E
That
will
you
can
still
give
it
your
source
code
and
you
give
it
the
same
docker
file
and
canonical
will
do
what
it
will
execute
the
docker
file
for
you
and
produce
the
image.
So
it's
a
way
to
use
your
docker
file
without
the
docker
or
demon
there,
but
you're
still
using
a
docker
file
or
you're
still
writing
that
custom
script.
You're
still,
you
know,
have
no
mechanism
to
share
it
across
development
teams.
E
To
sort
of
you
know
to
have
this
better
structure
to
have
more,
you
know
just
a
better
quality
image
and
a
better
structured
image
and
a
more
respectable,
more
transparent.
All
the
great
things
that
library
so
canico
is
still
dockerfile.
A
C
Us
or
the
spring
boot
made
in
our
gradle
plug-ins.
E
Then,
on
your
computer,
it
will
use
the
docker
demon
on
your
computer
to
do
that,
build
right.
It's
going
to
use
that
builder
image
run
that
builder
image
somewhere
and
inside
of
that
builder
image.
It's
going
to
build
your
code,
but
when
it's
on
kubernetes
it
just
uses
that
pod
everything
is
happening
inside
of
that
pod.
Every
stage
of
your.
E
There's
no
side
car,
docker
or
anything
like
that,
and
since
this
is
just
building
an
image,
it's
not
actually
running
your
image
right.
This
is
just
here's
your
image
in
your
registry,
you,
you,
then
have
to
do
the
cuddle
run
or
the
apply
deployment,
and
that's
going
to
use
runtime
in
your
cluster
right,
but
but
kpac
not
itself.
So,
okay,
so
tom
tom,
thank
you
tom.
It's
confirming.
E
I'm
I
have
to
say
I'm
so
grateful
for
everybody
who's.
I
mean
this
has
been
long
right.
It's
like
almost
thank
you
to
everybody.
Who's
stayed
this
long.
All
of
the
questions
that
we've
gotten
martin
that,
like
critical
help.
E
Yes,
probably
a
developer
on
the
team,
who's
so
kind
to
be
here
throughout
to
make
sure
that
we
didn't
get
stuck
anywhere
and-
and
you
know
just
be
there
with
extra
expertise,
should
we
need
it.
Thank
you
so
much
thanks.
A
To
everyone
in
the
future,
who
watches
the
replay
too,
we're
grateful,
yeah
and
and
we're
available,
I
think
both
of
us
are
available.
We
have
our
twitter
handles
and
our
in
fact,
let's
stop
sharing
screens
we'll
talk
a
little
bit.
We
have
a.
D
A
Handle
so
feel
free
to
dm
either
of
us
with
questions.
Let's
be
real
you're
gonna
d,
dm
cora.
No!
No,
if
you
I
mean
I
really
we
talked
about
like
helping
with
proposals
for
related
things.
I
I
will
be
less
knowledgeable,
but
I
am
if
you
need
a
pep
talk,
I'm
very
good
at
those
and.
C
Out
really
fast
and
she's,
really
very
courageous,.
E
In
putting
herself
out
there
and
helping
others
learn
and
make
it
making
it
relatable
and
asking
great
questions,
I
mean
the
ability
to
ask
great
questions
says
a
lot
about.
You
know
the
clarity
of
your
thought
and
your
curiosity
so
don't
understand
yourself.