Mike Zappa

@joestringer that sounds great. I wanted to sync up with you at kubecon about this. How about I reach out to you via slack?

> @MikeZappa87 Are you still working on this CFP? Hello, we are in the design/poc phase of this

> I actually wonder a bit. Just stumpled over: https://www.solo.io/blog/kubernetes-identity-the-right-way-with-spire-and-ambient Solo has spire integration with the enterprise version of ztunnel. I am currently putting together a github issue in ztunnel...

> The latest update (approx. 3 weeks ago) is that the Istio community is looking at various alternative approaches before making a decision. One of them being leveraging CAP_SYS_ADMIN to...

@AkihiroSuda I started a slack thread in sig-node for this.

@mikebrow does it make sense to have another function similar to https://github.com/containerd/containerd/blob/59c8cf6ea5f4175ad512914dd5ce554942bf144f/pkg/oci/spec.go#L118 That is specific for K8s and can be set in the containerd configuration? Idea ---->: defaultK8sUnixCaps() I remember...

>  > > We did miss this change for 2.0. Any breaking change is going to require us to figure out how to help users upgrade. > > >...

@sathieu i would love to! However I haven’t been able to convince the necessary people :-/

Hashicorp pulls in go-cni for nomad. Can we position our license to say they can no longer use it? Or larger to say you cannot use the CNI at all?

My main concern with this is if we are making it harder to troubleshoot any issues between containerd->shim->runhcs