Date   

Call For VOTE -- Graduation criteria

alexis richardson
 

Hi all

I'm calling for a vote on this.  Please scrutinise the Inception criteria with special care.

alexis


On Mon, Nov 14, 2016 at 5:02 AM Dan Kohn via cncf-toc <cncf-toc@...> wrote:
We believe we're Ready to call for a vote on the project graduation criteria. 

Could TOC members and others please add comments to the doc if they have additional concerns. 

_______________________________________________
cncf-toc mailing list
cncf-toc@...
https://lists.cncf.io/mailman/listinfo/cncf-toc


Re: GRPC project proposal

Chris Aniszczyk
 

Thanks Brian! I'll eventually move this to GitHub formally after some community discussion.

Let's leave things open for CNCF wide community discussion this week, with a goal of formally calling a vote early next week.

Thanks again!

On Tue, Nov 29, 2016 at 9:10 PM, Brian Grant via cncf-toc <cncf-toc@...> wrote:
The GRPC project proposal is complete:

https://docs.google.com/document/d/1fM-8mwS6-fqnqO3kYuOcL8L4ETs9Ji5qqmNJM4lOaIo/edit#

The project has already been presented, so I believe the next step is to move to a vote.


_______________________________________________
cncf-toc mailing list
cncf-toc@...
https://lists.cncf.io/mailman/listinfo/cncf-toc




--
Chris Aniszczyk (@cra) | +1-512-961-6719


GRPC project proposal

Brian Grant
 

The GRPC project proposal is complete:

https://docs.google.com/document/d/1fM-8mwS6-fqnqO3kYuOcL8L4ETs9Ji5qqmNJM4lOaIo/edit#

The project has already been presented, so I believe the next step is to move to a vote.


First CNCF Webinar Announced - Jamie Dobson from Container Solutions on 'Cloud Native Strategy'

Mark Coleman <mark@...>
 

TOC Members,

I would appreciate your support in sharing this webinar with your companies, clients and communities:


Kicking off with a busy webinar will help to gain traction for the rest of the series.

Any questions, let me know. Thanks in advance.
--
Mark Coleman

T. +31 652134960


CFP: Devrooms at FOSDEM 2017 (closes Nov 26th)

Chris Aniszczyk
 

Just a friendly reminder that we are sponsoring FOSDEM next year and have two devrooms led by community members: https://www.cncf.io/event/fosdem-2017

They have an open CFP atm: https://goo.gl/forms/bbfCH14ido5kMD4H3

Also, feel free to tweet away:

I hope to see some of you in Brussels next year!

--
Chris Aniszczyk (@cra) | +1-512-961-6719


Re: meet at Re:invent?

Eduardo Silva
 

FYI: Treasure Data (Fluentd) will be at re:Invent and will host an after-party at Tao Night Club (best club in Last Vegas). TD is extending the invitation to CNCF members, if you are interested into participate, please register your self in the following link:

  https://www.eventbrite.com/e/aws-reinvent-tao-after-party-tickets-27396529758

regards,


On Wed, Nov 16, 2016 at 3:31 PM, Mark Brandon via cncf-toc <cncf-toc@...> wrote:
The Supergiant/Qbox team will be at re:invent in force.  

Mark Brandon   CEO and Co-Founder, Qbox, Inc.
photoEmail:mailto:mark@...
Website:http://qbox.io/
  

On November 16, 2016 at 10:41:51 AM, Kenneth Owens (kenowens) via cncf-toc (cncf-toc@...) wrote:

I do not plan to be there but can adjust if required.

 


Kenneth Owens
CTO
kenowens@...
Tel: +1 408 424 0872
Cisco Systems, Inc.
16401 Swingley Ridge Road Suite 400
CHESTERFIELD
63017
United States
cisco.com


Think before you print.
This email may contain confidential and privileged material for the sole use of the intended recipient. Any review, use, distribution or disclosure by others is strictly prohibited. If you are not the intended recipient (or authorized to receive for the recipient), please contact the sender by reply email and delete all copies of this message.
Please click here for Company Registration Information.


-----Original Message-----
From: cncf-toc-bounces@... [mailto:cncf-toc-bounces@lists.cncf.io] On Behalf Of Alexis Richardson via cncf-toc
Sent: Wednesday, November 16, 2016 4:33 AM
To: Alexis Richardson via cncf-toc <cncf-toc@...>
Subject: [cncf-toc] meet at Re:invent?

Will there be enough of us at Re:invent to justify a f2f attempt?
_______________________________________________
cncf-toc mailing list
cncf-toc@...
https://lists.cncf.io/mailman/listinfo/cncf-toc
_______________________________________________
cncf-toc mailing list
cncf-toc@...
https://lists.cncf.io/mailman/listinfo/cncf-toc

_______________________________________________
cncf-toc mailing list
cncf-toc@...
https://lists.cncf.io/mailman/listinfo/cncf-toc




--
Eduardo Silva
Open Source, Treasure Data
http://www.treasuredata.com/opensource

 


Does anyone have any extra Re/Invent tickets?

Chenxi Wang
 

Sorry for the mass mailing, but we are looking for a few more Re/Invent tickets if anyone has any to spare.

Thanks!

--
Chenxi Wang, Ph.D.
Chief Strategy Officer, Twistlock
@chenxiwang
+1.650.224.7197


Re: meet at Re:invent?

Mark Brandon
 

The Supergiant/Qbox team will be at re:invent in force.  

Mark Brandon   CEO and Co-Founder, Qbox, Inc.
photoEmail:mailto:mark@...
Website:http://qbox.io/
  

On November 16, 2016 at 10:41:51 AM, Kenneth Owens (kenowens) via cncf-toc (cncf-toc@...) wrote:

I do not plan to be there but can adjust if required.

 


Kenneth Owens
CTO
kenowens@...
Tel: +1 408 424 0872
Cisco Systems, Inc.
16401 Swingley Ridge Road Suite 400
CHESTERFIELD
63017
United States
cisco.com


Think before you print.
This email may contain confidential and privileged material for the sole use of the intended recipient. Any review, use, distribution or disclosure by others is strictly prohibited. If you are not the intended recipient (or authorized to receive for the recipient), please contact the sender by reply email and delete all copies of this message.
Please click here for Company Registration Information.


-----Original Message-----
From: cncf-toc-bounces@... [mailto:cncf-toc-bounces@...] On Behalf Of Alexis Richardson via cncf-toc
Sent: Wednesday, November 16, 2016 4:33 AM
To: Alexis Richardson via cncf-toc <cncf-toc@...>
Subject: [cncf-toc] meet at Re:invent?

Will there be enough of us at Re:invent to justify a f2f attempt?
_______________________________________________
cncf-toc mailing list
cncf-toc@...
https://lists.cncf.io/mailman/listinfo/cncf-toc
_______________________________________________
cncf-toc mailing list
cncf-toc@...
https://lists.cncf.io/mailman/listinfo/cncf-toc


CNCF K8s certification workgroup first meeting in SF 12/8-9 & 12/14-15

Dan Kohn <dan@...>
 

You may have heard that CNCF is launching a curriculum development, training and certification initiative for Kubernetes that was announced at CloudNativeCon last week.

If you are interested in following developments, please join the certification working group mailing list. If you are interested in participating in developing the certification exam (and particularly if you are aiming to be in the initial class of Kubernetes Managed Service Providers), please try to send a representative (who is an expert in Kubernetes) to the first two working group meetings, which will be at the Linux Foundation's San Francisco offices in the Presidio, from 9 AM to 5 PM on December 8/9th and 14/15th.

The focus of the first 2 days will be to conduct a Job Task Analysis (JTA) in order to determine what skills/knowledge/abilities a certified candidate should be able to demonstrate. The outcome of the JTA will be the exam "blueprint". The blueprint of topics for the Linux Foundation Certified System Administrator exam shows the kind of material we'll be aiming to produce for public consumption. Once this is done, any interested training provider will be able to develop material that adequately prepares candidates to succeed on the exam.

The second 2 day session will focus on writing the certification exam items which will test the blueprint elements. The entire process will be facilitated by the LF's psychometrician to ensure we leave with the right content so they can immediately move into programming and testing the exam items. We'd like all workshop participants to take an existing LF exam so they can test drive the overall process prior to the 8th.

More details will be sent to the certification mailing list shortly, so please sign up there.
--
Dan Kohn <mailto:dan@...>
Executive Director, Cloud Native Computing Foundation <https://cncf.io/>
tel:+1-415-233-1000


Re: meet at Re:invent?

Kenneth Owens (kenowens) <kenowens@...>
 

I do not plan to be there but can adjust if required.

 


Kenneth Owens
CTO
kenowens@...
Tel: +1 408 424 0872
Cisco Systems, Inc.
16401 Swingley Ridge Road Suite 400
CHESTERFIELD
63017
United States
cisco.com


Think before you print.
This email may contain confidential and privileged material for the sole use of the intended recipient. Any review, use, distribution or disclosure by others is strictly prohibited. If you are not the intended recipient (or authorized to receive for the recipient), please contact the sender by reply email and delete all copies of this message.
Please click here for Company Registration Information.

-----Original Message-----
From: cncf-toc-bounces@... [mailto:cncf-toc-bounces@...] On Behalf Of Alexis Richardson via cncf-toc
Sent: Wednesday, November 16, 2016 4:33 AM
To: Alexis Richardson via cncf-toc <cncf-toc@...>
Subject: [cncf-toc] meet at Re:invent?

Will there be enough of us at Re:invent to justify a f2f attempt?
_______________________________________________
cncf-toc mailing list
cncf-toc@...
https://lists.cncf.io/mailman/listinfo/cncf-toc


Re: DRAFT agenda for TOC call today

alexis richardson
 


On Wed, Nov 16, 2016 at 9:38 AM Alexis Richardson <alexis@...> wrote:
Hi all,

Some logistical issues with google docs mean that I'm posting the
draft agenda as below.  Slides will land just before the meeting.

a





Projects:

- Welcome Fluentd + link to Blog Post

https://www.cncf.io/blog/2016/11/09/fluentd-joins-cloud-native-computing-foundation


New Project Proposals:

 * Please can we invite gRPC & Linkerd to make written proposals

   → Let's have a show of hands on the call

   → Need sponsors

 * Next meeting (not today) - Pachyderm will present


Ref Arch & Landscape:

- (Voted!) Big thanks to Ken & co.

- Please use the Ref Arch.

Example - (with Redpoint) Landscape picture - show 0.92


Review of last week

- Kubecon & CNCon & PromDay highlights

- Lessons learnt

- Alexis TOC blog post:
https://www.cncf.io/blog/2016/11/08/cloud-native-software-can-trust

- I like Bryan's point about Literacy here

 http://www.techrepublic.com/article/silicon-valley-cto-explains-why-trump-happened/


(Dan & Chris) Exec Director's update:

- Launch of Certification & why we need this & link to blog post

https://www.cncf.io/blog/2016/11/08/cncf-partners-linux-foundation-launch-new-kubernetes-certification-training-managed-service-provider-program

- DCO & CLA plans

- Other GB updates


(Dan & Chris) Future Meetings & Events

- Dates for Tahoe meetup + why to attend (if you can & want to)

- Dates for Kubecon/CNCon 2017 please


Special Projects -

- Last call: Graduation Criteria

- Governance: Matt Proud

- CNCF CI

- Cloud Native Patterns & Example Apps: JJ

- Architecture: Ken, Doug, ..


AOB

- Cancel Dec 21st


meet at Re:invent?

alexis richardson
 

Will there be enough of us at Re:invent to justify a f2f attempt?


Re: Draft graduation criteria

alexis richardson
 

Hi all,

We can talk about this on the call, but the main point is "it feels
like we are close". I propose to keep the doc open for comment for
another 10-11 days and kick off a vote, if possible, around 27 Nov.

alexis




On Mon, Nov 14, 2016 at 1:02 PM, Dan Kohn via cncf-toc
<cncf-toc@...> wrote:
We believe we're Ready to call for a vote on the project graduation
criteria.

Could TOC members and others please add comments to the doc if they have
additional concerns.

https://docs.google.com/document/d/1l6e-hW7C3S6xJjGn47hUKKxeFBxiamAK7kn5efSryxY
--
Dan Kohn <mailto:dan@...>
Executive Director, Cloud Native Computing Foundation <https://cncf.io>
tel:+1-415-233-1000

_______________________________________________
cncf-toc mailing list
cncf-toc@...
https://lists.cncf.io/mailman/listinfo/cncf-toc


DRAFT agenda for TOC call today

alexis richardson
 

Hi all,

Some logistical issues with google docs mean that I'm posting the
draft agenda as below. Slides will land just before the meeting.

a





Projects:

- Welcome Fluentd + link to Blog Post

https://www.cncf.io/blog/2016/11/09/fluentd-joins-cloud-native-computing-foundation


New Project Proposals:

* Please can we invite gRPC & Linkerd to make written proposals

→ Let's have a show of hands on the call

→ Need sponsors

* Next meeting (not today) - Pachyderm will present


Ref Arch & Landscape:

- (Voted!) Big thanks to Ken & co.

- Please use the Ref Arch.

Example - (with Redpoint) Landscape picture - show 0.92


Review of last week

- Kubecon & CNCon & PromDay highlights

- Lessons learnt

- Alexis TOC blog post:
https://www.cncf.io/blog/2016/11/08/cloud-native-software-can-trust

- I like Bryan's point about Literacy here

http://www.techrepublic.com/article/silicon-valley-cto-explains-why-trump-happened/


(Dan & Chris) Exec Director's update:

- Launch of Certification & why we need this & link to blog post

https://www.cncf.io/blog/2016/11/08/cncf-partners-linux-foundation-launch-new-kubernetes-certification-training-managed-service-provider-program

- DCO & CLA plans

- Other GB updates


(Dan & Chris) Future Meetings & Events

- Dates for Tahoe meetup + why to attend (if you can & want to)

- Dates for Kubecon/CNCon 2017 please


Special Projects -

- Last call: Graduation Criteria

- Governance: Matt Proud

- CNCF CI

- Cloud Native Patterns & Example Apps: JJ

- Architecture: Ken, Doug, ..


AOB

- Cancel Dec 21st


Re: Security policies for Kubernetes

Brian Grant
 

+mohr

If you have feedback on the kubernetes proposal, please do provide that feedback on the doc or on the issue.

On Thu, Nov 10, 2016 at 10:05 AM, Nicko van Someren via cncf-toc <cncf-toc@...> wrote:
Hi Alexis,

Thanks for that. I read through the Google Doc and added some comments.

One thing I think would be valuable to include in the security process is for there to be a broadcast mail to some 'announce' mailing list in advance of patches to high severity issues, indicating that a critical patch is imminent, with an expected release date but without full details of the issue. For large users with big IT infrastructure it may be necessary to schedule extra staff to install urgent patches quickly and having advanced notice of when this will be necessary is very helpful. Projects like OpenSSL usually send these out three days before security-critical releases (see https://goo.gl/BzElRC for examples).

Cheers,
Nicko









On Thu, Nov 10, 2016 at 10:26 AM, Alexis Richardson <alexis@...> wrote:
+nicko

On Thu, Nov 10, 2016 at 5:21 PM, Dan Kohn via cncf-toc <cncf-toc@...> wrote:
There was a question at the Kubernetes panel Monday night about how to handle security reports now that Kubernetes is a CNCF rather than a Google project.

Brandon Phillips seems to have already gotten a good start on this at https://github.com/kubernetes/kubernetes/issues/35462 and in the linked Google Doc.

I presume he and Sarah Novotny will let CNCF staff know if they want any CNCF-hosted mailing lists or other infrastructure.

But I wanted to flag this publicly in case anyone on the TOC list wanted to chime in. I'm also cc'ing Greg KH, in case he might want to add any comments about the kernel security process.
--
Dan Kohn <mailto:dan@...g>
Executive Director, Cloud Native Computing Foundation <https://cncf.io/>
tel:+1-415-233-1000

_______________________________________________
cncf-toc mailing list
cncf-toc@...
https://lists.cncf.io/mailman/listinfo/cncf-toc





--
Nicko van Someren
CTO, Linux Foundation


_______________________________________________
cncf-toc mailing list
cncf-toc@...
https://lists.cncf.io/mailman/listinfo/cncf-toc



Re: Security policies for Kubernetes

Brandon Philips <brandon.philips@...>
 

Thanks Dan. I plan on pushing more on this post-KubeCon. Hopefully get PRs up against the documentation in the coming days.

I will take this discussion under advisement but I think there are some clear people and process things we can get right before bike-shedding on disclosure process.

Cheers,

Brandon

On Thu, Nov 10, 2016 at 9:21 AM Dan Kohn <dan@...> wrote:
There was a question at the Kubernetes panel Monday night about how to handle security reports now that Kubernetes is a CNCF rather than a Google project.

Brandon Phillips seems to have already gotten a good start on this at https://github.com/kubernetes/kubernetes/issues/35462 and in the linked Google Doc.

I presume he and Sarah Novotny will let CNCF staff know if they want any CNCF-hosted mailing lists or other infrastructure.

But I wanted to flag this publicly in case anyone on the TOC list wanted to chime in. I'm also cc'ing Greg KH, in case he might want to add any comments about the kernel security process.
--
Dan Kohn <mailto:dan@...>
Executive Director, Cloud Native Computing Foundation <https://cncf.io/>
tel:+1-415-233-1000


Draft graduation criteria

Dan Kohn <dan@...>
 

We believe we're Ready to call for a vote on the project graduation criteria. 

Could TOC members and others please add comments to the doc if they have additional concerns. 


Re: Security policies for Kubernetes

Nicko van Someren <nicko@...>
 

I mailed a few of the OpenSSL team to ask them about this. Here's the reply from Rich Salz:

I’m not sure what greg heard, maybe it was well into the number of beers?

 

It’s not that we’re opposed, it’s that it is difficult.  We think we’re doing the right thing, and in Munich we made some tweaks but reconfirmed our plans.


I hope that clarifies things.


Cheers,

Nicko



On Thu, Nov 10, 2016 at 12:21 PM, Nicko van Someren <nicko@...> wrote:
That's interesting feedback. I was speaking to the VP of infrastructure at a major bank last week and he said that having a heads up from OpenSSL helps him hugely and he wished that more projects did it. I also had a request from one of the CII members asking for the same thing. Who in the OpenSSL team felt it didn't work? I would be interested to know what problems they find with this.

Cheers,
Nicko

On Thu, Nov 10, 2016 at 12:17 Greg KH <gregkh@...> wrote:
On Thu, Nov 10, 2016 at 11:05:01AM -0700, Nicko van Someren wrote:
> One thing I think would be valuable to include in the security process is for
> there to be a broadcast mail to some 'announce' mailing list in advance of
> patches to high severity issues, indicating that a critical patch is imminent,
> with an expected release date but without full details of the issue. For large
> users with big IT infrastructure it may be necessary to schedule extra staff to
> install urgent patches quickly and having advanced notice of when this will be
> necessary is very helpful. Projects like OpenSSL usually send these out three
> days before security-critical releases (see https://goo.gl/BzElRC for
> examples).

I think you might want to reconsider that, as over beers, the OpenSSL
team says that this type of thing really doesn't work and just causes
more problems...

But hey, remember that I'm on a project that does weekly releases
without telling anyone what the security fixes we made in them were, so
what do I know? :)

thanks,

greg k-h



--
Nicko van Someren
CTO, Linux Foundation
+1 (978) 821-0391


Re: Security policies for Kubernetes

Greg KH <gregkh@...>
 

On Thu, Nov 10, 2016 at 12:41:46PM -0700, Nicko van Someren wrote:
It's also worth noting that precisely because the Linux kernel team put out a
release every single week the scheduling of IT resources for deployment is not
a problem. People know in advance when your releases are going to drop. It is
more valuable to have the advanced notice if you don't have a highly regular
delivery schedule.
Ah, but I don't, I'm a horrible release maker. I did 3 releases 2 weeks
ago, none last week, and then one this week. Or was it one last week, I
can't remember... And all were on different days of the week, with no
apparent reasoning behind when each is made[1] (some came later than
announced, some earlier, and one with no announcement at all, and this
was just the past 3 weeks.)

So no, no one knows when our stable kernel releases are going to happen,
heck, I don't even know that :)

sorry,

greg k-h

[1] - It's my travel schedule that drives most of it, combined with when
security bugs are found and fixed in Linus's tree, which happen
unexpectedly as expected, or when embargos leak early, as happened
with DirtyC0w[2].

[2] - DirtyC0w is proof that even when everything goes right on the
project's security team side (kernel team was properly notified of
problem in the wild, fix was found, backports to all relevant
kernels were made and tested, embargo was planned, distros were
notified ahead of time), it's really up to the other groups you
notify to not mess up in order to keep it all together, which
failed horribly here (embargo was leaked to the public from a
distro, random companies knew there was a pending problem weeks
early due to a different leak, competing OS team decides to make
fun of the situatation and make a web site, etc.). So I'm really
all for not telling _anyone_ outside of the project's team about
security issues, as it always seems to go wrong.


Re: Security policies for Kubernetes

Nicko van Someren <nicko@...>
 

On Thu, Nov 10, 2016 at 2:57 PM, Greg KH <gregkh@...> wrote:
​...​

Users might get warm and fuzzies thinking that this is the only time
they need to update, but really, they should be updating all the time.
Announcing it ahead of time really doesn't help companies fix their
infrastructure problems properly.

​I don't disagree but in the absence of a highly regular release cadence, or in the case of an out-of-cycle release, it is still valuable to know when a new​ release is coming.

But that's my comments, and not the OpenSSL's teams comments, I can't
recall their exact reasons.  I suggest talking to them at their next
hackfest about it to get all of the details.

​I will do. Thanks for raising the issue.

Cheers,
Nicko​


--
Nicko van Someren
CTO, Linux Foundation
+1 (978) 821-0391

6701 - 6720 of 7197