►
From YouTube: Network Service Mesh WG Meeting - 2018-08-03
Description
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
A
If
something
comes
to
mind,
feel
free
to
to
put
the
meshes
into
chat
or
speak
up
during
a
during
a
transition
period
and
we'll
see
about
adding
it
in
okay,
so
announcements
of
cloud
native
network
function,
seminar
at
open
source
summit
is
on
August
28th
in
the
afternoon
in
Vancouver.
So
if
you
haven't
registered
and
you're
intending
to
attend,
space
is
limited.
So
it's
the
sooner.
The
better
and
Tom
had
a
great
point
earlier
as
well.
A
He
he
wanted
to
attend
the
seminar
but
was
not
as
interested
in
attending
the
the
full
summit
and
he
seemed
to
have
found
the
compromise
to
paying
the
full
cost
of
the
of
the
summit,
which
I
think
is
a
thousand
dollars
or
were
close
to
it,
and
that
is
to
create
to
join
in
with
a
Hall
Pass,
which
is
150,
and
then
you
can
sign
up
for
the
for
the
network
function.
Seminar
as
part
of
that,
so
that
may
be
a
way
around
paying
the
full
amount.
B
A
That's
an
excellent
point
and
I:
don't
know
the
details
behind
that,
but
yeah
literally
the
sooner
the
better,
because
as
this
as
they
specifically
stated,
they're
even
asking
people,
if
they're
not
going
to
contribute
to
the
seminar
actively
that
that
they
consider
not
not
attending
so
like
actually
put
that
in
the
in
the
next
to
the
checkbox.
So
so
we
need
people
who
who
are
knowledgeable,
who
want
to
want
to
speak
up
and
so
on.
So
you
know
definitely
check
that
box.
A
Okay,
so
special
announcements,
network
service
mesh
was
listed
as
the
first
highlighted
session.
Talk
in
the
linux
foundation's
PR
blasts
about
the
ons
amsterdam
speaker
schedule
being
announced,
so
they
had
a
list
of
keynotes
that
that
they
were
presenting
and
then
they
said
highlighted
sessions
include
and
network
service
mesh
is
listed
as
the
first
one.
A
Vmworld
is
having
a
CTO
panel
that
discussed
that
that
they're
going
to
have
to
have
network
service
mesh
on
the
agenda,
so
I'm
not
sure
how
they
how
they
found
that
work,
service,
mesh
or
or
so
on,
because
we
haven't
been
as
as
proactive
on
the
marketing
side
yet,
but
we're
starting
to
we're
starting
to
get
noticed
and
people
are
starting
to
talk
about
us.
So
so.
D
I
have
some
background.
I
have
some
background
on
that.
I
think
I
know
how
they
found
out
about
us.
So
so,
in
addition
to
vmworld
vmware
runs
this
future
net
conference
they've
done
for
the
last
two
years
and
they're
doing
it
again,
it's
kind
of
a
smaller
like
invite.
Only
you
know.
Networking
conference
III
gave
a
talk
at
this
a
few
years
ago,
so
this
year
I
actually
I
tried
to
get
a
talk
at
future
net
submitted.
Now
they
moved
it.
D
So
it's
only
one
day
this
year,
instead
of
two,
so
they
they
were
pretty
selective.
So
so
I
think
that's
how
they
heard
about
network
service
mesh,
because
I
was
trying
to
get
get
us
get
something
on
the
agenda
at
that,
but
but
I'll
still
be
attending
that
so
I
plan
to
kind
of
talk
about
network
service
mesh
on
the
hallway
track
for
that
as
well.
I.
D
C
A
A
We
need
people
to
give
it
a
try,
make
make
recommendations
on
areas
that
that
can
be
improved
in
it
overall
I
think
the
document
is
is
great,
but
there's
also
areas
where,
where
we
can
definitely
get
some
some
additional
input,
so
I
believe,
like
the
focus
was
primarily
on
sent
to
s.
So
someone
needs
to
fill
out
the
Iguchi
sections
and,
and
so
on.
A
We've
also
added
it's
a
ability
to
capture
stack
traces
in
in
our
eris
plugin.
So
now,
when
you,
without,
when
you
read
la
giris,
you
can
put
the
log
risk
plug-in
that
we
have
that
we
can,
you
can
add,
in
dot
with
stack
with
stack,
trace,
dot,
error
and
you
put
in
whatever
your
errors,
and
it
will
automatically
inject
into
the
logging
mechanism.
The
the
stack
trace
of
of
the
of
the
error,
so
definitely
a
definite
going
to
be
useful.
A
B
A
So
so
we're
moving
over
to
a
project
called
go
errors.
Goers
are
effectively
a
better,
a
better
package
for
manipulating
and
managing
managing
errors,
and
that
go
errors
is
ultimately
will
pass.
What
manages
the
stack
traces
for
us?
So
it's
a
integration
of
the
two
between
goers
and
and
loggers
okay,
so
we
also
have
had
some
some
improvements
on
our
SR
Iove
path.
E
Right
so
there
were
a
couple
of
a
couple
of
directions,
so
the
first
direction
was
to
develop
a
tool
which
would
can
a
host
and
detect
all
VF
defined
or
existing
on
the
coast
and
then
put
together
a
config
map
where
all
required
information
for
for
the
controller
will
be
placed
and
then
there's
a
basically
since
the
tool
cannot
really
understand.
If
this
VF
belongs
to
this
specific
network
service,
then
there
is
an
intermediary
step
where
a
user
needs
to
edit
that
config
map
and
map
each
VF
desired
a
network
service
name.
E
So
once
it's
done,
then
this
map
will
be
instantiated.
Basically,
you
create
cube,
GTO
create
F
for
that
file
and
then
the
controller
detects
the
that's
the
second
part,
the
controller
detects
instantiation
of
the
config
map
and
it
create
and
advertise
these
resources
to
the
couplet.
Once
it's
done,
a
port
can
request
sra,
v,
VF
or
multiple
VF.
By
referring
to
the
network
service
in
the
resource
section
of
the
port
spec.
E
Let's
say
you
wanna,
say
resource
and
then
network
a
sorry
V,
and
then
you
provide
in
natural
network
service
name,
let's
say:
1
2
3
and
then
you
end
up
in
the
port
with
a
4
VF
I
your
devices,
which
you
can
use
at
your
pleasure.
So
that's
I
mean
the
first
part.
That's
pretty
much
completed
is
ready
to
be
merged.
E
The
controller
part
it's
almost
done
because
yesterday
VF,
I
your
device
which
is
in
the
container,
is
operational
yun,
provided
some
nice
testing
tool
and
I'm
working
on
some
cleanup
and
to
add,
delete
and
update
functionality.
So
when
the
config
map
gets
updated,
then
the
controller
will
detect
it
and
react
accordingly,
removing
or
adding
some
advertisement
for
vs.
Oh
that's
pretty
much.
B
Really
important
because
there's
a
segment
of
folks
who
are
looking
use
cases
that
network
service
mesh
is
seeking
to
solve
where
they
have
use
cases
where
being
able
to
attach
a
pod
that
needs
the
network
service
to
a
SRO
vdf
that
is
going
to
provide.
That
service
is
a
really
really
important
use
case.
So
this
is,
you
know,
a
really
important
thing
to
be
able
to
do.
I.
C
Know
that
people
are
using
SR
iov
now
in
containers,
currently
I,
don't
know
how
they're
orchestrating
I
think
through
the
CNF,
but
certainly
there
is.
There
is
a
lot
of
interest
and
giving
people
a
migration
path
to
more
portability
with
other
other
data
planes
as
well.
Perhaps
so,
all
within
the
container
and
and
NSM
context,
I
think
it's.
B
B
Create
equal
right,
they
have
different
characteristics,
they
connect
to
different
things,
etc,
and
so
there's
a
group
of
people
right
now
who
are
actually
trying
to
add
the
effectively
the
SSRI
of
EVF
information
directly
into
the
pods
back,
which
is
kind
of
ugly
and
messy.
You
know
so
you
literally
name
a
particular
VF
on
a
particular
host
and
that's
kind
of
ugly.
This
is
nice
because
it
meshes
well
with
how
the
current
kubernetes
scheduling
works,
and
it
also
allows
you
to
address
the
VF
as
a
network
service,
which
is
a
logical
entity.
B
So
you
know
when
you
bring
up
a
new
node
that
you
you
know
just
taking
a
very
simplistic
example.
If
you've
got
a
radio
network-
and
you
have
a
bunch
of
VF
son
of
a
bunch
of
nodes
that
are
able
to
reach
that
radio
network
now,
you
can
simply
say:
look
I
need
this
resource,
which
is
the
radio
network
service
as
a
hardware
resource,
sorry
Ivy
hardware
resource
and
get
scheduled
to
a
pogrom.
What
does
of
it,
but
no
or
what
is
available
and
get
connected
up
with
that.
A
Yeah
so
so,
in
short,
where
we're
moving
we're
getting
some
some
good
traction
with
getting
as
high
of
e
on
board,
so
pretty
excited
about
that
overall,
but
that
overall
path,
let's
say
we
fall,
so
we
would
also
have
work
being
done
to
publish
images
on
docker
hub
Kyle's
been
focusing
on
that.
Can
you
give
it
update.
D
Yeah
so
after
a
bit
of
a
false
start,
this
week,
I've
got
a
pretty
good
path
forward,
especially
after
talking
to
Sergey
today,
so
I
think
what
I'm
gonna
do
is
create
kind
of
an
NSM
doctor
hub
ID
and
then
in
in
the
Travis
in
Travis
CI
in
the
control
panel.
We
can
actually
we
can
actually
put
the
credentials
for
that
there,
and
then
we
should
be
able
to
pull
what
we
need
to
be
able
to
push
from
Travis
directly
that
way
after
talking
with
Sergey.
D
Today's
he
said
he's
seen
this
done
this
way
for
a
bunch
of
other
different
projects
as
well,
so
so
Frederik.
It
turns
out
the
patch
that
I
had
that
I
closed.
The
pull
request
I
should
be
able
to
reopen
that
removing
the
hashed
credentials
from
there
and
get
this
working
later.
This
afternoon,
I
say.
D
A
D
A
A
D
B
This
has
the
potential
to
be
not
only
really
good
for
us,
but
really
good
for
a
lot
of
people,
because
right
now,
when
people
write
a
device
plug
in
they
go
sort
of
hack,
it
out
by
hand
and,
having
looked
at
quite
a
few
device,
plugins
the
quality
of
of
ice
plugins
in
terms
of
their
handling
of
a
standard
device.
Plugins
stuff
varies
wildly
device
plug-in
device
flit
to
the
Vice
plugin.
So
hopefully
this
would
make
things
relatively
easy
for
people
who
need
to
write
them
as
device
plugins
and
not
just
for
us.
A
A
A
A
If
you,
if
you
need
any
help
or
anything
with
that,
let
us
know
and
we'll
we'll
jump
in
into
what
do
we
can
yeah
we
right
just
just
for
the
for
the
overall
epic
when
so
we
we
have
the
we're
working
on
publishing
images
to
docker
hub
once
images
are
published,
our
Damon
sets
are
pretty
much
all
set
up
so
that
we
should
be
we'll
pull
from
them
and
that
all
that
should
make
the
overall
path
to
testing
on
on
the
packet.
Cn
CF
clusterer
viable
at
that
at
that
point.
A
F
B
Area
and
a
spider,
what
do
you
think
is
good
at
some
point
we'll
have
to
get
someone
to
redraw
area.
I
made
the
spider,
because
what
we
do
have
a
legal
right
to
use
it
I
got
it
properly
from
a
stock
photo
site.
We
don't
have
the
we
don't
currently
have
we
wouldn't
be
able
to
use
it
for
a
trademark
thing,
so
we
will
eventually
need
to
get
it
redrawn.
So
if
folks
know
good
artists,
that
would
be
useful.
Think
that
out,
but
people
seem
pretty
happy
with
it.
Edie.
E
B
A
B
Yeah,
so
basically
we're
we
are
trying
to
so
we've
gotten
feedback
from
sig
networking
about
the
communities
for
work
group
right
now,
I
think
the
thing
we're
trying
to
do
is
to
put
together
the
hey,
we'd
like
to
be
considered
as
a
working
group
email.
Instead
of
trying
to
work
out
drafting
that
and
then
we'll
have
to
see
how
that
goes.
B
A
A
So
see
going
down
the
line
document
infrastructure,
there's
no
updates
to
to
that.
For
those
who
were
not
present
in
previous
meeting
on
this.
Basically,
we
want
to
run
our
documentation
with
you,
go
and
basically
generate
some
some
nice
and
well
laid
out
documentation
for
our
users
over
time.
So
if
anyone
wants
to
help
out
with
that
any
help,
this
is.
A
Highly
appreciated
I
have
a
document
that
I'm
writing
up
on
how
to
get
a
on
how
to
gain
a
a
privileged
container
to
an
existing
container.
So
this
document
effectively
effectively
what
it
is
is,
if
you
run
a
pod,
the
pod
runs
without
privileges
and
and
privileges
is
effectively
route
on
the
system,
and
so
in
order
to
add
capabilities.
So,
for
example,
if
you
wanted
to
add
an
interface,
you
need
to
have
access
to
at
least
some
at
least
privilege,
like
net
admin.
A
In
order
to
in
order
to
do
so,
and
so
I've
I
have
a
document.
How
did
add
lines?
How
do
you
spin
up
a
new
container
that
and
bind
to
the
pods
that
were
named
space
and
have
that
had
been
axis
so
that
these
changes
can
be
can
be
made
and
made
in
a
way
that
this
is
not
where
the
user
themselves
don't
have
access,
necessarily,
but
more
just
from
the
network
service
mesh
side
in
order
to
protect
the
security
of
the
other
cluster.
E
Frederic
I
have
a
question:
I
mean
based
on
the
past
discussions.
We
had
a
lock
add-in
myself.
It
seems
that
the
direction
was
that
the
NSM
runs
kind
of
a
privileged
container
and
does
all
the
plumbing
on
behalf
of
the
client,
and
this
case,
client
basically
doesn't
need
any
privilege
to
and
no
need
to
create
any
any
interfaces
and
SM
will
be
doing
that
for
the
client
based
on
the
requested
services.
Is
there
a
kind
of
a
direction
change
since
I
mean
you're?
Talking
now
about
the
client
doing
some
some
interface
related
work.
A
A
It
would
be
best
to
reduce
the
total
number
of
quality
of
security
mechanisms
that
that
the
demon
has
access
to
so,
for
example,
if
for
some
reason
the
demon
was
compromised,
we
can
minimize
the
impact,
and
so
one
way
to
do
that
is
to
reduce
the
overall
set
of
privileges,
and
it's
also,
it
also
may
end
up
simplifying
certain
certain
tasks
like
we
want
to
add
an
interface
instead
of
having
that
the
network
service
sufficient
bind
temporarily
to
that
namespace
or
running
commands
that
have
to
or
manage
what
namespace
it's.
It's
manipulating.
A
So
it's
it's
more
about
like
refining
the
current
the
current
path
a
little
bit
more
and
if
it
makes
sense
to
to
move
off
in
this
direction
and
that'll
be
helpful
and
there's
also
an
another
benefit
as
well,
where,
if
you're
developing
a
if
you're,
developing
a
VF
or
CNF
for
the
for
for
this-
and
you
wanted
to
experiment.
It
also.
F
B
Think
so
the
proposal
reads
about
being
a
CNC
F
project,
which
is
certainly
among
the
formal
options
that
are
available
to
us.
I
think
at
this
time
the
recommendation
from
C
networking
has
been
pretty
strong
that
they
would
like
to
see
us
as
a
kubernetes
working
group
or
as
a
fallback
as
a
community
sub-project
understand
networking
you
know,
but
with
a
strong
preference
for
kubernetes
working
groups.
B
A
B
A
A
B
C
B
A
B
B
So
if
we
have
a
landing
page
that
actually
is
sort
of
tailored
for
that
audience,
you
know,
and
mr.
gets
to
the
separate
out
concerns
for
audiences
of
NSM
that
audience.
This
is
going
to
be
very,
very
focused
on
and
a
fee,
which
is
an
important
use
case
for
us,
but
it's
not
the
only
use
case
for
us.
You
know.
B
B
Yeah
I
think
that's
probably
a
good
video.
My
experience
incredibly
conversational
talks
in
my
experience
is
you
learn
more
from
the
audience
than
the
audience
learns
from
you
about
how
they,
how
they
are
understanding,
what
you
were
saying
and
the
kinds
that
arise,
and
that
makes
it
easier
to
communicate
in
the
future,
and
so
particularly
if
we
could
get
somebody
who
is
there
in
the
audience,
who'd
be
willing
to
do
sort
of
blow-by-blow
live
update
of
the
page.
A
D
B
Yeah
so
I
mean
I
might
actually
be.
You
know,
I
think
just
having
a
couple
hosts
in
the
audience.
Who
can
you
know,
push
free,
quickly,
push
review
and
merge
PRS
as
we
get
questions
they
can
provide
basic
answers
to
them.
Like
I
said,
that
bet
shows
a
really
strong
commitment
to
engaging
with
your
audience
at
that
point,
which
I
think
will
actually
make
us
look
extremely
collaborative
yep.
A
So
another
another
thing
that
I
think
we
should
be
prepared
for,
like
we
don't
have
to
flush,
we
don't
have
to
to
get
a
full
set
up
now,
but
if
we
start
talking
about
like
the
entire,
the
entire
open
source,
CNF
thing
is
talking
about.
What
is
a
a
CNF,
and
it's
pretty.
The
VOC
group
at
the
moment
is
is
not
here
at
the
moment,
because
I
think
that
this
would
be
a
really
great
topic
for
them
and
I'll
make
sure
to
bring
this
up
with
some
later
on.
A
But
one
of
the
things
that
really
helped
on
the
kubernetes
side
for
app
developers
is
they
have
this
set
of
heuristics,
that
they
call
12
factor
apps
and
if
you
follow
the
heuristics
of
a
total
factor
app.
Ideally
you
end
up
with
something
that
can
scale
horizontally
and
fits
very
well
within
the
kubernetes
model,
and
one
of
the
things
that
I
think
we
can
do
is
we
can
do
something
similar
on
the
CNF
side
and
say,
like
you
know,
I
have
12
factor
apps.
A
Maybe
we
have
10
factor
CNF
or
something
similar
to
that
that
are
basically
a
set
of
heuristics.
That
that
help
people
build
scalable,
CNF,
Sahn
they're
clusters,
or
that
their
clusters
can
be
controlled,
that
their
view
CNS
can
be
controlled
by,
and
so
so
I
think
that,
like
that
particular
conversation,
you
know
started
thinking
about
what
type
like
what
does
it
mean
to
be
to
be
as
CNF
and
like?
How
can
we
get
that
horizontal,
horizontal
scalability
because
and
just
to
drive
the
point?
If
you
look
at
bike
Y
where
why
we're
here?
A
But
a
lot
of
that
expertise
and
how
do
you
build
horizontally,
scalable
apps,
is,
is
more
in
the
enterprise
is
more
than
enterprise
side
and
an
app
developers.
So
we
can
take
some
of
our
knowledge
from
the
app
developer
side
and
help
help
of
late
mistakes
that
that
they
made
and
learn
from
while
we're
developing
CMS,
so
so,
in
essence,
I.
What
I'm
proposing
is
that
we
is
that
we
start
coming
up
with
a
set
of
heuristics
to
help
drive.
What
what
is
it
really?
A
D
Totally
yeah
I
think
that's
actually
a
really
great
idea,
because
I
I
kind
of
feel
like
that
type
of
guidance
and
what
you're
suggesting
is
going
to
be
broadly
useful.
So
if
we
can,
if
we
can
have
something
like
that
to
to
to
frame
that
discussion,
I
think
it's
going
to
be
really
useful
and
at
that
Tuesday
session.
A
A
B
Point
because
I
made
it
asked
everybody
to
rethink.
So
when
you
went
from
from
physical
boxes
to
the
pie
window,
it
was
a
lift
and
shift
mentality
right.
You
sought
to
be
in
front
of
all
the
existing
things
in
a
way
you
went
climb.
Ativ
asked
everybody
to
actually
think
again
for
the
first
time
in
decade.
It's
about
how
you
actually
write
and
deploy
applications,
because
there
was
a
new
space
of
possibility.
That
was
not
previously.
B
It's
also
going
to
be
a
much
more
interesting
process.
I
think
with
Nicole
factored
out
guys
because
cofactor
out
basically
is
a
codification
of
things
that
people
figured
out
by
experienced
and
we're
going
to
have
a
lot
of
cooperation
with
early
adopters
who
are
going
to
be
figuring.
A
lot
of
this
up,
I
experience
themselves,
and,
and
so
he
will
be
naturally
a
bit
more
fluid.
The
12
factor.
C
C
There's
an
interesting
side
thing
to
that:
ed
is,
and
Fred
is
people
thinking
about
micro
services
and
and
and
and
network
functions
being
part
of
a
micro
service.
Mesh
people
start
to
get
worried
that
micro
services
mean
that
we're
gonna
be
forwarding
packets
back
and
forth
little
slow
things
that
will
slow
down
the
actual
network
and
that's
not
necessarily
the
case.
C
There's
one
thing
is
the
orchestration
plan
that
will
allow
us
to
take
Network
function
and
perhaps
Kellett
and
bits,
but
but
the
app,
but
it
will
have
to
be
written
in
such
a
way
that
we,
we
don't
accidentally
funnel.
Some
kind
of
you
know
funnel
the
actual
data
playing
packets
through
through
an
interface
that
they
shouldn't
go
through,
which
will
sort
what
which
will,
in
effect
flow
the
functionality
down.
I
think
those
are
challenges
in
the
future.
Yeah.
A
You
know
a
point-to-point
with
you
and
once
the
once
they're
done
or
their
lease
expires,
and
they
come
back
to
Network
Service
mentioned
and
continue
to
coordinate
their
their
network
and
when
start
looking
at
some
of
the
challenges
that
are
involved
with
that,
it's
like
how
do
you
pick
what
frequency
they
should?
They
should
communicate
with.
A
A
Is
it
drives
the
point
that
those
those
connections,
those
IOT
devices,
don't
have
to
go
through
container
through
kubernetes
cluster,
but
they
can
still
be
managed
by
a
service
mesh
to
still
be
part
of
a
larger
picture,
and
so
I
think
that's
a
fantastic
point
that
that
you've
brought
up
that
we
we
have
to
in.
We
have
to
drive
the
point
that
we
we
can
go.
We
can
be
part
of
the
data
plane
in
terms
of
DC
NFS
to
join
up,
but
we
don't
but
network
service
mesh
itself
is
not
part
of
the
data
plane.
A
A
C
Just
give
I
could
break
in
here
and
show
my
local
skills.
We
we
had
discussed
that
before
and
I
was
just
looking.
I
just
had
the
the
board
up
with
the
issues
on
the.
What
do
we
cook?
What
we
call
this,
that
that
would
service
mesh
board
and
we
really
probably
wanted
to
specifically
say,
write
up
an
issue
for
those
for
those
two
things:
improvements
with
documentation
and
also
refactoring
getting
started
guide
with
a
with
a
real
true
QuickStart.
C
C
A
A
A
So
get
your
get
your
abstracts
and
if
that's
something
you're
interested
in
so
I
know
that
we've
had
some
interest
with
with
some
of
the
open
daylight
people
who
have
wanted
to
are
talking
about
putting
together
a
presentation,
it'd
be
fantastic
to
have
others
join
in
as
well
and
to
talk
about
you
or
your
use
cases
or
or
where
you
want
to
go
so
and
with
that
I.
Don't
have
anything
else
on
the
agenda.