Date   

CNCF TOC - F2F in Austin

alexis richardson
 

Dan & Chris

What was the final decision for the TOC's F2F in Austin?  Please could you ask whoever manages the LF cal to get it into everyone's diary?

a


TOC Agenda 11/14/2017

Chris Aniszczyk
 

Hey all, we have a TOC meeting tomorrow, here's the agenda deck:
https://goo.gl/vKbawR

We will be hearing from the Open Policy Agent (OPA) project, along with getting updates from the Storage, Networking and Serverless WGs. We also plan to discuss the beginning of  incubation/graduation project reviews (i.e., https://github.com/cncf/toc/pull/66)

See everyone tomorrow!

--
Chris Aniszczyk (@cra) | +1-512-961-6719


Re: SPIFFE Presentation - TOC Agenda 11/7/2017

Deepak Vij
 

Thanks Joe, appreciate it.

 

-          Deepak

 

From: Joe Beda [mailto:joe@...]
Sent: Monday, November 13, 2017 4:34 PM
To: Alexis Richardson <alexis@...>; tsc@...
Cc: Deepak Vij (A) <deepak.vij@...>; cncf-toc@...
Subject: Re: [cncf-toc] SPIFFE Presentation - TOC Agenda 11/7/2017

 

Including the SPIFFE leadership TSC here.  I know that Andrew is working on pulling together some answers here.

 

Joe

On Sun, Nov 12, 2017 at 12:52 PM Alexis Richardson via cncf-toc <cncf-toc@...> wrote:

Thank you for posting questions Deepak!

 

On Sun, 12 Nov 2017, 20:32 Deepak Vij (A) via cncf-toc, <cncf-toc@...> wrote:

Hi all, this is regarding the recent CNCF TOC meeting last week, specifically related to the SPIFFE presentation during the meeting. I saw most of the presentation but missed some of it at the end. It would be really great if there is recording available for this session which I could view.

 

Now coming back to SPIFFE, I am really interested in finding out more about it. After the TOC meeting, I did some research on it by going through the content on SPIFFE SIG web page and few other related documents. Based on my initial cursory look at it, I have following questions for gentleman who presented SPIFFE during the meeting:

·       Based on my understanding, SPIFFE is a set of specifications and SPIRE is the actual one of the reference implementation for the SPIFFE specs. Based on my initial research, it seems Istio Service Mesh project has its own implementation which is SPIFFE compliant. The fact SPIFFE/SPIRE and Istio are aspiring to be viable CNCF projects, are these two distinct SPIFFE implementations going to merge down the road or is it to do with the fact that domain of Istio service mesh is service-to-service authentication at the intra K8S cluster level versus SPIFFE/SPIRE strives to go beyond intra service-to-service authentication and additionally provide support for external services access as well?

·       Also, I noticed that currently SPIFFE Verifiable Identity Document (SVID) provides support for only X.509 format. Are there plans to provide support for SVID types such as JWT down the road. Or is it by design that only X.509 format is supported because of vulnerabilities of JWT (masquerading, playback attacks etc.) and X.509 is the only viable format which does not have all these vulnerabilities at the present time. Although, I recently saw a proposal in Kubernetes AUTH SIG “Trustworthy Workload JWTs” for addressing all the known issues with JWTs. Provided all the current JWT issues are sorted out (adding nonce to prevent replay attacks etc. etc.), do we see JWT as a viable SVID format type down the road? Also, from backward compatibility perspectives, Kubernetes Service Account Identity is currently JWT token based.

·       Currently in Kubernetes, identity is defined at the Service level, is the intent of SPIFFE to provide more granular identity at the actual workload level (Pods, Containers or possibly native UNIX Process level)? The SPIFFE demo I recently saw includes identity attestation for native Unix process (database running as a process), in addition to K8S Pod.

·       Why not implement OpenID Connect based identity provider within Kubernetes cluster instead of re-inventing the wheel. I am assuming this may be due to well-known JWT vulnerability related issues as mentioned before. Also, external OIDC implementation does have problems related to network round tripping.

·       Also, I noticed that SPIFFE design aspires to be decentralized versus SPOF issues for OpenID Connect type identity providers. Can’t SPOF issue of OIDCs be addressed by implementing redundant or back-up Identity Providers. Although, this does increase the complexity of the overall solution. Based on my understanding SPIFFE design consists of Node (at the Node level) & Server Agents (at the Master API Server level) components. Initially when I saw decentralized design of SPIFFE I thought it was peer-to-peer based trust model approach, there has been lot of research on P2P trust model in the academia but I have not seen that in practice yet.

·       Lastly, how does this all play out in the enterprise SAML based federated identity environment (good old WS-Security, WS-Trust stuff). How are the legacy coarse grained SOA Web Services going to play out in the SPIFFE like environment. The reason I bring all this up is because legacy enterprise SOA based web services are still going to be there as coarse grain services side-by-side with the newer micro-services architecture.

 

I am sure as I understand more about SPIFFE, I will have lot of follow up questions. In the meanwhile, it would be good to get the fog cleared up in my mind based on my initial understanding of all this. But overall, SPIFFE definitely seems to be a step in the right direction and I am really interested in this effort going forward. Look forward to your response on all this. Thanks.

 

Regards,

Deepak Vij   

 

From: cncf-toc-bounces@... [mailto:cncf-toc-bounces@...] On Behalf Of Chris Aniszczyk via cncf-toc
Sent: Monday, November 06, 2017 12:31 PM
To: CNCF TOC <cncf-toc@...>
Subject: [cncf-toc] TOC Agenda 11/7/2017

 

Hey all, we have a TOC meeting tomorrow, here's the agenda deck: https://goo.gl/LoKyV5

 

We will be hearing from the Istio and SPIFFE projects, along with getting a brief update from the Serverless WG.

 

See everyone tomorrow!

 

--

Chris Aniszczyk (@cra) | +1-512-961-6719

_______________________________________________
cncf-toc mailing list
cncf-toc@...
https://lists.cncf.io/mailman/listinfo/cncf-toc

_______________________________________________
cncf-toc mailing list
cncf-toc@...
https://lists.cncf.io/mailman/listinfo/cncf-toc


Re: SPIFFE Presentation - TOC Agenda 11/7/2017

Joe Beda
 

Including the SPIFFE leadership TSC here.  I know that Andrew is working on pulling together some answers here.

Joe


On Sun, Nov 12, 2017 at 12:52 PM Alexis Richardson via cncf-toc <cncf-toc@...> wrote:

Thank you for posting questions Deepak!


On Sun, 12 Nov 2017, 20:32 Deepak Vij (A) via cncf-toc, <cncf-toc@...> wrote:

Hi all, this is regarding the recent CNCF TOC meeting last week, specifically related to the SPIFFE presentation during the meeting. I saw most of the presentation but missed some of it at the end. It would be really great if there is recording available for this session which I could view.

 

Now coming back to SPIFFE, I am really interested in finding out more about it. After the TOC meeting, I did some research on it by going through the content on SPIFFE SIG web page and few other related documents. Based on my initial cursory look at it, I have following questions for gentleman who presented SPIFFE during the meeting:

·       Based on my understanding, SPIFFE is a set of specifications and SPIRE is the actual one of the reference implementation for the SPIFFE specs. Based on my initial research, it seems Istio Service Mesh project has its own implementation which is SPIFFE compliant. The fact SPIFFE/SPIRE and Istio are aspiring to be viable CNCF projects, are these two distinct SPIFFE implementations going to merge down the road or is it to do with the fact that domain of Istio service mesh is service-to-service authentication at the intra K8S cluster level versus SPIFFE/SPIRE strives to go beyond intra service-to-service authentication and additionally provide support for external services access as well?

·       Also, I noticed that currently SPIFFE Verifiable Identity Document (SVID) provides support for only X.509 format. Are there plans to provide support for SVID types such as JWT down the road. Or is it by design that only X.509 format is supported because of vulnerabilities of JWT (masquerading, playback attacks etc.) and X.509 is the only viable format which does not have all these vulnerabilities at the present time. Although, I recently saw a proposal in Kubernetes AUTH SIG “Trustworthy Workload JWTs” for addressing all the known issues with JWTs. Provided all the current JWT issues are sorted out (adding nonce to prevent replay attacks etc. etc.), do we see JWT as a viable SVID format type down the road? Also, from backward compatibility perspectives, Kubernetes Service Account Identity is currently JWT token based.

·       Currently in Kubernetes, identity is defined at the Service level, is the intent of SPIFFE to provide more granular identity at the actual workload level (Pods, Containers or possibly native UNIX Process level)? The SPIFFE demo I recently saw includes identity attestation for native Unix process (database running as a process), in addition to K8S Pod.

·       Why not implement OpenID Connect based identity provider within Kubernetes cluster instead of re-inventing the wheel. I am assuming this may be due to well-known JWT vulnerability related issues as mentioned before. Also, external OIDC implementation does have problems related to network round tripping.

·       Also, I noticed that SPIFFE design aspires to be decentralized versus SPOF issues for OpenID Connect type identity providers. Can’t SPOF issue of OIDCs be addressed by implementing redundant or back-up Identity Providers. Although, this does increase the complexity of the overall solution. Based on my understanding SPIFFE design consists of Node (at the Node level) & Server Agents (at the Master API Server level) components. Initially when I saw decentralized design of SPIFFE I thought it was peer-to-peer based trust model approach, there has been lot of research on P2P trust model in the academia but I have not seen that in practice yet.

·       Lastly, how does this all play out in the enterprise SAML based federated identity environment (good old WS-Security, WS-Trust stuff). How are the legacy coarse grained SOA Web Services going to play out in the SPIFFE like environment. The reason I bring all this up is because legacy enterprise SOA based web services are still going to be there as coarse grain services side-by-side with the newer micro-services architecture.

 

I am sure as I understand more about SPIFFE, I will have lot of follow up questions. In the meanwhile, it would be good to get the fog cleared up in my mind based on my initial understanding of all this. But overall, SPIFFE definitely seems to be a step in the right direction and I am really interested in this effort going forward. Look forward to your response on all this. Thanks.

 

Regards,

Deepak Vij   

 

From: cncf-toc-bounces@... [mailto:cncf-toc-bounces@...] On Behalf Of Chris Aniszczyk via cncf-toc
Sent: Monday, November 06, 2017 12:31 PM
To: CNCF TOC <cncf-toc@...>
Subject: [cncf-toc] TOC Agenda 11/7/2017

 

Hey all, we have a TOC meeting tomorrow, here's the agenda deck: https://goo.gl/LoKyV5

 

We will be hearing from the Istio and SPIFFE projects, along with getting a brief update from the Serverless WG.

 

See everyone tomorrow!

 

--

Chris Aniszczyk (@cra) | +1-512-961-6719

_______________________________________________
cncf-toc mailing list
cncf-toc@...
https://lists.cncf.io/mailman/listinfo/cncf-toc
_______________________________________________
cncf-toc mailing list
cncf-toc@...
https://lists.cncf.io/mailman/listinfo/cncf-toc


Re: [VOTE] CNCF TOC Principles

Benjamin Hindman
 

+1


On Mon, Nov 13, 2017 at 9:30 AM Ken Owens via cncf-toc <cncf-toc@...> wrote:
+1 

On Mon, Nov 13, 2017 at 7:47 AM, Jonathan Boulle via cncf-toc <cncf-toc@...> wrote:
+1 from me

On 2 November 2017 at 23:29, Chris Aniszczyk via cncf-toc <cncf-toc@...> wrote:
email is immutable so we stick with that for official voting

thanks Solomon!

On Thu, Nov 2, 2017 at 10:28 PM, Solomon Hykes <solomon.hykes@...> wrote:
+1

Do you want us to approve in github also? Or does email voting remain the source of truth?

On Thursday, November 2, 2017, Chris Aniszczyk via cncf-toc <cncf-toc@...> wrote:
Hey all y'all, the CNCF TOC principles had enough time to bake and are ready for TOC vote:

Remember that the TOC has binding votes only, but we do appreciate non-binding votes from the community as a sign of support.

Thanks!

--
Chris Aniszczyk (@cra) | +1-512-961-6719



--
Chris Aniszczyk (@cra) | +1-512-961-6719

_______________________________________________
cncf-toc mailing list
cncf-toc@...
https://lists.cncf.io/mailman/listinfo/cncf-toc



_______________________________________________
cncf-toc mailing list
cncf-toc@...
https://lists.cncf.io/mailman/listinfo/cncf-toc


_______________________________________________
cncf-toc mailing list
cncf-toc@...
https://lists.cncf.io/mailman/listinfo/cncf-toc
--
Benjamin Hindman
Founder of Mesosphere and Co-Creator of Apache Mesos

Follow us on Twitter: @mesosphere

All New DC/OS 1.10 


Re: [VOTE] CNCF TOC Principles

Ken Owens
 

+1 

On Mon, Nov 13, 2017 at 7:47 AM, Jonathan Boulle via cncf-toc <cncf-toc@...> wrote:
+1 from me

On 2 November 2017 at 23:29, Chris Aniszczyk via cncf-toc <cncf-toc@...> wrote:
email is immutable so we stick with that for official voting

thanks Solomon!

On Thu, Nov 2, 2017 at 10:28 PM, Solomon Hykes <solomon.hykes@...> wrote:
+1

Do you want us to approve in github also? Or does email voting remain the source of truth?

On Thursday, November 2, 2017, Chris Aniszczyk via cncf-toc <cncf-toc@...> wrote:
Hey all y'all, the CNCF TOC principles had enough time to bake and are ready for TOC vote:

Remember that the TOC has binding votes only, but we do appreciate non-binding votes from the community as a sign of support.

Thanks!

--
Chris Aniszczyk (@cra) | +1-512-961-6719



--
Chris Aniszczyk (@cra) | +1-512-961-6719

_______________________________________________
cncf-toc mailing list
cncf-toc@...
https://lists.cncf.io/mailman/listinfo/cncf-toc



_______________________________________________
cncf-toc mailing list
cncf-toc@...
https://lists.cncf.io/mailman/listinfo/cncf-toc



Re: [VOTE] CNCF TOC Principles

Jonathan Boulle <jonathan.boulle@...>
 

+1 from me

On 2 November 2017 at 23:29, Chris Aniszczyk via cncf-toc <cncf-toc@...> wrote:
email is immutable so we stick with that for official voting

thanks Solomon!

On Thu, Nov 2, 2017 at 10:28 PM, Solomon Hykes <solomon.hykes@...> wrote:
+1

Do you want us to approve in github also? Or does email voting remain the source of truth?

On Thursday, November 2, 2017, Chris Aniszczyk via cncf-toc <cncf-toc@...> wrote:
Hey all y'all, the CNCF TOC principles had enough time to bake and are ready for TOC vote:

Remember that the TOC has binding votes only, but we do appreciate non-binding votes from the community as a sign of support.

Thanks!

--
Chris Aniszczyk (@cra) | +1-512-961-6719



--
Chris Aniszczyk (@cra) | +1-512-961-6719

_______________________________________________
cncf-toc mailing list
cncf-toc@...
https://lists.cncf.io/mailman/listinfo/cncf-toc



Visit Aporeto at AWS re:invent at Booth 1500

Amir Sharif
 

Hi Bercovici,,

I hope that you are doing well.

If you are going to AWS re:invent in Las Vegas this year, please visit Aporeto at booth 1500 for a quick demonstrate our security solution.  

Our tagline is "Security Transcending Clouds."  With Aporeto, you will be able to have a consistent security posture for your cloud applications regardless of how or where those applications are running.  The benefits are powerful:
  • Better application protection and visibility
  • Simpler operations and less complexity
  • Higher workload mobility

If you'd like to set up a meeting time or have a specific question, please respond to me or send an email to reinvent2017@....

I look forward to seeing you soon, 
--
Amir Sharif
, Co-Founder


Re: SPIFFE Presentation - TOC Agenda 11/7/2017

alexis richardson
 

Thank you for posting questions Deepak!


On Sun, 12 Nov 2017, 20:32 Deepak Vij (A) via cncf-toc, <cncf-toc@...> wrote:

Hi all, this is regarding the recent CNCF TOC meeting last week, specifically related to the SPIFFE presentation during the meeting. I saw most of the presentation but missed some of it at the end. It would be really great if there is recording available for this session which I could view.

 

Now coming back to SPIFFE, I am really interested in finding out more about it. After the TOC meeting, I did some research on it by going through the content on SPIFFE SIG web page and few other related documents. Based on my initial cursory look at it, I have following questions for gentleman who presented SPIFFE during the meeting:

·       Based on my understanding, SPIFFE is a set of specifications and SPIRE is the actual one of the reference implementation for the SPIFFE specs. Based on my initial research, it seems Istio Service Mesh project has its own implementation which is SPIFFE compliant. The fact SPIFFE/SPIRE and Istio are aspiring to be viable CNCF projects, are these two distinct SPIFFE implementations going to merge down the road or is it to do with the fact that domain of Istio service mesh is service-to-service authentication at the intra K8S cluster level versus SPIFFE/SPIRE strives to go beyond intra service-to-service authentication and additionally provide support for external services access as well?

·       Also, I noticed that currently SPIFFE Verifiable Identity Document (SVID) provides support for only X.509 format. Are there plans to provide support for SVID types such as JWT down the road. Or is it by design that only X.509 format is supported because of vulnerabilities of JWT (masquerading, playback attacks etc.) and X.509 is the only viable format which does not have all these vulnerabilities at the present time. Although, I recently saw a proposal in Kubernetes AUTH SIG “Trustworthy Workload JWTs” for addressing all the known issues with JWTs. Provided all the current JWT issues are sorted out (adding nonce to prevent replay attacks etc. etc.), do we see JWT as a viable SVID format type down the road? Also, from backward compatibility perspectives, Kubernetes Service Account Identity is currently JWT token based.

·       Currently in Kubernetes, identity is defined at the Service level, is the intent of SPIFFE to provide more granular identity at the actual workload level (Pods, Containers or possibly native UNIX Process level)? The SPIFFE demo I recently saw includes identity attestation for native Unix process (database running as a process), in addition to K8S Pod.

·       Why not implement OpenID Connect based identity provider within Kubernetes cluster instead of re-inventing the wheel. I am assuming this may be due to well-known JWT vulnerability related issues as mentioned before. Also, external OIDC implementation does have problems related to network round tripping.

·       Also, I noticed that SPIFFE design aspires to be decentralized versus SPOF issues for OpenID Connect type identity providers. Can’t SPOF issue of OIDCs be addressed by implementing redundant or back-up Identity Providers. Although, this does increase the complexity of the overall solution. Based on my understanding SPIFFE design consists of Node (at the Node level) & Server Agents (at the Master API Server level) components. Initially when I saw decentralized design of SPIFFE I thought it was peer-to-peer based trust model approach, there has been lot of research on P2P trust model in the academia but I have not seen that in practice yet.

·       Lastly, how does this all play out in the enterprise SAML based federated identity environment (good old WS-Security, WS-Trust stuff). How are the legacy coarse grained SOA Web Services going to play out in the SPIFFE like environment. The reason I bring all this up is because legacy enterprise SOA based web services are still going to be there as coarse grain services side-by-side with the newer micro-services architecture.

 

I am sure as I understand more about SPIFFE, I will have lot of follow up questions. In the meanwhile, it would be good to get the fog cleared up in my mind based on my initial understanding of all this. But overall, SPIFFE definitely seems to be a step in the right direction and I am really interested in this effort going forward. Look forward to your response on all this. Thanks.

 

Regards,

Deepak Vij   

 

From: cncf-toc-bounces@... [mailto:cncf-toc-bounces@...] On Behalf Of Chris Aniszczyk via cncf-toc
Sent: Monday, November 06, 2017 12:31 PM
To: CNCF TOC <cncf-toc@...>
Subject: [cncf-toc] TOC Agenda 11/7/2017

 

Hey all, we have a TOC meeting tomorrow, here's the agenda deck: https://goo.gl/LoKyV5

 

We will be hearing from the Istio and SPIFFE projects, along with getting a brief update from the Serverless WG.

 

See everyone tomorrow!

 

--

Chris Aniszczyk (@cra) | +1-512-961-6719

_______________________________________________
cncf-toc mailing list
cncf-toc@...
https://lists.cncf.io/mailman/listinfo/cncf-toc


SPIFFE Presentation - TOC Agenda 11/7/2017

Deepak Vij
 

Hi all, this is regarding the recent CNCF TOC meeting last week, specifically related to the SPIFFE presentation during the meeting. I saw most of the presentation but missed some of it at the end. It would be really great if there is recording available for this session which I could view.

 

Now coming back to SPIFFE, I am really interested in finding out more about it. After the TOC meeting, I did some research on it by going through the content on SPIFFE SIG web page and few other related documents. Based on my initial cursory look at it, I have following questions for gentleman who presented SPIFFE during the meeting:

·       Based on my understanding, SPIFFE is a set of specifications and SPIRE is the actual one of the reference implementation for the SPIFFE specs. Based on my initial research, it seems Istio Service Mesh project has its own implementation which is SPIFFE compliant. The fact SPIFFE/SPIRE and Istio are aspiring to be viable CNCF projects, are these two distinct SPIFFE implementations going to merge down the road or is it to do with the fact that domain of Istio service mesh is service-to-service authentication at the intra K8S cluster level versus SPIFFE/SPIRE strives to go beyond intra service-to-service authentication and additionally provide support for external services access as well?

·       Also, I noticed that currently SPIFFE Verifiable Identity Document (SVID) provides support for only X.509 format. Are there plans to provide support for SVID types such as JWT down the road. Or is it by design that only X.509 format is supported because of vulnerabilities of JWT (masquerading, playback attacks etc.) and X.509 is the only viable format which does not have all these vulnerabilities at the present time. Although, I recently saw a proposal in Kubernetes AUTH SIG “Trustworthy Workload JWTs” for addressing all the known issues with JWTs. Provided all the current JWT issues are sorted out (adding nonce to prevent replay attacks etc. etc.), do we see JWT as a viable SVID format type down the road? Also, from backward compatibility perspectives, Kubernetes Service Account Identity is currently JWT token based.

·       Currently in Kubernetes, identity is defined at the Service level, is the intent of SPIFFE to provide more granular identity at the actual workload level (Pods, Containers or possibly native UNIX Process level)? The SPIFFE demo I recently saw includes identity attestation for native Unix process (database running as a process), in addition to K8S Pod.

·       Why not implement OpenID Connect based identity provider within Kubernetes cluster instead of re-inventing the wheel. I am assuming this may be due to well-known JWT vulnerability related issues as mentioned before. Also, external OIDC implementation does have problems related to network round tripping.

·       Also, I noticed that SPIFFE design aspires to be decentralized versus SPOF issues for OpenID Connect type identity providers. Can’t SPOF issue of OIDCs be addressed by implementing redundant or back-up Identity Providers. Although, this does increase the complexity of the overall solution. Based on my understanding SPIFFE design consists of Node (at the Node level) & Server Agents (at the Master API Server level) components. Initially when I saw decentralized design of SPIFFE I thought it was peer-to-peer based trust model approach, there has been lot of research on P2P trust model in the academia but I have not seen that in practice yet.

·       Lastly, how does this all play out in the enterprise SAML based federated identity environment (good old WS-Security, WS-Trust stuff). How are the legacy coarse grained SOA Web Services going to play out in the SPIFFE like environment. The reason I bring all this up is because legacy enterprise SOA based web services are still going to be there as coarse grain services side-by-side with the newer micro-services architecture.

 

I am sure as I understand more about SPIFFE, I will have lot of follow up questions. In the meanwhile, it would be good to get the fog cleared up in my mind based on my initial understanding of all this. But overall, SPIFFE definitely seems to be a step in the right direction and I am really interested in this effort going forward. Look forward to your response on all this. Thanks.

 

Regards,

Deepak Vij   

 

From: cncf-toc-bounces@... [mailto:cncf-toc-bounces@...] On Behalf Of Chris Aniszczyk via cncf-toc
Sent: Monday, November 06, 2017 12:31 PM
To: CNCF TOC <cncf-toc@...>
Subject: [cncf-toc] TOC Agenda 11/7/2017

 

Hey all, we have a TOC meeting tomorrow, here's the agenda deck: https://goo.gl/LoKyV5

 

We will be hearing from the Istio and SPIFFE projects, along with getting a brief update from the Serverless WG.

 

See everyone tomorrow!

 

--

Chris Aniszczyk (@cra) | +1-512-961-6719


CNCF Community Awards Voting 2017

Ihor Dvoretskyi
 

Greetings all,

As it was announced last week (https://lists.cncf.io/pipermail/cncf-toc/2017-November/001320.html), CNCF is driving awards to respect the most active ambassadors and contributors to the CNCF projects.

Today starts the second part of the Community Awards process - based on the nominations, voting is open!

As a friendly reminder, in 2017 CNCF offers two community awards:
- Top Cloud Native Ambassador - an individual with the incredible community-oriented skills, focused on spreading the word and sharing the knowledge with the entire Cloud Native community or within a specific project.
- Top Cloud Native Committer - an individual with the incredible technical skills and notable technical achievements in one or multiple CNCF projects.

The voting forms for Awards are available:
- Top Cloud Native Ambassador Award at https://goo.gl/forms/Y5G3krjROuLqj1rE3. Please, note that only votes from CNCF TOC will be counted.
- Top Cloud Native Committer Award at https://goo.gl/forms/nLZA3JMvU32nOEf53. Every person from the CNCF community may vote.

Please, note that the voting deadline is November 15 (23:59 PM Pacific Time).

Thank you!


Re: Sorry to miss the call...

alexis richardson
 

In other news: enthusiasts for Storage and Networking are warmly invited to attend the next TOC call, on Tuesday 14th Nov.  That's in 7 days from today.



On Tue, Nov 7, 2017 at 7:19 PM, Bryan Cantrill <bryan@...> wrote:

Both look like good candidates!

        - Bryan


On Tue, Nov 7, 2017 at 11:16 AM, Alexis Richardson <alexis@...> wrote:
no worries, and thanks for email.

we had a show of hands to proceed with two projects towards "written proposal" stage, BG as sponsoring TOC person.

* SPIFFE / Spire
* Istio

let us know if you object or have questions please Bryan

a




On Tue, Nov 7, 2017 at 7:10 PM, Bryan Cantrill via cncf-toc <cncf-toc@...> wrote:

I had the kids solo this morning, so the call was impossible for me -- sorry for not communicating that in advance.

        - Bryan


_______________________________________________
cncf-toc mailing list
cncf-toc@...
https://lists.cncf.io/mailman/listinfo/cncf-toc





Re: Sorry to miss the call...

Bryan Cantrill <bryan@...>
 


Both look like good candidates!

        - Bryan


On Tue, Nov 7, 2017 at 11:16 AM, Alexis Richardson <alexis@...> wrote:
no worries, and thanks for email.

we had a show of hands to proceed with two projects towards "written proposal" stage, BG as sponsoring TOC person.

* SPIFFE / Spire
* Istio

let us know if you object or have questions please Bryan

a




On Tue, Nov 7, 2017 at 7:10 PM, Bryan Cantrill via cncf-toc <cncf-toc@...> wrote:

I had the kids solo this morning, so the call was impossible for me -- sorry for not communicating that in advance.

        - Bryan


_______________________________________________
cncf-toc mailing list
cncf-toc@...
https://lists.cncf.io/mailman/listinfo/cncf-toc




Re: Sorry to miss the call...

alexis richardson
 

no worries, and thanks for email.

we had a show of hands to proceed with two projects towards "written proposal" stage, BG as sponsoring TOC person.

* SPIFFE / Spire
* Istio

let us know if you object or have questions please Bryan

a




On Tue, Nov 7, 2017 at 7:10 PM, Bryan Cantrill via cncf-toc <cncf-toc@...> wrote:

I had the kids solo this morning, so the call was impossible for me -- sorry for not communicating that in advance.

        - Bryan


_______________________________________________
cncf-toc mailing list
cncf-toc@...
https://lists.cncf.io/mailman/listinfo/cncf-toc



Re: Istio

alexis richardson
 

thank you very much!  

I promise to be available next week for alexis impressions.

On Tue, Nov 7, 2017 at 7:09 PM, Chris Aniszczyk <caniszczyk@...> wrote:
Yes, I did my best Alexis impression and no one  had issues with Istio moving to the project proposal stage.

I’ll be working with the Istio and SPIFFE projects in their proposals in the coming weeks.

On Tue, Nov 7, 2017 at 12:28 PM Alexis Richardson via cncf-toc <cncf-toc@...> wrote:
Hi

Sorry I had to drop off call at ten to the hour.

Did we get to a show of hands on istio?

A


_______________________________________________
cncf-toc mailing list
cncf-toc@...
https://lists.cncf.io/mailman/listinfo/cncf-toc
--


Sorry to miss the call...

Bryan Cantrill <bryan@...>
 


I had the kids solo this morning, so the call was impossible for me -- sorry for not communicating that in advance.

        - Bryan


Re: Istio

Chris Aniszczyk
 

Yes, I did my best Alexis impression and no one  had issues with Istio moving to the project proposal stage.

I’ll be working with the Istio and SPIFFE projects in their proposals in the coming weeks.

On Tue, Nov 7, 2017 at 12:28 PM Alexis Richardson via cncf-toc <cncf-toc@...> wrote:
Hi

Sorry I had to drop off call at ten to the hour.

Did we get to a show of hands on istio?

A


_______________________________________________
cncf-toc mailing list
cncf-toc@...
https://lists.cncf.io/mailman/listinfo/cncf-toc
--
Cheers,

Chris Aniszczyk
http://aniszczyk.org
+1 512 961 6719


Istio

alexis richardson
 

Hi

Sorry I had to drop off call at ten to the hour.

Did we get to a show of hands on istio?

A



Re: Welcoming Michelle Noorali and Brandon Phillips to the CNCF GB

Andrew Randall
 

Happy to see CNCF governance is in good hands... congrats both!


On Tue, Nov 7, 2017 at 6:49 AM Alex Baretto via cncf-toc <cncf-toc@...> wrote:
Congratulations!
On Tue, Nov 7, 2017 at 06:46, Gianluca Arbezzano via cncf-toc <cncf-toc@...> wrote:
Congrats!!

2017-11-07 14:30 GMT+01:00 Ken Owens via cncf-toc <cncf-toc@...>:
Congrats Michelle

On Mon, Nov 6, 2017 at 1:03 PM, Dan Kohn via cncf-toc <cncf-toc@...> wrote:
I'm pleased to welcome Michelle Noorali of Microsoft to the CNCF Governing Board as the developer seat representative from Kubernetes. She joins Brandon Phillips of CoreOS, who is the developer seat representative from the other projects. The process for this is described here:

https://github.com/cncf/foundation/blob/master/gb-developer-reps.md
--
Dan Kohn <dan@...>
Executive Director, Cloud Native Computing Foundation https://www.cncf.io

_______________________________________________
cncf-toc mailing list
cncf-toc@...
https://lists.cncf.io/mailman/listinfo/cncf-toc



_______________________________________________
cncf-toc mailing list
cncf-toc@...
https://lists.cncf.io/mailman/listinfo/cncf-toc




--
Gianluca Arbezzano
www.gianarb.it
_______________________________________________
cncf-toc mailing list
cncf-toc@...
https://lists.cncf.io/mailman/listinfo/cncf-toc
_______________________________________________
cncf-toc mailing list
cncf-toc@...
https://lists.cncf.io/mailman/listinfo/cncf-toc
--
Andrew Randall
Tigera, Inc.
(510) 520-0999


Re: Welcoming Michelle Noorali and Brandon Phillips to the CNCF GB

Alex Baretto
 

Congratulations!

On Tue, Nov 7, 2017 at 06:46, Gianluca Arbezzano via cncf-toc <cncf-toc@...> wrote:
Congrats!!

2017-11-07 14:30 GMT+01:00 Ken Owens via cncf-toc <cncf-toc@...>:
Congrats Michelle

On Mon, Nov 6, 2017 at 1:03 PM, Dan Kohn via cncf-toc <cncf-toc@...> wrote:
I'm pleased to welcome Michelle Noorali of Microsoft to the CNCF Governing Board as the developer seat representative from Kubernetes. She joins Brandon Phillips of CoreOS, who is the developer seat representative from the other projects. The process for this is described here:

https://github.com/cncf/foundation/blob/master/gb-developer-reps.md
--
Dan Kohn <dan@...>
Executive Director, Cloud Native Computing Foundation https://www.cncf.io

_______________________________________________
cncf-toc mailing list
cncf-toc@...
https://lists.cncf.io/mailman/listinfo/cncf-toc



_______________________________________________
cncf-toc mailing list
cncf-toc@...
https://lists.cncf.io/mailman/listinfo/cncf-toc




--
Gianluca Arbezzano
www.gianarb.it
_______________________________________________
cncf-toc mailing list
cncf-toc@...
https://lists.cncf.io/mailman/listinfo/cncf-toc

5961 - 5980 of 7317