 Hello Hey guys, hey Frederick Hello, I'm guessing people have trouble getting into the the others Hosted I have trouble getting into the meeting. It's another one. I was in progress. So You might be in you might be waiting for that one though. I'll pin them on slack. Yeah, this one was started I've not find The other one actually I got a message early this morning the bed is not feeling well, so I Can take over them. Okay, let's get started. Is there anyone who wants to Talk about what they've been working on for the past week. Yeah, I think I can start Let me try to share my screen just a second. You see my screen Yes, I did Okay last week and now I'm working on updates for the metrics so the general idea is to move from the Cross-connect metrics we have and from a cross-connect API to have a just a pure connection monitor and the events working Just with our unified request close and monitor connections methodology, so the idea is to add show in a protobuf right now in a connection we have a as of Sit yeah of Segments so every segments has tokens and so so general idea is to have Same way metrics and a metric segment so For a connection object. We will have all Possible metrics to be available In periodic update or by request update and To just one problem with it. It could be a lot of metrics for when points and To solve this Additional context metrics context should be introduced to pass the interval parameter Do not send updates too often to the client So if the client do requests it will receive all the metrics Combined from all the endpoints, but if we just a forwarder will send periodic Metrics update it will send Just not so often So if someone would like to comment Just welcome with the API changes and Will be pull requests in this decay I think also to pull request to SDK to just fix the current metrics chain and to introduce To fix a monitoring chain and to fix a metrics chain fix for the Monetories here and today I will add to pull request with a metrics Okay It's all from my side guys As I know from Artiom is working on the wire guard stuff. We will not be able to join today and And as handsome pulls We forgot community and the presentation and then use decay and the current network service mesh Michael yeah, he got a hold of me and mentioned that he was looking at or that he was using the wire guard go implementation and I believe he should be working on as you described moving it from the main network service mesh to the SDK So that's that's all good. Cool. Is there Who's next who would like to talk about what they're what they've been working on I can say what I'm doing now this is yeah Currently I'm working on the PR to SDK. I don't know should I share the screen or it's okay There's PR that covers healing element chain element with tests unit tests and there are lots of discussions with ads about The way how we should test that element. So at first I made kind of white box testing. So I using a lot of checking private maps, but we decided that It's better to do tests in another package. I mean in test package So I change it and now we have discussions with at how to properly Dispose resources There were finalizer, but it doesn't work well in test environment. I mean you See the ugly output. I mean the line pass and after the line pass the There are some still some output because finalizer works later So it's not really good and I proposed a couple ideas I think we will discuss that ideas in terms of that PR and I also have some work done For spire federation they work quite good in my local kind environment and I have plans to Provide PR for CI. I mean interdament tests probably should use federations instead of common root certificate and That's all for me, I guess Okay, fantastic. Are you currently blocked on anything or do you have Do you have enough that you can get to me working at the moment without any problems? Oh, no, I'm not broken. I also are Beside the PR for hearing also play this SDK and create some kind of high-level integration tests that use the whole chains So it's I have Things to do so it's fine Fantastic and Okay, who's next I can provide my status This is Dennis Can I show my screen? Please yeah, yeah, oh, do you see the project board? Yep. Yep. Oh nice. So from my side, I have provided PR into SDK repo is the next context stuff for server chain elements and it has been merged and I think Can I move with this into done section? Yeah, if you have a rights, I think Okay minute status and also Looks like the another issue Also has been fixed Oh This issue has been fixed in another by another issue and PR has been merged and I try to reproduce this and It is not reproduced it is not reproducing with Wait a semester and I just ask it's the reporter about Status of this issue and I think he will close this Is this clear More interesting kids you do have changes in new Main repo pull requests with testing reuse of the network service manager Pod containers. Oh, yes SDK. It's more interesting. It's to speed up the test execution and to Yes, it is another issue but can I Describe my status about Issue now. Oh, yeah. Okay. Yeah, about final plugin about for now to plug in we have Discussed with ads about moving out plugin into coordinates repo to get rid of Custom image NSM coordinates and Today I have provided PR and I have created an issue into coordinates repo It has marked deep and I'll work on this I just provided some docs and Specification Also, I have provided PR Oops, it is not Here is my PR and it's Yes Failure, I'll take a look So here work in progress and I'll wait for feedback from coordinates guys about this plug-in and integration So also I Have a Progress with another issue It is issue 2070 it's about adding suits to speed up a side time and Here I have split PR at four parts and on this week two parts has been noted and I need to Do only Rebase last part and fix some problems Visits Yes, pretty huge What one comment from me? Yeah, I want comment from me At the moment we have integration tests and every test do sit up of Forwarder network service manager all the pods do testing can do shut down after a test is complete so the general idea for this to have some more Configurable way to have some group of tests to reuse the same infrastructure same forwarders same in talk service managers and It will increase the usage of the order in the seven so on and we found Few issues which could be found by customers if they start to use an SM with more long running operations and so on I Have actually also hit something similar in the examples repo where I try to run my nightly builds Like on a single kind cluster and then At some point they start failing like I don't know There was some I don't remember what was there or I can I can't dig it out So yeah, I would definitely be be happy if this if this gets forward us Obviously up till now we were just you know speeding up environment running a single test and bringing it down. Yeah. Yeah. Yeah. Yeah, this is Yeah So, yeah Okay, cool Yeah, in terms of the cordy and S people if you don't hear back from them let Let me and Ed know and we'll see about Pinging them to get some attention on this Okay, also, is there I'll see the same question or is there anything that you're blocked on or you need additional direction on? Oh It is not block it. I just wait for feedback Yeah, but you you let me rephrase you do you have things that you can work on from At the moments that are they're not blocked like you are you are you in good shape? Yeah, I think yeah At least we are with us huge require some work Okay, thanks Great, is there anyone else who wants to talk about what they've been doing Alexander could you tell about the home 3 version 3? Sorry. Yes. Okay. I've been busy mostly with the helm charts recently The one of the major task is to To be able to switch to helm version 3 which provides more robust and And the it uses less infrastructure like there is no additional tiller code that manages installations and is basically at the debugging stage there is only couple of tests that that fails on CI and I will I hope I will finish the task once I finish the recently emerged tasks that with helm version 2 where it turns out that we Indox we should use Bear helm commands and to install charts rather than using make targets So currently I made a PR To fix those problems and after the this PR will be merged. I will finish the helm Transition to help free That's basically all Fantastic. Thank you. Thank you very much Thank you Yeah, and let us know if you run into any problems and need that and need help as well And we'll we'll try to do what we can So is there anyone else who wants to talk about stuff that they're currently working on Okay, is there anyone who wants to talk who wants to ask? any other open questions about Things are going on directions or anything like that Cool, if there's no questions at this particular point as always you can find us on the nsm Dev channels and ask questions there and you can always ping me and Nikolai We're always happy to help and with that you will yield back Four minutes of time and we'll see most of you in the Next meeting in around 10 minutes or now. Thank you. Yeah Bye. Bye guys. Bye. Bye While we're waiting can we also get a volunteer to display the agenda please give another minute or so then we get started If you can add your name to the agenda that would be Very helpful and useful And if you could get someone to post the link to the agenda in the chat, that'd be that'd be good. Thank you, Ashley Cool, let's get let's get started. So welcome to the to today's network service class meeting and We have this meeting which occurs every Tuesday at 8 a.m. Pacific time. We have an issues and PR group which occurs every 7 30 a.m. Pacific time of these days We are also involved in the CNCF telecom music group Which occurs every first Monday at 8 a.m. Pacific and every third Monday at 3 a.m. Pacific the next The night the next time the meeting will be 13 days from now at 3 a.m. Pacific, so I think around the 16th or 17th we also have a CNCF SIG network that we are involved with and That is started up again that group meets every first and third Thursday every month at 11 a.m. Pacific that is interleaved with the Kubernetes SIG network We Are so events coming up. We have go San Francisco where I will be giving a talk on 5 meter zero trust There is an MSM component attached into that So if you're in the San Francisco area, please come please come help you can also help with providing information to To others about some of the work that we do as well we We also are Going to participate in kubecon the schedules have been announced and there is a diverse set of talks that have been accepted that are related to MSM and We'll see about getting the agenda Listed with them. I think I counted around five or six of them. So it was quite a quite a healthy number We have oh any yes, that's up and I had a brief talk with with Arpit Julie Hall and and Heather about Their closing time because their website closed the Those oh any yes earlier than it should have been closed. So they've extended the time to submit For someone specified period of time So if you were intending to submit and forgot or we're unable to do please and Now's your time to do so The schedule will be announced on March 5th In July there's going to be kubecon and Cloud native con China the CFP is closed in February 21st. So a few weeks from now Notifications go out in May In the end of September will be oh oh any yes Europe which will be held in Antwerp again CFP's close in June 7th. They are currently open and Finally, we have kubecon cloud native con Boston the CFP is open in a couple months on April 22nd And they close in June 12th So please start thinking about the type of things you would like to see in Kubecon Boston We also have the nsm con that is co-located in Amsterdam That should occur I believe on March 30th And so we have a larger room This time twice the size the event pages on the agenda Schedules for those will be posted on February 21st, and there are sponsorships lots available So please consider joining up for a sponsorship and showing your support for nsm if you are in such a position so And with that are there any other events that people would like to announce Great, so if you can scroll down on the meeting notes, and we'll go into the main set of announcements Okay, so we'll make the announcement again. We have the a new nsm project page So this project page crosses now that we've spanned across multiple repos And coupled with a new addition to github we can set projects on organizations So this is an organized organizational level project page that spans multiple projects that helps link to issues and key hours so If you would like to help this is a great place to work out what people are working on what what's currently available and Also a good opportunity to potentially add your own To add your own ideas ideas and into the agenda as well And to get to get some feedback on it We have We have the yeah, we'll take a quick look Since it's been opened So here's an example of what it looks like so you can see there's to do a variety of in-progress things And if you see there's we've even tagged things with a good first issue So if you're looking to join in you can you can sort of based on tags And and we track things as they as they move across Cool So we can go back to the main agenda. We'll continue on Uh, so we have the social media community team. So ashley you have the floor Thank you. Hi everyone. My name is ashley and I'll be providing the social media community team updates And so this last week has brought us again some pretty consistent engagement And followings compared to the last few weeks that we have been monitoring this As far as twitter goes we have gained an additional 13 followers We've followed an additional six accounts and we have tweeted and retweeted 27 posts Some of those include Kubecon announcements so all of the nsm talks that were accepted just the other day We've tweeted about registering for kubecon as well as nsmcon adding that on while everyone is registering for kubecon cloud native con again getting some Information out there about the prospectus and trying to get some support through sponsorship And again, just reminding people to submit their cfps There's also been some general call reminders that have been promoted some cncf news about the toc election guides about kubernetes surpassing 100 000 registrations and Promoting cncfci working group calls as well as their weekly webinars So I think with these general tweets getting out there It is allowing us to gain some additional followers and get some extra eyes on the nsm Account and then just getting some other events out there cfps for open networking edge summit coming up as well as the Go sf meetup building cloud native zero trust solutions In addition to that some general tweets and blog posts from VMware and cnf testbed Cisco and doc.ai And as far as LinkedIn goes again an additional 10 followers. So that has been very consistent So good to see that that's all growing and As far as what we've posted on linked in pretty much the same as the original tweets that we have been getting out on twitter And the plan moving forward is to continue promoting nsm con As far as cfps sponsorship signing up registering you name it getting some Retweets and Contributor podcasts out there as those are starting to come out any other events that are coming up that are nsm related We'll just continue to push those to get as as many eyes on network service mesh as possible So if there's anything else that comes up any further announcements, then please do let me know and I'll get those Fantastic, thank you very much for the hard work in this area cool a couple other Minor announcements I forgot to add in Well rather one So I I spoke with With Dan cone yesterday He asked me to talk at the linux foundation event in Mobile world congress that they're that they're hosting and so It's it's not going to be nsm specific, but they put a tinge of some stuff that we're doing in nsm Very short context. So If you're going to be in that area, I definitely Definitely get a hold of me and find and find me And with that Is so so we don't have anything on the main agenda today and Just a reminder some of our best meetings in terms of content to come out of such such events So it's opportunity. Is there anything that anyone would love to share with the community on or get any feedback on? I Have a couple if I may Think that we have time for for everyone. So, um, first I I just noted like like while I was browsing here that we We effectively are covering each and every day with nsm. So we start with nsm con the whole day then Okay, it's not the whole day, but it's good enough coverage like Four talks on the First day actually of the of the conference. This is kubecon, of course and then we have tomorrow on April 1st and April 2nd so the last two days. So that's that's that's actually great I think that that this is the best coverage that we ever Got at At kubecon in terms of Multitude of Sessions, okay That's one thing and then the other thing was something that we discussed this this Okay earlier today for me And on the call that is in the you know the age ago So it was something regarding the repu split. Uh, I would just like to Reopen Let me just copy this presentation link here For a second So the discussion was something along the lines of like, how are we proceeding with this? I mean, what's actually going on there? What am I missing here? Let's say that this is So It's more or less Something that I think that we as a community need to to try to figure out So the the final target of the repu pipeline that is ongoing now Is to get into situations something like this similarly the problem that I see and we kind of discussed with andrei quickly was that we we We see that there are a lot of prs and issues which are still filed and especially, you know, I'm kind of huge big new functionalities being filed against the main monolithic repu as we call it like You know the network service mesh one and we want to get into something that is going to evolve from from these experiments here, so I think is that maybe we should kind of I don't know what's the right wording here or what exactly techniques we should use but kind of Stimulate the peep the stimulate like the contributors And new committers to actually go directly to the new structure and try to propose their new functionalities there and keep this one in kind of semi maintenance mode for For now If you see what I mean or some variations of of these Of these things. I mean, I don't want to go into extremes like we don't get any prs network service mesh I don't think that that's possible and meaningful now, but Or maybe we can This site on some steps like today we are going for simple api plus several sdk's split so exactly this one And until we get done here anything that touches sdk or api here is not getting merged so that we can make a clean You know implementation here and we merge everything because functionality from here to here And then once we make network service mesh Actually use these sdk's I refer to them Then we can start migrating as a second step like the cmd's and Still keep the main repo as kind of integration one And then eventually at some point When everything else works we start moving to here arms and then you know all the integrations like the final picture So these are just just some some thoughts and I would like to get some kind of I don't know discussion or Share ideas and try to decide on what the our generic approach Would be here Yeah, that's there's a problem that I know that ad ran into when you would support on some of this stuff like Get enough there and get it stabilized so that we can proceed with the next set of steps because changes to that api repo absolutely ripple through the rest of Through the rest of the system as opposed to something like sdk the agent which Um Has less uh less dependencies. So I think I I would prefer to to have most of the effort put into the the first few until until they're up and In a good shape But I I think they're starting to to approach that like the next big step that needs to get out there Is is the commands repo? Um, and I know I was working to try to get the commands repo structure Out sometime this week so that we can finally complete that particular loop But Yeah, I I don't know an easy way to To solve that other than Uh, like trying to front load as much of the of the work as as possible um, our people were were people having problems With the new sdk like where they where they just Has it tend to use it, but we'll be okay using it later or were they actually trying to build things on it? right now it's not full really yet, so It's an active uh development an active move of the components from monolithic repo into it At the moment, uh, we do some experiments like we are creating endpoints based on the new sdk So at least one week or a bit more may be required to Have it more stable and to uh make first steps to move Current uh applications to use the new sdk Okay, that makes Yeah, sorry go on next one I was just going to say that For the time being examples are like ci for example, so it's broken because of some kind of misunderstandings with how we use Helm charts, but that's going to be fixed and uh, I was thinking maybe maybe we can create a pr where A migration to use this new sdk Can be used there. I mean there there are not nightly builds there, so I don't know if we if we start migrating At least some of the examples to the new sdk, maybe this could be a good good kind of um You know where to way to to start uh using it in a way So examples will be moved to sdk or to cmd? no, no, I mean Okay, examples are stank is a repo for now as they are that's I mean this examples which are Actually in monolithic repository No, I'm talking about these ones yeah So based on the current state, uh some parts like endpoints could be already started to be implemented using the new sdk I think but the nsm Manager itself uh could not yet be replaced with the components from the new sdk since not all change elements required uh already implemented So the major change uh for the new sdk is to move from the forward there as a separate component of the system to a forward there as an endpoint And this part of work is not yet finished it Yeah, it's it's a major change. It's a huge change. Yeah. Yeah Yeah This means that that it's mostly the forwarder that cannot be like the two forwarders that we have today that cannot be migrated like Yeah, yeah, yeah So when you say I I was mostly expecting that I should just change like the The go imports that I do To just point to this But apple instead of the network service mesh one Uh, are are you saying that there are other changes there? There are some incompatible changes between the repositories This For example, what I introduce as uh renaming intialisms Yeah, of course well, that's uh So Only change for imports will be not enough some little patching Probably will be needed. Yeah, but that's that's okay. I mean like there's not so one of the things that that actually Was done back at the time when the sdk was created was that we had this, you know huge Okay, huge compared to other parts of the of the code explanations of what actually the nsm is about You know with all the Components that we have here I guess that this is also planned to be migrated and to kind of reflect the reality of the new um I guess like changing at least these bits here so that people can just use it um Kind of safely. Yeah. Yeah, I think yeah should be done Yeah, okay, and it will be done Yeah, intialism check. Okay. Yeah, that was my my kind of something that that we wanted to to bring up to the end Yeah, because for example the the wire guard stuff. I think that that it touches Pieces at least in the api maybe Meaning that if we have to merge it then we'll have to Forward port to To the new structure Because I know Artium already provided a pull request for the wire guard to the new sdk. Oh, okay Oh, so probably it's not so complicated. Yeah. Yeah, I mean it's not complicated What's complicated is to track if you if you have more than 10 of these Yeah, yeah Having to track them then it's this is complicated. I saw that we cannot quit files Okay What else do we want to to talk about? Oh, hello guys. Uh, can you hear me? Yeah Yes, we can. Yeah, this is alex from breadhead. Um, I've been talking with with ed and and frederick Uh on slack about the nsm operator So, uh, I'm about it's working right now if you if you try to install it's pretty rough, but there is Enough instruction there on on the repo to try installing nsm using The operator but only on a vanilla kubernetes For the moment. Okay, but I'm almost in the point where I would be able to deploy an open shift to And using what we call operator lifecycle manager, which is a tool That integrates multiple operators and calculates dependencies and and all of that And I I feel that at some point in time, uh, we'll need to have a discussion around two Uh, two topics on on the operator Which are the specs and the status fields On the cr. So what would you guys? um What what would you want to see? uh on on the configuration Of this virtual object called nsm inside kubernetes and what would you like to see In the status field So these two would be topics for probably I I think it would be it would take some time It won't be like something decided At once but probably it will meet some engineering On that and of course, uh, you know way more about The inner things the under the hood things and nsm to To understand and to choose what is what is best For that for now if you look at the cr on on the repo You see that, uh, it is basically a copy How can I find the the the cr sorry if you can just share the link so that we can open it right now And may I may I put it on the agenda here? Yes, of course, please please please do and Also, not everyone here will know what an operator is. So if you could also subscribe what an operator is for others That'd be fantastic Okay, if you want I can show it working Really quick Yeah, go for it. We just yeah, let me just uh find the link here Okay, the link is here so Let me put it here Uh, there we go So you have the link there it is on my own, uh github account, but um You I'm aiming actually to transfer whatever you have here to the And I do that network service mesh github account. So let's uh, can you see my screen now? Yes Okay, so you have a you have a terminal on the left side right and and Yes, code on the right side. Okay. Is it is it possible to read or is it too small? How can you read that? fine for me Okay, okay, so, uh Basically what I what I did it I put all If I let me take a look on the repo first I think it will be better if you want to take a look. Let me see if I can Can you see the repo here? Yeah, yeah, we go. Okay. Okay. So, uh, I put some requirements here That if if we go there This is these are basically, uh, the objects that The dependencies for nsm to be installed, right? So if I if I put those guys before and then I put the spire as a helm chart Uh before uh, we are covered to install the operator, right? So after after doing that, I'm just, uh cloning the project to get the deployments For the crd and the the operator resources. So the crd must be there before the the operator All right, and after deploying the operator, I can deploy a cr and I will explain that Real quick Looking at here. So the operator basically is a deployment that takes care of your installation can takes care On the of the health Of everything that we're trying to to run on top of your Kubernetes cluster. So For that, I mean every single component in the nsm Charge that we see on the helm charts can be deployed By the operator and taken care By the operator, right? So, uh, the operator resources is a MMO file that is Right here if you see everything that is needed to deploy the operator is here. So accounts Roles and everything. So it's just to speed up the process Instead of deleting that me just apply this guy So if I apply it will create a container here That is a deployment actually will create a container here that is the operator The operator holds Within it some controllers that will be watching the behavior for each and every component on the nsm Let's say application as a whole as a system, right? So it will be watching The admission web hook deployment It will be watching the demon sets for the forwarder and also for the network service manager Right since I don't have Anything any crs here. I'm doing Underneath here a kubectl get nsm because I created that crd To represent the system, right? But I don't have anything here. I have a cr though That is actually representing nsm here With the same options that you guys put on On the helm charts. So here I'm basically give it or take copying the same thing that is there, right? So if I deploy this cr Let me see if I can Find it on my history here. Yes So if I deploy the cr It's going to create everything you should create everything. So now I have an nsm object here it's beginning to download all the components and Uh, sometime at some point it will complete All the containers and it will put the platform running everything Uh, almost there. So there we go. Everything is here and you can see that it creates the services here It creates, uh The the deployments and the demon sets as well and You if you if you look before deploying nsm operator metrics was already there because it's it's been developed with the operator sdk and it comes with Any metrics and points embedded which kind of facilitates the process of publishing metrics So this is the work of the operator is to take care of it So it can be extremely flexible because everything is going We just have a boilerplate from the operator sdk to build everything at least the the skeleton project And we can concentrate on the controllers on the logic inside, uh of the controllers So this is the point where I I say that, uh, here Many decisions have have to to be to be made because, uh If you want a complex system if you want to change Configurations you can do anything you can view the spec field the way you want like if we can even have nested objects and Whatever whatever is needed. Uh, it's possible to be done right Um, and the same way this this started the status fields. We don't have a status field So if I if I come here, let me, uh, visualize here like If I do kget, uh, kubectl get in the same I have the nsm object and if I want to describe it Describe nsm nsm, uh, we have a spec field, but we don't have the status field Status or status. I I don't know how to pronounce it. Well, but status would be the one, uh, representing everything you want Uh, in terms of, uh, the components if they are, uh, running installing creating what kind of phases They are passing through and things like that. So it is, uh, uh those decisions are way more, uh easily taken Are made if if you guys, uh, if you if you if we have somebody that actually knows, uh The roadmap for the project now, so what what do you guys envision in the future for nsm and what, uh, we can do, uh from from a coding perspective to make that happen, uh, from a central point such as an operator And the good thing on the operator is that if you if you install if you have a cluster with the operator life cycle manager Then I can actually build a small helm operator. For example, for inspire, uh Jager tracing actually has already an operator So I can just point out those dependencies and then, uh, the operator life cycle manager will bring those operators in in order to comply with the requirements, uh, to install, uh, the nsm operator So it seems to be Interesting and it can go way further than, uh, helm charts because helm charts, uh on helm charts, you can version You can group everything together. You can install it easier Easily and you can also upgrade but when it comes to like if you need to backup configurations if you need to I don't know just, uh Grab some information and speed it out on an s3 bucket or if you want to do some sort of, uh stateful, uh database to to Keep some information and and make sure that database is back it up for example Or if you want to do I don't know billing on on a cloud provider and you want a part of this operator to actually build reports for you based on the cloud provider api so, uh The possibilities are are really really, uh, wild like you you can you can Bring in the matrix, but also process the matrix, uh outside, uh with the help of the operator and have deep insights You can go further and do autopilot if you have some sort of behavior that you You you can see on uh on clients, uh using nsm and something is happening Okay, we need to check that and to fix that we need to change some configuration Or to tune out to tune something on on the application or even restart a pod or something like that It is possible using the operator because it's always alive Watching the resources and it can have many conditions inside to say Okay, if this component is going to that state, I can change like that Go to that state. I can change like that. So it's it's more or less how the operator works Uh, I I hope uh, I hope it's it's enough to explain what it is. I don't know if somebody has any questions So is there a possibility to dynamically change for example tag for all that moment uh, sorry to change tag I mean for Docker images So operator would update All deployments replicas and so on I mean Yeah, yeah, you you you mean like bringing new images Uh, exactly. So if I will update cr we're changing the tag to newer version Uh, I expect that it will Uh operator will automatically Do the upgrade Yes, yes, uh one one of our of our goals is to have the operator doing seamless upgrades and downgrades as well. So if you There there are some there are a few ways to do that you can you can um Tie the operator to a particular Image so let's say that you have a tag on the operator and that tag represents Certain images on on your cr so Then the operator will deploy just one version of an sm and then to the next version You create a new tag on the operator and you tie the the whole an sm version to that new operator And when you say hey, I want to upgrade my operator the operator itself will upgrade the whole application So this is one way of doing that. We actually prefer not to put the image itself as as we are doing here one one Like registry or again tag instead of doing that we could tie everything to a particular version of the operator And not open this on the configuration side And then when when you update the operator you update the whole application And if something goes wrong, you can do the opposite. You can downgrade it and make it Do make it downgrade everything gracefully as well So that's uh Actually temporary part Am I understanding them correctly? Sorry. Oh, yeah. Yeah, this this you mean this configuration here. Yeah Yeah, this I just what I did I translated Helm charts that I I found Yeah, that's it. So from here, we need to think okay. What do we want to see? happening On the operator. I can't hide this easily. I can't hide this and say okay. I have a particular version for that Operator the thing is that I is that I don't have yet a release on the operator That's that's what I'm working on right now Because I need to build a file. I actually already built I I'm just testing and at the end of testing Uh, which is called cluster service version that file is important because that file is We have all the metadata that describes the operator what what it can do Fuse that it can show on on for example open shift ui and everything else and With with that file I can version the operator so Once I have that file ready I can put a release out and then I may for example hide this and tie the operator to a particular nsm version cool, so I guess a little bit of feedback in this direction is um So we're gonna have to find a good balance in this area because one of the things with nsm is it's designed to To work not only with kubernetes, but things outside of kubernetes as well. So that means some of the Healing and and so on that you would tend to drive through an operator We're gonna have to make sure that those work In when you're trying to drive like a hardware switch or top of a rack switch or Open stack or so on that that being said, I think that there might there there may be a good opportunity for For this particular project to keep track of Certain types of metrics or keep tracking certain types of things that have been exposed to try to work out Like if there's an error condition that we can detect or we see that the services stop responding or or so on That that gets mitigated properly or to help us with uh With an upgrade path where we want to perform an upgrade and yes, we technically could just do a big bang Help style go upgrade everything But this would also gives the opportunity to do something that's a little bit more a little bit more controlled a little bit less Invasive I guess you could say And so I can definitely see a variety of really good Of really good innovations that we can do with this um Another question as well and you don't have to answer this but is this something you would consider Having within the the network service mesh repo itself as a as a sub repo of the organization Yes, yes totally to to be honest my my goal at redhead Is to spread operators everywhere. So For us this is important. So what I'm trying to do is bootstrap the community around this operator So if you guys I want to have this under under the network service mesh to me is the best place to be Cool. Well, let me get back to you shortly on that But I think that's a really a really good idea and I think that that's the right place for it Yeah, sure. Uh, no problem. Uh, to me it would be really cool to have a under the network service mesh And I would be super open to help anyone that wants to contribute on that Fantastic and one other question not like Not entirely related but still within the realm based on what you described So did you have any trouble running it in in open shift or did it just did it just work? Yeah, the yeah, actually, no It doesn't work right away because uh open shift works with Uh, what we call security, uh Context constraints and those that we call secs They have very a very specific rules on Uh security technologies under the hood meaning app armor se linux A bunch of things underneath and there's one in particular which is the the user id that open shift changes By default if you try to run on open shift So if I if I configure the the user id to be any user id I can run Um, I can run. Okay with no problem So now I'm trying to integrate into open shift and put it uh straight into the Into the embedded operator hub and then uh once it is there. Okay, it's working then I can try to push Uh the csv file that one I mentioned to the community upstream operators and the ups and the community operators are two ripples to be able to to find the operator hub io and Also open shift, but yes, it is installable but not By default we need to change a few things Okay, so there's a security context and the other thing that that we need to work out We have not tested with cryo and so it'll also be good to To get some feedback on whether you have any trouble with how it interacts with cryo But yeah, I think outside of those Outside of those couple areas Yeah, if one of the things that I think would be a good idea to head towards Would be the eventual inclusion of some of the open shift stuff into our into our ci's and so when When that's much further along Let's have another conversation around that to try to work out if there's something we can do there Sure. Yeah, no no problem. Uh, it will be my pleasure including open shift on that Whatever I can help no problem Fantastic and uh last question I guess The last question on this is When With all this particular Stuff that you were that you're working on are you the only person when ran out of this particular pointer? Do you have other Colleagues and friends that you're that you're working with? Yeah, yeah, I do. Uh, we are seven now There's one more coming to the team tomorrow So, uh, we work exclusively with uh operators Doing a lot of stuff presentations consulting development And on the nsn operator itself. It's only me for now but Yeah, I think they are more than inclined to help if you need help and if I can put you guys on on Operator hub and open shift hub and push the operator to another level because we are classifying operators into levels If I can bring the operator to level four I can actually I think I can I can have a special channel on coral s is like Just for the operator and then you have access to the whole team to To talk with them and and and everything else. That's that's that's the way we we are working with With partners and clients. We have almost every one of you Uh on another project on all other projects not just in the same but other projects We have cisco have vm or have f5. We have a lot of journey per so everyone has Uh a channel, uh with us Because we work directly with the partners and and so on and so forth and and operators level level four are and five are the most important to us So we have a lot of work to do yet on that to to be there, but But we greatly appreciate the the help like it's it's it's fantastic. So Um, like definitely let us know if you're ready to any problems as well And we'll do our best to to give you guidance or to embark you Sure, sure, uh, uh, thanks. Thanks for that and thanks for the time too Sure, my pleasure. Um, so I have one uh one last thing before we uh before we close up Um and nicolai, I'm gonna post a link over the chat Um, so anyways, we can open if you can share and open that up that'd be uh, that'd be helpful Yeah, it's on the zoom chat Cool if you can go to the second slide so, um, there's something that I would like to Uh start building when I'm looking for someone to Get help with taking up a substantial portion of the of the code Um, and so the idea is we in order to help with the cnf efforts become the network functions that are being built Uh, eventually we're going to need some form of a test hardness to help with the Uh certification path that they all want to head towards So I want to build this very simple component. It's basically a test harness with a generating capture and a monitor Um conceptually it's very simple the complexity That starts to come up is in the types of things that we can generate and uh in capture and hobby of the payloads And if I wanted to start seeding this particular idea So that if anyone is interested in helping build such a thing Uh, get a get a hold of me and we can start working out What uh what initial what an initial mp keyword, uh would look like And uh so that was the last uh the last bounce what I wanted to do to toss out Uh and in short it'd just be Start create a network service that it exposes itself connects to itself with a cnf or group of cnfs in the in the chain and It monitors everything in the chain and looks for things that look Uh suspicious and suppose that cnf was the firewall on the capture side You can check that this thing properly blocked the things that I asked it to or or so on so Just a short something of what uh something that would be useful to build that uh, I would appreciate some some help with Um, what's that? I don't have anything else. Is there any other small items that anyone would like to discuss before we close it up? Okay, there's nothing else then um Yep, thank you everyone for Pretending and we will see you all at the same time next week. Take care See you Bye. Thanks. Thank you. Bye. Bye. Bye. Thanks