Stefan Schimanski

multicluster-runtime provider that watches kubeconfig secrets in a namespace and dynamically engages controllers 🚀 github.com/kubernetes-sig…

AI creates PR (on my machine). I review. Can I approve? What does the Github/lab netiquette say?

After a little operational hickup where the app got deleted and GitOps eventually recreated everything, OH: "I only wish that the db would have been also deleted to test backups"

This costed me a day and a half: When watching via Golang types in controller-runtime, but use unstructured when reading from the cache, you are in trouble. Of course, 2 informers are run and they are not consistent aka events arrive and you don't see the changes in the cache.

Linter.

The real planning tool is gdocs. Jira is an asynchronous replica. Mostly out of date. Never consistent.

Jira must be disrupted. Please.

PRDs are conversation starters not specification documents. Amen 🙏 😍

„directly share“ in @LinkedIn irritates me every single time. It‘s a dishonest term. It really means „shared with network“ and NOT directly with you. Pure clickbait.

Talking about critical path. MVP is the spiritual successor in a less plannable environment. Visibility of necessary focus is what they have in common.

Yes exactly, we have a runtime that starts the actual pods inside another container (the vNode) that uses linux user namespaces, seccomp filters and sysfs/procfs to pretend to be a real node to the inner pod(s)

@the_sttts so the idea of vNode is not to run a separate kubelet (although you could), instead it wraps and starts the pods of the vCluster in a separate linux user namespace, similar to how the pod sandbox does that with the network namespace