Re: [k8s-sig-net] Re: Netpol WG update... what should we deliver...and how/when?
25 views
Skip to first unread message
Erica von Buelow
Aug 13, 2020, 11:31:00 AM8/13/20
to Rich Renner, Policy WG, jay vyas
Would you be interested in presenting at WG Policy*? Our next meeting post-kubecon is Wed Sept 2 at 8:00AM PT (11:00AM ET).
* WG-Policy Meeting Notes:
On Wed, Aug 12, 2020 at 2:52 PM Rich Renner <ren...@sunder.io> wrote:
This looks cool 👍 will take some time to process but I look forward to reading it through!What coordination, if any, with the svc apis v2 goal for Septemberish iirc does this api v2 set have? I guess it's silly q, but my initial questions to myself were more about how the new svc concepts apply or could be leveraged when skimming through.Thanks for sending the great index of links very helpful for new folks!On Tue, Aug 11, 2020, 10:23 AM jay vyas <jayunit1...@gmail.com> wrote:(oh oops, I meant subproject) :)... but, the same logic I think applies.On Tuesday, August 11, 2020 at 10:12:46 AM UTC-4 jay vyas wrote:Hi folks. Just thought id post on update of where we've been, and some questions about what we should do next. Basically this communique. has 2 goals.1) Get a 1st deliverable with a timeline in mind. After we deliver something, IMO we can revise our meeting cadence and role in the broader sig.2) Summarize where we're at and get opinions on what we should aim for as a concrete , next deliverable.3) Open up the floor in case anyone wants to help lead this group, or get more involved. Although I think a small number of us started it, I think were really open for anyone to be an owner and get involved at any level.- about 3.5 months ago we started meeting every wk to figure out how NetworkPolicy's might evolve, sparked from a mailing list thread between me, Andrew, Dan, and many others. Specifically, Dan (Winship's) quote , roughly, was 'In V2... we might do it different' :).- Since then we've basically had 2 types of user stories: Making the API easier to use (i.e. getting rid of 'sharp edges', to quote mike spreitzer, and adding new semantic functionality to the API for things like Nodes, Services, Namespaces, and so on).At a high level: Making things easier for administrators with things like overrides and global defaults, and making the API more declarative (service and namespace boundary definitions for policies), node policies, seems to be pretty well agreed upon.At a lower level: Its very tricky to know what to do next in my opinion.In any case , here's a timeline of how things. have evolved in the NetworkPolicy++ WG.4-15/2020 0) started with this whole idea/conversation of getting a v2 group goin.5/1/2020 1) Our original 'dumping ground' for all user stories, mostly unfiltered, is here https://docs.google.com/document/d/1AtWQy2fNa4qXRag9cCp5_HsefD7bxKe3ea2RPn8jnSs/edit. These stories are a little quirky , but they represent peoples deepest network policy desires, so I think it has intrinsic value in its current state.7/15/2020 2) Having roughly reached an informal consensus, a small group of us (pre-WG) created https://docs.google.com/spreadsheets/d/1_7QD4LhyfDnItjWoGJkqHVC_Nm76l557tMMjVlmPFFQ/edit#gid=0 to track votes.7/25/2020 3) Andrew, Tim, Casey, helped us become an official working group, and we had about 4 ensuing meetings getting the community caught up over the next few weeks.8/1/2020 4) Dan had a eureka moment and summarized our policies into the following document which roughly outlines a plan of action8/15/2020 5) We tableized dave's document into a list of use cases, ordered by dan's groupings, with 1 at the top - and several scalar attributes to quantify the attributes of the user stories (i.e. is it an API change, is it compatible with V1, does it improve usability, do providers want to do it, ... and so on)... https://docs.google.com/spreadsheets/d/1j-0-S01hNy4ZA-nff8sMGO3Gm2EYyGUPpxZhzkvy1r4/edit#gid=0 .Ok ! so... WHATS NEXT ?so... with new ideas ramping down and us mostly going into clerical mode - I think its time to ask ourselves what were going to deliver and when so we can focus in our meetings and get to a endpoint point for , what we can call "phase 1" of this whole effort. So, ... what should we deliver here? And when?...possible things we can deliver as the first phase of this WG... any other ideas? any preferences ? any potential dates we can shoot for?- The current spreadsheet and original doc of all use cases in the last bullet above? That would be easy, as I think well be able to hash those out in a few days.- A more formal , text / markdown style proposal or repo.- A CRD- 2 CRDS (dans plan outlined a v1 and v2 breaking approach)- A set of scenarios that demonstrate various security models we'd like to support ( a few folks from the community want to get involved with this)- A presentation to the broader sig ?- A demo or prototype of how a new API might look (might be fun but.. might be a lot of work - but id be down to collaborate on something like this if someone was passionate about it) ?Thanks ! Open to any ideas here for sure.
--
You received this message because you are subscribed to the Google Groups "kubernetes-sig-network" group.
To unsubscribe from this group and stop receiving emails from it, send an email to kubernetes-sig-ne...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/kubernetes-sig-network/e096f4a0-8636-4612-8a48-23a56bd299f1n%40googlegroups.com.
--
You received this message because you are subscribed to the Google Groups "kubernetes-sig-network" group.
To unsubscribe from this group and stop receiving emails from it, send an email to kubernetes-sig-ne...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/kubernetes-sig-network/CAJoi_F%3DoUhjmwzwKkfVJW23Z7COxQOotedaDHR%3Dnf9QsZkV0TA%40mail.gmail.com.
Jay Vyas
Aug 13, 2020, 8:55:10 PM8/13/20
to Erica von Buelow, Rich Renner, Policy WG
Hi Erica...Ok, yeah definetly would love to.....! didn’t cross my mind but that probably is a good place to follow up on this.
Reply all
Reply to author
Forward
0 new messages