 I'll give it a few more minutes to be able to have folks come on in. Last one for the year, Amy. Yeah, pretty sure, yeah. Because I'm really not thinking that people are going to want to be able to come in and meet on the 21st. Yeah? Right. Yeah, OK. Just checking in on Liz because I'm not sure. Oh, excellent. I was just checking in on you. Hello. I'm here. Sorry. Excellent. No, totally fine. All right. Do we have everybody? I think we have who we're going to get. And Dimms has reminded me that this is, in fact, our last meeting of the year because I am unlikely that a bunch of people are going to want to be able to meet on the 21st. That's probably true, isn't it? Yes. Well, you could get together for Eggnog online. I'm sure we could get like Eggnog offline, too. There's there's enough Zoom meetings. It's fine. All right. Well, welcome to the last full meeting for the year, then. Amazing. All the usual rules apply. OK. And I think we are having tag updates. OK. So who do we have from at delivery? Hello. It almost always feels like school. I was also always the first in school due to the name. Aw. You need to go shake it up and go in reverse order one time. No, it's fine. Yeah. By the way, thank you for Thomas who helped on this slide. So I'm just presenting you, but he helped out here as well. Good news is for the cooperative delivery working group, we have our chairs selected with Josh and Robert who already started working on this. As a reminder, this is the working group that Diels was bringing infrastructure and at delivery closer together. So they kicked off the work right now and expect more results to see when they while they're only kicking the tires on the work. But when more deliverables are there, they also already started looking into scenarios. Definitely more to present the next time we meet, which will be, I was in the new year. They also, which is the last point here, especially Josh put a lot of work into Potato Head, like running the distributed app examples, bringing them up to speed for all the different CNCF projects that are out there for different delivery methods. So this is being updated. So they also took this project as their reference project. And now we're reaching out to some of the other CNCF projects that are used in their delivery examples to update them as well, where we have good feedback. And next step will also be to obviously add observability because if we obviously want to detect whether a deployment has failed or not, it would be good to use observability data for this. On the presentations, we had the conveyor presentation that the TUC wanted to have us as a follow-up to their sandbox submission. So they have been very supportive and shared information on the conveyor project or actually collection of tools that are available. We still know that you see a detailed feedback on this one. We are kind of entirely wrapping it up. We understand why this is a complex project to look at. So for those who are not familiar with conveyor, it is a collection of tools that help you to migrate your application from wherever you're running it. So whether it's in a very traditional environment or a cloud-funded environment over to Kubernetes with a set of tools that have been developed mostly out of Red Hat and IBM Consulting over to Kubernetes. Their initial request was to figure out how much this is really related to OpenShift. So we looked at the project, we also talked to the team. It's not really heavily tied to OpenShift. Also most of the demos are OpenShift, but everything that is created at the time that Kubernetes manifests. There are some dependencies there though. I mean, there for example, they rely on Tecton for their delivery parts. Some of them, we have to talk to them, some of the base images when they convert and bear metal application to containerized application use Red Hat base images that we need to follow up on with them and other smaller things that we need to follow up with the team. Overall, however, the question is, how do we deal with this? Project like this, which is a collection of tools. So it can never actually be in that stage of being used in production. It is used to move workloads to production. So I think it depends on also how like the progression of a project like this would work because it's more or less a tool collection than a project in the more traditional sense of the RSC and CSF projects. I want to add a comment there. There wasn't really a lot of work to put this in the form. This is Josh Barkas and I work with the conveyor folks sometimes. They submitted it initially as a single project rather than a separate project for each tool. The reason being that there's sort of a currently a six component to conveyor, which is an online community of service, you know, of service providers working on migrations. And so they would, you know, they think of it as a single project. But if the CNCF would prefer to have it as separate individual tools projects and that the community be sort of handled separately, that's a possibility that they can consider. Yeah, I think it takes a little circuit back with the team and provide a bit more of a condensed review about the first one thing. I think it is a bit different than other projects where it's mostly doing one thing that like this collection of tools, not even projects that you run. I do see where it has value for in some bits and pieces, but I think it's a general question. How do we deal with this? Looking back at the app delivery charter when we started with app delivery, helping people migrate workloads to Kubernetes was a topic that we wanted to deal with. So it is kind of in scope. But the question is whether this should actually be a, maybe at some point even a working group and like said that the tools maybe doing something similar to the work the GitOps working group did, but we still need some time, some more time to wrap our head around it. This was just an update. And obviously willing for input on this one. We understand why it wasn't straightforward for Sandbox and we are working with the team. They're very supportive. They will need a bit more time to get to a final conclusion and recommendation here. I hope this is somehow an helpful update. Looking also to this to look a bit confused. Yeah, I think that is helpful. I mean, there's certainly a few question marks over how this fit. I mean, it clearly is targeted at people using cloud native software. But I think we need to sort of, yeah, I mean, if you're still working on it, then I think that's going to be very helpful input into figuring out how, how this should fit. I mean, it's, it's, I would say it's, it's clear that it's not definitely out of scope, but it's not quite clear how it fits in scope either. And yeah, there's certainly, yeah, we had questions. I think we're getting closer with them, but I think we need a bit more time because it was like, it's a lot of different tools. Like, for example, I think it's called, don't remember all the names. I think it's crane that helps you to migrate a VM to Kuvert. So the question is, shouldn't this actually be part enough Kuvert per se, maybe even so that, that's why like there's a lot of things in flux, but we're working with the team to get there. Okay. On the updates, yeah, we have two projects which are currently in review, which are like one that is in review for incubation. That's captain, which is still ongoing. Right now, mostly working for feedback and from, from TC sponsorship. And backstage, it's not officially yet. In review, but obviously we're checking the ones that we would be receiving and we have done the sandbox for backstage. The feedback there is that some of these projects have been or are waiting for TUC support for quite a while. And we totally understand that you're all busy. We just also want to remind you of the rules that if a project waits for longer than two months, it would actually be required to start all over. And from that, from the process, I think if the sponsor doesn't appear within two months, I think that was the previous deadline we have there on, on those projects. And we were also willing to help, especially with due diligence work. If the TUC wants us to and support it there, but we want to ask how can we support here and helping these projects move forward. So I'm pretty confident as far as backstage is concerned, I've put on the PR that unless anybody else had more time, I would step in and sponsor that one. So I think I've now got to the point where I probably could do that. So unless anybody else is waving their hand, jumping up and down going, I want to be the TUC sponsor for backstage. Then let's put me down for that. You had the proposal in there, yeah. Yeah. I think I'd already commented on the PR that I was up for it, but I just didn't have capacity in November. Yeah. Yeah. So I think that's more or less. And again, if the TUC needs us to help more here on some of those projects. In the review space. I mean, we talked internally, so we're happy to help and support you and everything we can. Because some of the due diligence have been going on for since I think June or so. So wherever we can help, please let us know. With our best where we can help. Process note. I'm trying to be able to find where we have that two month kind of deadline in here. And I'm not finding it. Can you help me out where this came from? I'm searching for this one, but it says if a sponsor does not appear within the first two months, let me find this for you. Yeah, please do because like I'm. It's not working like that is not actually what's happening in practice. And so I'd like to be able to correct things from here. Thank you. Thank you. A general question came up the, like how are projects actually supposed to get. A TUC sponsor. I mean, obviously you don't want people to reach out to all of you directly, but is there an official process on how to get to a TUC sponsor? Because sometimes they reach them out to us. If they don't have a sponsor yet. How we should be where we can support them, which. I mean, I mean, I don't know if that's easy, but we want to treat everybody equally also people who might not have direct contacts to the TUC. Part of what is happening here is I think part of the answer, which is so actually Calvin is an individual that's on the call that represents chaos mesh. I mean, it'd been in a similar situation where they're looking for some TST sponsorship. And so once or twice, I made a note of it in this call. And so what you're doing is the same thing that I had done. And I think that that's part of the answer is just, you know, elevating, raising your attention. I mean, yeah, I don't know if that I don't know. I'm just just pulled up the process. So it, the status of outstanding incubation pros proposals have reported on a monthly basis. Right here right now. And we have the check in at the end of this. Meeting. I think there's a list of. Current status of. Projects. So I think that's the answer to how we chase it. How we, you know, how we make sure that there is awareness of projects waiting for or looking for TAC sponsorship. And I find the thing about the two months. So it says, if a TAC incubation sponsor has not set forward within two months after the PR has been submitted, then the project may request that their proposals discussed a forthcoming TAC meeting by adding it to the working got. You know, it's not saying it has to start again. It's saying, we can raise our hand and say, please talk about us at this meeting. So that's, maybe there was a number. Send it to Amy. Please do. I very much want to be able to like the hunt this one down because that. Yeah. In practice, that is not what is occurring. I just kind of get it wrong. You know, I was like, well, I'm not going to do this. I just wanted to do it like me, but yeah. No, totally fine. And for the record, I, Loise is being very, very, very gracious. Because I'm the person I'm the TLC sponsor for captain, and I have not found the time yet, but thank you for the kick in the rear and I, it will elevate in priority. And I will do my best and I will be in touch. you are very nice. Also I think that backstage people would be really appreciate support there as well. I think it was a great project. I think I hope I had set their expectations by responding in that PR and saying I couldn't do it until I think I said early December, we're pretty much still early December so hopefully that's okay. Just a little bit. I wanted to give them a Christmas it's a good reminder. Oh I've sent the link to somebody privately rather than everyone. Okay I mean that's yeah we already covered the potato head project from the updates. There we have the updated delivery samples switching out to other people. What is also still ongoing not on this list here is the working group on there we have around chaos testing. This is the very complex one where we need to bring people in from all the other tags security observability network and so forth. I'm confident that we will soon be able to have progress there as well. It just we just want to ensure that everybody feels on board with what we're doing there as well and therefore obviously we have to give a lot of people the time to have to say and the word in this one that's that's all that is there. Okay that's it from tag app delivery. I think I have taken a bit more time than usual. I was muted trying to block out the horrendous storm that just went by. Thank you very much Alice. Hello. Okay well I'll go for it. Yep I'll try to make up some of that time because we've got short report today. For governance we're going to have values and readme templates headed to our TSE liaisons for approval pretty soon follow the link if you're interested in those that's just basically you know projects need certain information in their core readme and also we feel that it's important to have a statement of values in governance documents. The and wanted to provide some examples of that. One of the things that's actually come up through this is we now have a relatively complete set of templates for projects to use for a lot of their necessary CNCF project documentation and haven't really come up with a good way to make sure that new projects that join the CNCF are aware that these are available as examples for them to use and copy. We don't actually necessarily want to dump this on them with all of their materials that they get when they first join the CNCF because those materials already run to many many pages and that wouldn't help with visibility so if anybody has any ideas for how we can actually make projects aware that you know these maintainer resources are available as they join the CNCF we would love to hear them. I have a question on the things like the values just having a very quick look through is there a reason why these would be per project rather than across the CNCF as a whole? I'm looking at the example and thinking I kind of hope that you know from a quick yeah I would hope that those are reflected across the whole organization and in that case there's no need to have a project. Well if the right if the CNCF wanted to adopt a value statement then that would obviously make it easier for the individual projects because like the COC they could just reference it and we'd be happy within the working group to work with somebody on the TOC to to Wardsmith such a value statement if that's something that the COC wants to do. Anyone have any opinions? Personally I feel like this would be a good thing to... Yeah I second that less I think having something in Kubernetes that people refer to all the time is very helpful so we should try to do something similar. There is an existing value statement in Kubernetes is there? Yeah yeah right okay. Okay well we actually have in an hour and a half we have just by default the governance working group has mostly been the one talking about this although it's really all across tag contribute strategy so we have in an hour and a half we have the governance working group meeting and then on Thursday we have the full tag meeting so if one of the members the TOC wants to take this on but we need that member of the TOC or it'll just never get approved. We would be happy to help work on such a statement to be adopted for the whole CNCF. Is there a who's the liaison or who are the liaisons for contribute strategy? Um it's... Oh one of them is me I think it's me. Yep yes but I'm always sending you messages so yeah I didn't want to jump out. I can take it I can take it on Judge but I wouldn't be able to join today's meeting I just found out that my yeah okay to college because I'm taking her for test. Yeah since I raised my hand I'll try to show up for the meeting Josh. Okay yeah it's gonna say pick pick either meeting. Yeah we can just tell me let's do that offline. Okay so just either brief update through the things I are liaisons here approved the contributor growth framework documentation this is advice to projects on how to attract contributors to their projects including contributors who don't work for the original sponsoring company like number one thing that projects ask us for help on and so there's a bunch of documents at contribute.cncf.io to help them with that spearheaded by Catherine for writing all that so there's a terrific piece of documentation and maintainer circles are ongoing we had one at Kubecon I don't believe that Paris was able to join us today and so I do not have a report on that and another one will be scheduled for January. One of the other proposals that we had in here that will probably be coming back as a PR is remember thecncf staff Ehor proposed he needs a place in within our hierarchy forcncf managed mentorship programs to live things like thecncf's entry into Google summer code and he was suggesting that tag contributor strategy be that place and that's what we have. Yeah I don't know maybe Amy I don't know if you know whether there's any kind of staffing responsibility for that or if it makes sense to put that into the tag. I think I missed who it was that Josh had said he had suggested. Ehor from thecncf staff. Okay that was going to be my answer to Liz. Yes that is technically where that is living but right now also being able to kind of expand that out because there's lots of mentorship that kind of like runs around and being able to kind of more formalize it into well here's one place to put it and I know we do have Ehor on the line as well. Correct yeah and like basically the idea behind that was not like to make this not only stuff only owned by also community owned it doesn't mean that likecncf stuff stuff will not be responsible for the mentorships at all after we remove this but this is kind of like making the ownership of the mentoring programs like more open and visible to community itself and like granting an ability for folks who are the community members but not the members of thecncf staff team to basically run to run and help run in the mentorship programs as well. We had some good experience in the past with let's say Kubernetes project for example where we have people who are a part of the community itself that also run in the mentoring programs there so this might be a good idea also to basically to have the same or the similar process for thecncf mentoring programs. And Josh is that something that the tag would like to take on? That's what I was going to ask you. Right I was going to say well yeah but it's one of the things on the agenda for Thursday. It's kind of because on the one hand it's a logical place for it to live if it needs some place to live within thecncf and be visible which apparently does. On the other hand the tag has actually lost some of our regular contributors over the last couple of months to a variety of things including health issues. So this would be a matter of hey we put it in the repository but currently it doesn't have any additional people to staff. It doesn't have any additional contributors to staff it. So this would be a case of you know yes we can put it there but we want it to attract new people who are not currently involved with the tag because otherwise nothing will happen. Which is one of my reasons for putting it on our slide at this meeting. Well speaking about staff and it's not an issue for now at all so like we havecncf staff with staff in this. The bigger question would be if somebody like eventually somebody from community may want to do this and will have already this open to public and we will only have an ability for folks to to jump in and basically benefit from this rather than developing the brand new process from scratch when somebody will want to do it. So staffing is not an issue it will be like basically what do we have right now will be owned by the tag by the tag like formally but it will be staffed by thecncf staff basically by me at this point of time. I think in that case so long as you know the fear would be that if there weren't enough volunteers the whole men's shift program would just not happen and that obviously would be not a good outcome. So as long as we make sure that doesn't happen. No no no no no no this is being able to make sure that it is visible and that other people have the opportunity to be able to come and let us see what happens but being able to make it visible is kind of the main goal here. Yeah sounds very positive if the tag are willing to take that. Great thank you. Should we move on to what comes after C network? Should I think there must be a tag beginning with D? All right so FabEdge we spoke about as a proposed sandbox project last time we met and so they'd received some feedback and I think they're digesting their feedback. We'll have a deep dive in and recorded intro at cubeconiU about well about a lot of activities that go on inside the service mesh working group. It takes up the it's consistently the majority of the meetings agenda. Recently the agenda has been over the last couple of times has been on well advancements in service mesh performance. There have been a few community members who've put together tooling to make the automation of running these tests and quite simple. One of the approaches has been using a GitHub action and the proposal on the last call was to use was to do what the project had planned for in the past and that is to use the CNCF labs to run some of these tests ultimately creating a public facing dashboard for the benchmarks on an ongoing basis once automation has been in place and I guess with with a GitHub action in place the use of self-hosted runners in the CNCF lab or using the CNCF lab as the self-hosted runners it really facilitates, it greases the wheels for running a bunch of performance tests and publishing them and so on the last call there was a volunteer to start to work on what those public facing dashboards would look like and so a lot of a lot of our more the recent activities in that working group have been on service mesh or on publishing those dashboards so which makes POD Tato head very of interest because a large part of the discussions have also been on what's the most representative workload for or what are the best workloads to represent what organizations and what users commonly have and it's almost like in any answer is valid because there's any variety of workloads having some that there are some that maybe represent better than others though and so having a variety of them is helpful there's about six or so that the group has is using today but POD Tato head sounds like a sounds like there's an open call for participation there and so I'm going to point the group that way other than that there's probably not not a lot more to speak about other than the existing ongoing initiatives but nothing of nothing a lot new to cover there so so please to hear about POD Tato head great quick question then since I'm taking the time is Elise or Mr. Schultz was there input from in terms of the original design of POD Tato head so the original design goal that we had is we wanted to build a simple to run app that everybody can run on their local machines which was kind of like the shortcoming of some of the microservice demo apps because if you want if you want to do delivery you need to run multiple stages of an app so you needed something very tiny so we wrote this very tiny go app and our goal was not to have an app that's written in different languages which like sock shop was mainly targeted at but rather focus on usually delivery patterns like you have a new release that is slower have something that needs a persistent volume claim eventually have something that needs different types of credentials at different stages so more these delivery type of use cases rather than how do you write something in four or five different languages while especially looking for people who want to learn these tools being able to run it on their local machines easily like you can run just spin up a kind cluster and run a multi-stage environment which you couldn't do with sock shop and the goal was always to extend it with more use cases that are very much related to mostly delivery always with the chance that people who want to learn it can really run it easily locally and you have traditional the challenges that you have in the delivering cloud native applications in there rather than the complexity of the code itself the code is pretty simple I mean it delivers a body part pretty much but the idea is okay what if this is on a persistent volume and I'm upgrading and upgrading the persistent volume or how do I handle like a blue green deployment if I'm delivering two types of arms at the same time or how do I know that like one is slower deliverance than the other ones these are more the use cases that we were looking into that's why we took this very simple app that everybody finds funny by the way thanks for that that good yeah you know there's some part of the view of this the working group and of the service mesh performance project itself is that performance is a consideration along those continuous delivery gates if you will or like throughout each of those steps that one or more of those points performance might be considered and so so that's there's also a pretty active community also on the CNCF like if you look for potato heads you will find them as well but definitely willing to collaborate so it was the idea of starting this project well the initial idea was to give a presentation at kubecon and then we just saw more more people participating in it to be fair but let's catch up on it offline and well in the CNCF like with the rest of the team sounds good and that's it for the tag network thank you Lee all right we may not have tag observability today um look a minute but yeah they've they've been busy anyone want to raise their hand and speak for observability i'm going to take that bullet point about kubecon activities is positive but that's all good all good runtime all right hello everyone okay so quickly some updates some projects and activities so in containers in runtimes in that specific space we had a presentation from yuki this is basically a oci compliant container runtime and rust we also have a presentation schedule next year in jan january for inclamera containers is take from some of the intel folks on confidential computing and in terms of workloads we had the k-native project submit their pr for incubation so i think deems is the sponsor for this but they're also lay and Dave i think they're helping out with the with the incubation um so they're working on the on the due diligence document right now it's still pretty early also not actually noted here we are working on the due diligence for kubevert alina it's a sponsor for that and i think the document is almost ready so we provided some feedback and they're incorporating that feedback our mate is another project presented this is basically running batch kubernetes jobs across multiple clusters so i think it's a very similar project to volcano and i don't think they're thinking about applying for the cscf yet but maybe they'll they will decide that in the future in open cluster management it's a project that helps the management of kubernetes clusters and the life cycle management of kubernetes clusters and so there's a series of utilities uh this is um a sandbox project already and we're having a presentation on december 16th very close to christmas but they decided to schedule that that time in on the machine learning operations and ai edge space we have another project called k0s which is similar to k3s and that's presented on december 16th it's a it's a related situation for the edge and finally we're working on the batch system initiative working group charter a lot of folks in the community are interested in starting this some of the folks in volcano uh some other uh in working on the cube batch and i think there's some also also some folks on on the armada group and in some groups and i think they're at apple they're most worth um interested in starting this working group and cube cut we have a session in kubecon china scheduled for next week an entire runtime session i think that's all the updates happy to take any questions no questions sorry which of those projects are actually submitting to cncf do we other than knozi which says so or have they not said i can't i'm just i'm curious about some of them yeah enclave air containers is already sandbox yuki is not submitting yet to the cncf so i think the only yeah and armada is not submitting yet either and k0k0s is not submitting yet so those are yeah uh so the only one is k native and and enclave air containers is part of the sandbox and open cluster management is also part of sandbox right now we we had an initial meeting with armada to to explain to them what it means to join the cncf and they are now thinking about it who is the ts i'm just curious i don't have a ulterior motive for this question who's the mtsc sponsor for k native hey dims awesome hi i'm here thank you dims i was trying to write a uh a note to rikardo saying hey there is this set of people trying to anyway uh that's okay yeah yeah and i think uh david and lay also jumped on and i think they're happy to help too yeah i'm going to take the lead on this and i'll bring uh anybody else who's interested in like reviewing and helping with end user interviews like david and harry both of them showed interest so i'll bring them in when we are you know a little bit down the line right thank you yeah i do i do see your comment uh dims and the kubernetes community uh issue so i think this is sort of an overlap here but just making sure that i'll i'll make sure that you know there's also a you know communication and back and forth between the working group that that is trying to be created in the in the tax thank you all right hello security yeah good morning good morning good evening to all of you um sorry i'm not on video um so um this has been a little bit of the slow month for tax security reason was there were a number of conferences so a lot of people were attending conferences but still we've been working on a number of initiatives we are planning our roadmap for 2022 at the same time cloud native security white paper version two we've been working on table of content so that and a list of participants who can contribute to that we've kicked off the discussions for cloud native security on 2022 the serverless white paper has made a huge progress but there are still some sections which are being worked on as well the major piece of work that we've been doing is NIST reached out to us and they were they had a draft of ssdf version one and when myself Emily and Brandon we reviewed that we had a ton of feedback because that did not address cloud native technologies they were not able to incorporate that because they wanted to go live with the draft because of their timeline but since it's a draft we have almost like six months to a year to update that document with all the cloud native security input that we had provided and we also wanted to address sass right when software as a service provider is using cloud native technologies what does that mean for ssdf and so on and so forth so that is a good piece of work in progress that we will take we are working on and taking up with NIST going forward also cloud security alliance reached out to us and they want to collaborate on some initiatives especially like cloud native security controls serverless initiatives as well the reason for that is from our perspective why we are interested is we are having challenges finding volunteers and who have the right knowledge and cloud security alliance already has a large list of participants so there may be some synergies that we can leverage and you know do some good work there for the industry but those were some of my updates for you all any questions or concerns yeah the lack of people right like we are sending more more folks to you all for like self-assessment and security buddy and whatever right other things that you are doing so yeah that's a little bit concerning anything you can do to increase participation would be really good I guess yeah and assessments is one piece but also there are a number of other initiatives like app delivery has a project on chaos engineering there there's a component of security chaos engineering that we want to work on similarly with the service mesh group we want to make sure all the security policies are being addressed and so there are overlaps that we want to contribute to but again we have limited bandwidth sorry I have questions so who who is driving the service white paper is a service working group or something something somebody else um so this is not about so there is a serverless working group and they work on serverless technologies and evolution and use cases etc we are focusing on serverless security only okay then the challenges and how we mitigate them yeah I think I will stress that we add some like serverless security one paper because I'm reading to like more like as soon as my paper which has a generic purpose right so would you like to collaborate I mean we can just publish one paper which has some less technologies as well as some less security either way work for us I think if we are going to publish a generic one paper I think the service working group folks should be involved to see if they to see if they have some opinions but if it's just about security I will say maybe we can call it a security service security with my paper that is my suggestion yes you're right it is um that's my bad I should have added serverless security white paper yes okay it's probably still worthwhile you know not just getting that word into the title but um also maybe getting the security working group you know to to review the the paper while it's in draft make sure they're aware that it's happening it might as a serverless experts they might have serverless security thoughts too yeah serverless working group yeah I think this should be definitely likely those folks know to see if they have some ideas or improves in this one paper that it will be doing good to this yeah we're happy to help um Lee let let us know when your draft is ready and we'll be happy to chime in I think it was the other way around it was to say oh okay security white paper it would be worth making sure that the serverless working group okay definitely you know have a chance to get their thoughts in as well definitely once we have the draft ready we'll share it with me thank you I think it's amazing these external organizations are coming and getting involved and asking for input so I think that speaks to all the great work that's happening in this tech it's really good good job thank you Liz appreciate it any other questions about security all righty storage hey shank here I will be giving an update for tech storage so regarding the projects we have longhorn that is an incubating project now for Chuba FS Raphael finished the DD review for the incubation request so from tech storage side we are recommending incubation we are now waiting for TOC on the next steps I think Raphael has pinned Harry about this so I see Harry is in meeting yeah yeah so yeah so I have finished almost most part of the DD stock it generally looks good so next step is the the the maintainers of the Chuba FS have already arranged that three end user interviews which has already involved me so this will happen this week so I will say after this week the end user interview will be done and then we will to see we will see if we want to move to the next step based on the feedbacks from the end user interviews yeah this is the current status okay thanks okay moving on to open EBS we had a meeting with the team a while ago there are different sub projects under open EBS that have different statuses so we need to consult with the TOC liaison on how to handle that so I think I will talk to Alex about this and reach out to our liaison and curve storage system they presented the project in the last tech storage meeting there are a few questions that came up in the meeting the team had replied through email on some of those questions they provided additional documents so we will go through those and follow up with them and for those two white papers flower native disaster recovery and performance and benchmarking white paper they are completed and we presented them at Cucon North America and we also had a meeting with our TOC liaison Erin a few weeks back discussing what other next steps for the tag so we came up with a few things the tag could work on one thing is to have an end user survey to understand their pain points and another thing is to invite storage projects to present and invite any users to attend to get their feedback and we also want you to look at persistent storage and the databases and see how different systems use persistent storage so those are the things that we are going to work on next that's all from tech storage and questions is curve applying for CNCF I think so they are they want to uh that I think they presented uh maybe at a TOC meeting then then we then we got the request for them to present to maybe it was the sandbox meeting maybe it was the sandbox application okay yeah Amy's confirmed it yeah fine yeah they applied in sandbox uh in august we reviewed them and said hey take storage please take another look and that's where we are now hey Shane um open EBS uh I think one of the vendors who started it uh got bought out I think okay see any uh impact on the activity uh yet or uh so we have yes that's a thing we have not heard from them for a while uh it's Karen right Karen mover he moved and and we have not seen him in the tech storage meeting and uh yeah so there is another person who uh usually will attend the meeting and uh we have an email thread discussing this one we just have not heard from them for a while so I will reach out and see what's the status yeah we might need to like ice this proposal until we know what okay maybe yeah it could be a right it could have a big impact on them right so yeah okay sure thanks yeah that's a really great question thank you very much shing thanks okay uh I think that's all the tags and there's indeed and this slide is now out of date um yes is that like just imagine backstage just kind of moving under like you know a k-native here um only thing that I really want to highlight right now for like all the toc that's on the call is if you have not yet voted for miss chaos please do so yes okay good is that also chief at agent metrics as well open metrics is like the uh that one is currently in voting but I believe that one is past um we are working with that team to be able to make sure that we can get the press releases out for all of them so okay yes um other anyone have any updates they want to mention about the projects that their names are against all the incubation work that they're doing I know Ricardo was working pretty directly with um volcano yep that one is is very close to opening the public vote um I'm still I've I'm in process of talking to users of in tata but if there's anyone else who's a user who hasn't come forward with tag security does anyone just put them in touch with me because I'd like to find some few more similar for quivert I'm wrapping up and user interviews and if anybody on the call uses quivert please reach out question um Justin TRPC yeah so I'm a little bit behind on that I were I am working on it um but um yeah I still I'm in tata process revived so I kind of was prioritizing that I will try and do them both in parallel for a bit oh this this wasn't meant to be a a moment of shame it was more just like a uh where where might that be uh that was all it's currently behind in tata but I are going to try and get them at the same stage looking around for any else to be able to and bring up is there anything else on the um meeting minutes waiting for sponsorship we should talk about um we have key cloak we have quay we have artifact hub and open ebs we've already talked about and I believe we had some from artifact hub on the line meant you are with us I am I am yeah hello yes we would love to drum up somebody to take a look at artifact hub and I'm happy to answer any questions so artifact hub is a project that essentially lets you find distributed things that are cloud native artifacts wherever they end up being hosted in different places um but there's a live right yes oh I'm sorry to interrupt I just got excited there from so there's uh with respect uh with respect to the measuring project there's um service mesh patterns as external artifacts that are uh like basically a collection of yaml that imbues best practices for how you would uh run a particular behavior of a service mesh and so these patterns are there's a catalog being developed um by the project now which sounds like those patterns might like it sounds like artifact hub might be a good repository for those those patterns instead though so I figured I'd ask right now if that like sounds like a fit it does uh right now you can search for helm charts and plugins falco rules opa policies olm operators tinkerbell actions kubesia tail plugins tecton stuff uh keta scalers cordy and s plugins and captain integrations um and so this seems like another thing that could easily fit right alongside that thank you quick quick dot check yeah yeah and we even do things such as related packages so say you go install one thing and there might be something else in a different category that relates to it maybe something around falco that relates to the database you've installed we'll even try to show you related things that you might also be interested in to help discovery of some of these uh different projects and the artifacts they have let me take it one step further if you don't mind and that is that alongside the pattern service mesh patterns there's also um been a lot of focus in the mesh re project on uh web assembly filters and curating those and making those available in in the mesh re project and and but people have been bringing new filters and so we've been the project has been considering how to distribute those and so yeah bindings yeah and I'd be happy to talk about that um and further somebody wants to uh what a number of projects are doing is they're letting people distribute them themselves because the big problem is discoverability if different people distribute their own things how does somebody discover it you go to a typical search engine you're not going to find a lot of those things which is the reason for artifact hub because you can go look and scope it down to the projects and see related things it kind of provides that search across just a cloud native landscape all right one question I have about artifact hub is I I recall that it was kind of funded by cncf when it was first kind of conceived is it now being developed by kind of contributor and is it still being funded is the development still some of it still yes some of it's still funded and the folks who were involved before are still involved in making sure that it's successful yes okay hey matt is the is there going to be only one instance of artifact hub that is run by cncf or do we expect people to run their own artifact hub instances for their orgs yeah um we expect there to be one main instance that will be publicly available so because the goal is discoverability right and if you had a bunch of places where you've got to go it kind of hurts discoverability and so we expect to operate the one artifact hub so people can do that yet at the same time there are reasons to have your own instance especially in corporate networks and for your own company there's other reasons to have one maybe where you don't want it to be globally discovered right and so you can actually go ahead and install artifact hub and operate it and it is an example of how you can distribute it and a bunch of the different image scanning features and other things as well and so there's an easy install you can helm install artifact hub yourself if you want to just go run it and will it be competitive to you know cncf is operating its own artifact hub instance is that essentially competitive with other registries so it's not a registry in that it hosts your artifacts it's a centralized search across those things and so you don't actually push any of those artifacts there you may have a registry or repository holding something on docker hub or quay or an azure's registry and you want those things to be discovered and easily found how do you do that you get them listed in a search engine and that's what this is okay this is not like a traditional cncf project you know it doesn't the motivations for it I think are very interesting and exciting and valid for the community but not necessarily the same as the motivations behind a regular project yeah that was one of the things we discussed when it was initially coming about and at the time the decision was even though it's different we should go through the new cncf project and go through the normal stages yeah because I suppose one other way of looking at this would be to say should this just be a cncf service you know in the same way that the landscape is a service and kind of bring it under the kind of staff umbrella rather than the community yeah I think that's maybe worth thinking about okay we are over time though so let's not have that whole discussion I think I just wanted to jump in for a second Liz I'll call myself sponsoring artifact cover but I think to your point the the first question the answer is the one you just bought up and I can take working with Matt and them to figure out the answer to it and assuming we continue with what Matt said of going through the stages then I'll sponsor it that sounds great thanks Dave thank you for the progress much appreciate it all wonderful everyone take care if we don't see you again have a wonderful time over the holidays and see you in January bye all happy holidays see you our next year I hope we'll see you again all right bye everyone