►
From YouTube: Envoy Community Meeting - 2019-07-30
Description
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
B
A
C
A
Yeah
well,
I
I.
Don't
have
much
data
about
this,
probably
Harvey
you,
you
might
have
better
info
but,
like
I
said,
chrome
have
switch
to
live
C++
one
and
half
year
ago,
ish,
something
like
that
last
year.
January
is
timing
and
also
I
think
the
Android
years
to
live,
suppress
pass
for
the
Android
NDK
stuff
about
server
side.
I.
Don't
have
really
have
much
idea
from
there.
I
know
some
BSD
rec,
open,
BSD,
probably
use
that
by
default
fish.
That's
so
far,
right
now,
okay,.
B
Yeah
I
mean
it
would
make
me
feel
a
little
more
comfortable
like
if
we,
if
we
knew
that
there
was
a
little
more
server
side
use
I
guess
my
question
is:
is:
do
we
think
that
we're
gonna
be
changing
things
such
that
once
we
switch,
we
won't
be
able
to
switch
back
or
or
or
like?
Will
a
user
still
be
able
to
compile
against
GCC
standard
library,
I
think.
A
B
Okay,
this
is
probably
a
good
time,
there's
a
there's,
an
issue
that
I
opened,
which
I
will
link
to,
but
one
of
the
things
that
I
I
do
want
to
start
thinking
about
its
whether
we
want
to
have
both
multiple
images.
Multiple
you
know
like
so
basically,
we'd
have
a
you
know,
kitchen
sink
image
with
every
extension,
and
then
we
would
have
a
like
a
normal
or
a
light
version,
or
something
that
has
extensions
that
we
feel
that
you
know
people
would
reasonably
use.
B
C
B
B
Think
you're
right,
but
but
the
problem
here-
and
this
is
this-
is
actually
partly
coming
from
Google
but
partly
coming
from
other
providers
is
for
products
like
traffic
director
or
app
mash
or
other
situations.
There's
actually
a
desire
to
be
able
to
bring
a
quote
stock
envoy
right
like
take.
Take
the
public,
docker
image
and
just
have
it
run,
and
our.
B
To
be
clear,
I,
don't
I,
don't
have
any
answers
here
like
this
is
this
is
an
open
discussion.
I
was
just
suggesting
that,
if
we're
starting
to
take
the
stance-
which
I
think
is
for
now,
that
extensions
are
like
drivers
and
we're
gonna
allow
drivers
in
from
all
kinds
of
different
providers,
some
of
which
you
know,
people
won't
care
about.
B
Do
we
continue
to
build
and
ship
everything
in
our
public
sanction
image,
and
it
just
it
occurred
to
me
that,
if
we're
going
to
start
doing
multiple
images,
potentially
for
like
a
lib
C++
and
like
GCC
standard
library,
is
this
an
opportunity
to
start
thinking
about
multiple
SKUs
of
public
images?
That's
all!
Okay!.
C
So
my
personal
take-
and
this
is
I'm-
not
speaking
for
Google
I'm
speaking
for
my
area,
like
as
an
what
maintainer
it's
you
know,
either
I
feel
we're
in
the
business
of
doing
binary
distributions,
and
we
should
do
a
good
job
at
that,
and
that
involves
you
know,
building
and
qualifying
and
testing
on
multiple
platforms.
You
know
with
all
this
kind
of
stuff,
or
we
should
respect.
We
should
never
actually
even
have
a
docker
image
at
all.
It's
a
binary
and
I
did
not
make
this
the
de
facto
and
general
distribution.
C
B
I
definitely
hear
you
I,
don't
think
that's
gonna
fly
I
mean
there's,
there's
already
plenty
of
rage
that
you
know
we
don't
ship
binary,
Zinn,
every
possible
thing
and
I
think
this
get
Envoy
thing
from
tat
rate
certainly
helps
we
like
we
don't
we
don't.
We
don't
need
to
harp
on
this
and
again
I'm
curious
to
hear
what
other
folks
think
also,
but
it
just
seems
like
eventually,
we
need
to
figure
out
what
to
do
with
our
official
images
in
terms
of
whether
we
continue
to
ship
every
possible
extension.
So.
C
Here's
a
question
so
like
CN,
CF,
they'd,
actually
fund
things
which
are,
you
know
very
useful,
to
make
an
open
source
worker
for
the
community
and
but
on
things
that
you
know
necessarily.
You
know
the
core
developers
work
on
like,
for
example,
CI
is
an
example
with
binary
distributions
for
in
that
category,
can
they
pay
contractors
or
someone
to
actually
do
this
for
us,
and
you
can
manage
that
part
of
our
I?
C
A
E
E
A
Right,
that's
what
dynamical
T
does
I
think,
because
the
api
compatibility
we
have
here
it
yeah
for
sure
breaks
the
existing
user
stuff
that
have
you
have
you
reached
out
to
Ryan
burns
are
fine.
I
say
sit
that
issue
no
issue
ad,
not
contact
him
other
than
that.
Okay,
like
a
lecture
switcher,
is
not
only
the
for
the
opens
tracing
issue.
We
have
not
for
motivation
to
do
that.
Switch.
B
Okay,
maybe
just
on
that
open
tracing
issue,
do
you
want
to
just
either
ping
me
on
slack
or
send
me
an
email
and
I
can
add
Ryan
burns,
and
we
can
just
see
if
we
can
get
that
never
really
fixed.
We
should
just
do
that
either
way.
I
said
on
that
issue.
Okay,
well,
I'm,
just
saying
he
might
not
be
checking
github
but
yeah,
it
might
might
work
better
over
email.
E
A
E
F
B
Okay
well,
yeah
I
mean
again
I,
don't
I,
don't
have
any
objection
to
the
lip
C++
change.
I
would
just
love
to
learn
a
little
more
about
what.
E
B
B
B
Cool
does
anyone
have
any
more
stuff
on
that.
B
Okay,
I
was
gonna
briefly
talk
about
the
the
regex
issue,
since
it
was
already
open
publicly
and
there's
some
things
that
I
I
don't
want
to
chat
about
any
any
objection
to
talking
about
that.
B
So
for
people
out
there
there's
an
issue
open
I
can
link
the
issue
into
the
dock,
where
some
fairly
simplistic
regex
causes
envoy
to
boom
with
large
input,
and
it
basically
has
to
do
with
the
fact
that
the
standard
C++
reg
X
implementation.
It
has
some
kind
of
recursive
memory,
Hawkin
implementation.
So
this
kicked
off
a
long
discussion
internally
within
the
maintainer
z--
and
the
security
team.
B
As
to
whether
you
know
this,
should
we
should
count
this
as
a
CV
and
do
it
in
private,
and
since
the
issue
was
already
open
and
there's
already
warnings
in
the
docs
about
reg
X
is
being
very
risky.
We
decided
to
do
basically
like
a
public
security
issue,
so
what
I
am
working
on
right
now
is
I'm,
basically
going
through
particularly
the
routing
API
and
looking
at
everywhere
that
we
use
reg,
X
and
I'm.
B
Looking
at
the
Google
v2
library,
which
is
designed
for
untrusted
input
and
at
least
as
the
documentation
says,
is
supposed
to
execute
in
linear
time
and
safe,
safe
amounts
of
memory,
no
matter
what
the
input
string
length
is
so
anyway,
so
I've
been
looking
at
that
and
I've
been
looking
at,
introducing
some
new
abstractions
and
to
Envoy
to
hide
the
actual
reg
X
engine
and
implementation
for
most
of
the
code,
so
that
if
later
we
decide
to
do
something
different
than
redo,
we
can.
We
can
swap
it
out.
B
The
one
thing
that
I
was
looking
at,
which
I
was
I,
am
a
Josh
about,
is
that
I
was
trying
to
see
if
I
could
replace
most
of
the
uses
of
standard
read
Jack
with
Ritu
and
I
think
this
has
already
been
brought
up,
but
there
the
the
Ritu
API,
is
a
lot
simpler
than
what
standard
regex
supplies
and
there
are
some
pretty
complicated
use
cases
and
in
like
the
stats
tag
extraction
code
that
I,
don't
think
Ritu
is,
is
probably
ever
going
to
be
able
to
do
so.
B
My
current
assessment
is
that
we're
probably
never
going
to
be
able
to
get
rid
of
standard
regex,
at
least
in
certain
parts
of
the
code
where
we
have
trusted
input
and
trusted
reg
X's,
but
I'll
do
what
I
can
for
the
untrusted
part.
So
that's
that
that's
the
current
situation,
I'm
working
on
that
right
now,
yeah
does.
Does
that
make
sense
to
you,
Josh
yeah.
E
But
I
do
remember
that
I
had
a
goal
of
getting
write,
rewrite
access
from
that
time.
Extraction
code
entirely
yeah
and
I
had
gotten
about
95%
of
the
way
there,
but
the
technique
that
I
was
using
couldn't
handle
a
couple
of
the
forms,
and
so
I
would
have
liked
to
strategy.
Isn't
it
didn't
seem,
and
it
seems
like
with
a
bunch
of
other
hacks
I
got
like
two
seconds
startup
time
on
10,000
clusters,
which
I
thought
was
kind
of
good
enough,
so
I
just
looked
yeah.
C
C
B
B
C
A
B
All
them
is
just
that
we're
gonna
have
to
end
up
deprecating
a
bunch
of
fields
and
I
actually
have
another
question
for
the
group,
which
is
because
Ritu
will
not
support.
All
of
the
regex
is
that
standard
regex
dialect
supports
I,
actually
I'm
questioning
whether
we
should
deprecated
the
old
field
or
just
have
some
kind
of
warning
and
stat
that
basically
warns
people
that
they're
using
and
unsafe
reg
X,
and
then
they
can
have
a
config
to
like
turn
off
the
warning
or
if
we
should
fully
deprecated.
B
A
E
E
A
H
B
B
But
but
I
guess
what
do
people
feel
about?
Should
we
like
on
the
public
API
perspective,
should
we
fully
deprecated
the
config
that
effectively
uses
standard,
reg
X,
or
should
we
still
allow
it,
but
but
warned
or
like
how
that
be
part
of
our
linter
like
I,
could
see
both
arguments
I
mean
my
gut
tells
me
to
deprecate,
and
still
someone
like
you
know,
complains
very
loudly
just
because
it's
unsafe
but
I'm
not
sure.
If
people
have
thoughts
there.
B
It's
more
it's
more,
though,
that
given
all
the
work
that
ELISA
has
done
with
the
stats
and
the
warnings
and
stuff
like
that,
there
are
people
now
that
are
trying
to
run
like
deprecation
learning
clean.
So
you
know
if
they
start
seeing
in
deprecation,
they're,
probably
gonna
notice
and
then
they're
gonna
possibly
complain
about
it.
So
I
think
that's
the
case
in
which,
hopefully
they
would
tell
us
if
they
absolutely
cannot
move
to
the
reetou
dialect.
I
B
D
E
B
C
Mean
currently
what
guarantees
are
we
making
to
our?
You
know
users
always
saying
no
matter
whatever
you
put
in
there
it's
safe
for
if
you
happen
to
write
right,
which
my
cooking
operator
and
you
know
probably
be
safe,
but
otherwise
it
won't
be
safe.
Like
I
guess
it's
like
a
very
complex
model
for
the
safety
of
regular
expressions,
whereas
if
you
ever
feel
which
is
safe,
well,
I
mean
it
says
safe,
it
must
be
safe,
xxx.
E
A
A
C
B
A
B
You
know
the
the
thing
that
I
like
about
that
and
I've
experienced
this
now
at
multiple
quote:
web-scale
companies
is,
you
know
as
much
as
you
try
to
push
back
on,
not
having
regex
routes
at
the
edge
they
may
creep
in.
But
my
experience
is
that
they're,
typically
a
very,
very,
very
small
dialects
of
regex
and
it's
possible
that
we
could
do
something
simpler.
That
would
cover
almost
every
case,
though
yeah
I
don't
know,
that's
I.
Do
you
want
to
you
want
to
open
and
issue
on
that
yeah
sure?
Okay,
all
right,
I!
Guess?
B
E
Want
to
add
two
more
quick
points
that
one
is
that
we
discussed.
Actually
we
discussed
this
internally
yesterday
we
like
the
RA
to
option
as
the
mainline
thing
that
we
think
most
people
should
do,
but
it's
worth
pointing
out
that
pcre
mostly
officially
accepts
the
same
same
language,
isten,
reg,
X
and
it's
probably
better
I,
don't
know
a
ton
about
it.
So
it's
an
interesting
thing
to
possibly
should.
E
E
H
B
Right
but
those
those
those
cases
all
have
to
be
turned
on
like
for
for
security
reasons,
like
none
of
those
cases
are
on
by
default,
and
if
that's
the
case,
then
we
need
to
fix
that
yeah
yeah,
like
I'm
I'm,
fairly
positive,
that
all
of
those
cases
should
be
edge
should
be
add,
chana
ties.
If
you
know
of
a
case,
that's
not
we.
We
should
talk.
E
B
Real
quick
in
the
one
minute
that
we
have
there's
the
coop
con
intro
and
deep
dive
I
sent
an
email
about
this
for
maintainer
z--
I've,
gotten
a
couple
emails
back
from
snow
and
Stefan.
You
know,
obviously
everyone!
That's
there
can
come
it's
mostly
that
we
get.
You
know
for
free,
maintainer
tickets.
Basically,
so
you
know
if
people
want
a
free,
coupon
ticket,
you
know
and
you
happen
to
be
there,
just
let
me
know
and
we
can
figure
out
who
gets
them
versus
who
might
be
getting
a
ticket
for
some
other
reason.
B
I
am
getting
kicked
out
of
this
room.
I
got
a
drop
off
so
right.