Date   

Project Process flow chart....

Brendan Burns
 

Folks,
I'm quite tardy, but I created the proposed flow-chart for the project adoption process as discussed 2 meetings ago:


Comments please!

Thanks
--brendan



CFP Reminder for KubeCon + CloudNativeCon NA (closes July 12th)

Chris Aniszczyk
 

Just a friendly reminder that the CFP for KubeCon + CloudNativeCon NA closes soon:

Please get your submissions in by July 12th.

--
Chris Aniszczyk (@cra) | +1-512-961-6719


Re: What is the purpose of the SIGs?

Chris Aniszczyk
 

Thanks, we will put something together in the coming week.


On Wed, Jul 3, 2019 at 8:59 AM Dimitri Mitropoulos <dimitri@...> wrote:
thanks all!  a high level overview on the main site would be great!

On Tue, 2 Jul 2019 at 12:44, Liz Rice <liz@...> wrote:
Hi Dmitri, here’s a write-up: https://github.com/cncf/toc/blob/master/sigs/cncf-sigs.md 


To everyone: there was a similar-ish question a week or two ago about the roles of user groups, TOC, working groups, SIGs and so on. I wonder if we need a better introductory explanation (illustrated guide, even?) on the main CNCF website? For the TOC parts it could link to the more detailed docs that we maintain on GitHub. 

Liz

On 2 Jul 2019, 17:38 +0100, Dimitri Mitropoulos <dimitri@...>, wrote:
Hi, my name is Dimitri Mitropoulos and I'm an engineer at Weaveworks.

I was talking to my friends the other day about the cool CNCF SIGs that I'd heard mentioned.  Later I tried to find a description of specifically what the SIGs are for.  Where can I find such a thing?

I'm hoping to learn what the ultimate place is of the SIGs in terms of decision making power.  That is to say, do the SIGs make decisions that are then acted upon or do they make informed recommendations that may or may not be accepted by the TOC?

Thanks!



--
Chris Aniszczyk (@cra) | +1-512-961-6719


Re: What is the purpose of the SIGs?

Dimitri Mitropoulos <dimitri@...>
 

thanks all!  a high level overview on the main site would be great!


On Tue, 2 Jul 2019 at 12:44, Liz Rice <liz@...> wrote:
Hi Dmitri, here’s a write-up: https://github.com/cncf/toc/blob/master/sigs/cncf-sigs.md 


To everyone: there was a similar-ish question a week or two ago about the roles of user groups, TOC, working groups, SIGs and so on. I wonder if we need a better introductory explanation (illustrated guide, even?) on the main CNCF website? For the TOC parts it could link to the more detailed docs that we maintain on GitHub. 

Liz

On 2 Jul 2019, 17:38 +0100, Dimitri Mitropoulos <dimitri@...>, wrote:
Hi, my name is Dimitri Mitropoulos and I'm an engineer at Weaveworks.

I was talking to my friends the other day about the cool CNCF SIGs that I'd heard mentioned.  Later I tried to find a description of specifically what the SIGs are for.  Where can I find such a thing?

I'm hoping to learn what the ultimate place is of the SIGs in terms of decision making power.  That is to say, do the SIGs make decisions that are then acted upon or do they make informed recommendations that may or may not be accepted by the TOC?

Thanks!


Re: CNCF SIG (and WG) expected deliverables

Sarah Allen
 

Hi Quinton and MIchael,

You are both correct.  SAFE WG started as a group separate from CNCF.  Many early members joined the group with the assumption that the goal of the group was to become a CNCF Working Group. Other members, myself included, thought that was an interesting option, but found value in the group in any case.

Independent of org affiliation, we had planned to deliver a white paper in Q4-18.  We had also planned to publish a micro-site highlighting recordings of presentations, as well as other work streams developing landscape categories, personas and use cases.   We have delivered some documents, but first and foremost, we have formed a community where its members find the work valuable to themselves and their organizations (many of whom are CNCF member companies).  Perhaps we took on too much, certainly we did not predict the additional needs and opportunities that emerged from our prospective CNCF association.

In 2018, the TOC did not speak with one voice.  While Quinton was frustratedly waiting on the white paper, SAFE merged with the Policy WG, which brought with it a Policy White Paper already underway, along with other projects.  The TOC asked us to review in-toto and we started a process of figuring out what our role should be in assessing the security of an open source project.  That effort became the focus of the group for many months, and we heard feedback from multiple TOC members and other stakeholders that the output of this work would serve a critical need for the CNCF, as well as serving a need for many of our members, and so it was prioritized, with explicit approval from Liz, when she was appointed TOC Liaison.  

The TOCs and the SIGs need to increase transparency and communication to avoid such confusions in the future.  The TOC Liaison positions and Amye's role coordinating processes with SIGs and CNCF is a big step forward, yet there is still quite a bit of room for improvement.

Sarah



On Tue, Jul 2, 2019 at 11:09 AM Quinton Hoole <quinton@...> wrote:
Hi Michael

That's not accurate, or at least not my understanding, nor what's documented in the SAFE minutes.

Specifically: The minutes of 2018-04-13 say: 

Agenda:

  • NOTE: Today's session will be primarily focused on preparations for the SAFE WG proposal presentation to the CNCF TOC on 2018-4-17

  • Getting ready for CNCF TOC meeting 2018-4-17, 8am Pacific



It seems that didn't happen until Aug 2018, 3 months later.

It was specifically in that context, that I provided the following feedback and requirements from the TOC, in response to the group's request to the TOC to become a working group (the PR has subsequently been changed substantially and used to for the SIG instead, so be aware of that if you read it).  This was done in Aug and Sept 2018.


For example: Quinton: "I would like us to clearly agree upon the written proposed timeline for delivering artifacts (contained in the charter). Both the SAFE WG, and the Policy WG have been around for a year or more and to my knowledge produced very little yet in the form of concrete outputs (please correct me if I'm wrong here). So I think it is important to produce the proposed artifacts, specifically white papers, within the reasonable timeframe proposed (about a quarter per phase) starting now (i.e. Sept 2018)."

The reply from the group was:

Ultrasaurus: "I agree that dates for deliverables are helpful. We have some in our roadmap and need to fold in new deliverables from merging with Policy WG. Group will pick this up as an activity to be done in the next meeting."

One of the primary deliverables listed in the roadmap is:

Describe the landscape
Define the terminology used in the output documents, and in the community
Describe the current state (landscape) of cloud native security, ...
... common patterns in use today for system that works for cloud-native apps. For example:
Extract end-to-end view of secure access, and
Common layering or a block architecture 

It was scheduled for final delivery in "Q4 2018 - Q1 2019", but this never happened.

I also discussed this in person with Ultrasaurus at KubeCon Seatle in Dec 2018 to clarify, and she assured me at the time that plans were on track as per the above roadmap.

To be clear, this is not a finger-pointing exercise, and it's completely understandable for some target dates to be missed sometimes.
But I think it's equally important to recognise the distinction between poor communication and poor delivery.  

It seems to me that the requirements and expectations here were clearly communicated and understood, but not delivered.

Q

 





On Tue, Jul 2, 2019 at 9:57 AM Michael Ducy <michael.ducy@...> wrote:
The SAFE WG was an independent group (as I always understood it) that was NOT under the auspices of the CNCF or the CNCF TOC until very recently. Over those last 10 months, there's been much debate around "Categories and SIGs" and what they should deliver and that was finalized early this year. SAFE then morphed into SIG-Security a few months ago. 

So you're essentially saying, "I asked for something as a CNCF TOC member from a group that wasn't a CNCF sanctioned working group and they gave me nothing." While it would have been in the best interest of the SAFE WG to produce something, they weren't required to by any means. If I am wrong about the relationship between SAFE and the CNCF prior to them becoming SIG-Security, please correct me.

Now that being said, I do feel like the SIG-Security group should be producing white papers and the like. Specifically I'd like to see:
 - White paper of practical implementation advice
 - Cloud Native Security Landscape (This was something at SAFE had started)
 - Cloud Native Security Trail Map

This is not an exhaustive list as it doesn't included some of the Policy white papers Sarah is interested in producing. 

On Tue, Jul 2, 2019 at 12:27 PM Quinton Hoole <quinton@...> wrote:
A quick follow-up to the discussion in today's TOC meeting regarding being clear about the TOC's expectations of deliverables from SIGs (and working groups).

Here is the discussion I had 10 months ago with the Security group regarding expectations, specifically around delivery of White Papers (github lists me as ghost, due to an unfortunate technical issue).


I think I made it very clear at the time what the TOC expected to be delivered, and the group explicitly undertook to deliver the white papers, but simply has not.

The main reason I bring this up is that I think it's important to draw a clear distinction between lack of communication from the TOC as to what's required, vs repeated lack of delivery thereof by a SIG or working group, as the solutions to the two problems are quite different.

Q

--
Quinton Hoole
quinton@...



--
Quinton Hoole
quinton@...


Re: CNCF SIG (and WG) expected deliverables

Quinton Hoole <quinton@...>
 

Hi Michael

That's not accurate, or at least not my understanding, nor what's documented in the SAFE minutes.

Specifically: The minutes of 2018-04-13 say: 

Agenda:

  • NOTE: Today's session will be primarily focused on preparations for the SAFE WG proposal presentation to the CNCF TOC on 2018-4-17

  • Getting ready for CNCF TOC meeting 2018-4-17, 8am Pacific



It seems that didn't happen until Aug 2018, 3 months later.

It was specifically in that context, that I provided the following feedback and requirements from the TOC, in response to the group's request to the TOC to become a working group (the PR has subsequently been changed substantially and used to for the SIG instead, so be aware of that if you read it).  This was done in Aug and Sept 2018.


For example: Quinton: "I would like us to clearly agree upon the written proposed timeline for delivering artifacts (contained in the charter). Both the SAFE WG, and the Policy WG have been around for a year or more and to my knowledge produced very little yet in the form of concrete outputs (please correct me if I'm wrong here). So I think it is important to produce the proposed artifacts, specifically white papers, within the reasonable timeframe proposed (about a quarter per phase) starting now (i.e. Sept 2018)."

The reply from the group was:

Ultrasaurus: "I agree that dates for deliverables are helpful. We have some in our roadmap and need to fold in new deliverables from merging with Policy WG. Group will pick this up as an activity to be done in the next meeting."

One of the primary deliverables listed in the roadmap is:

Describe the landscape
Define the terminology used in the output documents, and in the community
Describe the current state (landscape) of cloud native security, ...
... common patterns in use today for system that works for cloud-native apps. For example:
Extract end-to-end view of secure access, and
Common layering or a block architecture 

It was scheduled for final delivery in "Q4 2018 - Q1 2019", but this never happened.

I also discussed this in person with Ultrasaurus at KubeCon Seatle in Dec 2018 to clarify, and she assured me at the time that plans were on track as per the above roadmap.

To be clear, this is not a finger-pointing exercise, and it's completely understandable for some target dates to be missed sometimes.
But I think it's equally important to recognise the distinction between poor communication and poor delivery.  

It seems to me that the requirements and expectations here were clearly communicated and understood, but not delivered.

Q

 





On Tue, Jul 2, 2019 at 9:57 AM Michael Ducy <michael.ducy@...> wrote:
The SAFE WG was an independent group (as I always understood it) that was NOT under the auspices of the CNCF or the CNCF TOC until very recently. Over those last 10 months, there's been much debate around "Categories and SIGs" and what they should deliver and that was finalized early this year. SAFE then morphed into SIG-Security a few months ago. 

So you're essentially saying, "I asked for something as a CNCF TOC member from a group that wasn't a CNCF sanctioned working group and they gave me nothing." While it would have been in the best interest of the SAFE WG to produce something, they weren't required to by any means. If I am wrong about the relationship between SAFE and the CNCF prior to them becoming SIG-Security, please correct me.

Now that being said, I do feel like the SIG-Security group should be producing white papers and the like. Specifically I'd like to see:
 - White paper of practical implementation advice
 - Cloud Native Security Landscape (This was something at SAFE had started)
 - Cloud Native Security Trail Map

This is not an exhaustive list as it doesn't included some of the Policy white papers Sarah is interested in producing. 

On Tue, Jul 2, 2019 at 12:27 PM Quinton Hoole <quinton@...> wrote:
A quick follow-up to the discussion in today's TOC meeting regarding being clear about the TOC's expectations of deliverables from SIGs (and working groups).

Here is the discussion I had 10 months ago with the Security group regarding expectations, specifically around delivery of White Papers (github lists me as ghost, due to an unfortunate technical issue).


I think I made it very clear at the time what the TOC expected to be delivered, and the group explicitly undertook to deliver the white papers, but simply has not.

The main reason I bring this up is that I think it's important to draw a clear distinction between lack of communication from the TOC as to what's required, vs repeated lack of delivery thereof by a SIG or working group, as the solutions to the two problems are quite different.

Q

--
Quinton Hoole
quinton@...



--
Quinton Hoole
quinton@...


Re: CNCF SIG (and WG) expected deliverables

Quinton Hoole <quinton@...>
 

Thanks Liz

That definitely explains some of the potential confusion in the past few weeks.  But it's worth noting that the lack of delivery of the white paper dates back much further than that.  See my other message.

Q


On Tue, Jul 2, 2019 at 10:00 AM Liz Rice <liz@...> wrote:
Hi Quinton, 

This is in large part down to me! The chairs asked me for guidance on their priorities at the point where they were formally accepted as a SIG. I suggested focusing on getting some assessments done so we can get some concrete experience of this happening. To my mind this was more pressing, so we could see if/how SIGs can help the TOC scale and cope with the project assessment workload.

On 2 Jul 2019, 17:27 +0100, Quinton Hoole <quinton@...>, wrote:
A quick follow-up to the discussion in today's TOC meeting regarding being clear about the TOC's expectations of deliverables from SIGs (and working groups).

Here is the discussion I had 10 months ago with the Security group regarding expectations, specifically around delivery of White Papers (github lists me as ghost, due to an unfortunate technical issue).


I think I made it very clear at the time what the TOC expected to be delivered, and the group explicitly undertook to deliver the white papers, but simply has not.

The main reason I bring this up is that I think it's important to draw a clear distinction between lack of communication from the TOC as to what's required, vs repeated lack of delivery thereof by a SIG or working group, as the solutions to the two problems are quite different.

Q

--
Quinton Hoole
quinton@...


--
Quinton Hoole
quinton@...


Re: CNCF SIG (and WG) expected deliverables

Liz Rice
 

Hi Quinton, 

This is in large part down to me! The chairs asked me for guidance on their priorities at the point where they were formally accepted as a SIG. I suggested focusing on getting some assessments done so we can get some concrete experience of this happening. To my mind this was more pressing, so we could see if/how SIGs can help the TOC scale and cope with the project assessment workload.

On 2 Jul 2019, 17:27 +0100, Quinton Hoole <quinton@...>, wrote:

A quick follow-up to the discussion in today's TOC meeting regarding being clear about the TOC's expectations of deliverables from SIGs (and working groups).

Here is the discussion I had 10 months ago with the Security group regarding expectations, specifically around delivery of White Papers (github lists me as ghost, due to an unfortunate technical issue).


I think I made it very clear at the time what the TOC expected to be delivered, and the group explicitly undertook to deliver the white papers, but simply has not.

The main reason I bring this up is that I think it's important to draw a clear distinction between lack of communication from the TOC as to what's required, vs repeated lack of delivery thereof by a SIG or working group, as the solutions to the two problems are quite different.

Q

--
Quinton Hoole
quinton@...


Re: CNCF SIG (and WG) expected deliverables

Michael Ducy
 

The SAFE WG was an independent group (as I always understood it) that was NOT under the auspices of the CNCF or the CNCF TOC until very recently. Over those last 10 months, there's been much debate around "Categories and SIGs" and what they should deliver and that was finalized early this year. SAFE then morphed into SIG-Security a few months ago. 

So you're essentially saying, "I asked for something as a CNCF TOC member from a group that wasn't a CNCF sanctioned working group and they gave me nothing." While it would have been in the best interest of the SAFE WG to produce something, they weren't required to by any means. If I am wrong about the relationship between SAFE and the CNCF prior to them becoming SIG-Security, please correct me.

Now that being said, I do feel like the SIG-Security group should be producing white papers and the like. Specifically I'd like to see:
 - White paper of practical implementation advice
 - Cloud Native Security Landscape (This was something at SAFE had started)
 - Cloud Native Security Trail Map

This is not an exhaustive list as it doesn't included some of the Policy white papers Sarah is interested in producing. 

On Tue, Jul 2, 2019 at 12:27 PM Quinton Hoole <quinton@...> wrote:
A quick follow-up to the discussion in today's TOC meeting regarding being clear about the TOC's expectations of deliverables from SIGs (and working groups).

Here is the discussion I had 10 months ago with the Security group regarding expectations, specifically around delivery of White Papers (github lists me as ghost, due to an unfortunate technical issue).


I think I made it very clear at the time what the TOC expected to be delivered, and the group explicitly undertook to deliver the white papers, but simply has not.

The main reason I bring this up is that I think it's important to draw a clear distinction between lack of communication from the TOC as to what's required, vs repeated lack of delivery thereof by a SIG or working group, as the solutions to the two problems are quite different.

Q

--
Quinton Hoole
quinton@...


Re: What is the purpose of the SIGs?

Liz Rice
 

Hi Dmitri, here’s a write-up: https://github.com/cncf/toc/blob/master/sigs/cncf-sigs.md 


To everyone: there was a similar-ish question a week or two ago about the roles of user groups, TOC, working groups, SIGs and so on. I wonder if we need a better introductory explanation (illustrated guide, even?) on the main CNCF website? For the TOC parts it could link to the more detailed docs that we maintain on GitHub. 

Liz

On 2 Jul 2019, 17:38 +0100, Dimitri Mitropoulos <dimitri@...>, wrote:

Hi, my name is Dimitri Mitropoulos and I'm an engineer at Weaveworks.

I was talking to my friends the other day about the cool CNCF SIGs that I'd heard mentioned.  Later I tried to find a description of specifically what the SIGs are for.  Where can I find such a thing?

I'm hoping to learn what the ultimate place is of the SIGs in terms of decision making power.  That is to say, do the SIGs make decisions that are then acted upon or do they make informed recommendations that may or may not be accepted by the TOC?

Thanks!


Re: What is the purpose of the SIGs?

Chris Aniszczyk
 


On Tue, Jul 2, 2019 at 11:38 AM Dimitri Mitropoulos <dimitri@...> wrote:
Hi, my name is Dimitri Mitropoulos and I'm an engineer at Weaveworks.

I was talking to my friends the other day about the cool CNCF SIGs that I'd heard mentioned.  Later I tried to find a description of specifically what the SIGs are for.  Where can I find such a thing?

I'm hoping to learn what the ultimate place is of the SIGs in terms of decision making power.  That is to say, do the SIGs make decisions that are then acted upon or do they make informed recommendations that may or may not be accepted by the TOC?

Thanks!



--
Chris Aniszczyk (@cra) | +1-512-961-6719


What is the purpose of the SIGs?

Dimitri Mitropoulos <dimitri@...>
 

Hi, my name is Dimitri Mitropoulos and I'm an engineer at Weaveworks.

I was talking to my friends the other day about the cool CNCF SIGs that I'd heard mentioned.  Later I tried to find a description of specifically what the SIGs are for.  Where can I find such a thing?

I'm hoping to learn what the ultimate place is of the SIGs in terms of decision making power.  That is to say, do the SIGs make decisions that are then acted upon or do they make informed recommendations that may or may not be accepted by the TOC?

Thanks!


CNCF SIG (and WG) expected deliverables

Quinton Hoole <quinton@...>
 

A quick follow-up to the discussion in today's TOC meeting regarding being clear about the TOC's expectations of deliverables from SIGs (and working groups).

Here is the discussion I had 10 months ago with the Security group regarding expectations, specifically around delivery of White Papers (github lists me as ghost, due to an unfortunate technical issue).


I think I made it very clear at the time what the TOC expected to be delivered, and the group explicitly undertook to deliver the white papers, but simply has not.

The main reason I bring this up is that I think it's important to draw a clear distinction between lack of communication from the TOC as to what's required, vs repeated lack of delivery thereof by a SIG or working group, as the solutions to the two problems are quite different.

Q

--
Quinton Hoole
quinton@...


Re: CNCF TOC Meeting 7/2/2019 Agenda

Erin Boyd
 

Thank you!
Talk to you tomorrow,
Erin


On Mon, Jul 1, 2019 at 6:19 PM Chris Aniszczyk <caniszczyk@...> wrote:
I'll make this more clear but it's easier if we have projects just put forth a formal project proposal and then request a community presentation slot. The barrier is a bit higher to entry to do so but helps us be more organized imho. We will discuss tomorrow.

On Mon, Jul 1, 2019 at 7:15 PM Erin Boyd <eboyd@...> wrote:
Hello TOC,
I have an additional item to add to the backlog (Strimzi):

So there was a transition period for Sandbox last Fall where we decided that they didn't need to do a proposal, just the issue & the presentation. I think that is where this poor project got caught in the changes (as well as Keycloak)

Originally, the process was
1) Open an issue to present
2) Open a PR for the project (more formal / exhaustive)
3) Present at the meeting
4) Get sponsorship (hopefully)

Then it changed to:
1) Open an issue to present
2) Present at the meeting
3) Get sponsorship (hopefully)

These steps were updated and published here:

Sandbox Entry Requirements

  • Require 2 TOC sponsors to enter the sandbox
  • Require presentation to the TOC community twice-a-month meeting
  • Require adherence to CNCF IP Policy (including trademark transferred)
  • Require sandbox projects to list their sandbox status prominently on website/readme\

It was my understanding that the sandbox projects no longer needed to do the full PR as we weren't going to do a due diligence on Sandbox.

Can anyone please clarify the proper process for me?
Thanks,
Erin




On Mon, Jul 1, 2019 at 3:08 PM Chris Aniszczyk <caniszczyk@...> wrote:
We will be meeting tomorrow:


We will cover an update on CNCF SIGs (app delivery), community/project backlog, meeting schedule updates and go over the archiving rkt proposal.

--
Chris Aniszczyk (@cra) | +1-512-961-6719



--

Erin A. Boyd

Senior Principal Software Engineer, OCTO

Red Hat

eboyd@...   



--
Chris Aniszczyk (@cra) | +1-512-961-6719


--

Erin A. Boyd

Senior Principal Software Engineer, OCTO

Red Hat

eboyd@...   


Re: CNCF TOC Meeting 7/2/2019 Agenda

Chris Aniszczyk
 

I'll make this more clear but it's easier if we have projects just put forth a formal project proposal and then request a community presentation slot. The barrier is a bit higher to entry to do so but helps us be more organized imho. We will discuss tomorrow.


On Mon, Jul 1, 2019 at 7:15 PM Erin Boyd <eboyd@...> wrote:
Hello TOC,
I have an additional item to add to the backlog (Strimzi):

So there was a transition period for Sandbox last Fall where we decided that they didn't need to do a proposal, just the issue & the presentation. I think that is where this poor project got caught in the changes (as well as Keycloak)

Originally, the process was
1) Open an issue to present
2) Open a PR for the project (more formal / exhaustive)
3) Present at the meeting
4) Get sponsorship (hopefully)

Then it changed to:
1) Open an issue to present
2) Present at the meeting
3) Get sponsorship (hopefully)

These steps were updated and published here:

Sandbox Entry Requirements

  • Require 2 TOC sponsors to enter the sandbox
  • Require presentation to the TOC community twice-a-month meeting
  • Require adherence to CNCF IP Policy (including trademark transferred)
  • Require sandbox projects to list their sandbox status prominently on website/readme\

It was my understanding that the sandbox projects no longer needed to do the full PR as we weren't going to do a due diligence on Sandbox.

Can anyone please clarify the proper process for me?
Thanks,
Erin




On Mon, Jul 1, 2019 at 3:08 PM Chris Aniszczyk <caniszczyk@...> wrote:
We will be meeting tomorrow:


We will cover an update on CNCF SIGs (app delivery), community/project backlog, meeting schedule updates and go over the archiving rkt proposal.

--
Chris Aniszczyk (@cra) | +1-512-961-6719



--

Erin A. Boyd

Senior Principal Software Engineer, OCTO

Red Hat

eboyd@...   



--
Chris Aniszczyk (@cra) | +1-512-961-6719


Re: CNCF TOC Meeting 7/2/2019 Agenda

Erin Boyd
 

Hello TOC,
I have an additional item to add to the backlog (Strimzi):

So there was a transition period for Sandbox last Fall where we decided that they didn't need to do a proposal, just the issue & the presentation. I think that is where this poor project got caught in the changes (as well as Keycloak)

Originally, the process was
1) Open an issue to present
2) Open a PR for the project (more formal / exhaustive)
3) Present at the meeting
4) Get sponsorship (hopefully)

Then it changed to:
1) Open an issue to present
2) Present at the meeting
3) Get sponsorship (hopefully)

These steps were updated and published here:

Sandbox Entry Requirements

  • Require 2 TOC sponsors to enter the sandbox
  • Require presentation to the TOC community twice-a-month meeting
  • Require adherence to CNCF IP Policy (including trademark transferred)
  • Require sandbox projects to list their sandbox status prominently on website/readme\

It was my understanding that the sandbox projects no longer needed to do the full PR as we weren't going to do a due diligence on Sandbox.

Can anyone please clarify the proper process for me?
Thanks,
Erin




On Mon, Jul 1, 2019 at 3:08 PM Chris Aniszczyk <caniszczyk@...> wrote:
We will be meeting tomorrow:


We will cover an update on CNCF SIGs (app delivery), community/project backlog, meeting schedule updates and go over the archiving rkt proposal.

--
Chris Aniszczyk (@cra) | +1-512-961-6719



--

Erin A. Boyd

Senior Principal Software Engineer, OCTO

Red Hat

eboyd@...   


CNCF TOC Meeting 7/2/2019 Agenda

Chris Aniszczyk
 

We will be meeting tomorrow:


We will cover an update on CNCF SIGs (app delivery), community/project backlog, meeting schedule updates and go over the archiving rkt proposal.

--
Chris Aniszczyk (@cra) | +1-512-961-6719


Conference Transparency Report: KubeCon + CloudNativeCon EU 2019

Chris Aniszczyk
 

Hey all, just to let you know we published the conference transparency report for Barcelona: https://www.cncf.io/blog/2019/07/01/kubecon-cloudnativecon-europe-2019-conference-transparency-report-another-record-breaking-cncf-event/

We will be doing the same for Shanghai within a month or so.

Anyways, we hope to see many of you in San Diego in November, the CFP closes July 12th: https://events.linuxfoundation.org/events/kubecon-cloudnativecon-north-america-2019/cfp/

--
Chris Aniszczyk (@cra) | +1-512-961-6719


Re: new SIG

Frederick Kautz
 

I was a bit confused over all these different types of groups. We have special interest groups, work groups, user groups, technical steering committees, technical oversight committees, not to mention all of the projects within the CNCF and sister organization’s structure brought in through the LFN, LF, Edge, Automotive. While I am not new to the Open Source community, I am new to the CNCF’s organizational structure and find navigating the plethora of group types a bit confusing. 

In short, it would be good to have some description of the groups online that lays all this out declaratively and with minimal toil. :)

My initial thought when I heard this is being formed was that this is a ’telecom industry’ user group, similar to the linux user groups (LUG).

I am a bit surprised that it is defined as an 'end user group', especially when you consider that the TUG is probably 90% vendors at this time. I think this is ok now, as long as the Telecoms are not outshouted by vendors when they describe their needs.

My preference is to maximize collaboration. Let everyone in, let people collaborate, experiment with real code. Together we win because of the diversity of people and talent. The whole community can execute better than any individual company working in isolation.

On Jun 21, 2019, at 2:47 PM, Liz Rice <liz@...> wrote:

Hi Erin, hi Frederick, 

I hope it goes without saying that I’m all for people coming together to collaborate! And there is precedent - for example the group of folks who got together as SAFE has now evolved into SIG-Security. So I don’t think anyone is against a group of people coming together around a common interest, and that group could certainly put together a proposal for a SIG that meets the general objectives of SIGs. (The initial list of proposed SIGs isn’t supposed to be exhaustive). 

But if this set of people are from the TUG already, I’m unclear what it is that they want to do that they can’t do in the TUG? The TUG is pretty new, so maybe there are some creases that need ironing out if the folks in it don’t feel that it’s currently effective and collaborative. Or is the problem that they want to include vendors in the group as well? Or some other line of communication that isn’t currently open?  

To reiterate, I am completely comfortable with anyone coming forward with a proposal to the TOC - I’d just encourage it to be clear about what problems it’s trying to address. 

Liz
On 21 Jun 2019, 21:39 +0100, Erin Boyd <eboyd@...>, wrote:
Hi Liz & Cheryl,
I think what we hope to accomplish from a SIG is a more open dialogue for users/developers to really come together and get work done.
I know there is some concerns over past performance but we believe in part that is due to the siloed nature of the industry. Being an advocate and champion of open source and seeing in its very nature to break down these barriers provides a perfect platform where we can make progress. It also gives a chance for more collaboration across groups that might not commonly interact if they are just members of the TUG.
I feel like at the minimum the members of the TUG whom wish to create a SIG at least are able to come forward to the TOC with a proposal. That would allow everyone to respond in the open their concerns & desires.
Fredrick, please respond if I have misinterpreted your wishes here.
Thanks,
Erin




On Wed, Jun 19, 2019 at 5:10 AM Cheryl Hung <chung@...> wrote:
Hi Frederick,

As Liz said, user groups don't fall under the TOC, and the Telecom and Financial Services groups have grown more or less organically.

Philosophically, end users find it easier to collaborate when discussions aren't open to vendors. This means that the User Groups are not entirely public; the mailing list and meetings are closed, and signing up requires a company email address.

In terms of expectations, the SIGs own specific areas and projects. User groups may produce code, but can also specify requirements which may be implemented in collaboration with different SIGs, projects and domain experts over time. For example, the Financial Services User Group is reaching out to financial regulators and auditors to provide training materials.

Hope this clarifies.

Cheers,
Cheryl



On Tue, Jun 18, 2019 at 9:44 PM Liz Rice <liz@...> wrote:
Actually copying Cheryl this time
On 18 Jun 2019, 22:41 +0200, Liz Rice <liz@...>, wrote:
Hi Erin! My first question would be what the group wants to achieve, and what it is about being a SIG that would help them achieve those goals? 

Hello Frederick! I think the main difference is that CNCF SIGs fall under the stewardship of the TOC whereas end user groups are outside of that. There is information about TOC SIGs here: https://github.com/cncf/toc/tree/master/sigs and I’m copying in Cheryl to answer about user groups (on the assumption that end user groups ~= user groups) 

Liz
On 18 Jun 2019, 19:44 +0200, Amye Scavarda <ascavarda@...>, wrote:
Frederick! Nice to see you!
To answer your question, see:
https://github.com/cncf/toc/blob/master/sigs/cncf-sigs.md
This outlines the overall goals. While it doesn't directly address
user groups, it does outline what the responsibility of a special
interest group is.
-- amye


On Tue, Jun 18, 2019 at 10:32 AM Frederick Kautz <frederick@...> wrote:

I'm relatively new to the organizational structure of the CNCF in regards to user groups vs Sig's. Is someone able to point me to some documentation about the difference between a user group and special interest group?

I wasn't able to find documentation on the definition of a user group.

Closest I could find in the definition was this:

https://lists.cncf.io/g/cncf-toc/message/3193

On Tue, Jun 18, 2019, 08:42 Erin Boyd <eboyd@...> wrote:

Hi TOC,
I have a few users from the TUG who were inquiring about the formation of a SIG for this group instead.
What are everyone's thoughts around this?
Erin


--

Erin A. Boyd

Senior Principal Software Engineer, OCTO

Red Hat

eboyd@...





--
Amye Scavarda | Program Manager, CNCF | amye@...





--
Director of Ecosystem, Cloud Native Computing Foundation


--
Erin A. Boyd
Senior Principal Software Engineer, OCTO

Red Hat



Re: new SIG

Liz Rice
 

Hi Erin, hi Frederick, 

I hope it goes without saying that I’m all for people coming together to collaborate! And there is precedent - for example the group of folks who got together as SAFE has now evolved into SIG-Security. So I don’t think anyone is against a group of people coming together around a common interest, and that group could certainly put together a proposal for a SIG that meets the general objectives of SIGs. (The initial list of proposed SIGs isn’t supposed to be exhaustive). 

But if this set of people are from the TUG already, I’m unclear what it is that they want to do that they can’t do in the TUG? The TUG is pretty new, so maybe there are some creases that need ironing out if the folks in it don’t feel that it’s currently effective and collaborative. Or is the problem that they want to include vendors in the group as well? Or some other line of communication that isn’t currently open?  

To reiterate, I am completely comfortable with anyone coming forward with a proposal to the TOC - I’d just encourage it to be clear about what problems it’s trying to address. 

Liz
On 21 Jun 2019, 21:39 +0100, Erin Boyd <eboyd@...>, wrote:

Hi Liz & Cheryl,
I think what we hope to accomplish from a SIG is a more open dialogue for users/developers to really come together and get work done.
I know there is some concerns over past performance but we believe in part that is due to the siloed nature of the industry. Being an advocate and champion of open source and seeing in its very nature to break down these barriers provides a perfect platform where we can make progress. It also gives a chance for more collaboration across groups that might not commonly interact if they are just members of the TUG.
I feel like at the minimum the members of the TUG whom wish to create a SIG at least are able to come forward to the TOC with a proposal. That would allow everyone to respond in the open their concerns & desires.
Fredrick, please respond if I have misinterpreted your wishes here.
Thanks,
Erin




On Wed, Jun 19, 2019 at 5:10 AM Cheryl Hung <chung@...> wrote:
Hi Frederick,

As Liz said, user groups don't fall under the TOC, and the Telecom and Financial Services groups have grown more or less organically.

Philosophically, end users find it easier to collaborate when discussions aren't open to vendors. This means that the User Groups are not entirely public; the mailing list and meetings are closed, and signing up requires a company email address.

In terms of expectations, the SIGs own specific areas and projects. User groups may produce code, but can also specify requirements which may be implemented in collaboration with different SIGs, projects and domain experts over time. For example, the Financial Services User Group is reaching out to financial regulators and auditors to provide training materials.

Hope this clarifies.

Cheers,
Cheryl



On Tue, Jun 18, 2019 at 9:44 PM Liz Rice <liz@...> wrote:
Actually copying Cheryl this time
On 18 Jun 2019, 22:41 +0200, Liz Rice <liz@...>, wrote:
Hi Erin! My first question would be what the group wants to achieve, and what it is about being a SIG that would help them achieve those goals? 

Hello Frederick! I think the main difference is that CNCF SIGs fall under the stewardship of the TOC whereas end user groups are outside of that. There is information about TOC SIGs here: https://github.com/cncf/toc/tree/master/sigs and I’m copying in Cheryl to answer about user groups (on the assumption that end user groups ~= user groups) 

Liz
On 18 Jun 2019, 19:44 +0200, Amye Scavarda <ascavarda@...>, wrote:
Frederick! Nice to see you!
To answer your question, see:
https://github.com/cncf/toc/blob/master/sigs/cncf-sigs.md
This outlines the overall goals. While it doesn't directly address
user groups, it does outline what the responsibility of a special
interest group is.
-- amye


On Tue, Jun 18, 2019 at 10:32 AM Frederick Kautz <frederick@...> wrote:

I'm relatively new to the organizational structure of the CNCF in regards to user groups vs Sig's. Is someone able to point me to some documentation about the difference between a user group and special interest group?

I wasn't able to find documentation on the definition of a user group.

Closest I could find in the definition was this:

https://lists.cncf.io/g/cncf-toc/message/3193

On Tue, Jun 18, 2019, 08:42 Erin Boyd <eboyd@...> wrote:

Hi TOC,
I have a few users from the TUG who were inquiring about the formation of a SIG for this group instead.
What are everyone's thoughts around this?
Erin


--

Erin A. Boyd

Senior Principal Software Engineer, OCTO

Red Hat

eboyd@...





--
Amye Scavarda | Program Manager, CNCF | amye@...





--
Director of Ecosystem, Cloud Native Computing Foundation


--

Erin A. Boyd

Senior Principal Software Engineer, OCTO

Red Hat

eboyd@...   

4261 - 4280 of 7724