 Well, hello. Let's give it a couple of minutes. Is anyone else joins. Please add your name to the meeting notes. And any agenda items you'd like to talk about. Right. Let's make a start. I have got a hard stop. I'll pass the hour today, I'm afraid. So, feel free to continue the conversation if I need to drop. Otherwise, I'll try and finish by then. Okay, so looking down the agenda. So holiday period for some of us. No meetings on the 26th or the second. So the next meeting will be on January the ninth, 223. So yeah, the clown native telco days event in Amsterdam. Looks like there needs to be sponsorship in order for that to go ahead. If I've understood correctly. And so, we're trying to gather sponsorship interest for that. And Lucy is coordinating that. So thank you for doing that. Anyone who's got sponsorship leads, please let her know. By close play tomorrow. Is that the deadline from the CNCF? We've seen it. Morning. Unfortunately, the deadline from CMCF is through the holidays. And I'm happy to submit the proposal for him on my last day before the holidays will be Wednesday. Thank you. Okay. Thanks for doing that. So upcoming events. Anything else to add to this other than what's been mentioned before. So we've got MWC. Barcelona connected America. 5G in the edge summit. You can possibly talk today. Okay. Telcos and public cloud summit. Telecom TV thing. Okay. Interesting. And I says. North America. Big party event. Anything else that we should add there to make people aware of. Events and so on. There's a cloud native security con on the. February that CFP is already closed and decided, but people may be interested in. Increasing their security posture and Kubernetes. And it'll be a lot of good topics for people to watch there. Okay. Thank you. Is there any specifics about what the CNCF. This working group is going to do at MCW. Okay. So this is this is more kind of events that might be of interest to the group. I think where we've got something specific happening. We'd call that out in more detail. Okay. So for example, there was a talk. About the CNF certification program. I think at any summit. In the autumn. And that was listed on here is something. Doing something at mobile. Congress is not entirely out of the question, but a lot of that energy disappeared when COVID hit. There was supposed to be a Linux foundation event. The first year that it was canceled. So there is possibility that. I mean, definitely not this, this coming year, but there's possibility that something could eventually happen again, but it would require some concerted effort for people to kick started off again. Probably collaborate with the foundation networking to, to have it make sense as well. And I don't know if those questions are. Are happening at this point. Yeah, understood. There was a. There was a demo of project silver or what is now known as project silver that last year's MWC. Which doesn't really fit in either CNC or LFN. It's kind of separate at the moment. But that could be a potential link for the future. Okay. Let's have a look at PRs. That's good. In a way. I wouldn't expect anything to be open. Today or before January. So it's going to be quite quiet. Yeah. There had been some works the last couple of weeks on the issues and PR. So. Yeah. Quite a few closed recently. So yeah, three merged in the last week. Four in the last two weeks. So there's quite a few issues open. I think. Let's ignore the bottom two for now because they've been open for a long, long time. And discussions. On going. For the rest. Remember, did we close all the issues? Taylor that were linked to. PRs that had been done. Last week. I think we did. Well. We were trying to, but there could be some that are still open. These don't look like the things we worked on last week anyway. So. So there's a bunch of, there's a bunch of issues. I'm. I'm afraid I haven't. Progress this one, which I've been assigned to for a little while. But these top six. I'm not assigned to anyone at the moment. So. If anyone's willing to. Get involved and help. Push some of these forward. That'd be great. Some of them were created while we were working through. And someone mentioned something. I think like that link. One that you're referencing was similar when it was created, but. The new ones were created based on. The feedback. The most important thing I think for us. Going into next year is. Getting, if we're going to get more. Best practices into that. Google doc. I'm sorry, not the Google doc, the Markdown doc for best practices for CNF developers. We need to get through and actually get the content. And the selection that we have those issues, those top ones that was based on. Feedback. That we've been having, I guess, all year because we have all the least privileged documentation and content. And then we have other pieces that we had gone through. That are related to the certification and everything. So those would be the ones where. Love to get help from. The rest of the community. Try to. Complete these. Yeah, I remember now actually this, this was an example of where. It's something that's tested in the test suite. And there is, there is some rationale. Provided in the test suite documentation, but it's not necessarily linked to a best practice. Document. And so it's trying to. Fill those gaps. Okay. Has anyone got any comments. Any concerns, questions about the issues on the screen or offers to be assigned. I can't see who's on the call, so I don't know. There's loads of people or not. Okay. It has ideas about something they'd like to work on that we don't have listed. Please speak up and like, get them in place. Yeah, that'd be great. Currently, there's no other agenda items. Is there anything. Not yet listed that people would like to raise today. I think. So Taylor, we were talking about trying to have a. A regular cadence of. Updates to the documents in terms of new best practices created or. Improvements to the docs. I wonder if we should track. I suppose that's been done in the issues. I'll work out how we can. Make it easier for people to sort of go. This is the sort of thing that's missing. That they can, that they can work on. Sure. Can you bring up the CNF. Developer. Best practice document. Possibly. Which ones that. I think it's under the docs directory. Robbie. Robbie had originally created that one. Yeah. See this one. That should be now linked from the front read me. So. This should be a place where folks can come to and. You know, eventually see here are the. List of best practices. Within the categories. That they can find and then. You know, click and go into each best practice. I think is where we were headed and. Should make it easier for. People that are looking to adopt or understand. What's out there. Yeah. The, as far as getting. Communicating, what are we trying to do? We want to. We want to get a list of published best practices. And then how can people help. Any practices that we could put in the categories would be the high level. And then. We could tag potentially tag issues with. Add a tag on, on issues that are indicating. That we want help. I don't know if it's. You can, there's stuff like. You know, best first issue or good first issue, not best good first issue and other. There's other things on GitHub that are common to indicate. Here's a place to get started. But we could look at something like that. And then the other thing we could think about would be. The GitHub milestones. If we want to do something like. We could add those. If we want to add those. If we want to add those. If we want to add those in this document. Within a timeframe. Like Q, Q one. End of Q one have some number of best practices. And if. If we add those. If we do a milestone, you can add. Issues into the milestone. We could actually add the ones that are. The ones that are good. And then go, okay, here's a set. And then someone could. You could go in and go, here's the current milestone that we're trying to do with the due date. So this Q4. Last year. Right. Yeah. I think, I think using the, using the labels and milestones would be good. It's there in the tool already. And just gives us a good way of viewing. Yeah. What we could be doing in the next three months. Yeah. Okay. Does anyone else have any thoughts on how. How to make it easier. To get. Folks involved. I mean, we have a lot of expertise out there. And. Including folks on this call, but right now. We have a lot of, you know, We have a lot of people. For your colleagues that might. Be willing to contribute and have. Experience in some area. It doesn't have to be the best practices that we list, but everyone's. Solving problems. You know. In your day work. And the ideas to share. Those practices that we've found. You know, we go, this is a good idea. We should do this sort of thing. Does anyone else have any ideas or input. On making it easier to contribute or making it visible where. You could contribute or step in. It's tricky. I found in the past. Just asking people in internal to vote phone. That. Unless the request is kind of clear and concise and well packaged. It. It doesn't really get done. Yeah. So it needs that kind of. It needs that initial bit of effort to. Define it. Quite well. In order from. You know, then I can go and talk to the expert of that thing. You know, whatever it might be. And, you know, that's probably something they've already got content. Or could produce content quite quickly for. But I don't think people yet. Are feeling able or. Willing. Probably the former. Just because of resource pressures to spend the time. Doing that initial discovery and definition work. Which is. I know not really a solution, but. Kind of thinking out loud about how we might address it. Yeah, I kind of, I agree with what Tom just said is that. I think. Defining kind of the goal of that milestone. Of. What were what we would be asking for people to contribute. Clearly defining that I think. Is going to help. Get people involved. Because I think that way, like Tom just said, we can go back to. People on our team and say, okay. You know, in Q1, we want to fill in these sections. And our, and, and. I think we can go back and allocate the resources internally to be able to help support that. But without that clear definition, it's, if it's kind of open in, and it's tougher because other people, you know, everybody had their day jobs kind of situation. Right. Thanks for the feedback. I have an idea on. Making things a little bit more defined. Before that, though, let's finish what you're doing, Tom. And put at least a. This can be like a draft or whatever milestone if we want, but. In the title, I would say. 2023 Q1 best practices. Make it. Yeah, space after. Yeah. And, and then. Yeah, we can say. I mean, I, it seems like a low. Goal would be three best practices. Ideally. In Q1, if we, if we're only doing one a quarter, then. It's going to take forever to. Have. Yeah. That document at some, some level that's useful. But if we could get three in the first quarter, which is harder with the holidays and getting started, then maybe we get enough momentum to. Get some more in the next few quarters. Yeah. We've got to set some. A goal of something. Yeah. See where we get to. So. Go ahead and I guess just save that and then. Go to one of the tickets that is a best practice proposal. All right. And then. If you look at this, it's probably just based on what you're saying, it may be. And rich and, and you both Tom, it seems like this might be too vague unless you're already. Doing this one's about configuration declarative configuration. And. If you're already working on that, then it may jump out to you. Yeah, this is a good idea and I can help. Otherwise it might not be as apparent. One thing that we could do to help people along. Would be to take different sections. And then we could have. But the best practices and leave them like put it in the issue and have it. I guess blank, but say, here's this, here's the parts that we need. We need someone to write a summary. Go ahead and go to one of the best practices is probably an easier way to talk. So we need a summary. So if we have something. It's kind of, I guess, a template. There's no way to, unless you're a, have the correct edit or the high edit access to a repo, then you can't go edit comments. So I'm trying to think of how you could do this. I don't think. I don't know if. Not everyone is going to be able to go add to the description, but ideally this would be like a form. And as you fill it out, then people are going to see, okay, this is done, this is done, this is done. But what could happen is if we have, maybe we add that into the description area. And then. We're going to go ahead and go ahead and say, we're going to add this header for each section and then say. This, this section needs to be filled out. And then as someone adds a comment. Here's a summary or whatever, then we could keep updating the description. I don't know something to that effect so that we have. Here's an area. Here's the best practice proposal that we need to help on. And then. I go from there. We can also do it as. You know, it could be a Google doc that's linked and we fill it in that way. That would be the other. Another option. Yeah, or we could use the wiki or. I think. Are you describing something within the issue? So. I click on, you know, new issue. You know, if it is a new best practice and then in here, there's the sections that you were talking about. And people can start to add to them. If you're not already familiar with. The other best practices or the process, then you may not. So we could think about. We could create an issue template quite easily, which just use it has those sections as. The contents of what becomes the initial comment in the issue. Yeah, that sounds good. And thanks for the link. Lucina. So. Yeah. Great minds. Because I've seen that used in other, in other sort of similar. Things where. We then get a fairly consistent issue. First comment, which is helpful. Right. And then anything else could be left blank. And I would say if. It might be good. I mean, anyone opening these and trying to contribute, you know, if you have your own workflow and stuff, happy to have whatever you're going to contribute. But to help with. Folks who don't know where to get started, then. You know, doing the template. And then so Tom, you created this one. And then. Maybe if. If you create a Google doc or a. HackMD or something that's. Yep. We can keep modifying and has version history. I mean, Google doc you can do. You could create a Google doc and then. You can create a Google doc. You can create a Google doc. Not editable, but comments for anybody. And then, you know, of course, give edit to whoever you think is safe, but if we're going to drop a link in here, then you can drop a link to the Google doc. And people can just start adding. And then we just roll that back in. That can also be done with a hackMD. But either, either way. You know, I'm going to let some see some of the content that you've already said. You know, here's some ideas. Maybe you do the summary or, you know, whatever you feel. Whatever parts that you're ready for. Whenever it's created. Yeah, it makes sense. I'll do that for that top one. I do need to drop now. But yeah, I will do that for the issue. We had open there. 244. See how that works for people. Sounds good. Hopefully that helps rich. With folks to get started. And thank y'all so much. Sorry, sorry for cutting short. No worries. Talk to you in general. Yeah. So I saw in chat of Victor. Did your. Get a response. To the open networking. Yeah. Yeah. That's curious. What type of. Hi to kind of common focus. So it's one of what's the relationship between the. This effort and that foundation. Yeah. So there's several different orgs out there that are, you know, related cloud computing, I guess I could say. And. In different ways. So. We've been trying to reach out. And really over the. The last several years as. When San C.F. created the talk on initiatives originally. Trying to reach out and collaborate with different folks. I think Frederick you've been engaged some with the open networking. Directly. And the past. That was quite a while ago. Yeah, I've not been as engaged in any of the communities as much recently, but yes, there were. There were engagements. Yeah. So it's been off and on and Frederick is. As part of. A CNCS sandbox project called network service mash. As well as other work that he's in. And we've had some folks from the ONF. Join like the talk of music group and different things over the years, but it's all I'd say the organizations keep. You know, moving around its fluid. And so. If you have anything specific where you think. This is a mutual interest, like there's overlap or complimentary work. Victor. Then please let us know. Yeah. To help with. To help with the ONF relationship itself. So if I recall properly, that's primarily operator. Operator led, but there is also heavy vendor involvement. So part of the reason I'm not, I was not as involved as much now and was that at the time I was in neither an operator nor a vendor. So it was. The rules and engagement made it very difficult for me to contribute myself. But that being said, that they do rely upon several of our. The C and C F and Linux foundation technology. So for example, things like Kubernetes have heavy usage in it. You have things like. Tanks and fabric. That's that is. That's sold into it through, and through at least one major vendor. Then there's also projects like magma and similar, which I would not surprise me. But I think there's a lot of, you know, there's a lot of things that are set up in, in those particular areas. Plus the broad ecosystem that Kubernetes itself brings into. Brings into the, into the space. So definitely. So even if there is not a direct, like this group talks to that group, there's still some form of collaboration that occurs between the different organizations, even though the collaboration may be more. Maybe more indirect. Quite a few open source. Projects itself. So there's. And including like DPDK would be a. One point that's you see tied across many foundations, but. As a layer, but. Did you have anything specific Victor? No, I just used to work for telecom now. I actually want my friend is. He's a. We're volunteering in. Most is the on F and the CS benchmark. The community. So that's why the, the, the. The question that was. Posted earlier about like security best practice. Sounds like that's something I will go back and talk to him and. You know, talk to him about how that overlap in what they're trying to do. Yeah. Would love to. Share and collaborate on best practices. And try to. Especially anything that's if it's agreed on in multiple communities, then it seems like something that we should. Be putting forward for adoption. And a lot of what. C and CF does. It would be. Upstream. First layer. Usage for best practices and technology that then other projects build on. So that's encouraged. So I think there's. Definitely places where we can collaborate. He also did. He's part of that. Contributing to the CS benchmark. What's called. What is called. Yes. Community. Community driven. Center for security. So that's, that's what. The security. Like. There seems to be. What. Come here. Yeah, so. I'll talk to you and see whether it's any. Well, I think it's. Sounds great. Does anyone have anything else? So. In terms of CIS, my understanding is that there is a CIS benchmark for Kubernetes and very likely. It would surprise me if we were not involved with it in the. Tag security group. And there's also a SIG security and the Kubernetes project itself. If you're interested on security side. I would definitely recommend having a conversation. With at the very minimum, the. The tag security. As well as this particular group. And I think. There was some initial discussion and interest between this group and tag security and trying to find places where. They could collaborate with each other. So. If. If that's an area of. Of interest to you. It's, it's not. It's not really an issue of their being having to build interest. It's more an issue of. Of resources and people to. To take it on who. Who want to make that commitment. So that's something you're. You're interested in trying to find. Definitely could use the help there. I'm actually talking about SIG and tag. I'm like near to. Still, so. I know tag is usually on the foundation level. SIG is more on the practical level. So when it comes to security. Is it tag or SIG. There's a tag. I'm not sure there's a. SIG. Security. Both. Both exist. So that's something you're interested in trying to find. Definitely could use the help there. SIG security. Both. Both exist. The, the tag is bound to the. CNCF itself. The SIG security is bound to the Kubernetes project itself. So the scopes are very different. So SIG security itself. We'll generally only look at. Kubernetes security will only look at things that are related towards Kubernetes itself. And the CNCF cloud, the cloud native efforts. If they say that you were to remove Kubernetes from the picture entirely. There are still very large spaces that the CNCF still. Touches upon and has projects that. That. That it's involved with that would still be within. Would still have wide scope. So. So in short, there's, there's definitely. There's definitely overlap between the two, but the scope is set very differently. Okay. There's. You have people that are. In late. They've been leading in, in long time and. And SIG security that are also in tag security. Tag security is going to. Ensure that. The greater. CNCF. And I'll say cloud native ecosystem is covered. So looking at. Individual projects. Looking at workloads. Extending. Kubernetes core. And those sort of things. Versus the more focused efforts of. Kubernetes. SIG security. SIG security. I think it just depends on who. You know, what the focus is. O and F itself has a lot of different projects. It would depend on where their focus is. If you're looking at specific. APIs and. Things around the core of Kubernetes than SIG security might be the most important thing. So looking at the. Workloads and. Greater I would say even like greater networking issues than tag security is a good place, but. I think if you join. If someone joins CNCF tag security and starts going to those meetings, you're going to have references to SIG security. I've seen that in the past. And then once things make it up to like the CNCF. Then you'll have even more overlap. Because they're, they're looking at the effects of. What are the big changes in. Kubernetes as a projects and how does that affect the whole ecosystem? So. It won't hurt to get involved in either place. Or both. Yeah. Trying to figure out what each. Meeting is about. Yeah, I would just say. You know, join them and or look at. You can look at the past. Meeting. The meeting agenda. So they're published for. The SIGs and tags and working groups. Their. Notes meeting and notes and that sort of thing are all public. And the SIGs and tags. And the SIGs are also being, a lot of the, a lot of them are recorded. So you can even go and look at. Published. Recordings that are. They're published to YouTube. Thanks. I gave a link to it, but I'll just call it. Out. Tag security has a white paper. As far as a white paper, there is the Kubernetes documentation with where you'll have direct. Security best practices in the primary. Like Kubernetes project docs. But this. Tag security. Click the wrong one. The, the white paper is. Would be one area where you can go and look and they've. Just. They did an update to the paper. So this has a lot of good content that you can. Go and see if this sort of thing overlaps. All right. Anything else? Right. Our next meeting is going to be January night. 2023. Wish everyone. Happy holidays and. We'll see you next year.