1 00:00:14,519 --> 00:00:19,280 Speaker 1: Welcome everyone to another episode of Adventures in dev Ops. 2 00:00:19,519 --> 00:00:22,399 I'm your host for today, Will Button, and we have 3 00:00:22,480 --> 00:00:25,719 our new panelists with us. We have Jonathan Halm Hello, hello, 4 00:00:25,920 --> 00:00:29,480 and Jillian Rowe Hello everybody. And then we've got our 5 00:00:29,519 --> 00:00:32,240 guest today, we have er Zoberman. 6 00:00:32,399 --> 00:00:32,840 Speaker 2: How are you doing? 7 00:00:33,039 --> 00:00:35,719 Speaker 3: R Hi. Nice to meet you all and excited to 8 00:00:35,759 --> 00:00:36,119 be here. 9 00:00:36,280 --> 00:00:38,399 Speaker 1: Well, we're excited to have you. You want to give 10 00:00:38,479 --> 00:00:40,679 us a little introduction about yourself? 11 00:00:40,920 --> 00:00:44,000 Speaker 4: Yeah, sure, So my name is Yal and I am 12 00:00:44,079 --> 00:00:46,600 leading the product at the company named the three. 13 00:00:46,759 --> 00:00:48,960 Speaker 3: In at the three, well, I think a company is 14 00:00:49,000 --> 00:00:51,039 prevent configurations. 15 00:00:51,240 --> 00:00:54,000 Speaker 4: And fun fact, you actually also my co founder at 16 00:00:54,079 --> 00:00:57,079 episode number seventy six, so I give a reference to 17 00:00:57,119 --> 00:01:00,000 this episode and I won't go into details about exactly 18 00:01:00,039 --> 00:01:03,479 how we're doing that because it's plain it's there. Besides 19 00:01:03,759 --> 00:01:07,840 leading the product Editree, I'm also leading the local community 20 00:01:07,840 --> 00:01:10,719 of get up in Tel Aviv, which is the biggest 21 00:01:10,719 --> 00:01:13,719 one in the world over twenty five under the users 22 00:01:13,879 --> 00:01:17,480 and beside it and just love development. 23 00:01:17,560 --> 00:01:19,840 Speaker 3: I actually was a developer before I. 24 00:01:20,000 --> 00:01:24,319 Speaker 4: Went into the tree and as a product leader. And 25 00:01:24,560 --> 00:01:27,400 another fun fact, I actually have a lot of degree 26 00:01:27,519 --> 00:01:29,879 so I have nothing to do with development. It's all 27 00:01:30,280 --> 00:01:33,120 learned and I actually love early love code, and this 28 00:01:33,159 --> 00:01:35,000 is how I got into this space. 29 00:01:35,280 --> 00:01:36,640 Speaker 2: So you said you have a lot of degree. 30 00:01:36,959 --> 00:01:39,319 Speaker 4: Yeah, this is correct. I actually have a lot of degree. 31 00:01:39,359 --> 00:01:40,439 And I was supposed to be a. 32 00:01:40,400 --> 00:01:44,319 Speaker 1: Lawyer, and so the prospect of being a lawyer was 33 00:01:44,480 --> 00:01:47,120 so horrible you decided, no, I'm going to work in 34 00:01:47,200 --> 00:01:49,400 tech instead went. 35 00:01:50,959 --> 00:01:51,599 Speaker 3: Something like that. 36 00:01:51,719 --> 00:01:55,480 Speaker 4: Basically, like, while I dealt with law, I always loved 37 00:01:55,519 --> 00:01:59,680 the technology, so I did like law and technology stuff. Basically, 38 00:01:59,760 --> 00:02:02,519 it was a lot of open source licensing because a 39 00:02:02,560 --> 00:02:05,280 lot of people never never really understood what is the 40 00:02:05,599 --> 00:02:08,360 open source and open source people never understood what is 41 00:02:08,439 --> 00:02:09,639 low So I was in the middle. 42 00:02:09,680 --> 00:02:13,000 Speaker 3: There was able to talk with both sides. But during this. 43 00:02:13,000 --> 00:02:14,960 Speaker 4: Process I actually fell in love with the technology and 44 00:02:15,000 --> 00:02:17,479 then decided it is part of the open source it's 45 00:02:17,560 --> 00:02:19,960 much more interesting. So I got into the open source 46 00:02:20,039 --> 00:02:23,400 to developing by myself and then went into the process 47 00:02:23,400 --> 00:02:25,680 of being a developer. So I have all degree, it's 48 00:02:25,680 --> 00:02:29,879 somewhere on the wall, but I'm not using it. 49 00:02:30,159 --> 00:02:32,520 Speaker 5: So it's not that you thought law was too simple 50 00:02:32,520 --> 00:02:34,520 and you wanted a better challenge. You wanted something more 51 00:02:34,520 --> 00:02:37,439 complicated like Kuberneties to work with. That wasn't the thought process? 52 00:02:38,199 --> 00:02:41,639 Speaker 3: Yeah, something like that, get out of your comfort comfort zone? 53 00:02:41,800 --> 00:02:43,800 Speaker 6: Are you like certified in law? And you sent out 54 00:02:43,840 --> 00:02:46,319 kind of season disiness platters because I think that would really. 55 00:02:46,240 --> 00:02:48,479 Speaker 4: Come in me And sometimes I prefer not to do 56 00:02:48,520 --> 00:02:51,080 that because again I did it like a few years ago, 57 00:02:51,199 --> 00:02:53,759 so I'm not up to date to all the new 58 00:02:54,319 --> 00:02:55,520 rules and stuff like that. 59 00:02:55,719 --> 00:02:58,000 Speaker 5: But you're up to date with Kubernetes, right, this, this 60 00:02:58,039 --> 00:03:00,599 is correct? Yeah, what's the latest new feature here? Excited about? 61 00:03:00,879 --> 00:03:01,159 Speaker 6: Wow? 62 00:03:05,280 --> 00:03:10,000 Speaker 7: We promise not exactly too many for me to mention. 63 00:03:10,599 --> 00:03:14,080 Speaker 1: Cool, But you did write an article that we've got 64 00:03:14,120 --> 00:03:16,919 here on why you need to use kubernating scheme of 65 00:03:17,000 --> 00:03:20,719 validation tools, and you actually looked at two different ways 66 00:03:20,759 --> 00:03:24,960 of doing that, Cuba vallel and Cube conform. What was 67 00:03:24,960 --> 00:03:27,199 the motivation behind it? I'm assuming that there's like a 68 00:03:27,879 --> 00:03:30,800 backstory here of where something happened and you were like, 69 00:03:30,919 --> 00:03:33,120 oh my god, we cannot go through this again. 70 00:03:34,240 --> 00:03:34,479 Speaker 3: Yeah. 71 00:03:34,520 --> 00:03:36,919 Speaker 4: So actually there's also a third option. It's like actually 72 00:03:36,919 --> 00:03:40,360 doing it with cube cattle, and so the backstory is 73 00:03:40,400 --> 00:03:43,159 that ed the tree. Like I said, we're helping companies 74 00:03:43,199 --> 00:03:46,840 prevent coubernet dismiss configurations. We're doing that by scanning the 75 00:03:47,080 --> 00:03:50,319 manifest files and giving them indication if it's up to 76 00:03:50,360 --> 00:03:55,719 the standards that was defined by the organization Police also called. 77 00:03:56,400 --> 00:03:57,960 Speaker 3: And something big that we. 78 00:03:58,039 --> 00:03:59,960 Speaker 4: Got is that a lot of people thought told us 79 00:04:00,080 --> 00:04:02,639 that it's passing the policy, but it's still not a 80 00:04:02,680 --> 00:04:06,520 valid Kubernetes file. How come because I know someone forgot 81 00:04:06,520 --> 00:04:09,759 to configure it correctly and instead of calling it, I 82 00:04:09,840 --> 00:04:12,400 know API version with version in a capital letter, it's 83 00:04:12,400 --> 00:04:15,280 all smaller or something like that. So it's still passing 84 00:04:15,280 --> 00:04:18,360 the policy. It's because it can have like a readiness 85 00:04:18,399 --> 00:04:21,560 prop and it can have a proper label and everythings correct, 86 00:04:21,680 --> 00:04:25,399 but on the technical side, it's not a valid Kubernet's file. 87 00:04:25,600 --> 00:04:27,759 And then we had the question is this something that 88 00:04:27,800 --> 00:04:29,800 we need to catch or we don't need to catch 89 00:04:29,920 --> 00:04:33,839 because again it's passing the policy. It's only a problem 90 00:04:33,879 --> 00:04:36,759 on the valid on the Kubernetus validation side. So I 91 00:04:36,800 --> 00:04:40,240 got into this space and start to investigate, and while 92 00:04:40,279 --> 00:04:42,600 doing the research, I found it it's actually a common 93 00:04:42,680 --> 00:04:46,199 problem that people have and there's only three ways to 94 00:04:46,240 --> 00:04:49,839 solve it. So one of them is with cubabal, which 95 00:04:49,879 --> 00:04:52,279 is a really good tool. It's actually the most popular 96 00:04:52,279 --> 00:04:55,199 one that most of the people are using, and this 97 00:04:55,360 --> 00:04:58,079 is a way to do the validation offline. The second 98 00:04:58,360 --> 00:05:02,120 tool that I found was cube confirmed. It's another open 99 00:05:02,120 --> 00:05:05,160 source it's really good too tool. And by the way, 100 00:05:05,199 --> 00:05:08,680 I just want to say Yan, I really love this tool. 101 00:05:09,079 --> 00:05:12,160 Thank you for that. Yan is the actually the person 102 00:05:12,199 --> 00:05:15,560 that write this tool. And Yan he actually took cube 103 00:05:15,560 --> 00:05:17,879 e val and he improved it. He did a lot 104 00:05:17,920 --> 00:05:20,360 of great stuff that you can see on Cube e valle. 105 00:05:20,399 --> 00:05:23,720 And it's also all maintained because Yan is kipped maintaining 106 00:05:23,759 --> 00:05:26,079 this project. And then there is also the third option, 107 00:05:26,199 --> 00:05:29,759 which is actually using cube cattle. But the funny part, 108 00:05:29,920 --> 00:05:32,600 and I was really surprised about that, is that, in 109 00:05:32,680 --> 00:05:35,079 opposed to all the other stuff campabilities that are really 110 00:05:35,160 --> 00:05:39,279 well documented, this part of doing scheme of validation with 111 00:05:39,439 --> 00:05:42,519 the native tool, which is cube cattle, it's not documented 112 00:05:42,680 --> 00:05:45,680 at all. I actually went through the code itself, like 113 00:05:45,839 --> 00:05:49,439 the co code inside get up to understand what is happening, 114 00:05:49,519 --> 00:05:52,040 to understand how it's walking, which flag I need to use, 115 00:05:52,240 --> 00:05:55,040 and I looked everyone like I Google. When I Google it, 116 00:05:55,279 --> 00:05:57,720 I got like two pages. This is how weird it. 117 00:05:57,639 --> 00:06:02,000 Speaker 6: Was talent with our corner of the internet there, didn't you? 118 00:06:02,079 --> 00:06:04,199 Speaker 4: Yeah, like someone can hide a body and the results 119 00:06:04,240 --> 00:06:07,120 about how to do schemu vilation with cube cattle. 120 00:06:07,279 --> 00:06:09,000 Speaker 3: You can hide a body there and the resultso no 121 00:06:09,040 --> 00:06:11,680 one will find it. Nobody will find it, No one's 122 00:06:11,680 --> 00:06:14,120 looking exactly. 123 00:06:17,399 --> 00:06:18,959 Speaker 6: It's going to be your new title. I was just 124 00:06:19,000 --> 00:06:20,839 wondering as you were describing these, are any of these 125 00:06:20,920 --> 00:06:24,439 integrated with HELM or these if you're writing your Kubernator's 126 00:06:24,480 --> 00:06:26,600 configuration files manually or through some. 127 00:06:26,560 --> 00:06:29,680 Speaker 3: Other that's a really good that's a really good question. 128 00:06:29,920 --> 00:06:33,639 Speaker 4: So if you think about it, and basically it's also 129 00:06:33,680 --> 00:06:38,399 a Combernetus manifest and in dead we're also rendering Kubernetus manifests, 130 00:06:38,759 --> 00:06:41,079 So it doesn't matter like all of them will walk 131 00:06:41,160 --> 00:06:44,160 with the head. It's only a matter of do we 132 00:06:44,199 --> 00:06:46,639 have like a native integration that it will be connected 133 00:06:46,639 --> 00:06:49,680 to M directly or another way to do that is 134 00:06:49,720 --> 00:06:53,240 to render the manifest with HELM and then passing it 135 00:06:53,480 --> 00:06:54,800 to one of those tools. 136 00:06:54,879 --> 00:06:57,079 Speaker 6: Yeah, that's an interesting way of doing it. Just just 137 00:06:57,120 --> 00:06:58,160 have Holme render it for. 138 00:06:58,160 --> 00:06:59,879 Speaker 7: You and then throw it off to one of exc 139 00:07:00,000 --> 00:07:04,399 exactly like people forget people forget that you exactly that 140 00:07:04,600 --> 00:07:07,560 helm is actually in the end, there's a Kubernetus benefit 141 00:07:07,600 --> 00:07:10,040 that's generating, and this is what's getting pushed to your cluster. 142 00:07:10,240 --> 00:07:12,839 Speaker 4: Usually you don't see it because it's pushing it directly, 143 00:07:12,959 --> 00:07:14,959 but if you do ham template, you. 144 00:07:14,879 --> 00:07:17,519 Speaker 3: Will see the file itself that is pushing. Cool. 145 00:07:17,600 --> 00:07:20,120 Speaker 6: Now I have an extra step in my make files to. 146 00:07:20,079 --> 00:07:23,800 Speaker 1: Add I think that's a great that's a great point. Though, 147 00:07:24,120 --> 00:07:28,879 where do you recommend people do the validation checking out? 148 00:07:29,319 --> 00:07:33,360 Speaker 4: Yeah, so just for the people that listening and didn't 149 00:07:33,399 --> 00:07:34,680 read the article, we. 150 00:07:34,720 --> 00:07:35,920 Speaker 3: Just say that good use. 151 00:07:36,279 --> 00:07:38,600 Speaker 4: If you have a scheme of validation errow, it will 152 00:07:38,920 --> 00:07:41,560 get cut in the end because basically, when you try 153 00:07:41,560 --> 00:07:44,680 to deploy it your Kubernets cluster, Kubernets with throw an 154 00:07:44,759 --> 00:07:47,560 errow to tell you that it's an invalid a combneti 155 00:07:47,600 --> 00:07:47,920 is file. 156 00:07:48,079 --> 00:07:48,680 Speaker 3: That's all good. 157 00:07:48,720 --> 00:07:51,759 Speaker 4: The problem is that you want to catch those arrows 158 00:07:51,800 --> 00:07:53,720 as soon as possible. You want to shift them left. 159 00:07:53,839 --> 00:07:55,959 You don't want to wait until you try to deploy it. 160 00:07:56,040 --> 00:07:58,519 You want to catch them when someone is submitting them. 161 00:07:58,800 --> 00:08:02,319 And that's the problem. Because with cube cattle there's something 162 00:08:02,439 --> 00:08:05,639 that is called like it's a dry run flag that 163 00:08:05,680 --> 00:08:09,920 you can say something something applied minus dry run and 164 00:08:09,959 --> 00:08:13,079 then it will connect to your cluster. It will check 165 00:08:13,199 --> 00:08:15,480 if it's a valid file. If it's a valid file, 166 00:08:15,639 --> 00:08:17,759 it will not apply it. This is why you have 167 00:08:17,800 --> 00:08:20,959 the drying flag, but you to give you the indication 168 00:08:21,040 --> 00:08:23,759 if it will be accepted or not by the cluster itself. 169 00:08:24,040 --> 00:08:27,120 So that's really cool. The issue with that is that 170 00:08:27,519 --> 00:08:30,079 you actually need to have up and running cluster and 171 00:08:30,160 --> 00:08:32,399 you also need to have a connection to that. So 172 00:08:32,600 --> 00:08:35,200 going back one step and we said that you need 173 00:08:35,240 --> 00:08:39,720 to validate those manifest files as soon as possible. Usually 174 00:08:40,120 --> 00:08:43,360 local machines or CI machines don't have and you don't 175 00:08:43,360 --> 00:08:46,320 want them to have a connection to your cluster, so 176 00:08:46,399 --> 00:08:48,440 that's become an issue. So you need to find a 177 00:08:48,440 --> 00:08:52,159 way that you can do it offline. When I'm saying offline, 178 00:08:52,200 --> 00:08:55,120 I mean with no connection to your cluster, but also 179 00:08:55,120 --> 00:08:57,600 in a way that you can run as soon as possible, 180 00:08:57,679 --> 00:08:59,519 and not only when you want to push it into 181 00:08:59,519 --> 00:09:03,200 production or into staging, also to your cluster, which means 182 00:09:03,200 --> 00:09:06,240 to the cluster. So, like I said, you have cubival 183 00:09:06,360 --> 00:09:08,399 that you can do that with you can write run 184 00:09:08,480 --> 00:09:10,559 it locally, you can add it as a step in 185 00:09:10,600 --> 00:09:13,559 your CI and you can also do it in the 186 00:09:13,600 --> 00:09:16,799 CD before we trying to apply something. So that's one option. 187 00:09:17,080 --> 00:09:19,480 Another option that you can do it with is with 188 00:09:19,639 --> 00:09:23,039 cube and phone and same you can implement it in 189 00:09:23,080 --> 00:09:25,799 the same ways because like I said, basically it's almost 190 00:09:25,799 --> 00:09:26,320 the same tool. 191 00:09:26,360 --> 00:09:27,240 Speaker 3: It's only I. 192 00:09:27,240 --> 00:09:30,399 Speaker 4: Would say it's like cubivalve with superpowers with the cube 193 00:09:30,399 --> 00:09:33,080 and phone. And the other way for you to do 194 00:09:33,120 --> 00:09:36,080 it is actually with a tree. So with a tree we, 195 00:09:36,360 --> 00:09:38,279 like I said, it was an issue that we add, 196 00:09:38,519 --> 00:09:42,360 so we also added those capabilities to our tool. And 197 00:09:42,639 --> 00:09:45,960 if you are checking for policies, there's also pre acquisites 198 00:09:46,039 --> 00:09:48,279 that we will check. So we will check that you 199 00:09:48,320 --> 00:09:50,799 have a valid Cubernetes file, and if it's a valid 200 00:09:50,840 --> 00:09:53,679 Cubernetes file, it will also check to make sure that 201 00:09:54,240 --> 00:09:58,519 it's also passing the policy that you define on the organization. 202 00:09:58,960 --> 00:10:00,519 Speaker 3: So this is also something that you can do. 203 00:10:00,799 --> 00:10:04,399 Speaker 4: I will also say that another thing that is interesting 204 00:10:04,879 --> 00:10:06,840 and I wrote in the article, is that you have 205 00:10:06,840 --> 00:10:08,440 another flag with cube cattle. 206 00:10:08,720 --> 00:10:11,799 Speaker 3: So we have two modes. You have several mode and 207 00:10:11,840 --> 00:10:12,759 you have client modes. 208 00:10:12,919 --> 00:10:16,879 Speaker 4: Basically you can check both of them requiring you to 209 00:10:16,919 --> 00:10:19,799 have a connection to a cluster. Something is think that 210 00:10:19,840 --> 00:10:23,480 I discovered was that actually there's an open bug in 211 00:10:23,559 --> 00:10:29,519 the Kubernettis project, and the open flag is saying yeah, yeah, yeah, 212 00:10:29,559 --> 00:10:32,360 among those one thousand bucks that are opened there, and 213 00:10:32,559 --> 00:10:36,519 this open bug is actually saying that this is not 214 00:10:36,559 --> 00:10:37,720 the expected results. 215 00:10:37,879 --> 00:10:38,960 Speaker 3: If you're using. 216 00:10:38,720 --> 00:10:42,840 Speaker 4: The flag dry run but on the buts a client mode, 217 00:10:43,000 --> 00:10:45,679 it should not need to have a connection to a cluster. 218 00:10:46,000 --> 00:10:48,480 But right now it's not walking, so it's still requiring 219 00:10:48,559 --> 00:10:51,200 you to have a connection to a cluster. Another interesting thing, 220 00:10:51,360 --> 00:10:54,879 and this is also I explained in the article, is 221 00:10:54,879 --> 00:10:57,600 that there is a discrepancy between the validation that I've 222 00:10:57,759 --> 00:11:01,000 done on the client side and the validations that are 223 00:11:01,039 --> 00:11:03,840 done on the SEVI side if you're using cube cutted. 224 00:11:04,279 --> 00:11:07,200 Speaker 6: So answer question, well, now, go ahead, go ahead, and 225 00:11:07,200 --> 00:11:07,960 then I'll argue with you. 226 00:11:08,039 --> 00:11:08,440 Speaker 3: That's fine. 227 00:11:08,559 --> 00:11:11,279 Speaker 4: So just to wrap it up, the best way to 228 00:11:11,320 --> 00:11:14,159 do that is as soon as possible, you should run 229 00:11:14,279 --> 00:11:19,639 those validations across the entire process from your local environment 230 00:11:20,039 --> 00:11:24,120 through ci CD and just before you're going to deploy 231 00:11:24,159 --> 00:11:26,919 it or any other automation process that you have staging, 232 00:11:27,039 --> 00:11:29,480 production whatever, do is as soon as possible, and do 233 00:11:29,559 --> 00:11:30,159 it all the time. 234 00:11:30,320 --> 00:11:32,200 Speaker 6: I actually wanted to argue with you a little bit 235 00:11:32,200 --> 00:11:34,919 on a point about not having access to a cluster 236 00:11:34,960 --> 00:11:37,559 while you're doing these validations. I would think you would 237 00:11:37,559 --> 00:11:39,600 need access to a cluster, because what if I'm doing 238 00:11:39,639 --> 00:11:42,559 like no affinity is or okay, that's the only case 239 00:11:42,600 --> 00:11:43,840 that I can think of, actually is when I have 240 00:11:43,879 --> 00:11:46,080 not affiinity. So I don't have a real strong case 241 00:11:46,080 --> 00:11:48,000 to argue with you. But if I'm doing that right, 242 00:11:48,000 --> 00:11:49,559 I would want for it to say, oh, you're setting 243 00:11:49,559 --> 00:11:51,879 this note affidity on something that doesn't even exist, or 244 00:11:51,879 --> 00:11:53,639 it doesn't make sense, or it's not going to come up, 245 00:11:53,720 --> 00:11:56,039 or I don't know something like that. I would hope 246 00:11:56,039 --> 00:11:57,720 it would be smart enough to tell me that you're 247 00:11:57,720 --> 00:11:59,559 doing something wrong, and it would need to have a 248 00:11:59,600 --> 00:12:01,360 connection car cluster to do that right. 249 00:12:01,679 --> 00:12:04,879 Speaker 4: So think about it like in big organizations that you 250 00:12:04,919 --> 00:12:09,799 have a lot of developers and so usually we're saying CIS, 251 00:12:09,840 --> 00:12:12,440 but we need to remember the CICD are two different steps, 252 00:12:12,600 --> 00:12:15,320 and there are a lot of organizations that I'm familiar 253 00:12:15,320 --> 00:12:18,960 with that the CI step is taking X amount of 254 00:12:19,080 --> 00:12:21,639 time and only then coming to the city step. So 255 00:12:22,159 --> 00:12:25,840 during the CI step that people keep changing the manifest, 256 00:12:25,960 --> 00:12:29,159 it's not necessarily going to be deployed right away. So 257 00:12:29,600 --> 00:12:32,000 at this step, then when you have the CI process, 258 00:12:32,159 --> 00:12:34,519 you want to run different checks, but you also don't 259 00:12:34,559 --> 00:12:36,159 want it to have a connection to your cluster. 260 00:12:36,519 --> 00:12:38,000 Speaker 3: Only when on the city. 261 00:12:37,679 --> 00:12:39,600 Speaker 4: Step you want to have a connection, you have to 262 00:12:39,639 --> 00:12:42,919 have a connection to your cluster. So if you separate 263 00:12:42,960 --> 00:12:46,679 those steps, which usually happening in big organizations, the CI 264 00:12:46,720 --> 00:12:48,279 step don't have connection to your cluster. 265 00:12:48,480 --> 00:12:51,679 Speaker 5: So I'm looking through your article and some of the 266 00:12:52,200 --> 00:12:55,200 you have this nice little table that compares cubevel and 267 00:12:55,279 --> 00:12:58,000 cup perform against client mode and server mode of cup 268 00:12:58,039 --> 00:13:00,879 pedal and what things were caught and what it didn't. 269 00:13:00,960 --> 00:13:02,919 And I'm clicking on some of these here, and it 270 00:13:02,960 --> 00:13:04,919 looks to me like in some of these cases it's 271 00:13:04,960 --> 00:13:09,120 looking more for syntactic validity than contextual validity. I don't 272 00:13:09,120 --> 00:13:12,080 know if that's the right phraseology there, But for example, 273 00:13:12,080 --> 00:13:14,000 I look at the label value and it's the wrong. 274 00:13:14,080 --> 00:13:17,399 Example has a label of dash dash stash, which is 275 00:13:17,440 --> 00:13:19,960 just it's invalid. It's invalid syntax. It's not that it 276 00:13:20,200 --> 00:13:22,639 that label. I guess My question here is does this 277 00:13:22,799 --> 00:13:25,440 check that the label make sense or just that it's 278 00:13:25,440 --> 00:13:26,399 syntactically valid. 279 00:13:26,639 --> 00:13:27,960 Speaker 3: So that's a good question. 280 00:13:28,240 --> 00:13:32,360 Speaker 4: So basically, there are different steps of validations that you 281 00:13:32,399 --> 00:13:34,559 need to pass if you want to have a valid file. 282 00:13:35,000 --> 00:13:37,440 So first of all, let's think about it like on 283 00:13:37,480 --> 00:13:39,600 the general air view. You want to make sure that 284 00:13:39,639 --> 00:13:43,320 all your cuberneties files have to be a valid diamined file. 285 00:13:43,399 --> 00:13:44,159 Speaker 3: That's first of all. 286 00:13:44,279 --> 00:13:46,840 Speaker 4: After that they have to be a valid Kubernetes file, 287 00:13:46,919 --> 00:13:49,919 which means they need to follow a specific structure. After that, 288 00:13:50,480 --> 00:13:54,440 the values inside those files need to be valid, and 289 00:13:55,000 --> 00:13:58,480 different steps or different tools will catch different errows that 290 00:13:58,559 --> 00:14:00,639 I just mentioned. So with a tree, you will catch 291 00:14:01,120 --> 00:14:03,320 all theres, will make sure that it's a valid diamond file, 292 00:14:03,360 --> 00:14:05,559 will make sure that it's a valid tubunetifier. Will also 293 00:14:05,600 --> 00:14:09,240 make sure that the value is avalid and we cube valid. 294 00:14:09,360 --> 00:14:12,320 It will make sure that it's only a valid Kuberneti structure. 295 00:14:12,600 --> 00:14:14,840 So you have different vialiations that will make But by 296 00:14:14,840 --> 00:14:17,799 the way cube Cattle, once you try to deploy it 297 00:14:17,799 --> 00:14:20,759 to your cluster, it will make it will check all 298 00:14:20,840 --> 00:14:22,559 the stuff that I mentioned, So it will also make 299 00:14:22,600 --> 00:14:24,360 sure that it's diamal file to also make sure that 300 00:14:24,399 --> 00:14:27,440 it's notified and also valid value. But again the problem 301 00:14:27,519 --> 00:14:29,919 is that it's too late in the process, because it's 302 00:14:29,960 --> 00:14:31,919 only when you want to deploy and you just want 303 00:14:31,919 --> 00:14:33,840 to ship all this information to the. 304 00:14:33,840 --> 00:14:39,600 Speaker 3: Left to the right, right to the left, to the. 305 00:14:39,639 --> 00:14:43,039 Speaker 5: Left to left in Hebrew, also or do you shift 306 00:14:43,080 --> 00:14:43,919 right since you're the other. 307 00:14:44,240 --> 00:14:46,440 Speaker 3: We read the opposite. That's the problem, you know, that's 308 00:14:46,480 --> 00:14:47,360 why the confusion. 309 00:14:47,440 --> 00:14:50,399 Speaker 4: We're really from We're really from right to left, So 310 00:14:50,679 --> 00:14:51,879 like make. 311 00:14:51,759 --> 00:14:59,840 Speaker 5: No sense the Japanese shift up, cultural adventures and DevOps. 312 00:15:00,200 --> 00:15:02,080 I had a great question, and now I completely lost it. 313 00:15:02,200 --> 00:15:03,799 Speaker 2: You want to shop to come back? 314 00:15:05,799 --> 00:15:07,759 Speaker 6: I think, okay, Well, I was just thinking, you know, 315 00:15:08,320 --> 00:15:10,919 like this whole idea of okay, we can say that 316 00:15:10,960 --> 00:15:13,480 it's a valid YAMO file and the valid Kubernetes file, 317 00:15:13,559 --> 00:15:15,480 but doesn't make sense. And to me that's always been 318 00:15:15,519 --> 00:15:18,320 like such an interesting problem, like one of the more 319 00:15:18,360 --> 00:15:21,559 interesting problems, especially because my background is high performance computing. 320 00:15:21,919 --> 00:15:23,799 So anyways, I think that we show like a crossover 321 00:15:23,840 --> 00:15:26,559 event with the machine learning people where we just make 322 00:15:26,639 --> 00:15:28,679 them train a really big model on a whole bunch 323 00:15:28,679 --> 00:15:31,120 of Kubernetes configurations where it makes. 324 00:15:30,960 --> 00:15:31,440 Speaker 2: Sense or not. 325 00:15:31,759 --> 00:15:33,200 Speaker 6: That might be the only way to do it is 326 00:15:33,240 --> 00:15:36,120 have like a massive decision tree that nobody actually understands 327 00:15:36,159 --> 00:15:36,960 that says yes or no. 328 00:15:39,240 --> 00:15:41,600 Speaker 2: I think you just described Kubernetes exactly. 329 00:15:44,679 --> 00:15:45,600 Speaker 6: Yeah, a little bit. 330 00:15:45,840 --> 00:15:48,559 Speaker 5: Okay, I remember my question. I'm curious what does your 331 00:15:48,799 --> 00:15:52,720 workflow look like when you're working on Kubernetes manifests? Do 332 00:15:52,759 --> 00:15:56,480 you run these tools in your editor for example on save? 333 00:15:56,840 --> 00:15:59,879 Do you use githooks? Do you use CI pipelines? What 334 00:16:00,000 --> 00:16:01,559 does your setup look like? How do you do this 335 00:16:01,600 --> 00:16:02,120 in practice? 336 00:16:02,279 --> 00:16:08,399 Speaker 4: Well, I'm biased, a musing I own, but yeah, but 337 00:16:08,600 --> 00:16:11,360 I'm telling you so what I usually see that people 338 00:16:11,360 --> 00:16:13,440 are doing this is why we credit this tool, is 339 00:16:13,440 --> 00:16:16,960 that they understand the value and they're trying to shift. 340 00:16:16,720 --> 00:16:18,600 Speaker 2: It left right. 341 00:16:18,639 --> 00:16:21,399 Speaker 4: You're trying to shift it left and they're doing it 342 00:16:21,440 --> 00:16:25,600 with pre committos. That's one. Then it's implementing inside the CI. 343 00:16:26,080 --> 00:16:28,840 The problem is that you need to implement a lot 344 00:16:28,879 --> 00:16:31,639 of tooling in order to get those simple vialidations that 345 00:16:31,679 --> 00:16:34,480 I just described. So you need to have volunteer for 346 00:16:34,600 --> 00:16:37,480 your YAM. Fine, you have a to have a cubival 347 00:16:37,600 --> 00:16:40,840 or cup performed for kubernettes. And then you need to 348 00:16:40,879 --> 00:16:45,559 have some way to actually do the policy checks, which 349 00:16:45,600 --> 00:16:47,960 can be performed with different tools that I have to 350 00:16:48,039 --> 00:16:53,440 pause doructure files JQ for example. Just trying some ideas 351 00:16:53,559 --> 00:16:55,440 if someone want to get crazy into it by himself. 352 00:16:55,960 --> 00:16:59,519 So it's actually requiring a lot of cluing and a 353 00:16:59,519 --> 00:17:02,360 lot of teaching and a lot of different tools that 354 00:17:02,480 --> 00:17:05,440 need to walk together, which become to be like a 355 00:17:05,480 --> 00:17:07,279 massive headache if you want. 356 00:17:07,160 --> 00:17:07,519 Speaker 2: To do that. 357 00:17:07,839 --> 00:17:09,640 Speaker 3: And this is why we build a tree. 358 00:17:09,680 --> 00:17:11,680 Speaker 4: We're trying to do it in one tool, make it simple, 359 00:17:11,880 --> 00:17:14,440 make it fun so you can it's a sea light tool, 360 00:17:14,480 --> 00:17:15,920 so we actually enforced it. 361 00:17:16,039 --> 00:17:17,799 Speaker 3: Or you can put it everywhere you want. 362 00:17:17,839 --> 00:17:20,240 Speaker 4: You can put it on your local environment, you can 363 00:17:20,240 --> 00:17:21,720 put it in your CI, you can put it in 364 00:17:21,759 --> 00:17:24,279 your city, you can put it everywhere and it will 365 00:17:24,319 --> 00:17:27,000 do all those validation for you out of the box 366 00:17:27,200 --> 00:17:28,799 and a really simple and easy way. 367 00:17:29,039 --> 00:17:30,920 Speaker 6: That's very cool. And is it all open source? 368 00:17:31,240 --> 00:17:32,079 Speaker 3: Yes? Yes? 369 00:17:32,400 --> 00:17:37,319 Speaker 4: And again like yeah, so there is a magic sauce 370 00:17:37,599 --> 00:17:39,400 in the tree, Like it's not. We don't have a 371 00:17:39,440 --> 00:17:42,279 secret API. We are not doing something that like every 372 00:17:42,279 --> 00:17:44,400 developer can do. What we're doing it, and we are 373 00:17:44,440 --> 00:17:47,400 totally okay with that. And the cool part is that 374 00:17:47,440 --> 00:17:51,039 we're just trying to make it much more simple for you, 375 00:17:51,079 --> 00:17:53,240 so you don't need to do it by yourself. So 376 00:17:53,279 --> 00:17:56,400 you don't need to configure this plit commit and you 377 00:17:56,440 --> 00:17:58,920 don't need to configure this and integration by the way 378 00:17:59,119 --> 00:18:01,160 soever henp like, and so we can do it natively. 379 00:18:01,440 --> 00:18:03,680 We just want to make sure that it's simple enough 380 00:18:03,680 --> 00:18:05,319 for you to use our tool and not to try 381 00:18:05,319 --> 00:18:08,279 to build it by yourself, because we all really believe 382 00:18:08,319 --> 00:18:11,400 in buys is built, that you should be focused on 383 00:18:11,480 --> 00:18:14,240 building great stuff that out of your coal business and 384 00:18:14,279 --> 00:18:16,640 not try to build and not try to build stuff 385 00:18:16,680 --> 00:18:19,000 that are not and you should prefer to buy them. 386 00:18:19,640 --> 00:18:22,119 So this is how we think about it, and this 387 00:18:22,200 --> 00:18:25,200 is why we're always trying to make sure that we well, 388 00:18:25,240 --> 00:18:26,480 we always want to make sure. 389 00:18:26,319 --> 00:18:28,240 Speaker 3: That all the stuff that we're doing will give you 390 00:18:28,240 --> 00:18:29,160 a value as a user. 391 00:18:29,359 --> 00:18:31,400 Speaker 6: That's very cool. You said something I didn't quite touch. 392 00:18:31,400 --> 00:18:33,880 There's a plug in for something, was it, Homer? 393 00:18:34,160 --> 00:18:34,279 Speaker 3: Was it? 394 00:18:34,480 --> 00:18:34,640 Speaker 7: Yeah? 395 00:18:34,720 --> 00:18:38,279 Speaker 4: Yeah, yeah, So you asked about the nice so I 396 00:18:38,359 --> 00:18:40,559 mentioned because we ask about them. So, for example, we 397 00:18:40,640 --> 00:18:43,519 have a native hamp plugging so when you're doing ham 398 00:18:43,599 --> 00:18:46,799 in stall, it will do all those validations, which actually 399 00:18:46,799 --> 00:18:49,200 to make sure that is a validamter file, to make 400 00:18:49,200 --> 00:18:51,480 sure that it's a Kuberneties file, to make sure that 401 00:18:51,519 --> 00:18:54,279 it's passing the policy, and it's all being integrated inside 402 00:18:54,279 --> 00:18:56,920 hands so we don't need to do the HAMP template, 403 00:18:57,119 --> 00:19:00,920 pipe it into keep cuttail, run it with dry hand 404 00:19:01,000 --> 00:19:03,720 flag or with cube val or whatever stuff like that. 405 00:19:03,920 --> 00:19:06,319 Speaker 6: Cool. Does it integrate with like any of the code 406 00:19:06,400 --> 00:19:08,319 editors too, Like will it tell me in nice big 407 00:19:08,359 --> 00:19:11,559 red leaders, because like I really need those reds telling me, 408 00:19:11,799 --> 00:19:13,200 but I'm doing something stupid. 409 00:19:13,359 --> 00:19:17,880 Speaker 3: If not, it's it's on the road map. 410 00:19:17,920 --> 00:19:20,039 Speaker 4: It's only on the road map because we really believe 411 00:19:20,079 --> 00:19:22,359 that we need to give this feedback about the validation 412 00:19:22,680 --> 00:19:25,359 as soon as possible, and on the road BAMP is 413 00:19:25,359 --> 00:19:28,039 to also put it inside your ID and if it's 414 00:19:28,039 --> 00:19:31,160 possible also in when you think about doing a misconfiguration 415 00:19:31,240 --> 00:19:36,839 to also be integrated there inside your head, you get like. 416 00:19:36,799 --> 00:19:39,240 Speaker 2: A buzz what do you call that? CRD? 417 00:19:41,160 --> 00:19:42,680 Speaker 3: Not sure? Not sure? We need to think about the 418 00:19:42,759 --> 00:19:43,160 name for that. 419 00:19:44,200 --> 00:19:46,319 Speaker 5: So I'm really curious about how this works with Helm 420 00:19:46,480 --> 00:19:50,240 because obviously Helm isn't purely deterministic in the sense that 421 00:19:50,640 --> 00:19:53,519 depending on what values values you provide, you could have 422 00:19:53,640 --> 00:19:57,920 an infant possibility of actual kubernes manifests to come out. 423 00:19:58,039 --> 00:20:00,839 How do you handle that? I mean, for example, I'm 424 00:20:00,839 --> 00:20:03,079 thinking of the chart testing or CT tool. I don't 425 00:20:03,079 --> 00:20:04,759 know if you're familiar with that, but it lets you 426 00:20:04,839 --> 00:20:06,720 define like a list of You could give it a 427 00:20:06,720 --> 00:20:09,440 directly full of values gamble files and it will just 428 00:20:09,519 --> 00:20:11,279 test against each one of those. Do you have something 429 00:20:11,319 --> 00:20:12,839 similar or how do you approach that? 430 00:20:13,160 --> 00:20:15,720 Speaker 3: So again, this is a really good question, but we 431 00:20:15,799 --> 00:20:17,960 need to remember in the end of. 432 00:20:18,039 --> 00:20:22,079 Speaker 4: Every helm file there is a couberneties file, so we 433 00:20:22,119 --> 00:20:24,799 are not checking the value file separately and the child 434 00:20:24,839 --> 00:20:28,000 files separately. What we're doing is that we're rendering it 435 00:20:28,039 --> 00:20:30,559 together and then we're running the checks on top of it. 436 00:20:31,039 --> 00:20:33,680 So in the end it's just a manifest file that 437 00:20:33,799 --> 00:20:37,000 is random from hand value and then child that is 438 00:20:37,000 --> 00:20:40,720 combined together. So it doesn't really matter how you do 439 00:20:40,799 --> 00:20:42,200 the templating. 440 00:20:42,039 --> 00:20:42,720 Speaker 3: From the all side. 441 00:20:42,759 --> 00:20:45,000 Speaker 4: You can use which key invirues that you want, because 442 00:20:45,000 --> 00:20:48,000 in the end to will be translated into a Kubernettis file. 443 00:20:48,240 --> 00:20:50,480 So we're just running it on the end result, which 444 00:20:50,519 --> 00:20:51,799 is the coupnettis file itself. 445 00:20:51,960 --> 00:20:54,839 Speaker 5: But if by values, suppose I have one value file 446 00:20:54,880 --> 00:20:57,400 that says ingress true and one it says ingress falls. 447 00:20:57,440 --> 00:21:01,440 That could help a completely different manifests completely different resources 448 00:21:01,440 --> 00:21:03,599 to find, and I might want to validate both versions. 449 00:21:03,720 --> 00:21:05,960 Does your helm plug in automate that for me? Or 450 00:21:05,960 --> 00:21:08,440 do I just need to have two lines in my 451 00:21:08,519 --> 00:21:10,200 sea ice script that says run it this way and 452 00:21:10,240 --> 00:21:11,000 also run it that way. 453 00:21:11,319 --> 00:21:15,160 Speaker 4: So if i'd the sun correctly, you're asking if I 454 00:21:15,160 --> 00:21:17,519 can run it in if I can have like two 455 00:21:17,559 --> 00:21:21,160 different policies because I have different permutations for the same 456 00:21:21,200 --> 00:21:21,680 held file. 457 00:21:22,039 --> 00:21:23,680 Speaker 5: Yeah, I mean, so I suppose I have a homestart 458 00:21:23,720 --> 00:21:28,200 that just deploys WordPress or whatever, and in one variation 459 00:21:28,440 --> 00:21:31,920 one of my configurations, say, disables the ingress, So I'm 460 00:21:31,920 --> 00:21:35,319 no longer creating the ingress a resource in my in 461 00:21:35,359 --> 00:21:38,680 my output, I'm not setting you know, several different things 462 00:21:38,680 --> 00:21:40,240 that might not be created. I'm not creating an st 463 00:21:40,279 --> 00:21:43,000 CL certificate and so on. My output manifest is going 464 00:21:43,039 --> 00:21:45,519 to be significantly smaller with fewer resources in it than 465 00:21:45,559 --> 00:21:48,119 if I had enabled ingress. And maybe I want to 466 00:21:48,279 --> 00:21:51,240 validate both versions of that using your tool. What what 467 00:21:51,440 --> 00:21:52,880 steps do I take to accomplish that? 468 00:21:53,240 --> 00:21:57,319 Speaker 4: Yeah, So basically, again it doesn't matter like we revitedate 469 00:21:57,400 --> 00:22:00,559 both versions. So there is a logic insight your code 470 00:22:00,559 --> 00:22:05,039 that will trigger one of them. Correct, So the version 471 00:22:05,039 --> 00:22:07,240 that is triggered, this is also what will be passed 472 00:22:07,279 --> 00:22:09,839 to the tree. And this is what we also be validated, 473 00:22:10,079 --> 00:22:12,559 and we'll give you the indication of its passingle failing 474 00:22:12,839 --> 00:22:17,880 the same that the same this mechanism that's triggating your. 475 00:22:17,799 --> 00:22:19,640 Speaker 3: Helm is the same one that will be passed to 476 00:22:19,720 --> 00:22:20,000 the tree. 477 00:22:20,200 --> 00:22:22,839 Speaker 6: Yeah. So the validate runs on the like helme install 478 00:22:22,920 --> 00:22:23,559 or helm up. 479 00:22:23,480 --> 00:22:26,079 Speaker 3: Grat command right exactly exactly. 480 00:22:25,799 --> 00:22:27,839 Speaker 6: Not beforehand. Then how are you going to integrate it 481 00:22:27,880 --> 00:22:28,440 with an editor? 482 00:22:28,640 --> 00:22:29,319 Speaker 3: With the editor? 483 00:22:29,680 --> 00:22:32,039 Speaker 6: Yeah, because if it's in an editor, it's before that 484 00:22:32,119 --> 00:22:32,759 helme install. 485 00:22:33,079 --> 00:22:35,559 Speaker 3: You're right, And this is a challenge. This is something 486 00:22:35,599 --> 00:22:37,480 that went into solved by don't have all the answers 487 00:22:37,599 --> 00:22:39,440 right now. This is something that we're working on. 488 00:22:39,559 --> 00:22:41,960 Speaker 6: That's interesting. That's where you need the decision tree. 489 00:22:42,799 --> 00:22:44,680 Speaker 3: Probably, this is why we call the tree. 490 00:22:46,400 --> 00:22:49,680 Speaker 6: Well, I've been seeing people have validating their values file 491 00:22:49,880 --> 00:22:52,720 also with an additional Jason Schema, and it seems like 492 00:22:52,720 --> 00:22:54,880 you will kind of work something like that out to 493 00:22:54,960 --> 00:22:57,400 sort of them have these trees that are like, oh, 494 00:22:57,400 --> 00:22:59,640 if you have a Boolean value, it should you know, 495 00:22:59,640 --> 00:23:01,400 it should track for both the true and the falls 496 00:23:01,440 --> 00:23:04,000 and these kind of things. But I don't know. I'm 497 00:23:04,000 --> 00:23:05,000 glad you're building. 498 00:23:04,680 --> 00:23:05,119 Speaker 7: It and not me. 499 00:23:05,240 --> 00:23:05,920 Speaker 6: That's very cool. 500 00:23:07,880 --> 00:23:10,559 Speaker 4: So you're right, I also saw it. You can do 501 00:23:10,599 --> 00:23:13,160 it with Jason GiMA is sorry, you can do it 502 00:23:13,200 --> 00:23:16,839 with Jason Schema. The problem is it's taking it's a 503 00:23:16,839 --> 00:23:20,200 lot of folk to do that, and also actually it's 504 00:23:20,240 --> 00:23:22,400 taken a lot of maintaining to make sure that it's 505 00:23:22,440 --> 00:23:25,359 always up to date, which is more hardened than just 506 00:23:25,400 --> 00:23:27,920 writing it. But it's not that common that people this 507 00:23:28,039 --> 00:23:29,880 is the best practice, but it's not that common that 508 00:23:29,920 --> 00:23:33,640 people are doing that. And usually they're like just doing 509 00:23:33,680 --> 00:23:37,079 the validation itself and not on the values separately or 510 00:23:37,119 --> 00:23:40,240 on the child separately. They're doing the validation on what's 511 00:23:40,279 --> 00:23:42,000 coming out from combining in the both. 512 00:23:42,200 --> 00:23:44,359 Speaker 6: That's true. I tend to just cross my fingers and 513 00:23:44,400 --> 00:23:47,119 pray on all the times that I commit to get help. 514 00:23:47,519 --> 00:23:49,119 Speaker 1: Yeah, so I think one of the things that was 515 00:23:49,119 --> 00:23:52,160 cool in your article here, because I know in my 516 00:23:52,279 --> 00:23:56,599 experience a lot of pushback I've experienced in trying to 517 00:23:57,440 --> 00:24:01,599 implement different solutions like this is how much time it 518 00:24:01,680 --> 00:24:03,880 takes or how much you know, people don't want to 519 00:24:03,920 --> 00:24:07,240 do it because they have this this idea that it's 520 00:24:07,279 --> 00:24:10,039 going to slow them down. But you actually did quite 521 00:24:10,039 --> 00:24:13,519 a bit of benchmarking on this right to see exactly 522 00:24:13,519 --> 00:24:15,400 what to slow down or impact would be. 523 00:24:15,920 --> 00:24:18,960 Speaker 4: Yeah, so this is something that it was interesting to 524 00:24:19,000 --> 00:24:22,359 me to see because why I check the different possibilities 525 00:24:22,440 --> 00:24:25,640 about how can I have how can actually have overcome 526 00:24:26,119 --> 00:24:30,640 the problem of scheme of validation. I noticed that when 527 00:24:30,680 --> 00:24:33,400 I'm doing it with cube cattle and I'm doing it 528 00:24:33,440 --> 00:24:36,720 with the salvable actually taking a lot of time to 529 00:24:36,720 --> 00:24:40,680 get the results back. So it said, hmm, what would 530 00:24:40,680 --> 00:24:42,759 happen if I would do it like one other times, 531 00:24:43,519 --> 00:24:46,160 you know, like developments to take it to that, and 532 00:24:47,440 --> 00:24:50,519 then I actually benchmark all the tools and how much 533 00:24:50,559 --> 00:24:52,039 time to take them to do the validation. 534 00:24:52,680 --> 00:24:54,480 Speaker 3: It was so just to. 535 00:24:54,440 --> 00:24:57,440 Speaker 4: Give you the summer of that cube conform is doing 536 00:24:57,480 --> 00:24:59,960 it the best way. It's actually giving the results really 537 00:25:00,119 --> 00:25:03,119 really fast. After that you have cube revalve. That's also 538 00:25:03,160 --> 00:25:06,240 giving the result fast. Again, it's like on milli seconds 539 00:25:06,480 --> 00:25:09,119 for a regular usage, not when you're trying to scan 540 00:25:09,240 --> 00:25:11,880 one of the couplets files. So as a user you 541 00:25:11,920 --> 00:25:14,039 won't actually notice that, so you can say that it's 542 00:25:14,039 --> 00:25:17,240 almost the same when you're running it with CU cuttle 543 00:25:17,400 --> 00:25:20,480 on the sever side on the several mode. So yes, 544 00:25:20,519 --> 00:25:22,640 it's taking longer, but it's not like it's going to 545 00:25:22,680 --> 00:25:24,119 take you ten minutes. 546 00:25:24,240 --> 00:25:26,359 Speaker 3: It's just going to take a little bit longer. 547 00:25:26,680 --> 00:25:29,319 Speaker 4: So if we think about it, we just said that 548 00:25:29,400 --> 00:25:33,640 cube cuttle server mode it's the best validation, so we 549 00:25:33,680 --> 00:25:35,799 don't really have an excuse why not to do that 550 00:25:36,200 --> 00:25:39,720 because it's not going to add too much time to 551 00:25:39,799 --> 00:25:43,440 your deployment process or something like that. The only issue 552 00:25:43,480 --> 00:25:46,960 with doing it is that it's requiring you to have 553 00:25:47,000 --> 00:25:49,640 a connection to a cluster, and as we already mentioned, 554 00:25:49,759 --> 00:25:52,759 this is nothing that is not always possible. If you 555 00:25:52,799 --> 00:25:54,960 want to go as soon as possible with the shift 556 00:25:55,039 --> 00:25:57,400 left approach and you want to do the validation on 557 00:25:57,440 --> 00:26:00,599 the CI locally, would. 558 00:26:00,359 --> 00:26:03,200 Speaker 2: It be possible to run the server mode test against 559 00:26:03,240 --> 00:26:06,359 a test server like say running in kind or mini 560 00:26:06,400 --> 00:26:08,160 cube or something like that, or does it really need 561 00:26:08,160 --> 00:26:10,920 to be your production server with all your existing crds 562 00:26:10,920 --> 00:26:11,640 and everything is tolled. 563 00:26:11,960 --> 00:26:13,200 Speaker 3: Yeah, perfect question. 564 00:26:13,559 --> 00:26:16,440 Speaker 4: So you can do it with Minicube and then you 565 00:26:16,480 --> 00:26:19,000 can do it also in the CI or whatever. 566 00:26:19,079 --> 00:26:21,920 Speaker 3: But then you need to remember it's have to have 567 00:26:22,119 --> 00:26:25,640 the same environment like your production. 568 00:26:26,200 --> 00:26:28,720 Speaker 4: So if you have a name space that exists on 569 00:26:28,799 --> 00:26:32,680 production but don't exist on Mini Cube, it will fail 570 00:26:33,039 --> 00:26:35,279 because you try to deploy a file, you'll tell you, oh, 571 00:26:35,359 --> 00:26:38,240 I don't know this name space which is called Jonathan 572 00:26:38,400 --> 00:26:40,400 or whatever, because you have it on production. So it's 573 00:26:40,400 --> 00:26:43,400 a very tile but it will fail your your failure. 574 00:26:43,599 --> 00:26:46,319 It will fail on the CI. So this is something 575 00:26:46,359 --> 00:26:48,039 that you can do. You can actually have a Mini 576 00:26:48,079 --> 00:26:50,839 cube set it up like your production again, but again 577 00:26:50,880 --> 00:26:54,440 it's like with the checking your it's like building schema validation. 578 00:26:54,759 --> 00:26:58,400 So it's like building the adjacent schema problem. You need 579 00:26:58,400 --> 00:27:00,400 to maintain it, you need to build it. It's a 580 00:27:00,440 --> 00:27:01,079 lot of heaving. 581 00:27:01,319 --> 00:27:03,839 Speaker 6: Yeah, I think we could argue forever about like mocking 582 00:27:03,880 --> 00:27:06,799 out infrastructure versus actually building it. For me. That's one 583 00:27:06,799 --> 00:27:08,960 of those pendulums that swung back and forth, and now 584 00:27:08,960 --> 00:27:11,079 I'm on the other side where I'm like, no, people 585 00:27:11,119 --> 00:27:12,440 are going to pay for me to have like the 586 00:27:12,480 --> 00:27:15,240 same setup and cis in production, so that I just 587 00:27:15,279 --> 00:27:17,640 have something real that I can test against, because it's just, 588 00:27:17,680 --> 00:27:19,640 you know, too many times running up against this kind 589 00:27:19,680 --> 00:27:22,880 of thing that the CI infrastructure ends up not being 590 00:27:22,920 --> 00:27:25,039 the same no matter how long you take to make it. 591 00:27:25,200 --> 00:27:25,480 Speaker 3: Yeah. 592 00:27:25,599 --> 00:27:28,640 Speaker 4: Yeah, it's a huge fool by itself just to sink everything, 593 00:27:28,799 --> 00:27:31,640 like to think this is something that is going to 594 00:27:31,680 --> 00:27:34,480 be lost somewhere and someone's going to forget about it, 595 00:27:34,640 --> 00:27:37,599 and then it's going to annoy a developer really, really, 596 00:27:37,599 --> 00:27:39,440 really really because you don't know why he's getting this 597 00:27:39,559 --> 00:27:42,759 validation errow because it's like, I don't know what to 598 00:27:42,839 --> 00:27:43,119 do with that. 599 00:27:44,079 --> 00:27:44,839 Speaker 3: And then there's. 600 00:27:44,720 --> 00:27:48,920 Speaker 4: Devils guy that forgot to actually sink the mini cube 601 00:27:49,000 --> 00:27:50,839 with that, you know it's going to fall in between 602 00:27:50,880 --> 00:27:52,079 the correct somewhere for sure. 603 00:27:52,319 --> 00:27:54,000 Speaker 2: I'm old. I'm going to start using this. 604 00:27:54,000 --> 00:27:56,759 Speaker 3: Tool me too. 605 00:27:57,000 --> 00:27:58,839 Speaker 6: Do you have a GitHub actions for it? Can I 606 00:27:58,920 --> 00:28:00,200 just tuck that up right now? 607 00:28:00,640 --> 00:28:05,200 Speaker 4: And so actually, so I have an example in the ouducts. 608 00:28:05,240 --> 00:28:08,119 We have an example about how to implement this side 609 00:28:08,319 --> 00:28:11,200 a guit ub action workflow. We still don't have a 610 00:28:11,240 --> 00:28:14,319 git up action per se. It's something that we will 611 00:28:14,319 --> 00:28:17,279 build soon. It's just the amount of integration that we 612 00:28:17,319 --> 00:28:19,680 need to build is just enormous. 613 00:28:20,000 --> 00:28:22,279 Speaker 3: So yeah, yeah. 614 00:28:22,039 --> 00:28:25,079 Speaker 4: So we need to have like a secret CIO and 615 00:28:25,200 --> 00:28:28,640 you need to have a ID integration, and you need 616 00:28:28,680 --> 00:28:30,720 to have a hand plug in. So it's something that 617 00:28:30,759 --> 00:28:32,799 we keep walking on. And by the way, we also 618 00:28:32,839 --> 00:28:36,200 have like an open issue on that in our Gita propository. 619 00:28:36,279 --> 00:28:39,000 So if someone want to suggest another integration, feel free 620 00:28:39,000 --> 00:28:41,759 because this is something that we always keep updating. For example, 621 00:28:41,759 --> 00:28:43,480 someone said like, hey, we need you need to have 622 00:28:43,519 --> 00:28:45,839 a homeproove. You need to be installed with homepoop, not 623 00:28:46,039 --> 00:28:49,640 with a one liner. So we are listening to the community. 624 00:28:49,759 --> 00:28:53,160 And the cool part is that actually there's a company 625 00:28:53,519 --> 00:28:56,720 behind this open source, so there are people that are 626 00:28:56,720 --> 00:28:59,680 working on that full time. So every issue that is 627 00:28:59,680 --> 00:29:02,240 open is also issues that were addressed, and every box 628 00:29:02,359 --> 00:29:04,680 that someone is opening is a bucket that someone is 629 00:29:04,680 --> 00:29:07,839 trying to fix or to resolve, not like with Kubernetes 630 00:29:08,039 --> 00:29:09,720 that you have one thousand bucks and no one to 631 00:29:09,799 --> 00:29:12,480 actually try to understand if they are valid bugs or not. 632 00:29:14,039 --> 00:29:16,440 Speaker 5: Yeah, it is cool. What's the business model this company 633 00:29:16,519 --> 00:29:19,160 is employing? Is there is there a commercial version of 634 00:29:19,200 --> 00:29:21,319 the software available or do there sell other commercial products? 635 00:29:21,359 --> 00:29:22,279 Speaker 2: How does just fit into that? 636 00:29:22,279 --> 00:29:25,400 Speaker 4: Because system Yeah, So, like I mentioned, I started as 637 00:29:25,400 --> 00:29:29,480 a developer and when we thought about this solution we want, 638 00:29:29,640 --> 00:29:32,880 we had one agenda, and it's to make sure the 639 00:29:32,960 --> 00:29:36,960 developers will enjoy using this tool and it'll be useful 640 00:29:37,000 --> 00:29:39,240 also without paying for you because like I said, you 641 00:29:39,240 --> 00:29:42,039 can always be the by you some So our goal 642 00:29:42,119 --> 00:29:45,160 is not to convert a single developer or a small 643 00:29:45,200 --> 00:29:48,079 team or team of tender velperlse. Our goal is to 644 00:29:48,160 --> 00:29:52,440 convert or to monetize big organizations that appreciate what they're 645 00:29:52,480 --> 00:29:54,799 doing and getting the value. So we have like enterprise 646 00:29:54,880 --> 00:29:58,480 grade features that are more relevant for those kinds of 647 00:29:58,680 --> 00:30:02,839 requirements you know, like as so custom support stuff like that. 648 00:30:03,039 --> 00:30:05,880 For regular usage of the tool, you won't mind that, 649 00:30:06,039 --> 00:30:07,759 and we don't have for example, we don't have feature. 650 00:30:08,359 --> 00:30:10,920 You're getting all the features that we have and you 651 00:30:10,960 --> 00:30:13,839 don't need to pay that. So the business model is 652 00:30:13,920 --> 00:30:17,119 basically based on the fact that some features that are 653 00:30:17,160 --> 00:30:20,960 not relevant to any other people all gated, which are 654 00:30:21,160 --> 00:30:23,960 like I mentioned so and stuff that custom support stuff 655 00:30:24,000 --> 00:30:27,240 like that. But we also have the limit of policy 656 00:30:27,319 --> 00:30:30,839 checks that you can run, which is today one thousands 657 00:30:30,960 --> 00:30:34,240 every month, and it's almost impossible to pass it. 658 00:30:35,920 --> 00:30:44,000 Speaker 3: Also on this kind of show. No, no, I'm sorry 659 00:30:44,000 --> 00:30:44,359 about that. 660 00:30:44,680 --> 00:30:47,519 Speaker 4: I'm sorry, okay, So I'll give you Okay, So we 661 00:30:47,599 --> 00:30:50,400 said the number for one thousand because we know that 662 00:30:50,400 --> 00:30:51,200 people should not. 663 00:30:51,240 --> 00:30:53,200 Speaker 3: Pass it, not because you can't. You can't pass it 664 00:30:53,319 --> 00:30:54,319 right on. 665 00:30:54,279 --> 00:30:56,880 Speaker 4: A regular basic if you want to use the tool 666 00:30:56,920 --> 00:30:59,160 and get the value. There's no reason for you to 667 00:30:59,319 --> 00:31:02,400 do so many any validation if you're not a huge 668 00:31:02,559 --> 00:31:03,880 enterprise organization. 669 00:31:04,160 --> 00:31:07,599 Speaker 6: Basically, I had the doctor Pollard a couple of weeks ago. 670 00:31:07,640 --> 00:31:09,240 I couldn't figure out what was happening. 671 00:31:11,559 --> 00:31:14,680 Speaker 2: No, okay, I didn't even know they had to pull limit. 672 00:31:14,920 --> 00:31:17,519 Speaker 6: Yeah, they just yeah number something. 673 00:31:18,039 --> 00:31:22,920 Speaker 4: Yeah, it's funny story about that. So they're also doing 674 00:31:22,960 --> 00:31:25,079 some checks to make sure that you're not did those 675 00:31:25,079 --> 00:31:26,519 things that you're not doing. 676 00:31:26,319 --> 00:31:27,960 Speaker 3: That does attack on them. 677 00:31:28,079 --> 00:31:30,279 Speaker 4: So let me give you a story about you know 678 00:31:30,279 --> 00:31:31,799 what they do. The name of the company because they're 679 00:31:31,799 --> 00:31:34,599 actually talking about it by myself. So there's a company 680 00:31:34,640 --> 00:31:36,839 called Data Dog and I don't know if you're familiar 681 00:31:36,839 --> 00:31:39,039 with them, and data Dog. 682 00:31:39,319 --> 00:31:43,319 Speaker 3: Yeah, so they have a configuration the kubernetties. 683 00:31:42,880 --> 00:31:46,480 Speaker 4: And part of the part of the configuration was that 684 00:31:46,519 --> 00:31:48,960 you always need you you always need to pull a 685 00:31:48,960 --> 00:31:52,359 new image when the application is going out when it's deployed, 686 00:31:52,759 --> 00:31:56,079 right in image pull policy, which means that you need 687 00:31:56,079 --> 00:31:56,799 to oways pull it. 688 00:31:56,960 --> 00:31:58,720 Speaker 3: And they have like only. 689 00:31:58,559 --> 00:32:02,400 Speaker 4: Three land addresses, so it's pretty IP addresses, and they 690 00:32:02,440 --> 00:32:05,799 have all the images hosted somewhere. And someone made a 691 00:32:05,839 --> 00:32:09,240 mistake like de velotals of making mistakes, and it was 692 00:32:09,319 --> 00:32:12,599 actually a buggy code that got deployed with Kubernetes. 693 00:32:12,920 --> 00:32:13,799 Speaker 3: So what's happening. 694 00:32:13,960 --> 00:32:17,240 Speaker 4: What's happened is that it's got deployed, so it's trying 695 00:32:17,240 --> 00:32:19,240 to push the it's trying to pull the image. The 696 00:32:19,279 --> 00:32:22,799 code is not compiling correctly, so communities is noticing that 697 00:32:22,839 --> 00:32:23,880 something is not correct. 698 00:32:23,599 --> 00:32:24,200 Speaker 3: It's killing it. 699 00:32:24,480 --> 00:32:26,960 Speaker 4: But then it's actually raising any one because this is 700 00:32:26,960 --> 00:32:30,599 what kubernet is doing. But do it like one thousand times, 701 00:32:30,839 --> 00:32:33,799 ten thousand times, one other thousand times. This is what 702 00:32:33,880 --> 00:32:37,319 kubernet is doing, and doing it from three IP addresses 703 00:32:37,759 --> 00:32:41,279 to the same place. And if the vendor thought that 704 00:32:41,640 --> 00:32:45,960 they're getting a DIDOS attack, so they blocked and this 705 00:32:46,119 --> 00:32:46,759 is actually. 706 00:32:46,839 --> 00:32:51,160 Speaker 6: Very similar happened to me last week. Yeah, yeahs of times, 707 00:32:51,160 --> 00:32:52,359 but it was enough. Yeah. 708 00:32:52,400 --> 00:32:54,119 Speaker 4: So I I think it's a really good example of 709 00:32:54,119 --> 00:32:57,720 a misconfiguration that is actually passing validation because it would 710 00:32:57,759 --> 00:33:00,799 pass schema validation, but it's actually have policy that you 711 00:33:00,839 --> 00:33:03,160 want to make sure that you're not always pulling the 712 00:33:03,400 --> 00:33:06,680 latest image because then you can digdle something by accident. 713 00:33:07,039 --> 00:33:10,599 So this is something that will be checked, but it's 714 00:33:10,920 --> 00:33:14,359 it's Cobnetti's valid, but it's not valid. 715 00:33:14,480 --> 00:33:14,680 Speaker 3: Yeah. 716 00:33:14,720 --> 00:33:16,440 Speaker 6: I think I need to have an alert and that 717 00:33:16,559 --> 00:33:19,599 validator now instead of having a poll policy of always 718 00:33:19,799 --> 00:33:23,440 just have on whichever one it is not present or something. Yeah, 719 00:33:23,480 --> 00:33:27,799 I really need that. 720 00:33:27,640 --> 00:33:28,039 Speaker 3: Exactly. 721 00:33:30,319 --> 00:33:33,599 Speaker 5: I remember reading a few weeks ago about a Kubernetes 722 00:33:33,960 --> 00:33:36,400 manifest linter that would look for things like that. It 723 00:33:36,400 --> 00:33:39,680 would look for pole policies, it would look for do 724 00:33:39,720 --> 00:33:42,039 you have resource requests that are insane? 725 00:33:42,039 --> 00:33:44,559 Speaker 2: Are you asking for six thousand CPUs something like that? 726 00:33:44,920 --> 00:33:47,880 Speaker 5: This, this tool doesn't do any of that, I don't think, right, 727 00:33:48,039 --> 00:33:50,440 But do you use one and can you recommend one 728 00:33:50,480 --> 00:33:51,759 that that does similar stuff? 729 00:33:51,920 --> 00:33:55,559 Speaker 3: So this is a guy that is doing it's also yeah, 730 00:33:55,720 --> 00:33:56,960 again we are. 731 00:33:56,880 --> 00:33:58,480 Speaker 2: Not with heuristics in some cases. 732 00:33:58,519 --> 00:34:01,240 Speaker 3: Right, Yeah, you can also create like customers. 733 00:34:01,279 --> 00:34:03,039 Speaker 4: You can say that you can say, like, for example, 734 00:34:03,119 --> 00:34:05,400 that I want to make sure that there is a 735 00:34:05,400 --> 00:34:08,639 liveness prop and the value of the like I want 736 00:34:08,639 --> 00:34:10,239 to make sure that the entry point is always the 737 00:34:10,360 --> 00:34:12,920 slash else for example something, or you can make sure 738 00:34:13,119 --> 00:34:15,639 there's a cip you limit and it's always said to 739 00:34:15,719 --> 00:34:16,519 something like that. 740 00:34:16,960 --> 00:34:18,880 Speaker 3: Actually, you can do a lot of cool stuff. 741 00:34:18,880 --> 00:34:20,960 Speaker 4: You can say, like for staging, I want to make 742 00:34:21,000 --> 00:34:23,880 sure that the cip you limit is free, but for production, 743 00:34:24,000 --> 00:34:26,000 the if you limit can be six. So we can 744 00:34:26,039 --> 00:34:27,840 also mix them up and you can say I want 745 00:34:27,880 --> 00:34:31,079 to run this specific policy for this environment. Again, it's 746 00:34:31,119 --> 00:34:33,800 not something new. There are other tools that are doing that. 747 00:34:33,960 --> 00:34:37,079 I don't think that we created something that is unique. 748 00:34:37,519 --> 00:34:39,960 I think what is unique about our approach is that 749 00:34:40,000 --> 00:34:42,280 we're doing it simple, or we're doing it in a 750 00:34:42,360 --> 00:34:45,039 nice way. We're doing it in a more integrated way 751 00:34:45,280 --> 00:34:47,519 inside your workflow. So we don't need to do their 752 00:34:47,679 --> 00:34:51,039 lifting bioself. You don't need to so this excepted that 753 00:34:51,079 --> 00:34:53,280 you gain, you would still need to have something that 754 00:34:53,400 --> 00:34:56,320 is also doing Kubernetive chemo validation. So we need to 755 00:34:56,400 --> 00:34:58,880 integrate another tool like you with a look you conformed, 756 00:34:59,039 --> 00:35:01,800 and you also need to do so that's another yamen 757 00:35:02,199 --> 00:35:04,599 in intern and you also need to configure it to 758 00:35:04,800 --> 00:35:07,599 connect to your helm as a plugin or whateverse you 759 00:35:07,679 --> 00:35:10,119 also need to build that. So you have this and 760 00:35:10,159 --> 00:35:11,760 this and this and this and this, it's only to 761 00:35:11,760 --> 00:35:12,480 be glued together. 762 00:35:12,679 --> 00:35:14,039 Speaker 3: And you have a big headed again. 763 00:35:14,559 --> 00:35:17,119 Speaker 4: So this is the project we are trying to take 764 00:35:17,239 --> 00:35:21,199 like we're trying to take it all off of your hands. 765 00:35:21,239 --> 00:35:23,320 You don't need to build all those integrations, don't need 766 00:35:23,320 --> 00:35:25,760 to glue them. Again, We're not doing something new. You 767 00:35:25,800 --> 00:35:27,840 can also do it. You can always do it with Jaq. 768 00:35:28,079 --> 00:35:30,159 You can also gluing by. You can also do it 769 00:35:30,199 --> 00:35:32,400 by yourself, but we will do it in an easy 770 00:35:32,440 --> 00:35:34,440 way for you. So you prefer to use the tree 771 00:35:34,480 --> 00:35:37,360 and overbuilding it by yourself. Again, if you have like 772 00:35:37,360 --> 00:35:39,119 free time over the weekend you want to build it, 773 00:35:39,199 --> 00:35:39,840 do and build it. 774 00:35:39,840 --> 00:35:41,480 Speaker 3: It's fun fun. 775 00:35:41,320 --> 00:35:46,480 Speaker 5: Exactly, It's a kubernet It'll be fun, they said, exactly. 776 00:35:47,880 --> 00:35:50,360 I'm interested in asking a question is completely unrelated to this. 777 00:35:50,559 --> 00:35:53,400 In your introduction, you said that you're a leader or 778 00:35:53,440 --> 00:35:56,559 founder or something of Hub Users group, the largest in 779 00:35:56,599 --> 00:35:57,960 the world. Tell me a little bit about that. 780 00:35:58,000 --> 00:35:58,360 Speaker 2: What do you do? 781 00:35:58,440 --> 00:36:00,679 Speaker 5: I mean, I'm part of the Go users group, or 782 00:36:00,760 --> 00:36:02,440 we don't call ourselves a users group. We call ourselves 783 00:36:02,480 --> 00:36:05,320 a meetup group. That's the new version of users group 784 00:36:05,360 --> 00:36:07,079 right here in Amsterdam, and we just get around and 785 00:36:07,079 --> 00:36:09,679 get together and talk about ghost Tell me what you 786 00:36:09,719 --> 00:36:11,079 do with a GitHub users group? 787 00:36:11,960 --> 00:36:15,880 Speaker 4: Yeah, So basically like this article, it came from my 788 00:36:15,920 --> 00:36:18,599 own thing, and the paint was that I wanted to 789 00:36:18,639 --> 00:36:22,119 discuss someone about some features that get up ad and 790 00:36:22,360 --> 00:36:24,440 I tried to look with among my friends, like where 791 00:36:24,559 --> 00:36:26,519 do we have like guitup meetups that I can ask 792 00:36:26,599 --> 00:36:30,000 this question? And the answer was nowhere. So I said like, okay, 793 00:36:30,079 --> 00:36:32,440 that's cool, but I love get up. I'm using git up, 794 00:36:32,480 --> 00:36:33,960 and I'm sure that a lot of the veaples love 795 00:36:34,000 --> 00:36:34,800 git up and using it. 796 00:36:35,079 --> 00:36:36,960 Speaker 3: So let's do a itt up about geitub. 797 00:36:37,960 --> 00:36:41,679 Speaker 4: So this is how its gets started, and it's actually 798 00:36:41,760 --> 00:36:45,239 a user group because it's led by the community. I'm 799 00:36:45,239 --> 00:36:47,760 not working at Guitab, I'm not working at Microsoft, they're 800 00:36:47,800 --> 00:36:48,960 not paying me in any way. 801 00:36:49,199 --> 00:36:51,079 Speaker 3: I'm just doing it on moren free time. 802 00:36:51,159 --> 00:36:54,719 Speaker 4: So this is why it's called user group, and it's 803 00:36:54,760 --> 00:36:59,679 actually was surprisingly growing by itself because the first meetup 804 00:36:59,880 --> 00:37:03,480 was among one of the twenty people that register, and 805 00:37:03,519 --> 00:37:07,000 the last meetup that we did was eight hundred people registered. 806 00:37:07,519 --> 00:37:09,719 Speaker 3: So because of the numbers that were, where do you 807 00:37:09,760 --> 00:37:10,639 ask all those people? 808 00:37:10,840 --> 00:37:16,719 Speaker 4: Yeah, so the other numbers it's on nine, so it's 809 00:37:16,800 --> 00:37:18,760 usually it's on nine. We don't have a big place 810 00:37:18,800 --> 00:37:22,400 to hold so many people. And also there's like a 811 00:37:22,440 --> 00:37:24,960 benchmark that you know that if you have eight hundred 812 00:37:25,039 --> 00:37:27,880 people that are registering, not all will come. It's only 813 00:37:27,960 --> 00:37:30,960 thirty percent usually, so that's fine. But again it's a 814 00:37:30,960 --> 00:37:32,719 lot of beer and a lot of pizza to bring 815 00:37:32,760 --> 00:37:34,760 to Amita. 816 00:37:35,440 --> 00:37:37,719 Speaker 2: Okidding, Well, that's great, congratulations on that. 817 00:37:37,760 --> 00:37:39,920 Speaker 5: I mean, it's always fun to be part of a 818 00:37:40,119 --> 00:37:43,360 community like that and to get so much enthusiasm about 819 00:37:43,360 --> 00:37:45,280 whether you decided to start. I know that this has 820 00:37:45,280 --> 00:37:47,519 to feel good or maybe overwhelming or both. 821 00:37:48,840 --> 00:37:51,320 Speaker 4: Another fun fact, actually, my co founder that was also 822 00:37:51,400 --> 00:37:54,400 the on episod number seventy six again or about the 823 00:37:54,480 --> 00:37:59,079 cross reference here, is actually leading the local AWS community, 824 00:37:59,119 --> 00:38:01,039 which is also the biggest one in the world. 825 00:38:01,320 --> 00:38:01,800 Speaker 3: So it's a. 826 00:38:01,840 --> 00:38:05,119 Speaker 4: Little bit of a fight because it got acquired by Microsoft. 827 00:38:05,239 --> 00:38:09,079 So I'm like on this side easy the data by 828 00:38:09,159 --> 00:38:11,320 West side, and we are working in the same company, 829 00:38:11,559 --> 00:38:13,599 but we're still good friends and we love each other. 830 00:38:13,800 --> 00:38:17,159 Speaker 5: The group, because they're kind of Google related, that would 831 00:38:17,159 --> 00:38:18,360 be a nice little trifector. 832 00:38:19,719 --> 00:38:22,239 Speaker 4: So they started, they started from Google, but right more 833 00:38:22,320 --> 00:38:24,639 they're standing by themselves. Yeah, it's like part of the 834 00:38:24,639 --> 00:38:29,800 CNCF and organizations, so it's like Google studied. But I 835 00:38:29,840 --> 00:38:32,519 think it was really nice that they say, like, Okay, 836 00:38:32,559 --> 00:38:34,639 we realized that it's something that is bigger than Google 837 00:38:34,880 --> 00:38:38,320 and we want the community to enjoy it. So hey, CNCF, 838 00:38:38,760 --> 00:38:42,880 take this wonderful child and pa raise it for us 839 00:38:43,000 --> 00:38:43,320 the world. 840 00:38:44,840 --> 00:38:46,320 Speaker 6: Is there eight w us in Israel? 841 00:38:48,000 --> 00:38:53,480 Speaker 4: Like local locally you mean like like salvers, like physical service? 842 00:38:53,559 --> 00:38:55,480 Speaker 6: Yeah they do, they have like an office? Do they 843 00:38:55,480 --> 00:38:56,760 do they have like the physical presence? 844 00:38:57,039 --> 00:39:00,400 Speaker 4: Oh okay, So we have R and D and in 845 00:39:00,559 --> 00:39:03,719 Israel for and right now they're actually building like we 846 00:39:04,880 --> 00:39:06,000 that data. 847 00:39:05,880 --> 00:39:07,199 Speaker 3: Something centers in Israel. 848 00:39:07,480 --> 00:39:09,880 Speaker 4: So we're also going to have the computers themselves, like 849 00:39:09,920 --> 00:39:12,400 the machines on Israel Land. 850 00:39:12,760 --> 00:39:14,679 Speaker 3: We don't have it, so it will be all it 851 00:39:14,719 --> 00:39:16,119 will be holy service, I guess. 852 00:39:16,920 --> 00:39:18,519 Speaker 1: And there's something you said, Julian you said you don't 853 00:39:18,559 --> 00:39:20,119 have a w S, right, we don't. 854 00:39:19,960 --> 00:39:22,119 Speaker 6: Have a WUS like locally in the Middle East. So 855 00:39:22,199 --> 00:39:24,960 in the GCC, although they might be in Bob right now, 856 00:39:24,960 --> 00:39:28,239 I'm not sure, but within Uee and Doha we only 857 00:39:28,239 --> 00:39:30,480 have a JURE, which is a problem for me in 858 00:39:30,519 --> 00:39:32,960 getting local clients because I don't want to have to 859 00:39:33,039 --> 00:39:34,760 learn a lot of things, like I'm kind of lazy 860 00:39:34,760 --> 00:39:36,519 and a w US is enough, all right. It has 861 00:39:36,559 --> 00:39:39,000 a lot of things that I up with and that 862 00:39:39,039 --> 00:39:41,559 could be another story for another time, but like, yeah, 863 00:39:41,599 --> 00:39:42,920 for real, I don't want to move on to another 864 00:39:42,960 --> 00:39:46,400 hosting provider cloud provider. So that's been my public service 865 00:39:46,440 --> 00:39:47,760 announcement for the day. I guess. 866 00:39:49,199 --> 00:39:51,639 Speaker 4: Yeah, there are a lot a lot of the centers 867 00:39:51,639 --> 00:39:53,920 in Israel we also have in the like there are 868 00:39:53,920 --> 00:39:55,800 a lot of the companies that Valenti is in here 869 00:39:56,239 --> 00:39:58,920 and because we have a lot of people that a 870 00:39:58,920 --> 00:40:02,480 lot of developers, a lot of qualified people to do that. 871 00:40:02,960 --> 00:40:04,800 The only thing that we still don't have is like 872 00:40:04,840 --> 00:40:07,159 the cloud provided themselves the mid local missions. 873 00:40:07,199 --> 00:40:08,639 Speaker 3: But like I said, it's going to be changed. 874 00:40:08,840 --> 00:40:11,360 Speaker 4: I know that Google is going not Google, but as 875 00:40:11,400 --> 00:40:12,760 she was going to open and a w is a 876 00:40:12,840 --> 00:40:16,480 going to open. We are using a west Virginia at aws. 877 00:40:16,559 --> 00:40:21,719 Speaker 1: By the way, everybody's using west Virginia cool. Anything else 878 00:40:21,880 --> 00:40:22,760 you don't want to talk about. 879 00:40:22,960 --> 00:40:25,440 Speaker 4: No, I think you got it all covered. So just 880 00:40:25,559 --> 00:40:29,800 to summarize it all, you should all validated, kubernet is filed. 881 00:40:29,840 --> 00:40:31,960 You should all do it as soon as possible. If 882 00:40:31,960 --> 00:40:34,840 it's possible to do it locally, to do it then 883 00:40:35,239 --> 00:40:37,599 if it's not possible, at least do it in YOURCI 884 00:40:38,239 --> 00:40:41,119 and I give some tips about how to do it. 885 00:40:41,119 --> 00:40:43,440 You can do it with the different tools that we mentioned. 886 00:40:43,480 --> 00:40:44,800 You can do it with the tree, but you can 887 00:40:44,800 --> 00:40:46,679 also do it with the other open source tools. You 888 00:40:46,679 --> 00:40:49,800 can do it with native tools with like you cattle. 889 00:40:49,880 --> 00:40:51,480 You can do it, but you then you need to 890 00:40:51,480 --> 00:40:54,960 put a connection to a cluster and if someone have 891 00:40:55,039 --> 00:40:59,119 any questions regarding that. If someone have any feedback regarding 892 00:40:59,119 --> 00:41:01,840 this article, please contact me. I think you will also 893 00:41:01,920 --> 00:41:04,679 leave my information on this and we are going through 894 00:41:04,719 --> 00:41:06,920 aust this so we have all my information and feel 895 00:41:06,960 --> 00:41:10,199 free like I'm super richable. My email addresses all pen 896 00:41:10,400 --> 00:41:12,599 and you can find me on get a project if 897 00:41:12,639 --> 00:41:13,599 you want to paint me. 898 00:41:13,840 --> 00:41:15,440 Speaker 3: Whatever you choose that's. 899 00:41:15,280 --> 00:41:16,000 Speaker 2: It, right on. 900 00:41:16,400 --> 00:41:20,039 Speaker 1: Yep, we will put your contact info in the show 901 00:41:20,079 --> 00:41:22,920 notes and then the last thing for us to do. 902 00:41:23,039 --> 00:41:26,760 Here are our picks for the show. Jonathan, you're excited. 903 00:41:26,800 --> 00:41:27,719 Do you want to go first? 904 00:41:28,039 --> 00:41:29,519 Speaker 2: Sure, of course, bring it on. 905 00:41:30,280 --> 00:41:33,360 Speaker 5: I'm reading, or actually listening to an audiobook that I 906 00:41:33,360 --> 00:41:36,760 think is amazing. I usually read boring stuff like O'Reilly 907 00:41:36,760 --> 00:41:39,719 books about Kubernetes and helm charts and stuff like that, 908 00:41:39,760 --> 00:41:41,800 but I decided to branch out a little bit, and 909 00:41:41,840 --> 00:41:45,480 I'm reading this Sid Meyers memoir, which is still nerdy 910 00:41:45,760 --> 00:41:49,119 because he's a nerd, but it's so fun and he 911 00:41:49,199 --> 00:41:51,880 talks about game design and how he invented these games 912 00:41:51,880 --> 00:41:55,480 that he made for those who aren't familiar. Everybody's familiar, right, 913 00:41:55,519 --> 00:41:57,800 but if you're not. He's the creator of games like 914 00:41:57,840 --> 00:42:01,159 Civilization and Pirates and a bunch of they're really popular games, 915 00:42:01,280 --> 00:42:03,679 early flight simulators. It's a great book. I don't know, 916 00:42:03,960 --> 00:42:06,880 and it's he reads the audiobook. He reads himself, so 917 00:42:06,920 --> 00:42:09,719 I feel like I'm having a fireplace conversation with Sid 918 00:42:09,719 --> 00:42:10,599 Meyer when I read this. 919 00:42:10,800 --> 00:42:11,760 Speaker 2: Oh that's super cool. 920 00:42:12,000 --> 00:42:15,760 Speaker 1: Yeah, I played Civilization from way back in the day, 921 00:42:16,159 --> 00:42:19,760 Like what was the first day first version it was 922 00:42:19,760 --> 00:42:23,760 on Microsoft Doss. I think it it was either version one, 923 00:42:23,800 --> 00:42:25,800 it might have been two. I want to say it 924 00:42:25,840 --> 00:42:26,599 was version one. 925 00:42:26,880 --> 00:42:29,199 Speaker 5: I think I starned with two, and I played like 926 00:42:29,320 --> 00:42:32,320 the sixteen different expansions for version two, and then I 927 00:42:32,360 --> 00:42:34,440 think I played every version since such a great game. 928 00:42:34,480 --> 00:42:36,840 Speaker 6: Civilization is good, it's safe. I mean, probably more of 929 00:42:36,840 --> 00:42:38,920 my husband in sanity when I was on bed rest 930 00:42:38,960 --> 00:42:41,840 with my oldest because I had something to like obsess 931 00:42:41,840 --> 00:42:44,280 over besides kind of bossing him around. 932 00:42:44,320 --> 00:42:47,800 Speaker 2: So that's that's my story, Jillian, You've got pick for us. 933 00:42:48,000 --> 00:42:50,199 Speaker 6: I do. So. I've been on a quest to go 934 00:42:50,280 --> 00:42:52,639 and clean up a lot of my terraform recipes and 935 00:42:52,719 --> 00:42:55,760 release them publicly out into the wild. And I found 936 00:42:55,800 --> 00:42:58,199 it really good template for doing that from this group 937 00:42:58,280 --> 00:43:01,800 called cloud Posse. It's I think it's spelled pretty much 938 00:43:01,840 --> 00:43:04,039 like it sounds. They have a really nice like terraform 939 00:43:04,400 --> 00:43:07,320 GitHub template, you know, like the how you can actually 940 00:43:07,519 --> 00:43:10,159 create templates straight from gehub repositories now, like you press 941 00:43:10,199 --> 00:43:11,960 the button and it creates you a new repo with 942 00:43:12,000 --> 00:43:14,280 the file structure and all that kind of thing, and 943 00:43:14,480 --> 00:43:16,760 I really like it. They also have this really nice 944 00:43:16,760 --> 00:43:20,440 make file that just does like everything, Like there's so 945 00:43:20,519 --> 00:43:23,280 much stuff in that make file. It's amazing. So yeah, 946 00:43:23,320 --> 00:43:25,519 I've been cleaning up a lot of my terraform recipes 947 00:43:25,559 --> 00:43:28,679 for that and using like using that template as the base, 948 00:43:28,840 --> 00:43:32,079 and I think it's it's just a really nice terraform template. 949 00:43:32,559 --> 00:43:33,639 Check it out right on. 950 00:43:33,840 --> 00:43:34,400 Speaker 2: That's awesome. 951 00:43:34,519 --> 00:43:37,280 Speaker 1: Yeah, make files, make files and read me I think 952 00:43:37,480 --> 00:43:40,679 might be two of the hardest problems and software engineering. 953 00:43:42,239 --> 00:43:44,480 Speaker 6: I still haven't given up. It's really it's becoming like 954 00:43:44,519 --> 00:43:46,960 a cultural age gap kind of problem for me. When 955 00:43:47,000 --> 00:43:49,039 I talk to new developers, I'm like, it's all in 956 00:43:49,079 --> 00:43:51,360 the make file. It's like, it's there, right, And I'm like, 957 00:43:51,360 --> 00:43:54,000 what's the make file, especially if they've been using like 958 00:43:54,119 --> 00:43:56,360 node and they're used to the package dot Jason, and 959 00:43:56,360 --> 00:43:57,639 then I'm like, what's a make file? 960 00:43:57,719 --> 00:43:57,800 Speaker 3: Like? 961 00:43:57,920 --> 00:43:59,400 Speaker 6: Sit down, you need to talk about this. 962 00:44:01,119 --> 00:44:02,840 Speaker 2: Sit down in that chair, we're gonna talk. 963 00:44:04,199 --> 00:44:05,679 Speaker 6: That's right, That is it? 964 00:44:05,880 --> 00:44:07,239 Speaker 2: Yeah, have you got a pick for us? 965 00:44:07,360 --> 00:44:10,079 Speaker 3: I didn't know that that is one. Sorry, I didn't know. 966 00:44:10,239 --> 00:44:11,559 You just make my own walk. 967 00:44:11,480 --> 00:44:13,679 Speaker 2: That's quite all right, I've got one. 968 00:44:14,000 --> 00:44:17,000 Speaker 1: And it's funny because I've heard about this for quite 969 00:44:17,039 --> 00:44:19,320 a while, and I was like, yeah, yeah, yeah, whatever, 970 00:44:19,719 --> 00:44:23,800 it's fine, and it's a screen protector for my iPad. 971 00:44:23,960 --> 00:44:26,920 But it's from paper Like, and it's as you might 972 00:44:26,920 --> 00:44:29,559 have guessed, it's very paper like because one of the 973 00:44:29,559 --> 00:44:33,639 things with using my my iPad and the Apple pencil 974 00:44:34,199 --> 00:44:36,960 is it felt really slippery. Plus I'm left handed, you know, 975 00:44:37,079 --> 00:44:39,639 so I have this thing where I wrapped my arm 976 00:44:39,679 --> 00:44:42,559 around three hundred and sixty degrees in order to be 977 00:44:42,599 --> 00:44:44,760 able to write anything and then curl up in a 978 00:44:44,800 --> 00:44:47,679 fetal position. But it was really hard to write on 979 00:44:47,719 --> 00:44:51,880 my iPad, but I wanted to do it, and so 980 00:44:51,960 --> 00:44:54,639 I finally broke down and bought this screen protector called 981 00:44:54,719 --> 00:44:57,559 paper Like, and I put it on and felt it 982 00:44:57,599 --> 00:44:59,519 with my fingers and I was like, yeah whatever. But 983 00:44:59,559 --> 00:45:01,719 then I actually I started using it with the Apple pencil. 984 00:45:01,800 --> 00:45:04,639 It was like, holy cow, this is really like writing 985 00:45:04,760 --> 00:45:07,639 on a piece of paper. So that's my pick for 986 00:45:07,719 --> 00:45:10,360 today is if you have an iPad and the Apple 987 00:45:10,400 --> 00:45:13,320 pencil but you are struggling to use it because it 988 00:45:13,320 --> 00:45:15,360 feels like it just slides all over the place, the 989 00:45:15,519 --> 00:45:18,519 paper Like screen protector has solved that problem for me. 990 00:45:18,920 --> 00:45:21,119 Speaker 2: Is it iPad specific I will work on any tablet 991 00:45:21,159 --> 00:45:23,280 that you use with the stilist. That's a great question. 992 00:45:23,360 --> 00:45:23,760 I don't know. 993 00:45:23,880 --> 00:45:26,719 Speaker 1: I only looked for the iPad version. I would imagine 994 00:45:26,760 --> 00:45:29,480 that they've got it for pretty much any tablet. Yeah, 995 00:45:29,480 --> 00:45:31,880 because it's just, I mean, it's just it looks just 996 00:45:31,920 --> 00:45:33,679 like a screen protector you know that you buy for 997 00:45:33,679 --> 00:45:37,079 your phone or any tablet. There's nothing significant about it, 998 00:45:37,119 --> 00:45:41,079 but the texture of it feels like paper. So props 999 00:45:41,079 --> 00:45:44,840 to their marketing team for naming the product as well. 1000 00:45:45,280 --> 00:45:47,760 All Right, I think that's it. We've got a wrap. 1001 00:45:47,840 --> 00:45:51,440 Thank you everyone for listening. Yeah, thank you for joining us. 1002 00:45:51,480 --> 00:45:55,440 This was a great chat. And Jonathan, Jillian welcome. Happy 1003 00:45:55,480 --> 00:45:58,199 to have you guys here, and we'll see y'all next time.