Skip to content

Instantly share code, notes, and snippets.

@castrojo

castrojo/201902_201911_Community_Meeting_Minutes.md

Created November 7, 2019 18:38
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save castrojo/584242d5aaab2445ef16ab484aa1479f to your computer and use it in GitHub Desktop.
Save castrojo/584242d5aaab2445ef16ab484aa1479f to your computer and use it in GitHub Desktop.
Download ZIP
Raw
201902_201911_Community_Meeting_Minutes.md

>>>>> gd2md-html alert: ERRORs: 0; WARNINGs: 0; ALERTS: 32.

  • See top comment block for details on ERRORs and WARNINGs.
  • In the converted Markdown or HTML, search for inline alerts that start with >>>>> gd2md-html alert: for specific instances that need correction.

Links to alert messages:

alert1 alert2 alert3 alert4 alert5 alert6 alert7 alert8 alert9 alert10 alert11 alert12 alert13 alert14 alert15 alert16 alert17 alert18 alert19 alert20 alert21 alert22 alert23 alert24 alert25 alert26 alert27 alert28 alert29 alert30 alert31 alert32

>>>>> PLEASE check and correct alert issues and delete this message and the inline alerts.

Kubernetes Community Meeting Working Doc

Click me to join the meeting

FUTURE DEMOS:

Interested in giving the Kubernetes community a demo? Check out the instructions first and then add yourself to the bottom of the list:

  • (Want to add yourself? Add your title and email contact info, but please wait for someone to assign you a date)
  • People will usually fill out their notes throughout the meeting
  1. Demo Proposal (for a slot in December please)

Notetaker volunteers always needed and appreciated

  • Feel free to drop your name in the Note Taker field and jump in!

November 7, 2019 (recording)

  • Moderators: Marky Jackson [Sysdig/SIG Contributor Experience/SIG Release]
  • Note Taker: [Jorge Castro/SIG Contributor Experience/VMware]
  • [ 0:00 ]** Release Updates **[Guinevere Saenger - Release Lead]
    • 1.17 release
      • “Calm before the storm” - KubeCon prep, lots of meetings
      • Everyone filing an enhancement MUST file a docs PR for it by TOMORROW
      • Code freeze next week, 14 Nov, everything afterwards will be a cherry pick
      • This tuesday, first beta of 1.17
    • Patch releases (schedule):
      • Cherry pick deadline tomorrow, Nov. 8 ahead of:
      • Release target Wed. Nov. 13
  • [ 0:00 ] SIG Updates
    • wg-LTS [@tpepper]: slides
    • wg-k8s-infra [@bartsmykla]: slides
  • [ 0:00 ] 📣Announcements 📣
    • This is the last community meeting until December 5th
    • Happy Kubecon and happy thanksgiving
    • Don’t forget to register for the contributor summit!
    • **👏 **Shoutouts this week (Check in #shoutouts on slack) 👏
      • Chris Short gave a huge shoutout to @castrojo and @jeefy for getting me all set to stream community meetings. So helpful and kind (even when I forget things)!
      • Chris Blecker gave a shoutout to @liggitt and @bentheelder for their help in getting us upgraded to go1.13. It was a huge effort!
      • Paris gave a shoutout to everyone on the kubecon planning stretch especially the wonderful contributor summit events team

October 31, 2019

  • Moderators: Marky’s assistant Hammy ;-) [SIG Contributor Experience/Release]
  • Note Taker: Chris Short
  • [ 0:00 ]** Release Updates **[Guinevere Saenger - Release Lead]
    • 1.17.0-beta.0 released this Tuesday 10/29
    • 1.17 release branch created
      • All changes to master will be fast forwarded nightly into the 1.17 branch
    • CODE FREEZE IS COMING NOVEMBER 14
      • after Code Freeze, all approved enhancements work will need to follow cherry-pick process to be merged into the 1.17 branch
    • 1.13 jobs are being removed
  • Patch Release Updates
  • [ 0:00 ] SIG Updates
    • SIG Release [Stephen Augustus]
      • Improved feedback loops between SIG Release and SIG Scalability
      • Emeritus advisor is awesome
      • More diversity of all kinds in the Release Teams
      • Improvements in automation across the board
      • SIG Release needs more shadows
      • People are improving test coverage on their features
      • Release Engineering subproject has started in earnest
      • Test cleanup and deletion continues
      • Release Managers Group
      • Release Engineering
        • Onboarding process improvements
        • Wiring Release Engineering jobs in CI
        • Doc cleanups
        • Working on getting staging/release process into CI
        • Viewer access to GCP
        • k/release tooling is getting rewritten in Go and one tool has already been deployed
        • deb/rpm packaging tools are being built and awesome-ified
        • Hyperkube out-of-tree in progress
        • Codebase walkthroughs!!!
      • Watch for announcements
      • Pay attention to CI Signal
      • Be mindful of 1.17 schedule dates
      • We'll be at KubeCon!
  • [ 0:00 ] 📣Announcements 📣
    • Don’t forget to register for the contributor summit!
    • **👏 **Shoutouts this week (Check in #shoutouts on slack) 👏
      • @dims gave a shoutout to @bartsmykla for setting up / running the on-boarding call for 70+ folks for wg-k8s-infra
      • Daniel Lipovetsky [@dlipovetaky] gave a shoutout saying,Thank you, thank you, thank you to @neolit123 [Lubomir Ivanov] for always taking the time to help and mentor. You have been there for me and for many others on what seems like everywhere from k/k, to kubeadm, to docs, and everything in between.
      • @markyjackson gave a shout out to @gsaenger @chrisshort and @rael for getting together to make the NCW awesome and for being such fine peoples to work with

October 24, 2019 (recording)

  • Moderators: Jonas Rosland [VMware/SIG Contributor Experience/Release]
  • Note Taker: Thiscould B. You [Company/SIG]
    • Subscribe to this thread to get these notes in your inbox
  • [ 0:00 ]** Release Updates**
    • Current Release Development Cycle [Guinevere Saenger - Release Manager]
      • 1/17.alpha.3 released this Tuesday 10/22
      • All Enhancement exceptions are merged and tracked
      • Begin turnaround for release branch creation next week: removal of 1.13 jobs, create 1.17 jobs, create 1.17 release branch, cut the first 1.17 beta
      • Lots of work from SIG scalability and the CI Signal team to capture scale job flakes early and find causes
    • Patch Release Updates
  • [ 0:00 ] SIG Updates
    • SIG Usability [Tasha Drew @tasha]
    • WG Multitenancy [Tasha Drew @tasha]
    • WG Apply Working Group [Jenny Buckley @jennybuckley]
    • WG Machine Learning [punt till next week]
  • [ 0:00 ] 📣Announcements 📣

October 17, 2019

  • Moderators: Jorge Castro [VMware/SIG Contributor Experience]
    • No video available, Jorge hit the wrong button on OBS. :(
  • Note Taker: First Last [Company/SIG]
    • Subscribe to this thread to get these notes in your inbox
  • [ 0:00 ]** Release Updates**
    • Current Release Development Cycle [Guinevere Saenger - Release Manager]
      • Enhancements Freeze was this past Tuesday, 15 October
      • Two exceptions filed
      • We have 44 enhancements tracked: alpha: 11, beta: 13, stable: 20
      • 1.17.0-alpha.2 released on Oct.15
      • 1.17.0-alpha.3 planned for Oct.22
    • Patch Release Updates
      • All branches released 15 October
  • [ 0:00 ] SIG Updates
  • [ 0:00 ] 📣Announcements 📣
    • Don’t forget to register for the contributor summit!
    • **👏 **Shoutouts this week (Check in #shoutouts on slack) 👏
      • **@jdetiber - **shoutout to @cblecker for adding a /honk command to prow
      • @gsaenger - shoutout to @markyjackson for being such a friendly community meeting host!
    • SIG Usability, WG Apply, and WG Machine Learning will be giving updates next week!

October 10, 2019 - (recording)

  • Moderators: Marky Jackson [ Sysdig/SIG Contribex]
  • Note Taker: Bob Killen
  • [ 0:00 ]** Release Updates**
    • Current Release Development Cycle [Guinevere Saenger - Release Manager]
      • We’re in Week 3…
      • Enhancement Freeze is next Tuesday (Oct. 15). Enhancements must be in by 5PM PT.
      • 1.17.0-alpha.2 scheduled release Tuesday Oct.15
    • Patch Release Updates
      • 1.16.1 released 1 October
      • Next patch releases (all branches) scheduled for 15 October
      • LAST release of 1.13.x
  • [ 0:00 ]** SIG Updates**
    • WG Security Audit [Jay Beale]
      • Slides:
      • https://docs.google.com/presentation/d/1z4voQDTejEdU2gwNM30gdRxF0M9dAw-BhCKx5VitCWk/edit#slide=id.p1
      • What we did last cycle
        • Led the first in a series of Kubernetes security audits
          • Choose vendors
          • Gave direction to focus effort
          • Participated in the threat modeling work that will be used for future releases of Kubernetes
          • Performed technical editing on the report
          • Worked on producing reusable artifacts
        • Complementary efforts to the bug bounty program
        • Threat model breakdown
          • Focus on 8 critical components
            • Kube-apiserver
            • Etcd
            • Kube-scheduler
            • Kube-controller-manager
            • Cloud-controller-manager
            • Kubelet
            • Kube-proxy
            • Container Runtime Interface
        • Threat model highlighted recommendations
          • Provide auditing information in a unified fashion to allow a trace of the user’s actions through the system
          • Warn users who configure a security control that will not be enforced
            • Network policies and pod security policies can silently fail.
          • Require transport encryption w/cert verification
            • Multiple components use http
            • Multiple components elect not to verify cert validity
          • Prevent node compromises from leading to cluster-compromises
            • Host access gives access to cli arguments, logs etc
          • Separate privilege levels among controllers
        • Vulnerability research during cycle
          • Discovered 37 vulnerabilities
        • Vulnerability highlights
          • Non authenticated HTTPS connections
          • Cert revocation unsupported
          • PSP Bypass (hostPath va PVs)
          • TOCTOU Race condition in Kubelet
          • Kubectl cp directory traversal
          • System logs containing secrets
        • Recommendation Highlights
          • Replace the many cases of logic reimplementation with central libraries
          • Ease security configuration (particularly defaults)
          • Improve code documentation around external dependencies
          • Continue development of security features
        • Security Audit report [link from report in k/community]
      • Next cycle:
        • Plan next security audit
        • Move towards more secure defaults
    • SIG Testing [fejta]
      • https://docs.google.com/document/d/1uTcLhxM2HwDgtGOiIvlFfRWzQDTvii6qd_XASAubHlk/edit?ts=5d9e6825
      • Last Cycle
        • Testgrid configs now live alongside their associated prow jobs
        • Automated the creation of jobs for the test-infra release team role
        • Deployed new and improved monitoring/alerting stack (monitoring.prow.k8s.io)
        • Reusable verify checks in bazel rules
        • KinD
          • Smaller images from providerless kubernetes builds
          • Release blocking IPv4 and IPv6 test coverage
          • Provides 75% of pull-kubernetes-e2e-gce coverage without any cloud resources
        • TestGrid partially open sourced
      • Next Cycle
        • Establish test-infra SLOs
        • Improve test-infra alerting to better detect and recover from outages
        • Make KinD a blocking presubmit in k/k
        • Automate image pushing on merge with a git-ops based promotion to prod method (working with #wg-k8s-infra)
        • Help repos with preexisting bazel rules adopt reusable verify checks.
        • Move prow out of test-ifnra into its own repo
        • Enable in repo prowjob configurations
      • How these upcoming changes affect you
        • Help define more reusable verify checks
        • Start thinking about how/whether your sig can move cloud provider dependencies out of k/k testing to release blocking postsubmits
    • [ 0:00 ] 📣Announcements 📣
      • Announcement Foo #1
      • **👏 **Shoutouts this week (Check in #shoutouts on slack) 👏
        • @jdetiber** **gave a shout to @dims for building out the e2e conformance tests using Cluster API and the GCP Provider
        • @mrbobbytables gave a shoutout to the other Steering Election committee officials @briangrant @castrojo @ihor.dvoretskyi for putting in the work to make this year’s election possible!
        • @ihor.dvoretskyi gave a huge SHOUTOUT to @mrbobbytables - another election official!
        • @cblecker gave a** **shout out to @bentheelder and @krzyzacy for late night debugging on GCE test infra failures

October 3, 2019 - (recording)

  • Moderators: Jonas Rosland [VMware/SIG Contribex]
  • Note Taker: First Last [Company/SIG]
    • Subscribe to this thread to get these notes in your inbox
  • [ 0:00 ]** Steering Committee Election Results **[Dims]
    • The following candidates will be joining @dims, @tstclair, and @spiffxp on the Steering Committee (in github handle order):
      • Christoph Blecker (@cblecker), Red Hat
      • Derek Carr (@derekwaynecarr), Red Hat
      • Nikhita Raghunath (@nikhita), Loodse
      • Paris Pittman (@parispittman), Google
    • See the blog post for more information
  • [ 0:00 ]** Release Updates**
    • Current Release Development Cycle [Guinevere Saenger - Release Manager]
      • We’re in Week 2! Shadow selection is 99% complete - congratulations and thanks to all of our hardworking team members
      • Enhancements Freeze is 15 October!
      • 1.17.0-alpha-1 was released today
      • Next alpha scheduled for 15 October
    • Patch Release Updates
      • 1.16.1 released 1 October
      • Next patch releases scheduled for 15 October
      • y.x
  • [ 0:00 ] **Contributor Tip of the Week **[First Last]
    • A fun graph, contribex info, CI tips, etc.
    • [Link to a chart, a guide, a tool, etc]
    • Reach out to #sig-contribex in slack if there is no tip on the agenda yet. Backlog is pinned to the chat.
  • [ 0:00 ] SIG Updates
  • [ 0:00 ] 📣Announcements 📣
    • **👏 **Shoutouts this week (Check in #shoutouts on slack) 👏
    • tpepper:
      • shoutout to @nikhita for a PR description and commit messages in kubernetes/kubernetes#82410 which makes a potentially daunting code review MUCH easier, and to @liggitt for similarly making the cherry-pick review MUCH easier with a stellar PR description text. Super time saving when there’s a diffstat of “+2,537 −59” but the “why” text focuses the reviewer in on two key lines of code and the associated bugs tracking the problem report.
    • jdetiber:
      • Shoutout to @dims for building out the e2e conformance tests using Cluster API and the GCP Provider

September 26, 2019 - (recording)

  • Moderators: Tim Pepper [VMware/SIG Release]
  • Note Taker: Lachlan Evenson [Microsoft/SIG PM]
    • Subscribe to this thread to get these notes in your inbox
  • [ 0:01 ]** Demo **-- Octant: A web-based, highly extensible platform for developers to better understand the complexity of Kubernetes cluster [Bryan Liles, @bryanl; Wayne Witzel, @wwitzel3]
    • Web-based, but runs local, using your credentials (simplifies security)
    • Demo application troubleshooting via the Octant UI
      • Web app working
      • Kubectl apply updated app
      • Web app no longer working
      • Use Octact to determine the cause
    • Introduces the concept of “Application” which is a set of consistent labels “app.kubernetes.io/name:httpbin”
    • Visualization of dependency graph between Kubernetes resources. Detects that the Ingress is pointing to an invalid backend
    • Drill down into service via the visualization graph and we notice that are no endpoints.
    • Determine that it’s a bad selector and update and check that the graph is green again.
    • If you’re on a Mac you can install via brew install octant
  • [ 0:14 ]** Release Updates**
    • 1.17 Release Development Cycle [Guinevere Saenger - Release Manager]
      • Week 1
      • Shadow selection happening (application deadline yesterday)
      • Please be aware that this is a short release
      • Enhancements freeze 10/15 5pm Pacific
    • Patch Release Updates
  • 1.16.2 2019-10-11 2019-10-15
  • 1.16.1 2019-09-27 2019-10-02
  • 1.15.5 2019-10-11 2019-10-15
  • 1.14.8 2019-10-11 2019-10-15
  • 1.13.12 2019-10-11 2019-10-15 (final release of 1.13)
  • ...as always subject to change for critical-urgent security issues
  • [ 0:17 ] **Contributor Tip of the Week **[Bob Killen]
  • [ 0:19 ] SIG Updates
  • [ 0:43 ] 📣Announcements 📣
    • Election Status [Jorge/Bob/Ihor/Brian]
      • 302 of 858 of you have voted.
      • The next deadline is October 2, that's one week from today! You have until then to complete your ballot. If you have any questions, let us know.
      • You must be in voters.md, if you’re not, you cannot vote in this election.
    • **👏 **Shoutouts this week (Check in #shoutouts on slack) 👏
      • Lots of thanks and reflection as the 1.16 release cycle came to an end. Great teamwork folks!
      • Lachlan Evenson

>>>>> gd2md-html alert: inline image link here (to images/Kubernetes-Community0.png). Store image on your image server and adjust path/filename if necessary.
(Back to top)(Next alert)
>>>>>

alt_text 6

>>>>> gd2md-html alert: inline image link here (to images/Kubernetes-Community1.png). Store image on your image server and adjust path/filename if necessary.
(Back to top)(Next alert)
>>>>>

alt_text 9

>>>>> gd2md-html alert: inline image link here (to images/Kubernetes-Community2.png). Store image on your image server and adjust path/filename if necessary.
(Back to top)(Next alert)
>>>>>

alt_text 3 * Lachlan Evenson * @liggitt @cblecker @dims for their tireless work during the 1.16 release getting bugs triaged, following up on PRs, shepherding them through to MERGE, grooming the tide pool, watching the issue queue and just about everything else you can think of. On behalf of the 1.16 release-team, THANK YOU! *

>>>>> gd2md-html alert: inline image link here (to images/Kubernetes-Community3.png). Store image on your image server and adjust path/filename if necessary.
(Back to top)(Next alert)
>>>>>

alt_text 6

>>>>> gd2md-html alert: inline image link here (to images/Kubernetes-Community4.png). Store image on your image server and adjust path/filename if necessary.
(Back to top)(Next alert)
>>>>>

alt_text 8

>>>>> gd2md-html alert: inline image link here (to images/Kubernetes-Community5.png). Store image on your image server and adjust path/filename if necessary.
(Back to top)(Next alert)
>>>>>

alt_text 3 * Stephen Augustus * More shoutouts for SIG Release: https://twitter.com/stephenaugustus/status/1174797710043430913?s=20

>>>>> gd2md-html alert: inline image link here (to images/Kubernetes-Community6.jpg). Store image on your image server and adjust path/filename if necessary.
(Back to top)(Next alert)
>>>>>

alt_text Stephen Augustus @stephenaugustus

                I'm fully aware we're all adults, but I can't help but feel weird dad pride when my "kids" are crushing it.


                Thank you to all of the SIG Release contributors for the hard work that you do to keep #Kubernetes rolling!


                Some shoutouts...

>>>>> gd2md-html alert: inline image link here (to images/Kubernetes-Community7.png). Store image on your image server and adjust path/filename if necessary.
(Back to top)(Next alert)
>>>>>

alt_text Twitter | Sep 19th

        *

>>>>> gd2md-html alert: inline image link here (to images/Kubernetes-Community8.png). Store image on your image server and adjust path/filename if necessary.
(Back to top)(Next alert)
>>>>>

alt_text 6

>>>>> gd2md-html alert: inline image link here (to images/Kubernetes-Community9.png). Store image on your image server and adjust path/filename if necessary.
(Back to top)(Next alert)
>>>>>

alt_text 4 * Jason DeTiberus * Shoutout to @joonas @alainroy @vincepri @tasha @a_sykim @ncdc @cha @Amy Chen@zjs @justaugustus @Vivek Goyal @noamran @naadir @timothysc @samba @dgoel@jieyu @tamal @winnie @michaelgugino @mrunalp @cecile @ritazh @sozercan @jpang@lachie83 @dlipovetsky @justinsb @rudeboy @Matt Dennison @jenny @moshloop@hardikdr for coming out to the cluster api f2f planning session and helping us define and scope the next release of the project *

>>>>> gd2md-html alert: inline image link here (to images/Kubernetes-Community10.png). Store image on your image server and adjust path/filename if necessary.
(Back to top)(Next alert)
>>>>>

alt_text 12

>>>>> gd2md-html alert: inline image link here (to images/Kubernetes-Community11.gif). Store image on your image server and adjust path/filename if necessary.
(Back to top)(Next alert)
>>>>>

alt_text 9

>>>>> gd2md-html alert: inline image link here (to images/Kubernetes-Community12.gif). Store image on your image server and adjust path/filename if necessary.
(Back to top)(Next alert)
>>>>>

alt_text 8

>>>>> gd2md-html alert: inline image link here (to images/Kubernetes-Community13.png). Store image on your image server and adjust path/filename if necessary.
(Back to top)(Next alert)
>>>>>

alt_text 7

>>>>> gd2md-html alert: inline image link here (to images/Kubernetes-Community14.gif). Store image on your image server and adjust path/filename if necessary.
(Back to top)(Next alert)
>>>>>

alt_text 4 * Stephen Augustus * And thanks to you, @jdetiber, Andy, and TSC for keeping us on task for the week! *

>>>>> gd2md-html alert: inline image link here (to images/Kubernetes-Community15.png). Store image on your image server and adjust path/filename if necessary.
(Back to top)(Next alert)
>>>>>

alt_text 2

>>>>> gd2md-html alert: inline image link here (to images/Kubernetes-Community16.png). Store image on your image server and adjust path/filename if necessary.
(Back to top)(Next alert)
>>>>>

alt_text 3

>>>>> gd2md-html alert: inline image link here (to images/Kubernetes-Community17.png). Store image on your image server and adjust path/filename if necessary.
(Back to top)(Next alert)
>>>>>

alt_text 1 * Josh Berkus * huge shoutout to @thockin for coming up with tons of ideas for contributor summit sessions *

>>>>> gd2md-html alert: inline image link here (to images/Kubernetes-Community18.png). Store image on your image server and adjust path/filename if necessary.
(Back to top)(Next alert)
>>>>>

alt_text 4

>>>>> gd2md-html alert: inline image link here (to images/Kubernetes-Community19.png). Store image on your image server and adjust path/filename if necessary.
(Back to top)(Next alert)
>>>>>

alt_text 4

>>>>> gd2md-html alert: inline image link here (to images/Kubernetes-Community20.png). Store image on your image server and adjust path/filename if necessary.
(Back to top)(Next alert)
>>>>>

alt_text 3

>>>>> gd2md-html alert: inline image link here (to images/Kubernetes-Community21.gif). Store image on your image server and adjust path/filename if necessary.
(Back to top)(Next alert)
>>>>>

alt_text 2

>>>>> gd2md-html alert: inline image link here (to images/Kubernetes-Community22.png). Store image on your image server and adjust path/filename if necessary.
(Back to top)(Next alert)
>>>>>

alt_text 4 * Tim Hockin * And right back to everyone running that event! *

>>>>> gd2md-html alert: inline image link here (to images/Kubernetes-Community23.png). Store image on your image server and adjust path/filename if necessary.
(Back to top)(Next alert)
>>>>>

alt_text 3

>>>>> gd2md-html alert: inline image link here (to images/Kubernetes-Community24.png). Store image on your image server and adjust path/filename if necessary.
(Back to top)(Next alert)
>>>>>

alt_text 4

>>>>> gd2md-html alert: inline image link here (to images/Kubernetes-Community25.gif). Store image on your image server and adjust path/filename if necessary.
(Back to top)(Next alert)
>>>>>

alt_text 2 * Vince Prignano * Shoutout to @cecile for putting a huge amount of work pushing forward CAPZ (Cluster API Azure) to v1alpha2

>>>>> gd2md-html alert: inline image link here (to images/Kubernetes-Community26.png). Store image on your image server and adjust path/filename if necessary.
(Back to top)(Next alert)
>>>>>

alt_text

>>>>> gd2md-html alert: inline image link here (to images/Kubernetes-Community27.png). Store image on your image server and adjust path/filename if necessary.
(Back to top)(Next alert)
>>>>>

alt_text ! *

>>>>> gd2md-html alert: inline image link here (to images/Kubernetes-Community28.gif). Store image on your image server and adjust path/filename if necessary.
(Back to top)(Next alert)
>>>>>

alt_text 7

>>>>> gd2md-html alert: inline image link here (to images/Kubernetes-Community29.png). Store image on your image server and adjust path/filename if necessary.
(Back to top)(Next alert)
>>>>>

alt_text 1

September 12, 2019 - recording

>>>>> gd2md-html alert: inline image link here (to images/Kubernetes-Community30.png). Store image on your image server and adjust path/filename if necessary.
(Back to top)(Next alert)
>>>>>

alt_text

  • shoutout to @liggitt for reviewing all of the things

September 5, 2019 - (recording)

August 29, 2019 - (recording)

  • Moderators: Dawn Foster [Pivotal/ContribEx]
  • Note Taker: Craig Peters [Microsoft/SIG-x]
    • Subscribe to this thread to get these notes in your inbox
  • [ 0:00 ]** Release Updates**
    • Current Release Development Cycle [Lachlan Evenson - Release Manager]
    • 1.16 Upcoming Milestones
      • 8/29 - 1.16 Code Freeze - label your PRs appropriately! The backlog is big and you don’t want to miss the train
      • 9/3 - Docs PRs ready for review - next Tuesday
      • 9/4 - 1.16.0-beta.2
    • Patch Release Updates.
    • Reminder these pending dates are announced on:
  • [ 0:00 ]** Demo **-- Ignite [@luxas] - confirmed
    • Slides
    • Simplified firecracker UX using the GitOps management model
    • Questions
      • Use of Virtual Kubelet vs CRI (easier development and UX), and
      • Difference from kata + kubevirt (full VMs instead of containers)
  • [ 0:00 ] SIG Updates
  • [ 0:00 ] 📣Announcements 📣

August 22, 2019 - (recording)

August 15, 2019 - (recording)

August 8, 2019 - (recording)

August 1, 2019 - (recording)

>>>>> gd2md-html alert: inline image link here (to images/Kubernetes-Community31.png). Store image on your image server and adjust path/filename if necessary.
(Back to top)(Next alert)
>>>>>

alt_text

July 23, 2019 - (recording)

  • Moderators: Jorge Castro [SIG Contributor Experience]
  • Note Taker: Josh Berkus [RH/Release]
  • [ 0:00 ]** Demo **-- Conftest - (7/25) using Open Policy Agent to write unit tests for Kubernetes configs - [gareth@morethanseven.net] (confirmed)
    • Link to slides
    • https://github.com/instrumenta/conftest
    • Lots of us have written bad kubernetes configs -- it would be good to validate them before deployment.
    • Write policies for Open Policy Agent using Rego, OPA's DSL
    • Then point it at a config file and it will unit test it
    • Can also validate arbitrary JSON docs (YAML, etc.)
    • Did several demos, including validating a MySQL Helm chart
    • #conftest channel on slack.openpolicyagent.org
  • [ 0:00 ]** Release Updates**
    • Current Release Development Cycle [Guinevere Saenger - Release Manager Shadow]
      • Enhancements Freeze Tuesday July 30th.
      • We will also release Alpha 2 that day
    • Patch Release Updates
      • none this week
  • [ 0:00 ] SIG Updates
    • SIG Leads, check out this set of recommended topics to cover during your update
    • Slide template if you need it
    • Please also check the SIG Update Schedule!
    • SIG Testing [Aaron Crickenberger] (confirmed)
      • Slides
      • SIG-testing creates infrastructure, they dont' write the tests.
      • Subprojects:
        • KIND (kubernetes-in-docker)
          • Now has support for IPv6
          • Only deployment of Kube currently passing* Conformance
          • Much faster than it used to be
          • Looking ahead to "road to 1.0"
          • Going to remain focused on core feature set
          • Need contributors!
          • Would like to support more runtimes
          • Also want to support more E2E tests
        • Prow (github automation)
          • New plugin: Nikita added auto-milestone-add for PRs (would be nice to backfill for this, anyone want to write it?)
          • Spyglass shows the Prow job results, you can now link to specific log lines for failed jobs.
          • Prow now works with Bugzilla and Gerrit
          • Beta support for Tekton pipelines (as well as existing support for Podspecs and Build CRDs)
          • is now an active project that is distinct from Kubernetes, needs a roadmap (help wanted)
          • Several KEPs in progress
          • We also need unit testing for Prow (help wanted)
        • Test-Infra
          • go test bench creates junit test results
          • working on better local testing of Prow jobs
          • trying to break up Testgrid config file instead of having One File To Rule Them All so that folks can make their own changes
          • need to measure unit test coverage
          • triage tool needs rewriting in go (help wanted)
          • existing python tooling needs to be upgraded to Python3 (help wanted)
        • Testing-Commons (making repeatable testing frameworks)
          • Trying to shrink the body of 40+ Kube test images down to just 1-2
          • Move E2E tests out of tree, maybe migrate to new framework instead of ginko
        • Workgroup: wg-k8s-infra
          • Takes all of SIG-testing stuff and implements it on Google Cloud so that we can actually run testing
        • We are also open sourcing TestGrid! (help wanted)
        • SIG is re-thinking meeting schedule, to accomodate other time zones
        • Have lots of Good First Issues for you to help with
    • [ 0:00 ] 📣Announcements 📣
      • Don’t forget about the API deprecations!
      • Protip - book your Kubecon travel if you’re planning to attend. :D
      • SIG instrumentation, SIG Storage, SIG Docs, and the Product Security Committee will be giving their updates next week.
      • Want to help host this meeting? Ping @castrojo, we’re always looking for new people to help run this meeting!
    • **👏 **Shoutouts this week (Check in #shoutouts on slack) 👏
  • Bentheelder (Benjamin Elder) - Shoutout again to @aojea (Antonio Ojea), thanks to his work we finally have CI passing all conformance tests with an IPv6 #kind cluster!
  • June.yi (June Yi) Shoutout to @seungkyua (Seungkuu Ahn), @ianychoi (Ian Choi), @Jesang (Jesang Myung) and @Seokho (Seokho Son) for encouraging docs localization as an event host, a session speaker or an attendee at the local community event, Open Infrastructure & Cloud Native Days Korea 2019.
  • Detiber (Jason Detiberus): Shoutout to @thockin (Tim Hockin) for helping with troubleshooting and fixing a head scratching permissions issue related to the image promotion process

July 18, 2019 - (recording)

  • Moderators: Jeffrey Sica [SIG UI/ContribEx]
  • Note Taker: Bob Killen / Chris Short - Contribex
  • [ 0:00 ]** Demo **-- Cluster API Docker Provider - Chuck Ha (chuckh@vmware.com)
    • GitHub: https://github.com/kubernetes-sigs/cluster-api-provider-docker
    • Cluster API has been built extensible enough to be able to provide a generic interface for multiple providers.
    • A bootstrap or management cluster is required to host the CRDs and configs for the desired clusters.
    • Docker provider backend was built for fast local testing.
    • cli-tool - capdctl
      • Uses KinD as a backend.
      • Strips out some cloud service bits that aren't necessary from clusterctl
    • Only requirement is an “external” load balancer.
    • Can modify clusters after initial provisioning.
    • Provisioned clusters pass standard conformance tests.
  • [ 0:00 ]** Release Updates**
    • Current Release Development Cycle [Jeffrey Sica - Release Manager Shadow]
      • 7/16 - 1.16.0-alpha.1
      • 7/30 - Enhancements freeze
    • Patch Release Updates
      • 7/18 - 1.15.1
  • [ 0:00 ] **Contributor Tip of the Week **[???]
    • ???
  • [ 0:00 ] KEP of the Week [Kubernetes Enhancement Proposals]
    • [Link to KEP or PR] - [Status] - where to follow up discussion
  • [ 0:00 ] SIG Updates
    • SIG Leads, check out this set of recommended topics to cover during your update
    • Slide template if you need it
    • Please also check the SIG Update Schedule!
    • SIG Azure [ Stephen Augustus ] (Confirmed)
      • Slides
      • Aiming to move out of tree by the 1.18 release.
      • Last Cycle
        • Improving testing for out-of-tree cluster providers
        • New SIG Azure Chair - Craig Peters
      • Upcoming Cycle (1.16):
        • continue working on moving azure cloud provider out of tree
        • move Azure availability zones to GA
        • move Azure Cross-resource group nodes to GA
        • Cluster API Azure
          • VMSS integration
          • Better AZ Support
          • Work on v1alpha2 implementation
        • Complete Administrative work related to SIG Cloud Provider consolidation.
      • Looking for help/contributors for out-of-tree Azure provider
    • SIG Release [ Tim Pepper ] (Confirmed) slides
      • Last Cycle
        • Improved Shadow process
        • Made improvements to documentation and automation
        • “test-infra” role has been automated completely
        • New release notes website.
        • Last scalability issues in 1.15 release almost derailed release, but only caused a slight delay. *
        • Patch release team has been grown and documentation improved
        • Release Engineering subproject has been kicked off.
      • Upcoming Cycle (1.16)
        • Release Engineering Subproject along with the WG-K8s-infra group
        • Release Team
          • refine release blocking criteria
          • improve testgrid blocking/informing dashboards
          • branch management role shifting to “release manager” team
          • work closer with sig-scalability
      • Things needed from community
        • Ongoing attention to CI Signal
          • deflake tests
          • make sure tests are owned and get notified of failures.
          • Keep tests green.
      • Licensing subproject:
        • looking for more contributors (reach out ot nikhita)
      • Release Team:
        • Big shoutout to Josh Berkus as emeritus lead and keeping things going.
      • Release Managers / Release Engineering subproject:
        • Release Managers doc
        • Driving down tech debt in release process
        • Composed of members from:
          • Patch Release Team
          • Branch Managers
          • Release Manager Associates
          • Build Admins
          • SIG Chairs
          • PSC
        • Building contributor ladder for Release Manager group
        • Need help moving from :bashfire: to go
      • Related Working Group Status
        • WG LTS
          • Improve conformance
          • Move more APIs to stable
  • [ 0:00 ] 📣Announcements 📣
    • ???
    • **👏 **Shoutouts this week (Check in #shoutouts on slack) 👏 *

July 11, 2019 - (recording)

July 4th, 2019 - (Cancelled!)

  • Moderators: Ihor Dvoretskyi (CNCF)
  • **~~Note Taker: ~~**
  • [ 0:00 ]** Demo**
    • No demo this week
  • [ 0:00 ]** Release Updates**.
  • [ 0:00 ] **Contributor Tip of the Week **
  • [ 0:00 ] SIG Updates
    • SIG CLI
      • To be rescheduled
    • SIG Node
      • To be rescheduled
  • [ 0:00 ] **📣Announcements **

June 20, 2019 - Release Retrospective for 1.15 (recording)

June 13, 2019 - (recording)

  • Moderators: Lachlan Evenson [sig-pm]
  • Note Taker: Jorge Castro [VMware/SIG Contributor Experience]
  • [ 0:00 ]** Demo **-- Kyverno [jim@nirmata.com] - Kubernetes native policy management (confirmed)
  • [ 0:00 ]** Release Updates**
    • Current Release Development Cycle [Claire Laurence - Release Manager]
    • Release Team Shadow applications are now open.
    • 1.12, 1.13, 1.14 next patch releases probably late June...TBD based on need.
  • [ 0:00 ] **Contributor Tip of the Week **[Jeffrey Sica]
  • [ 0:00 ] SIG Updates
  • [ 0:00 ] **📣Announcements **
    • Congrats to Bob Killen for joining GitHub Admin Team [spiffxp]
      • Thanks to Caleb Miles who is now emeritus
    • Office Hours next week! Livestream here, click the bell for a reminder
      • Help us out by retweeting this.
      • Looking for a west coast streamer so we can do a western session, ping @castrojo if you want to help
    • **👏 **Shoutouts this week (Check in #shoutouts on slack) 👏
    • @vincepri - Huge shoutout to @dhellmann and @dwat for taking 1+ hours today to give great feedback about the Cluster API Bootstrap proposal and helping move the project forward!
    • @aojea - Big shoutout to @bentheelder for having a working IPv6 CI in #kind
    • @jberkus - huge shoutout to @Katharine for automating a Release Team role out of existence! (plus all the Test-Infra folks who helped).
    • @Jdetiber - Shoutout to @justinsb for cutting the cluster-api v0.1.2 bugfix release

June 6, 2019 - (recording)

  • Moderators: Vallery Lancy [Lyft]
  • Note Taker: Jorge Castro [VMware]
  • [ 0:00 ]** Demo **-- KubeOne Lifecycle management tool for Kubernetes HA clusters - [Marko] marko@loodse.com] (confirmed)
  • [ 0:00 ]** Release Updates**
    • Current Release Development Cycle [Claire Laurence - Release Manager]
      • Doc PRs merged on tuesday
      • Cut our first beta yesterday, June 13 cherry pick deadline,
      • Release is on for June 17
      • Current release status is yellow due to some issues (3)
      • SIGs, please give the release team your release themes if you have not done so already
      • Lachlan Evenson will be your 1.16 release lead.
    • 1.13.7 and 1.14.3 releases coming today (June 6)
  • [ 0:00 ] SIG Updates
  • [ 0:00 ] 📣Announcements 📣

    • Announcement Foo #1

      **👏 **Shoutouts this week (Check in #shoutouts on slack) 👏

    • Stefan Schimanski - shoutout to @liggitt (Jordan Liggitt) for having done insanely many reviews—again and again, in super high quality—this release cycle for CRD+webhook-admission related topics.

    • Andrew Sy-Kim - Big shoutout to @khenidak (Khaled Henidak) for driving the IPv6 dual stack effort! Some great progress made there this release!

    • Tim Pepper - Shoutout to @msau42 (Michelle Au) …pretty much every time over the past year I’ve gone to look at a release blocking test failing on storage, @msau42’s a couple hours ahead of me, has the issue triaged and line of site on potential fix if not fix already in test. Way to represent SIG Storage!!

    • @stealthybox (Leigh Capili) and @vincepri (Vince Prignano) props to @Leah (Leah Hanson) for taking stellar notes at lightning speed for Cluster Lifecycle and cluster-api meetings
    • @vllry (Vallery Lancey) - Thanks to all the contribex folks for all their onboarding/growth resources. and just keeping things running ❤️

May 30, 2019 - (recording)

  • Moderators: Paris Pittman [SIG Contributor Experience/Google]
  • Note Taker: [your name here]
  • [ 0:00 ]** Demo **-No Demo this week!!
  • [ 0:00 ] **Contributor Tip of the Week **
    • SIGs are doing live bug scrubs, review how tos, and more - just ask!
      • API Machinery is Friday! Join their mailing list to get the invite
  • [ 0:00 ]** Release Updates**
    • Current Release Development Cycle [Claire Laurence - Release Manager]
      • Only 29 folks have responded about docs! Get those docs PRs in!!
      • Starting daily burn downs next week
      • 1.15 retro doc - talk about timelines/deadlines/opinions there
  • [ 0:00 ] SIG Updates * SIG Leads, check out this set of recommended topics to cover during your update * Slide template if you need it * Please also check the SIG Update Schedule! * Service Catalog (Jonathan B, confirmed) * Moving to kubernetes-sigs from incubator * Team re-org * Supporting api server version 9 months * Rewriting docs; has a doc website but most is outdated at this point * New folks from SAP participating; looking for new contributors and a new chair - get in contact with Jonathan (current chair) * IBM Cloud (Sahdev, confirmed) * Slides
  • [ 0:00 ] 📣Announcements 📣
    • The Shanghai Contributor Summit Committee is looking for experienced contributors and SIG Leads to lead sessions for the current contributor track. If you might be available for this, please contact @jberkus or @puja on Slack, or email jberkus@redhat.com.
    • Meet Our Contributors is next Wednesday!!
      • On demand mentoring from another contributor
      • Watch past episodes here
      • Yes - you can ask for a live code review (we need advance notice)
      • Yes - you can ask for a code base tour (we need advance notice)
      • Join #meet-our-contributors to ask questions and find out more
    • **#👏 **Shoutouts this week (Check in #shoutouts on slack) 👏
    • hhorl shoutout to:
      • @tpepper for consistently being a great context-giver, helper, recruiter, describer, mentor,
      • @sumi for publishing our packages, especially on not-so-convenient occasions
      • @Katharine for jumping in, figuring out, and fixing our testgrid (or testgrid config or something else -- still not sure what the exact problem was 😉) issue
    • **Bentheelder Shout-out to **
      • @aojea @Olav @pbnj (and anyone I missed!) for helping answer lots of questions in #kind. I especially appreciate it now while we have an influx of new members and I'm jetlagged out after KubeCon. Thank you all 🙂
    • **bentheelder shout-out to **
      • @paris @tpepper for organizing and @castrojo for hosting the Networking + Mentoring sessions at KubeCon, really awesome experience 🙂
    • **gsaenger huge thanks for **
      • @Deb Giles for making the contributor summit run smooth like butter, especially given some unique challenges with the location!
    • Parispittman shout out to:
      • Diversity Lunch participants, leads
      • Mentoring Session participants, leads

May 16, 2019 - (recording)

  • Moderators: Dawn Foster [SIG Contributor Experience/Pivotal]

  • Note Taker: Jorge Castro [SIG Contributor Experience/VMware]

  • [ 0:00 ]** Demo **-- Metal3: Bare metal host management for Kubernetes backed by OpenStack Ironic [Chris Hoge, chris@openstack.org] (confirmed)

    • Link to video - (time lapsed as it’s on real bare metal)
    • Metal3 Repo - pronounced “metal kubed”
    • Ironic controlling the infra, small set of services, running in podman in this example, but can run in k8s.

  • [ 0:00 ]** Release Updates**

    • Current Release Development Cycle [Claire Laurence - Release Manager]
    • 1.15 - No change at # of enhancements being tracker, 46. 23 alpha, 19 beta, 4 stable.
    • We cut the 1.15 branch and first 1.15 beta.
    • 1.15 jobs created, 1.11 jobs removed
    • For next week:
      • F2F session during the contributor summit
      • No major milestones
      • Burndown starts May .28
      • Patch Release Updates
        • None this week

  • [ 0:00 ] **Contributor Tip of the Week **[Nikhita Raghunath or Christoph Blecker]

    • A reminder to set your GitHub status to “Busy” only if you are really busy, since this will now prevent automatic PR review requests. Please take care in how you use your busy status to avoid overloading other reviewers. See thread for details.

  • [ 0:00 ] KEP of the Week [Kubernetes Enhancement Proposals]

    • Even Pods Spreading - [Implementable] - SIG Scheduling, Bobby (Babak) Salamat (@bsalamat)
      • Allow users to specify what topology domain a pod can be spread over.
      • Spread a pod “Among zones, or among nodes” or any arbitrary thing.
      • Interpod-anti-affinity works, but limited to only 1 pod per topology domain.
      • This allows you to spread as many pods as you want across all your topology domains.
      • API bandwidth is a problem, this feature is at risk for this release.
        • Jordan Liggitt has gone above and beyond trying to help fix this problem.
        • API review is complex, takes people a long time to become a competent API reviewer.

  • [ 0:00 ] SIG Updates

  • [ 0:00 ] 📣Announcements 📣

    • SIG Meet and Greet and Contributor Summit Update - Paris PIttman

      **#👏 **Shoutouts this week (Check in #shoutouts on slack) 👏

  • mrbobbytables: shoutout to @claudiajkang, @Felipe, and @irvifa for localizing the contributor cheatsheet to Korean, Portuguese and Bahasa Indonesian, and @rui for organizing the effort!

  • gsaenger: Shoutout to @jonasrosland for tireless slide edit magic

  • Bentheelder: shoutout to @mrbobbytables for driving home the subproject site hosting process, it's almost done document all the things!!

  • Jonasrosland: HUGE SHOUTOUT to @paris @Dawn Foster @castrojo @Deb Giles @ihor.dvoretskyi @coderanger @mrbobbytables for an amazing job planning out the Kubernetes Contributor Summit in Barcelona these past months!

  • Jonasrosland: And an enormous shoutout to @tpepper and @gsaenger for updating and taking on the role of workshop leads for Kubernetes Contributor Summit BCN!

May 9, 2019 - recording

  • Moderators: Jorge Castro [SIG Contributor Experience]

  • Note Taker: First Last [Company/SIG]

  • [ 0:00 ]** Release Updates (Going first this week)**

    • Current Release Development Cycle [Claire Laurence - Release Manager]
      • Third alpha cut this week
      • Next week will be the first beta
        • 1.15 branch cut
        • 1.15 jobs created
        • 1.11 jobs removed
      • Tracking for 47 enhancements, but we’ll see how that changes closer to code freeze (May 30th?)
        • Alin the next day or two
        • Important for communicationscommunications and blog posts around the 1.15 release
      • SIG leads:
        • Start thinking about different themes for your SIGs
        • If you haven’t heard from SIG Release, you will
      • For those at Kubecon EU
        • Meetup on day 1
    • Patch Release Schedule Updates
      • v1.14.2 coming soon cherry pick merge deadline 5/10 ahead of 5/14 release
      • v1.13.6 released yesterday...5/8
      • v1.12.8 released 4/24, next TBD May?

  • [ 0:00 ]** Demo **-- Stefan Prodan, Flagger (confirmed)

    • Link to slides
    • Link to repositories
    • Overview
      • A kubernetes operator that automates promotion of canary deployments in order to route traffic
      • Goal is to make deployments observable (plugins for slack, pagerduty, etc.)
      • Workflow is driven using git (leveraging reviews before applying changes to infrastructure for example)
      • Grafana dashboard and alerting is included
      • Gracefully promotes or rolls back deployments based on configurable success rates
      • Also supports A/B testing, based on specific HTTP headers or cookies
    • Questions
      • Is the plan to offer this to the K8s community, CNCF, or some other upstream location?
        • open source project under weaveworks
        • plan to submit to CNCF sandbox at some point
        • API is still alpha

  • [ 0:00 ] **Contributor Tip of the Week **[First Last]

  • [ 0:00 ] KEP of the Week [Kubernetes Enhancement Proposals]

    • [Andrew Kutz] - Kubeadm Machine/Structured Output
      • WIP: kubernetes/enhancements#1054
      • Looking for feedback
      • Aiming for alpha in 1.16
      • Looking to add structured output to kubeadm for better tooling/integration.
        • Need to be able to parse in deterministic way.
      • support json, yaml, and go-templates
      • Will be updating the KEP to emit versioned objects
      • Looking to promote to beta in 1.17 if people are happy with it

  • [ 0:00 ] SIG Updates

    • SIG Leads, check out this set of recommended topics to cover during your update
    • Slide template if you need it
    • Please also check the SIG Update Schedule!
    • SIG AWS [Nishi Davidson/Justin Santa Barbara] (confirmed)
    • SIG Contributor Experience [Paris Pittman] (confirmed)
      • SIG Intro session @ KubeCon
      • SIG Deep Dive @ KubeCon
      • new contact: contributors@kubernetes.io
      • building teams:
        • triage team
        • events team
        • marketing team
      • looking for apac coordinator
      • mentoring / succession planning / contributor growth
      • Automation / GitHub Management
        • Improve automation around OWNERS files
        • Audit of inactive owners
        • remove inactive reviewers/approvers from owners
        • Emeritus is for domain exports who may not be active in area, and will be ignored by prow, but can still be referenced if needed.
        • Improved owners file hygiene (only members added to owners files)
        • fejta-bot issue lifecycle automation enabled on all orgs
        • needs-rebase plugin enabled on all orgs
        • trigger plugin adds needs ‘ok-to-test’ label
        • restricted @mentions and other messages in commit messages
        • 30 new repos created from last community update
        • team membership managed through k/org
        • process for adding subproject sites (netlify) in flight
      • slack infra
        • “gitops” for slack management
        • shoutout to @katharine for being awesome
        • report message feature added
      • community site relaunched [link]
      • Community management
        • improving training etc for sig chairs and TLs
        • Assist in bootstrapping and disbanding working groups
      • events
        • Barcelona Contributor Summit
          • Seats still available for New Contributors
      • communication
        • Moderators have more than doubled in size since last update
      • Contributor documentation
        • contributor/developer guide improved
      • Future
        • tie sigs.yaml to everything
        • build more mentoring programs
        • more training
    • SIG Scheduling [Bobby Salamat] (confirmed)
      • SIG Intro session @ KubeCon
      • SIG Deep Dive @ KubeCon
      • last cycle (1.14)
        • improve performance and stability of scheduler
        • 3x performance improvement
          • 100/pods/second in 5000 node clusters
        • pod priority and preemption graduated to stable
        • improve scheduling fairness
          • add back-off mechanism to unschedulable pods
        • fixed a few race conditions
      • future (1.15)
        • improve workload reliability
          • new feature: even pod spreading [link]
            • how many pods / arbitrary failure domain
            • deprecate some inter-pod anti-affinity capabilities in the future
        • improve extensibility of the scheduler
          • pluggable scheduler [link]
          • alpha KEP
        • better pod priority for batch workloads
          • support non-preempting priority for batch workloads
          • goes to head of queue
        • supporting Lt / Gt operators for affinity
      • How these plans affect you
        • Generally backwards compatible
        • Cluster autoscaler may have issues with new scheduling framework

  • [ 0:00 ] 📣Announcements 📣

  • dims - @Damini Satya @jimangel @zparnold @sbezverk @jrondeau Congrats on your Google Open Source Peer Bonus win for your work on Kubernetes! https://opensource.googleblog.com/2019/04/google-open-source-peer-bonus-winners.html

  • gsaenger - Shoutout and ✨ to @soltysh for the most amazing codebase walkthrough to get me ready to share with new contributors at KubeCon! Thank you so much, I learned a lot!

  • JeremyWx - Big shoutout to @atuvenie for helping me with an aks-engine problem! After banging my head on my desk for most of the week she pointed out I was using an version with a bug. My head and my desk, thank you very much!!

May 2, 2019 - (recording)

  • Moderators: Lachlan Evenson (SIG-PM, 1.15 release team)

  • Note Taker: Solly Ross (Google / Kubebuilder)

  • [ 0:00 ]** Demo **-- k8dash [Eric Herbrandson (eric@herbrandson.com)] (confirmed)

    • Link to slides
    • Link to repo
    • Alternative k8s dashboard
    • Native OIDC integration (no proxy)
    • Uses watch APIs to update in real-time (no refreshing)
    • Filterable, sortable views for
      • Metrics: Resource usage using websockets API -- lots of graphs integrated into other views
      • Pods
      • Workloads (see live rollouts, etc)
      • Storage
      • Secrets (blurred so still easy to copy)
      • RBAC
    • Editing
      • YAML editor
        • Context-aware documentation in YAML editor
        • Can kubectl-apply via UI
      • Scale
      • Delete
    • Views are response (works fine in mobile, nicely resizes to fit)
      • Debug pods on the go!
    • Looking for feedback on:
      • What’s missing for your team?
      • How to promote within the community
    • Questions
      • Q: What’s the difference between k8dash and kubernetes/dashboard
        • A: Real-time updates are the big difference (no refreshes, easy to see live updates)
        • A: OIDC integration
        • A: uses metrics-server for stats, not heapster (which is deprecated)

  • [ 0:00 ]** Release Updates**

    • Current Release Development Cycle [Claire Laurence - Release Manager]
    • V1.15.0-alpha.2
      • Week 4 of release cycle (past/current week)
        • 2nd alpha release (Monday)
        • Enhancements freeze was Tuesday
          • 43 enhancements for 1.15 before freeze
          • 35 enhancements for 1.15 after (including 5 approved exceptions)
      • Week 5 (upcoming week)
        • 1.11.0 jobs removed (May 7)
        • 3rd alpha (May 7th)
    • Patch Release Updates
      • v1.14.2 tentative 5/14
      • v1.13.6 coming 5/8
      • v1.12.8 released 4/24
      • v1.11.10 released 5/1 - this was the final 1.11 patch release

  • [ 0:00 ] KEP of the Week [Kubernetes Enhancement Proposals]

    • Add revised IPv4/IPv6 dual stack KEP - [Provisional seeking implementable]
    • follow up #k8s-dual-stack on slack or k8s discuss
    • Motivation: enable dual stack support in kubernetes -- pods with ipv4 and ipv6 support addresses side-by-side
      • IPv6-only has existed for a while in Kubernetes
      • Dual stack is common migration path
    • Multi-release KEP
      • 1.15 target is to get multiple IP addresses on a pod, all nodes to have multiple CIDRs

  • [ 0:00 ] SIG Updates

    • SIG Storage [Saad Ali] (confirmed)
      • [slides here]
      • Kubernetes 1.14
        • Local PVs moved to GA (local-to-node disk as PV, like hostPath but with scheduler support, blog on k8s.io [link here])
        • CSI improvements: moving towards feature parity with in-tree volumes
          • [beta] Raw block volumes (block device in container instead of FS)
          • [beta] topology (support for expressing that volume is only available to certain nodes for scheduling)
          • [alpha] resizing (request more size on volume)
        • [alpha] in-tree → CSI migration (adapters to point in-tree plugins to CSI so we can remove third-party code without breaking users)
        • Pluggable e2e test framework to make writing tests for all volume plugins easier (lots of volume plugins were untested because tests were very specific)
      • Kubernetes 1.15
        • [beta] in-tree → CSI migration (may end up staying alpha)
        • CSI features
          • [beta] resizing (may end up staying alpha depending on KEP)
          • [alpha] ephemeral inline volumes (better support for local, ephemeral volumes like secrets or configmaps in CSI without needing to create a PVC first, inline in pod definition instead)
          • Volume capacity and usage metrics (exists for in-tree volumes, need support for CSI)
        • Snapshots
          • CSI-only feature
          • [alpha] pause/resume hooks for application-level consistency (instead of just crash consistency)
          • [in design] volume consistency groups -- multi-volume snapshots
        • [alpha] Cloning (immediately duplicate volume copy-on-write style if supported by plugin)
        • [redesign] volume attach limits (most storage systems have limits about how many volumes can be attached to a node, scheduler needs to be aware of this, needs improvement for CSI)
      • Come learn/participate
    • SIG Docs [Zach Corleissen/Jennifer Rondeau] (confirmed)
      • [slides here]
      • Last cycle
        • 1.14 docs :-)
        • New meta-documentation on docs release lead
        • +6-7 more localizations
          • Starting more meta-documentation on localization
          • Lots of good fixes to english docs when translation issues are encountered as well
        • More roles, mentoring support -- help bring new folks on and get them contributing faster/more easily
        • WG-ish group about how to organize security content in docs (talk to @zparnold)
          • Get involved: #sig-docs-security
        • Figuring out subdomain-hosting for subprojects (e.g. kind.k8s.io)
        • Getting more tech writers for pain points in the docs (e.g. “pick the right solution”)
      • Upcoming plans
        • Mentorship -- path to approver, new contributor ambassador
          • Better path for first issue → merged PRs
        • 1.15 docs :-)
        • Better issue triage
      • Upcoming doc sprints
        • KubeCon EU (not WriteTheDocs, since it conflicts with KubeCon EU)
        • KubeCon Shanghai
        • OpenSource Summit Tokyo
      • Using shadows for leads due to lead visibility (comes with a good pun, see the recording)
      • Kubernetes Blog is officially subproject of SIG Docs
        • @kbarnard10 is forming a team
      • How to contribute:

  • [ 0:00 ] 📣Announcements 📣 *

    👏 Shoutouts this week (Check in #shoutouts on slack) 👏
    • paris - thanks to @deads2k and @soltysh for joining us today for the first meet our contributors session. tons of great answers to API and CLI contributing questions - thanks for being mentors!
    • Soltysh - big thanks to @paris and @castrojo for organizing meet our contributors

April 25, 2019 - (recording)

[ 0:00 ] 📣Announcements 📣

*   Announcements
*   WG LTS Survey ending on April 26th.
    *   This survey was created by the[ LTS Working Group](http://git.k8s.io/community/wg-lts) of the Kubernetes project. The purpose of this survey is to understand the challenges faced by various types of stakeholders with respect to the current release cadence of Kubernetes project. The survey questions are classified based on the stakeholder category.
    *   [https://www.surveymonkey.com/r/kubernetes-support-survey-2019](https://www.surveymonkey.com/r/kubernetes-support-survey-2019)
*   We now have a `#pr-reviews` slack channel as a last resort if your PR is stuck. We would love to have folks who can triage/review as well to join the channel to 	help wither fellow contributors. The idea is to help get someone get a PR “ready” and get the right SIGs/Reviewers/Approvers involved.
*   **👏 **Shoutouts this week (Check in #shoutouts on slack) **👏**
    *   Nihita would like to “Shoutout to @eduar for expanding the contributor cheatsheet, and for following up on it even after his Outreachy internship ended :tada:”
    *   zacharysarah would like to “Shoutout to @bradtopol for his willingness to step out of a Barcelona speaking slot in order to make room for a local leader to step in. That’s some generous leadership! :partyk8s:
    *   lukaszgryglicki would like to “Shoutout to @Eugene Glotov for helping me with AWS/ELB/EKS stuff - T H A N K S !

April 18, 2019 - (recording)

  • Moderators: Bob Killen (sub for Paris Pittman) [SIG-Contributor Experience]
  • Note Taker: [Company/SIG]
  • [ 0:00 ]** Demo **-- Dan Lorenc - Tekton Pipeline CRD - A K8s-native Pipeline resource.(confirmed)
    • Link to slides
    • Link to repositories
    • Declarative CI/CD system making native use of Kubernetes resources
    • Contributors: Google, Pivotal, CloudBees, Red Hat, IBM and more
    • Has Task CRD that defines sequence of steps inside a pod
    • “Type Safe” Ci/CD system
    • Pipeline CRD builds a graph/DAG of the tasks
  • [ 0:00 ]** Release Updates**
    • Current Release Development Cycle [Claire Laurence - Release Manager]
    • Patch Release Update
      • enhancements freeze next week
  • [ 0:00 ] **Contributor Tip of the Week **[Katharine Berry]
  • [ 0:00 ] KEP of the Week [Kubernetes Enhancement Proposals]
  • [ 0:00 ] SIG Updates
    • SIG Azure [Stephen Augustus] (confirmed)
    • SIG Release [Stephen Augustus] (confirmed)
      • Slides: https://docs.google.com/presentation/d/1znI75gT1shim_CiPA2uDhhqhxA76AdnAxlp78eTV_cA/edit?usp=sharing
      • last cycle
        • release 1.14
        • keps are now a requirement for in-tree kubernetes enhancements
        • improved KEP template
        • introduced a questionnaire for release team shadow process
          • no longer first come first served shadow selection process.
          • iterative improvements being made to questionnaire for future releases.
        • improving release engineering (branch and patch release management)
          • now patch-release team
        • licensing subproject team
          • Everything related to tracking licenses to ensure compliance with CNCF/LF.
      • next cycle
        • Improve KEP tracking process.
        • Staff Release Engineering and Licensing teams
        • Improve feedback loop for KEPs with sig-pm
        • Ensure there is concrete membership criteria for the Patch Release/Release Team
        • Establish policy for tracking out-of-tree enhancements
        • Establish policy for release artifacts
        • work with wg k8s-infra-team on creating visible / community managed artifacts.
        • revisit charter to define in/out-of-scope
        • build process around orgt-wide license management
    • SIG Big Data [First Last]
  • [ 0:00 ] 📣Announcements 📣
    • Barcelona Contributor Summit schedule locked in. (https://contsummiteu19.sched.com/) - Invites to sched will be sent out soon (**Must **be registered through contrib summit site to get sched invite).
      • Reminder that current contributor content is SIG/subproject F2F only.
        • Kubebuilder subproject
        • Release Team meeting
        • SIG-CLI
        • SIG-Cloud Provider
        • SIG-Cluster Lifecycle
        • SIG-IBM Cloud
        • SIG-Networking
        • SIG-PM
        • SIG-Scheduling
        • SIG-UI
        • SIG-VMware
        • SIG-Windows
  • **👏 **Shoutouts this week (Check in #shoutouts on slack) 👏
    • lachie83 - shoutout to @hogepodge @lavalamp for providing awesome sig updates today during the community meeting
    • lachie83 - shoutout to @patricklang for the awesome windows on k8s demo during the community meeting today (this note is from last week --ed.)
    • zacharysarah - Shoutout to @remyleone for not only leading the French localization of docs, but helping the Spanish and Indonesian projects launch as well.
    • jdetiber - Shoutout to @vincepri for the great work on getting the Cluster API project scope and objectives documented and working through seemingly unending feedback to get us to the point that the document can be merged. (edited)

April 11, 2019 - (recording)

  • Moderators: Lachlan Evenson [SIG-PM]
  • Note Taker: Solly Ross [Google/KubeBuilder]
  • [ 0:00 ]** Demo **-- What’s New in Windows Containers in K8s [SIG-Windows], Patrick Lang, Senior Software Engineer, SIG-Windows co-chair - @patricklang
  • [ 0:00 ]** Release Updates**
    • Current Release Development Cycle [Claire Laurence - Release Manager] (Confirmed)
      • 1.15 release cycle began Monday (April 8)
      • Working on getting schedule finalized (README link here)
      • 11-week cycle (GA on June 17, to avoid releasing during KubeCon Shanghai)
      • Enhancements tracking starting next week (April 15th-ish)
        • File issues for including in the 1.15
        • Enhancements freeze on April 30
          • Must have open issue in the 1.15 milestone
        • Please have test plans and graduation criteria
      • 1.15 alpha 1 next tuesday
      • Release notes starting on April 23rd
    • Patch Release Updates
      • 1.14.1 released 2019-04-08
      • 1.13.6 TBD April 2019
      • 1.12.8 cherry pick deadline 2019-04-19, release target 2019-04-22
      • 1.11.10 ...officially past 9 months typical support window, but possibly one last release to come TBD April 2019
  • [ 0:00 ] **Contributor Tip of the Week **[Jorge Castro]
    • What do I OWNERs and how do I check?
    • https://cs.k8s.io (hound) allows code search through the k8s codebase
    • Search accepts RegEx
    • Can search for yourself and make sure you’re in the appropriate OWNERS files and make sure you’re not still listed for things you’re not working on
    • https://cs.k8s.io/?q=castrojo&files=OWNERS - sub in your github name to see which files you’re in.
  • [ 0:00 ] KEP of the Week [Kubernetes Enhancement Proposals]
  • [ 0:00 ] SIG Updates
    • Info for SIG Leads
    • SIG Cloud Provider [Chris Hoge @hogepodge] (confirmed)
      • Link to slides
      • Work on stuff in k8s that’s common across all cloud providers (e.g. loading of cloud providers)
      • Current biggest area of work is cloud provider extraction
        • Want to have out-of-tree cloud providers instead of having to have everything baked in
        • Several cloud providers are integrated into k8s codebase, need to extract them
          • Step 1: have interface for providers to interact with
            • Done: Cloud Controller Manager is complete
          • Step 2: unwind built-in cloud providers
            • many in-tree cloud providers are deeply integrated
            • Moving those to staging
            • Don’t want to break existing users, but still want to start breaking out of codebase
      • New areas of work
        • Restructuring cloud provider SIGs into SIG Cloud Provider subprojects
          • Proposal
          • Will still have quarterly updates for cloud providers, still have event time at KubeCon, etc
          • Plan to have full implementation for KubeCon San Diego (KubeCon NA 2019)
        • Replacing SSH tunnel system with API server network proxy
        • Out-of-tree image credential providers
        • Better docs
        • HA clusters with cloud controller manager
          • e.g. leader election is tricky
      • In-tree cloud providers going away by December 2019 -- start using the external providers
        • Ovirt, cloud stack, and photon cloud providers are deprecated and will be removed
      • To help: see issues on https://git.k8s.io/cloud-provider
        • Links to Slack and Mailing List in slides
    • SIG API Machinery [Daniel Smith @lavalamp] (confirmed)
      • Link to slides
      • Current work
        • Server-side apply is in alpha \o/
          • Demos in SIG API Machinery meetings
        • CRD schemas now published into OpenAPI (in alpha)
        • Storage migration work progressing (updating existing objects in etcd to new schema on upgrade)
      • Upcoming plans
        • Move extensibility features to GA by end-of-year (CRDs, webhooks, etc)
        • Apply to beta in 1.15
        • KEP for better handling of union types (e.g. VolumeSource)
        • API server traffic classification/proxying support (can’t talk to etcd if you’re trying to talk to a webhook, for example)
          • KEP posted in enhancements repo
        • Better server-side rate limiting
          • KEP posted
      • Finalizing CRD, webhook plans soon, provide feedback soon if you have it
      • Lots of subprojects, see slides or README above for details
      • How to help
  • [ 0:00 ] 📣Announcements 📣

    • **Office Hours next week! **Next Wednesday! Ping @castrojo if you want to get involved.

    • Windows containers in Kubernetes Poll

      • SIG Windows wants feedback on Windows use cases in Kubernetes from users

    • Cluster API now has a discuss.k8s.io category for discussions if you want to join in.

      **👏 **Shoutouts this week (Check in #shoutouts on slack) 👏

    • vllry - shoutout to @a_sykim for helping me get a kube-proxy bugfix out the door!

    • jdetiber - shoutout to @castrojo for getting us setup with a Cluster API discourse topic in no time at all

    • jdetiber - shoutout to @Katharine for helping out with the recent boskos deployments we've needed for wiring up automated e2e tests for the Cluster API subproject

    • Top 10 Stackoverflow answerers in the Kubernetes Tag for the last week:

      • Frank Yucheng Gu, Eduardo Baitello, Rico, cookiedough, Janos Lenart, P Ekambaram, Harsh Manvar, 4c74356b41, A_Suh, Leandro Donizetti Soares
      • Thanks for helping out!

April 4, 2019 - (recording)

  • Moderators: Vallery Lancey [Lyft / k8s contributor]
  • Note Taker: Jorge Castro [SIG Contribex]
  • **Demo **-- k3s [Darren Shepherd]
  • **Demo **-- BotKube [Sanket Sudake(sanket@infracloud.io) & Prasad (prasad@infracloud.io)] (confirmed)
  • [ 0:00 ]** Release Updates**
  • [ 0:00 ] 📣Announcements 📣

    • No major announcements this week

      • SIG Chairs/TLs, remember to check your inboxes and #chairs-and-techleads for Paris’ newsletter

      **👏 **Shoutouts this week (Check in #shoutouts on slack) 👏

    • nikhita - shoutout to @rlenferink for consistently stepping up to review PRs in kubernetes/org and other contribex repos :)

    • Jdetiber - shoutout to @justinsb for helping us get the initial v1alpha1 release of cluster-api out the door and the image published!

    • Vllry - Huge shoutout to @liggitt for the amount of contributor questions he’s been answering… feels like he’s explaining the codebase and community everywhere I go.

    • Jdetiber - shoutout to @leah for the great work around enumerating and documenting use cases for the Cluster API subproject

    • Top 10 Stackoverflow users in the Kubernetes Tag for March:

      • Jexrael, Dmide, Gordon Linoff, Wiktor Stribizew, Martijn Pieters, Wen-Ben, TJ Crowder, and akrun
      • Thanks for helping out!

March 28, 2019 - Release Retrospective for 1.14 (recording)

March 21, 2019 - (recording)

March 14, 2019- (recording)

  • Moderators: Jorge Castro [SIG Contributor Experience]

  • Note Taker: First Last [Company/SIG]

  • [ 0:00 ]** Demo **-- ~~dmesser@redhat.com - Automated Day 2 Operations on Kubernetes using Operators Demo Title [Daniel Messer, dmesser@redhat.com] (confirmed) ~~

    • Didn’t happen - timezone snafu, Jorge will reschedule them as soon as possible.

  • [ 0:00 ]** Release Updates**

  • [ 0:00 ] SIG Updates

    • SIG Leads, check out this set of recommended topics to cover during your update
    • Slide template if you need it
    • Please also check the SIG Update Schedule!
    • SIG Architecture [Matt Farina] (confirmed) Deck link
      • Making changes to better scale and avoid burnout
        • Focus on:
          • documenting guidance as opposed to one-off decisions
          • Move discussions to mailing lists to better include others
          • more on delegating to OWNERS
          • Ensuring subprojects cultivate new leaders, make sure subprojects are staffed
        • Done so far
          • KEP process → SIG PM
          • Meetings every other week now
          • API Review shadowing (teach new people to be API reviewers
      • Other things done:
        • Add guidance that everything should be tested
        • KEPs for 1.14+ should now have upgrade/downgrade/test plan
        • Documented Kubernetes Scope
        • Windows nodes GA
      • How to help
        • Arch & API Governance subproject: look at process, sign up for shadowing
        • Conformance Definition: come talk to them to onboard
        • Code Organization: need people to help kickstart untangling kubernetes/kubernetes, figure out dependency handling (currently mostly unstaffed, needs people to start the effort)
        • https://git.k8s.io/community/sig-architecture/README.md
      • Questions/Additions
        • SIG arch is always welcomes people who want to come in and get work done
        • Goal of changes is to avoid SIG Arch being the single-point-of-failure for technical decisions, and instead be a last resort
    • SIG VMware [Steven Wong] (confirmed - ~3 min) Deck link
      • Last cycle
        • Out-of-tree cloud provider
        • CSI provider improvements
        • Cluster API provider
        • Minikube for Fusion/Workstation
      • Upcoming cycle
        • Stabilize cloud provider, CSI provider
        • Cluster API management cluster pattern
      • How to help
    • SIG Multicluster [Irfan ur Redhman] (confirmed)
      • Time zone problem, Jorge to reschedule asap.

  • [ 0:00 ] 📣Announcements 📣

    • New Contributor Summit site is live at https://events.linuxfoundation.org/events/contributor-summit-europe-2019/, and registration will be live be EOD March 14th

    • Slack signup is back!

    • 1.15 Release Team

      • @claurence is 1.15 lead
      • Issue for rest of roles is yet to be created

    • PSA: we have a new channel on slack #pr-reviews to help people find reviewers. Help get eyeballs on PRs.

    • Aaron has a last minute announcement

      **👏 **Shoutouts this week

  • coderanger - Shoutout to @Katharine for kicking butt on Slack automation to help out the admin team!

    • (e.g. more actions → report for bad messages)

  • mrbobbytables - Just seconding @coderanger seriously big shoutout to @Katharine for the stuff shes doing to make Slack a better place for all of us ❤️ ❤️ ❤️

  • spiffxp - Big shouts to @neolit123 for his investigative work on what appears to be a golang 1.12 bug. And @liggitt @justinsb @dims for the continued assists. And the golang team for trying to get us go1.12.1 in time

  • Shout-out to @marpaia for setting up and running the EU friendly release team meetings, stepping in so much whenever Aaron isn't available, and keeping on top of all the things 🙏

March 7, 2019 - (recording)

  • Moderators: Chris Short [SIG-ContribEx]

  • Note Taker: Bob Killen - University of Michigan

  • [ 0:00 ]** Demo **-- Argo CD — Enterprise scale open source GitOps solution to deploy 100s of apps in prod - Jesse_Suen@intuit.com & Alexander_Matyushentsev@intuit.com (confirmed)

    • Slides
    • https://github.com/argoproj/argo-cd
    • Collection of controllers and tools for workflow processing.
    • Well known for their batch job engine
    • Supports SSO via dex
    • Has “GitOps” style workflow capability by auto-syncing with git repos.
    • Has built-in health checks for native kubernetes objects for use with deploying.
      • Can add custom checks via lua checks
      • Can rollback in the event of a degraded deployment
    • Has pre and post sync hooks that can be used to inject custom logic
      • Useful for db migrations etc
    • Emits events for auditing along with full prometheus metrics

  • [ 0:00 ]** Release Updates**

  • [ 0:00 ] **Contributor Tip of the Week **[Jorge Castro]

    • Contributor Playground is now live!
      • Home for new contributors to learn how to use bots and practice with PRs.
    • Nice work @gsaenger!

  • [ 0:00 ] SIG Updates

    • SIG Leads, check out this set of recommended topics to cover during your update
    • Slide template if you need it
    • Please also check the SIG Update Schedule!
    • SIG IBM Cloud [Sahdev Zala and Richard Theis] (confirmed)
      • Slides
      • Last Cycle
      • Upcoming Cycle
        • Move internal cloud-provider repo public
          • Refactor to use cloud-controller manager design
          • Working on internal build process changes
    • SIG Service Catalog [Jonathan Berkhahn] (confirmed)
      • Slides
      • Last Cycle
        • Continued work on namespaced resources
        • Began work on transitioning to CRDs
      • Upcoming Cycle
        • Namespaced resources
        • Move to GA
          • CRDs
          • Bug fixes
        • Finish moving tests to prow
        • Recruiting new contributors and maintainers

  • [ 0:00 ] 📣Announcements 📣

    👏 Shoutouts this week (Check in #shoutouts on slack) 👏

  • Aaron Crickenberger: shouts to @oomichi for his continued review of kubernetes/kubernetes test/e2e PR’s, he’s helped land over 30 PR’s this release cycle (including some conformance tests)

  • Lachlan Evenson: shouts to @bentheelder @munnerz and the kind team for all the great work that’s gone into the kind tool and docs. It’s radically changed my inner loop for testing code changes in Kubernetes. Thanks!

  • Lachlan Evenson: shouts to @claurence for being an awesome enhancements lead on the 1.14 release team. She’s taken the time to coach all the shadows and has been diligently grooming the 33 features in the hopper for 1.14. Cheers from your fellow enhancements shadows!

  • Paris Pittman: Thanks to our upstream mentoring panelists on #meet-our-contributors today!! @mike.splain @carolynvs @dims @directxman12 @a_sykim

  • Dims: Thank you to the #meet-our-contributors hosts always excellent hosts @paris and @jorge!

  • Chris Short: Thank you to @mrbobbytables for stepping in to take notes the past two Kubernetes Community meetings. I really appreciate it! :khanparrot::khanparrot::khanparrot:

  • Nikhita: shoutout to @jeefy and @Katharine for https://twitter.com/spiffxp/status/1103717028232290305

February 28, 2019 (recording)

  • Moderators: Chris Short [SIG ContribEx]
  • Note Taker: Bob Killen
  • [ 0:00 ]** Demo **-- Feb 28 - Kubernetes Policy Controller with OPA/KPC - Dave Strebel strebeld@gmail.com (confirmed)
    • Gatekeeper project and Kuhttps://youtu.be/fjZ5l8gZrcwbernetes policy controller merged to become Open Policy Agent (OPA) Gatekeeper.
    • OPA - General purpose policy engine using declarative policy language (rego)
    • Focused on protecting the Kubernetes API
    • Augments Admission / Authorization and Audit capabilities of Kubernetes.
      • Adds more granular policies and can mutate requests.
    • Partially backed by CRDs, working on full configuration through CRD.
    • Can audit current environment against policies without enforcing policies.
    • Examples:
      • Can enforce policies such as images must be pulled from specific registries.
      • Can add additional annotations on matching criteria.
    • CNCF Blog
  • [ 0:00 ]** Release Updates**
    • Current Release Development Cycle [Aaron Crickenberger - Release Manager] (confirmed)
    • Patch Release Updates
      • x.x
      • y.x
  • [ 0:00 ] Contributor Tip of the Week
  • [ 0:00 ] SIG Updates
    • SIG Leads, check out this set of recommended topics to cover during your update
    • Slide template if you need it
    • Please also check the SIG Update Schedule!
    • SIG Cluster Lifecycle [Tim Allclair and Robert Bailey] (confirmed)
      • kubeadm v1.14
        • p0 - working on better test automation
          • starting to use KinD as a tool to replace kubernetes anywhere
          • upgrade testing
        • p1 - improve HA lifecycle
        • p2 - improve join action
      • cluster-api
        • Plan to release v1alapha1 around the v1.14 release
        • Added support for cascading deletion
        • Improve machine object deletion
        • NEED testers
      • minikube
        • v0.34 update released
        • Working towards a v1 release in March
      • Kops
        • upgraded to etcd3
        • working through current CVE issue
        • building roadmap for cluster-api
      • KinD
        • Offline support
        • Upgraded to v1.13.3
        • Goal: Use KinD to replace local cluster-up
      • PSAs
        • Component config working group started
        • Working on addon management
          • CRD lifecycle
      • Upcoming planning session.
    • SIG OpenStack Chris Hoge
      • Slides
      • Moving in-tree provider from kubernetes/kubernetes
      • Working on building better deployment tooling
        • Magnum - integrated K8s deployment
        • Self service through Kops
        • Cluster-API implementation for OpenStack cloud and bare metal.
      • Bare Metal Cluster-API implementation will use ironic with multiple deployment options:
        • Standalone single tenant
        • Integrated, multi-tenant with cloud-link services.
      • Kops OpenStack provider is alpha
      • Plan to work closer with CNCF regarding CI/CD testing and working closer with sig-testing.
    • SIG Auth Mike Danese
      • Slides
      • Working on roll out of better service account tokens
      • Dynamic auditing with per sink policy
      • Refining approach to the different policy types in Kubernetes
        • Dynamic admission ecosystem including a general purpose policy engine (e.g. OPA)
        • New domain-specific policies: scheduling and images
        • rethinking PodSecurityPolicies due to usability issues
      • Improve API Server authentication
        • dynamic webhooks have become popular, need a better way to authenticate the api server as a client.
        • Webhooks can accept sensitive data and return sensitive data, need to identify the caller
      • Organization:
        • Identified and defined subprojects and TLs.
        • More proactively engage with subprojects
        • Absorbed wg-container-identity.
  • [ 0:00 ] 📣Announcements 📣
    • We’re in need of more slack moderators, apply here and click the moderator request button.
      • Must be a k8s org member already
      • APAC and EU moderators needed the most
    • Shoutouts
      • Akutz - Major #shoutout to Katharine Berry (@Katharine) for fixing a UX bug within just a few hours of me mentioning it - https://kubernetes.slack.com/archives/C09QZ4DQB/p1550863111161400. Ain’t no service like SIG-Testing service, cause SIG-Testing service don’t stop!
      • spiffxp - shoutout to Thomas Runyon (@runyontr) for kubernetes/kubernetes#72939 allowing us to run eg: make test-cmd WHAT=deployment to run just the the deployment cli tests, same sort of thing you can do with make test and make test-integration
      • bentheelder - shoutout to @gsaenger for writing a wonderful new message for the welcome bot! looking forward to seeing this in more places - (kubernetes-sigs/contributor-playground#229 (comment))
      • bentheelder - Shoutout to @jeefy for the really shiny and useful looking structured Kubernetes release notes viewer demo in today's #sig-release meeting, looking forward to seeing more about this!
      • Maria - shoutout to Silvia Moura Pina (@smourapina) for putting together a workflow to enable the CI signal subteam of the release team keep on top of flagging issues from e2e tests and coordinate follow-ups and to Jorge Alarcon (@Jorge) for spotting an opportunity to offer broader transparency to what the CI signal team is working on, suggesting a structure and kicking off implementation (find current version at https://github.com/orgs/kubernetes/projects/11)
      • spiffxp - shouts to Josh Berkus (@jberkus) for taking notes during today’s steering committee meeting, our google doc clearly becomes way more difficult to use with so many people looking at it, and the written record is invaluable
      • spiffxp - shoutout to Katharine Berry (@Katharine) for moving us from gubernator to spyglass for all of our test result viewing needs! https://git.k8s.io/test-infra/prow/spyglass
      • codenrhoden - Shoutout to Michelle Au (@msau42) for her patience and helpful guidance in getting a very large PR merged!
      • @strebel - @jeefy and @onyiny-ang for all their awesome work on the Release-Notes team for 1.14. Especially @jeefy’s work on the Release-Notes website concept

See 2018 Q3-Q4 Archive here

See 2018 Q1-2 Archive here

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment