 All right. Greetings. We'll give everybody a few more minutes to come on in. All right. I see Dim's note in chat. I can have Duffy Cooley. I can have Matt Farina. Justin Cormack. Drive the meeting. Any hands? All right. Here's what we'll do. I'll drive through like the project thing and then I'll hand off to Duffy to bring us through the tags. Fair? Cool. Awesome. A few more minutes for folks to be able to come on in. We don't need Corm for this meeting unless like something changes magically. All right. We've got enough folks on the line for me to be able to kind of move us forward. So welcome. Welcome to everybody on the phone. Welcome to everybody watching the recording. This is our normal TOC meeting for March 7th. And here's our agenda. We're doing things a little different today. I moved the projects to be able to like apply the move levels to move up and we've got a little bit around the projects that are currently waiting out in public. So then we'll drop on the tags. So here's where we're at right now. Projects applying the move levels. Any updates on the graduation projects? We're making progress on Falca. There's a little bit more today we're talking about. I'm going to spend some more time on it right next week and try to get this done. Okay. Excellent. And then Emily and Katie are on the line as well I believe. Yeah. Yeah. Cilliam is almost done waiting on the last adopter interview which should be done this week and then we can finalize everything. Excellent. And for Crial. Yeah. Come on in. Yeah. So and for Crial, Kathy and I have been helping them refine the DD doc and we're also having end user interviews right now. So should be in shape soon. Cool. Can you assign yourself over in GitHub so that I know what the change is? That is super because that's how I'm going to be able to track that. Awesome. And I don't see Kathy on the line. I can I can update on Keda. I've been helping with I've been helping with the end user interviews as well for Keda taking the European times almost. So this is going well as well. Progressing with the end user interviews. All right. Moving to incubation projects. Any updates in here? Dems, I see you're going to need to hand off the other PC. Yeah. Yeah. Come on in. Yeah. Sorry. It's basically on hold. I haven't engaged with them for a while and then I need to re re engage if we're going to do that because so yeah. Okay. Okay. Are you good duty help? Do you like have time for this thing? I'll I'll I'll I'll I'll re engage with them off to file cares done. Okay. And yeah, I guess if you if it becomes a your time thing, I guess let us know and maybe one of us can help out. But for now I will let you do your thing. Actually, Dave passing to you around. Looks like you've got artifact hub in here. Yep. I think we've done very little with artifact hub. I meant to look but I forget we had a conversation on this call a few months ago, which was largely Matt and me. And I feel like we were kind of circling towards either putting it on hold or like just leaving it where it is and not doing the incubation process. But I'm very hesitant to declare any of that because I haven't looked the notes and forget. So I think the real answer is Matt and I just need to think on this and make a real plan and either push this thing through or stop it. But I don't want this to be on our meeting notes the next time we have this conversation. Okay. You got you got about a month. So okay. Okay, cool. So I have a month to talk to Matt. I'll try to do that. All right. Any others in the incubation side of the house? I cannot date on the cook flows. This has been delayed a bit, but I'm I'm kicking this week. So I'll reach out to to everyone dollars in the GitHub issue. I apologize for delaying this. I'll make an effort to gain some time back. All right. That covers our quick run through for projects applying to move levels with sponsors. Here's our list of projects that don't currently have sponsors. Does anyone have space to be able to put their hand up for any of these at the moment? I definitely have. Okay. Nikita, if you would like support on one of those, just let me know and I'm happy to be able to assist you. This is the way the new people get to pair with the people who have done this before. Yes. Same thing for you, Duffy. I'm happy to help, but I can only help one of you. I'm happy to either take one of these or help another one of you. I think the only thing I'm doing right now is hard to fight off, which is kind of stalled. So I should I should do more. Maybe I'd be able to take one and get help for it. So quick question here. So is Open EBS still up for incubation? It might not be moving that fast. I think I'd look at some of the other ones that have applied in. Like we can we can circle back with Open EBS. This is just a list of everything out there. Okay. There are some open issues with Open EBS that TC has concerned. Those are yes. I'm not sure if those are addressed yet. I think mainly about the maintainers, a lot of turnovers on the maintainers. I think that's the concern for that project. So regarding Pixie, I'll cover it in the observability piece, but they just presented this past week at TAG Observability, covering their document for incubation. Okay. Rather than being able to do like the like everything in here, just letting everybody aware these are the ones currently out there, we'll work through this async. Okay. Cool. All right. Duffy, passing to you to be able to walk us through the tags. Just bring us to TAG Storage. Hooray. Right. Do we have anybody from the TAG Storage group? Hey. Yeah, I will do an update for TAG Storage. So we are still trying to bring Cloud Native PgBug for another presentation. We have also been reaching out to other CNCF storage projects for project updates. Most of the incubating graduated storage projects have already presented recently. So now we are more focusing on the sandbox projects. We want to see if there's any progress made since they were first donated to CNCF. And another focus of their tag is to continue working on their white paper on database patterns in Kubernetes with collaboration with the DOK community. We have their outline ready, and people have started to write the paper. We're hoping to have a draft out by KubeCon. And last time TLC asked if people are reading those published white papers, Alex has set up a short URL for those documents. So if someone access the URL, there's a record. Of course, if someone access it directly from our GitHub, that's not tracked by this. But we do have some stats. It showed that the storage landscape by paper had about 3,000 views, and their Clown Native DR one had about 1,500 views. We have also opened a ticket with the CNCF service desk to publish a blog for their Clown Native DR by paper. So that's all from text storage. Awesome. Anybody with any questions for text storage or anything before we move on to tech security? Who's going to be speaking to tech security? Yeah, so maybe I can cover some, and then if you're an agenda member, some of them. So we have a security assessment photograph. This is something with the address and capos. Basically kind of a rundown on how do you go about starting a security assessment, what things you have to consider. We are seeking contributors here. We want to eventually get a little bit more perspective into this and release this as another paper. Andy, do you want to cover security village? Yes, absolutely. So courtesy of all the hard work from individuals on this call and then tech security, we have a Defcon-esque inspired security village at Kubecon Amsterdam that will comprise an auditorium, some unconference breakout space, the CTF itself, and some collaborative workshopping areas. We have a CFP now open for that. It is outside of the usual process. We're hoping next year to be a little bit more joined up, but just coming off the back of Cloudnet SecurityCon, everyone was a little bit busy. And yeah, we welcome proposals. Very excited to have three or four representative talks from the tag demonstrating some of the community outreach and some of the things that we're working on, and then everything else is invited from the community. And that's EU not NA. Thank you, Emily. Yeah, we also have the new project security guide. This is taking kind of current resources and we are working with a tag contributor strategy to get that posted up on the new project resources. The cloudnet security white paper version two for the white paper version two, the audio recording is done. We're looking for a few more reviews before we publish it, so any feedback if folks want to listen to that, that'd be great. We also have a the secure supply chain working group is starting up on our next project, which is why this is a secure supply chain policy. This mainly kind of answers the question of like when you say why this is I want to have software that has supply secure supply chain policy. What does this mean? Does this mean vulnerabilities? Does this mean provenance? And kind of like dissecting that a little bit more to hopefully make way to future work to dive into the individual components of that. Andy, do you want to take the last one? Yes, absolutely. We're still undergoing a little bit of discussion about which level this review occurs at. There have been some private reviews undertaken and we're moving towards getting to a shared understanding of how light weight or one extreme or involved with the sort of self assessment and full security process we are going to be for this. Yes. Just for projects in general or what do you mean? I think specifically for Cillium because there have been some threat models too recently undertaken and we're trying to determine where the middle ground is there. Yeah. Cillium has I believe had two security audits. One is relatively recent and they've gone through in remediating all or if not all then the vast majority of those findings and this is initially a closer look at kind of the security practices and for the project based off of part of that due diligence refresh and update for those reviews. So it is something I think that needs to be worked out closer with a project but I don't believe a full fully detailed joint review may be necessary but I will lead that up to whoever the security reviewer or security pal is that is assigned on Cillium to work through with the project. We're excited about the security village and stuff I think it's going to be a lot of fun. Next we have tag runtime. Anybody have any questions for security I guess before we go on to the next group? All right tag runtime. All right so Nikita is going to drive it. I'm just going to sit here and provide any clarifications. Thanks Ricardo. So here we are since the last stack update we've had project presentations from KSAV and Flatcar. So for those who aren't familiar with KSAV it's a machine learning inference platform on Kubernetes. They're actually a member of the LFEI and data foundation right now but they see more alignment with the CNCF because Kubeflow has applied as an incubating project under the CNCF and there's also like a lot of cross collaboration with other CNCF projects like Kubernetes, Argo and so on. There's actually one issue open at the TOC repo right now for exploring the possibility of projects since this thing is part of two or more foundations. We weren't really sure how feasible the two foundations thing is at this point though so we recommended KSAV to each other the CNCF stuff or in the process to move the project from LFEI to the CNCF. Or at Flatcar, I think a lot of you might be familiar with it, it's a little extra store for container workloads. So for the Flatcar presentation it was a really good discussion. So Flatcar has applied for incubation and like from a technical perspective and adoption wise I think they're pretty solid but I guess the question that was so faced up in previous TOC meetings were whether Flatcar as a little extra store fits within the CNCF landscape but that is probably out of the scope of tag runtime. We also have a lot of interest from other projects who are to present a tag runtime including Kena who has also applied for graduation and overall the interest has been really overwhelming. It looks like we might need to set up additional meeting outside of a regular cadence to accommodate for all of these projects again. Moving on to working group activities the IOT edge working group is continuing to work on the edge native application principles like paper and also the edge native landscape which has been progressing well so far and along similar lines the batch working group is working on a one page of the main tools available in the CNCF batch landscape today and the the CDI that is the container device interface side of things a new version of CDI was released and support was added for this version in container decryo and some other projects are in the works. For KubeCon we will have a tag runtime presentation and we're also planning to have a tag meeting so we'd love to see anyone in the community join including new folks even if you've not interacted with tag runtime before and even other tags for that matter hopefully we can do some sort of cross-stack collaboration on the meeting. So yeah that's it for the tag runtime update we already were happy. Yeah I just wanted to mention that for the flag car presentation we did have probably the highest participation of any meeting so we have about 20 people so we're getting a lot of traction in the tag so it's great to see community growing we have the three working groups with lots of stuff happening and we continue to reach out to different projects to engage with the tag and like Nikita said we usually have meetings twice a month but we're thinking about expanding that so if you know anybody who would like to get more involved too so you know let us know we're happy to be welcome in and you know onboard them and you know get them started to with you know the tag. Next awesome good stuff I think I'd be interested in helping to sponsor the flag car project as we move forward I think seems like a good one to jump into. The next one we have is Tag observability. Hello everyone so I guess before before I go through the specifics well there's an echo I'll say that the tag could absolutely use contribution particularly in the form of project management as well as more technical leads as well as a likely a third chair so there's a it's a it's a huge space that's growing quickly and there's a lot of work scoped and defined but not resourced so again if anyone knows anyone that wants to dive into any of this or a whole bunch of other stuff that we've got in our issues on the on the repo please do reach out so there's a couple initiatives happening there's an observability query standard work group this is some folks out of Netflix and a few other places they got together around I believe last KubeCon is when they started talking they've come to the tag a few times and formed a formal work group or that they have put together sorry they put together the charter for one that we intend to send to the TOC in the coming week that we can have to two weeks we hope to discuss after this meeting but they're looking at a broad survey of languages for querying and manipulating observability data some vendor specific some open source to do sort of a a survey of the space and then produce recommendations on what comes next so that's pretty exciting and it's a good example of where I think there is an opportunity to reach out to Apache to projects that are outside the CNCF and this is an example of the kind of thing that we could use more more help around I'm really sorry there's something going on with tile and I don't know what it is what's making that happen anyway there's a project for example called substrate which aims to basically be a meta level SQL compiler if you will to allow for interoperability between different SQL backends with with with tooling support it's part it kind of came out of the Apache arrow community so that's not in the if you know a project like that is congruent with things that are happening within the tag right and that's just one example but there's a big opportunity to really network across and then for folks to understand the space and understand or have ideas around around how we can kind of broaden the tent and welcome projects into the CNCF that makes sense that fit a gap and the substrate project would be an example of that and I can send a link later so that's happening the landscape graph project has had a few folks reach out we were going to kick off meetings last week a few folks are working out with their day jobs you know to get how much resourcing they have for it but we do intend to start formal project meetings in the next few weeks and there's also opportunities to do end user outreach you know it's been some time since we've done actual case studies we have had a number of presentations to the tag which are listed here like from the past few weeks most recently the name from pixie came and talk through their incubation proposal they're looking for a sponsor but there's a there's just a massive opportunity to organize and carry these sorts of presentations and I think there's both demand for it and supply if you will it just requires organization and orchestration so that's happening we have a maintainer track talk that Alelita will be giving at KubeCon as well we're giving tag updates on all that and then there's an observability day event being planned as well and then as far as the TOC tag Alelita is on a plane at the moment or she'd be here I believe she's referring to some of the dialogue in the in the past few weeks around how we can make clear what sorts of communication patterns do we want to have between the TOC and tags and how can we facilitate that so that's it from from us if there's any oh there was one other thing I wanted to raise and it's probably a quick one but the talk that was going to be today we're actually postponing for a few weeks to the 21st for scheduling but it raises an issue right when we first looked at the project client it's an MIT project right but it's actually MIT with a commons clause so it's not OSI compatible right so um so this person Brian might we're thinking we'd like to have him talk about ontologies and knowledge graphs and and some of the applicability to observability generally not the client project because of that licensing constraint so I guess my question to the TOC is my understanding of what um what is permissible and what's not um correct like is that you know only Apache 2 really and MIT um it's it as a as a predicate you know is the bar I think that's documented is there'd be no exactly that's not this this is more nuanced conversation um but like realistically we do have a process for being able to apply for license exceptions um are you talking about projects that are coming just to present um as far as being able to talk to the tags well so in this case um so the project itself is actually not the focus um you know we've been talking in the tag and generally about the applicability to graphs and graph theory and graph databases to observability data generally um much as calmer stores have have helped everyone not just observability folks graphs have a lot to offer right so this is a domain expert uh who happens to have done this project would be happy to talk about this project but um you know I've communicated um that that he shouldn't that you know Jesus I'm so sorry you'll have okay this sounds like it's going to be a long conversation we should take this offline cool yeah I agree all right um well I guess let's move to did I lose that work I did lose network in here okay I'm I'm so sorry okay our decision here is we're going to take this particular conversation offline oh that's a sick piece of it it's super the last thing I just wanted to be clear is that this is not about the project applying to be as part of the cncf is about using cncf time and space in general to talk about things that are not license compatible so we'll take that in general you don't need permission for license things if you're just talking to people um you don't have to worry about that the the license things matter only when somebody's applying um and not otherwise oh okay yeah this is about like in a tag meeting on cncf resources that's not a problem it has to do with the things like the cncf taking ip ownership and there's legalities there so licensing matters for things like that for a conversation in the um in a tag meeting you can bring in all kinds of stuff an open source project under the mit go ahead yeah okay cool yeah I wasn't sure if that you know if it was how strict we needed to be uh you know fair enough so thanks I mean tag environmental sustainability or sorry network can drop their things down to the bottom and I want to be able to make sure we got the network okay network hey yeah hey all um we don't we don't have a meaningful update um that's that's really worth covering this time um so I have a image in the play.mashree.io pretty recently pretty good pretty interesting stuff and so um you know since since there's some quietness here i'm compelled to say so dims had asked last time about us c and i and i'm 2.0 which um which which is a thing um i'm gonna we're gonna be inviting those folks to present at an upcoming tag network um there was a recent presentation on c and i 2.0 at fosdom um but it has been in the works for in planning for some time it's about as concise as I can say it I suppose and and that's that's it awesome Eli one comment that I have is the tag runtime has a IoT Edge working group working with the open networking foundation they're trying to work at the intersection of Edge workloads and networking so they might actually reach out to tag network thank you for that that's great that's good yeah all right on the tag environmental sustainability um hello so a few updates from our side um we worked on on a survey and we have it ready soonish so probably end of this month we have a blog post ready to announce the results um we scheduled two project presentations in the tag meetings so we plan to do this every month um and the first one is in in next week so if you're interested in uh cube green or in Kepler you can check out the tag meeting join the meeting um we've been working on the environmental landscape document for quite some time we started like in in October or even before then and we are confident that we can show some like first results or first landscape document in the maintainer talk at cubecon maybe we will also hand out the flyer with the some like details we've been also discussing about this and we will have a tag meet up in person at cubecon and the maintainer talk and that's that's it definitely you are still muted sorry there's actually construction happening right outside so I'm sorry it's all right I hope you guys I hope I hope you all aren't being um bothered by it there's lots of repeat um so any questions for environmental sustainability I have questions so what kind of survey what what what what contents are covered by the survey so the survey we we have um maybe I can also share the links in the chat there's like some like more details was mainly about data centers and also one focus was like a little bit more hardware heavy we're also thinking about like doing more software side survey or something where like software developers can maybe jump in on but this was like mainly the focus so we had it open for a few months started if I remember correct in cubecon and a so let me share the links and chat so you can check it out thank you there it goes right that contributor strategy I think is next okay how do you folks um so we're going to be uh very present at cubecon europe um like usual with um um a kiosk which was useful at the last cubecon for reaching out to projects who actually needed help with a contributor a contributor-based building and governance and other things so we're going to do that again so if you know a project that actually needs to talk to us you can send them over to us in the project pavilion in the usual sessions including I both a regular session and Dawn is going to be doing a keynote the I for mentoring C&CF has been accepted into GSOC the we have a bunch of proposals more proposals than we will probably get slots um so we are set up for that um the um and the new quarterly LFX uh program is actually beginning soon and again um we have 60 something uh mentors for that um I honestly if our we have a limitation with all of us right now it's actually broadening the student base um and so we're looking at are there ways to do that because right now probably 90 percent of the students applying um are from Indian universities and well a lot of those students are brilliant and great LFX is supposed to be a worldwide program so um brainstorming ideas for how we can actually um broaden the appeal of that um at Matt Freina's request um we're looking at how the tag could be involved in we call it governance remediation process so we're already working on doing formal reviews of governance for projects that are playing for graduation um but what's been brought up is the case where the governance of the project is written does not match what the project is actually doing um and how is that to be handled um and so comment on that issue um which is uh in the tag contributor strategy repo and linked from the slides if you have opinions on that or want to be involved um and then finally um a lot of the details are TBD but we've requested space for maintainer circle at kubecon yesterday and that's it excellent any any questions for a contributor strategy next is tag app delivery yes sir that is me i'm representing today i'm a technical lead on the group um first is kubecon EU uh we have started discussing amongst the leads and with the group uh our activities there we want to we're having a meeting a meet up on the pre-day um which will split between reviewing our own work in progress and bringing in some project maintainers uh to hopefully share you know five to ten minutes snippets on uh significant uh significant things that they've been working on uh same thing with the booths will be in the project pavilion the idea is to provide end-to-end discussions um and a place for project maintainers that don't otherwise have a project to meet uh and potentially to hold like a a meet-up like we did in Detroit um we also have a session um and we'll emphasize some of the domains that we've worked on platforms applications operators so yeah so i uh click that link if you if any of you or any of your folks in your tags projects want to participate with us um you know please let us know i'm gonna we're gonna work on a blog post and some sort of call for proposals shortly hopefully the next week or two this is not much time uh next uh weji platforms um i'm really excited because i've been leading this work so the white paper is ready to be published we're working on on a paper there defining platforms or cloud native computing um assigning an adjective before platforms is quite controversial so that's why we went with that uh we want to put links in here so just go to the doc and just click the go to the deck and click the links to see we want to publish it by mid-april in time so we can get some discussions at kube kind of you um obviously we're all you know influenced by our own work with customers and users but we would love to gather more feedback uh both there's an opportunity with the publication to do a survey and publish the data broadly for all of our projects about like platforms and what customers really want the users whatever we call them uh really want from them etc etc and i also so this and also user groups it would be great if there was some sort of just a council or something i know there's something in cncf so i wanted to bring that up here um whatever the talk can do to support us and gathering this feedback you know chime in on that survey if you want to help us do it well uh you can always use help as everybody else in the school um next up oiji platforms is you know now that we've got the paper out the door we want to talk about capabilities go into some of them so i linked some product mindset i know emily you actually had written this morning are we thinking about that that's one of the ones that people brought up from day one like can we go a little deeper into product mindset um i'm personally technical technically inclined so things like secrets multi-tenancy um and other things like that are also we're starting to dive in i'm we're just starting to build momentum on that stuff so please come and help uh and we're also the last thing is we're working on a prototypical platform um yeah that's just kind of early days something that could guide users on bringing things together from cncf josh if you haven't already i would recommend um syncing with brandon lum around that chateau and andy from tag security around those secrets and multi-tenancy portions i'm sure they have a lot of information on the white paper that they can share then make it platform specific very cool yeah i thank you um andy what was the last name block uh any yeah martin okay yeah i would love like i'll try to find some of the groups i've been wanting to bring some of the folks in but reach out to me also if you want and let's let's talk i brought in a few people here uh like the sops proposal that's in sandbox and some people at red hat that are working on like service binding stuff so okay i love talking about platforms but that's not fair to get up so let me move on we g get ups uh just channeling scott rigby's update mostly here the get ups and cd con are going to be at open source summit in vancouver together i think they're announcing uh the agenda this week so look for that um and the other thing that he called out is that they're working on a certification um so check out those issue and discussion for more on that um we are doing project reviews i bring this up because like one of the things i think about is how we're supporting the talk and end users in the end so we're trying to uh put a little structure around those reviews when when projects come to present to us so we did q plus a couple weeks ago score from humane attack uh in january a corner a little earlier feel free to check those out we just we take down the notes we're kind of coming up with a little bit of a structure for it and then we post it up there for future reference so emily actually it's been on my to-do list to talk with you about making sure we're doing this well or how we can you know help the talk out okay feel free to shoot me a message and we can schedule some time cool uh last thing on there is i just wanted to mention there's been a little bit of discussion about an application spec um meaning something that would capture all of the components in an application uh you know many deployments many secrets config maps extra resources things like that so check it out if you want um yeah that's it i guess questions anyone has i think my other note is like you can always drop a note into the toc list to be able to get more survey like engagement if that's something you're looking for that would be one of my next steps i think thank you makes sense yeah and the toc slack channel as well so so i think at this point it's just open for questions and feedback on what we've seen so far today big thank you to dims this is dim's last meeting with all of us as a toc member thank you thank you good mission thanks everyone election opens day for toc uh chosen seat that'll wrap up the 14th so good fun yeah thank you for your huge contribution dims are you planning on hanging around in the community i'm not going anywhere where will i go i just had to ask you we would we would we would find them i think you know where are you going yeah i'm still having my hats in the kubernetes community and i'm going to be there for sure um yes i will pop in here and listen to all you all and give my two cents from the peanut gallery at that point okay the valuable two cents thanks everyone right not seeing any further questions anything else coming up in chat all right our next public meeting is going to be uh tag chairs and toc um and we'll put out an agenda for that like we always do so thank you all for attending and for all your valuable feedback we'll see you all next time thank you thank you so much you guys very fight