Kubernetes Weekly Community Meeting

Sep 20, 2018

  • Moderators: Jonas Rosland [SIG-ContribEx]
  • Note Taker: Josh Berkus, Jaice Singer DuMars and Jorge Castro [SIG-ContribEx]
  • [ 0:01 ]** Release Updates**
    • Current Release Development Cycle [Tim Pepper ~ 1.12 Release lead]
      • We’re down to probably 1 issue pending fix and test soak
      • Key upcoming events barring any new test issues:
        • Friday Sept 21 “cherry-pick deadline” (non-event given master hasn’t yet thawed)
        • Friday Sept 21 cut RC2 and built rpms/debs
        • Monday Sept 24 last release-1.12 branch fast-forward from master branch
        • Monday Sept 24 thaw master branch
        • …final soak: cherry picks only for absolutely critical show stopper bugs…
        • Thursday Sept 27 release
    • Patch Release Updates
      • 1.9.10 released Aug 3
      • 1.10.8 released Sept 15
      • 1.11.3 released Sept 11
  • [ 0:03 ] SIG Updates
    • SIG Cloud Provider [Chris Hoge] (confirmed)
      • https://docs.google.com/presentation/d/186rAa3cNCBOA2GBmFdNvBI_Ko4inaQYHEX2CFA4TSqs/edit#slide=id.p
      • Looking at cloud providers in core code, like Google, AWS, etc.
        • Don’t want more in the upstream code
        • Want level playing field
        • In the process of moving providers to plugins
        • Minimum requirements to add a provider, is it documented? Do they post results to testgrid? So that users have some assurance that they’ll have a positive experience.
      • In 1.12:
      • In 1.13:
        • Continue work to move in-tree providers
        • Document external provider usage, need to make sure all requirements etc. are documented. Installation process is more complicated, for example.
        • Maybe moving provider SIGs into SIG-CP, likely to take longer.
        • Make sure all providers have conformance test results
      • Collaboration
        • SIG-Docs doesn’t want to be in charge of provider docs, that should be up to SIG-CP
        • Working with Cluster Lifecycle on install/upgrade
      • Q: should provider repos be in the Kubernetes org?
        • A: the decision on whether providers should be part of the kubernetes org is an Arch decision, it’s a question of what you think Kubernetes is. We’re trying to provide a level playing field. Right now, they are part of the org.
    • SIG Architecture [Jaice Singer DuMars] (confirmed)
      • What we do
        • Manage and maintain architectural consistency over time
        • Manage subprojects:
        • Manage policy and governance
          • API governance (guidance docs and the review process)
          • Deprecation policy
          • Code organization
          • KEP process
          • General issues around Kubernetes scope
      • What are we working on right now?
    • SIG API Machinery [Daniel Smith] (confirmed)
      • Dry run in alpha to see what the predicted outcomes of an action will be
        • You can test API to see what it looks like when it runs through the webhooks
      • CRD versioning change
        • No schema change allowed
        • Register a webhook to do a schema change
        • All the various API definitions should have the same feature set
      • SSH tunnels are going away - this has been deprecated for a year
      • Re: server side apply
        • In a feature branch
          • Allows writing code during freeze
        • More complete designs on the way
      • “We don’t own your API” - we’re not the API reviewers
        • We do own some APIs like metadata format, CRD API, webhook interface APIs, comms between aggregator & APIs, controllers, RBAC API, controller shell (informer, reflector, shared informers, etc.), controller manager binary
      • Upcoming:
        • rate limits, flow control - prevent API quota over-consumption ~ de facto prioritization of API requests
        • Internal API Server coordination - e.g. how do you know when every API is serving the same version of a CRD
        • SIG meeting & agenda ~ if it’s empty the day before, the meeting will be cancelled (there’s an “agenda closed” meeting event)
  • [ 0:00 ] Announcements
    • Calendar information - subscribe, don’t copy! [Jonas]

>>>>> gd2md-html alert: inline image link here (to images/Kubernetes-Community0.png). Store image on your image server and adjust path/filename if necessary.
(Back to top)(Next alert)
>>>>>

alt_text

    *   Google Calendar:

>>>>> gd2md-html alert: inline image link here (to images/Kubernetes-Community1.png). Store image on your image server and adjust path/filename if necessary.
(Back to top)(Next alert)
>>>>>

alt_text

*   Election Update [Jorge]
    *   [All the info you need](https://groups.google.com/forum/#!topic/kubernetes-dev/0gEdp_xdzEI)
    *   Total voters: 677
    *   Actual votes cast thus far: 144
    *   If you are in [voters.md](https://github.com/kubernetes/community/blob/master/events/elections/2018/voters.md) but have not received a ballot please mail [community@kubernetes.io](mailto:community@kubernetes.io)
    *   Election ends on October 3.
  • Kubernetes Contributor Summit is happening [Jorge]
    • Information

    • Content is in draft, SIG leads and TLs, please review and comment

    • Register as part of your Kubecon registration (check the box for collocated events); you will get a follow up email about RSVPing for tracks and

          Sunday dinner and fun @ garage in Seattle 
      
      • Contributor Social Shanghai: 11/13, 6pm, at the convention center
        • Will have panel on contributing from China
  • Contributor Survey [Jorge]
  • [Jorge] October 1st marks the start of Hacktoberfest, a month-long celebration of open source software. This is an opportunity to welcome new Kubernetes contributors to the community. Please help by making an extra effort this month to add more issues with the good-first-issue label. If you have any large tasks that could use help from a lot of contributors, now would be the perfect time to create an issue for it. You can learn more about Hacktoberfest here: https://hacktoberfest.digitalocean.com/
    • ContribEx will be generating a 404 report for new users so they will have a place to go.
    • SIGs, consider updating your good-first-issue labels.
    • SIG Leads, we’ve put together some recommendations for how to give an update for this meeting, the host will be reminding you from now on before your update.
    • Last call for Outreachy intern requests!
  • #Shoutouts!_ (want to say thanks? Use the #shoutouts channel in slack)_
    * @vlad Shlosberg: Huge shoutout to @jorge, @mrbobbytables, @paris, @hubt and a bunch of other for helping make @Foqal a success. Working with me on feedback, helping promote the project, submitting helpful answers, and everything else you guys have done!
    * @bentheelder: Shoutout to @mrhohn for being eternally responsive to networking issues on everything from PR reviews to sig-network test configs, dns images, the network e2es, and answering questions related to network issues in the infra and helping debug! Thanks for helping get the kube-dns manifest images out the door for 1.12! Zihong is always fixing things for us over in #sig-testing :slightly_smiling_face: and now over in #sig-release
    * @nikhita: shout out to @carolynvs for creating lots of help-wanted issues on service catalog (https://github.com/kubernetes-incubator/service-catalog/issues?q=is%3Aissue+is%3Aopen+label%3A%22help+wanted%22)…and having an excellent strategy of doing that! - https://twitter.com/carolynvs/status/1042061098101485580
    * @dims: big shoutout to @fabrizio.pandini for testing all the things! (v1.12 RC1 kubeadm under various scenarios)

September 27, 2018

  • Moderators: Josh Berkus [SIG-Release]
  • Note Taker: Tim Pepper [VMware/SIG-Release]
  • [ 0:00 ]** Release Updates**
    • Current Release Development Cycle [Tim Pepper ~ Release Lead]
      • Release today! …expect published artifacts by ~5pm Pacific
      • Pengfei Ni / @feisky (slack) / @feisker (github) is 1.12.y patch manager.
      • Any issues need targeted for cherry pick to 1.12.1 asap.
      • Retro next week. Enter any notes or thoughts or desires relative to release process in the 1.12 retro doc.
    • Patch Release Updates
      • No 1.10, 1.11 updates
      • 1.9.11 Mehdy Bohlool
        • released today, final update to 1.9.
        • “Finish Him!”
        • Time to upgrade if you haven’t…1.10, 1.11, 1.12 will now be our active releases.
  • [ 0:00 ] **Graph o’ the Week **[Aaron Crickenberger] How to analyze your test failures…
  • [ 0:00 ] SIG Updates
    • SIG Leads, check out this set of recommended topics to cover during your update
    • Please also check the SIG Update Schedule!
      • SIG leadership should prepare ahead of time
      • Give notice to the meeting moderator if your SIG will be unavailable
    • SIG Azure [Stephen Augustus] (confirmed) - Sorry peeps, last minute conflict today that I can’t shuffle
    • SIG Big Data [Yinan Li] (confirmed)
      • Slides
      • Apache Spark 2.4 Release coming mid to late October with Kubernetes functionality:
        • python and R language support
        • Client mode for spark-shell and notebooks
        • Mounting volumes, emptyDri, hostPath, PVC
        • Executor memory request control improvements (fractional values, milli-CPUs)
        • Scheduler backend robustness improvements
      • Future work:
        • Pod templates for driver and executor pod customizations. There are so many options configurable…explosion. Rather than adding more, they’re adding template support to make usage easier.
        • Service shuffling
        • Kerberos authentication
        • Improving support for local application dependencies on the client machines doing submissions
        • Driver resilience, checkpoint/restart for streaming applications.
      • Non-Spark, other projects:
        • Airflow 1.10: new operator and executor for arbitrary pods to run tasks. Operator for life cycle management (newly open sourced)
        • Spark Operator: exporting jvm/driver/executor metrics to Prometheus
    • SIG Scalability [Shyam Jeedigunta] (tentative)
      • Governance: charter is in place, giving official guidance on what the SIG can and can’t do (eg: in the past there’s been a lot of question around what is and is not release blocking)
      • Test resources: github issue (link?) exists to track work items ahead of shifting underlying test resources to CNCF
      • SLOs: API call latency and pod startup latency have been the only two for quite some time. Looking to add multiple new ones for networking.
      • Cluster loader (link): have achieved minimal viable product (MVP) level of readiness. This should enable other teams to easily run scale tests themselves.
      • CI health / tests: Working to speed up pre-submits’ running time, as these have historically been the slowest and are a merge bottleneck (eg: kubemark 500 is waay faster). Investing in de-flaking scale jobs like the 5000 node test, which recently had 8 green runs in a row (a record?).
      • 1.12 release: as typical, close to the end of the release some scalability issues came up, this time in:
        • taint node by condition feature which lead to notably slower start up.
        • CoreDNS regression was masked by other regressions until very late in the release cycle, leaving insufficient time to debug safely and feature dropped (CoreDNS is not the default on GCE yet…1.13?)
  • [ 0:32 ] :mega:Announcements :mega:
    • :postal_horn:Steering Committee Election Announcement :postal_horn:
    • https://www.surveymonkey.com/r/k8s-contributor-2018 -> Contributor Experience survey that will shape our direction and close feedback loops. K8s water bottle for your time today!
    • SIG Chairs/Leads/TLs/Keepers of Zoom and YouTube - check your email for issues relating to those two services. Approx. 40% of our community are not using the correct zoom license. Many, many meetings missing from YouTube channel, which is a negative on transparency.
    • Contributor Summit (Kubecon / CloudNativeCon Seattle) - registration will say waitlist, but: We are not sold out, yet. Please sign up anyway. We are working through a registration issue. There is a possibility we will pull registration from the KubeCon site into a separate registration process. If you have signed up already, you will not need to sign up again. If you are waitlisted, you will be contacted to sort out this issue. Join #contributor-summit on slack for real time info and GH LINK for published information. Initial content will be listed next week.
    • :clap:Shoutouts this week (Check in #shoutouts on slack) :clap:
      • @dims: Big shoutout to @jonasrosland to getting the CNCF meetup off the ground in boston and @abe for his talk on The Kubernetes Release Cycle ( https://www.meetup.com/Cloud-Native-Computing-Boston/ )
      • @timothysc: Huge shoutout to the whole release team and everyone else whose put in crazy effort to make RC2!
      • @aish: HUGE shoutout to @justaugustus for helping us fill the [release 1.13] roster out !
      • @justaugustus Shoutout to everyone who volunteered for the 1.13 Release Team! We staffed a FULL roster of leads and shadows in 16 days and they’ll be in super capable hands with @AishSundar and @spiffxp at the helm!
      • @spiffxp: shoutout to @cjwagner (Cole Wagner) for all of the work he’s done over the past year to remove mungegithub from the project and bring tide to kubernetes/kubernetes

Release Retrospective for 1.12

This community meeting also includes the restrospective for 1.12

October 4, 2018 -

1 Like

October 11, 2018

October 18, 2018

October 25, 2018

  • :microphone:Moderator: Jorge Castro [SIG Contributor Experience]
  • :memo:Note Taker: Josh Berkus [Red Hat/SIG Contributor Experience/Release]
  • [ 0:00 ]** Release Updates**
  • [ 0:00 ]** Demo **-- Cluster API AWS Provider (chuck@heptio.com)
    • Link to repo
    • Link to slides or docs or whatever goes here.
    • Demo of using the Cluster API to provision AWS.
    • CLI tool: clusterawsadm
      • Creates IAM rules, etc.
    • Must already have SSH key pair (does not create)
    • Starts with an existing Kubernetes cluster to create more clusters; you have to create a 1.11 or later cluster on your own (could be minikube)
    • Create manifests for the CRDs, using “makemanifest”
    • Clusterctl crd then controls the cluster.
      • Pass many parameters by switch
      • Once the new cluster is created, moves the ClusterAPI to that cluster.
    • Secrets? In the CRD defintions.
    • Config file for ClusterCTL? Not sure.
  • [ 0:10 ] :bar_chart:Contributor Tip of the Week [Aaron Crickenberger] :bar_chart:
    • HODL
    • https://prow.k8s.io/command-help#hold
      • Prevents merging
    • http://go.k8s.io/github-labels#do-not-merge/hold
    • /hold to add, /hold cancel to remove
    • Good idea / Bad idea
      • Good idea: explaining why you’re putting on the hold
      • Bad idea: removing a hold in a PR you’re not involved in
    • Reasons to hold
      • Hang on, I the reviewer, think this needs more discussion
      • I, the author, am holding this and will remove it when I’ve heard from the people I want
      • I think the author should have final say on when this PR merges
    • Notes:
      • Anybody can add or remove a hold (don’t even need to be an org member)
      • Can we blacklist? We can, from the org
        • We’d have to restrict hold to org members if it was a problem
  • [ 0:20 ] :satellite:SIG Updates:satellite:
    • SIG Leads, check out this set of recommended topics to cover during your update

    • Slide template if you need it

    • Please also check the SIG Update Schedule!

    • SIG Docs [Jennifer Rondeau, Zach Corleissen] (confirmed)

      • Slides
      • Thanks to zparnold for adding automation foo tracking doc submistions in the Github API
      • Reorganized localization, now under a consolidated repo
        • Everything in kubenetes.io
        • Thanks to Korean translators for making this happen
        • Also updated guidelines
      • Better automation for API reference docs (thanks Chi Ming Tang(sp?))
      • Jennifer Rondeau is new SIG-Docs co-chair
    • Upcoming Work:

      Upcoming doc sprints:

    • Shanghai (localization workflows)

    • Seattle (TBD)

  • Next: how do we ensure that content remains fresh?
  • Localization subprojects have been consolidated into k/website
  • Now have a WG for SIG-Docs tooling, led by Luc Perkins(sp?)
  • Want to contribute? We always need technical reviewers!
    • Or just pick an open issue
    • PRs get more attention than issues, so if you find something wrong, PR a correction.
  • Chairs: Andrew Chen, Zach Corliessen, Jennifer Rondeau
  • SIG Storage [Saad Ali] (confirmed) :satellite:
  • Slides
  • Last Quarter:
    • Topology Aware Volume Scheduling
      • Make scheduler smarter about where storage is
      • Used to be a per-storage hack, now an expressible constraint for the scheduler
      • Started in 1.10, added CSI support in 1.12, beta soon
    • Snapshot & Restore
      • Started a year ago. Was a question whether it should be part of the API at all. But many DB admins would like it.
      • Mapping declarative to imperative was hard.
    • CSI to GA this quarter
      • PV support is primary
      • Also want to support ephemeral volumes, and block volumes
      • Now, we need to migrate the in-tree storage to CSI plugins. This is a blocker for Cloud Provider migration.
        • Challenge: end-users need to have a smooth transition
      • Working on reusable libraries for common storage (iSCSI etc.) that can be used as templates
      • Adding conformance testing for CSI
      • GA depends on completing Kubelet registration mechanism
      • We’re extrating the mount library in k/k to a separate repo so that CSI driver authors can use it.
    • To beta this quarter:
      • Ephemeral volumes
      • CSI Topology
      • CRD automated installation
      • In-tree Block Volume support
  • Catch up with SIG-Storage at their biweekly meeting, or at Kubecon
    • Sessions in Seattle, also a “Cloud-native Storage Day”
  • As part of moving to GA, they need a more robust mechanism than user-modifiable CRDs. THis includes addressing the downgrade problem.
  • [ 0:00 ] :mega:Announcements :mega:
    • Meet Our Contributors - Nov 7th at 230p and 8p UTC

      • 230pm UTC - 5 Steering Committee Members AMA
      • 8pm UTC - contributor mentors AMA
      • #meet-our-contributors on slack
      • YouTube Playlist
    • The final call! CNCF awards nominations are open, details here!

    • Kubernetes Contributor Summit Details

      • The Contributor Social for Kubecon Shanghai has been scheduled. It will be from 5pm to 7pm, November 13, at the convention center. The event will feature a panel of Chinese contributors to Kubernetes, discussing obstacles and opportunities.
      • Seattle - Registration is closed, waitlist is in effect, if you cannot attend please let #contributor-summit (Paris/Jorge/Bob) know so we can free up your slot!

      **:clap: **Shoutouts this week (Check in #shoutouts on slack) :clap:

      • pwittrock - Shoutout to @alexismp @jeefy and @mrbobbytables for helping me with my All Things Open Kubebuilder workshop. Thank you so much!
      • AishSundar - shoutout to @nikopen for automating the Issues and PR spreadsheet for Bug Triage and CI Signal for 1.13 ! Thanks for staying on top of this and accomodating the feature requests
      • jberkus - to @justinsb for splitting out our long-running upgrade tests so that they actually complete
      • spiffxp - Congrats to @bentheelder for creating a PR that deletes over 3 million lines of code https://github.com/kubernetes-sigs/kustomize/pull/503
      • nabrahams - Shoutout to @idealhack for translating a huge pile of slides in preparation for the New Contributor Workshop in Shanghai.
      • kacole2 - Shoutout to @AishSundar @spiffxp @claurence @gsaenger and @ameukam for their help on getting all the k/features (enhancements) issues in a great spot where everything is now being tracked to a PR in k/k and getting the freeze over the finish line.
      • AishSundar - @kacole2 right back at you ! Awesome job on doing all the heavy lifting yourself. Staying on top of ~50 incoming enhancements, following up to prune the list and mentoring the shadows at the same time is no easy feat :slightly_smiling_face:
      • nikhita - Shoutout to @lukaszgryglicki for being extremely responsive to feature requests for DevStats and implementing them and fixing bugs reallyyyyyyy fast!! :tada:
    • Stackoverflow Top Users (Once a month at the end of the month)

    • Community meeting Nov 22

      • We traditionally cancel this meeting due to US Holiday (Thanksgiving)
      • Let’s try to be more global, see #sig-contribex if you want to help drive this meeting this week while the US is out.

Looks like I missed this one, sorry for the delay!

November 1 , 2018 - (recording)

  • Moderators: Tim Pepper [SIG Release / Contrib Ex]
  • Note Taker: Solly Ross
  • [ 0:00 ]** Demo **-- Automation Broker - Michael Hrivnak (mhrivnak@redhat.com) (confirmed)
    • Website
    • Service Bundle: container image/pod that runs to completion to install a service on the cluster
      • Hooks into service catalog via automation broker
      • Ansible Playbook Bundle
        • Easy way to make a service bundle
        • Each service catalog action maps to an Ansible playbook in the bundle
      • Can run other things besides ansible in service bundles (demo on youtube running Helm)
      • Service catalog UI support
        • Partial support in Kubeapps
        • Support in OpenShift
    • Ansible Operator
      • Runs ansible roles/playbooks as an operator
    • Ansible roles exist for manipulating kubernetes objects
  • [ 0:12 ]** Release Updates**
    • Current Release Development Cycle [Aish Sundar - Release Manager]
      • v1.13-alpha3 was cut yesterday, 10/31
      • v1.13-beta0 and Release branch creation scheduled for Tuesday, 11/6
        • Highly dependant on clean CI Signal
        • Branch fast forwards will happen everyday thereafter
      • Code slush is coming up Friday, 11/9
        • Enhancement owners evaluate enhancement readiness based on pending work (code, test and docs)
        • Code Freeze is just 2 weeks away !
        • If you need to enhancement adjusted, please work with the Release team
        • Ensure 1.13 PRs are uptodate on labels (sig, kind, priority, milestone)
        • _Tide will start enforcing Code slush merge label requirements _
      • CI Signal
    • Patch Release Updates
      • 1.11.4 went out last week
      • 1.12.2 went out last week
    • Questions
  • [ 0:00 ] Open KEPs - link to Caleb’s announcement…repository is moving location
    • SIG Architecture is working to improve KEP process for community
    • Extracting KEPs from community repo (see link to the discussion on kubernetes-dev)
    • Try to have small merges that document consensus rather than waiting for full approval/finalization to merge
    • Moving towards eventually making KEPs the main way to propose features (as opposed to being optional)
  • [ 0:00 ] SIG Updates
    • SIG Leads, check out this set of recommended topics to cover during your update
    • Slide template if you need it
    • Please also check the SIG Update Schedule!
    • SIG AWS [Nishi Davidson] (confirmed)
      • https://drive.google.com/file/d/1jDR1Esdu2ApnuLrzsGxn7iv1cU3sWc7R/view
      • We currently host 5 subprojects in SIG-AWS
      • Subprojects aws-alb-ingress-controller, aws-ebs-csi-driver and out-of-tree ccm will be alpha in k8s v1.13
      • Cloud Provider status
        • In-tree
          • Adding e2e tests
          • Will be maintained until out-of-tree is GA, 2 release deprecation
        • Out-of-tree
          • GA Q3 2019
      • CI Signal
        • Added aws-tester plugin
        • Creates ephemeral EKS cluster to run Kubernetes e2e tests as periodic jobs (not blocking)
        • Hoping to integrate etcd conformance tests, cluster API tests as well
    • SIG Scheduling [Bobby Salamat] (confirmed)
      • 1.12
        • Scheduler perf improvements
          • Only score percentage (50%, but configurable) of feasible nodes per pod, properly considered across failure domains
          • Improved affinity/anti-affinity performance
        • Graduated TainNodesByCondiion to beta, which creates taints for node conditions automatically
        • Enable ImageLocalityFunction by default, which prefer nodes which already have the images for a pod, weight set to avoid putting all pods from an RS on the same node
        • Scheduling framework design finalized (move scheduler features towards plugins, both in-process and out-of-process)
      • 1.13
        • Finalize design of gang/co-scheduling (more efficient batch job scheduling, e.g. for ML workloads)
        • Finalize pod scheduling policies (allowing admins to control how pods get scheduled – e.g. preventing setting tolerations, preventing certain namespaces from getting placed on certain nodes)
        • Deprecating the “critical pod” annotation, in favor of pod priority and preemption
        • Enable pod resource limit function (prefer nodes that can fit both a pod’s request and limit)
        • Implement extension points for scheduling framework (see above)
        • Improve equivalence cache (new design to address existing shortcomings)
    • SIG Contributor Experience [Paris Pittman] (confirmed)
      • Update Deck
      • What was done last cycle
        • Theme: making your life easier (automation, documentation, mentoring, events, etc)
        • Performed the contributor survey (graphs on the way!)
          • Common comments
            • Meetups are out of scope, but will pass information on to CNCF
            • You can apply “good first issue” labels even if you didn’t file the issue
            • People liked slack, release team notes in community meetings
          • Scrubbed data is in the link, take a look
        • Misc
          • Communication moderation changes (stay public while dealing with bad actors) – SIG chairs should learn how to follow these processes
            • Calendar is private ATM because of bad actors
            • Zoom links aren’t publicly posted for similar reasons (please don’t tweet them), but work is being done to solve this with Zoom
          • Launched discuss.k8s.io as a community forum, please post/take a look!
      • Upcoming
        • Revamp developer guide
        • Move KEPs out kubernetes/kubernetes
        • Build a contributor site
        • Upgraded communications guide
        • Improve SIG Chair processes (e.g. Zoom-to-Youtube automation process) – please reach out if you have opinions
      • Seattle Contributor Workshop
        • Waitlisted (if you’re a chair, TL, or subproject owner who hasn’t signed up, please reach out!)
        • lots of good content planned
        • Night-before event to hang out and talk
      • Consider mentoring, even if it’s just 1 hour per quarter
        • Only need one merged PR to be a mentor
      • See slides for a _whole lot _more work, information, links, and sigup information
  • [ 0:00 ] :mega:Announcements :mega:
  • Shoutouts
    • Nikhita: shoutout to @dims for being Asia/EU friendly while deciding the meeting time for #k8s-infra-team
    • Mzee1000: Shout-out to @mrbobbytables for his help with Kubernetes 101 in Bangalore
    • Jberkus: to: @justinsb for continuing to be the “difficult test fail” resolver.
    • Jberkus: to @neolit123 for fast turnaround on kubeadm test fails
    • Fejta: shoutout to @bentheelder for finally creating a @thockin emoji :thockin:
    • @liz to: @bentheelder for going above and beyond to help me get my KIND tests working!
    • @paris thanks to @nikhita @roycaihw @brendanburns @dims and many others for answering questions from first time contributors in the outreachy process slack channel #outreachy-apps
    • @spiffxp thanks to @audreylim for tackling e2e test error messages as her first kubernetes pull-request (https://github.com/kubernetes/kubernetes/pull/69583)
    • To Solly Ross for taking notes today

November 8, 2018 -

  • Moderators: Jorge Castro [SIG Contributor Experience]
  • Note Taker: Solly Ross (Google/SIG AUtoscaling)
  • [ 0:00 ]** Demo **–IngressRoute with Contour - Steve Sloka (steves@heptio.com)
  • [ 0:00 ]** Release Updates**
    • Current Release Development Cycle [Aish Sundar - Release Manager]
      • We cut Beta0 and the 1.13 Release branch yesterday, 11/7 !
      • Updated to Go 1.11.2 before Beta.
      • Code Slush is this Friday (tomorrow), 11/9
        • All PRs need /priority, /kind, /sig, /milestone labels to merge post 5pm PST
      • Code Freeze is just a week away - 11/16
        • Handful of Enhancements are pending only tests and docs
        • There are a couple of Enhancements at risk and a few that have had no activity in past week or so.
        • Owners please update k/enhancement issues with current status
        • Please reach out to Release team early on if you think you need to move out your enhancement
      • CI Signal
      • Docs
        • Open PRs: 11/22
        • Completed PRs: 2/22
        • We have 7 outstanding PRs. We will be pinging owners on issues.
      • Release Notes
        • Sig Leads expect initial draft of the release notes coming your way for review next Monday 11/12
        • Please leave early feedback if you can
      • Questions:
        • Where should we send 1.14 volunteers
          • Look out for issue for more info, will be linked in next week’s update
    • Patch Release Updates
      • x.x
      • y.x
  • [ 0:00 ] **Contributor Tip of the Week **[Aaron Crickenberger]
  • [ 0:00 ] SIG Updates
    • SIG Leads, check out this set of recommended topics to cover during your update
    • Slide template if you need it
    • Please also check the SIG Update Schedule!
    • SIG Cluster Lifecycle [Tim St. Clair] (confirmed)
      • Slides
      • Homepage: https://contributor.kubernetes.io/sigs/sig-cluster-lifecycle/
      • Mission: simplify creation/upgrade/downgrade/teardown of Kubernetes clusters and their components
      • Last cycle
        • Kubeadm: Config changes, improved CRI, HA, cert management, air-gapped support
        • ClusterAPI: Provider-specific repos, many providers
      • Upcoming plans
        • Better meeting times and subproject coordination
        • Kubeadm to GA (beta config, command line options fully supported)
        • Cluster API integrating cluster API into kops
        • Kubespray defaults to kubeadm
        • ComponentConfig for structured configuration of other Kubernetes components
        • Deprecate: kube-up, kubernetes-anywhere
      • Reminder: for upgrade testing: SIG cluster lifecycle owns the framework, others own the actual tests
      • Events: Upcoming kubecon talk on the future of addons
      • New etcd management proposal/tooling (proposal just approved)
      • Questions:
        • If kube-up and kubernetes-anywhere are deprecated, what’s the standard deployer (what’s the kubeadm version of curl | bash to install)?
          • documented well on the kubeadm section of the docs
          • kubernetes-anywhere was just used for e2e tests
          • other tooling (e.g. kubespray) builds on top of/orchestrates kubeadm, kubeadm only sees local machine
          • Cluster API provides the same view of different backends, kubeadm is the base layer, providers in the middle
        • Why use CRDs instead of aggregated APIs?
          • maturity, easy of use, portability
    • SIG OpenStack [Chris Hoge] (confirmed)
      • Slides
      • Previous work
        • In-tree driver is deprecated and will go away soon
        • Manilla provision
        • CSI support for Manilla and Cinder
        • Magnum is now Kubernetes Certified Installer
        • Driver for Cluster API in the works
      • Future Work
        • Heat & Senlin autoscaling drivers
        • Storage driver consolidation
        • Barbican driver for key management
        • Finish in-tree code removal
      • Transitioning into a WG under SIG Cloud Provider
      • Events:
        • OpenStack Summit, Berlin (Nov 13-15)
        • Sessions at KubeCon Seattle
    • SIG Auth [Mo Khan ] (confirmed)
      • Slides
      • Homepage: https://contributor.kubernetes.io/sigs/sig-cluster-auth/
      • Features
        • Per-pod ephemeral service account tokens (projected volumes instead of secrets)
          • If NOT using client-go today, need to keep reading token off disk
        • Restricting Kubelet self-applied labels (via an admission plugin)
        • Dynamic audit configuration (add/remove audit sinks without restart of API server)
      • Container Identity WG winding down
  • [ 0:00 ] :mega:Announcements :mega:
    • Contributor Summit @ Kubecon

      • Shanghai: Josh is getting on a plane, see you all there!
      • Seattle: Chairs and owners, if you haven’t confirmed we’re running out of time, please let us know.
    • Community Meeting Schedule

      • 11/22 (Thanksgiving in the US) - Meeting is Still on, Ihor will be your host!
      • 12/6 - Release Retro for 1.13 (tentative!)
      • 12/13 - Kubecon, no community meeting
      • 12/20 and 12/27 - No community meetings
      • January, SIG Apps, SIG UI, SIG VMWare
    • Steering committee not having meeting in two weeks, will have one just before Kubecon

      • SIGs: Please try to have your charters in by KubeCon

      **:clap: **Shoutouts this week (Check in #shoutouts on slack) :clap:

    • paris and jdumars: big thanks to @mattfarina who just spent an hour helping organize our project boards

    • Jberkus: Shanghai Shoutouts for next week: Megan Lehn for doing all the logistics and legwork from thousands of km away, @puja @xiangpengzhao and @idealhack for translating all the New Contributor Summit materials and many other things besides! Also, to @mrbobbytables and our localization volunteers for getting the international forums at dicuss.kubernetes.io launched!

    • AishSundar: Shoutout to @jberkus and his team of CI Signal shadows @maria and @mortent for staying on top of CI signal failures and flakes every day, opening and following up on test issues and fixes and help maintain stable test health for 1.13 release !

    • jdumars - Big thanks to @spiffxp @dims and @mattfarina — all of whom have stepped up and helped with the work in SIG Architecture!

    • mauilion - shoutout to @jdetiber for always finding time to help dig into the cluster-api stuffs.

    • AishSundar - shoutout to @justinsb, yet again, for extremely quick turnaround on a long standing Upgrade testing issue (#56787). This helped us get clean e2e CI coverage one of the 1.13 Beta Feature “Taint Based Evcitions”

November 15, 2018

  • Moderators: Jorge Castro [SIG Contribex]
  • Note Taker: Solly Ross (SIG Autoscaling/Google)
  • [ 0:00 ]** Demo **–Pulumi - an OSS, k8s-native deployment orchestration engine [Alex Clemmer]
    • Link to slides
    • Link to repo
    • Pulumi: open-source tools for managing cloud infrastructure
      • Declare steady state (like Kubernetes) using programming languages like Python, Javascript, Typescript to manage the cloud repos
      • Declare desired “outputs” to be saved for easy access (e.g. Service IPs)
      • Schema is _exactly _kubernetes schema for Kubernetes types, etc (no special other format)
      • Knows how interact with deployments (has concept of updates, knows that it needs to rollout, wait for rollout to succeed, only delete old objects after)
    • Workflow for using something like RDS:
      • Without Pulumi: deploy using one tool (e.g. terraform), then fetch connection string into secret (maybe using something else), then use in kubernetes (e.g. deploy app via Helm)
      • With Pulumi: Declare steady state in code for everything
    • Live demo: deploy CosmosDB + Helm chart
      • Declare CosmosDB, exported connection string
      • Declare secret (using normal Kubernetes schema) with connection string
      • Declare Helm chart (deploying Bitnami Node.JS image) using secret to supply external DB
      • How it works:
        • Pulumi figures out dependencies automatically to figure out that CosmosDB needs to come before Secret, chart depends on secret
        • pulumi up will show a “plan” of operations + Kubernetes JSON, executes plan on confirmation
      • Can specify “stack outputs” to save from the objects generated, to fetch programmatically (e.g. IP of serving generated by Helm chart)
    • Question
      • How is schema generated, what happens to unknown attrs
        • Schema is generated via OpenAPI spec based on all available versions
  • [ 0:00 ]** Release Updates**
  • Patch Release Updates
    • v1.12.3 cut planned Monday, Nov 26th
    • V1.10.0 published earlier this week
  • [ 0:00 ] **Contributor Tip of the Week **[Jeffrey Sica]
    • cs.k8s.io – Search all repos in seconds
      • Can regex search across all Kubernetes repos and orgs
      • Automatically filters out certain types of files, but that can be configured
    • Check out the contributor cheatsheet for other shortcuts (PRs accepted!)
  • [ 0:00 ] SIG Updates
  • [ 0:00 ] :mega:Announcements :mega:
    • Contributor Summit @ Kubecon

      • Shanghai: Great turn out! Lots of great pics on Twitter etc.
      • Seattle: Chairs and owners, if you haven’t confirmed we’re running out of time, please let us know. You do not need a ticket to kubecon/cnc for this. Email community@kubernetes.io
    • Kubecon US is SOLD OUT. If you register now you’ll be waitlisted. \

    • Community Meeting Schedule - there are no SIG updates for December.

      • 11/22 (Thanksgiving in the US) - Meeting is Still on, Ihor will be your host!
      • 12/6 - Release Retro for 1.13 (tentative!)
      • 12/13 - Kubecon, no community meeting
      • 12/20 and 12/27 - No community meetings
      • January: SIG Apps, SIG UI, SIG VMWare \
    • Steering committee not having meeting in one weeks, will have one just before Kubecon

      • SIGs: Please try to have your charters in by KubeCon
        • Each SIG has been given a steering committee member to review
        • reach out to steering committee if you have questions
    • Office Hours next week on YouTube:

      • See this for more information
      • Come answer questions about Kubernetes on a livestream!
  • [ 0:00] :clap: Shoutouts this week (Check in #shoutouts on slack) :clap:
    • paris - very big shoutout to @jberkus and the entire kubecon shanghai new contributor workshop team! josh built a team and carried out the event plan for this first time, sold out event in a new market to welcome contributors from this region. the event is in a few hours (from this timestamp) - best of luck and have a great time team!!
    • jberkus - TY! Let’s add all the names: @tpepper @puja @nabrahams @xiangpengzhao @idealhack & Megan Lehn & Jerry Zhang
    • neolit123 shoutout to @fabrizio.pandini for organizing the transition of phases in kubeadm to GA and also thank you to all the new kubeadm contributors who helped us with this work @yago @yuexiao wang @ereslibre @Rohit
    • spiffxp Shoutouts to @chenopis @zacharysarah and @bradtopol for organizing and running the docs translation sprint at kubecon Shanghai
    • Ivan Font @bentheelder and all others who worked on kind: I wanted to give a shout out for the work done to create kind. Nice work! I’ve experimented to get kind working with multiple clusters so that we can use it to test federation-v2 with multiple clusters for dev and CI and I’m very impressed with it so far! I filed a few issues #110, #111, #112, and #113 that I’ve stumbled across in the process of doing that, but it is not a reflection of the quality of work that’s been done here. Again, thanks for the awesome work! Thanks to @munnerz @neolit123 @Jorgealarcon @Lion-Wei @TaoBeier @amwat

November 29, 2018 - Last meeting of the year!

  • Moderators: Josh Berkus [SIG-Release]
  • Note Taker: Solly Ross [Google/SIG Autoscaling]
  • [ 0:00 ]** Demo **-- Docs Modeling Working Group Demo [Andrew Chen, @chenopsis, Dominik (dominik.tornow@sap.com)] (confirmed)
    • Link to slides
    • Modelling how we design and look at documentation
      • Idea:
        • Ideally, two people who look at the same system develop the same mental model
        • Looking a documentation, there may be encoding/decoding loss (writing/reading docs), which leads to different mental models
      • Fundamental Modeling Concepts
        • Approach to system modeling with formal models of system’s structure and behavior
        • Diagrams and formal models can help show whole-picture view
        • Show people how things work without needing to point people at actual source code
    • Issues with existing docs:
      • docs are task focused (good for on-demand “how do I” type questions), but can’t easily develop a coherent general picture
      • non-obvious behavior doesn’t match general mental model, docs should help fix that
    • Process:
      • Ongoing: Discuss models (in SIG Docs), Interview engineers, validate models, create source materiel (e.g. Medium posts) and get feedback
      • Eventually: fold back into to k8s.io (planned for next year)
  • [ 0:13 ]** Release Updates**
    • Current Release Development Cycle [Aish Sundar - Release Manager]
      • Code freeze for 1.13 is now lifted! Code thaw went into effect 11/28, 8pm PST.
      • Master is now open for 1.14 development.
      • Only the absolute most critically urgent bug fixes might be cherry picked back in time for 1.13.0.
      • 1.13-rc.2 slated to cut tomorrow, 11/30.
      • The release is on target for** Monday, 12/3/2018**, pending CI signal.
      • If you still have outstanding Docs PR or Release notes, please get -them in ASAP.
      • We’re targeting our release retrospective for next week’s Community Meeting on 12/6. Please add any comments you’d like included in discussion for things that worked well and things that should change in our 1.13 retrospective document.
    • Patch Release Updates
      • 1.12.3
      • 1.11.5
      • 1.10.11
  • [ 0:16 ] SIG Updates
  • Please drop a note in the community meetings doc, or reach out if you want to talk about a KEP in the community meetig
  • [ 0:00 ] :mega:Announcements :mega:
    • Contributor Summit [Paris and Jorge]
      • **We are sold out/waitlisted - L A S T C A L L if you’re a SIG Chair, TL, or subproject owner **
      • Talks have been added to the community calendar, shortcut: http://bit.ly/kubernetes-summit
      • Check out #contributor-summit on slack
      • Event information
    • Community Meeting Schedule - there are no SIG updates for December.
      • Today is the last “normal” community meeting
      • 12/6 - Release Retro for 1.13 (tentative!)
      • 12/13 - Kubecon, no community meeting
      • 12/20 and 12/27 - No community meetings
      • January 1/3 : SIG Apps, SIG UI, SIG VMWare
    • Meet Our Contributors will be 5 December.
      • Steering Committee AMA @ 730a PT / 330pm UTC
      • Mentor panel @ 1pm PT / 9pm UTC
      • Be a mentor to hundreds with one hour of your time! Reach out to parispittman@google.com / “paris” on slack to get scheduled.
    • No k8s office hours this month - thanks to all the volunteers who helped make the program a success this year.
    • **:clap: **Shoutouts this week :clap:
      • Twitterverse shoutouts for our fearless 1.13 Release Team Lead, @AishSundar: https://twitter.com/stephenaugustus/status/1063610123149545472?s=19
      • Shoutout to @amerai for adding a search bar to Testgrid so that you don’t have to dig to find the right dashboard! https://testgrid.k8s.io/
      • to @mkimuram & @saad-ali & @msau42 for rapid response to multiple storage test issues with new features.
      • to @mrhohn for fast & insightful help with sig-network test failures
      • Huge shoutouts to the entire 1.13 Release leads and shadows for their stellar efforts at every stage throughout the cycle, enabling us to stabilize and hopefully land the release on time - @kacole2 @jberkus @cjwagner @dougm @nikopen @tfogo @marpaia @kbarnard10 @spiffxp @tpepper@aleksandram!
      • Special shoutout to contributors “technically” not on the release team, but have been instrumental in getting us unblocked at numerous points this release with their reviews, test fixes and test-infra support - @dims @liggitt @justinsb @cblecker @bentheelder @justaugustus (edited)
      • shoutout to you @AishSundar for keeping us all in line this whole cycle! you’ve been a totally awesome release lead.
      • Shoutout to @mrbobbytables for significally reducing my admin overhead for the New Contributor Workshop!

January 3rd, 2019 - recording

  • Moderators: Jorge Castro [SIG Contributor Experience]
  • Happy New Year!
  • Note Taker: Bob Killen [SIG Contributor Experience/University of Michigan]
  • [ 0:00 ]** Demo **-- OpenLab - Melvin Hillsman (mrhillsman@gmail.com) - OpenLab is curated infrastructure for open source testing https://openlabtesting.org
  • [ 0:00 ]** Release Updates**
    • Current Release Development Cycle [Aaron Crickenberger - Release Lead]
      • We are at Week 0 for v1.14, release team leads finalized
      • v1.14 schedule draft being reviewed by former release leads, current release lead shadows, sig release chairs
      • Aiming for kickoff next week, all release team shadows finalized by Friday Jan 11th
      • Modest proposal: to land in this release, you must have a KEP, even if you didn’t before, and that KEP must have a test plan, and an upgrade/downgrade plan
        • will be discussed at length during next week’s sig-arch meeting
    • Patch Release Updates
      • discussion ongoing on setting up a schedule for patch releases
  • [ 0:00 ] SIG Updates
    • SIG Leads, check out this set of recommended topics to cover during your update
    • Slide template if you need it
    • Please also check the SIG Update Schedule!
    • SIG Autoscaling, Networking, and PM due next week!
    • SIG Apps [Matt Farina] (confirmed)
      • Slides
      • Last Cycle
        • Charter completed and merged
        • Figured out needs to make CronJobs GA
        • Started work on Portable Service Definitions
        • Work on Application Controller
      • Upcoming Cycle
        • Looking for lead on CronJob GA
        • Begin work on Portable Service Definitions
        • Application Controller Status
        • Deprecation of Beta APIs
      • CronJobs to GA
        • Currently still batch/v1beta1
        • Has scalability issues
        • Controller needs to be rewritten
        • Looking for contributors
      • Portable Service Definitions
        • [insert kep link here]
        • enable an application to be deployed into multiple environments while relying on external services
        • Will be built on CRDs + controllers
        • Looking to solve some UX consistency issues
        • Looking for contributors
      • Application Controller Status
        • Bubble up application deployment rollup status
        • How to get status for multiple components of an application
      • Deprecation of Beta APIs
        • Continue to support beta APIs, despite “formal” deprecation some time ago
        • Turn off in 1.15 with optional flag to re-enable.
      • How to Contribute
        • Lots of opportunities with CronJobs etc
    • SIG UI [Jeffrey Sica] (confirmed)
      • Slides
      • Last Cycle
        • Finished and merged SIG-UI charter
        • 2 releases including fix for CVE-2018-18264
        • Metrics server support
        • Angular Migration branch merged to master (entire front-end rewrite)
          • versioning schema will change for future releases
        • Annual Survey of dashboard users
      • Upcoming Cycle
        • Formalize metrics server support
          • Current solution is stop-gap
          • Will support prometheus and other sinks in the future
        • Versions will now be 2.x.x
        • Better OAuth support
      • How can you contribute
        • looking for help with metrics
    • SIG VMWare [Steve Wong] (confirmed)
      • Slides
      • Last Cycle
        • External vSphere Cloud Provider [alpha]
        • CSI provider for vSphere
        • Cluster API provider for vSphere
      • Upcoming Cycle
        • Bring external vSphere Cloud Provider to stable release status
        • Bring CSI provider for vSphere to stable release status
        • Cluster API provider for vSphere
          • improve e2e tests
      • Working to provide licenses for Fusion/Workstation to support minikube CI/CD
      • If there are any licensing issues when working with commercial VMware components, reach out for license and support help
  • [ 0:00 ] :mega:Announcements :mega:

January 10, 2019

  • Moderators: Josh Berkus [SIG-Release]
  • Note Taker: Solly Ross [Google]
  • [ 0:00 ]** Demo **-- Krew: kubectl plugin manager [Ahmet Alp Balkan, @ahmetb] (confirmed)
    • Link to repository
    • Link to slides
    • Kubectl plugins are stable as of 1.12 – can extend kubectl by adding new commands with kubectl-foo binaries
      • e.g . bespoke commands for workflow or extensions
    • Krew – like homebrew (brew) for kubectl
      • Easy way to discover/install plugins, keep up to date
      • Is plugin itself (kubectl krew install/upgrade/remove)
      • Can easily package for multiple platforms (windows, linux, osx) – just write manifest pointing at hosting location and files
      • Doesn’t support:
        • External dependencies (e.g. python)
        • Version skew
        • Security scanning
    • Plugin index
      • Centralized in YAML file for the moment
      • 3rd-party package index support in the works
  • [ 0:12 ]** Release Updates**
  • [ 0:21 ] **Contributor Tip of the Week **[Aaron Crickenberger]
  • [ 0:27 ] Open KEPs [Kubernetes Enhancement Proposals]
    • Coscheduling [Klaus Ma SIG-Scheduling] (confirmed)
    • [slides here]
    • Motivation: Some workloads (e.g. batch data processing) need all pods to start together
      • If some don’t start/get the right resources, everything should fail
      • May need some minimum (softer requirement than “everything”)
    • Proposal
      • Introduce “group name” annotation, scheduler considers all pods a group as needing to start together
      • Can separately specify minimum start number for a group
      • Can mark group as “restart entire group if one pod fails”
    • Quota brings some issues (quota could block things from creating/starting)
      • Can mark group as reserving some total amount of resources for the group
    • Status
      • Support in kube-batch 0.2+
      • Ongoing work: PodGroupController, Quota support, better starvation behavior
    • Other Kube-batch features: Queues, preemption, and more
  • [ 0:00 ] SIG Updates
    • SIG Leads, check out this set of recommended topics to cover during your update
    • Slide template if you need it
    • Please also check the SIG Update Schedule!
    • SIG PM [Stephen Augustus] (confirmed)
      • Slides: https://docs.google.com/presentation/d/1IcrTbZCGlZGZKnBO6srYqPZiwGrDdUnacm7OlF5GM1o/edit?usp=sharing
      • Intro and deep dive from kubecon available on youtube
      • Last cycle
        • Survey on how people work with/use Kubernetes
        • Improved KEP process (KEP-1a – how do you implement usage of KEPS)
        • Moved some content/repos to unify how we track/manage multi-release work (KEPs)
          • k/features → k/enhancements
          • KEPs → k/enhancements
        • Categorizing KEPs
      • Next cycle
        • Revamp SIG PM charter (align with standard charter setups)
        • KEP
          • Clean up KEP process documentation to be clearer
          • Designate who owns different parts of KEPs at different points in lifecycle of the KEP
          • Continue migrations
            • Design proposals → k/enhancements (maybe)
              • Need to start pruning/figuring out what’s relevant
          • Make it easier to work with KEPs:
            • KEP CLI tool (easily update keps, scaffold new ones, etc)
            • KEPs on contributor site (for easy browsing, consuming)
          • KEP GA in 1.15
        • Burn all the spreadsheets
        • Make it easier to track projects cross-SIG
    • SIG Autoscaling [@mwielgus] (confirmed)
      • Responsible for all the components that adjust cluster objects for cluster needs (VPA, Cluster autoscaler, HPA)
      • Current features
        • Faster HPA scaling
        • Resolving problems with pod priorities in Cluster Autoscaler (a couple remain)
        • Vertical Pod Autoscaler to beta
        • Alibaba cloud support in Cluster Autoscaler
      • Upcoming features
        • API for scale up/down speed in HPA
      • Meeting every monday (7:00 AM PST)
    • SIG Network [Bowei Du] (confirmed)
      • In progress (see slides for more info/links):
        • IPv6
        • Custom DNS policy
        • Pod readiness gates
        • SCTP support
        • Node-local DNS caching
      • Please try stuff out and submit feedback!
      • Upcoming themes (see slides for links)
        • Revamping Ingress/L7
        • Dual stack (IPv4 + IPv6)
        • Topology-aware services (e.g. node local services)
        • Revamping services and endpoints
        • Multicast support
        • Windows support
      • Meetings every other Thursday
      • Looking in to contributor on-ramping guide
  • [ 0:00 ] :mega:Announcements :mega:

January 17, 2019

(Recording being edited)

  • Moderators: Paris Pittman, SIG-Contributor Experience

  • Note Taker: Josh Berkus

  • [ 0:00 ]**Demo: **Kamus (confirmed) (forgot to get name)

    • Kamus - A secret encryption/decryption solution for Kubernetes applications.
      • open source, avail on Github
    • Slides
    • For storing all types of secrets (API token, certs, client pwd)
    • Existing secrets solutions are incomplete
      • Folks use “sealed secrets”, but that has limitations too
    • Demo of Kamus
      • 5 pods running PHP app with “decryptor”
        • it’s one for the app, 4 for Kamus api: 2 handling encryption and 2 handling decryption
      • Uses an encryptor exec to encrypt the secrets, and an init container to provide app containers with secrets access
      • Demo didn’t work initially, but worked later
    • Where are secrets being stored?
      • Multiple encryption options
      • Stored in either azure keyvault or gcp (google cloud)-kms(?)
        • (so, stored in cloud provider secrets store)
  • [ 0:00 ]** Release Updates**

  • [ 0:00 ] Contributor Tip of the Week

    • Mentoring!!
      • Grow your contributors!
        • Meet Our Contributors - monthly youtube series
          • New and current contributors
          • Two sessions for global span 3:30pm and 9pm UTC
          • To ask a question: #meet-our-contributors in slack or DM paris for anonymity
          • Current contributor benefits: an entire session with the steering committee to answer questions around: governance, structure of project, how they got involved, current business.
            • During regular mentor panel session: ask why is your test(s) flaking, how to be a subproject owner, what SIGs are looking for more contributors, etc
        • Google Summer of Code!
          • CNCF submitted our application - we are aiming for as many as possible
          • Have an interesting project and/or can you mentor? Email was sent from Nikhita kubernetes-dev@google.com
        • New contributor workshop
          • Every KubeCon - will be listed in the co-located events section, announced via blog, and kubernetes-dev@googlegroups.com
          • Check out the playlist from the last one in December
          • Onboarded ~200 new contributors last year
          • Also a good way for current contributors to meet new ones
          • The videos are also useful for online new contribs
        • Release Team!
        • Future
          • remote pair programming
          • other new ideas
  • [ 0:00 ] SIG Updates

    • **CLI **(@seans3): SIG CLI Update Slides
    • Subprojects now:
      • missed stuff here (look at slides for more)
      • Kustomize - filling in gaps
    • Current work:
      • extension mechanisms like plugins and dynamic commands
      • moved kubectl outside of kubernetes/kubernetes
      • declarative management of apps with kustomize
      • plus server-side apply, which will support “diff”
      • merged their charter
    • More about plugins
      • now beta!
      • plugin is binary prefaced by “kubectl-”
      • new repo is kubernetes/cli-runtime, including plugin stuff
      • see Seattle SIG-CLI deep dive
      • working on krew, early stages as plugin manager
    • dynamic command extensions
      • want to make "kubectl create " work, which is data-based
      • just starting work on this now
    • Moved out of core
      • kubernetes/kubectl
      • pkg/kubectl will move to a staging repo
    • Better declarative workflow
      • kustomize will merge into kubectl
      • lets you alter YAML doing kube-aware patching
      • see KEPs, kubernetes-sigs/kustomize
      • server-side apply supports intelligent “diffing”
    • New charter:
      • extra roles, Emeritus Lead and Test Health Manager
    • Sending out a survey to kubectl users about features soon
    • UP NEXT WEEK: NODE, CLOUD PROVIDER, AND API MACHINERY
  • [ 0:00 ] :mega:Announcements :mega:

  • [liggitt] All hail @dims for running the 0-length flake to ground

  • [coderanger] Shoutout to the whole ZH docs translation crew, and a special mention for Adam Dang as putting in a ton of work! In total the team has merged 444 PRs over the past two months of Chinese translation!

  • [spiffxp] shoutout to @akutz for stepping to take notes for sig-testing’s weekly meetings, we go a mile a minute and it’s much appreciated!

  • [spiffxp] shoutout to @nikhita for moving the kubernetes project values to kubernetes/community for more exposure (https://github.com/kubernetes/steering/pull/88) and improving our WG docs generated from sigs.yaml (https://github.com/kubernetes/community/pull/3069)

  • [nikhita] Shoutout to @mspreitz for adding lots of details to the code-generator conversion-gen docs! https://github.com/kubernetes/kubernetes/pull/71821

January 24, 2018

  • Moderators: Jorge Castro [SIG Contributor Experience]
  • Note Taker: Bob Killen
  • [ 0:00 ]** Demo **-- Tracing Pod Startup in Kubernetes – David Ashpole (@dashpole) (confirmed)
    • Link to slides
    • Intern Sam did all the work (@Monkeyanator)
    • Latency problems in Kubernetes are hard
    • current tools don’t cut it: events, logs, latency metrics
    • distributed tracing helps solve these problems
    • Uses OpenCensus - Open Source vendor agnostic tracing library
      • can push to other tracing backends such as zipkin
    • Very easy to configure on top of Kubernetes
    • Adds annotation to pod and can follow all events related to that pod across Kubernetes by referencing that annotation
    • Very useful for debugging complex problems that span multiple components
    • Future:
      • pass trace context through downward api into containers
      • add trace mechanisms to other Kubernetes objects and CRDs
      • Trace other object processes e.g. object updates and deletions
      • Link form spans in trace interface to logs (needs context-aware logging)
    • KEP is in review
    • Link to repositories:
  • [ 0:00 ]** Release Updates**
  • [ 0:00 ] SIG Updates
    • SIG Leads, check out this set of recommended topics to cover during your update
    • Slide template if you need it
    • Please also check the SIG Update Schedule!
    • SIG Node [Dawn Chen] (confirmed)
      • Revised SIG Scope
        • Kubelet and its features
        • Pod API and Pod behaviors (with sig-architecture)
        • Node API (with sig-architecture)
        • Node controller
        • Node level performance and scalability (with sig-scalability)
        • Node reliability (problem detection and remediation)
        • Node lifecycle management (with sig-cluster-lifecycle)
        • Container runtime
          • Proposed new container shim api with containerd community
          • Important for working with Windows
        • Device management
          • More collaboration with containerd community
        • Image management
        • Node-level resource management (with sig-scheduling)
        • Hardware discovery
        • Issues related to node, pod, container monitoring (with sig-instrumentation)
        • Node level security and Pod isolation (with sig-auth)
        • Host OS and/or kernel interactions (to a limited extent)
      • Accomplishments in v1.13
        • RuntimeClass - multi container runtime support
        • efficient heartbeat for scalability (alpha)
        • better windows support
        • process namespace sharing promoted to beta
      • Q1 Updates
        • graduating / promoting features to next phase
          • efficient heartbeat - beta
          • runtimeClass - beta
          • node OS/arch labels to GA
          • HugePages - graduated
        • Improve node-level isolation: pids, userns, disk quota
        • work with sig-windows to promote windows node to GA
        • in-place pod resource updates
        • cpu/device co-scheduling
        • improve debugging at node level
    • SIG API Machinery [David Eads] (confirmed)
      • Last Cycle
        • CRD webhook conversion - alpha 1.13
          • Please test it, looking for more testers to ensure it covers all use cases.
        • Dynamic typed informers and listers - 1.13
          • Should make it easier to build dynamic controllers
      • Pans for upcoming cycles
        • path for admission webhooks to GA
          • need to finish KEP
        • Server side apply - alpha
        • Storage migration tool
        • Deprecating swagger.json (not the “normal” openapi)
        • Deprecating initializers, never made it past alpha
        • Investigating API request fairness
          • looking for comments on design proposal (insert link here)
  • [ 0:00 ] :mega:Announcements :mega:
    • [spiffxp] Nikhita Raghunath (@nikhita) has joined the GitHub Admin Team

      • Huge thanks to Garrett Rodrigues (@grodrigues3) for his time on the team
    • [spiffxp] Next week’s Steering Committee meeting: we’re going to try doing it publicly, stay tuned for details

      **:clap: **Shoutouts this week (Check in #shoutouts on slack) :clap:

    • Aaron Crickenberger would like to thank:

    • Arambé Alarcón has hosting facilities in Mexico City, would like to start hosting a k8s meetup group.

    • Henning Jacobs is collecting a list of Kubernetes Failure Stories.

    • Call for demos for this call, see the top of this document if you’re interested in giving a demo.

    • Also if you want to guest host this meeting, ping @castrojo or @paris

    • #talk-proposals on slack - Place for people to discuss CFPs, talks, share stories and techniques, get peer reviews, etc.

1 Like

January 31, 2019

February 7, 2019

February 14, 2019

Sorry this one is late!

  • Moderator: Jeff Sica, SIG UI
  • **Note Taker: **
  • [ 0:00 ] Demo: Kube-service-exporter: A way to bring your own load balancer to balance across multiple clusters, using consul - Guinevere Saenger, GitHub
  • Release updates:
    • marpaia (confirmed)
  • **SIG Updates: **
  • Announcements:
    • **Slack update: **we are only manually inviting contributors who need access for now until we hear from Slack. If you are in a SIG and have a member that needs access, Ping in #slack-admins and an admin will DM you for the email. Consumer traffic is being routed to discuss.kubernetes.io.
    • Kubecon Shanghai CFP ends at 11:59PM PT, February 22, 2019
      • SIG Deep Dives/Intros due:
    • **Shoutouts (see slack #shoutouts) **
      • nikhita - Figured this makes a good shoutout too! @spiffxp @pwittrock :smile:
      • dbhanushali (The-Wall)- In no particular order @krzyzacy (seen) @amwat (Amit) @cjwagner (Cole) @ixdy (Jeff) @bentheelder (Been). shoutout for their assistance in test-infra release task automation
      • spiffxp - Shoutouts to @coderanger @mrbobbytables and @kbarnard10 for putting together and posting Runc and CVE-2019-5736 - Kubernetes so quickly
      • nikhita - shoutout to @mrbobbytables and @justaugustus for handling new member requests in k/org in such a timely manner! It feels like there are at least 4-5 requests every day and they still manage to get to each of them, while simultaneously doing so many other things for our community! :100:
      • paris - thanks Jeff for hosting this call in my absence at the last minute. True team player!
      • mrbobbytables - shoutout to @zacharysarah, sig-docs and everyone involved in kick starting the french translation efforts! @sieben @Aurelien Perrier @lledru @yastij @smana @rbenzair @Jean-Yves Gastaud and the others I don’t have slack handles for but heres github: awkif, abuisine, rekcah78 and erickhun
1 Like

February 21, 2019

February 28, 2019

  • Moderators: Chris Short [SIG ContribEx]
  • Note Taker: Bob Killen
  • [ 0:00 ]** Demo **-- Feb 28 - Kubernetes Policy Controller with OPA/KPC - Dave Strebel strebeld@gmail.com (confirmed)
    • Gatekeeper project and Kubernetes policy controller merged to become Open Policy Agent (OPA) Gatekeeper.
    • OPA - General purpose policy engine using declarative policy language (rego)
    • Focused on protecting the Kubernetes API
    • Augments Admission / Authorization and Audit capabilities of Kubernetes.
      • Adds more granular policies and can mutate requests.
    • Partially backed by CRDs, working on full configuration through CRD.
    • Can audit current environment against policies without enforcing policies.
    • Examples:
      • Can enforce policies such as images must be pulled from specific registries.
      • Can add additional annotations on matching criteria.
    • CNCF Blog
  • [ 0:00 ]** Release Updates**
    • Current Release Development Cycle [Aaron Crickenberger - Release Manager] (confirmed)
    • Upcoming milestones:
      • **Docs Placeholder PRs Friday March 1 **(week 8)
      • Code Freeze Thursday March 7 (week 9)
        • **Reminder: **No code slush leading to freeze.
    • Enhancements
      • https://bit.ly/k8s114-enhancements
      • Are you sure you are ready for your enhancement to land
      • Do you have tests our CI signal team can use to confirm your enhancement is working
      • 14 enhancements at risk
    • CI Signal
    • Release notes should well…be about the release.
    • Patch Release Updates
      • x.x
      • y.x
  • [ 0:00 ] Contributor Tip of the Week
  • [ 0:00 ] SIG Updates
    • SIG Leads, check out this set of recommended topics to cover during your update
    • Slide template if you need it
    • Please also check the SIG Update Schedule!
    • SIG Cluster Lifecycle [Tim Allclair and Robert Bailey] (confirmed)
      • kubeadm v1.14
        • p0 - working on better test automation
          • starting to use KinD as a tool to replace kubernetes anywhere
          • upgrade testing
        • p1 - improve HA lifecycle
        • p2 - improve join action
      • cluster-api
        • Plan to release v1alapha1 around the v1.14 release
        • Added support for cascading deletion
        • Improve machine object deletion
        • NEED testers
      • minikube
        • v0.34 update released
        • Working towards a v1 release in March
      • Kops
        • upgraded to etcd3
        • working through current CVE issue
        • building roadmap for cluster-api
      • KinD
        • Offline support
        • Upgraded to v1.13.3
        • Goal: Use KinD to replace local cluster-up
      • PSAs
        • Component config working group started
        • Working on addon management
          • CRD lifecycle
      • Upcoming planning session.
    • SIG OpenStack Chris Hoge
      • Slides
      • Moving in-tree provider from kubernetes/kubernetes
      • Working on building better deployment tooling
        • Magnum - integrated K8s deployment
        • Self service through Kops
        • Cluster-API implementation for OpenStack cloud and bare metal.
      • Bare Metal Cluster-API implementation will use ironic with multiple deployment options:
        • Standalone single tenant
        • Integrated, multi-tenant with cloud-link services.
      • Kops OpenStack provider is alpha
      • Plan to work closer with CNCF regarding CI/CD testing and working closer with sig-testing.
    • SIG Auth Mike Danese
      • Slides
      • Working on roll out of better service account tokens
      • Dynamic auditing with per sink policy
      • Refining approach to the different policy types in Kubernetes
        • Dynamic admission ecosystem including a general purpose policy engine (e.g. OPA)
        • New domain-specific policies: scheduling and images
        • rethinking PodSecurityPolicies due to usability issues
      • Improve API Server authentication
        • dynamic webhooks have become popular, need a better way to authenticate the api server as a client.
        • Webhooks can accept sensitive data and return sensitive data, need to identify the caller
      • Organization:
        • Identified and defined subprojects and TLs.
        • More proactively engage with subprojects
        • Absorbed wg-container-identity.
  • [ 0:00 ] :mega:Announcements :mega:
    • We’re in need of more slack moderators, apply here and click the moderator request button.
      • Must be a k8s org member already
      • APAC and EU moderators needed the most
    • Shoutouts
      • Akutz - Major #shoutout to Katharine Berry (@Katharine) for fixing a UX bug within just a few hours of me mentioning it - https://kubernetes.slack.com/archives/C09QZ4DQB/p1550863111161400. Ain’t no service like SIG-Testing service, cause SIG-Testing service don’t stop!
      • spiffxp - shoutout to Thomas Runyon (@runyontr) for https://github.com/kubernetes/kubernetes/pull/72939 allowing us to run eg: make test-cmd WHAT=deployment to run just the the deployment cli tests, same sort of thing you can do with make test and make test-integration
      • bentheelder - shoutout to @gsaenger for writing a wonderful new message for the welcome bot! looking forward to seeing this in more places - (https://github.com/kubernetes-sigs/contributor-playground/pull/229#issuecomment-466711312)
      • bentheelder - Shoutout to @jeefy for the really shiny and useful looking structured Kubernetes release notes viewer demo in today’s #sig-release meeting, looking forward to seeing more about this!
      • Maria - shoutout to Silvia Moura Pina (@smourapina) for putting together a workflow to enable the CI signal subteam of the release team keep on top of flagging issues from e2e tests and coordinate follow-ups and to Jorge Alarcon (@Jorge) for spotting an opportunity to offer broader transparency to what the CI signal team is working on, suggesting a structure and kicking off implementation (find current version at https://github.com/orgs/kubernetes/projects/11)
      • spiffxp - shouts to Josh Berkus (@jberkus) for taking notes during today’s steering committee meeting, our google doc clearly becomes way more difficult to use with so many people looking at it, and the written record is invaluable
      • spiffxp - shoutout to Katharine Berry (@Katharine) for moving us from gubernator to spyglass for all of our test result viewing needs! https://git.k8s.io/test-infra/prow/spyglass
      • codenrhoden - Shoutout to Michelle Au (@msau42) for her patience and helpful guidance in getting a very large PR merged!
      • @strebel - @jeefy and @onyiny-ang for all their awesome work on the Release-Notes team for 1.14. Especially @jeefy’s work on the Release-Notes website concept
2 Likes

March 7, 2019

  • Moderators: Chris Short [SIG-ContribEx]

  • Note Taker: Bob Killen - University of Michigan

  • [ 0:00 ]** Demo **-- Argo CD — Enterprise scale open source GitOps solution to deploy 100s of apps in prod - Jesse_Suen@intuit.com & Alexander_Matyushentsev@intuit.com (confirmed)

    • Slides
    • https://github.com/argoproj/argo-cd
    • Collection of controllers and tools for workflow processing.
    • Well known for their batch job engine
    • Supports SSO via dex
    • Has “GitOps” style workflow capability by auto-syncing with git repos.
    • Has built-in health checks for native kubernetes objects for use with deploying.
      • Can add custom checks via lua checks
      • Can rollback in the event of a degraded deployment
    • Has pre and post sync hooks that can be used to inject custom logic
      • Useful for db migrations etc
    • Emits events for auditing along with full prometheus metrics
  • [ 0:00 ]** Release Updates**

  • [ 0:00 ] **Contributor Tip of the Week **[Jorge Castro]

  • [ 0:00 ] SIG Updates

    • SIG Leads, check out this set of recommended topics to cover during your update
    • Slide template if you need it
    • Please also check the SIG Update Schedule!
    • SIG IBM Cloud [Sahdev Zala and Richard Theis] (confirmed)
      • Slides
      • Last Cycle
      • Upcoming Cycle
        • Move internal cloud-provider repo public
          • Refactor to use cloud-controller manager design
          • Working on internal build process changes
    • SIG Service Catalog [Jonathan Berkhahn] (confirmed)
      • Slides
      • Last Cycle
        • Continued work on namespaced resources
        • Began work on transitioning to CRDs
      • Upcoming Cycle
        • Namespaced resources
        • Move to GA
          • CRDs
          • Bug fixes
        • Finish moving tests to prow
        • Recruiting new contributors and maintainers
  • [ 0:00 ] :mega:Announcements :mega:

    :clap: Shoutouts this week (Check in #shoutouts on slack) :clap:

  • Aaron Crickenberger: shouts to @oomichi for his continued review of kubernetes/kubernetes test/e2e PR’s, he’s helped land over 30 PR’s this release cycle (including some conformance tests)

  • Lachlan Evenson: shouts to @bentheelder @munnerz and the kind team for all the great work that’s gone into the kind tool and docs. It’s radically changed my inner loop for testing code changes in Kubernetes. Thanks!

  • Lachlan Evenson: shouts to @claurence for being an awesome enhancements lead on the 1.14 release team. She’s taken the time to coach all the shadows and has been diligently grooming the 33 features in the hopper for 1.14. Cheers from your fellow enhancements shadows!

  • Paris Pittman: Thanks to our upstream mentoring panelists on #meet-our-contributors today!! @mike.splain @carolynvs @dims @directxman12 @a_sykim

  • Dims: Thank you to the #meet-our-contributors hosts always excellent hosts @paris and @jorge!

  • Chris Short: Thank you to @mrbobbytables for stepping in to take notes the past two Kubernetes Community meetings. I really appreciate it! :khanparrot::khanparrot::khanparrot:

  • Nikhita: shoutout to @jeefy and @Katharine for https://twitter.com/spiffxp/status/1103717028232290305

2 Likes