Try   HackMD

Hello,

TL;DR

  • Zoom will require passcode or waiting room enabled by September 27th
  • Passcode was chosen as our current practices are good enough and waiting room isn't practical
  • Set the passcode to your meetings to be: 77777
  • Update sigs.yaml, notes, and calendar invites with new zoom link once passcode is set.

Zoom is inacting some changes that you should be aware of. On September 27th, Zoom will force all of our meetings to use a waiting room OR a passcode for people to enter. The bad news is we all need to update our meetings, and for most of them, it's something that each SIG must do on their own, as their SIG account.

After much discussion, we've come to the conclusion that setting a passcode for all our meetings is better than making each SIG lead have to login and manage a waiting room. Our current moderation practices have let us hold meetings in the open with minimal risk to zoom bombings or trolls. The passcode should pose little to no change from the current practices outside of updating the links and docs.

To make sure we're consistent across the project we've decided to set one common passocde. - 77777

We've bikeshedded 77777 (Five sevens) as the passcode to set for all K8s meetings. Please add this information to your SIG Meeting notes AND calendar entries, and sigs.yaml so that when new members want to join it's obvious that they need the common passcode.

If you do NOT set a passcode, then starting from the 27th, your meeting will have a waiting room enabled. This means you must first login as the zoom account to start the meeting and will then have to manually allow people in during the call. This is incredibly annoying to do while running a meeting so we recommend setting the passcode before then.

Here are the instructions for what you need to do:

  • Login to https://zoom.us with your kubernetes-sig|wg|ug-foo-leads@googlegroups.com account
  • Goto Meetings
  • For each meeting, press Edit, and then specify Edit All Occurrences
  • Scroll down to security, and select the Passcode checkbox
  • Set the passcode to: 77777
  • Save the meeting.
  • It will return you to the updated meeting event, copy the meeting invite link and update your calendar entries, docs, and sigs.yaml with the new link.

For those wondering what this means for our security posture, the current model of host/co-host having super powers has been working well for us over the past two years, that part doesn't change. However we felt that having SIGs assigning their own passcode and documenting it, in addition to keeping track over SIG lifecycles would be complicated and error prone, so we chose the lesser evil of 77777.

Last changed by 
Kubernetes
Production grade container orchestration, made with love
0
328

Read more

Lessons Learned from 3 years of Kubernetes Office Hours

Date: 23 August 2020 Authors: Jorge Castro (VMware), Josh Berkus (Red Hat), Chris Carty (Google), Dan "POP" Papandrea (Sysdig), David McKay (Equinix Metal) Today we celebrate three years of the Kubernetes Office Hours. This is a monthly event where we take a panel of volunteers, stick them on a live stream, and then see how many questions we can field from the community. I started the show for one reason. I had recently started my Kubernetes journey and was learning all these new concepts while rewiring my traditional sysadmin brain to be more cloud native. So the idea was if I'm going to dig into this stuff and bother my new coworkers with silly questions, we might as well do it together and on the air to share our experiences and do it in a way that is fun and useful for others. Give away some tshirts, fame and fortune would surely follow. After 65 episodes we've decided to take a look at some of the more common problem areas that we've been tackling, and put together a quick summary for you on things where you might want to invest your attention. You will find many articles on "Top X things to know about Kubernetes". We've specifically avoided those and went back into our archives because what people think you need to know and what you actually need to know can be different.

Mar 18, 2021
Office Hours Feb 2021

EU Edition Panelists Person: Andrew Question: We're writing a controller with controller-runtime, and trying to use the Generation/ObservedGeneration pattern to avoid reconciling if there isn't any change (not using the predicate provided by controller-runtime for that purpose yet though). My question is how can that work with the possibility of a stale cache? When we write the ObservedGeneration to the Status of our CR, it triggers another reconcile immediately, but in some cases, the cache is stale and the CR it "Get"s still has the old Status, and therefore the old ObservedGeneration. What is the recommended strategy of dealing with this? Thanks! Person: Simone Baracchi Question: I'd like to configure my small cluster as "highly available" with no single master / single point of failure and make the best use of all the cluster resources. My current plan is to make 3 nodes run as masters and be able to schedule pods on the masters. From my research the issues in doing so are 1) security issues about sensitive data on master which could be read from malicious pods and 2) pods competing for resources (especially in case of a node failure). I'm not too concerned about security atm, and I can think of limiting the max number of pods / resources used. Is there any other red flag in doing so? Person: Jesper Berg Axelsen

Feb 17, 2021
Contributors Awards Ceremony Playbook

awards/ README.md -- list of everyone playbook.md Kubernetes has a tradition of yearly peer awards. These are commonly handed out during the end-of-year Contributor Summit. The CNCF typically has awards as part of KubeCon + CloudNativeCon, the Kubernetes awards are a compliment to those, and are meant to be peer awards. Ideals and Values Typically each SIG will nominate two(2) recipients for an award.

Feb 12, 2021
Office Hours January 2021

EU Edition Panelists Rachel Leekin, Chris Carty, Dan POP Papandrea, Saiyam Pathak Person: Mostafa Elmenbawy (https://kubernetes.slack.com/archives/C6RFQ3T5H/p1609991530274100?thread_ts=1607960423.257700&cid=C6RFQ3T5H) Question: What is recommended for on premise production cluster spanning multiple hosts? Answer:

Jan 20, 2021
Read more from Kubernetes
Published on HackMD