►
From YouTube: TGI Kubernetes 088: Falco with Kris
Description
Join Kris Nova and Duffie Cooley as they explore Falco an open source project that enables a number of great capabilities for your cluster. This tool makes use of eBPF!
Come hangout, ask questions, and share you experiences!
B
C
A
C
A
C
D
D
A
A
C
A
Does
he
come
and
then
we
have
Antoine
from
Paris
my
buddy
Tim
Carver
Timmy.
D
A
A
C
A
B
D
A
A
D
A
D
D
B
A
C
C
A
/
notes
and
you
can
hit
it
so
what
we're
shows
things
that
happened
this
week.
There
was
a
couple
articles
that
actually
joke
erection.
One
of
them
is
the
tilt
block
until
there's
an
interesting
piece
of
software,
and
they
talk
about.
Basically
why
developing
and
kubernetes
is
tough
and
it's
you
know
it's
an
interesting
article.
They
talk
about
like
a
lot
of
pain,
points
that
people
have
in
trying
to
figure
out
how
to
develop
an
iterate
on
software,
like
when
you're
trying
to
what
could
play
into
a
distributed
system
like
good
riddance,
yeah.
C
A
D
A
A
What
is
neat
about
octant
is.
It
represents
a
dashboard
that
you
can
start
locally
on
your
machine
and
often
has
a
picker
on
the
upper
right-hand
corner.
So
if
you
have
multiple
clusters
against
the
same
cube
config,
we
just
bounce
back
and
forth
between
them
in
the
same
UI,
consistent
experience
and
and
things
well,.
B
A
Of
the
things
they
highlight
is
actually
one
of
the
features
of
octants.
That
Brian
was
talking
about
in
his
session
last
week,
which
was
which
this
resource
viewer
here,
which
gives
you
the
ability
to
understand
all
of
the
resources
that
are
related
to
any
resource
with
interpreters.
So
you
can
pick
up
the
pod
and
we'll
tell
you
about
the
replicas
set
and
the
deployment
and
the
service
and
all
the
other
stuff
kind
of
see.
If
it's
wired
correctly.
D
A
B
A
C
A
C
A
Still
another
way,
I
mean
like
definitely
one
of
the
problems
we
have
I
was
like
you
know,
as
we
adopt
more
as
more
and
more
people
adopt
Cooper
deviously.
They
need
some
way
of.
Actually,
you
know
kind
of
like
making
use
of
those
resources
that
they've
spent
on
communities
to
build
the
images
that
are
associated
with
the
applications
that
they
wanted
to
pulling
indica
videos.
So
how
do
they
do
that?
A
B
A
B
That
out,
that's
that's.
A
Something
that
is
interesting
to
you
and
that's
actually
come
on
and,
as
I
said
before,
VMware
welcome
in
total
lots
of
great
stuff
that
we
could
do
together.
You're
gonna
hear
actually,
if
this
is
just
one
of
the
many
announcements,
your
new
your
the
next
week
as
we
go
into
VM
world
I
wanted
to
share
this
link,
which
I
think
is
pretty
awesome.
Like
my
friend
of
Hart,
who
I
work
with
on
my
team,
he
was
actually
going
to
try
and
throw
some
shirts
together
really
quickly.
A
C
C
B
A
A
C
A
And
they're
there
to
talk
about
one
of
the
other,
really
exciting
announcements.
I'm
not
going
to
talk
about
it
right
now,
but
it's
like
super
exciting.
A
way
to
give
you
the
to
manage
so
servers
access
to
gurus
clusters
across
all
of
the
clusters
and
I
think
that's
going
to
be
exciting
to
a
lot
of
people
so
check
that
out.
That
session
should
be
really
great.
A
The
next
day,
all
right
moment
of
silence,
more
silence,
people
that
poor
want
to
help
for
the
rocket
project
when
I
joined
core
OS,
something
like
three
years
ago.
I
remember
rocket
being
really
like
a
controversial
project
at
the
time,
but
it
was
really
interesting
to
see
what
rocket
accomplished
right,
like
in
my
opinion,
I.
Don't
think
that
rock
I
think
it
rocket
was
like
probably
one
of
the
more
successful
software
experiment
that
the
experiments
that
has
existed
because
it
helped
force.
D
C
A
C
A
A
I
might
not,
but
they
do
yeah
I
agree,
but
one
of
the
things
that
they
got
this
big
quiz
version
1.6
Sicilian,
which
means
that
they
no
longer
require
their
own
density,
custard
cool
and
they
also
have
a
complete
100%
replacement
for
a
few
proxy
and
soccerbase
load.
Balancing
a
lot
of
other
really
exciting
things,
including
they're
kind
of
like
starting
to
follow
the
model
that
I've
seen
a
couple
of
other
seeing
eyes
into
the
space
to
where
you
can
use
psyllium
just
to
do.
A
A
A
Week,
music,
really
great
guy,
focused
on
kind
of
a
security
space
in
general,
as
it
relates
to
like
all
number
of
things,
not
just
not
just
completed
your
containers
so
really
great
stuff
Christian
from
Frankfurt
Germany
hello.
We
have
Marco,
saying
hello:
we
have
Shahar
from
Atlanta,
we
have
salt
from
old
Finland.
It's
great
to
see.
Walls
out
here,
I
wanted.
A
B
C
A
Like
if
you
develop
a
piece
of
software
like
cystic
or
if
you
develop
a
piece
of
software
like
or
your
own,
an
operator
or
your
own
controller
or
whatever
kukri
lead,
is
you
want
some
way
to
run
and
and
test
for
that
software?
Or
this
is
one
of
the
ways
that
could
be
accomplished
now,
so
that's
pretty
exciting.
So
definitely.
C
So,
if
you're
interested
in
getting
involved
with
anything
cystic,
particularly
Falco,
which
is
the
projects
that
I'm
going
to
be
working
closely
with,
please
feel
free
to
join
our
slack
I'm
hanging
out
in
there
we
got
Michael
do
CE
Marking,
Jackson
Pappas
in
there,
of
course,
vo
and
Lorenzo,
so
currently
fabulous
engineers
from
Edinburgh.
Of
course,
Duffy
strategically.
Cuts
me
off
in
the
middle
of
my.
C
D
D
A
A
I've
been
a
systems
administrator
for
a
long
time,
I've
been
doing
security,
stuff,
Network,
stuff
of
systems
for
a
longer
than
okay.
To
think
about,
and
some
of
the
tools
that
we
had
prior
to
containerization.
That
allowed
us
to
understand
when
applications
were
misbehaving.
Are
things
like
product
D.
D
D
B
C
C
C
So
what
we
did
at
assisting
is
we
started
to
go
to
the
es,
call
as
the
source
of
truth
and
we
started
taught
it
those
and
pull
those
and
bundle
them
up
to
use
your
land
and
then
with
a
separate
process
up
on
top
of
that,
we're
able
to
now
do
really
interesting
mappings
of
how
we
display
this
information
and
then
with
Falco
that
allows
us
to
take
action
and
actually
trigger
events
and
warnings
from
it.
So.
A
B
A
Cluster
we're
going
to
enable
audit
logging
on
the
API
server.
This
was
actually
some
a
source
of
some
contention.
Last
night
we
finally
got
that
working,
we're
gonna,
deploy
and
I'd
seek
for
poor
folk,
oh
and
then
we're
gonna
play
with
the
configuration
of
that
audit
policy
and
then
we're
going
to
observe
kubernetes
audit
events
in
Falco
and
that'll
be
really
interesting,
because
I
feel,
like
that's
gonna,
give
us
a
ton
of
context
around
like
the
running
process
and
also
that
running
process
in
relation
to
the
context
as
Cooper
TVs
can
apply
for
it.
C
C
C
C
C
D
C
Coming
or
outbound
we've
got
this
call.
That's
calling
a
lot
of
wonderful
maida
information
about
what's
happening
inside
of
the
colonel
I
mean
how
are
able
to
do.
This
is
through
one
of
two
ways,
either
by
a
kernel
module
that
we
live
in
our
system.
That
would
then
mount
some
devices.
So
if
we
look
here,
if
I
go
to
slash,
dev
and
I
do
a
list
you
can
see
over
here,
we've
got
assisted.
Where
are
they
okay,
Julie.
C
C
C
Well,
really,
what
I
was
just
gonna
say:
it's
not
even
you
need
to
see
help,
there's
a
command
here
or
a
flag
here,
minus
P,
and
then
there
we
have
a
whole
syntax
and
library
where
we
can
filter
through
and
add
different
events
and
different
bits
of
data.
The
ones
we
just
saw
in
the
output
here
and
I'm
gonna
be
putting
together
some
sessions
where
we
look
at
concrete
use
cases
of
different
filters
and
how
we
could
use
those
best.
C
Can
apply
rules
using
the
rule
engine
on
top
of
it
and
what's
cool
about
Falco
is
based
on
those
rules.
We
can
take
action,
we
can
take
arbitrary.
Actually,
we
can
alert,
we
can
fire
off
a
process.
We
can.
We
can
kind
of
do
whatever
we
want.
Let
me
give
a
good
example:
Duffy.
Do
you
want
to
keep
this
pulled
up
and
I'm
going
to
run
a
container
I'm
gonna?
Do
a
docker
run,
I'm,
T
bash,
and
so
right
now
I'm
going
to
container
you?
If
you
look
on
Duffy
screen,
you
can
see.
C
Falco
is
able
to
alert,
but
he's
got
a
lot
of
different
things
from
simply
me
just
started
a
container
on
my
laptop
and
in
those
cases,
if
we
Cho
is
based
on
their
rules
to
take
action
or
shoot
off
an
email
or
do
whatever
we
totally
could
now.
This
is
where
things
get
exciting
and
none
of
the
rules.
C
File
called
XE
/,
new
and
I'm,
bear
in
mind
I'm
running
it
in
container
I'm,
not
on
my
hosted
system.
Oh
touch.
Sorry,
let's
see,
II
knew
there.
We
go
error
by
reliable,
o
XE
open
her
any,
which
means
Falco
is
smart
enough
to
interpret
its
rules
both
on
my
system
as
well
inside
of
a
container
which
is
beautiful
and
the
way
we're
able
to
do.
That
is
because
we
take
everything
from
this
disk.
All
the
air
and
bubble.
A
B
A
Feel
like
it's
good,
too
important,
repeat
the
important
things
a
couple
times
what's
happening
here,
it's
like
when
you
create
a
container
right
and
inside
of
the
Linux
kernel
that
all
that
container
is
in
reality
is
basically
just
a
little
process
and
a
mapping
of
namespaces
associated
with
that
process
and
those
namespaces
could
be
networked.
They
could
be
the
mountain
file
system,
which
represents
the
file
system
that
it's
going
to
be
exposed.
Inside
of
that
container,
it
could
be
a
number
of
those
sorts
of
contain
of
namespaces
associated
with
that
one
running
process.
What's.
C
C
B
C
B
And
see
what
we
can
do
all
right.
A
A
C
A
We
also
have
a
recent
Colonel.
We
have
Colonel
it's
like
4.9
running,
and
this
is
important
because
part
of
the
exploration
that
we
want
to
do
today
is
like
how
do
you
actually
gather
all
this
information?
This
event
based
information
without
kernel
module,
a
company
do
that
with
just
a
PDF,
so
we'll
be
exploring
that
a
little
bit
today.
So.
C
C
A
They
have
that
mechanism
in
which
you
know
so,
if
you
didn't
have
like
homogeneous
kernel
process
that
who
would
be
able
to
use
DK
mystic
to
compile
the
kernel
necessary
for
the
kernel
that
you
were
seeing
on
that
particular
pod,
or
they
also
have
a
way
like
if
you
have
like
a
consistent
kernel
set,
and
you
wanted
to
like
provide
like
a
way
to
just
fetch
that
kernel
module
you
like
using
curl
or
something
doesn't
like
that.
We
do
it
that
way.
We.
C
C
C
A
This
is
the
demon
set
is
what
we
were
talking
about
before
right.
So
this
is
actually
pulling
the
image.
It's
gonna
have
a
privileged
context
and
I
thought
we
get
tighten
that
down,
but
that's
what's
there
today
and
then
it's
gonna
have
a
way
to
understand.
What's
happening
from
the
container
d
socket
its
mounting
in
a
service
account
token.
C
A
It's
mounting
in
the
host
the
modules
directory,
so
it's
a
module
that
it
creates,
can
be
persistent
and
that's
the
configuration
of
the
daemon
set
like
it's
melting
in
a
bunch
of
stuff,
pretty
high
privilege,
pretty
you
know,
like
you'd,
have
to
be
really
diligent
when
you're
looking
at
this
stuff
and
understand
like
what
what
sort
of
was
struck,
what
sort
of
stuff
is
kind
of
being
given
up
from
the
underlying
host,
but
this
is
a
very
highly
privileged
container,
and
so
that's
gonna
be
interesting.
It's.
C
A
C
C
B
A
It
build
complete
it's
doing
a
sanity
check
for
that
kernel
module
and
it's
loading
that
one
in,
and
this
is
what
I
mean
by
like
understanding
that
it's
looking
at
the
kernel
that
is
related
to
this
pod.
If
I
had,
if
each
node
represented
its
own
Linux
kernel,
because
I
just
was
doing
a
rolling
update,
I
hadn't
gone
through.
C
So
we
come
here
we
go
into
device
again
and
sure
enough
at
the
top
up
there
you
can
see,
we
have
our
self
of
devices
and
if
we
do
a
list
mine
and
what
aspect
aggressor
Falco,
you
can
see
that
there
taco
Pro,
is
automatically
limited.
We
DKMS,
so
the
data
set
actually
goes
and
we'll
install
everything
you
need
for
you
on
your
underling
note
in
kubernetes,
so
that
you
don't
have
to
worry
about
configuring
nodes
or
anything
like
that.
C
D
A
A
C
A
A
B
B
A
A
D
A
B
A
C
A
A
Yeah
I,
so
really
that's
a
neat
one,
a
theme
of
the
day.
If
it's
still
the
same,
it
was
still
bubbling
up,
though
system
Falls
to
a
shared
Linux
kernel,
something
we've
been
exposed,
but
for
running
analytics
kernel
as
a
process
underneath
the
Linux
kernel.
You
know
virtualization
I'm,
not
sure
that
they
ever
translate
like
that
guest
Colonel
would
never
try
to
make
use
of
in
most
cases
that
we're
not
trying
to
make
use
of
resources
that
are
known
by
the
parent
kernel.
C
A
A
D
A
D
A
B
C
A
A
C
A
We
haven't
deployed
it
yet,
but
we
have
that
API
available
to
us.
So
now
we're
gonna
populate
that
API
when
the
following
fill
the
template
with
the
cluster
IP
IP
address
you
created
with
the
thoughtful
service
service.
Above
all,
those
services
like
thoughtful
service
default
service.
Cluster
local
can
be
resolved
from
the
cube
API
server
container
within
baba
plus
trapeze
associated
with
services,
our
routable
okay.
That
makes
sense.
A
A
C
They're
both
obviously
going
to
introduce
some
overhead
to
be
completely
honest.
I
have
not
asked
that
question
yet,
but
I
have
a
feeling.
There
are
folks
in
chat
who
probably
talk
a
little
bit
more
about
the
performance
of
both
EVPs
versus
the
kernel
module
I
would.
B
C
B
B
A
A
C
A
B
A
Them
yeah,
so
if
I
did
cube
petal,
if
I
understand
it
correctly
well,
let's
just
look
at
the
command
real
quick.
So
what
is
it
doing
is
pulling
service
name
service,
it's
using
JSON
paths
to
filter
the
result
into
spec
cluster
IP
and
then
they're
using
end
stubs,
which
is
kind
of
like
a
fancy
set
really
to
take
the
template
file,
audits
and
camel
in
and
produce
the
resulting
file
out.
It's
a
camel.
How
can.
B
C
B
C
B
A
That's
cool
because
that
means
I
mean
they
don't
actually
be
pretty
interesting.
So
I
represents
kind
of
a
distributed
systems
problem
in
a
way
right,
Nick,
it's
like
we're.
What
we're
doing
is
we're
gonna,
send
the
output
from
the
API
service
audit
logs,
and
there
could
be
multiple
API
servers
right.
C
A
D
B
D
A
C
C
D
A
A
A
D
A
A
B
B
C
A
B
A
C
B
C
A
A
Some
people
are
making
use
of
tools
that
try
to
introspect
the
running
container
at
runtime
and
like
understand,
what's
happening
in
with
it,
which
is
kind
of
similar
to
what
the
father
is
doing.
But
this
one
is
a
neat
audit
rule,
because
we
can
look
at
the
audit
log
and
understand
if
APOD
were
to
make
use
of
a
container
that
was
not
known
or
didn't
make
it
through
admission
control
like
maybe
it
was
a
static
pot
or
something
like
that.
C
A
D
C
A
C
C
B
D
C
C
B
B
A
B
D
A
B
C
B
A
B
A
B
C
It's
a
privilege,
Clyde
and
it
mounts
the
root
file
system
and
then
it
troops
into
it
and
starts
messing
around
and
touching
files
in
the
host
group.
But
through
the
container
it
troops
into
the
host
root
file
system.
And
then
it
starts
like
touchy
files
and
xee
like
doing
something
hidden
directory
SSH
and
like
all
kinds
of
things.
A
B
C
Another
think
we
should
tell
folks
all
the
Southwest
configuration
lives
in
the
config
map
and
you
can
go
in
there
and
you
can
take
all
kinds
of
cool
action
and
configure
like
what's
out
how
to
do
and
what
level
you
want.
That
folks,
with
logout
and
all
of
the
different
rules
that
you
have
so
check.
The
verbosity
make
sure
that
we're
septic
info.
A
C
A
To
get
to
a
file
called
there's
no
hopper,
to
put
so,
he
could
actually
send
the
output
to
a
file
which
would
be
neat,
but
we're
done,
but
we
are
passionate,
sending
it
to
standard
output
and
there
is
a
web
server.
Apparently
Oh
enabled
we
started
a
web
server.
This
is
our
quesada
endpoint.
That's
the
configuration
of
that
SSL!
It's
not
turned
on,
so
this
is
actually
how
we're
getting
data
into
Falco
from
the
API
server.
As
we
already
described,
yeah.
D
B
C
A
A
C
B
C
D
C
A
D
C
D
C
C
A
B
A
A
A
Account
created
in
cube,
namespace
service
camp,
you
proxy
in
its
system.
That's
great
operation,
performed
by
user,
not
allowed
and
list
of
users,
which
is
somebody
doing
a
get
of
all
pods
and
the
fat
would
sample.
That's
actually,
ironically
us.
So
that's
what
you're
talking
about
seeing
an
event
triggered
by
Falco?
Oh
yeah,.
C
B
C
B
B
C
Now,
exactly
to
a
container,
that's
running
in
kubernetes
on
a
server
in
Amazon
and
we
were
able
to
mount
the
server's
root
filesystem
into
the
container
in
temp
brown,
because
everything
has
to
be
Dubrow
and
if
we
go
to
slash
temp
I
can
true
in
Tyrell
and
now
have
gained
full
access
of
the
underlying
host.
And
in
here
you
can
see
that
I'm
actually
on
the
host
system,
which.
A
C
C
C
A
Says
air
file
below
SC
R
open
for
writing
user
root
command
touch
as
he
something
the
file
that
I
was
touching
the
container
ID
in
which
it
was
being
created.
The
image
based
on
that
container
ID,
it's
a
namespace
that
it's
in
it's
a
pot
name
that
it
was
in
the
container
ID
again
in
the
default.
Namespace
pot,
scary,
yeah,
really
cool,
so
it's
actually
giving
it
like
the
full-on
output.
And
then
here
is
the
result.
B
A
A
C
A
B
A
C
D
C
B
C
D
B
D
A
C
C
C
So
error,
file
below
FC
open
for
writing,
touch
FC.
So
even
tells
you
what
file
was
touched.
What
command
it
was.
It
says
the
parent
that
spawns
the
report.
I
should
say
the
process,
which
was
your
of
course,
bash
the
command
line
which
was
bash
and
then
there's
the
file
again,
so
we're
getting
all
kinds
of
information
out
of
this
container
ID.
So
this
this
is
coming
from
the
docker
context.
This
is
the
container
ID
that
docker
is
running.
I
told
you
the
image,
the
name
of
the
kubernetes
pods,
the
user,
the
namespace.
B
A
D
D
A
Would
yeah-
and
actually
you
know
what's
interesting-
is
that
I
know
that
from
the
event
log,
if
you
have
the
Autobot
look
full
out
of
bog,
then
you
get
more.
Information
like
you
can,
like
the
auto
log
will
give
you
the
source
IP.
As
it
knows
it,
it'll
give
you
the.
If
anybody
has
forwarded
on
like
what
the
real
life
he
is,
it'll
give
you
what
service
account
was
used
to
us
in
a
key
or
what
user
was
on
used
to
authenticate.
So.
D
A
C
C
C
I
feel
like
everybody's
evening
right
now,
where
folks
are
running
their
applications
being
able
to
get
made
it
information
about
how
your
application
is
being
ran,
while
mapping
that
to
the
deep
system
inspection
that
we
get
with
system
Falco
we're
able
to
tell
that
complete
story.
That's
what
nothing
and
I
were
just
talking
about
with
telling
the
story
of
what
happened,
based
on
the
events
that
Falco
and
cystic
are
able
to
give
us
Oh,
Nick
Perry
says
one
related
issue:
there's
a
cube.
Api
doesn't
support
proxy
protocol
access
type
headers.
C
So
you
access
the
API
by
a
proxy.
You
want
a
senior
the
proxy
IP
which,
if
you're,
clever
and
you're,
didn't
really
do
malicious,
you're,
probably
going
through
not
one
to
probably
several
proxies
of
different
protocols,
so
Nick
Perry
says
in
the
hotline
so
yeah
it's
it's
a
limitation,
but
I
think
you
know,
as
we
start
to
expand
security.
C
A
I
agree:
I
mean
just
stronger
just
this
last
couple
of
weeks,
I
mean
like
open
sourcing,
the
result
of
a
third
party
audit
of
your
entire
source
code.
As
a
project
I
mean
like
that's,
a
bold
move,
I
mean
I
was
I,
was
super
excited
to
see
that
happen,
and
it's
also
just
great
to
see
like
how
quickly
we've
been
able
to
respond
to
many
of
the
things
that
were
found
at
that.
So,
if
you
need
some
light
reading
over
the
weekend,
definitely
check
that
out.
C
So
Bogdan
says
that
they're
asking
because
in
these
logs
it
shows
much
less
data
than
the
actual
audit
event,
which
I
think
is
what
dudley
was
just
talking
about
with
their
game
economy
versus
true
oddity
again
bear
in
mind.
We
are
mapping
and
in
the
Saco
rules
you
defined
what
outputs
you
want.
So
if
we
wanted
to
see
something
Pacific
specific.
B
C
A
D
D
A
C
D
C
C
C
C
D
C
D
C
C
A
A
It's
killer,
I,
completely
agreed
and
up
what's
interesting,
is
looking
from
a
very
good
point.
Click.
It
is
interesting
that
it
seems
to
me
it's
a
or
much
greatest,
but
that
people
are
like
looking
at
BPM.
We
call
them.
The
super-powered
attractants
is
like
the
superpowers
of
limits
for
not
even
do
lots
of
stuff
with
it,
but
it
seems
like
in
my
tickets,
like
people
are
looking
in
from
two
distinct
vantage
points.
One
vantage
point
being
like:
how
can
I
basically
use
this
as
a
lock
mechanism
to
understand
skin
psychosis
traits
on
steroids.
A
Other
being,
how
can
I
build
an
efficiency
in
my
network
path
and
be
able
to
use
the
network
as
an
insertion
point
for
like
a
layer,
7
or
application
level
constructs
using
the
same
set
of
tools
right
so
BPF
and
xdp,
and
then
those
things
work
together
to
be
able
to
allow
you
to
define
networking
between
pods
and
networking
notes
in
ways
that
we
have
never
even
really
accomplished.
I
mean
closest,
is
like
open,
V
switch,
but
even
comparing
those
children
they're
really
amazing.
What.
C
B
B
C
A
B
A
C
C
A
Right
now
we're
running
with
the
kernel
module.
So
what
I'm
gonna
do
is
I'm
gonna,
do
a
cute
kid
old
delete
of
Falco
Damon,
said
trigger
and
puke
it'll
get
pods
will
see
those
going
away
now,
even
though
this
is
kind
of
interesting
because
well
I
want
noodle
on
it,
but
like
what's
happening
here,
is
that
I
actually
just
used
a
file
that
gave
kubernetes
enough
of
a
coordinate
to
be
able
to
delete
this
thing,
and
now
those
pods
are
gone,
but
the
file
that
I
use
is
not
the
file
that
was
in
place.
I've.
A
And
no
more
than
that,
like
it
literally
just
looks
at
that.
It's,
like
your
scale,
event
right.
If
you
try
to
find
a
cube
kettle
scale
and
then
I
give
it
some
name
of
an
object,
all
it
cares
about.
Is
there
that
object
exists?
It
doesn't
care
like
what
version
or
where
it
isn't.
It's
scaling
already.
The.
D
C
C
B
A
B
C
I
know
duty
who
he
was
only
call
earlier.
I,
don't
know
he's
here
right
now
he's
doing
a
lot
of
work,
he's
been
slipping
down
our
docker
images
and
giving
them
a
once-over.
So
I
don't
imagining
as
soon
as
we
will
meet
these
new
docker
images.
It'll
come
preloaded
with
a
working
URL
to
get
the
EVPs
program.
C
C
C
B
A
Agree
with
that,
even
if
we
don't
do
bucko
like
I,
think
that
you
and
I
should
just
go
host.
This
does
music
you're
a
tremendous
investment
in
keeping
the
it
even
starting.
This
whole
crazy
channel,
like
I
love
working
with
you
and
I,
would
love
to
continue
to
do
that,
regardless
of
whatever
form
that
takes
yeah.
C
C
D
A
C
C
Someone
who
has
a
lot
of
responsibility
for
the
success
of
this
project
like
knowing
that
there's
a
lot
of
work
in
that
we're
going
to
be
doing
it
in
open
source.
It's
really
exciting,
because
it's
an
opportunity
for
folks
to
come
in
get
involved
and
to
work
on
really
really
brand
new,
exciting
technology,
with
a
really
awesome
tool
that
I
personally
think
it's
going
to
be
pretty
successful.
Yeah.
A
B
A
Is
an
open
circle
I'm
not
considering
these
security
fields,
but
they're
pools
that
we
use
so
heavily
and
we're
able
to
like
you
know
the
Linux
kernel.
All
of
these
things
are
open-source
projects,
and
so,
like
you
know,
seeing
Cystic
and
fofo
and
those
sorts
of
projects
were
like
really
upping
our
game
and
understanding.
What's
actually
happening
in
this
is
called
level
like
be
an.
C
Thanks
I'd
like
to
use
the
analogy
like
to
look
at
encryption:
algorithms,
the
fact
that
they're
open
source
is
that's
what
makes
them
so
strong
means.
We
have
eyeballs
and
brilliant
engineers
from
all
over
the
world
looking
at
them
and
working
on
them
so
and
we're
all
benefiting
from
all
of
these
individual.
One
of
these
cases
around
the
world
and
I
mean
who's
gonna
run
into
crook,
show
her
the
message
service.
It's
what
you
do
with
it.
Yeah
yeah.
C
Do
it,
let's
stop
by
the
to
everyone.
Let's
say
bye,
thanks
for
a
great
TV,
I
came
from
Sean
thanks
Alan
Thicke's
regiment
questions
who
are
a
cool
thanks
for
super
interesting
joy.
Thank
you
for
the
session
Vincent
thanks
Lorenzo
could
see
you
at
sea.
Lards.
Oh
now,
go
enjoy
your
weekend
and
stop
working.
That's.