►
From YouTube: Velero Community Meeting - March 1, 2022
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
All
right
welcome
everyone
and
to
the
valero
community
meeting.
Slash
open
discussion
today
is
march
1st,
2022
and
yeah.
I
think
this
will
be
a
pretty
brief
conversation
today,
but
I
thank
you
everyone
for
joining,
so
some
status
updates.
First
of
all,
I
want
to
introduce
orlean
vasilev,
as
the
new
community
manager
welcome,
orlan.
A
Orlan
will
be
taking
over
for
me
from
me
in
about
two
weeks.
He
will
be
hosting
the
community
meetings
at
this
time.
He
will
not
be
hosting
the
community
meetings
at
a
later
time
because
they
are
way
too
late
in
his
time
zone
orlan
is
in
bulgaria
yeah,
so
orlan
will
start
to
take
over
day-to-day
things
and
hopefully
be
a
lot
more
active
in
the
community,
in
the
community
slack
and
on
github
as
well
and
driving
the
community
engagement
forward.
So
thank
you,
orland
for
for
taking
this
on.
A
Yeah
awesome
other
yeah
orlan.
Do
you
want
to
say
a
few
words
about
yourself.
B
Yeah
sure
thing
as
as
you
mentioned,
I'm
located
in
bulgaria,
europe,
so
maybe
for
some
of
you
will
be
in
the
same
time
zone,
maybe
not.
On
personal
note,
I
have
two
kids
and
I've
been
doing
kubernetes
for
last
four
years.
I'm
putting
that
in
the
personal
note,
because
doing
kubernetes
stuff,
somehow
blended
between
my
personal
life
and
professional
life,
because
in
my
free
time
I'm
also
a
cncf
ambassador,
which
means
I
help
to
drive
the
local
communities
around
my
area.
B
So
I
do
communities
not
only
for
for
work
and
money,
but
for
fun
as
well.
What
else
I've
been
a
system
engineer
for
the
last?
I
don't
know
20
years
a
huge
portion
of
that
I
was
also
a
bit
of
a
developer,
so
I'm
from
on
both
sides,
and
now
I
do
the
community
work.
So
I
hope
I
can
help
out
not
only
with
community
work,
cfps
conferences,
documentation,
you
name
it,
but
also
on
the
technical
side,
looking
forward
to
work
with
every
one
of
you.
Thank
you
for
the
opportunity.
C
Just
so,
please
call
me
on
this
if
I've
gotten
this
wrong,
but
I
think
I've
gotten
the
dates
so
one
nine
roadmap
is
finalized,
but
it's
with,
of
course,
the
caveat
that
it
may
be
changed
as
we
need
it,
but
for
now
it's
finalized.
I
believe
this
is
what
I'm
confused
on.
I
think
it
was
just
last
week
that
I
spoke
through
it,
so
it
was
the
evening
meeting.
So
if
you
want
to
hear
kind
of
a
bit
more
of
a
discussion
on
it,
please
go
back
and
look
at
that.
C
Recording
ga
will
be
mid-june.
I
believe
we
have
the
final
kind
of
release,
dates
about
feature,
freeze
and
and
code
freeze
and
such
those
will
be
discussed
by
the
engineering.
My
engineering
counterparts
next
week
at
the
meeting-
and
I
put
a
link
in
if
you
want
to
take
a
look
at
the
roadmap,
so
happy
to
discuss
it
here
or
later,
whatever
folks
want
so
fyi
take
a
look
at
and
you
can
put
in
a
discussion
topic.
If
you
want
to
talk
more
about
it
or
I
can
answer
questions
now,.
A
Thank
you
eleanor
any
questions
comments.
I.
D
Know
you
this
was
targeted
for
june
1.9.
C
Yes,
yeah
mid-june.
Basically,
it's
been
designed
to
have
eight
two-week
sprints
is
how
we're
gonna
probably
be
doing
the
releases
going
forward,
so
that
ends
up
in
mid-june,
the
exact
date.
If
you
ping
zhao
lin,
he
can
probably
tell
you
the
exact
date.
I
just
don't
want
to
release
the
date
without
having
his
confirmation
sure.
C
E
So
I
have
a
I
have
two
issues
that
I
want
to
bring
out
so
currently,
I
have
an
issue
that
I
have
a
service
account
in
namespace
8
and
I
was
I
granted
it
a
privilege
by
assign
running
this
command.
Ocad
adm.
You
know
policy
fcc
to
user,
and
I
add
that
to
the
user,
and
then
I
back
up
and
restart
it
after
every
store
right.
E
The
the
service
account
a
is
restored
in
namespace
b
and,
of
course
it
lost
the
privilege
because
the
the
privilege
you
actually
ranked
in
in
the
link
in
cluster
row
binding
and
it
actually
specified
that
s
a
the
service
account
a
with
the
namespace
a
so
as
a
matter
as
a
consequence
when
the
part
were
started
in
namespace.
E
It's
using
that
security
service
account
a
in
namespace
b
and
it
failed.
So
we
have
a
couple
of
work
around
it
to
to
find
a
way
to
work
around
it.
But
it
looked
like
you
know
when
the
when,
when
some
resources
in
a
namespace
scope
that
linked
to
some
resources
in
the
cluster
scope,
when
we
restore
to
different
name
space,
we
hit
the
problem.
This
might
be
a
generic
problem
for
many
setup
security
setup
that
we
many
many
more
than
one
people
might
have.
F
Yeah,
I
was
gonna,
say,
first
of
all,
just
just
to
clarify
for
everyone
else
here
this
is,
you
know
the
the
sccs
are
open
shift
specific
types
here,
so
this
is
this
exact
problem.
Isn't
something
you'd
have
in
a
generic
coupe
cluster,
although
there
may
be
similar
issues
there?
Also,
I'm
just
wondering
are:
is
this
in
an
adp
environment
or
are
you
using
upstream
valero.
E
Yeah
this
this
one
is
an
openshift
cluster
right.
F
So
the
reason
I
wonder
is
that
this
is
something
that,
because
the
plug-ins
that
we
installed,
the
openshift
valero
plug-in
is
part
of
oadp
should
be
handling.
This
there's
one
plug-in
that
I
believe
on
services,
there's
a
backup
plug-in
on
service
accounts
that
adds
the
appropriate
sccs
as
additional
items
to
get
included
in
the
backup.
F
And
the
second
part
is
we
have
a
restore
plug-in
for
scc
that
should
handle
the
namespace
mapping.
I
was
just
looking
at
the
code
just
now,
it
sounds
like
you
may
have
hit
a
bug
in
one
of
those
plugins,
maybe
suppose
I
would
suggest
putting
in
an
issue
on
oadp,
and
so
we
can
debug
that
I'm
guessing
either
the
sec
is
not
getting
backed
up
as
it
should,
or
something
is
messed
up
with
the
namespace
mapping
on
the
restore.
D
In
that
case,
that
so
scott,
yes,
so
one
question
is
so
this
restore
of
the
cluster
roll
binding
will
happen
if
we
are
during
the
restore
we
are
setting
that
include
cluster
resources
to
null
right.
That
is
right.
This
will
happen.
F
If
yeah
yeah
so
so
yeah
and
that's
that's
another
thing
that
can
be
kind
of
confusing,
so
the
include
cluster
script
resources,
it's
it's
a
boolean
pointer,
so
you
have
three
options.
If
you
set
it
to
true,
then
everything
in
the
cluster
gets
included.
If
it's
set
up
to
false,
then
nothing
cluster
scopes
will
ever
be
included
even
related
stuff.
So
it's
when
it's
set
to
null
is
where
these
you
know
related
items
can
get
pulled
in
and
there
are.
F
There
are
a
select
few
resources
that
bolero
itself
pulls
in
for
you,
for
example,
if
you
have
that
to
set
to
null,
then
a
pv
will
get
pulled
down
to
the
backup.
F
If
the
pvc
that
you
know
that
binds
to
it
is
backed
up
same
with
crds,
but
for
other
resources
like
sccs
and
anything
else
by
default,
valero
doesn't
have
any
way
of
knowing
that
kind
of
relationship,
so
you
need
to
plug
in
a
backup
plug-in
basically
to
do
that,
and
so
what
we
have
as
a
backup
for
adp
is
a
backup
plug-in
for
service
accounts.
That
says:
hey
are
there.
F
You
know
looks
up
in
the
secs
that
relate
to
those
service
accounts
and,
if
include
cluster
script,
resources
is
null
then
it
adds
those
as
related
items
which
so,
if
I
forget
the
name
of
the
the
things
for,
I
guess
associated
items,
those
will
be
included
in
the
backup.
So,
in
your
case,
I
would
check
to
see
if
the
backup
includes
the
scc.
F
That
would
be
the
first
thing
to
check
okay
and
if
it
is
included
and
if
it
is
being
restored,
the
next
thing
to
check
is
to
actually
look
at
the
scc
content
to
see
if
that
namespace
is
updated,
and
if
you
look
at
the
plugin
we
should
be.
You
know
doing
that,
but
there
may
be
some
error
in
the
logic
or
there
may
be
some
education
we're
missing.
So
I
would
say,
if
that's
the
case
put
in
an
oadp
issue
and
more
generally,
you
know
with
cluster
scope
resources
like
this.
F
This
is,
I
guess,
outside
of
the
openshift
context,
if
you
have
some
other
cluster
scope
resource
that
you
have,
you
know
that
are
associated
with
your
resources
and
your
name
space
with
this.
You
know
if
it's
not
a
pve
or
a
crd,
then
valero
core
is
not
going
to
know
that
they're
related,
and
so
you
know,
you're
going
to
have
to
write
a
plug-in
to
make
that
relationship
clear
so
that
the
backup
will
include
those.
D
F
F
Covered
by
that
with
the
existing.
F
F
E
Double
check
double
check
the
the
the
vsphere
plugin
because
we
do
is
using
it.
We
do
use
it
in
our
in
our
case
and
we
will
double
check
it
and
and
file,
but
with
oadp.
If
that
is
the
case,.
F
D
Okay,
so
I
had
one
related
question
so
so
this
can
happen
with
valero
right.
You
can
have
a
service
account
in
a
name
space
that
is
using
a
cluster
rule
binding
that
is
being
pointed
to
the
cluster
or
binding
using
that
service
account.
So
this
should
happen
there
too
right
yeah.
F
That's
a
good
question,
I'm
actually
not
sure
in
the
in
terms
of
with
cluster
rule
bindings
how
those
get
handled
right
now,
they're
made.
That
may
be
another
case,
that's
built
in
like
with
pvs
and
crds,
but
I
haven't
looked
at
that
myself
recently,
so
I
don't
remember
what
the
case.
D
F
D
F
Okay,
that
makes
sense-
sorry,
I
just
forgot
about
that
one,
but
so
if
the
cholesterol
bindings
are
already
handled
there,
basically
you
know
for
for
for
these
native
kubernetes
resources
that
are
cluster
scoped,
that
have
you
know
obvious
connections
to
namespace
resources
that
you
know
that
would
be
true
in
any
kubernetes
cluster.
That's
something
that
valero
should.
F
About
and
including,
possibly
through
and
possibly
through
an
internal
backup
item
action,
that's
part
of
core
valero
sccs,
of
course,
are
not
included
because
that's
the
that's
a
open
shift.
You
know
extension,
and
so
that's
something
that
we
would
have
that
we
have
in
our
own
plug-in
for
odp,
because
that's
not
something
that.
D
So
does
the
scc
actually
get
edited,
I
mean
so
valero
doesn't
change
anything
right.
So
if
the
restore
happened
to
a
different
name
space,
then
yeah.
F
I
I'm
realizing
something
else
could
be
going
on
too
that
if
the
sc
see
we
have
this
namespace
mapping
so
that
if
so,
when
you
restore
the
scc,
if
you're
restoring
it
to
a
different
name
space.
F
So
in
a
new,
in
other
words,
if
you,
if
you
backed
up
something
so
from
namespace
a
and
then
you
deleted
everything
in
the
cluster
and
then
you
were
starting
space
b.
What
you
may
be
hitting
is
the
issue
with
valero
that
were
that
we
have
a
current
design.
You
know
that
we're
trying
to
update,
which
is
that,
if
the
resource
you're
restoring
already
exists
in
the
cluster,
then
valero
restore
won't
modify
it.
F
You
may
not
be
getting
the
update,
because,
even
though
we
have
a
plug-in
that
should
modify
that
scc
cluster
scoped
resource
on
restore
if
the
resource
is
already
in
the
cluster
valero
is
not
going
to
touch
it.
You're
going
to
get
a
log
message,
a
warning
saying:
you
know
this
resource
exists
already
in
the
cluster
and
it's
different
from
the
backed
up
version
so
before
you
go
anywhere
in
terms
of
so
so.
F
F
Yeah
and
if
that's
the
case,
the
the
the
feature
that
we
were
talking
about
last
week,
the
the
policy
existing
resource
policy
is
something
that
would
be
relevant
here,
because
that
would
allow
you
to
update
the
policy
to
basically
patch
the
sec,
so
that
that's
something
that
but
but
in
terms
of
current
valero,
you
know
one
eight
or
one
seven.
If
the
resource,
even
a
cluster
scoped
one
already
exists
in
the
cluster,
then
the
update
will
not
overwrite
that
the
restore
will
not
overwrite
that.
F
Right
right,
whereas
if,
whereas,
if
you,
if
you
had
attempted
to
restore
this,
you
know
name
space
to
namespace
being
a
different
cluster,
this
might.
F
For
you,
but
that's
another
thing:
to
check
there
because
again.
D
But
even
in
that
case
the
scc
always
exists.
Right
then
always
exists,
so.
F
It
may
yeah
I'm
not
sure
that
that's
a
good
yeah
exactly
if
there
exists
an
sec
with
that
name
already
in
that
cluster,
then
you're
still
gonna
have
the
same
issue.
I
I
know.
E
Another
related
issue
that
I
think
when
you
mentioned
earlier
about
you
know
when
we
go
into
the
generic
kubernetes
setup,
that
the
backup
of
some
namespace
would
using
some
resort
in
the
cluster
scope
that
in
the
cluster
and
then
being
restored.
I
do
I
do
find
above
earlier
for
valero
about
related
to
the
priority.
E
So
when
a
part
using
a
priority,
the
priority
is,
is
defined
in
the
first
scope
and
then,
when
we
backing
up
that
namespace
and
then
we
store
it
in
a
totally
different
cluster
which
doesn't
have
that
priority
in
the
names
in
the
cluster
at
all,
and
that
is
in
that
case
it
will
fail,
because
the
backup
that
we
have
doesn't
include
doesn't
back
up
the
priority,
which
is
the
cluster
scope.
E
So
I
think
in
in
that
case
I
think
I
only
we
already
talked
about
like
about
that
case
back
in
maybe
one
years
ago,
and
I
think
we
dropped
the
ball
we
haven't
followed
through
that.
I
think
we
we
want
to
implement
an
enhancement
into
for
our
valero
plug-in
to
pick
up
that
cluster
scope
resource
as
well.
When
we
back
up
okay,
name,
space.
F
G
E
F
Yeah
yeah,
so
so
that
sounds
like
something
I
mean
and
again
maybe
I'm
curious
if
anyone
else
has
a
different
opinion
that
if
we
want
to,
if
we
have
a
backup
out
of
action
to
include
that,
that
sounds
like
something
that
may
belong
in
core
valero,
because
again
that's
something
that
anyone,
anyone
that
has
a
pod
that
uses
that
priority
class
that
would
need
to
be
included.
You
know
kind
of
like
with
cluster
real
bindings
and
such.
E
F
There
was
it:
was
there,
a
valero
issue
created
for
this
origin
originally
or.
D
E
To
the
general
theme
of
the
of
the
issue
that
I
I
just
point
out
here,
yeah.
F
That's
all
a
very
resource-specific
way,
so
you
know
we
basically
have
to
say:
okay,
we
know
that
pods
have
this
kind
of
relationship
with
you
know
priority
class
and
because
we
know
that
we
have
to
write
code
specific
to
that
to
say:
okay,
here's
a
pod,
backup,
item
action
that
looks
for
priority
classes
and
then
the
question
is:
if
both
resources
in
question
or
kubernetes
level,
core
resources
that
will
always
be
available.
That's
the
kind
of
thing
that
probably
makes
sense
in
core
valero,
but
written
as
implemented
as
a
backup
item
action.
F
If
it's
something
like
the
sccs,
where
it's
specific
to
openshift,
then
obviously
that's
something.
That's
an
external
plugin,
just
like
if
you
had
something
specific
to
other.
You
know
cloud,
implementations
or
whatever
those
would
be
external
plugins.
But
again
we
someone
has
to
write
those
on
the
case-by-case
basis,
because
there's
no
generic
kubernetes
level
construct
that
says
hey
what
are
all
the
cluster-scoped
things
that
relate
to
this
thing.
You
know
that
that
doesn't
exist,
so
we
have
to
be.
F
F
E
Okay,
another
issue
that
I
want
to
bring
out.
I
think
I'd
rather
talk
about
it
next
week
when
we
have
daniel
jan
here,
is
it
the
valero
plug-in
timeout
we
need
to?
We
already
have
the
valero
plug-in
versioning
related
to
this,
and
and
we
having
a
design
starting
on
that
one
and
it's
being
and
it's
kind
of
lag
behind
right
now,
so
I
think
I
would.
I
would
rather
talk
it
about
when
daniel
jan
is
here
he's
not
here
today,
so
yeah
yeah.
F
And
again,
I
think
I
think
the
first
thing
that
goes
to
that
is
the
plug-in
versioning
itself,
because
it
basically
yeah
we
need
the
plug-in
versioning
design
itself
approved
and
you
know
and
kind
of
on
the
roadmap
to
get
implemented.
And
then
once
we
have
the
ability
to
version
plug-ins,
then
the
timeout
is
going
to
be
the
thing
that
goes
into
the
v2
version
of
that.
Just
like
that,
other
one
that
I
had
for
the
related
items
again.
E
Let's
talk
about,
we
can
continue
to
talk
about
that
versioning
in
on
on
slack,
and
then
we
will
wait
for
daniel
jan
next
week
to
discuss
about
that
right,
yeah.
Okay,
in
that
case,
I
I
will
return
the
floor
to
eleanor
perform.
There
was
one
more
issue.
D
The
customer
pointed
out
the
roll
roll,
binding
and
the
priorities,
so
that
looked
like
a
valero
issue
to
me:
isn't
it
do
you
want
to
discuss
that
now
or
so?
So
the
I
guess
correct
me
if
I'm
wrong,
the
issue
is
that
if
you
have
a
service
account,
that
is,
you
are
being
referred
to
in
a
role
role
binding,
like
broadcaster
rule,
but
during
restore
the
parts
are
restored
before
the
roll
and
roll
bindings
which
caused
the
parts
to
go
into
crash.
E
Two,
oh
yeah,
yeah
yeah.
I
remember
that
now
so
so
in
the
recover
in
the
recovery
process,
we
using
the
recover
default
recovery
priority
in
which
we
specify
what
class
to
what
what
type
of
resort
to
recover
first-
and
we
have
a
specific
list
of
that.
Unfortunately,
the
role
and
row
binding
is
not
including
that
default
list.
E
So
we
wonder
whether
it's
actually
a
bug
or
we
have
to
specify
the
restore
priority
option
in
when
we
do
restore
to
have
that
enable
to
to
have
to
recover
the
role
and
roboting
before
we
restore
the
the
part.
That
is
our
question.
F
Yeah,
I
I
mean,
I
think,
either
way
you
know
obviously
test
that
work
workaround,
because,
first
of
all,
if
that
works
for
you,
then
you
have
a
workaround
that
works
now,
even
even
even
while
we
have
the
discussion
as
to
whether
we
should
make
it
the
default.
It
would
be
good
to
know
whether
making
that
change
just
works,
because
I
think
if,
if
setting
that
priority
and
the
option
works,
then
we
can
have
the
discussion
of
you
know.
Should
this
be
the
default?
Is
there
any
reason
why
we
shouldn't?
F
You
know
restore
these
before
the
pods?
I
mean
it
sounds
like
that.
If
that
works,
that
may
be
the
answer
that
we
probably
should
do
that,
but
but
that
would
depend
on
whether
there's
any
other
cases
where
you
know.
I
think
the
reason
for
the
override
the
priority
is
because
sometimes
you
might
have
some
specific
workloads
or
specific.
F
F
Of
course
you
want
these
first
or
are
there
use
cases
where
you
want
the
reverse
and
if
they're,
if
there
are
no
use
cases
where
you
don't
want
them
first,
then
it
probably
makes
sense
to
you
know
to
put
in
a
valero
issue
to
say
you
know
we
want
to
add
these
to
the
priority,
but
I
think,
on
your
end,
just
confirming
that
switching
the
priority
solves
your
problem
is
probably
the
next
thing
to
try,
because
if
you,
you
know,
set
that
option
to
override
it
and
that
works,
then
we
know
all
that
we
might
need
to
do
in
valero.
F
G
D
A
C
Yeah,
just
repeating
I
put
I
put
this
on
valera
dev
this
morning,
but
just
repeating
I
know
that
we
have
in
the
past
had
issues
with
pr
review,
and
so
what
we
are
saying
going
forward.
It's
not
quite
an
sla,
but
I
would
say
similar
to
an
sla
is
basically
from
what
I
understand.
Many
of
the
valero
maintainers
review
prs
on
a
weekly
basis,
if
not
most
of
them,
and
so
basically,
if
anyone
submits
a
pr,
if
you
haven't
heard
anything,
you
should
hear
something
within
five
business
days.
C
Therefore,
if
you
have
not,
that
is
absolutely
the
time,
then,
to
ping
valera,
dev,
saying
hey,
I've
got
a
pr,
and
why
has
you
know,
has
anyone
looked
at
it
and
if
your
pr
is
very
urgent,
feel
free
to
ping
valero
dave
as
well
sooner
no
promises,
but
in
short,
this
is
we
wanted
to
set
like
kind
of
a
time
frame
and
a
sense
of
our
schedule
so
that
you
kind
of
know
our
the
maintainer
schedule.
So
you
have
a
sense
of
like
pr
review
timelines,
we're
aiming
for
so
any
thoughts.
Questions.
C
Cool
and
orlan
has
said
that,
so
I
just
posted
that
in
the
belair
channel
once
and
I'm
kind
of
saying
it
here
and
I'll
say
it
at
the
next
community
meeting,
but
orlan
is
going
to
try
to
kind
of
set
up
an
autobot
whatever
so
that
every
time
someone
opens
a
pr
they'll
have
that
ping.
Now,
of
course,
let
me
be
very
clear.
This
is
not,
of
course,
to
get
the
pr
merged
in
in
five
business
days.
It's
getting
responses
so
making
sure
that
our
conversations
go
faster.
C
Well,
issues:
we
have
an
sla
that
we've
kind
of
just
announced
of
trying
to
reply
within
48
within
two
business
days.
I
don't
know
that's
a
question
to
the
greater
team.
I
would
I
don't
know.
I
don't
have
an
opinion
on
that.
Pr's
are
my
bigger
concern,
because
I
know
that
we
really
want
to
encourage
contributors
and
and
slower
times
do
not
other.
D
So
I
think,
along
with
pr,
is
there
like
a
sla
for
like
security
issues
related
like
whether
they
are,
and
that
would
be
good.
I
know
because
many
are
just
go
lang
related
if
there
is
any
sla
online,
even
if
it
is
present
it
doesn't
affect,
because.
D
Sla
on,
like
when
security
vulnerabilities
pointed
out
sla
on
whether
it
is
affected
not
affected
and
difficult.
Oh.
D
D
C
Yeah
interesting
point:
I
don't
think
jonas,
do
you
know
if
we
already
have
one
like
that?
I
I
don't
think
we
do.
I
don't
know.
I
know
that
we
have
something
I
know
vmware
kind
of
specifies.
Roughly
I
don't
know
if
valero
follows
that
yeah.
C
So
karna
was
wondering
whether
it
was
saying
that
it
might
be
good
to
have
an
sla
on
if
there
are
cves
kind
of
valero
team
announcing
whether
valero
is
affected
by
that
I
don't
believe
we
have
any
existing
kind
of
guidelines
around
valencia.
C
F
Areas
where
you
know-
and
I
understand
you
know
this
kind
of
this-
is
a
vmware
centric
policy.
It
has
to
do
with
that,
but,
like
I
know
when
I
reported
a
cve
that
because
it
was
affecting
us,
you
know
I
didn't
hear
anything
back
for
a
while
and
it
was
like
a
week
later.
I
ended
up
just
pinging
people
on
slack
to
say,
hey,
what's
going
on
with
this
and
then
I
heard
you're
working
on
it,
but
I
mean
the
process
around.
F
That
seemed
to
be
a
little
bit
harder
to
navigate
from
someone
outside
of
vmware.
So
just
that's
just
some
feedback
from
my
experience
with
it,
you
know
a
few
months
ago.
C
That's
good
feedback.
I
have
a
naive
question
because
I'm
not
really
have
not
been
security
at
all.
Is
the
issue
like
on
one
hand
like
would
do
we
have
to
do?
We
probably
follow
something
like
this,
so
that
we
don't
publicly
on,
like
a
public
slack,
identify
a.
F
I
believe
I
believe,
that's
the
intent,
and
I
think
part
of
the
problem
is
that
you
know
these
days.
You
know
that
you
know
cves
are
made
public
early
on
and
there's
so
many
of
these
kind
of
external
tools
to
identify
vulnerabilities.
I
understand
that
process
makes
perfect
sense.
If
there's
you
know,
if
I
find
a
vulnerability,
that's
not
published
that
I
want
to
report
it
to
vmware.
It
makes
sense
not
to
publish
that
you
know.
F
F
This
point
you
know
so
there's
a
point
where
it
seems
to
make
less
practical
sense
to
follow
the
you
know
that
process
and
it
might
make
sense
to
be
to
kind
of
tease
that
out
a
bit,
and
you
know
if
it's
a
public
vulnerability
and
we
already
know
that
it's
affected.
We
don't
have
to
follow
this
kind
of
secret
approach
in
the
same
way
that
it
makes
sense
to
follow
for
an
undisclosed.
F
You
know,
but
I
don't
know
how
you
you
know.
C
C
A
So
the
the
way
this
works
is
that
whenever
someone
emails
security
at
vmware.com,
the
maintainers
who
have
been
set
up
within
our
vmware
security
team,
those
maintainer
members
will
be
contacted.
That's.
A
Yes,
but
then
what
we
use,
what
we
do
for
some
projects
is
that
we
have
a
distribution
list,
so
the
valero
distributor
distributors
mailing
list-
and
I
believe
you
are
on
that
scott-
so
then
we
can
have.
We
can
just
send
that
out
the
email
that
we
get
from
the
security
team
out
to
that
distribution,
distributors
list
that
should
have
all
non-vmware
maintainers
on
it,
and
then
we
can
have
continued
discussions.
There.
C
What
I
would
say,
scott,
it's
possible
just
because
I
it
was
not
yeah,
it's
possible
that
we,
we
did
not
loop,
you
in
as
soon
as
we
could
have,
and
knowing
that
that
I
should
now
do
this.
I
can
certainly
loop
you
in
faster
in
the
future.
If
I
hear
about.
C
What
I
would
suggest
is,
can
we
maybe
wait
for
one
more
of
these
to
happen
and
see
if
now,
knowing
that
we
can
be
more
proactive
and
loop
in
the
non-vm
maintainers
with
non-vm
wear
maintainers
sooner,
because
it's
sounding
like
I
suspect
we
may
not
have
very
much
wiggle
room
on
this,
because
vmware
owns
full
hero,
and
I
bet
the
security
is.
A
No,
the
the
the
maintainers,
you
should
absolutely
get
the
information
as
soon
as
possible.
Here
I
I
don't
see
an
issue
with
that,
but
yeah
we
can
use
the
valeria
distributors
list
there.
You
should
all
be
on
it.
I
can
verify
that
later
today
to
make
sure
that
everyone
is
on
there.
C
So,
let's
try:
let's
wait
one
more
scott!
Now
that
you've
raised
it,
let's
wait
one
more,
let's
see
and
let's,
let's
evaluate
after
basically,
let's
use
this
as
a
learning
round,
and
I
will
yes
now
that
I
understand
that
this
is
something
that
really
needs
to
be
trumpeted
out
to
the
maintainers.
I
will
definitely
work
to
do
so
and
of
course,
orlan's
here
to
hear
this
as
well
back
to,
I
think
it
was
tsukarna
who
raised.
C
For
when
we
plan
to
patch
stuff,
I
guess
the
same
so.
C
Sorry,
sorry
yeah,
it's
not
the
patching.
It's
the
affected
same
question.
C
D
Maybe
not
even
slack,
but
at
least
in
the
thread
that
will
be
started
once
we
send
something
to
security
vmware,
whether.
A
Yeah,
so
if
it's
a
a
non-public
cbe,
you
can't
talk
about
it.
In
slack
you
can
so
other
distributors,
like
dell,
can
definitely
join
the
distributors
list
as
well,
so
they
can
get
advanced
information
and
advanced
notifications.
D
In
most
cases,
most
cases
what
we
see
is
like
these
are
cvs
public
cvs
that
are
scanned
by
with
that,
when
customers
scan
these
through
three
or
twist
log,
something
they
are
reported
and
most
of
them
are
generally
go
language,
liabilities
and
because
valero
and
others
are
built
using
golang,
they
just
flagged,
and
then
the
customers
ask.
Okay.
Are
you
effective.
A
C
So
that
answered
my
question
and
so
so
karna
to
answer
your
question,
I
will
raise
it
with
jalen
and
daniel
and
at
least
the
beijing
based
team,
because
they
are
the
majority
of
the
maintainers.
So
I'll
ask
them
about
your
point
of
an
sla
to
kind
of
say
whether
valero
is
affected
by
a
cve
and
if
you
don't
mind,
are
you
able
to
maybe
come
to
the
community
meeting
next
week?
So
I'll
tell
you
said
yes,
yeah.
C
So
I
will
raise
it
now,
so
they
have
like
a
week
to
think
it
over.
I
will
and
then
I'll
say
that
you
raised
it
and
then
we
can
further
the
conversation
next
week.
Does
that
does
that
work?
For
you.
E
E
A
Okay,
thank
you.
Everyone
for
a
fantastic
meeting.
You're
all
awesome,
have
a
fantastic
rest
of
the
week
and
see
you
all
soon.
F
Just
a
quick
comment
on
that
issue.
Sorry,
if
that's
all
right.
F
Yeah
yeah,
I
just
I
just
I
just
noticed.
The
comment
on
the
songs
issue
looks
like
that.
The
res
the
suggestion
made
in
that
issue
was
the
same
that
I
just
said
that
you
know
we
probably
need
a
backup
item
action
in
core
valero,
so
I
think
I
think,
we're
in
agreement,
because
the
the
other
maintainer
comment
there
basically
said
the
same
thing
I
did,
which
is
it
looks
like
we
just
need
to
add
a
backup
item
action
into
core
valero
to
fix
this
issue.