Date: 23 August 2020 Authors: Jorge Castro (VMware), Josh Berkus (Red Hat), Chris Carty (Google), Dan "POP" Papandrea (Sysdig), David McKay (Equinix Metal) Today we celebrate three years of the Kubernetes Office Hours. This is a monthly event where we take a panel of volunteers, stick them on a live stream, and then see how many questions we can field from the community. I started the show for one reason. I had recently started my Kubernetes journey and was learning all these new concepts while rewiring my traditional sysadmin brain to be more cloud native. So the idea was if I'm going to dig into this stuff and bother my new coworkers with silly questions, we might as well do it together and on the air to share our experiences and do it in a way that is fun and useful for others. Give away some tshirts, fame and fortune would surely follow. After 65 episodes we've decided to take a look at some of the more common problem areas that we've been tackling, and put together a quick summary for you on things where you might want to invest your attention. You will find many articles on "Top X things to know about Kubernetes". We've specifically avoided those and went back into our archives because what people think you need to know and what you actually need to know can be different.

EU Edition Panelists Person: Andrew Question: We're writing a controller with controller-runtime, and trying to use the Generation/ObservedGeneration pattern to avoid reconciling if there isn't any change (not using the predicate provided by controller-runtime for that purpose yet though). My question is how can that work with the possibility of a stale cache? When we write the ObservedGeneration to the Status of our CR, it triggers another reconcile immediately, but in some cases, the cache is stale and the CR it "Get"s still has the old Status, and therefore the old ObservedGeneration. What is the recommended strategy of dealing with this? Thanks! Person: Simone Baracchi Question: I'd like to configure my small cluster as "highly available" with no single master / single point of failure and make the best use of all the cluster resources. My current plan is to make 3 nodes run as masters and be able to schedule pods on the masters. From my research the issues in doing so are 1) security issues about sensitive data on master which could be read from malicious pods and 2) pods competing for resources (especially in case of a node failure). I'm not too concerned about security atm, and I can think of limiting the max number of pods / resources used. Is there any other red flag in doing so? Person: Jesper Berg Axelsen

awards/ README.md -- list of everyone playbook.md Kubernetes has a tradition of yearly peer awards. These are commonly handed out during the end-of-year Contributor Summit. The CNCF typically has awards as part of KubeCon + CloudNativeCon, the Kubernetes awards are a compliment to those, and are meant to be peer awards. Ideals and Values Typically each SIG will nominate two(2) recipients for an award.

EU Edition Panelists Rachel Leekin, Chris Carty, Dan POP Papandrea, Saiyam Pathak Person: Mostafa Elmenbawy (https://kubernetes.slack.com/archives/C6RFQ3T5H/p1609991530274100?thread_ts=1607960423.257700&cid=C6RFQ3T5H) Question: What is recommended for on premise production cluster spanning multiple hosts? Answer:

(TODO: We need a derived version appropriate to send to cncf-maintainers list) Sub: You're invited to the Kubernetes Contributor Celebration in one week! TL;DR we would love to have fellow cloud native contributors to join in the fun. Register now to be the first to join our Discord and we'll see you next week! https://forms.gle/51tqQgxuHxLaeU1P8 The Kubernetes community would normally celebrate this year by meeting in person, and that's not in the cards for us. So we decided to throw something fun online. With a change of venue, and with a lack of physical room limitations there’s no reason we can’t grow this to include all our friends and family! All we ask is that you register for logistical purposes. Here's the overview:

SUBJECT: [ANNOUNCE] Kubernetes Contributor Celebration Dec 10-13th Hey there everyone, The Contributor Celebration is on! We have a snazzy new website with the event info: Event info: https://k8s.dev/celebration Registration: https://forms.gle/51tqQgxuHxLaeU1P8

https://github.com/kubernetes/community/issues/4464 [ ] Review old survey github issues from past surveys [ ] Create new umbrella issue for this year's survey [ ] Get old survery information from the SIG Contribex gdrive folder [ ] Copy and rename new gdrive documents for this year's survey

Welcome everyone to today’s Kubernetes Office Hours, where we answer your user questions live on the air with our esteemed panel of experts. You can find us in #office-hours on slack, and check the topic for the URL for the information. Before we begin let’s start by introducing ourselves: (Give each panelist about a minute) Before we start here are the ground rules: This is a Kubernetes event so the Code of Conduct is in effect, please be excellent to each other. This is a judgement-free zone, everyone had to start from somewhere so please help out your buddy by having a supportive environment in the channel. While we will do our best to answer your questions the panel doesn’t have access to your cluster, so live debugging is off topic, but we will do our best to get you moving down the next step. Panelists, you’re encouraged to expand on answers with your experiences and pro-tips.

West Edition Panelists Jorge Castro Derrik Campau Vamshi Samudrala Josh Berkus Question: Hi. I've set up a multi master cluster with kubeadm. Everything is working fine but I want to make some changes to the arguments passed to the api-server. What is the best way to do that? Some suggest changing a config file, some talk about a config map, some mention kubeadm config and some talk about /etc/kubernetes/manifests. What is the prefered way to add arguments to that and do I need to do that on each master individually?

It’s that time of year again! As is now customary, this fall is election season for Kubernetes. This year is an important election as the remainder of the bootstrap committee, which seeded the Steering Committee initially for continuity, will be retiring to emeritus status. Three(3) elected members (dims, spiffxp, timothysc) will stay on for the remaining year of their terms, and there will be four(4) positions open for election. Every election term will be 2 years. We will be posting regular updates to kubernetes-dev with deadlines and instructions as well as providing quick updates during the regular Thursday community meetings until completion of the election. If you’d like to vote or run for a seat, all details and next steps are outlined in the election process doc[3] and voters guide.[4] The voters guide will be the single source of truth of information for this cycle. It will be updated live as new bios of candidates flow through over the next four weeks. Please pay attention to the scheduled dates: 11 Sept - All candidate bios and voting exemptions due - deadline by 5pm PDT 18 Sept - Voting begins - ballots via email

Hello, TL;DR Zoom will require passcode or waiting room enabled by September 27th Passcode was chosen as our current practices are good enough and waiting room isn't practical Set the passcode to your meetings to be: 77777 Update sigs.yaml, notes, and calendar invites with new zoom link once passcode is set. Zoom is inacting some changes that you should be aware of.

EU Edition Panelists Pierre Humberdroz Chris Carty Puja Abbassi Povilas Versockas Mario Loria Thanks to the following companies for lending us these experts: Google, Spectrm, Microsoft, VMware, StockX, Giant Swarm, UW

Draft replacement for: https://kubernetes.io/docs/contribute/new-content/blogs-case-studies/ Scheduling expectations Git knowledge expectations upstream v. product expectations Upstream core v. kubernetes-sigs v. 3rd party thing CNI/CSI/swappable component expectations (I'm leaving out the case study stuff for now and concentrating on the blog stuff)

West Coast US Edition- Cancelled Raffle: Panelists Strebel Dave Vamshi Samudrala Jorge Castro EU Edition

West Side Edition Q: I've got a storageClass that I initially set with ReclaimPolicy=Delete, trying to edit the resource to "Retain" doesn't seem to work, do I need to recreate the class then or am I doing something wrong? A: NerdyShawn https://github.com/digitalocean/csi-digitalocean/issues/126 Q: What approach would you take to a large "jump" update of Kubernetes version? We run bare metal clusters that are still on v1.13.x, and are ready for an update. I recently read a recommendation that clusters should be rebuilt from scratch for situations like this, transferring data with something like Velero. Any other recommendations? A: Tim Hunter

Title: CNCF Member Webinar: How to Conduct a GREAT Live Stream Presenters: Alex Lustenberg (alustenberg at gmail.com), Jorge Castro (jorgec at vmware.com) Abstract Open Source projects are no strangers to collaborating remotely. However, as technology has advanced an explosion of streaming technologies have pushed community interactions into an entirely new dynamic environment. CNCF Projects need the skills to embrace more live-streaming and multimedia based approaches. This webinar is intented to show CNCF Member projects how best to use technologies like YouTube, OBS, and Twitch in order to engage their communities. Expected audience: K8s streaming team, TGIK hosts, CNCF member projects looking to move their meetings to a streaming format. CNCF member projects looking to run their own office hours. Anyone who now needs to be a pro (competent?) at livestreaming.

Panelists: Jorge (Host) Pierre BB Bowei (sig-network, google, prefers june) Manuel (sig-network, containo.us, eu-friendly time ) Application specific questions GRPC: https://stackoverflow.com/questions/60819403/how-to-setup-nginx-ingress-for-gke-grpc. FTP: https://stackoverflow.com/questions/50289736/how-to-access-google-kubernetes-engine-ftp-server-by-filezilla.

Meeting: Weekly Sig-Contribex Update TLDR: Currently the first part of the meeting is all status reports. Let's make that efficient so the meeting is more discussion and less you reading your status report aloud, because that could have been just an email. :D Meeting Purpose: (need to confirm with group) - Discuss work in progress, goals and ideas, using the discussion topics table (see below) to generate more planning and make conversations more interactive - Proposal that this meeting is weekly again, in part to achieve tighter feedback loops Pre-Meeting Preparation Steps First: Prepare the meeting notes doc for the upcoming meeting (by Monday 4pm PST)

West Coast Edition Panelists Jorge Castro, VMware (Host) Samudrala Vamshi, American Airlines Monica Rodriguez, VMware Tunde Olu-Isa, VMware Erik Osterman, Cloud Posse Jeremy Rickard, VMware Dave Strebel, Microsoft

k-dev Sub: Important Zoom information Hi everyone, We've had to make some changes to the global zoom settings to help mitigate the recent increase in "zoombombing". A zoom account is now required if you are using the Zoom web client to join meetings. You can use an existing social account or SSO for this login. If you are using the full client, please try stay on top of the Zoom client updates, they are pushing releases quickly. Those of you on Linux, the upstream RPMs and .debs do NOT auto update, you need to either manually update or use the Flatpak/Snap versions that are being updated by those respective communities.