Kubernetes Weekly Community Meeting

videos

#14

August 2, 2018 -

  • Moderators: Solly Ross
  • Note Taker: Bob Killen [Company/SIG]
  • [ 0:00 ]** Demo **-- Kritis Overview [aprindle@google.com]
    • Slides
    • Build off of grafeas
    • Test assertions before deploying containers
    • Can validate / do vulnerability scanning
    • Cron schedule that is constantly monitoring to ensure images are never fall out of sync
    • CRD based configuration
      • Supports whitelisting images
      • Can define things such as maximum CVE severity
      • Can deny images that are usings tags such as ‘latest’
    • Helm Chart available for deployment
    • When attempting to deploy an image with a vulnerability, user will be given a denied error
    • Blog post incoming on August 13th
    • Initial v0.1.0 release coming soon
    • Custom attestation policies in the future
    • Questions:
      • Is like Portieris? Unknown, will look / follow up
      • Does it support Notary? Auth piece has similar goal
        • Notary support should be possible, both designed for build provenance
    • [slides]
    • https://github.com/grafeas/kritis
  • [ 0:00 ]** Release Updates**
    • Current Release Development Cycle [Tim Pepper ~ 1.12 Release lead]
      • v1.12 Feature Freeze: was Tuesday July 31
        • This was feature definition (not implementation) deadline.
        • ~50 features captured
        • Implementation (code, test cases, docs drafts)deadline is “Code Freeze” on Sept. 4
      • v1.12.0-alpha.1 release cut yesterday Aug. 1. Is a major milestone in that along with 1.11.1 we are transitioning from Google employees running the build/release mechanism to community members. The transition has had a few issues, but is rapidly improving. Expecting first beta to be smooth.
      • More details and links at http://bit.ly/k8s112-release-info
    • Patch Release Updates
      • 1.11.2 Scheduled for the Aug 11th (cherry picks should be up by Friday, August 3rd)
  • [ 0:00 ] Open KEPs
    • Dynamic Audit Configuration https://github.com/kubernetes/community/blob/master/keps/sig-auth/0014-dynamic-audit-configuration.md
      • Advanced auditing is still difficult to configure
      • Working on making it similar to dynamic admission control
      • Support both static runtime configuration via flag and new dynamic method
      • Moving into alpha in 1.12, beta in 1.13
      • Will be Feature Gated
      • Can be used to compute API coverage on a running cluster. Previously it was not possible to alter the audit config of a running cluster. Dynamic audit config allows you to turn on API coverage calculator and compute the API usage for a period of time.
  • [ 0:00 ] SIG Updates
    • SIG UI [Jeffrey Sica] (confirmed)
      https://docs.google.com/presentation/d/1f6dI2mP_5SZeuJd9i3e6y6jx44i6ouFZGvFAfYT1BsA/edit?usp=sharing
      • New release coming soon (2-3 weeks)
        • Many bug fixes
        • Will use 1.8.10 client-go
      • Angular Migration in progress
        • Migrating from version 1 to version 6
        • Requires a complete rewrite
      • Upcoming features
        • oauth2 integration
        • multi-arch manifests
        • security enhancements
          • inform users when running as admin or with other insecure configuration
        • Will support multiple themes
        • Customized CSS (branding etc)
      • Looking for more contributors
        • angular js migration
        • bug triage
        • feature discovery
    • SIG AWS [Nishi Davidson] (confirmed) (had to move to later week)
    • SIG Service Catalog [Jeremy Rickard] (confirmed)
      • SIG Charter recently approved
      • SIG Chairs have changed recently (insert names later)
      • Working actively on improving contributor experience
        • active in labeling issues
        • improving contributor guide
      • Moving to prow
      • Service Catalog now supports namespace
      • Catalog restrictions on a per namespace basis
      • Working towards providing default types for services
  • [ 0:00 ] Announcements
    • Kubecon CFP deadline
    • Save the Date: Kubernetes Contributor Summit, 10 December, right before Kubecon.
      • Sunday, 9 December will likely
    • Shoutouts this week (Check in #shoutouts on slack)
      • thanks to @mhb for his efforts in working with #sig-testing to get service-catalog all hooked up to prow :prow: and tide
      • thanks to @tpepper @jeefy @bentheelder @rdodev for great responses and their time on #meet-our-contributors yesterday! :tada: solid examples of good mentors
      • Shout out to @neolit123 for quick responses and status updates to failing ci tests in cluster lifecycle
      • Many thanks to @ahmet for quick reviews of changes to kubernetes/examples repo!
    • Stackoverflow Top Users (Once a month at the end of the month)
    • Turning off bot for 1.12 release, last artifact of munge github (missed 1st part of this)
    • Contributor Experience is looking for new contributors
    • SIG leads have an email regarding zoom

See Q1-2 Archive here


#15

Here are the notes from today, waiting on the video to render but I’m leaving for a long weekend so I’ll have to fill it in later, cheers!

Aug 9, 2018 - (recording)

  • Moderators: Arun Gupta [Amazon]
  • Note Taker: Tim Pepper [VMWare/SIG Release and Jorge Castro [Heptio/SIG Contribex] and Josh Berkus [Red Hat/SIG Release etc.]
  • [ 0:00 ]** Demo **-- No demo this week
  • [ 0:00 ]** Release Updates**
    • Current Release Development Cycle [Tim Pepper ~ 1.12 Release lead]
      • We are roughly halfway through the ~12-13 week release cycle for 1.12, but almost ⅔ of the way through our open development phase:
        • It’s been ~50 days since master branch reopened from 1.11’s freeze
        • It is only 26 days to 1.12’s code freeze!
      • 1.12.0-beta0 is Aug. 14: We are validating a new build/publish mechanism and its documentation. Beta should be cut from a newly created 1.12 release branch next week, CI will be enabled on the branch, and the branch will fast-forward regularly pulling master branch’s content for the next weeks.
      • Looking for high SIG attention toward keeping CI signal green for release master blocking and release master upgrade
      • Code Freeze: September 4 (26 days from today)
      • Release Target: September 25 (47 days from today)
    • Patch Release Updates
      • 1.9.10 (5 days ago)
      • 1.10.6 (12 days ago)
      • 1.11.2 (1 day ago)
  • [ 0:00 ] SIG Updates
    • SIG Scalability [Shyam Jeedigunta] (confirmed)

      • Recent work toward improving tools for scale testing:
      • For 1.12 kubelet watches for secrets instead of polling, making a big perf win, can scale to a 100k namespaces currently.
      • Kubelet heartbeat changes to reduce etcd interactions (see KEP 0009 node heartbeat)
        • Moving node heartbeat to another API
        • Current node heartbeat produces a LOT of etcd version history, bloating the etcd database
      • CI Testing
        • Deflaking our jobs
        • Solving 1.12 regression
    • SIG Architecture [Brian Grant] (confirmed)

      GitHub notifications don’t work for most and slack also is lossy. Use mailing list.

      • Tracking boards - if you want to get on the SIG Arch radar, please get onto the project board so you can get on the agenda. Feel free to use the sig-architecture mailing list to reach out to us. (Slack is too ephemeral, please use the list as the primary point of contact.)
      • Pushing back on newly compiled-in APIs, reviewing those more closely.
      • Will post to k-dev on the engagement model for interacting with API changes ← important
    • SIG CLI [Sean Sullivan] (confirmed)

    • SIG AWS [Nishi Davidson] (confirmed)

      • Slides link
      • Looking to upstream more, especially documentation and testing
      • Repos now in kubernetes-sigs namespace
      • Giving an overview of subprojects:
        • Aws-iam-authenticator, allows authentication against IAM credentials for kubernetes running on AWS. Renamed from heptio-authenticator.
        • Aws-alb-ingress-controller, created by CoreOS and Ticketmaster & donated, watches for ingress events on kubernetes and creates AWS ALBs. It’s in production at Ticketmaster (also used by Bluejeans & Freshworks). At some point will be added to Amazon EKS.
        • Aws-encryption-provider provides envelope encryption for Etcd, still an alpha project where they are debating design elements.
        • Aws-csi-driver-ebs allows the CSI driver to work with EBS for PVs. Collab with Red Hat. Hope to make stable in 1.13/1.14 and replace the current EBS driver.
        • Pod-identity-access: just a proposal right now. Would like to have identity injection inside the pod for IAM credentials. Target for 1.13/1.14 work.
        • Cloud-provider-aws: project to move AWS cloud provider to the cloud provider API (as per KEP 0019). Added a documentation KEP for it.
    • Cluster API [Kris Nova]

  • [ 0:00 ] **Steering Committee Updates **[Aaron @spiffxp]
    • Steering Committee Elections 2018
    • Walked through how a meeting works:
      • kubernetes/steering project board
      • They start with a kanban board and look at all of the things they were supposed to have done
      • Right now they’re supposed to be having elections, but there are pending tasks that weren’t done a year ago, like deciding who is a “member of standing”.
      • Went over criteria for member of standing. Right now they’re planning to use Devstats criteria for contributions by contributor (rolling window 1year), requiring 60 contributions.
      • Need to codify SIG liaisons from SC. This is partly for the charter process. Have at least 2 people assigned to each SIG.
    • Code of Conduct Committee (CoCC): open candidates, closed voting -> set of members added in community repo. See committee readme for more info.
    • Charters: lots of activity but also slow progress. WIP, lots to do, tracked in meta issue.
    • Meet Our Contributors - Steering Committee edition
    • Non SC participation: Would like to allow non-SC members to join the meetings by invitation (meetings are recorded though and posted to the youtube channel for community review), such as Jaice who has been auditing the meetings and asking questions. Another example is cblecker querying the SC about GH permissions management, and made a proposal for it. Not suggesting making the meetings open, joining would be by invitation, usually based on a proposal to the SC.
  • [ 0:00 ] Announcements
    • Kubernetes Office Hours is next week! [Jorge]
    • SIG Update Schedule for this meeting is updated through October [Jorge]
      • It is always linked to from the top of this document
      • SIGs, it is your responsibility to ensure that you can make this update, if not, let someone in SIG Contrib-Ex know so we can schedule you.
    • Demo section is finally caught up! If you want to demo something during this meeting see the top of this document. [Jorge]
      • If you’ve demo’ed over a year ago consider submitting again so we can check out your progress!
    • GitHub Management subproject [Aaron @spiffxp]
    • Subprojects [Aaron @spiffxp]
    • Sunsetting Kubernetes SIG service accounts [Ihor]
    • Shoutouts this week (Check in #shoutouts on slack)
      • paris: thanks to @tpepper (Tim Pepper) @jeefy (Jeffrey Sica) @bentheelder (Benjamin Elder) @rdodev (Ruben Orduz) for great responses and their time on #meet-our-contributors yesterday! :tada: solid examples of good mentors
      • spiffxp: thanks to @mhb (Morgan Bauer) for his efforts in working with #sig-testing to get service-catalog all hooked up to prow :prow: and tide
      • Jerickar (Jeremy Rickard): what @spiffxp said! tide and prow are dope and we love using the now
      • tpepper: shoutout to @jorge , @paris , zoom, and any others who’ve been working for months to improve our meeting moderation abilities and best practices to better insure our collaborations are constructive and resilient in the face of potential abuse
      • spiffxp: shoutout to @matthyx (Matthias Bertschy) for adding per-repo label support to our label_sync bot, so you can add labels to your repo by PR’ing a file instead of making the change manually with admin access
      • jorge: shoutout to @chenopis (Andrew Chen) for sorting out netlify for the contributor site!
      • spiffxp: shoutout to @mkumatag (Manjunath Kumatagi) and @dims (Davanum Srinivas) for their push on multi-arch e2e test images, ppc64le is now passing node conformance (https://k8s-testgrid.appspot.com/sig-node-ppc64le#conformance)

#16

Aug 16, 2018

  • Moderators: Aaron Crickenberger (@spiffxp, Google, SIG Beard)
  • Note Taker: Solly Ross (@directxman12, Red Hat, SIG Autoscaling)
  • [ 0:00 ]** Demo **-- Kubernetes Ingress Controller for Kong [Harry Bagdi, harry@konghq.com] (confirmed)
    • Links/contact
    • Kong is an open source API gateway built on nginx
      • Performance and features from nginx
      • flexible routing
        • Hash-based
        • Cookie-based
        • client-based
      • dynamic configuration
      • plugins for custom logic common to your microservices
    • Ingress Deployment
      • Dataplane mode does the proxying, pulling config from the database
      • Controlplane mode configures things, writing them to a database
      • Runs in a single namespace, but serves ingresses for all namespaces
      • Data is proxied directly to pods, skipping kube-proxy
        • Enables things like sticky sessions in Kong
      • Custom resource for extending normal Ingress with additional Kong functionality (KongIngress)
        • Proxy configuration
        • Routing methods, regex priority, etc
        • Active and passive health checks
      • Plugins for custom logic
        • Use CRDs set up different plugin configurations
        • For example, rate-limitting
        • Apply configured plugins to ingresses with annotations specifying the name of an instance of the custom resource
        • Have many plugins, all opensource
      • Supports multiple services
      • Supports TLS upstream and termination
    • Inspection
      • Can inject headers for info
        • Via
        • Latency
        • Rate-limitting information
      • can also be inspected using an HTTP API to check underlying Kong configuration
    • Questions
      • Q: How are websockets handled?
        • Kong can forward websocket traffic directly (you can upgrade connections to websockets as normal)
        • Can’t actively manipulate traffic on websockets
  • [ 0:00 ]** Release Updates**
    • Current Release Development Cycle [Tim Pepper ~ 1.12 Release lead]
      • ~2.5 weeks to code freeze!!! Yes already!!
      • 40 days to release
      • release-1.12 branch created Tuesday; fast forwarding daily to master
        • Fast-forward for next couple of weeks
      • Branch CI on track to arrive this week
      • CI signal mostly OK for release master blocking and release master upgrade, but a number of issues being worked
    • Patch Release Updates
      • 1.9.10 (14 days ago) - Mehdy Bohlool (@mbohlool)
      • 1.10.6 (21 days ago) - Maciek Pytel (@MaciekPytel)
      • 1.11.2 (9 days ago) - Anirudh Ramanathan (@foxish)
  • [ 0:00 ] **Graph o’ the Week **[spiffxp]
    • Let’s talk about flaky and failing tests
    • Testgrid - presubmits-kubernetes-blocking#Summary
      • Show’s blocking tests
      • Also a dashboard for non-blocking tests
      • Can click to see history of job runs in a grid, where they succeeded and failed
      • Tests are considered failing until it sees a pass in some particular window
    • Velodrome - BigQuery Metrics - Presubmit Failure Rate
      • Grafana instance looking at test failures
      • Can see which suites are failing over time
        • E.g. kops spiked, integration built over time, but has been fixed (thanks @janetkuo!)
    • GitHub Query - is:open label:kind/flake org:kubernetes
      • Can use this query to find flaky tests (intermittently failing and succeeded)
    • GitHub Query - is:open label:kind/failing-test org:kubernetes
      • Can use this query to find tests that are failing all the time (as opposed to “just” being flaky)
    • Who should be helping fix these?
        1. Who owns the test?
        • [sig-foo] thing should not explode
        1. Who owns the job?
        • test-infra/config/jobs/kubernetes/sig-foo/OWNERS
        1. Who owns the infra?
        • #test-infra
        • If you skip steps 1 & 2 and go directly to 3, you will be sent to the back of the line
  • [ 0:00 ] KEP o’ the Week [Chris Hoge, @hogepodge, on behalf of Nishi Davidson, @d-nishi]
    • Part of SIG Cloud Provider
      • Coordinates stuff among all cloud providers
    • https://github.com/kubernetes/community/blob/master/keps/sig-cloud-provider/0019-cloud-provider-documentation.md - Accepted
      • Transfer responsibility of maintaining docs to cloud providers
      • Provide documentation on how to activate any out-of-tree cloud provider
      • Set minimum standards for cloud provider documentation
      • Maintain docs for how to write a new out-of-tree cloud provider
    • Follow up discussion in SIG-Cloud-Provider and SIG-AWS
    • Questions
      • Q: Working with Cluster Lifecycle to improve workflow in kubeadm?
        • Yes, working on docs to start out with
  • [ 0:00 ] SIG Updates
    • SIG Docs [Andrew Chen]
      • [slide link]
      • Ongoing/upcoming work
        • 1.12 is under (@zparnold is docs lead)
        • Docs contributor guide has been refactored (@mistyhacks)
        • Considering alternative search engines for China PR#9845
        • Figuring out generated docs (working group) – e.g. for kubelet PR#66034
        • Proposal for fundamental concepts of Kubernetes (modeling, architecture) [slides]
          • Need more/helpful diagrams
      • PR bash and docs sprint at Write the Docs in Cincinnati
      • Search outage postmortem [doc]
        • Kubernetes.io dropping off of search results
        • Version docs aren’t indexed (via X-Robots-Tag: noindex)
        • Noindex header got added to main site as well by accident, causing no search engine results
        • What to do going forward
          • Hand off infra to CNCF, document mechanisms and processes
          • Adding testing and monitoring, notify on abnormalities
          • Have better failsafe default state
            • master was the exception before, default state was “nothing gets indexed”
            • default state should have been “everything got indexed”
    • SIG IBMCloud [Sahdev Zala]
      • Slide deck
      • Relatively new SIG for building/maintaining/using Kubernetes with IBM public and private clouds
      • Meets every other week (Wednesdays at 14:00 EST)
        • Start with presentations about IBM Cloud Kubernetes Service, IBM Cloud Private (recorded)
          • IKS supports 3 concurrent releases, multi-az clusters
          • IBM Cloud Private 2.1.0.3 releaed in May, certified for up to 1000 nodes, scalability work ongoing
      • Ongoing discussions/work
        • SIG cloud provider integration
        • Public repo for IBM cloud provider code
        • SIG Charter
      • Future discussions (see SIG agenda)
        • Hybrid clouds (IKS <-> ICP)
        • Performance
      • Community Collaboration
        • Networking
          • Working with Red Hat & Tigera
            • Move Egres/IPBlock network policy to GA in 1.12
        • Scalability
          • Etcd changes to improve cluster creation, improve monitoring overhead
        • Storage
          • Flex volume resize and metrics
          • IBM Cloud object store plugins
    • SIG Autoscaling [Solly Ross]
      • SIG is in charge of anything related to automatic scaling both of pods, cluster components themselves, and the cluster (VMs) itself
      • Horizontal Pod Autoscaler
        • Removing scale limits in favor of more sophisticated behavior (looking at metric data point timestamps and pod launch timestamps)
        • Brainstorming further algorithmic improvements (looking at more than one data point, etc) for flexibility around additional use cases and custom metrics
        • HPA v2beta2 landing in 1.12 release
          • Specify labels to further scope metrics
          • Target average values on object metrics (divide value by number of pods)
          • API consistency improvements
      • Cluster Autoscaler
        • Focusing on some large known issues (scaling around GPUs, local persistent volume scaling)
        • Investigating steps to integrate cluster autoscaler with cluster API (may require some changes to the cluster API instead of custom logic in the autoscaler)
  • [ 0:00 ] Announcements
    • Shoutouts this week
      • shoutout to Di Xu (@dixudx) for being such an active reviewer and reviewing LOTS of incoming PRs so quickly!!!
      • shoutout to Arnaud Meukam (@ameukam) and Jeremy Rickard (@jerickar) for being awesome bug triage shadows and handling the job wonderfully while I was out last week!
      • Mistyhacks: Shoutout to @ianychoi, who has just become a k8s org member in order to work on Korean localization, and is already providing great feedback, as evidenced in this PR: https://github.com/kubernetes/website/pull/9643/comment#issuecomment-411886340
      • @jdumars for creating :testgrid: (Slack emoji)
    • Steering Committee Elections are coming! Announcements will go out next week on multiple platforms but k-dev@ will be the main communication channel.
      • Elections are coming!
      • Next week, email will go out with eligibility, etc information on kubernetes-dev ML
      • There will be a voters guide checked into GitHub as a single source of truth
    • Changing how we do GitHub membership - file an issue instead of send an e-mail?
    • Brace yourselves, automation is coming [spiffxp]
    • Heapster deprecation reminder [directxman12]
      • Bug-fix only mode on 1.12, completely deprecated & retired in 1.13
      • Please start the process of migrating away from Heapster if you haven’t already (look at metrics-server and/or third-party monitoring solutions, such as Prometheus)

#17

Video will come later as we couldn’t livestream due to technical issues, in the meantime, here are the notes:

Aug 23, 2018

  • Moderators: Paris Pittman (SIG Contributor Experience)
  • Note Taker: Josh Berkus and Danny Rosen
  • [ 0:00 ]** Demo **-- KeyCloak - bdawidow@redhat.com, stian@redhat.com (confirmed)
    • Keycloak is an open source IAM (Identity Access Management) solution
    • Demo involving Ingress
      • Set up “realm” for credentials
      • Then set up security for Ingress endpoints
      • Supports bearer tokens
      • Only keycloak sees the credentials, applications only know what’s authenticated by access token
      • Handles managing multiple roles per user, with different levels of permissions by role
      • Support for multiple identity providers (Github example)
      • Libraries for auth for javascript, Java. Supports general SAML libraries for other languages, also working on a goal-based proxy provider.
      • Support for external user stores (LDAP, Kerberos, Custom)
      • Multiple identity providers per Realm, can also have database-backed identity database locally.
      • Keycloak can be used for authentication for Kubernetes itself
      • Used at U Michigan
      • Similar to OpenAM but has more features
  • [ 0:11 ]** Release Updates - **
    • Current Release Development Cycle [Tim Pepper ~ 1.12 Release lead]
      • Proposal in flight to drop “status/approved-for-milestone” from list of merge required labels during code freeze, with lazy consensus target Aug 27
      • Code Slush: Aug. 28
      • Code Freeze: Sept. 4
      • Release Target: Sept.25
      • …one month to go. Your feature work should be wrapping up ahead of code freeze. Docs PR’s are due. Test cases should be in place.
      • Continuous Integration:
    • Patch Release Updates
      • 1.9.10 (20 days ago) - Mehdy Bohlool (@mbohlool)
      • 1.10.7 (3 days ago) - Maciek Pytel (@MaciekPytel)
      • 1.11.2 (15 days ago) - Anirudh Ramanathan (@foxish)
  • [ 0:15 ] **Graph o’ the Week **[spiffxp]
    • Let’s talk about our automation’s GitHub API Token usage
    • We get: 5,000 requests per hour
    • We used to work around this in mungegithub by:
      • keeping an in-memory cache
      • tuning munger polling frequency
      • separating into SQ/misc-mungers instances
    • Switching to prow to do things on demand vs. a polling loop helped, for a bit
    • Now, we’re using ghproxy (thanks @cjwagner!)
      • Implemented by our own Cole Wagner
    • Hero charts: last 6 months of cache and github token usage
      • See population of the cache, how many api tokens we didn’t have to use over time
      • Turned in on mid-May
      • Prior to turning the cache on, we often hit max tokens, esp. At the end of code freeze
      • Now usage is much more stable/lower, can go through the backlog faster
      • We’re moving away from mungegithub so you won’t see this much more, moving to Tide for merging.
  • [ 0:22 ] KEP o’ the Week powered by SIG PM
    • tallclair@ - KEP 0014-runtime-class
    • RuntimeClass - Define a generic way for a runtime to be defined, where in the past it was opaque to the control plane beyond kubelet
    • Motivation is to support new runtimes, like katacontainers, GVisor and maybe future stuff like serverless runtimes or GPUs
    • There’s a podspec for the RunTimeClass, to decouple the configuration and node-level implementation from the name users need to use
      • We could end up with more than one class spec for the same runtime
    • See list of Non-Goals, we’re trying to keep the mechanism simple. They do have a list of future extenions, though, such as:
      • PodOverhead, so that you can account for resources outside those used for the container, like for Kata.
      • Policies for abstract runtimeclasses in podspec, such as a requirement for a “sandbox” runtime or “unix” (pod doesn’t care which specifically they get)
    • Want to make it consistent to express supported/unsupported features (including mutually exclusive ones on a node like SELInux vs. Apparmor).
    • Leave Comments:
  • [ 0:00 ] SIG Updates
    • OpenStack (Chris Hoge, confirmed)
      • https://docs.google.com/presentation/d/1fdq0X-UPN-8xc_3bpvvrwIic_UGTTDyKRt-Cjtgp9io/edit?usp=sharing
      • Completed in the last cycle:
        • CloudProvider Openstack, added conformance testing, lots of bug fixes, sync’d with in-tree provider
        • Planned to remove the in-tree provider in 1.12, but has been delayed to 1.13 to give users time to move to external provider.
        • Added Manilla Storage Provisioner for shared storage (NFS)
        • Added keystone authenticator for mapping multiple projects to accounts
        • Added extensive documentation, including general docs for Cloud Providers
        • Began work for transitioning to WG Openstack of SIG Cloud Provider
      • Upcoming Work
        • Magnum (OpenStack’s service for container orchestrators) conformance & cert testing toward getting it certified as a k8s installer
        • Driver work: autoscaling drivers, barbican driver for key management
    • **Storage **(Saad Ali, confirmed)
      • https://docs.google.com/presentation/d/1TFX6BDCod6E0PJRusQ1zntOX36kDyuO5iycpSfH8pL4/edit?usp=sharing
      • For 1.12:
        • Topology-aware volume scheduling, since not all volumes work on all nodes, old version was based only on cloud providers. Moved it to a generic interface both in Kubernetes and in CSI.
        • This quarter moving in-tree storage to topology, and for all CSI plugins.
        • We can have volumes provisioned in a smarter way.
        • First Kubernetes storage features that could not be part of core.
        • Snapshots / restore functionality (CSI, Kubernetes internal & external)
        • Drive CSI to GA/Stable
      • Preparing for CSI (Out of tree volume extension mechanism) for GA / Stable Q4
      • This Quarter: Support of ephemeral volumes (eg: secret volume, configmap volume).
      • Moving Kubelet Device Registration to beta
      • Adding conformance testing for storage to kubernetes storage suite
      • Block volume support moving to Beta
    • Apps (Matt Farina, confirmed)
      • https://docs.google.com/presentation/d/1jbEDX4GDeCssT4D42Q1iajDSLU3sz_RQgPwDCkR2J1c/edit?usp=sharing** **
      • Active projects:
        • Application CRD & Controller
        • Workload API
        • Kompose
        • Examples
      • SIG Apps Charter: WIP, should be ready for review soon
      • Recently merged: Recommended labels merged into Helm documentation as well.
      • Application CRD & Controller: Cross tool way to describe an application.
      • Workloads API: Looking at Lifecycle Hooks, Pod disruption budget & Deployments, Jobs with deterministic pod names.
      • Time split between Workloads API & Developer tooling week by week.
      • Kompose: Converts Docker Compose to Kubernetes objects, actively being worked on
      • Helm moved to CNCF - Everything from kubernetes-helm has moved to the Helm org. Charts is still using prow/tide automation
  • [ 0:00 ] Announcements
    • Shoutouts this week (pulled from #shoutouts in slack weekly)
    • kubernetes-client/typescript has been moved to kubernetes-retired [spiffxp]
    • Automating all the things update [spiffxp]
    • Seattle Contributor Summit is now a part of the KubeCon registration process. Add as a co-located event. Dec 9th and 10th.
    • Steering Committee Election Announcement went out to k-dev on Aug 21 (or 22nd depending on where you are in the world!)
      • Next deadline: Nominations and exception eligible voter forms due on Sept 14th
    • Contributor Role Board [castrojo] (will show you next time due to time constraints, in the mean time check it out!)
      • A place for volunteers to declare interest
      • A place for SIGs/WGs/others to post roles for volunteers.
      • Pairs volunteers with mentors.
      • SIGs, we’d love to get some postings from you!
    • We will have a Contributor Discussion Social at Kubecon Shanghai, on the evening of November 13th. This will include drinks, snacks, and a panel Q&A on contributing to Kubernetes from China /Asia. Anyone who contributes to Kubernetes and is at Kubecon Shanghai is invited. Venue/schedule details TBA.
      • If you are a Chinese contributor to Kubernetes, we are still looking for panelists.
      • This is in addition to the New Contributor Workshop and the Doc Sprints during the day, which you can register for with your Shanghai registration.

#18

August 30, 2018


#19

September 6, 2018


#20

Sorry this one is a tad late, I was on the road:

Sep 13, 2018

  • Moderators: Arun Gupta [SIG AWS/Amazon]
  • Note Taker: Solly Ross [SIG Autoscaling]
  • [ 0:00 ]** Demo **-- Answering questions on k8s Slack w/ Foqal [Vlad Shlosberg, vlad@foqal.io] (confirmed)
    • https://docs.google.com/presentation/d/19RNjayF59WanE8Q9ug4sftFXniGQP4PRRXsRC4X7dd4
    • https://foqal.io/oss
    • Goals
      • Improve UX
      • Focus Contributor Times
    • Core Idea
      • Automatically respond to common questions without any special interaction
    • Functionality
      • Upon asking a question (without special syntax), Foqal sends answer, marked as just to you
      • Can rate question, if marked as helpful, the answer is sent to entire channel
    • Sources
      • StackOverflow
      • Docs (divided into small sections)
      • Slack conversations
        • Upon detecting question, looks for answers sent afterwards
          • Sends message to answerer, asking if it’s appropriate to store
          • Can edit answers before storing them
    • Results
      • 3 months, 2 active channels, 37 helpful autoresponses in past 2 weeks
      • Slack conversations and Kubernetes docs provide most useful answers
    • Currently talking to docs folks to use Foqal responses to improve docs content, searchability, and examples
    • Invite Foqal bot to your channel in Kube slack
      • /invite @Foqal
      • Both SIG channels and more user-facing channels
      • Add context before storing
      • Can manually add to Foqal using the elipsis meu on any slack message
    • Talk to Foqal about…
      • importing other docs sources
      • Partitioning (SIG meeting times might not be useful to kubernetes user channels)
      • Ask Vlad if you have questions
    • Can also run on private Slack instances
  • [ 0:00 ]** Release Updates**
    • Current Release Development Cycle [Tim Pepper ~ 1.12 Release lead]
      • Still in Code Freeze. See here for TLDR what do I do to get a merge.
      • Beta 2 - Sept. 11
      • RC - Sept. 18
      • Release target - ** Sept. 25: AT RISK**
        • We are making progress on CI Signal, but slowly.
        • Depending on today/tomorrow improvements merging and test results showing up by Monday Sept. 17
        • potential to delay release toward Sept. 27
      • Tide: we moved k/k to it on Monday. Worked through a few minor issues. Seems to be working reasonably now.
  • [ 0:00 ] SIG Updates
    • SIG Windows [Michael Michael] (confirmed)
      • Finished a bunch of functionality required for moving to stable
        • Not moving to stable until 1.13, due to conformance, perf, stability hiccups
      • Want to finalize docs, how-to guides, etc for GA
      • Stopping feature development to focus on stabilization
    • SIG Node [Dawn Chen] (confirmed)
      • Slide: https://docs.google.com/presentation/d/1G034FTqXeXO5Gf1H-ufTkAMgJKOcx6HCIzB6krkO6zY/edit?usp=sharing
      • Finished charter
        • Meetings weekly Tuesday at 10AM PT, Resource Management WG Wednesday 11AM PT, on-demand meetings for Asia times
        • Revised/categorized SIG scope (see slide 3, large list)
      • Recent work
        • Sandbox Pods
          • RuntimeClass proposal, alpha feature, CRD
          • Working to integrate with Kata and other sandbox solutions, containerd shim
        • Windows Container Support (with SIG Windows)
          • GA in 1.13
          • Kubelet stats for Windows system containers
          • Fixes for network, eviction manager bugs
          • In-review PRs for
            • DNS capabilities for Windows CNI (with sig-network)
            • Windows CNI support (with sig-network)
            • Testing frameworks (with sig-testing)
        • Testing
          • Changes in Node E2E (see slide 6 for link)
            • Reorganized tests to more easily track results
            • New tests need to be tagged to run in normal test suites
          • CRI Testing dashboard (see slide 6 for link)
            • One place to view node conformance test results and features for CRI implementations
        • Misc
          • User NS support in progress
          • ResourceClass API under discussion (beyond just GPU support)
          • Efficient heartbeat for scalability in progress
          • PID NS sharing in beta
          • Updated debug container API, accepted proposal, implementation in progress
  • [ 0:00 ] Announcements
    • Steering Committee Election update: [paris/ihor/jorge]
      • Tomorrow! Is the deadline for all nominations (entire process including bios uploaded) and voter eligibility forms (if you are not on voters.md and want to vote).
        • Voter eligibility is normally based on contributions in the past 12 months, but you can make a request to be added if you’ve made non-GitHub contributions and you think you should be eligible
      • Next? CIVS polling ballots go out on Wednesday, September 19th to emails we have on file. If you do not receive an email by Thursday (please check spam/bulk), contact community@kubernetes.io. We will remind everyone on this call next week as well as our regular channels (k-dev ML, discuss.k8s.io, slack, etc.)
    • #Shoutouts!_ (want to say thanks? Use the #shoutouts channel in slack)_
      • @Mzee1000: Shout-out to @AishSundar and @gsaenger for incredible help with CI signal
      • @AishSundar: Huge shoutout to @gsaenger for lighting up the right fires when and where needed for 1.12 !! Way to go
      • @Justaugustus: Shoutout to @dougm, @dims, @bentheelder, @sttts, and anyone I might’ve missed for working the weekend to test our Release Engineering tooling ahead of the next beta cut!
      • @misty: @lucperkins for adding per-heading anchor links to the docs so people can share an in-page section at any level, without having to go back to the TOC to find the link!
      • @neolit123: thanks to @timothysc and @fabrizio.pandini who helper with debugging a release blocking e2e test for sig-cluster-lifecycle!
      • @mkumatag: Now we have v1.12.0-beta.2 release images are all fat manifest… This made all other architectures first class citizens… Thanks @dims @dougm @ixdy @luxas @calebamiles @tpepper @bentheelder
      • @paris: shout to @ameukam for helping contribex with our communication platform discovery and doing the hard work. perfect example of chopping wood and carrying water.
      • @tpepper: huge shout out to @bentheelder for working late late last night and right back to it this morning on diagnosing/resolving build pipeline issues in support of 1.12 release

#21

Sep 20, 2018

  • Moderators: Jonas Rosland [SIG-ContribEx]
  • Note Taker: Josh Berkus, Jaice Singer DuMars and Jorge Castro [SIG-ContribEx]
  • [ 0:01 ]** Release Updates**
    • Current Release Development Cycle [Tim Pepper ~ 1.12 Release lead]
      • We’re down to probably 1 issue pending fix and test soak
      • Key upcoming events barring any new test issues:
        • Friday Sept 21 “cherry-pick deadline” (non-event given master hasn’t yet thawed)
        • Friday Sept 21 cut RC2 and built rpms/debs
        • Monday Sept 24 last release-1.12 branch fast-forward from master branch
        • Monday Sept 24 thaw master branch
        • …final soak: cherry picks only for absolutely critical show stopper bugs…
        • Thursday Sept 27 release
    • Patch Release Updates
      • 1.9.10 released Aug 3
      • 1.10.8 released Sept 15
      • 1.11.3 released Sept 11
  • [ 0:03 ] SIG Updates
    • SIG Cloud Provider [Chris Hoge] (confirmed)
      • https://docs.google.com/presentation/d/186rAa3cNCBOA2GBmFdNvBI_Ko4inaQYHEX2CFA4TSqs/edit#slide=id.p
      • Looking at cloud providers in core code, like Google, AWS, etc.
        • Don’t want more in the upstream code
        • Want level playing field
        • In the process of moving providers to plugins
        • Minimum requirements to add a provider, is it documented? Do they post results to testgrid? So that users have some assurance that they’ll have a positive experience.
      • In 1.12:
      • In 1.13:
        • Continue work to move in-tree providers
        • Document external provider usage, need to make sure all requirements etc. are documented. Installation process is more complicated, for example.
        • Maybe moving provider SIGs into SIG-CP, likely to take longer.
        • Make sure all providers have conformance test results
      • Collaboration
        • SIG-Docs doesn’t want to be in charge of provider docs, that should be up to SIG-CP
        • Working with Cluster Lifecycle on install/upgrade
      • Q: should provider repos be in the Kubernetes org?
        • A: the decision on whether providers should be part of the kubernetes org is an Arch decision, it’s a question of what you think Kubernetes is. We’re trying to provide a level playing field. Right now, they are part of the org.
    • SIG Architecture [Jaice Singer DuMars] (confirmed)
      • What we do
        • Manage and maintain architectural consistency over time
        • Manage subprojects:
        • Manage policy and governance
          • API governance (guidance docs and the review process)
          • Deprecation policy
          • Code organization
          • KEP process
          • General issues around Kubernetes scope
      • What are we working on right now?
    • SIG API Machinery [Daniel Smith] (confirmed)
      • Dry run in alpha to see what the predicted outcomes of an action will be
        • You can test API to see what it looks like when it runs through the webhooks
      • CRD versioning change
        • No schema change allowed
        • Register a webhook to do a schema change
        • All the various API definitions should have the same feature set
      • SSH tunnels are going away - this has been deprecated for a year
      • Re: server side apply
        • In a feature branch
          • Allows writing code during freeze
        • More complete designs on the way
      • “We don’t own your API” - we’re not the API reviewers
        • We do own some APIs like metadata format, CRD API, webhook interface APIs, comms between aggregator & APIs, controllers, RBAC API, controller shell (informer, reflector, shared informers, etc.), controller manager binary
      • Upcoming:
        • rate limits, flow control - prevent API quota over-consumption ~ de facto prioritization of API requests
        • Internal API Server coordination - e.g. how do you know when every API is serving the same version of a CRD
        • SIG meeting & agenda ~ if it’s empty the day before, the meeting will be cancelled (there’s an “agenda closed” meeting event)
  • [ 0:00 ] Announcements
    • Calendar information - subscribe, don’t copy! [Jonas]

>>>>> gd2md-html alert: inline image link here (to images/Kubernetes-Community0.png). Store image on your image server and adjust path/filename if necessary.
(Back to top)(Next alert)
>>>>>

alt_text

    *   Google Calendar:

>>>>> gd2md-html alert: inline image link here (to images/Kubernetes-Community1.png). Store image on your image server and adjust path/filename if necessary.
(Back to top)(Next alert)
>>>>>

alt_text

*   Election Update [Jorge]
    *   [All the info you need](https://groups.google.com/forum/#!topic/kubernetes-dev/0gEdp_xdzEI)
    *   Total voters: 677
    *   Actual votes cast thus far: 144
    *   If you are in [voters.md](https://github.com/kubernetes/community/blob/master/events/elections/2018/voters.md) but have not received a ballot please mail [community@kubernetes.io](mailto:community@kubernetes.io)
    *   Election ends on October 3.
  • Kubernetes Contributor Summit is happening [Jorge]
    • Information

    • Content is in draft, SIG leads and TLs, please review and comment

    • Register as part of your Kubecon registration (check the box for collocated events); you will get a follow up email about RSVPing for tracks and

          Sunday dinner and fun @ garage in Seattle 
      
      • Contributor Social Shanghai: 11/13, 6pm, at the convention center
        • Will have panel on contributing from China
  • Contributor Survey [Jorge]
  • [Jorge] October 1st marks the start of Hacktoberfest, a month-long celebration of open source software. This is an opportunity to welcome new Kubernetes contributors to the community. Please help by making an extra effort this month to add more issues with the good-first-issue label. If you have any large tasks that could use help from a lot of contributors, now would be the perfect time to create an issue for it. You can learn more about Hacktoberfest here: https://hacktoberfest.digitalocean.com/
    • ContribEx will be generating a 404 report for new users so they will have a place to go.
    • SIGs, consider updating your good-first-issue labels.
    • SIG Leads, we’ve put together some recommendations for how to give an update for this meeting, the host will be reminding you from now on before your update.
    • Last call for Outreachy intern requests!
  • #Shoutouts!_ (want to say thanks? Use the #shoutouts channel in slack)_
    * @vlad Shlosberg: Huge shoutout to @jorge, @mrbobbytables, @paris, @hubt and a bunch of other for helping make @Foqal a success. Working with me on feedback, helping promote the project, submitting helpful answers, and everything else you guys have done!
    * @bentheelder: Shoutout to @mrhohn for being eternally responsive to networking issues on everything from PR reviews to sig-network test configs, dns images, the network e2es, and answering questions related to network issues in the infra and helping debug! Thanks for helping get the kube-dns manifest images out the door for 1.12! Zihong is always fixing things for us over in #sig-testing :slightly_smiling_face: and now over in #sig-release
    * @nikhita: shout out to @carolynvs for creating lots of help-wanted issues on service catalog (https://github.com/kubernetes-incubator/service-catalog/issues?q=is%3Aissue+is%3Aopen+label%3A%22help+wanted%22)…and having an excellent strategy of doing that! - https://twitter.com/carolynvs/status/1042061098101485580
    * @dims: big shoutout to @fabrizio.pandini for testing all the things! (v1.12 RC1 kubeadm under various scenarios)

#22

September 27, 2018

  • Moderators: Josh Berkus [SIG-Release]
  • Note Taker: Tim Pepper [VMware/SIG-Release]
  • [ 0:00 ]** Release Updates**
    • Current Release Development Cycle [Tim Pepper ~ Release Lead]
      • Release today! …expect published artifacts by ~5pm Pacific
      • Pengfei Ni / @feisky (slack) / @feisker (github) is 1.12.y patch manager.
      • Any issues need targeted for cherry pick to 1.12.1 asap.
      • Retro next week. Enter any notes or thoughts or desires relative to release process in the 1.12 retro doc.
    • Patch Release Updates
      • No 1.10, 1.11 updates
      • 1.9.11 Mehdy Bohlool
        • released today, final update to 1.9.
        • “Finish Him!”
        • Time to upgrade if you haven’t…1.10, 1.11, 1.12 will now be our active releases.
  • [ 0:00 ] **Graph o’ the Week **[Aaron Crickenberger] How to analyze your test failures…
  • [ 0:00 ] SIG Updates
    • SIG Leads, check out this set of recommended topics to cover during your update
    • Please also check the SIG Update Schedule!
      • SIG leadership should prepare ahead of time
      • Give notice to the meeting moderator if your SIG will be unavailable
    • SIG Azure [Stephen Augustus] (confirmed) - Sorry peeps, last minute conflict today that I can’t shuffle
    • SIG Big Data [Yinan Li] (confirmed)
      • Slides
      • Apache Spark 2.4 Release coming mid to late October with Kubernetes functionality:
        • python and R language support
        • Client mode for spark-shell and notebooks
        • Mounting volumes, emptyDri, hostPath, PVC
        • Executor memory request control improvements (fractional values, milli-CPUs)
        • Scheduler backend robustness improvements
      • Future work:
        • Pod templates for driver and executor pod customizations. There are so many options configurable…explosion. Rather than adding more, they’re adding template support to make usage easier.
        • Service shuffling
        • Kerberos authentication
        • Improving support for local application dependencies on the client machines doing submissions
        • Driver resilience, checkpoint/restart for streaming applications.
      • Non-Spark, other projects:
        • Airflow 1.10: new operator and executor for arbitrary pods to run tasks. Operator for life cycle management (newly open sourced)
        • Spark Operator: exporting jvm/driver/executor metrics to Prometheus
    • SIG Scalability [Shyam Jeedigunta] (tentative)
      • Governance: charter is in place, giving official guidance on what the SIG can and can’t do (eg: in the past there’s been a lot of question around what is and is not release blocking)
      • Test resources: github issue (link?) exists to track work items ahead of shifting underlying test resources to CNCF
      • SLOs: API call latency and pod startup latency have been the only two for quite some time. Looking to add multiple new ones for networking.
      • Cluster loader (link): have achieved minimal viable product (MVP) level of readiness. This should enable other teams to easily run scale tests themselves.
      • CI health / tests: Working to speed up pre-submits’ running time, as these have historically been the slowest and are a merge bottleneck (eg: kubemark 500 is waay faster). Investing in de-flaking scale jobs like the 5000 node test, which recently had 8 green runs in a row (a record?).
      • 1.12 release: as typical, close to the end of the release some scalability issues came up, this time in:
        • taint node by condition feature which lead to notably slower start up.
        • CoreDNS regression was masked by other regressions until very late in the release cycle, leaving insufficient time to debug safely and feature dropped (CoreDNS is not the default on GCE yet…1.13?)
  • [ 0:32 ] :mega:Announcements :mega:
    • :postal_horn:Steering Committee Election Announcement :postal_horn:
    • https://www.surveymonkey.com/r/k8s-contributor-2018 -> Contributor Experience survey that will shape our direction and close feedback loops. K8s water bottle for your time today!
    • SIG Chairs/Leads/TLs/Keepers of Zoom and YouTube - check your email for issues relating to those two services. Approx. 40% of our community are not using the correct zoom license. Many, many meetings missing from YouTube channel, which is a negative on transparency.
    • Contributor Summit (Kubecon / CloudNativeCon Seattle) - registration will say waitlist, but: We are not sold out, yet. Please sign up anyway. We are working through a registration issue. There is a possibility we will pull registration from the KubeCon site into a separate registration process. If you have signed up already, you will not need to sign up again. If you are waitlisted, you will be contacted to sort out this issue. Join #contributor-summit on slack for real time info and GH LINK for published information. Initial content will be listed next week.
    • :clap:Shoutouts this week (Check in #shoutouts on slack) :clap:
      • @dims: Big shoutout to @jonasrosland to getting the CNCF meetup off the ground in boston and @abe for his talk on The Kubernetes Release Cycle ( https://www.meetup.com/Cloud-Native-Computing-Boston/ )
      • @timothysc: Huge shoutout to the whole release team and everyone else whose put in crazy effort to make RC2!
      • @aish: HUGE shoutout to @justaugustus for helping us fill the [release 1.13] roster out !
      • @justaugustus Shoutout to everyone who volunteered for the 1.13 Release Team! We staffed a FULL roster of leads and shadows in 16 days and they’ll be in super capable hands with @AishSundar and @spiffxp at the helm!
      • @spiffxp: shoutout to @cjwagner (Cole Wagner) for all of the work he’s done over the past year to remove mungegithub from the project and bring tide to kubernetes/kubernetes

#23

Release Retrospective for 1.12

This community meeting also includes the restrospective for 1.12

October 4, 2018 -


#24

October 11, 2018


#25

October 18, 2018


#26

October 25, 2018

  • :microphone:Moderator: Jorge Castro [SIG Contributor Experience]
  • :memo:Note Taker: Josh Berkus [Red Hat/SIG Contributor Experience/Release]
  • [ 0:00 ]** Release Updates**
  • [ 0:00 ]** Demo **-- Cluster API AWS Provider (chuck@heptio.com)
    • Link to repo
    • Link to slides or docs or whatever goes here.
    • Demo of using the Cluster API to provision AWS.
    • CLI tool: clusterawsadm
      • Creates IAM rules, etc.
    • Must already have SSH key pair (does not create)
    • Starts with an existing Kubernetes cluster to create more clusters; you have to create a 1.11 or later cluster on your own (could be minikube)
    • Create manifests for the CRDs, using “makemanifest”
    • Clusterctl crd then controls the cluster.
      • Pass many parameters by switch
      • Once the new cluster is created, moves the ClusterAPI to that cluster.
    • Secrets? In the CRD defintions.
    • Config file for ClusterCTL? Not sure.
  • [ 0:10 ] :bar_chart:Contributor Tip of the Week [Aaron Crickenberger] :bar_chart:
    • HODL
    • https://prow.k8s.io/command-help#hold
      • Prevents merging
    • http://go.k8s.io/github-labels#do-not-merge/hold
    • /hold to add, /hold cancel to remove
    • Good idea / Bad idea
      • Good idea: explaining why you’re putting on the hold
      • Bad idea: removing a hold in a PR you’re not involved in
    • Reasons to hold
      • Hang on, I the reviewer, think this needs more discussion
      • I, the author, am holding this and will remove it when I’ve heard from the people I want
      • I think the author should have final say on when this PR merges
    • Notes:
      • Anybody can add or remove a hold (don’t even need to be an org member)
      • Can we blacklist? We can, from the org
        • We’d have to restrict hold to org members if it was a problem
  • [ 0:20 ] :satellite:SIG Updates:satellite:
    • SIG Leads, check out this set of recommended topics to cover during your update

    • Slide template if you need it

    • Please also check the SIG Update Schedule!

    • SIG Docs [Jennifer Rondeau, Zach Corleissen] (confirmed)

      • Slides
      • Thanks to zparnold for adding automation foo tracking doc submistions in the Github API
      • Reorganized localization, now under a consolidated repo
        • Everything in kubenetes.io
        • Thanks to Korean translators for making this happen
        • Also updated guidelines
      • Better automation for API reference docs (thanks Chi Ming Tang(sp?))
      • Jennifer Rondeau is new SIG-Docs co-chair
    • Upcoming Work:

      Upcoming doc sprints:

    • Shanghai (localization workflows)

    • Seattle (TBD)

  • Next: how do we ensure that content remains fresh?
  • Localization subprojects have been consolidated into k/website
  • Now have a WG for SIG-Docs tooling, led by Luc Perkins(sp?)
  • Want to contribute? We always need technical reviewers!
    • Or just pick an open issue
    • PRs get more attention than issues, so if you find something wrong, PR a correction.
  • Chairs: Andrew Chen, Zach Corliessen, Jennifer Rondeau
  • SIG Storage [Saad Ali] (confirmed) :satellite:
  • Slides
  • Last Quarter:
    • Topology Aware Volume Scheduling
      • Make scheduler smarter about where storage is
      • Used to be a per-storage hack, now an expressible constraint for the scheduler
      • Started in 1.10, added CSI support in 1.12, beta soon
    • Snapshot & Restore
      • Started a year ago. Was a question whether it should be part of the API at all. But many DB admins would like it.
      • Mapping declarative to imperative was hard.
    • CSI to GA this quarter
      • PV support is primary
      • Also want to support ephemeral volumes, and block volumes
      • Now, we need to migrate the in-tree storage to CSI plugins. This is a blocker for Cloud Provider migration.
        • Challenge: end-users need to have a smooth transition
      • Working on reusable libraries for common storage (iSCSI etc.) that can be used as templates
      • Adding conformance testing for CSI
      • GA depends on completing Kubelet registration mechanism
      • We’re extrating the mount library in k/k to a separate repo so that CSI driver authors can use it.
    • To beta this quarter:
      • Ephemeral volumes
      • CSI Topology
      • CRD automated installation
      • In-tree Block Volume support
  • Catch up with SIG-Storage at their biweekly meeting, or at Kubecon
    • Sessions in Seattle, also a “Cloud-native Storage Day”
  • As part of moving to GA, they need a more robust mechanism than user-modifiable CRDs. THis includes addressing the downgrade problem.
  • [ 0:00 ] :mega:Announcements :mega:
    • Meet Our Contributors - Nov 7th at 230p and 8p UTC

      • 230pm UTC - 5 Steering Committee Members AMA
      • 8pm UTC - contributor mentors AMA
      • #meet-our-contributors on slack
      • YouTube Playlist
    • The final call! CNCF awards nominations are open, details here!

    • Kubernetes Contributor Summit Details

      • The Contributor Social for Kubecon Shanghai has been scheduled. It will be from 5pm to 7pm, November 13, at the convention center. The event will feature a panel of Chinese contributors to Kubernetes, discussing obstacles and opportunities.
      • Seattle - Registration is closed, waitlist is in effect, if you cannot attend please let #contributor-summit (Paris/Jorge/Bob) know so we can free up your slot!

      **:clap: **Shoutouts this week (Check in #shoutouts on slack) :clap:

      • pwittrock - Shoutout to @alexismp @jeefy and @mrbobbytables for helping me with my All Things Open Kubebuilder workshop. Thank you so much!
      • AishSundar - shoutout to @nikopen for automating the Issues and PR spreadsheet for Bug Triage and CI Signal for 1.13 ! Thanks for staying on top of this and accomodating the feature requests
      • jberkus - to @justinsb for splitting out our long-running upgrade tests so that they actually complete
      • spiffxp - Congrats to @bentheelder for creating a PR that deletes over 3 million lines of code https://github.com/kubernetes-sigs/kustomize/pull/503
      • nabrahams - Shoutout to @idealhack for translating a huge pile of slides in preparation for the New Contributor Workshop in Shanghai.
      • kacole2 - Shoutout to @AishSundar @spiffxp @claurence @gsaenger and @ameukam for their help on getting all the k/features (enhancements) issues in a great spot where everything is now being tracked to a PR in k/k and getting the freeze over the finish line.
      • AishSundar - @kacole2 right back at you ! Awesome job on doing all the heavy lifting yourself. Staying on top of ~50 incoming enhancements, following up to prune the list and mentoring the shadows at the same time is no easy feat :slightly_smiling_face:
      • nikhita - Shoutout to @lukaszgryglicki for being extremely responsive to feature requests for DevStats and implementing them and fixing bugs reallyyyyyyy fast!! :tada:
    • Stackoverflow Top Users (Once a month at the end of the month)

    • Community meeting Nov 22

      • We traditionally cancel this meeting due to US Holiday (Thanksgiving)
      • Let’s try to be more global, see #sig-contribex if you want to help drive this meeting this week while the US is out.

#27

Looks like I missed this one, sorry for the delay!

November 1 , 2018 - (recording)

  • Moderators: Tim Pepper [SIG Release / Contrib Ex]
  • Note Taker: Solly Ross
  • [ 0:00 ]** Demo **-- Automation Broker - Michael Hrivnak (mhrivnak@redhat.com) (confirmed)
    • Website
    • Service Bundle: container image/pod that runs to completion to install a service on the cluster
      • Hooks into service catalog via automation broker
      • Ansible Playbook Bundle
        • Easy way to make a service bundle
        • Each service catalog action maps to an Ansible playbook in the bundle
      • Can run other things besides ansible in service bundles (demo on youtube running Helm)
      • Service catalog UI support
        • Partial support in Kubeapps
        • Support in OpenShift
    • Ansible Operator
      • Runs ansible roles/playbooks as an operator
    • Ansible roles exist for manipulating kubernetes objects
  • [ 0:12 ]** Release Updates**
    • Current Release Development Cycle [Aish Sundar - Release Manager]
      • v1.13-alpha3 was cut yesterday, 10/31
      • v1.13-beta0 and Release branch creation scheduled for Tuesday, 11/6
        • Highly dependant on clean CI Signal
        • Branch fast forwards will happen everyday thereafter
      • Code slush is coming up Friday, 11/9
        • Enhancement owners evaluate enhancement readiness based on pending work (code, test and docs)
        • Code Freeze is just 2 weeks away !
        • If you need to enhancement adjusted, please work with the Release team
        • Ensure 1.13 PRs are uptodate on labels (sig, kind, priority, milestone)
        • _Tide will start enforcing Code slush merge label requirements _
      • CI Signal
    • Patch Release Updates
      • 1.11.4 went out last week
      • 1.12.2 went out last week
    • Questions
  • [ 0:00 ] Open KEPs - link to Caleb’s announcement…repository is moving location
    • SIG Architecture is working to improve KEP process for community
    • Extracting KEPs from community repo (see link to the discussion on kubernetes-dev)
    • Try to have small merges that document consensus rather than waiting for full approval/finalization to merge
    • Moving towards eventually making KEPs the main way to propose features (as opposed to being optional)
  • [ 0:00 ] SIG Updates
    • SIG Leads, check out this set of recommended topics to cover during your update
    • Slide template if you need it
    • Please also check the SIG Update Schedule!
    • SIG AWS [Nishi Davidson] (confirmed)
      • https://drive.google.com/file/d/1jDR1Esdu2ApnuLrzsGxn7iv1cU3sWc7R/view
      • We currently host 5 subprojects in SIG-AWS
      • Subprojects aws-alb-ingress-controller, aws-ebs-csi-driver and out-of-tree ccm will be alpha in k8s v1.13
      • Cloud Provider status
        • In-tree
          • Adding e2e tests
          • Will be maintained until out-of-tree is GA, 2 release deprecation
        • Out-of-tree
          • GA Q3 2019
      • CI Signal
        • Added aws-tester plugin
        • Creates ephemeral EKS cluster to run Kubernetes e2e tests as periodic jobs (not blocking)
        • Hoping to integrate etcd conformance tests, cluster API tests as well
    • SIG Scheduling [Bobby Salamat] (confirmed)
      • 1.12
        • Scheduler perf improvements
          • Only score percentage (50%, but configurable) of feasible nodes per pod, properly considered across failure domains
          • Improved affinity/anti-affinity performance
        • Graduated TainNodesByCondiion to beta, which creates taints for node conditions automatically
        • Enable ImageLocalityFunction by default, which prefer nodes which already have the images for a pod, weight set to avoid putting all pods from an RS on the same node
        • Scheduling framework design finalized (move scheduler features towards plugins, both in-process and out-of-process)
      • 1.13
        • Finalize design of gang/co-scheduling (more efficient batch job scheduling, e.g. for ML workloads)
        • Finalize pod scheduling policies (allowing admins to control how pods get scheduled – e.g. preventing setting tolerations, preventing certain namespaces from getting placed on certain nodes)
        • Deprecating the “critical pod” annotation, in favor of pod priority and preemption
        • Enable pod resource limit function (prefer nodes that can fit both a pod’s request and limit)
        • Implement extension points for scheduling framework (see above)
        • Improve equivalence cache (new design to address existing shortcomings)
    • SIG Contributor Experience [Paris Pittman] (confirmed)
      • Update Deck
      • What was done last cycle
        • Theme: making your life easier (automation, documentation, mentoring, events, etc)
        • Performed the contributor survey (graphs on the way!)
          • Common comments
            • Meetups are out of scope, but will pass information on to CNCF
            • You can apply “good first issue” labels even if you didn’t file the issue
            • People liked slack, release team notes in community meetings
          • Scrubbed data is in the link, take a look
        • Misc
          • Communication moderation changes (stay public while dealing with bad actors) – SIG chairs should learn how to follow these processes
            • Calendar is private ATM because of bad actors
            • Zoom links aren’t publicly posted for similar reasons (please don’t tweet them), but work is being done to solve this with Zoom
          • Launched discuss.k8s.io as a community forum, please post/take a look!
      • Upcoming
        • Revamp developer guide
        • Move KEPs out kubernetes/kubernetes
        • Build a contributor site
        • Upgraded communications guide
        • Improve SIG Chair processes (e.g. Zoom-to-Youtube automation process) – please reach out if you have opinions
      • Seattle Contributor Workshop
        • Waitlisted (if you’re a chair, TL, or subproject owner who hasn’t signed up, please reach out!)
        • lots of good content planned
        • Night-before event to hang out and talk
      • Consider mentoring, even if it’s just 1 hour per quarter
        • Only need one merged PR to be a mentor
      • See slides for a _whole lot _more work, information, links, and sigup information
  • [ 0:00 ] :mega:Announcements :mega:
  • Shoutouts
    • Nikhita: shoutout to @dims for being Asia/EU friendly while deciding the meeting time for #k8s-infra-team
    • Mzee1000: Shout-out to @mrbobbytables for his help with Kubernetes 101 in Bangalore
    • Jberkus: to: @justinsb for continuing to be the “difficult test fail” resolver.
    • Jberkus: to @neolit123 for fast turnaround on kubeadm test fails
    • Fejta: shoutout to @bentheelder for finally creating a @thockin emoji :thockin:
    • @liz to: @bentheelder for going above and beyond to help me get my KIND tests working!
    • @paris thanks to @nikhita @roycaihw @brendanburns @dims and many others for answering questions from first time contributors in the outreachy process slack channel #outreachy-apps
    • @spiffxp thanks to @audreylim for tackling e2e test error messages as her first kubernetes pull-request (https://github.com/kubernetes/kubernetes/pull/69583)
    • To Solly Ross for taking notes today

#28

November 8, 2018 -

  • Moderators: Jorge Castro [SIG Contributor Experience]
  • Note Taker: Solly Ross (Google/SIG AUtoscaling)
  • [ 0:00 ]** Demo **–IngressRoute with Contour - Steve Sloka (steves@heptio.com)
  • [ 0:00 ]** Release Updates**
    • Current Release Development Cycle [Aish Sundar - Release Manager]
      • We cut Beta0 and the 1.13 Release branch yesterday, 11/7 !
      • Updated to Go 1.11.2 before Beta.
      • Code Slush is this Friday (tomorrow), 11/9
        • All PRs need /priority, /kind, /sig, /milestone labels to merge post 5pm PST
      • Code Freeze is just a week away - 11/16
        • Handful of Enhancements are pending only tests and docs
        • There are a couple of Enhancements at risk and a few that have had no activity in past week or so.
        • Owners please update k/enhancement issues with current status
        • Please reach out to Release team early on if you think you need to move out your enhancement
      • CI Signal
      • Docs
        • Open PRs: 11/22
        • Completed PRs: 2/22
        • We have 7 outstanding PRs. We will be pinging owners on issues.
      • Release Notes
        • Sig Leads expect initial draft of the release notes coming your way for review next Monday 11/12
        • Please leave early feedback if you can
      • Questions:
        • Where should we send 1.14 volunteers
          • Look out for issue for more info, will be linked in next week’s update
    • Patch Release Updates
      • x.x
      • y.x
  • [ 0:00 ] **Contributor Tip of the Week **[Aaron Crickenberger]
  • [ 0:00 ] SIG Updates
    • SIG Leads, check out this set of recommended topics to cover during your update
    • Slide template if you need it
    • Please also check the SIG Update Schedule!
    • SIG Cluster Lifecycle [Tim St. Clair] (confirmed)
      • Slides
      • Homepage: https://contributor.kubernetes.io/sigs/sig-cluster-lifecycle/
      • Mission: simplify creation/upgrade/downgrade/teardown of Kubernetes clusters and their components
      • Last cycle
        • Kubeadm: Config changes, improved CRI, HA, cert management, air-gapped support
        • ClusterAPI: Provider-specific repos, many providers
      • Upcoming plans
        • Better meeting times and subproject coordination
        • Kubeadm to GA (beta config, command line options fully supported)
        • Cluster API integrating cluster API into kops
        • Kubespray defaults to kubeadm
        • ComponentConfig for structured configuration of other Kubernetes components
        • Deprecate: kube-up, kubernetes-anywhere
      • Reminder: for upgrade testing: SIG cluster lifecycle owns the framework, others own the actual tests
      • Events: Upcoming kubecon talk on the future of addons
      • New etcd management proposal/tooling (proposal just approved)
      • Questions:
        • If kube-up and kubernetes-anywhere are deprecated, what’s the standard deployer (what’s the kubeadm version of curl | bash to install)?
          • documented well on the kubeadm section of the docs
          • kubernetes-anywhere was just used for e2e tests
          • other tooling (e.g. kubespray) builds on top of/orchestrates kubeadm, kubeadm only sees local machine
          • Cluster API provides the same view of different backends, kubeadm is the base layer, providers in the middle
        • Why use CRDs instead of aggregated APIs?
          • maturity, easy of use, portability
    • SIG OpenStack [Chris Hoge] (confirmed)
      • Slides
      • Previous work
        • In-tree driver is deprecated and will go away soon
        • Manilla provision
        • CSI support for Manilla and Cinder
        • Magnum is now Kubernetes Certified Installer
        • Driver for Cluster API in the works
      • Future Work
        • Heat & Senlin autoscaling drivers
        • Storage driver consolidation
        • Barbican driver for key management
        • Finish in-tree code removal
      • Transitioning into a WG under SIG Cloud Provider
      • Events:
        • OpenStack Summit, Berlin (Nov 13-15)
        • Sessions at KubeCon Seattle
    • SIG Auth [Mo Khan ] (confirmed)
      • Slides
      • Homepage: https://contributor.kubernetes.io/sigs/sig-cluster-auth/
      • Features
        • Per-pod ephemeral service account tokens (projected volumes instead of secrets)
          • If NOT using client-go today, need to keep reading token off disk
        • Restricting Kubelet self-applied labels (via an admission plugin)
        • Dynamic audit configuration (add/remove audit sinks without restart of API server)
      • Container Identity WG winding down
  • [ 0:00 ] :mega:Announcements :mega:
    • Contributor Summit @ Kubecon

      • Shanghai: Josh is getting on a plane, see you all there!
      • Seattle: Chairs and owners, if you haven’t confirmed we’re running out of time, please let us know.
    • Community Meeting Schedule

      • 11/22 (Thanksgiving in the US) - Meeting is Still on, Ihor will be your host!
      • 12/6 - Release Retro for 1.13 (tentative!)
      • 12/13 - Kubecon, no community meeting
      • 12/20 and 12/27 - No community meetings
      • January, SIG Apps, SIG UI, SIG VMWare
    • Steering committee not having meeting in two weeks, will have one just before Kubecon

      • SIGs: Please try to have your charters in by KubeCon

      **:clap: **Shoutouts this week (Check in #shoutouts on slack) :clap:

    • paris and jdumars: big thanks to @mattfarina who just spent an hour helping organize our project boards

    • Jberkus: Shanghai Shoutouts for next week: Megan Lehn for doing all the logistics and legwork from thousands of km away, @puja @xiangpengzhao and @idealhack for translating all the New Contributor Summit materials and many other things besides! Also, to @mrbobbytables and our localization volunteers for getting the international forums at dicuss.kubernetes.io launched!

    • AishSundar: Shoutout to @jberkus and his team of CI Signal shadows @maria and @mortent for staying on top of CI signal failures and flakes every day, opening and following up on test issues and fixes and help maintain stable test health for 1.13 release !

    • jdumars - Big thanks to @spiffxp @dims and @mattfarina — all of whom have stepped up and helped with the work in SIG Architecture!

    • mauilion - shoutout to @jdetiber for always finding time to help dig into the cluster-api stuffs.

    • AishSundar - shoutout to @justinsb, yet again, for extremely quick turnaround on a long standing Upgrade testing issue (#56787). This helped us get clean e2e CI coverage one of the 1.13 Beta Feature “Taint Based Evcitions”


#29

November 15, 2018

  • Moderators: Jorge Castro [SIG Contribex]
  • Note Taker: Solly Ross (SIG Autoscaling/Google)
  • [ 0:00 ]** Demo **–Pulumi - an OSS, k8s-native deployment orchestration engine [Alex Clemmer]
    • Link to slides
    • Link to repo
    • Pulumi: open-source tools for managing cloud infrastructure
      • Declare steady state (like Kubernetes) using programming languages like Python, Javascript, Typescript to manage the cloud repos
      • Declare desired “outputs” to be saved for easy access (e.g. Service IPs)
      • Schema is _exactly _kubernetes schema for Kubernetes types, etc (no special other format)
      • Knows how interact with deployments (has concept of updates, knows that it needs to rollout, wait for rollout to succeed, only delete old objects after)
    • Workflow for using something like RDS:
      • Without Pulumi: deploy using one tool (e.g. terraform), then fetch connection string into secret (maybe using something else), then use in kubernetes (e.g. deploy app via Helm)
      • With Pulumi: Declare steady state in code for everything
    • Live demo: deploy CosmosDB + Helm chart
      • Declare CosmosDB, exported connection string
      • Declare secret (using normal Kubernetes schema) with connection string
      • Declare Helm chart (deploying Bitnami Node.JS image) using secret to supply external DB
      • How it works:
        • Pulumi figures out dependencies automatically to figure out that CosmosDB needs to come before Secret, chart depends on secret
        • pulumi up will show a “plan” of operations + Kubernetes JSON, executes plan on confirmation
      • Can specify “stack outputs” to save from the objects generated, to fetch programmatically (e.g. IP of serving generated by Helm chart)
    • Question
      • How is schema generated, what happens to unknown attrs
        • Schema is generated via OpenAPI spec based on all available versions
  • [ 0:00 ]** Release Updates**
  • Patch Release Updates
    • v1.12.3 cut planned Monday, Nov 26th
    • V1.10.0 published earlier this week
  • [ 0:00 ] **Contributor Tip of the Week **[Jeffrey Sica]
    • cs.k8s.io – Search all repos in seconds
      • Can regex search across all Kubernetes repos and orgs
      • Automatically filters out certain types of files, but that can be configured
    • Check out the contributor cheatsheet for other shortcuts (PRs accepted!)
  • [ 0:00 ] SIG Updates
  • [ 0:00 ] :mega:Announcements :mega:
    • Contributor Summit @ Kubecon

      • Shanghai: Great turn out! Lots of great pics on Twitter etc.
      • Seattle: Chairs and owners, if you haven’t confirmed we’re running out of time, please let us know. You do not need a ticket to kubecon/cnc for this. Email community@kubernetes.io
    • Kubecon US is SOLD OUT. If you register now you’ll be waitlisted. \

    • Community Meeting Schedule - there are no SIG updates for December.

      • 11/22 (Thanksgiving in the US) - Meeting is Still on, Ihor will be your host!
      • 12/6 - Release Retro for 1.13 (tentative!)
      • 12/13 - Kubecon, no community meeting
      • 12/20 and 12/27 - No community meetings
      • January: SIG Apps, SIG UI, SIG VMWare \
    • Steering committee not having meeting in one weeks, will have one just before Kubecon

      • SIGs: Please try to have your charters in by KubeCon
        • Each SIG has been given a steering committee member to review
        • reach out to steering committee if you have questions
    • Office Hours next week on YouTube:

      • See this for more information
      • Come answer questions about Kubernetes on a livestream!
  • [ 0:00] :clap: Shoutouts this week (Check in #shoutouts on slack) :clap:
    • paris - very big shoutout to @jberkus and the entire kubecon shanghai new contributor workshop team! josh built a team and carried out the event plan for this first time, sold out event in a new market to welcome contributors from this region. the event is in a few hours (from this timestamp) - best of luck and have a great time team!!
    • jberkus - TY! Let’s add all the names: @tpepper @puja @nabrahams @xiangpengzhao @idealhack & Megan Lehn & Jerry Zhang
    • neolit123 shoutout to @fabrizio.pandini for organizing the transition of phases in kubeadm to GA and also thank you to all the new kubeadm contributors who helped us with this work @yago @yuexiao wang @ereslibre @Rohit
    • spiffxp Shoutouts to @chenopis @zacharysarah and @bradtopol for organizing and running the docs translation sprint at kubecon Shanghai
    • Ivan Font @bentheelder and all others who worked on kind: I wanted to give a shout out for the work done to create kind. Nice work! I’ve experimented to get kind working with multiple clusters so that we can use it to test federation-v2 with multiple clusters for dev and CI and I’m very impressed with it so far! I filed a few issues #110, #111, #112, and #113 that I’ve stumbled across in the process of doing that, but it is not a reflection of the quality of work that’s been done here. Again, thanks for the awesome work! Thanks to @munnerz @neolit123 @Jorgealarcon @Lion-Wei @TaoBeier @amwat

#30

November 29, 2018 - Last meeting of the year!

  • Moderators: Josh Berkus [SIG-Release]
  • Note Taker: Solly Ross [Google/SIG Autoscaling]
  • [ 0:00 ]** Demo **-- Docs Modeling Working Group Demo [Andrew Chen, @chenopsis, Dominik (dominik.tornow@sap.com)] (confirmed)
    • Link to slides
    • Modelling how we design and look at documentation
      • Idea:
        • Ideally, two people who look at the same system develop the same mental model
        • Looking a documentation, there may be encoding/decoding loss (writing/reading docs), which leads to different mental models
      • Fundamental Modeling Concepts
        • Approach to system modeling with formal models of system’s structure and behavior
        • Diagrams and formal models can help show whole-picture view
        • Show people how things work without needing to point people at actual source code
    • Issues with existing docs:
      • docs are task focused (good for on-demand “how do I” type questions), but can’t easily develop a coherent general picture
      • non-obvious behavior doesn’t match general mental model, docs should help fix that
    • Process:
      • Ongoing: Discuss models (in SIG Docs), Interview engineers, validate models, create source materiel (e.g. Medium posts) and get feedback
      • Eventually: fold back into to k8s.io (planned for next year)
  • [ 0:13 ]** Release Updates**
    • Current Release Development Cycle [Aish Sundar - Release Manager]
      • Code freeze for 1.13 is now lifted! Code thaw went into effect 11/28, 8pm PST.
      • Master is now open for 1.14 development.
      • Only the absolute most critically urgent bug fixes might be cherry picked back in time for 1.13.0.
      • 1.13-rc.2 slated to cut tomorrow, 11/30.
      • The release is on target for** Monday, 12/3/2018**, pending CI signal.
      • If you still have outstanding Docs PR or Release notes, please get -them in ASAP.
      • We’re targeting our release retrospective for next week’s Community Meeting on 12/6. Please add any comments you’d like included in discussion for things that worked well and things that should change in our 1.13 retrospective document.
    • Patch Release Updates
      • 1.12.3
      • 1.11.5
      • 1.10.11
  • [ 0:16 ] SIG Updates
  • Please drop a note in the community meetings doc, or reach out if you want to talk about a KEP in the community meetig
  • [ 0:00 ] :mega:Announcements :mega:
    • Contributor Summit [Paris and Jorge]
      • **We are sold out/waitlisted - L A S T C A L L if you’re a SIG Chair, TL, or subproject owner **
      • Talks have been added to the community calendar, shortcut: http://bit.ly/kubernetes-summit
      • Check out #contributor-summit on slack
      • Event information
    • Community Meeting Schedule - there are no SIG updates for December.
      • Today is the last “normal” community meeting
      • 12/6 - Release Retro for 1.13 (tentative!)
      • 12/13 - Kubecon, no community meeting
      • 12/20 and 12/27 - No community meetings
      • January 1/3 : SIG Apps, SIG UI, SIG VMWare
    • Meet Our Contributors will be 5 December.
      • Steering Committee AMA @ 730a PT / 330pm UTC
      • Mentor panel @ 1pm PT / 9pm UTC
      • Be a mentor to hundreds with one hour of your time! Reach out to parispittman@google.com / “paris” on slack to get scheduled.
    • No k8s office hours this month - thanks to all the volunteers who helped make the program a success this year.
    • **:clap: **Shoutouts this week :clap:
      • Twitterverse shoutouts for our fearless 1.13 Release Team Lead, @AishSundar: https://twitter.com/stephenaugustus/status/1063610123149545472?s=19
      • Shoutout to @amerai for adding a search bar to Testgrid so that you don’t have to dig to find the right dashboard! https://testgrid.k8s.io/
      • to @mkimuram & @saad-ali & @msau42 for rapid response to multiple storage test issues with new features.
      • to @mrhohn for fast & insightful help with sig-network test failures
      • Huge shoutouts to the entire 1.13 Release leads and shadows for their stellar efforts at every stage throughout the cycle, enabling us to stabilize and hopefully land the release on time - @kacole2 @jberkus @cjwagner @dougm @nikopen @tfogo @marpaia @kbarnard10 @spiffxp @tpepper@aleksandram!
      • Special shoutout to contributors “technically” not on the release team, but have been instrumental in getting us unblocked at numerous points this release with their reviews, test fixes and test-infra support - @dims @liggitt @justinsb @cblecker @bentheelder @justaugustus (edited)
      • shoutout to you @AishSundar for keeping us all in line this whole cycle! you’ve been a totally awesome release lead.
      • Shoutout to @mrbobbytables for significally reducing my admin overhead for the New Contributor Workshop!

#31

January 3rd, 2019 - recording

  • Moderators: Jorge Castro [SIG Contributor Experience]
  • Happy New Year!
  • Note Taker: Bob Killen [SIG Contributor Experience/University of Michigan]
  • [ 0:00 ]** Demo **-- OpenLab - Melvin Hillsman (mrhillsman@gmail.com) - OpenLab is curated infrastructure for open source testing https://openlabtesting.org
  • [ 0:00 ]** Release Updates**
    • Current Release Development Cycle [Aaron Crickenberger - Release Lead]
      • We are at Week 0 for v1.14, release team leads finalized
      • v1.14 schedule draft being reviewed by former release leads, current release lead shadows, sig release chairs
      • Aiming for kickoff next week, all release team shadows finalized by Friday Jan 11th
      • Modest proposal: to land in this release, you must have a KEP, even if you didn’t before, and that KEP must have a test plan, and an upgrade/downgrade plan
        • will be discussed at length during next week’s sig-arch meeting
    • Patch Release Updates
      • discussion ongoing on setting up a schedule for patch releases
  • [ 0:00 ] SIG Updates
    • SIG Leads, check out this set of recommended topics to cover during your update
    • Slide template if you need it
    • Please also check the SIG Update Schedule!
    • SIG Autoscaling, Networking, and PM due next week!
    • SIG Apps [Matt Farina] (confirmed)
      • Slides
      • Last Cycle
        • Charter completed and merged
        • Figured out needs to make CronJobs GA
        • Started work on Portable Service Definitions
        • Work on Application Controller
      • Upcoming Cycle
        • Looking for lead on CronJob GA
        • Begin work on Portable Service Definitions
        • Application Controller Status
        • Deprecation of Beta APIs
      • CronJobs to GA
        • Currently still batch/v1beta1
        • Has scalability issues
        • Controller needs to be rewritten
        • Looking for contributors
      • Portable Service Definitions
        • [insert kep link here]
        • enable an application to be deployed into multiple environments while relying on external services
        • Will be built on CRDs + controllers
        • Looking to solve some UX consistency issues
        • Looking for contributors
      • Application Controller Status
        • Bubble up application deployment rollup status
        • How to get status for multiple components of an application
      • Deprecation of Beta APIs
        • Continue to support beta APIs, despite “formal” deprecation some time ago
        • Turn off in 1.15 with optional flag to re-enable.
      • How to Contribute
        • Lots of opportunities with CronJobs etc
    • SIG UI [Jeffrey Sica] (confirmed)
      • Slides
      • Last Cycle
        • Finished and merged SIG-UI charter
        • 2 releases including fix for CVE-2018-18264
        • Metrics server support
        • Angular Migration branch merged to master (entire front-end rewrite)
          • versioning schema will change for future releases
        • Annual Survey of dashboard users
      • Upcoming Cycle
        • Formalize metrics server support
          • Current solution is stop-gap
          • Will support prometheus and other sinks in the future
        • Versions will now be 2.x.x
        • Better OAuth support
      • How can you contribute
        • looking for help with metrics
    • SIG VMWare [Steve Wong] (confirmed)
      • Slides
      • Last Cycle
        • External vSphere Cloud Provider [alpha]
        • CSI provider for vSphere
        • Cluster API provider for vSphere
      • Upcoming Cycle
        • Bring external vSphere Cloud Provider to stable release status
        • Bring CSI provider for vSphere to stable release status
        • Cluster API provider for vSphere
          • improve e2e tests
      • Working to provide licenses for Fusion/Workstation to support minikube CI/CD
      • If there are any licensing issues when working with commercial VMware components, reach out for license and support help
  • [ 0:00 ] :mega:Announcements :mega:

#32

January 10, 2019

  • Moderators: Josh Berkus [SIG-Release]
  • Note Taker: Solly Ross [Google]
  • [ 0:00 ]** Demo **-- Krew: kubectl plugin manager [Ahmet Alp Balkan, @ahmetb] (confirmed)
    • Link to repository
    • Link to slides
    • Kubectl plugins are stable as of 1.12 – can extend kubectl by adding new commands with kubectl-foo binaries
      • e.g . bespoke commands for workflow or extensions
    • Krew – like homebrew (brew) for kubectl
      • Easy way to discover/install plugins, keep up to date
      • Is plugin itself (kubectl krew install/upgrade/remove)
      • Can easily package for multiple platforms (windows, linux, osx) – just write manifest pointing at hosting location and files
      • Doesn’t support:
        • External dependencies (e.g. python)
        • Version skew
        • Security scanning
    • Plugin index
      • Centralized in YAML file for the moment
      • 3rd-party package index support in the works
  • [ 0:12 ]** Release Updates**
  • [ 0:21 ] **Contributor Tip of the Week **[Aaron Crickenberger]
  • [ 0:27 ] Open KEPs [Kubernetes Enhancement Proposals]
    • Coscheduling [Klaus Ma SIG-Scheduling] (confirmed)
    • [slides here]
    • Motivation: Some workloads (e.g. batch data processing) need all pods to start together
      • If some don’t start/get the right resources, everything should fail
      • May need some minimum (softer requirement than “everything”)
    • Proposal
      • Introduce “group name” annotation, scheduler considers all pods a group as needing to start together
      • Can separately specify minimum start number for a group
      • Can mark group as “restart entire group if one pod fails”
    • Quota brings some issues (quota could block things from creating/starting)
      • Can mark group as reserving some total amount of resources for the group
    • Status
      • Support in kube-batch 0.2+
      • Ongoing work: PodGroupController, Quota support, better starvation behavior
    • Other Kube-batch features: Queues, preemption, and more
  • [ 0:00 ] SIG Updates
    • SIG Leads, check out this set of recommended topics to cover during your update
    • Slide template if you need it
    • Please also check the SIG Update Schedule!
    • SIG PM [Stephen Augustus] (confirmed)
      • Slides: https://docs.google.com/presentation/d/1IcrTbZCGlZGZKnBO6srYqPZiwGrDdUnacm7OlF5GM1o/edit?usp=sharing
      • Intro and deep dive from kubecon available on youtube
      • Last cycle
        • Survey on how people work with/use Kubernetes
        • Improved KEP process (KEP-1a – how do you implement usage of KEPS)
        • Moved some content/repos to unify how we track/manage multi-release work (KEPs)
          • k/features → k/enhancements
          • KEPs → k/enhancements
        • Categorizing KEPs
      • Next cycle
        • Revamp SIG PM charter (align with standard charter setups)
        • KEP
          • Clean up KEP process documentation to be clearer
          • Designate who owns different parts of KEPs at different points in lifecycle of the KEP
          • Continue migrations
            • Design proposals → k/enhancements (maybe)
              • Need to start pruning/figuring out what’s relevant
          • Make it easier to work with KEPs:
            • KEP CLI tool (easily update keps, scaffold new ones, etc)
            • KEPs on contributor site (for easy browsing, consuming)
          • KEP GA in 1.15
        • Burn all the spreadsheets
        • Make it easier to track projects cross-SIG
    • SIG Autoscaling [@mwielgus] (confirmed)
      • Responsible for all the components that adjust cluster objects for cluster needs (VPA, Cluster autoscaler, HPA)
      • Current features
        • Faster HPA scaling
        • Resolving problems with pod priorities in Cluster Autoscaler (a couple remain)
        • Vertical Pod Autoscaler to beta
        • Alibaba cloud support in Cluster Autoscaler
      • Upcoming features
        • API for scale up/down speed in HPA
      • Meeting every monday (7:00 AM PST)
    • SIG Network [Bowei Du] (confirmed)
      • In progress (see slides for more info/links):
        • IPv6
        • Custom DNS policy
        • Pod readiness gates
        • SCTP support
        • Node-local DNS caching
      • Please try stuff out and submit feedback!
      • Upcoming themes (see slides for links)
        • Revamping Ingress/L7
        • Dual stack (IPv4 + IPv6)
        • Topology-aware services (e.g. node local services)
        • Revamping services and endpoints
        • Multicast support
        • Windows support
      • Meetings every other Thursday
      • Looking in to contributor on-ramping guide
  • [ 0:00 ] :mega:Announcements :mega:

#33

January 17, 2019

(Recording being edited)

  • Moderators: Paris Pittman, SIG-Contributor Experience

  • Note Taker: Josh Berkus

  • [ 0:00 ]**Demo: **Kamus (confirmed) (forgot to get name)

    • Kamus - A secret encryption/decryption solution for Kubernetes applications.
      • open source, avail on Github
    • Slides
    • For storing all types of secrets (API token, certs, client pwd)
    • Existing secrets solutions are incomplete
      • Folks use “sealed secrets”, but that has limitations too
    • Demo of Kamus
      • 5 pods running PHP app with “decryptor”
        • it’s one for the app, 4 for Kamus api: 2 handling encryption and 2 handling decryption
      • Uses an encryptor exec to encrypt the secrets, and an init container to provide app containers with secrets access
      • Demo didn’t work initially, but worked later
    • Where are secrets being stored?
      • Multiple encryption options
      • Stored in either azure keyvault or gcp (google cloud)-kms(?)
        • (so, stored in cloud provider secrets store)
  • [ 0:00 ]** Release Updates**

  • [ 0:00 ] Contributor Tip of the Week

    • Mentoring!!
      • Grow your contributors!
        • Meet Our Contributors - monthly youtube series
          • New and current contributors
          • Two sessions for global span 3:30pm and 9pm UTC
          • To ask a question: #meet-our-contributors in slack or DM paris for anonymity
          • Current contributor benefits: an entire session with the steering committee to answer questions around: governance, structure of project, how they got involved, current business.
            • During regular mentor panel session: ask why is your test(s) flaking, how to be a subproject owner, what SIGs are looking for more contributors, etc
        • Google Summer of Code!
          • CNCF submitted our application - we are aiming for as many as possible
          • Have an interesting project and/or can you mentor? Email was sent from Nikhita kubernetes-dev@google.com
        • New contributor workshop
          • Every KubeCon - will be listed in the co-located events section, announced via blog, and kubernetes-dev@googlegroups.com
          • Check out the playlist from the last one in December
          • Onboarded ~200 new contributors last year
          • Also a good way for current contributors to meet new ones
          • The videos are also useful for online new contribs
        • Release Team!
        • Future
          • remote pair programming
          • other new ideas
  • [ 0:00 ] SIG Updates

    • **CLI **(@seans3): SIG CLI Update Slides
    • Subprojects now:
      • missed stuff here (look at slides for more)
      • Kustomize - filling in gaps
    • Current work:
      • extension mechanisms like plugins and dynamic commands
      • moved kubectl outside of kubernetes/kubernetes
      • declarative management of apps with kustomize
      • plus server-side apply, which will support “diff”
      • merged their charter
    • More about plugins
      • now beta!
      • plugin is binary prefaced by “kubectl-”
      • new repo is kubernetes/cli-runtime, including plugin stuff
      • see Seattle SIG-CLI deep dive
      • working on krew, early stages as plugin manager
    • dynamic command extensions
      • want to make "kubectl create " work, which is data-based
      • just starting work on this now
    • Moved out of core
      • kubernetes/kubectl
      • pkg/kubectl will move to a staging repo
    • Better declarative workflow
      • kustomize will merge into kubectl
      • lets you alter YAML doing kube-aware patching
      • see KEPs, kubernetes-sigs/kustomize
      • server-side apply supports intelligent “diffing”
    • New charter:
      • extra roles, Emeritus Lead and Test Health Manager
    • Sending out a survey to kubectl users about features soon
    • UP NEXT WEEK: NODE, CLOUD PROVIDER, AND API MACHINERY
  • [ 0:00 ] :mega:Announcements :mega:

  • [liggitt] All hail @dims for running the 0-length flake to ground

  • [coderanger] Shoutout to the whole ZH docs translation crew, and a special mention for Adam Dang as putting in a ton of work! In total the team has merged 444 PRs over the past two months of Chinese translation!

  • [spiffxp] shoutout to @akutz for stepping to take notes for sig-testing’s weekly meetings, we go a mile a minute and it’s much appreciated!

  • [spiffxp] shoutout to @nikhita for moving the kubernetes project values to kubernetes/community for more exposure (https://github.com/kubernetes/steering/pull/88) and improving our WG docs generated from sigs.yaml (https://github.com/kubernetes/community/pull/3069)

  • [nikhita] Shoutout to @mspreitz for adding lots of details to the code-generator conversion-gen docs! https://github.com/kubernetes/kubernetes/pull/71821