►
Description
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Deep Dive: Envoy - Matt Klein & Constance Caramanolis, Lyft
This is an Envoy Q&A session where several maintainers will be available to discuss anything and everything. Come with your questions, concerns, feature requests, etc. and we will chat!
To Learn More: https://sched.co/GreG
A
We're
just
starting
our
journey
down
the
sto
envoy
path,
so
you
made
a
very
interesting
statement
there
about
how
sto,
I
guess
does
populate
service
configuration
information
down
when
you
have
a
cluster.
This
running
many
services,
so
you're
saying
basically,
is
telling
every
service
proxy
about
every
service
in
the
cluster,
not
something
that's
more
targeted,
like
you
said,
a
manifest
type
of
approach.
B
C
As
far
as
incremental
goes,
I
think
that
there's
gonna
be
a
few
different
phases.
It
is.
We
haven't,
really
had
an
organized
meeting
because
there's
contributors
from
Red,
Hat
and
Google
working
on
this,
but
we
haven't
working
cluster
together.
Yet
we
should,
as
far
as
just
the
raw
memory
reduction
I,
think
that's
an
ongoing
process,
some
of
its
in
already,
but
most
of
it
is
kind
of
prototype,
but
not
committable
and
we'll
just
take
time.
If
anybody
wants
to
participate
in
this
effort,
collaborators
would
be
really
welcome.
D
And
I
think
something
else
that's
interesting
might
just
be.
What
like
many
services
means
to
some
people.
I
mean
we
at
lyft.
You
know
we
have
a
lot
of
micro
services,
but
then
we
hear
about
Google's
deployment
and
it's
it
doesn't
even
make
sense
in
my
brain
so
that
they
have
like
the
cardinality
at
Google
is
crazy.
E
Mostly
thanks
to
all
the
guys
here
for
making
is
annoying,
create
and
extensible
speaking
of
extensibility
I've
seen
that
there
are
multiple
filters
in
stereo
upstream
as
well
as
see
Liam
has
some
calling
extensions.
Can
you
guys
comment
on
it
is
going
to
pull
in
upstream
or
how
does
it
really
going
to
work
out.
E
B
E
D
B
F
I
mean
from
the
extension
standpoint,
I
think
so
far.
We've
taken
the
viewpoint
that
if
we
can
find
people
that
are
willing
to
maintain
them
upstream
and
if
we
deem
that
the
code
is
generally
useful
to
not
just
one
person,
I
think
we
would
generally
take
them
upstream.
That's
why
we
did
all
the
work
last
year
to
do
the
extension
split.
F
It
makes
it
a
lot
easier
for
us
to
track
what's
core
code
and,
what's
extension
code,
an
extension
code
could
be
compiled
out
but,
as
was
said,
the
ball
is
definitely
in
the
court
of
the
people
that
wrote
the
extensions
I
mean
they
need
to
tell
us
about
them.
It's
actually
incredible
how
many
people
have
written
extensions?
We
have
no
idea.
What's
out
there
right,
correct.
E
F
Yes
and
that's
a
that's
a
really
interesting
and
it's
a
great
idea,
I
mean
maybe
you
could
open
an
issue
and
we
could
discuss
there
I
think
right
now,
it's
a
little
problematic
on
on
two
points.
Point
one
is
that
we
don't
support
loadable
modules,
so
things
have
to
be
statically
compiled
in
that's
something
that
wouldn't
be
hard
to
fix.
F
But
it's
a
work
item,
but,
more
importantly,
today
we
don't
actually
have
a
stable
API,
so
we
make
no
guarantee
that
we
won't
break
the
compilation
of
extensions
like
they're,
effectively
tied
to
a
particular
Envoy
Shaw.
That's
something
that
we
know
that
we
need
to
fix,
but
we
have
erred
on
the
side
of
velocity
over
having
a
stable,
API,
I.
Think
given
where
we
are
as
a
project.
F
E
F
G
H
So
this
goes
back
to
the
initial
question
of
you
know
how
opinionated
the
control
plane
is
right.
I
guess
the
other
thing
I
want
to
say
about.
That
is
there's
two
avenues
right.
You
build
your
control
plane
that
conforms
to
your
opinions
and
your
like
your
organization's
topology
or
you
go
and
massage
your
topology
to
conform
to
a
managed
service
or
a
managed.
You
know
control,
plane
solution
so
like,
if
you
mean
like
like
do
we
expect
coke
and
talking
to
beer
in
multiple
times?
Probably
not
because
I
mean.
G
H
Okay,
I
see
your
question:
yeah
I'll
say
what
I
was
gonna
say
and
then
you
can
go.
You
know,
as
at
least
from
this
is
from
this
perspective,
as
lyft
has
grown,
the
needs
of
the
control
plane
has
has,
you
know,
have
changed
and
evolved
with
it
so
so
features
that
might
have
not
been
needed
a
year
and
a
half
ago
with
you
know
a
couple
hundred
microservices
and
you
know
a
couple
hundred
engineers
might
be
the
different
different
and
needs
that
we
need.
H
You
know
today
in
the
present,
so
yes,
that's
another
reason
why
I
think
building
you
know
one
control
plane
to
rule
them
all
is
very
complicated
because,
as
your
organization
involves
your
topology
walls,
the
needs
of
the
control
plane.
My
change
specifically
in
in
that
third
part.
That
is
very
specific,
in
my
opinion,
to
your
deployment
I
think.
I
C
J
K
F
Yeah
I
was
actually
gonna,
say,
I.
Think
someone
asked
me
this
this
morning
about
on
boys
linked
to
kubernetes
and
if
I
had
to
wager
I
think
there's
way
more
people
running
on
boy
outside
of
kubernetes.
Then
there
are
people
running
on
boy.
A
new
grannies
on
voice
is
a
binary
like
if
you're
familiar
with,
nginx
or
h,
a
proxy
or
you
know,
I
mean
it's
the
same
thing.
It's
like
it's
a
process
that
you
run
with
Debian
packages
or
system
D,
or
you
know.
L
Us
so
as
a
follow-up
to
that,
you
know,
I
think
some
of
the
primitives
that
kubernetes
gives
you
like
the
side
cards,
allow
you
to
enforce
like
that.
Traffic
is
gonna
flow
through
the
side
car,
but
you
can
imagine
in
a
scenario
like
that.
You
describe
where
you're
running
it
as
a
separate
process.
Can
you
talk
a
little
bit
about
how
you
ensure
that
communication
only
flows
through
envoy
I?
Imagine
they're,
like
a
compromised
host,
for
example,
would
be
able
to
kind
of
circumvent
that
because
there's
no
other
kind
of
guardrails
around
it.
I.
F
Can
just
start
start
real,
quick
I
mean
there's,
and
then
we
can
see
what
other
people
have
to
say.
There's
there's
really
there's
two
options:
I
mean
option:
one.
Is
you
try
to
make
a
transparent
you
just
something
like
iptables?
That's
what
sto
does
and
a
couple
other
solutions.
The
second
option,
which
a
lot
of
other
people
end
up
doing
including
lyft,
is
we
have
a.
We
have
a
thin
library
that
people
use
to
make
all
of
their
network
communication
and
that
library
knows
to
talk,
talk
to
envoy,
I.
F
Think
there's
a
bunch
of
it
depends
like
it
depends
on
how
transparent
you
want
to
make
it.
It
depends
on
whether
you
want
to
mess
with
IP
tables.
It
depends
on
how
secure
it
has
to
be
to
force
traffic
through
to
make
it
so
that
no
one
can
circumvent
it.
So
you
know,
there's
no,
there's
no
easy
answer
there.
They
both
have
trade-offs,
but
those
are
your
fundamental
options.
Did
anyone
want
to
add
anything
tonight.
I
You
can
also
argue
to
that.
It's
a
lot
of
the
carrot
method
and
it's
actually
working
really
well
in
this
case,
because
once
developers
start
playing
around
with
their
own
like
sending
their
own
requests,
they
tend
to
get
really
frustrated,
and
so
it's
actually
served
us
really
well
left
where
a
lot
of
people
come
to
us
like
okay,
we're
doing
this
by
ourselves,
but
we're
going
to
include
it
in
the
Envoy
manifest
because
we
were
tired
of
trying
to
figure
it
out,
and
so
it
kind
of
ends
up
working
to
advantage.
It
that
way.
M
Hi
one
of
the
things
that
I've
started,
seeing
with
service
machine
general,
is
this
abstraction
of
like
these
things
like
timeouts
retries,
which
used
to
be
in
the
application
source
code
now
has
been
moved
outside
and
inside
the
service
mesh.
So
do
you
guys
think
like?
Is
there
any
workflows
where,
like
as
a
developer,
now
they're
like
these
things
should
just
work
and
people
do
not
think
about
like
what
timeout
should
be,
how
retry
should
be
done
and
like
since
the
configuration
now
exists
outside
the
application?
M
I'm
curious?
Is
there
workflows
where
developers
can
still
specify
these
things
in
the
source
code
itself
and
where
they
still
have
to
think
through
these
things?
What's
is
keeping
it
outside,
where,
like
there's
like
the
client
libraries
have
their
own
timeouts
versus
proxies,
have
their
own
I'm
just
trying
to
sense
if
there
is
like
community
fees,
there
is.
This
is
the
problem
yeah.
D
I
think
constants
mentioned,
like
the
thin
client
that
we
send
around
to
everyone
which
basically
allows
you
to
declare
that
I
want
to
talk
to
service.
X
and
I
will
get
these
properties.
On
top
of
that,
we
have
the
ability
for
people
in
flat
files
to
define
the
defaults,
both
from
the
like
egress
and
ingress
perspective,
and
then
those
values
are
still
a
writable
by
by
headers.
So
let's
say
you
needed
per
request
or
per
endpoint
when
talking
to
a
service,
a
different
timeout
or
different
policy.
D
You
know
the
query
was
expensive
or
something
you
can
override
that
from
from
the
headers.
So
envoy,
you
know
tries
to
be
very
adaptable
in
this
case
and
give
you
you
know
both
you
can
configure
on
boy
with
a
certain
setting,
but
then
override
it.
You
know
on
a
prayer
request
basis,
and
so
that's
that's
what
we
do
it
left
and
and
that's
kind
of
what
was
mentioned.
I
Yeah
so
they're,
just
like
when
you're
setting
the
request,
you
add
it
as
another
header
there
and
then
like
also
to
like
you,
can
also
then
enable
like
entire
fleet-wide
like
max
timeout
is
one
second
right
and
then
after
then
you
know
you
can
put
it
like
a
very
straight
for
certain
things
there
and
like
the
configs.
Allow
you
be
that
strict
and
a
lot
other
people
to
be
more
free-flowing.
In
other
cases,
sorry.
N
F
F
We
don't
necessarily
want
to
hide
the
intention
and
I
still
do
think
that
we
need
developers
generally
to
understand
networking
concepts
like
I
need
a
timeout
or
I
need
to
write
retry,
but
in
many
cases
we
can't
pick
the
retry
policy
on
behalf
of
the
user
because
they
have
to
understand
the
API
that
they're
calling.
So
that's
just
that's
how
I
would
phrase
it
is
that
we
want
to
reduce
the
cognitive
load
of
the
implementation,
but
we
don't
want
to
completely
hide
it
from
the
user.
What
we're
doing.
O
C
Okay,
then
I
won't
take
too
much
time
with
my
non
answer,
I
mean
I,
think
I
think
to
a
large
extent,
Google
has
started
using
envoy
in
a
variety
of
ways.
Our
usage
in
the
board
context
is
less
mature
than
the
other
ones,
so
we
have
way
more
experience,
deploying
thing
deploying
envoy
in
various
forms
and
virtual
machines
so
stay
tuned.
Maybe
we
can
go
into
more
of
that
kind
of
stuff
next
year.
K
Yeah
so
I
think
one
of
the
things
that
I'd
add
there
is
that
one
of
the
things
we
learned
at
on
vikon,
just
just
from
seeing
all
the
presentations
is,
that
there's
plenty
of
people
who
are
using
envoy
as
an
edge
proxy
as
a
middle
proxy
sidecar
is
not
the
only
way
that
people
are
deploying
envoy
by
any
means,
in
fact,
any
way
that
people
are
using
proxies.
People
are
trying
out
on
fly
in
that
role,
so
yeah,
don't
assume
sidecar
in
any.
N
B
Yeah
I
think
we've
seen
a
car
like
couple.
Questions
in
the
envoy,
which
issue
is
the
default
circuit
breaking
issue
they
have
is
usually
that
is
like
long
long,
large
latency,
but
not
high
load
requests
that
will
hit
the
default
circuit
breaking
very
easily.
The
default
is
like
1k
requests
at
like
pending
requests
at
envoy
level.
B
I
F
I
was
gonna,
say.
One
thing
that
I
would
say
about
defaults
is
that,
unfortunately,
this
is
the
case
again
or
it's
impossible
to
please
everyone,
and
if
we
change
the
defaults,
someone's
gonna
have
a
very
unhappy
day
like
when
went
when
that
happens.
With
that
said,
I
think
we
do
recognize
that
we
have
a
general
documentation
problem
around
a
couple
of
these
cases
and
there
are
issues
opened
so,
for
example,
I
would
love
to
have
a
FAQ
on.
F
F
So
we
do
have
a
resource
tech,
writer
from
CN
CF
who's,
going
to
be
spending
more
and
more
time
on
the
project
and
I'm
hopeful
that
he'll
tackles
some
of
these
things,
but
I
would
encourage
you
to
open
documentation
issues
on
the
kinds
of
things
that
you
might
be
confused
about
and
to
please
help
if
you
would
like
to
help.
If
you
have
struggled
through
some
of
these
things
and
been
confused
and
you
feel
like
you
could
help
others
that
would
be
much
appreciated.
I
think.
I
Also,
one
way
to
ask
view
your
question
is
also:
how
do
you
expose
it
to
developers
and
I
would
say
start
by
exposing
a
smaller
set
of
features
instead
of
everything,
even
for
arse
like
I
get
overwhelmed
by
remembering
all
the
features,
and
so
just
you
know,
choose
a
few
things
you
want
in
able
and
then
slowly
add
scope
to
that,
because
I
could
also
help
for
your
onboarding
as
someone
who's,
maintaining
it
and
then,
after
your
application
developers
as
or
learn
to
use
on
boy,
and
unfortunately,
we
are
out
of
time.
Thank
you.