►
From YouTube: TGI Kubernetes 050: Weave Net (CNI)
Description
Come hang out with Kris Nova as she does a bit of hands on hacking of Kubernetes and related topics. Some of this will be Kris talking about the things she knows. Some of this will be Kris exploring something new with the audience. Come join the fun, ask questions, comment, and participate in the live chat!
A
Hey
everybody
and
welcome
to
TGI
K
live
on
Friday
from
the
hefty
Yahoo
studios
in
downtown
Seattle.
How
is
everyone
doing
today?
I
am
your
host
Chris
Nova
and
today
we're
going
to
be
talking
about.
We've
met
in
kubernetes,
which
is
a
part
of
this
broader
C&I
series
that
we've
been
doing
over
the
past
couple
of
weeks,
where
we've
been
looking
at
all
the
different
C&I
providers
in
kubernetes
and
we're
going
to
talk
a
little
bit
more
about
weave
a
little
bit
later
and
then,
of
course,
everybody
who's
joining
us.
A
We
like
to
spend
a
few
minutes
at
the
beginning
of
the
episode
going
over
some
things.
We're
gonna
talk
a
little
bit
about
the
go
programming
language
this
week
and
then
we'll
jump
into
actually
doing
some
live
demo
eeen
and
tinkering
with
the
weave
net
C&I
in
kubernetes
and,
as
we
all
know,
my
favorite
part
of
the
week
is
saying
hello
to
everyone
who
has
joined
us
live
in
the
the
YouTube
chat,
which
you
can
see.
How
do
I
do
this
I
wanna
get
this
right.
A
You
can
see
it
right
here
on
the
side
of
your
screen.
I
think
that
should
be
right,
I,
don't
know
if
I
do
that,
the
right
way
if
it's
gonna
actually
render
correctly
in
YouTube
or
not,
but
we'll
see
how
that
looks.
I
can
do
both
ways.
I
said
that
we
know
it'll
work,
okay,
so
anyway,
let's
look
at
the
YouTube
chat
and
see
what
folks
are
saying.
Okay,
so
I
said
happy,
Friday
and
then
Charles
says
hello,
George
says
hello.
Everyone
I'll
be
helping
Chris
today
with
some
notes:
Thank
You
George.
A
It's
always
great
to
have
you
here,
helping
out
with
notes
and
we'll
talk
more
about
the
notes.
In
a
second
happy
Friday
from
Sean
Smiths,
we
have
yard
from
Bristol
from
Tim
Rory
evening.
All
George
says:
okay,
here
are
the
notes
for
the
session,
which
has
our
hack
in
D,
which
feel
free
to
click
into
that
and
follow
along
and
add
notes
as
needed.
A
Olaf
says
evening,
fellas
good
evening,
Olaf
and
also
good
evening
to
the
ladies
in
the
room
as
well,
and
also
the
gender
non-binary
folks
as
well
so
Simon
hi,
everyone,
l'm,
Matty,
happy
Friday,
lieu
Matty.
It's
always
great
to
see
you
Marco
good,
to
see
you
again.
George
says
you
can
always
find
the
show
our
cuz
here
at
github,
comm
/f
do
/t.
A
A
So
that's
the
only
time
I've
ever
been
to
Cheyenne
I
used
to
live
in
Denver,
so
we
just
drove
up
and
picked
up
my
dog
one
day
anyway,
I
calcine
good,
to
see
you
our
friend
here
in
town,
happy
T,
GI,
k,
amigo,
says:
hey
everyone
greetings
from
London
good
to
see
you
from
London
I'll,
be
in
London
three
times
in
the
next
two
months,
so
any
four
folks
at
home
in
London.
A
If
you
want
to
hang
out
while
I'm
there
I'll
be
doing
a
lot
of
presentations,
hustling
kubernetes
as
per
usual
and
then
of
course
eating
curry
in
Brick,
Lane
and
petting.
All
the
wonderful
British
golden
doodles
greetings
from
Arabia
good
to
see
you
well
lead
what
software
do
you
guys
use,
recording,
Joe,
the
guy
and
me
the
girl,
both
use
OBS
to
do
recording
and
in
fact,
I
have
a
picture
of
that.
I
was
gonna,
show
folks
at
home
anyway.
This
is
a
question
in
the
chat
from
Sean
our
sin
hun.
A
So
let's
go
ahead
and
let's
just
pull
this
up
now.
Why
are
we
here?
So,
let's
switch
over
to
my
screen
and
I
can
go
down
here
and
I
took
this
picture
before
the
episode
cuz
I
wanted
to
show
folks
at
home
like
what
it
looks
like
from
our
perspective
in
the
TGI
K
Studios,
because
I
feel,
like
everybody
eat.
A
Like
knows
this
space
very
well,
which
actually
is
this
weird
empty
space
behind
me,
but
I
wanted
people
to
to
see
what
kind
of
what
like
it's
like
for
me,
because
I'm
basically
standing
here
at
this
desk
on
a
treadmill
talking
to
myself.
Why
there's
like
engineers
on
the
other
side
of
the
wall,
trying
to
work
right
now
so
anyway,
without
further
ado?
Here,
is
a
picture
of
to
be
the
t
GI
case
studios
like
behind
the
scenes,
so
we
do
have
a
treadmill
desk
which
is
really
rad
and
then
up
here
on
the
top.
A
We
have
the
I'll
kind
of
go
over.
What
our
setup
looks
like
here.
We
have
the
Yeti
blue
microphone
or
the
blue
Yeti
microphone,
which
is
like
a
pretty
standard.
Usb
podcast
microphone,
that's
on
the
desk
mount
and
it's
got
the
pop
filter
in
front
of
it,
and
you
usually
can't
see
that.
But
it's
like
right
here
next
to
my
face
up
above,
we
have
this
light,
which
we're
actually
getting
a
sweet
new
light
that
kind
of
gives
our
skin
this
nice
glow.
So
we
look
very
beautiful.
A
Why
we're
doing
TGI
K
over
here
is
our
doc
cam
and
then
I
have
been
strategically
like
putting
cute
little
like
trinkets
and
doodads
here
on
the
standing
up
desk.
To
kind
of
make
me
happy
so
I
have
like
crystals
and
like
earthbound,
figurines
and
little
Gophers
and
all
kinds
of
cute
stuff,
and
then
my
come
bucho
and
my
laptop
there
as
well
so
here
on
the
top
left,
you'll
actually
see
by
Twitter
and
then
on
the
top
right
you'll
see
the
OBS
program.
A
That's
actually
streaming
what
is
being
shown
in
the
top
left,
monitor
and
then
I.
Have
this
monitor
on
the
bottom?
That's,
like
my
secret,
monitor
that
nobody
can
do
anything
with
so
anyway.
That's
what
TGI
K
looks
like.
Let's
see
what
folks
are
saying
in
the
chat
again
do
to
do.
Sean
says
he'll
find
out
about
a
CFP.
We
have
somebody
else
high
from
DC
I
lost
my
spot.
Where
did
it
go?
A
Okay
at
Sweeney
says
hi
from
Starbuck
Support
Center
I
have
some
Starbucks
today
I
go
to
see
you
ad
hi,
everyone
from
Arouca
Columbia
nice
to
see
you
angel,
caslen
field,
says
you
did
it
right?
Nadir
says
good
evening
from
Malanda
in
another
london
friend:
greetings
from
the
forested
hills
of
West
Virginia,
that
sounds
beautiful,
Vikram,
hello,
Imran,
Khan
hi
from
Turkey
Fabian
Berlin
are
nude
hello,
mark
van
oppen,
hello
from
down
the
hall
I'm
mark
van
oppen,
hello
from
down
the
hall.
A
If
you
are
from
down
the
hall
and
you
bring
me
a
glass
of
wine
and
or
a
beer
today,
I
would
not
be
upset.
That
is
the
subtle
hint
hint
hint
as
Sean
says
yes,
Valentin
says
burek
rest
three
seconds
worse
than
one
time
is
what
sin
was
saying:
okay,
I'm
going
to
be
streaming
some
3d
printing
this
week
and
set
up
OBS
for
yesterday
Sean.
Let
us
know
how
it
goes.
We
have
our
OBS.
A
Actually
I
can
show
you
this
Sean,
really
quick-
and
this
is
for
folks
at
home,
who
are
interested
in
getting
streams
up
and
running.
If
you
go
to
the
TGI
K
repository,
we
have
our
OBS
configs
that
we
share
broadly.
This
is
the
same
one
that
Joe
and
I
use
on
our
MacBook
and
then
I
have
one
for
my
Arch
Linux
computer
and
I.
A
Think
Duffy
had
one
for
Linux
computer
as
well,
we're
happy
to
upload
those,
but
these
are
handy
because
you
can
go
in
and
actually
see
how
we
have
things
configured
on
our
end,
which
is
how
we
get
really
cool
things
like
watch
the
transition
here,
Wow
Wow
and
you
can
get
that
on
your
end
pretty
easily
as
well.
So,
let's
see
what
other
other
folks
saying
kamal
says.
Finally
able
to
watch
live
good
to
see
you
kamal
Darko
says:
what
do
you
use
for
comments
live
on
the
screen?
A
Ok,
so
I
wonder
if
I
can
do
to
show
you
this
for
the
comments
live
on
the
screen.
Darko
we're
gonna,
try
to
do
some
recursive
OBS
here,
so
there's
a
good
chance.
The
screen
is
going
to
kind
of
go
in
on
itself,
but
we'll
just
hope
for
the
best
and
see
how
this
goes
so,
we'll
keep
my
face
here
and
I'm
gonna
try
to
drag
my
OBS
monitor
into
where
we're
capturing
the
screen
to
show
you
this.
A
So
let's
go
back
to
my
screen
in
my
face,
and
this
is
what
yeah
there's
the
recursion
okay
so
down
here.
We
have
this
display
capture
and
where
is
it
YouTube
chat?
And,
oh,
my
god,
that's
so
crazy.
You
can
actually
see
it's
just
a
media
stream
and
then
we
have
some
CSS
as
well.
We
can
show
you
how
to
do
that
if
you're
interested,
but
basically
we're
running
a
small
web
browser
inside
of
our
OBS
stream.
So
enough.
B
A
Recursive
OBS:
let's
get
that
out
of
the
way
Sean
says
nice.
I
have
helped
a
dev
advocate
at
Microsoft,
set
up
their
OBS
and
tweak
it
to
work.
So
I
have
a
bit
of
experience,
awesome
and
LeMat.
He
says
whoa
the
matrix
okay,
so
that's
the
OBS
intro
that
I
did
wasn't
realized
we're
going
to
do
do
today.
A
But
yes,
OBS
is
a
rad
program
and
we
wouldn't
be
able
to
do
tgia
if
it
wasn't
for
OBS
and
the
small
tweaks
and
all
of
the
work
that
Joe
was
put
into
it
and
that
I've
came
in
and
and
helped
with
repo
and
publishing
it
so
yeah.
It's
it's
really
cool
and
it's
fun.
It's
kind
of
nice
to
have
this
all
set
up
and
dialed
in
in
this
really
sweet
studio.
Here.
Ok,
so
let's
go
back
to
our
hack
MD
here,
George
has
a
pro
tip
for
folks
at
home.
A
Pro
tip
enable
hardware
encoding
in
OBS
settings
that
will
use
your
chips
encoder.
Instead
of
melting,
your
laptop
using
a
software,
yes
100%
protip
there.
We
definitely
have
that
in
our
OBS
config
I
want
to
say,
let's
see
if
it's
in
here
stream,
encoded,
Jason,
nope
record
encoder
nope
somewhere
in
here.
We
have
like
a
hardware,
encoder
kind
of
thing,
I
don't
know
anyway.
We
have
that
bit
checked
somewhere
along
the
line
in
one
of
these
JSON
files,
but
it
does
help
out
quite
a
bit
and
also
getting
the
bitrate
just
right
in
YouTube.
A
It's
quite
important
as
well
and
YouTube.
Has
this
really
cool
feature
that
will
let
you
know
if
your
stream
is
like
good
or
just
ok,
or
if
it's
kind
of
bad
or
not
working
at
all,
and
we
try
to
usually
keep
tgia
around
good
Jim
angel
says
fire
makes
sense.
Ok,
let's
talk
about
kubernetes,
that's
my
role
here.
Well,
actually,
let's
talk
about
go
and
other
things
that
happen
in
Cooper
Nettie's
this
week.
Then,
let's
talk
about
weave
on
in
kubernetes,
so
yeah.
So
we
do
this.
A
Every
week
we
have
like
a
little
markdown
file,
and
this
week
we're
gonna
do
week
in
review
and
we're
gonna
talk
about
these
things.
So
this
is
kind
of
cool
we've
been
doing
it.
Where
I'm
kind
of
blind
to
these
in
the
past
I
was
the
one
picking
these
out
and
now
George
has
been
helping
out
with
these.
So
it's
like
I
get
a
new
one
and
I
get
to
kind
of
read.
A
It
live
on
the
air
every
time
which
is
exciting,
announcing
Hoshi,
Corp,
console
plus
kubernetes
now
I
know
folks
have
done
this
in
the
past,
but
is
this
like
a
more
like
formalized
console
Nettie's
thing
it's?
Where
is
this?
It's
on
the
Hashi
core
blog,
so
I
bet,
that's
implying
that
Hoshi
Corp
has
done
something
to
make
this
official.
Let's
see
features
the
following
is
a
list
of
features
that
will
be
announced
and
released
in
the
coming
weeks.
A
Following
an
announcement,
blog
posts
will
cover
each
D
in
detail,
but
it
looks
like
Hoshi
Corp
is
going
to
be
publishing
a
helm
chart
for
a
console
for
you
to
run,
console
and
kubernetes
there's
going
to
be
some
auto
join
features,
and
it
looks
like
there's
gonna
get
some
Service
Catalog
stuff.
I
am
NOT
going
to
make
a
comment
just
kidding,
but
this
looks
really
exciting.
I
have
been
waiting
for
something
official
like
this
for
a
while
I
think,
there's
already
a
console
Church,
let's
go.
What
is
it
github?
A
Let's
go
see,
calm,
slash,
kubernetes,
slash,
charts
and
then
I've
got
in
stable
or
the
incubator.
I
bet,
there's
already
a
console
one,
but
let's
see
yeah
so
I'm
wondering
the
differences
between
what
how
she
Corp
is
put
together,
and
this
chart
here
and
of
course
wondering
what
what
the
backend
implementation
and
actually
what
we're
deploying
looks
like
so
I'll
make
sure
to
check
that
out
as
soon
as
we
can
find
an
actual
example
of
the
house
right.
That's
really
rad,
also
hats
off
to
Hoshi
Corp
for
helping
us
out
with
kubernetes
and
I.
B
B
A
That's
not
even
fair,
now,
you're
just
teasing
me.
He
gave
me
second
ten.
He
gave
me
a
ginger
ale
instead
of
a
beer,
just
what
I
need
more
sugar.
Clearly
well
Manny
says
this
looks
interesting.
Do
you
see
this
being
a
replacement
for
the
built-in
service
discovery
in
cakes?
I,
don't
know
if
we'll
see
it
as
a
replacement,
maybe
more
of
but
like
in
a
complementary
piece
along
the
way.
A
lot
of
the
hash
accord.
A
Products
are
a
little
more
battle
tested
and
getting
those
new
kubernetes
would
actually
be
a
big
win
specifically
for
people
who
already
have
tooling
that
talks
to
them.
So
I
think
this
is
just
another
really
great
example
of
getting
more
devops
e
style
tools
built
into
kubernetes.
That's
gonna
make
the
kubernetes
ecosystem
more
rich
and
more
more
complete
and
easier
for
folks
to
adopt
which
three
million
thumbs
up
there
George
says
exists.
It
appears
to
be
maintained,
josh
says
ginger-beer.
A
I'm
actually
actually
think
I'm
gonna
drink
this
con
mucha
here,
which
actually
probably
has
more
alcohol
content
than
the
beer
that
mark
brought
me
anyway.
Let's
go
back
and
see
what's
next,
so
we
have
blue
green
node
deployment,
kubernetes
ii
cast
hair
form.
What
is
this
now
here
at
lumo?
We're
using
kubernetes.
A
A
It
looks
like
it's
a
new
way
of
managing
nodes
with
that
are
configured
to
work
with
the
UK
s
using
terraform,
and
this
looks
like
it's
a
pretty
solid
write-up
on
how
to
manage
the
load.
Balancers
looks
like
you
could
drain
your
old
nodes,
which
makes
me
think
that
there's
some
sort
of
upgrade
story
here
scale
down
the
old,
auto
scaling
group.
A
So
we
can
actually
use
the
Amazon
API
to
manage
our
ASG,
which
is
handy,
and
it
looks
like
what
is
I'm
Leary
witness
says:
API
latency
is
slightly
higher
than
our
cube
spray
deployments,
but
that
expected
to
give
out
how
API
traffic,
now
in
transits
UK
s
with
the
help
of
hepped
you'll
arc.
Wu
also
has
cut
our
kubernetes
cluster
deployments
from
under
one
and
a
half
hours
to
20
minutes.
So
that's
really
rad.
So
this
looks
like
a
pretty
complete
write-up
of
how
these
folks
are
approaching.
A
Managing
a
mutating
UK
s
clusters
with
terraform,
which
is
pretty
sweet,
because
this
is
something
that
we've
been
talking
about
a
lot
in
upstream
kubernetes
as
we're
looking
at
building
out
the
AWS
cluster
API
implementer.
We
just
recently
decided
on
the
vernacular
to
use
to
describe
the
different
avenues
in
which
one
would
manage
nodes.
The
word
we
picked
was
variant,
so
this
is
a
really
great
example
of
potential
cluster
API
variants.
A
If
we
could
have
the
tooling
like
this
or
even
this
tooling
concretely
respecting
to
speak
the
cluster
API,
which
hopefully
will
be
RC
Rd
very
soon,
so
slowly
getting
the
community
together
and
making
this
stuff
more
of
a
standard.
So
that's
really
exciting.
Mark
says:
you're
welcome
for
the
ginger
beer,
thanks
mark
I'm,
going
to
I'll
drink
it
here
on
the
air,
but
I
think
it's
what
is
it
a
twist-off
yeah?
It
is
okay,
so
here
Cheers
mark.
Thank
you
so
much.
A
A
How
we
at
you
switched
managed
to
get
all
of
our
applications
to
use
short-lived
database
credentials
without
changing
their
code?
Almost
great
intro
sentence
nicely
done.
Static
database
creds
tend
to
slowly
accumulate
and
get
spread
around
in
most
organizations
over
time,
okay
cool.
So
this
is
actually
using
another
hash,
II
Corp
tool,
vault
as
a
credentials
store
in
kubernetes
and
then
actually
using
that
to
store
secrets
for
your
database.
A
This
is
pretty
rad
I
know
if
people
have
been
tinkering
and
playing
with
valen
kubernetes
for
like
I
think
almost
two
years
now
so
getting
to
see
concrete
examples
of
this
are
always
exciting
and
getting
to
see
how
we're
using
it
for
database.
Creds
is
a
really
great
example.
So
this
looks
like
a
good
write-up.
If
you
want
to
go,
learn
more
about
running
a
vault
in
kubernetes
and
how
that
they
have
used
it
for
database
secrets
along
the
way,
thanks
for
the
share
there
kubernetes
operator
deployment
guidelines
in
an
improved
usability.
A
A
Okay,
so
this
looks
like
it's
just
a
write-up
of
what
a
cooper
Nettie's
operator
is
and
how
one
would
use
it
and
there's
some
guidelines
here
that
they
put
together
to
sort
of
explain
what
an
operator
is
and
how
you
should
be
implementing
it.
Okay
and
the
guidelines
are
prefer
declarative
state
over
imperative
actions
and
custom
resource
spec
definition,
which
could
we
all
want
to
be
state
driven,
and
we
want
to
be
declarative
and
you
tree
that's
like
the
kubernetes
we're.
A
So
what
I'm
trying
to
think
of
idiomatic
kubernetes
is
what
I'm
trying
to
say
user
owner
references
with
CR,
DS
or
customer
resource
instances
generate
an
open,
API
spec
for
your
custom
resources.
This
is
a
great
one.
If
you
do
generate
an
open,
API
spec,
you
can
implement
it
and
many
other
ways
and
it
makes
public
and
documentation
a
lot
easier
as
well.
A
So
I
would
totally
agree
that
if
you're
gonna
write
a
CR
deem
gonna
write
it
operator,
you
might
as
well
write
an
open,
API
spec
so
that
we
can
use
it
for
all
the
other
goodies
as
well.
This
is
a
great
great
guideline
here.
Package
operator
is
a
helmet
strong
disagree
there
I
speaking
kubernetes
primitive
is
probably
a
more
universal
form
and
then,
if
you
want
to
take
those
static,
manifests
and
then
also
put
them
in
a
helmet,
I
think
that's
a
good
idea.
A
So
I
would
I
would
word
that
a
little
bit
differently
on
my
end
use
helm
charter,
config
map
for
operator,
configure,
configurable,
x'
again.
I
think
this
is
a
great
idea.
Helm
does
a
great
job
at
letting
you
configure.
Various
parts
of
kubernetes
manifests,
as
do
config
maps,
but
having
some
sort
of
configuration.
A
There
is
a
good
idea,
use
config
map
in
a
notation
or
spec
definition
for
CRT
configurable
I'm
gonna
go
through
all
these,
because
these
are
like
really
interesting,
plus
one
here
totally
agree:
annotations
didn't
config
maps
can
be
confusing
for
folks,
so
having
a
clear
understanding
of
the
differences
would
be
helpful
and
I
think
use
you
know
in
in
various
cases,
using
one
over
the
other
makes
a
little
bit
of
sense,
defined
composition
of
a
custom
resource
as
an
annotation
in
its
gamal
definition.
That
seems
I'm
curious.
A
Why
they
want
to
do
that
by
servicing
the
composition,
information
as
an
annotation
on
the
CRT
as
possible
to
build
tools
like
cube
discovery?
Okay,
so
other
tools
expect
that
to
be
there.
That
makes
sense
plan
for
custom
resource,
metrics
and
plan
to
use
cubic
tool
as
the
primary
interaction
point
plus
one
strong
agree
here:
great
guidelines
actually
I'm
gonna
share
those
guidelines
with
the
cluster
API
folks,
because
we're
looking
at
building
out
some
operators
and
controllers
right
now
anyway.
So
there's
some
good
stuff
there.
A
It
looks
like
we
have
a
guns,
a
guns,
a
go:
nice
I,
don't
know
how
to
pronounce
this
version.
0.38
stew,
the
team-
and
it
looks
like
if
you
want
to
check
it
out.
You
can
come
to
the
release
tag
here,
so
hats
off
to
them
cases
case.
One
point:
twelve
is
in
beta
already
and
Etsy
D
recommended
new
versions.
A
A
Okay,
so
this
is
recommended.
Etsy
be
minimum
versions,
and
this
is
on
the
discuss
kubernetes
IO,
that
our
friends
in
sync
ensure
that
accent
working
hard
on
so
I
love.
This
thing,
I
think
it's
great
and
if
you
in
the
past,
we've
done
like
a
live
update
on
one
of
these
when
we
logged
it
with
github,
but
this
is
just
basically
like
a
new
source
that
serves
as
documentation
as
well.
A
So
this
was
a
really
brilliant
move
from
our
friends
and
sig
contributes
and
here's
a
really
great
post
talking
about
the
minimum
at
CD
versions.
You
should
use-
and
it
looks
like
it
was
created
by
Brandon
Phillips
from
core
OS,
not
part
of
Red
Hat,
who
was
one
of
the
I.
Think
the
original
authors
about
CD.
So
there's,
probably
some
pretty
good
stuff
in
here-
come
check
that
out.
A
If
you're
interested,
okay,
we're
already
22
minutes
into
the
episode,
I
feel
like
I'm
rushing
but
I
think
we
spent
a
lot
of
time
talking
about
OBS
at
the
beginning
of
the
episode
and
so
before
we
get
into
weave,
which
I
heard
that's.
Why
we're
all
here
in
the
past
I've
been
doing
a
little
going
sort
of
like
tips
tricks
exercises?
Did
you
know
this?
A
Did
you
not
know
that
kind
of
thing
and
I
pull
one
together
for
this
week
and
the
reason
I
put
it
together
is
I
just
recently
at
Gopher,
con
got
to
have
the
errors
are
values
discussion
with
a
couple
of
newer,
Gophers
and
I.
Remember
that
was
one
of
the
first
blog
posts.
I
ever
read
about
go
with
that.
Rob
Pike
wrote
in
the
long
long
ago,
and
this
is
a
2015.
This
is
a
fantastic
write-up.
It's
somewhat
like
I
said
one
of
the
first
things,
I
read
about
go
and
I.
A
A
Fell
in
love
and
poof
Here
I
am
anyway
we're
gonna,
be
talking
a
little
bit
about
the
air
interface
today
and
showing
folks
how
to
build
custom
errors
and
go
and
talk
about
when
you
might
want
to
use
them.
So
we'll
try
to
get
this
done
in
the
next
five
to
eight
minutes.
I
bet
we
can
do
five
minutes.
Let's
try
to
do
five
minutes,
so
how
we're
gonna
do
this
is
we're
gonna
open
up?
This
really
rad
thing
that
we
have
looked
at
in
the
past
called
go
play.
A
Dot,
space
and
I
will
be
typing.
This
go
there,
this
dope
source
code,
literally,
so
forgive
any
compile
errors,
but
I'm
gonna
do
my
best
to
get
a
hole
in
one,
we'll
see
how
I
do
okay,
so
first
things.
First,
we
want
to
understand
what
the
errors
interface
is,
and
so
we
can
do
that
here
by
defining
a
new
variable,
that
we
will
call
custom
error
and
we
will
set
that
of
type
error
and
go
play
dot.
A
Space
allows
us
to
click
on
types
that,
if
they're
defined
in
the
standard
library
see
if
this
works
I
guess
it
doesn't
work
right
now
there
we
go
if
they're
defined
in
the
standard
library,
it'll
it'll.
Look
it
up
for
us
and
tell
us
what
it
is,
and
you
can
see
here
on
the
right.
The
air
interface
is
actually
one
of
the
simplest
interfaces
in
the
standard
library.
It
just
says
you
need
a
publicly
accessible
method,
called
error
that
returns
a
string.
A
A
If
you
define
a
new
funk,
we
give
it
the
most
eighty-two
gik
air
referencing,
the
destructor
we
just
created
T
GI,
k,
ER
RoR
and
here's
where
we
actually
implement
this
interface
over
here
on
the
right,
and
we
say
we
want
air
and
it
returns
a
string
and
then
here
we
would
just
return
some
string
in
the
fancy
go
path.
Syn
says:
maybe
do
the
goo
module
package
version
control
next
time,
I
found
that
probably
the
most
immature
part
of
go
and
the
fancy
coat
path.
A
Sean
says:
yes,
I
love,
writing
custom
arrow
types
to
make
my
movie
your
life
easier
for
determining
status
codes
for
my
HTTP
status
responses.
Sean.
You
saw
my
example
I'm
totally
going
to
use
HTTP
here
today,
but
yeah
we'll
talk
about
we'll
talk
about
that
here
in
just
a
minute
or
two,
you
happy
to
know
I'm,
not
the
only
one
who
thinks
that
way.
Okay,
so
we
actually
want
to
have
a
value
here.
Remember
the
whole
point
of
the
blog
was
airs
our
values,
so
we're
gonna
create
this
new
field
in
our
struct
I'm.
A
Trying
to
use
proper
go
over
an
ocular
here
and
we're
gonna
call
it
the
air
value
and
we're
going
to
make
that
a
string
and
all
the
air
method
does.
Is
it
returns
a
string
so
how
we're
gonna
do
that
is
we're
just
gonna
return,
the
air
about
you
itself,
okay,
so
now,
let's
actually
do
create
a
convenience
function.
For
us,
that's
going
to
help
us
initialize,
a
new
air.
So
how
we're
gonna
do
that?
A
The
reason
we
can
do
nil
is
because
it's
a
pointer,
so
we
can
actually
start
if
it's
a
male
pointer
or
not.
If
we
didn't
do
a
pointer,
we
wouldn't
be
able
to
do
a
fair
and
equal.
No,
it's
just
an
exciting
part
of
the
go
programming.
Language
there,
so
we
can
come
in
and
we
can
get
rid
of
this
custom
error
will
keep
our
from
to
print
line
just
for
good
measure,
and
we
will
do
an
HTTP
things,
call
hello
from
TGI,
okay
and
down
here.
A
A
Something
is
misspelled,
error
value
is
mixed,
misspelled
err,
eval,
thank
you.
Value
is
misspelled.
Okay,
so
and
then
here
we
can
do.
Err
is
equal
to
nu
t
GI
k
or
oh
no,
something
went
wrong
and
we
can
just
return
here.
We
can
understand
it
return
there.
So,
let's
see
what
happens
here.
Let's
run
this.
A
It's
not
running,
no
I
did
not
get
a
hole-in-one.
Tji
Cara
has
no
filled
air
value,
but
does
have
air
value.
There's
dang
it
capital
e
that
I
changed.
I
was
so
close.
Okay,
let's
see
here,
says
hello
from
TGI
K.
Oh,
no,
something
went
wrong,
okay,
so
here's
a
really
great
implementation
of
a
custom
error
message
and
what's
cool
now
is
as
a
software
engineer,
we
can
now
do
anything
we
want
with
this
struct
and
we
can
have
it
populate
any
value
here
and
we
can
even
put
other
methods
on
it
as
well.
A
So
to
use
Shawn's
example,
we
could
have
T
gik
err.
We
could
have
it
return,
an
arbitrary
status
code
if
we
were
doing
HTTP,
something
or
other,
and
let's
have
that
return
a
string.
Actually,
let's
have
that
return,
yeah
string
for
for
good
measure-
and
here
we
could
do
you
know.
We
know
that
this
HTTP
things
is
going
to
return
a
specific
error
type
where
we
could
do
a
type
certian,
and
we
could
actually
do
some
stewart
here.
A
A
So
let's
talk
about
weave
in
kubernetes.
So
if
you
go
to
the
TGI
K
repository
I've
already
pushed
up
this
new
directory
called
50,
which,
if
we
print
working
directory
you
can
see
here
we
are
American.
Bottie
says
I
tried
to
send
another
Rob
Punk's
post,
but
err
but
can't
send
address.
Is
it
okay
to
put
it
in
hack
Adi?
Yes,
100%,
please
add
it
to
the
hack
of
D.
We
know
we
can't
send
links
here
in
the
YouTube
chat,
which
is
why
we
have
the
hakama
D.
A
A
If
we
get
an
area
of
that
type,
that's
particularly
useful,
especially
when
running
in
kubernetes,
because
you
can
capture
the
exit
code
and
that
usually
gives
you
a
clue
into
what's
going
on
with
your
program
and
why
it
might
have
crashed
or
broken
and
why
the
scheduler
is
rescheduling.
It
so
yeah
errors
and
go
there
really
advice.
So
back
to
our
terminal.
Here
we
are
in
directory
Oh
50
in
the
episodes
directory
in
the
TGI,
K
repo,
and
then
in
here.
This
is
like
the
third
time.
A
Fourth
time,
we've
actually
done
a
cubic
warned
cluster
for
a
CI.
So
this
is
like
pretty
familiar
for
folks
if
you've
seen
any
of
the
other
CNI
episodes.
Here
we
have
a
custom
shell
script,
which
we
can
look
at
that
by
Counting
that
out
and
you
can
actually
see
down
here.
We
just
do
a
cube
admin
config
and
then
we
apply
the
storage
class
for
Amazon
and
we
do
not
install
CNI,
usually
right
here
and
the
cubic
corn
bootstrap
script.
A
You
would
see
us
doing
some
sort
of
CNI
install
and
we
simply
removed
that
line
from
the
default
cubic
corn
bash
script,
and
now
we're
gonna
deploy
a
cluster
using
this
bash
script.
So
no
see
and
I
will
get
installed.
So
how
we
do
that
is
we
can
cat
out
our
readme,
and
we
should
have
these
two
commands
here.
So
here's
the
first
command,
which
will
create
our
state
file
for
RC
and
I
list
cluster.
A
So
we
can
do
this
and
it
says
the
state
cubicle
warranty,
gik,
we've
clustered
ie
Emma
was
created
and
then
you
can
run
this
command
here,
keep
a
chord
apply
and
then
we
also
have
to
pass
in
our
state
store,
which
is
directory
called
Cuba
corn
here
in
the
fifty
directory
into
GA
kae
episodes.
So
we
run
that
we're
going
to
create
a
cluster
in
Amazon,
so
we
can
jump
over
into
our
Amazon
configuration
here
and
sorry.
A
Somebody
was
just
texting
me,
jump
it
to
Amazon
and
see
what's
going
on
and
as
always,
I'm
gonna
close
a
bunch
of
these
that
we've
already
looked
at
and
then
I'm
gonna
put
the
Arizer
values.
A
Fair
errors
or
values,
and
if
we
go
into
Amazon
look
at
our
instances,
you
can
see
I
had
a
we've
cluster
already
up
and
running
that
I
have
since
terminated
and
now
we're
bringing
up
a
master
and
our
note
as
well
on
its
way.
So
let's
go
to
I
term
and
it
says,
hang
while
fetching
cube
config,
so
our
cluster
is
coming
up
so
real
quick
before,
while
we're
waiting
for
a
cluster
come
up,
which
should
only
take
about
another
30
to
45
seconds
here.
A
Do
you
folks
have
anything
that
in
particular
they
wanted
to
learn
about
with
we've
net
today,
my
plan
on
the
fly
was
to
do
the
side-by-side
comparison
that
we've
done
with
all
the
CNI,
where
we
look
at
network
policy,
the
see
and
I
plug
in
how
the
demon
set
works,
how
its
installed
and
then
talk
about
the
software
layer
of
how
it's
actually
building
the
pod
network
and
how
it's
different
than
the
others.
We've
is
very
unique.
In
that
sense,
it
does
a
lot
of
things
that
none
of
the
other
c9
providers.
B
A
May
or
may
not
be
on
the
show
today,
and
he
asked
us
to
do
a
little
bit
of
a
detective
work
there.
So
we're
gonna
make
it
a
point
to
check
it
out.
So
sin
says:
how
is
the
network
policy
implemented?
Okay,
we
can
definitely
talk
about
network
policy
and
it
looks
like
our
clusters
have
been
running.
I.
A
Do
love
keep
a
coin
like
I'm,
sorry,
every
time
I
deploy
it's
like
pretty
colors
and
I
get
this
happy
green
thing
at
the
end,
it
like
just
makes
me
really
happy
inside
sin,
says:
does
really
need
to
be
privileged
or
net
admin
capabilities
will
be
sufficient.
Not
sure,
I
understand
your
question
sin,
if
you
maybe
you
could
try
rewording
it
or
yeah.
Just
try,
reading
it
and
see
if
I
can
understand
a
little
bit
better
than
I'm,
not
really
sure
what
what
it
means.
In
this
context,.
B
A
A
So
anyway,
here
we
can
k
get
nodes.
We
can
tell
that
they're
not
ready.
If
we
do
our
infamous
kdump
command,
which
remember
K
dump
is
the
same
as
doing
Q
Bechtel
get
all
all
namespaces,
which
just
lists
everything
in
kubernetes.
We
can
see
what
we
have
running
kubernetes
cluster,
so
you
can
see
we
have
a
TD
API
server
controller
manager
keep
DNS
key
proxy.
A
All
the
goodies,
the
scheduler
that
were
used
to
seeing
for
the
control
plane
no
see
and
I'm
running
in
cube
system,
and
if
you
look
where
is
it
here,
cube
dienes
is
pending
anybody.
Who's
ever
worked
on.
Installing
kubernetes
knows
that
if
cube
dns
is
pending,
that's
probably
the
biggest
red
flag
that
we
need,
C&I,
something
or
CMI
c9
might
be
gone.
A
David,
says
OMG,
so
I'm,
assuming
that
oMG
is
in
response
to
the
rainbow
unicorn,
in
which
case.
Thank
you
very
much
agree.
It
is
overwhelmingly
beautiful.
Okay,
so
Sina
is
not
installed.
We're
ssh
into
the
node
we're
gonna.
Do
our
good
old
journal,
cuddle
command
so
root?
Let's
clear
our
screen
and
I
feel
like
everybody.
At
the
same
time,
the
whole
class
journal
cuddle
a
few
cubelet.
A
Okay,
oh
did
I
spell
it
wrong.
15
journal
cuddle
a
few
cubelet
okay
and
then,
of
course,
in
our
journal
cuddle
a
few
cubelet
logs,
we're
seeing
that
CNI
is
not
ready.
So
let's
go
ahead
and
let's
install
weave
so
how
we
do
that
is:
let's
go
back
to
Google
Chrome
here
and
I.
Have
this
section
here
that
has
all
the
links
that
we
need
install
we
have
in
kubernetes,
orca,
Burnet
ease
as
Liz
would
say
so.
A
There's
this
Kubek
tool
apply
and
real
quick
before
we
go
on
this
Kubek
till
apply,
because
we're
gonna
want
to
look
and
see
it.
What
the
daemon
set
is
doing,
then
we're
gonna
look
at
the
yeah
and
we'll
do
all
that
fun
stuff
anyway,
there
I
mean
even
guys
a
little
bit
of
a
backstory
and
tell
you
an
interesting
piece
of
trivia
about
this
Kubek
tool
applied
command.
So
yesterday
morning
about
8:00
a.m.
A
A
While
I
was
on
the
phone
with
him,
he
had
mentioned
that
he
thinks
he
was
the
first
person
to
actually
do
the
cubic
to
apply
for
CNI
and
I
vaguely
remember
years
ago,
when
I
was
working
on
cops
and
we
were
first
implementing
the
C&I
network
teen
stuff.
This
definitely
was
the
easiest
one
to
implement
because
it
already
had
the
Quebec
tool
apply
right
now
for
us.
A
So
as
far
as
my
memory
serves,
that
statement
is
actually
true,
in
which
case
hats
off
to
weave
for
giving
us
the
equivalent
of
piped
Osito
bash
for
CNI
in
kubernetes
and
without
further
ado,
we're
gonna
run
the
infamous
weave
one-liner
here
and
get
weave
up
installed.
So
let's
do
that
from
my
local,
which
is
in
this
tab
here
and
we'll
clear,
a
screen
and
we're
gonna
Duke
you
back
to
apply
I
mean
what's
going
on
here.
Actually,
let's
not
do
it
keep
back
to
a
little
play.
A
Aha.
So
let's
look
at
some
yeah
mole
here
in
my
terminal
I'm
trying
to
do
this
whole
episode
without
opening
up
my
text
editor
and
just
doing
everything
in
my
terminal
text
editor
also
including
e-max,
so
we'll
see
how
far
I
can
go.
Okay.
So
this
is
interesting.
You
don't
see
this
every
day
we
actually
have
a
proper
list
to
find
a
list
proper
and
in
the
list
we
have
a
list
of
other
kubernetes
objects
as
well.
So
the
first
item
in
our
list
is
this
service
account.
A
So
already
we
know
that
we've
is
being
installed
using
our
dock,
which
is
great
because
we're
running
in
queue
system.
So
we
very
much
want
to
make
sure
that
we're
only
using
the
resources
we
need
and
we
only
are
able
to
talk
to
the
resources.
We
need
to
talk
to
you
and
everything
else
should
be
shut
down.
So
hats
off
to
we
for
getting
our
backup
installed.
And
if
you
come
in
here,
it's
pretty
straightforward.
A
They
create
the
service
account.
Then
they
create
the
cluster
role,
which
is
called.
We've
met,
they're,
defining
access
to
pods
names,
name
or
namespaces
and
nodes.
They
can
get
lists
and
watch
which
is
pretty
much
read-only,
which
is
handy,
and
we
have
a
cluster
rule
binding
that
binds
the
two
together.
So
great
are
back
implementation,
oh
and
then
we
actually
define
a
proper
are
back
rule
as
well
called
weave
net.
A
It
looks
like
that
one
can
get
an
update
so
also
read-only
as
well.
Shawnsmith,
I,
didn't
even
know.
Kind
list
was
a
thing,
that's
good
to
know:
yeah
kind,
let's
just
kind
of
nice,
because
then
it
creates
like
here.
A
Oh
I,
haven't
installed
it
yet
I.
Think
I
think
you
can
from
Katie
get
list
and
actually
like
pull
list
of
all
your
resources,
which
is
good
because
it
kind
of
acts
as
a
logical
grouping
for
things
in
kubernetes,
which
is
handy.
So
let's
go
back
to
our
UML
here,
so
we
just
kind
of
gave
a
real
quick
overview.
The
are
back
that
looks
very
legit.
Everything
looks
read-only,
so
it
looks
good
to
me.
We
already
looked
at
the
role
binding,
Ahad
infamous
c
and
ID
demon
set.
A
So
let's
see
what
we
was
doing
with
their
demon
set.
So
we
have
an
original
request.
Url
an
email
address,
support
it.
We've
got
works,
we're
installing
into
cube
system
we're,
given
it
the
weave
net
name
label,
the
container
we're
creating
multiple
containers.
The
first
one
is
weave
and
it
runs.
This
we've
launched
shell
script,
which
we
can
find
in
the
repo
if
we
want
and
we're
pulling
the
stock
at
I/o
we
works.
We've
cube,
which
is
the
this
is
confusing.
A
We've
cube
is
the
name
of
the
weave
net
image
that
is
going
to
run
the
we've
seen
I
plugin,
so
they're
all
kind
of
it's
the
same
thing
but
different
names
along
the
way,
and
it
looks
like
we're
running
2.4
dot
o
we
do
have
a
light,
leanness
probe
on
status,
67
84,
and
we
have
some
volume
mounts
here
to
find
stemmed,
and
then
this
next
one
this
is
our
another
container
called
we've
NPC.
A
We
defined
a
handful
of
environmental
variables
and
in
this
one
we
pull
this
other
image
called
we've
NPC
also
version
2.4
doesn't
look
like
we're,
defining
any
liveliness
probes
or
readiness
probes,
which
might
be
helpful,
but
we
do
have
a
handful
of
volume
mounts
and
it's
mapping
into
our
service
account
we've
that
we
created
above
okay.
So
that's
probably
why
we
had
the
role
in
the
cholesterol
above
as
well,
and
then
what
program
are
we
running
inside
of
this
thing?
I,
don't
see
command.
A
Do
dude
I
do
not
okay,
well,
we're
gonna
run
the
way
of
NPC
container,
as
is
then
okay
cool,
so
we
can
now
oh
looks
like
Justin.
It
has
a
comment
and
so
does
Sean
when
you
read
those
really
quick
before
I.
Do
my
next
move
here,
Sean
says
cool
I,
normally
just
to
find
multiple
yeah
moles
in
the
same
file
separating
them
with
and
Justin
says.
If
you
BEC
don't
get
pods,
oh
yeah
mole
or
whatever
resources,
it
will
give
you
a
list
as
well,
which
is
very
true,
you'll
get
a
list.
A
If
you
do
anything,
oh
yeah
mole
on
a
group
or
a
list
of
things,
Rory
McCune
says
as
a
security
type
shame
it
runs
as
privileged.
Yes,
Rory
could
call
for
pointing
that
out
unsure
why
it
needs
to
run
his
privilege,
but
I
have
a
feeling.
This
is
what
sin
was
asking
about
earlier.
Let's
see
what's
in
says,
it's
the
container
needs
to
be
run
as
privileged
container.
If
we
just
using
that
admin
capabilities,
is
the
security
context
for
the
pod
would
be
sufficient.
A
Sin
is
a
great
question
and
for
right
now
it
is
defined
as
privileged,
although
I
am
wondering
if
we,
if
we
broke
weave
apart
and
compartmentalize
it
if
we
could
bypass
the
need
to
run
privileges
well,
I
can
look
into
that
and
talk
to
our
friends
at
weed
and
see
what
they
have
to
say
about
that
I'm.
Imagining
running
as
privileges
is
going
to
be
concerned
for
most
folks,
so
good
column,
pointing
that
out.
Thank
you
sin
and
thank
you
Rory.
A
So
let's
go
and
let's
see
what's
going
on
in
our
cluster
now,
so
we
can
do
a
Kadem,
okay
cool.
So
now
you
can
see
that
this
is
still
pending,
but
we
at
least
have
our
weave
net
demon
set,
and
then
you
can
see
the
the
weave
pods
are
coming
up
and
starting
to
do
their
magic
on
the
underlying
node
and
I
bet.
If
we
list
this,
we
do
have
our
c9
in
D
directory,
which
means
Sina
is
installed
and
I
bet.
A
If
we
do
our
journal
cuddle
a
few
cubelets,
we
can
actually
see
yes,
that
the
cni
is
up
and
running.
So
that
seems
to
work
as
expected.
Let's
see
what
I
want
to
do
now.
Let's
talk
about.
Let's
talk
about
how
we've
manages
itself
on
nodes
for
a
bit
I
think
that's
a
good
starting
point.
So
we've
uses
a
protocol
called
gossip.
So,
let's
see
if
we
can
find
some
documentation
on
this
for
folks
at
home,
we've.
B
A
Gossip
DNS,
which
is
how
they
sort
of
find
peers.
So
if
we
look
at
other
C&I
that
we
looked
at
in
the
past,
the
first
one
we
looked
at
was
helium
and
if
you
remember
the
first
few
minutes
of
the
see
Liam
episode,
we
talked
about
how
important
was
to
get
a
TV,
either
a
configured
properly
or
be
set
up
and
running
external
to
the
already
existing
NCD,
because
the
C&I
implementation
actually
had
a
data
stored
proper
that
it
would
store
things
in.
A
We
saw
the
same
pattern
with
calico,
where
you
could
optionally
install
your
own
at
CD
or
use
a
different
ad
CD
as
well,
and
remember.
We
learned
from
flannel
that
it
used
the
existing
communities
data
store
whenever
possible,
which
was
a
sort
of
elegant
solution.
In
this
case,
we've
does
not
need
a
data
store
at
all.
Instead
of
needing
a
data
store
boat,
we've
does.
A
A
So
if
we
had
three
nodes
in
a
network
and
we'll
draw
this
other
one
down
here
and
we'll
say,
this
is
node
1.
This
is
no.2
and
this
is
node
3
and
we
installed
the
we've
daemon
set
in
all
of
these
nodes
were
running
in
kubernetes.
What's
interesting
is
that
there'd
be
a
piece
of
software
and
each
one
of
these
nodes
that's
running
as
a
pod.
A
That
would
do
gossip
to
find
the
other
ones
and
start
to
share
information
about
what's
going
on
there
and
we're
gonna,
look
at
actually
listing
the
peer
list
that
we
we've
discovers
here
in
a
little
bit,
and
what
I
wanted
to
point
out
is
if,
for
some
reason,
we
lost
connectivity,
and
this
part
of
our
network
was
isolated,
meaning
that
this
node
was
taken
offline.
Maybe
a
network
cable
was
cut.
Something
was
going
on.
This
node
would
actually
still
be
able
to
function
now.
A
This
is
exciting
behavior,
because
everything
within
the
concept
of
node
3,
if
it
was
still
online.
Let's
say
that
there
was
another
network,
and
this
could
still
reach
out
to
the
owner,
draw
our
internet
bubble
here.
If
all
of
these
could
still
reach
out
to
the
internet,
then
our
cluster
for
the
first
few
moments
would
effectively
be
fine,
regardless
of
this
compartmentalization.
A
Here,
what's
cool,
though,
is
if
all
of
a
sudden
we
poked
a
hole
in
this
network
partition
for
lack
of
a
better
term
or
like,
let's
say
we
re,
terminated
the
cable
and
plugged
it
back
in
this
pod
on
this
node
would
ultimately
catch
back
up
and
re
sync
with
the
rest
of
the
cluster
exciting,
because
it
gives
us
a
little
bit
of
resiliency
they're,
also
scary,
if
for
some
reason
this
goes
out
of
out
of
whack
and
these
to
move
ahead,
and
then
this
one
doesn't
know
what's
going
on
and
then
there's
some
sort
of
Delta
between
the
two
and
causing
unknown
problems
in
your
cluster
downstream.
A
So
there's
pros
and
cons
to
each
if
you're
running
in
a
data
center.
Information
like
this
is
going
to
be
really
valuable
because
you're
gonna
want
to
know
what's
going
to
happen
to
one
of
these
machines.
If
somes
unknown,
Network
catastrophe
happens
along
the
way
and
depending
on
what
you
and
your
team
won,
this
may
or
may
not
be
desired
behavior,
but
just
wanted
to
point
that
out
as
well
and
we've
is
totally
doing
all
of
this
at
run
time
and
sneaky
with
itself
at
run
time.
A
So
we
can
look
at
that
by
SSH
into
our
node,
which
we
have
done
here,
and
we
can
pull
this
really
cool
leave
command
actually
before
we
do
that,
I
want
to
just
demonstrate
that
CNI
is
working
and
we
can
talk
about
the
peer
lists
that
I
just
described
a
little
bit.
And
then
let's
talk
about
the
overlay,
Network
and
Network
encapsulation
as
well
with
we've.
Ok,
so.
B
A
A
Ok,
so
that's
up
and
running
we'll
do
our
kdump
and
we
should
be
able
to
see
that
our
engine
xpod
running
in
the
default
namespace
up
it's
creating
right
now,
let's
run
it
again.
Orange
next
pod
running
in
the
default
namespace
is
up
and
running
so
CNI
appears
to
be
working
good
for
all
intensive
purposes.
A
Justin
looks
like
Justin
had
a
question
in
chat:
does
net
admin
allow
for
mutating
the
IP
tables
of
the
host
machine
calorie
Calico
requests
a
similar
set
of
capabilities?
That's
a
really
great
question:
Justin!
Oh
sorry,
switch
back
to
your
desktop
thanks
folks
at
home.
Obviously
this
ginger
beer
is
getting
to
me.
So
let's
do
this.
Let's
go
back
to
my
screen
in
my
face
and
all
I
did
here
is
run
cue.
A
Bechdel
run
engine
ax
image,
engine
X,
which
is
here
and
then
after
that
I
listed
container,
was
creating
and
then
I
listed
again
and
our
containers
up
and
running
so
we
should
be.
We
should
be
back
to
speed
here,
thanks
for
letting
me
know
Friday
at
2
o'clock
in
the
afternoon,
like
it's
been,
it's
been
a
long
week.
A
A
So
it's
a
very
long,
very
beautiful
bash
script,
which
I
do
love
that,
oh
my
gosh,
this
goes
quite
a
ways
up.
That
does
a
lot
of
magic
behind
them.
Oh,
my
god,
this
thing
is
huge.
I'd
actually
overflowed
my
buffer.
Let's
look
in
get
how
about
this
bash
script,
so
github.com
slash.
We
were
at
slash,
weave
and
then
down
here
in
the
repo
we
have
this
weave
file,
which
this
is
what
we
just
curled
down.
It
made
executable.
How
many
lines
is
this?
A
Oh,
my
goodness,
I
love
when
batch
files
are
longer
than
a
thousand
lines.
Okay,
so
I
don't
think
we're
gonna
have
time
to
go
through
this
whole
file
in
detail
today,
but
I
just
wanted
to
show
folks
that
the
tool
we're
gonna
be
running
the
source
code
is
here
and
you
can
actually
go
in
and
see
that
this
is
actually
a
proper
communal,
eying
tool
with
different
various
sub
commands
and
different
flags,
and
it
looks
like
there's
a
big
switch
here
at
the
beginning.
A
A
Yes,
so
we
actually
do
a
lot
of
curling
on
various
endpoints
here
locally
and
we're
gonna
kind
of
look
at
what
that
looks
like
on
the
node
in
a
second
and
this
HTTP
call
bash
function
defined
here
so
to
get
back
into
our
node,
where
we've
is
now
executable,
we
can
just
run
weave
and
it's
gonna
pull
this
container
and
it
sort
of
spits
out
this
help
command
and
this
this
batch
file
that
we
were
just
looking
at
here
so
scrolling
on
up.
We
have
we've
launched.
B
A
We
have
weave
and
connect
attach
expose,
looks
like
there's
a
lot
of
cool,
exciting
stuff.
You
can
do
here.
That
would
be
useful
for
you
and
your
engineering
team
to
come
and
debug
CNI,
which
I
guess
speaking
of
engineering
team.
That
was
one
of
the
first
things
that
Brian
had
mentioned.
Hey
Duffy
good,
to
see
you
that
Brian
had
mentioned
when
I
spoke
with
him
was
this
tool
is
very
much
defined
like
was
built
with
the
engineering
behind.
A
So
this
whole
CNI
implementation
here
is
sort
of
like
a
for
engineers
by
engineers,
CNI
tool
that
you
are
welcome
to
use,
if
you
so
choose
to,
and
it's
designed
to
be
ran
anywhere,
so
doesn't
really
matter
if
it's
an
Amazon
or
Azure
in
your
local
data
center
and
it's
supposed
to
be
sort
of
handy
and
give
you
a
lot
of
tooling,
which
we're
kind
of
looking
at
here
to
make
it
easy
to
debug
your
systems
and
understand
what's
going
on
in
your
systems.
So
this
is
a
very
engineering
citric
tool.
A
It
looks
like
other
folks
are
saying:
hey,
Duffy,
George,
says
and
I'm
out
for
the
weekend
thanks
everyone
George
we'll
see
you
next
week.
Thank
you
for
all
your
help
that
you
always
do,
and
the
first
thing
that
I
want
to
look
up
is
we've
status.
I.
Think
right
is
that
in
here,
I
don't
see
Yeah
right
here,
we've
status,
so
let's
do
a
quick
we've
status
and
we
can
see
what's
going
on
and
how
this
actually
worked
is
we
listens.
There's
a
server
run
running
locally
on
our
node
here.
A
Let's
see
if
I
can
find
this
thing,
so
I
think
I
can
do
nuts
at
copán,
and
you
can
see
here
we
have
something
listening
on
port
67
84.
It
looks
like
so.
Let's
see
what
happens
if
I
hit
that
port
curl
loopback
on
67
I
think
this
is
very
important.
C
404
page
not
found
okay,
so
there
is
a
server
there's
something
listening
there,
which
is
exciting,
because
now
we
can
understand
how
this
this
command-line
tool
that's
running
in
a
container.
A
That's
really
a
bash
script
is
actually
interacting
with
the
rest
of
the
weave
system.
So
that's
sort
of
how
the
rest
of
our
tools
can
come
in
and
interact
with
the
system.
I
am
curious.
If
this
server
is
running
with
off
in
encryption,
it
doesn't
look
like
it's
using
TLS,
which
I
guess
it
doesn't
necessarily
need
to,
but
I'm
wondering
if
it's,
if
it
authenticates
in
any
way.
A
The
last
thing
we
would
want
is
we
will
not
want
a
row
Gnaeus
pods
on
the
same
node,
to
be
able
to
curl
local
host
on
the
node
and
actually
interact
with
the
server
and
possibly
make
any
mutations
to
the
underlying
C&I
implementation.
So
that's
a
follow-up
question
for
me
as
well,
which
is
how
is
this
API
server
being
authenticated?
If
at
all?
A
If
at
all
and
again,
we
can
look
into
that
and
you
know
get
back
in
the
YouTube
chat
comments
later,
okay,
so
the
next
thing
I
wanted
to
do
and
I
actually
have
a
doc
on
this
I
might
pull
this
up
really
quick.
Give
me
a
second
I
know:
I'm
off
screen
just
bear
with
me:
does
anybody
have
any
good
jokes?
Why
I
pull
what
my
new
is
here?
B
A
A
So
one
of
the
things
that
we've
does
is
it
dynamically
allocates
IP
addresses
based
on
the
nodes
in
the
system
and
that
can
change
another
CNI
implementations,
you'll
notice
that
a
lot
of
the
IP
management
is
static
and
then,
as
you
create
more
nodes,
you
run
into
this
problem
of
how
much
address
space
can
you
have
each
node
and
then
after
you,
statically
assign
some
address
space
to
a
node.
It
makes
it
harder
to
divide
that
space
for
other
nodes
as
they
come
and
go
so.
A
We've
dynamically
does
all
this
for
us
so
that
we
can
arbitrarily
add
and
drop
nodes
without
really
worrying
too
too
terribly
much
about
how
our
IP
address
space
is
being
allocated.
Furthermore,
it's
important
to
understand
that
this
IP
address
scheme
is
for
our
overlay
network.
So
if
you
look
here
on
the
node-
and
this
is
where
we're
going
to
kind
of
talk
a
little
bit
about
overlay
networks-
which
we
see
in
other
tools
like
C
and
I
and
C
Liam-
and
why
they're
relevant
to
kubernetes
and
how
the
encapsulation
is
done.
A
So
if
we
actually
do
an
if
config
on
the
node,
you
will
see
that
this
IP
address
is
10
0,
dot,
101
25.
So
this
is
the
node
network
up
here
we
have
this
1032
block
and
it's
a
slash
12.
So
it's
enormous-
and
this
is
actually
what
the
overlay
network
is,
that
we've
is
going
to
be
using
for
our
various
pods.
A
So
all
of
the
pods
are
going
to
be
assigned
an
IP
address
in
this
network
and
then
those
IP
packets
are
going
to
be
sort
of
buried
or
encapsulated
inside
of
broader
IP
packets
that
are
being
transmitted
around
on
this
network
here.
So
if
you
follow
me
on
Twitter,
you
noticed
one
of
the
comments
that
came
out
of
my
discussion
with
Brian
was
Brian
was
giving
us
a
quick
understanding
of
network
encapsulation
and
said
something
super
funny
which
was
actually
I'm.
A
Gonna
read
this
because
I
don't
even
really
remember
exactly
what
he
said,
but
it
was
no
not
wonder
lest
I
want
to
go
to
Twitter.
A
Might
not
be
able
to
find
it
all
the
time
my
head
anyway
was
basically
Network.
Encapsulation
is
a
way
for
network
engineers
to
bypass
or
for
engineers
to
bypass
talking
to
the
network,
folks,
which
I
thought
was
very
funny,
because
it's
we're
creating
our
own
Network
and
using
the
broader
network
to
sort
of
hide
our
network
inside
up.
Ok.
So
let's
go
back
to
my
terminal
here
enough
about
overlaid
networks.
A
Let's
look
at
the
peerless
that
we
have
is
creating
for
us
and
then
let's
create
a
node
in
kubernetes
and
see
what
we've
does
behind
the
scenes.
So
we
can
do
we've
status
peers-
and
this
is
exciting
because
we're
actually
seeing
quite
a
bit
of
information
here.
The
first
thing
that
we're
seeing
is
what
looks
like
a
MAC
address,
and
this
is
actually
the
MAC
address
for
the
for
the
bridge
that
we're
creating
on
the
node
system.
A
Then
inside
we
have
the
host
name
of
the
system,
which,
if
you
look
this,
it
will
match
this,
but
we're
running
in
a
weird
ec2
region,
so
they're,
not
a
one-to-one
map
and
then
below.
We
have
sort
of
this
like
a
textual
representation
of
how
we're
managing
your
network
down
here,
which
basically
says
that
we're
just
forwarding
traffic
over
to
this
other
address
as
needed.
A
Let's
see
what
folks
are
saying
soon,
all
the
excellent
based
systems
means
this
kind
of
huge
into
you
like
flannel,
that's
bigger
than
flannel
by
a
bit,
though
yeah,
ok.
So
what
they're
talking
about
is
the
MTU
size
and
the
X
LAN
and
I
guess
to
give
a
little
bit
of
explanation
about
what
sin
and
Duffy
are
talking
about.
Is
the
network
encapsulation
that
we
just
talked
about
uses
a
protocol
called
VX,
LAN
and
VX?
A
Lan
is
actually
the
the
standard
and
how
you
would
sort
of
I
used
the
word
buried,
but,
let's
just
say,
like
sneak
or
hide
or
encapsulate
network
packets
inside
of
other
network
packets
to
be
traversed
across
a
broader
network
and
then
decoded
on
the
other
end
later
by
default,
we've
used
as
vehicle
so
does
a
handful
of
the
other
scene.
I
providers
and
the
MTU
is
a
configurable
metric
that,
as
you
use
more
and
more
VX
land
that
usually
goes
up
and
Duffy
was
just
commenting
on
how
large
that
metric
was
curious.
A
A
Are
you
saying
that
by
a
default,
gossip
is
a
lossy
protocol
and
that
we
will
only
be
able
to
reach
the
majority
of
the
cluster,
which
I
think
would
be
fine,
because
the
the
theory
would
be
another
peer
in
the
gossip
network
would
be
able
to
reach
that
small
portion
that
we
can't
reach
with
the
first
one
I,
don't
know
I
want
to
make
sure
I'm
understanding
that
right,
but
a
curious
metric.
If
you
have
any
more
information
soon,
that
would
be
helpful.
A
Nadir
says
30
I'm
just
going
to
read
people's
like
comments
in
the
chat.
This
is
great
nadir
says:
1376
is
for
a
GRE.
Tunneling
Duffy
says,
makes
more
sense
thanks.
Nadir
thanks
for
pointing
that
out,
nadir
do
not
realize
we
needed
that
forty
regionally,
okay,
yes,
okay,
I'm
going
to
kind
of
jump
back
in
here
and
look
at
the
weak
man
lying
to
a
little
bit
more
and
talk
about
what
what
we
is
going
to
be
doing.
My
we
add
a
node
to
the
cluster
so
to
do
that.
A
B
A
A
A
Shawn
I,
always
love
a
good
douglas
adams's
quote
drop
and
let's
go
ahead
and
let's
save
our
ASG
with
six
and
real
quick
I
also
want
to
do
weave
status,
I,
Pam,
okay,
cool,
so
I
mean
I
got
this
one
in
so
what
this
talking
about
is
how
we've
does
all
of
its
dynamic
IP
management
based
on
the
peers
in
the
network.
In
this
case
the
peers
are
our
nodes.
A
We
was
sort
of
a
round
before
kubernetes,
so
a
lot
of
this
existed
before
kubernetes,
so
it's
not
married
to
a
node
necessarily,
but
in
this
case
that's
what
we're
going
to
be
referring
to
it.
Referring
to
it
as
and
in
this
case,
that's
what
we're
gonna
be
measuring.
Shawn
says
exactly
so.
Yes,
that
was
about
this
out
of
quote
good
job
Shawn.
Okay.
A
I
just
learned
about
called
IP
set
and
I
have
some
commands
here
to
show
some
really
interesting
things
for
weed
behind
the
scenes.
The
first
one
that
I
wanted
to
show
was
this
IP
tables,
save
command,
which
I
wish
I
would
have
known
about
this
on
the
previous
scene.
I
have
a
sense.
This
is
sort
of
a
really
great
user,
friendly
way
of
looking
at
the
IP
tables
list
as
they're
configured.
And
if
you
come
in
here,
you
can
sort
of
see
that
we
have
we've
NPC.
A
We
have
a
cube
firewall
and
we
have
a
lot
of
other
weave
rules
defined
as
well,
and
then
we
can
also
run
this
IP
set.
Is
that
installed
nope?
So,
let's
do
apt,
install
IP
set
and
all
IP
set
the
command
line
tool
does.
Is
it
just
gives
us
visibility
into
this
memory?
That's
already
stored
in
the
system
and
it's
called
IP
sets
and
we've
uses
these
behind
the
scenes
as
well.
A
So
what
we
can
do
is
we
can
do
an
IP
set
list
and
we
can
actually
see
that
we,
this
sort
of
storing
this
main
information
in
hash
tables,
called
IP
set,
which
is
pretty
cool
and
we
can
actually
watch
how
we've
mutates
this
by
scaling
our
index
pod
that
we
did
earlier.
So
let's
do
teh
edit
deploy
engine
X,
oh
dang,
I
said
I
was
gonna,
not
gonna,
open
up
Emacs
this
time,
but
anyway,
I
opened
up
UMAX.
So
let's
change
our
replica
to
100.
A
This
was
gonna,
be
really
good,
and
so
now
we
can
run
this
and
we
can
grep.
Let's
do
you've
got
cap
a
will
do
ten.
Why
not
access
to
you?
Let's
do
eight
and
wrote
a
vinaigrette
for
nginx
looky
here.
This
is
exciting,
so
now
actually
I,
don't
even
think
I
needed
to
do
the
cafe.
Let's
get
rid
of
that.
A
This
is
rad
okay.
So
this
is
actually
mapping
the
overlay
IP
address
to
a
pod
in
kubernetes,
which
is
really
cool.
To
actually
see
this.
These
two
metrics
side-by-side
like
this
I,
feel
like
you,
don't
really
get
this
with
some
of
the
other
c9
providers
and
you're
actually
able
to
see
the
dynamically
managed
IP
addressing
as
well
as
the
actual,
like
DHCP,
feel
of
how
we've
is
managing
IP
addresses
for
us.
A
So
we
can
see
all
these
positives
created,
we're
seeing
they're
all
in
various
sub
and
as
we
get
more
nodes
online,
we're
actually
gonna
watch
and
be
able
to
see
how
we've
status.
I
Pam
look
at
this
now
now
we
can
actually
go
in
and
see
how
weave
is
doing
the
division
of
IP
address
space
across
our
nodes
and
for
each
of
our
pods,
which
is
really
cool,
and
we
can
also
see
we've
status.
A
What
was
the
other
one
trying
to
remember
peers
we've
status,
peers,
that's
the
one
I
wanted,
and
now
we
can
see
all
these
interesting
rules
of
how
the
different
nodes
are
doing.
A
This
auto
discovery
using
gossip
and
actually
finding
themselves
in
creating
rules
to
talk
to
each
other
and
routing
behind
the
scenes
so
interesting
to
see
how
we
was
working
and
interesting
to
see
that
we're
able
to
auto
scale
our
cluster
and
we
have
a
sort
of
doing
the
math
and
the
magic
behind
the
scenes
to
give
us
handy
overlay,
IP
addresses
for
our
pods
as
we
are
creating
them.
So,
let's
scale
our
nginx
deployment
back
down.
B
A
To
one
and
we
can
go
back
and
run
our
command
again
and
we
should
be
able
to
actually
to
actually
watch
the
IP
sets
shrink
as
well,
because
we're
freeing
up
some
of
those
IP
addresses
and
therefore
freeing
up
valuable
Network
space
on
our
overlay
Network
all
without
having
to
touch
the
external
network,
all
being
encapsulated
with
VX
LAN
and
encrypted
with
I
feel
like.
We
should
do
like
a
dremel
like
how
is
we've
encrypting
Network
packets,
with
their
VX
LAN
implementation.
I,
have
a
link.
B
A
Xfr
em,
which
is
a
kernel
level,
feature
that
allows
for
encryption
and
an
implementation
into
IPSec,
which
is
pretty
cool,
so
we're
getting
some
encryption
there
as
well
for
our
encapsulated
network
packets
as
they
traverse
the
host
network.
This
is
a
really
excellent
write-up.
It's
in
the
weave
documentation.
If
you
want
to
come
and
learn
more
about
X
frm
and
how
we
was
doing
the
encryption
and
actually
some
examples
of
some
really
cool
IP
table
as
you
command.
A
You
can
run
for
actually
checking
this
stuff
out
in
poking
around
behind
the
scenes
and,
furthermore,
I
would
not
be
a
good
open-source
citizen.
If
I
didn't
pull
up
with
a
man
page
at
some
point,
you
can
actually
interact
with
the
X
frm
kernel
module
using
this
command.
If
it's
installed
on
your
system-
and
you
can
actually
read
this
little
snippet
here-
which
actually
talks
about
what
this
layer
of
software
does
X
frm
is
an
IP
framework
for
transforming
packets,
such
as
encrypting
their
payloads,
which
is
what
we're
doing
now.
A
A
So
this
is
fancy
network
talk
for
we
are
in
computer
network
packets
using
this
really
cool,
open
source
layer
of
software
and
kernel
module
called
XF
RM.
That,
of
course,
is
present
on
our
host
system
because
we're
using
ubuntu
justin.
Let's
see
what
you
have
to
say
here.
Another
useful
debugging
tool
is
we've
report,
which
will
give
you
a
ton
of
information
about
its
understanding
and
stay
on
the
cluster.
Let's
check
out,
we
have
a
report
for
justin,
so
let's
clear
our
screen
with
ctrl
L
and
run
a
weave
report.
A
Oh
and
it's
Jason,
do
we
have
JQ
any
installed?
Oh,
we
do
that's
handy,
I
love
when
jason
is
color
coded
like
if
you're
going
to
echo
Jason
to
the
terminal,
you
might
as
well
go
color
cody
adjacent
to
the
terminal.
Okay.
So,
let's
scroll
up,
this
is
quite
wordy.
I'm,
assuming
these
are
from
all
of
our
pods
Mac,
nickname
last
seen:
10
134
1052
six.
A
Interesting,
let's
go
up
to
the
top
and
see
what
we
got
here.
Okay,
so
we
we
overflowed
it
over
again.
Let's
see
what
Justin
says.
One
place
that
has
been
extremely
useful
is
when
we
have
nodes
that
disagree
about
who
owns
what
IP
blocks
have
other
network
partitions
between
one
another
Shawn
says
Jake.
He
was
great
okay,
so
this
is
handy
as
well.
I
would
probably,
if
I
was
a
systems
engineer
or
sorry
like
I
was
in
the
olden
days.
I
would
probably
be
pulling
this
information
and
and
backing
it
up
pretty
routinely.
A
Let's
see
what
else
would
the
weave
command
can
do
just
for
for
funsies
here?
So
we
have.
We
did
we've
status.
We
did
we've
report.
Let's
do
weave
PS.
This
is
the
sun's
pretty
cool,
so
we've
opened
before
we
do
weave
PS.
Actually
we
can
do
it
after
we
do
weave
PS
we're
gonna
scale
down
our
cluster
as
well.
So
here
this
is
exciting.
These
are
container
IDs.
These
your
MAC
address
of
our
our
bridge
here,
which
I
think
we
get.
A
What
is
it
IP
bridge
I
think
you
can
just
do
this
IP
tunnel,
maybe
nope?
Okay,
I
was
gonna,
try
to
factually
find
that
MAC
address
for
our
for
our
bridge
here,
but
it
doesn't
really
matter
we're.
Just
gonna
try
to
connect
the
dots
anyway.
We
have
container
IDs
when
we
run
this
we've
command
and
we
can
see
the
the
address
range
that
is
associated
with
them,
and
so,
if
we
actually
do
like
a
docker
PS
on
one
of
these
or
I'm
sorry,
a
docker
ins
doctor
inspect
on
one
of
these.
A
A
Encapsulate
you
network
packets,
with
X
frm,
so
that's
kind
of
like
the
round-robin
connecting
the
dots
for
for
we've.
Bogdan,
says:
Treiber
cuddle.
Let's
try,
ber
cuddle
not
to
be
confused
with
bear
cuddle.
Bear
cuddle.
Is
there
a
bridge
command
bridge
this
bridge
money
I
know?
If
anybody
wants
to
try
or
to
suggest
one
of
these
can
I
do
Burke
huddle?
Is
there
a
show
yeah
burger,
cuttle
show.
A
Let's
scale
down
our
cluster
really
quick.
Sorry
I'm
voting
out
here,
let's
screw
up
scaled
on
a
cluster,
really
quick
and
then
run
a
new
weave
status,
I
Pam
and
see
how
the
dynamic
allocation
is
being
handled
there.
Cuz,
that's
gonna,
you
know,
give
us
a
lot
of
information
on
auto-scaling,
our
kubernetes
cluster.
So
how
we're
gonna
do
that?
Go
back
to
Amazon,
go
to
our
ASG,
we're
gonna
edit,
our
node
here
her
actions,
edit
change,
you
back
to
one
did
I.
Do
this
thing
again?
A
A
A
6:21
change
this
to
one
change
this
to
one
hit
our
hidden
Save
button
over
here
and
we'll
wait
for
the
it's
G
to
do
its
thing,
kubernetes
to
catch
up
and
then
run
our
ipam
list
again
and
check
that
out
and
why
we're
here
we're
about
an
hour
and
fifteen
minutes
in
I
got
another
meeting
coming
up
so
we're
getting
close
to
the
end
of
the
episode.
We'll
do
this
one
last
thing
where
we'll?
A
Oh,
we
got
to
talk
about
Network
policy
still
so,
yes,
we've
does
implement
network
policy
in
the
same
way
that
calico
and
the
C
Liam
does
so
you're
able
to
turn
on
network
isolation
and
the
weave
pods.
Do
that
remember
there
was
a
container
weave
and
we
didn't
PC
will
actually
go
and
implement
your
network
policy
for
you,
I,
don't
think
we're
gonna
have
enough
time
to
go
through
the
demo
today
and
actually
do
the
the
Calico
demo,
but
I
did
run
through
it
earlier
in
the
week
and
it
does
in
fact
work.
A
It's
a
pretty
straightforward
implementation,
so
I
don't
have
been
too
terribly
much
time
dwelling
on
it.
But
if
folks
have
any
questions
about
how,
in
fact
we've
does
implement
Network
policy
I'm
happy
to
take
a
look
at
them,
really
quick,
but
we
are
running
out
of
time.
We've
spent
a
lot
of
time
looking
at
the
weave
manly
until
here
today,
so
we're
waiting
for
a
cluster
to
scale.
A
A
Also,
if
anybody
has
any
ideas
for
how
to
get
the
the
bridge
MAC
address,
I
don't
want
to
start
googling
it
right
now.
It's
been
a
long
week,
but
if
you
have
any
ideas
feel
free
to
drop
them
in
I'm
happy
to
run
it.
Let's
see,
what's
going
on
with
our
cluster
or
our
connection
was
closed.
Okay,
so
yeah!
This
is
the
dreaded
case
of
the
autoscale
group
doing
first-in
first-out
FIFO.
So
let's
get
the
name
of
our
remaining
node
and
SSH
into
that
and
see.
What's
going
on
so
instances.
A
Here's
our
node,
let's
copy
this
and
SSH
into
this
SSH
Ubuntu,
add
limb.
Everybody
say
in
Justin
show
max
not
to
be
confused
with
Emacs.
Let's
try.
This
bird
cuddle
show
max
bridge
bird
cut
hole.
Was
it
less
or
cuddle?
Oh,
my
god.
This
is
crazy,
show
and
then
we
can
do
bird
cuddle
list
max
in
the
name
of
our
bridge
right.
B
A
Cuddle
what
was
Justin's
Jeff's
been
show
max
you
guys
that
I
tried
that
there
we
go
okay.
Finally,
okay,
let's
see
Justin
thanks
for
that.
Bogdan
for
cuddle
show
max
we've
Rory
by
the
way.
If
you
want
to
get
eager
eager
us
network
policies
and
we've,
you
need
2.4.
Otherwise
it
only
supports
ingress
policies.
That's
good
to
know.
I
didn't
realize
there
was
a
discrepancy
between
the
two
Rory.
Thank
you
for
pointing
that
out.
Olaf
says
how
about
we've
scoped
for
network
visualization,
and
then
sin
Hahn
says
not
list
max
show
max.
Okay,
yeah!
A
Let
me
go
back
and
do
our
cake
it.
No,
it's
really
quick.
A
Ok,
so
we're
back
down
to
one
node
and
now
is
our
we've
command-line
tool
on
here.
It's
not
installed,
so,
let's
reinstall
this
thing
again,
so
installing
we've
nut
will
copy.
This
go
back
here,
come
on
plus
X
user,
local
bin
we've,
we've
status,
I
Pam,
it's
gonna,
pull
a
container
and
running
and
let's
just
see
what
our
I
Pam
is
doing.
Now:
okay,
unreachable,
oh
no,
and
so
this
is
remember
earlier.
We
talked
about
like
how
the
the
network
will
sort
of
be
eventually
consistent.
A
So
this
is
a
case
of
it
being
virtually
consistent
here.
Duffy
says:
we've
scope
is
great
in
C,
an
diagnostic
thanks,
stuffy
and
we
can
probably
watch
as
our
ipam
rebuilds
itself
and
as
we
slowly
zero
out
our
cluster
over
time.
So
this
is
an
example
of
scalar
in
your
cluster
with
we've
and
showing
how
the
cluster
uses
gossip
to
do
peer
discovery
and
how
our
cluster
behaves
as
we
try
to
scale
our
cluster
up
and
down.
A
Sean
Smith
says
random
question
you
might
know
about
was
the
skew
con
CFP
notification
they
pushed
out
because
of
the
number
of
CC
FPS.
Yes,
I
think
it
was
I
I.
Think
I
was
watching
you
never
mind.
I'm,
not
gonna,
say
that
I'm
sure
Sean,
but
I
can
find
out
and
get
back
to
you.
I
will
tweet
about
it
afterwards,
I'll
ping,
some
of
my
people
on
the
inside
anything
else,
Wiz
with
weave
or
should
we
say
goodbye,
I
gotta,
run
to
the
next
meeting
in
nine
minutes.
A
So
having
a
small
break
before
my
next
meeting
would
be
helpful
and
as
always,
it's
been
great
to
see
everyone
here
on
TGI
Kate's,
we
might
do
another
episode
of
CNI.
I
might
just
like
do
a
small
write-up
and
bring
that
up
on
the
next
episode.
I
think
next
week
we're
gonna
be
off
so
no
TGI
K.
Next
week
we
have
a
company
off-site
and
actually
here
hold
on
I'm
gonna.
A
I
am
unsure
if
it's
gonna
be
me
or
Joe
or
Duffy
or
who's
gonna
be
running
it
we'll
keep
you
posted
as
we
do
every
week,
and
let
us
know
if
you
want
to
hear
another
C&I
or
if
you're
interested
in
something
else,
I've
got
a
few
ideas
for
some
other
kubernetes
tools.
I've
been
thinking
about
doing
so.
Yeah,
just
just
keep
us
posted.
Let's
see
Sean
says
it's
not
a
huge
deal.
I
just
saw
that
it
was
the
18th
today
I
thought
it
was
earlier.
A
So
I
was
like:
oh
hey
it
changed
Josh
says:
can
you
recommend
some
books
or
resources
for
learning
about
networking
and
tools,
learning
about
networking
in
tools?
I,
don't
have
any
good
ones
off
the
top
of
my
head
I'm
like
the
infrastructure
girl.
So
let
me
talk
to
some
of
my
networking
folks
and
see
if
they
have
any
good
starting
points
as
well.
I
learned
about
the
network
by
mostly
just
messing
around
and
then
I,
don't
tell
anybody
this,
but
I'm.
A
Actually
I
used
to
be
a
CCNA,
so
I
I
did
the
CCNA
like
guidebook
and
that's
how
I
learned
about
everything
from
like
subnets
and
masking
and
routing
and
all
the
different
route
protocols
and
yada
yada
yada
yada
yada.
So
that's
how
I
learned
about
it.
I'll
try
to
find
some
good
books
and
resources
and
we
can
add
into
the
repo
afterwards.
Roy
says
bye.
Thanks
for
all
the
weave
info,
that
was
super
useful
Sean
says
have
a
great
week.
Anyone
Duffy
has
a
suggestion.
Called
network
warrior
it's
an
O'reilly
book
that
sounds
good.
A
Also,
there's
a
cni
book
I
didn't
realize
there
was
a
scene
I
book,
that's
probably
worth
the
reading.
If
you're
going
to
be
doing
a
lot
of
container
networking,
Bogdan
says:
please
do
a
series
on
cloud
storage
solutions
secretly!
That's
what
I
want
to
do
next
is
how,
in
the
same
way,
we
did
see
and
I
doing
the
storage
interface.
Marco
says:
happy.
Friday
have
a
good
weekend,
I'm
out
thanks
for
a
great
episode,
everyone,
it's
been
great
hanging
out.
I
hope
you
all
learned
a
lot
about
weave,
we'll
keep
you
posted
on.
A
What's
coming
next
calzone
agrees
with
cloud
storage.
Josh
says
the
secret
is
reveal
a
bit
safe
with
us
and
thanks
for
the
scene,
iodized,
so
yeah
thanks
everyone
for
coming
out
thanks,
Duffy
and
George.
You
guys
are
super
helpful.
We
couldn't
do
this
without
you
you're
always
here
and
got
my
back
whenever
I'm
doing
this.
So
that's
really
great
and,
more
importantly,
anything
else.
Thanks
for
everybody
who
joins
in
the
chat
and
helps
us
out,
this
really
wouldn't
happen
if
it
wasn't
for
the
live
interaction.
A
So
folks,
in
the
chat
for
who
have
been
participating
today,
thank
you
so
much
actually
helps
really
make
that
soda.
We're
extremely
grateful
for,
for
you
coming
and
being
a
part
of
this
thing
as
well.
Okay,
so
without
further
ado,
I'm
really
gonna
hang
out
this
time,
I'm
really
gonna
in
this
stream.
It's
been
great
hanging
out
with
everyone.
We
will
see
you
all
not
next
week,
but
the
week
after
I
I
feel
like
I
should
do
like
some
sort
of
like
Chris
Nova
like
out
mic
job.