►
From YouTube: Network Service Mesh Meeting - 2019-05-15
Description
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
A
B
A
B
B
Okay,
well,
while
we're
getting
set
up
so
first
as
a
reminder,
please
add
yourself
to
the
attendees
list.
Second,
please
remember
that
this
is
a
recorded
call.
Third,
if
there
are
any
topics
that
anyone
would
like
to
bring
up
or
any
documents
or
anything
that
is
not
on
the
agenda,
then
please
please
bring
it
up.
B
C
C
B
C
B
So,
in
terms
of
so
in
terms
of
tasks,
I
want
to
go
over
some
of
the
the
details,
if
possible.
So
in
the
getting
0
1
0
are
those
the
three
areas
we
have
helm.
Docker
images
and
signed
its
tags
linked
on
github
are
those
the
three
things
that
we
want
to
to
show
off.
Do
we
want
to
add
anything
or
remove
anything.
C
C
B
B
A
I
tend
to
like
putting
things
in
darker,
but
we
do
have
to
think
a
little
bit
about
where
we
stand
for
our
doctor
repose,
because
right
now
we're
dumping
our
CI
and
a
same
thing
guys
are
as
everything
else,
and
so
we
may
want
to
consider
essentially
reorganizing
in
such
a
way
that
that
we,
basically
we
have
a
separate
repo
for
the
CI
stuff.
A
You
know
I
think
I
think's
the
suggestion
last
time
was
we
have
three
one
is
the
release
repo,
where
we
basically
put
things
that
are
actual
reliefs.
Docker
containers
properly
tagged
the
CI
repo,
where
we
do
all
the
farming,
all
the
damages
for
CI
and
then
sort
of
what
you
might
call
me,
the
practice
master
repo,
which
is
the
repo
where
we
go
put
the
things
that
we
are
actually
building
off
of
the
master
branch
that
have
gotten
past
the
I
had
been
merged.
B
Yeah
and
and
something
something
that
we
could
consider
in
this
scenario
is
so
I,
don't
know
if
you
saw
the
github
announcement
from
about
a
week
and
a
half
two
weeks
ago,
but
they
they
are
now
shipping
there
now
attaching
to
every
get
the
repo
a
a
docker
repo.
So
you
can
actually
do
a
docker
push
and
pull
to
a
github
based
repo
that
tracks
it
yeah.
A
A
I
know
I,
as
I
saw
it.
I
wouldn't
sign
up
no
service
mission
for
the
beta
and
we're
also
by
the
way,
in
the
queue
for
the
beta
for
github
actions,
which
would
be
kind
of
cool,
but
the
best
of
my
knowledge
we
are
not
actually
in
either
of
those
betas
yet
actually.
B
A
Hard
to
say,
the
thing
is
like
I
originally,
because
I
wasn't
about
it
when
github
actions.
You
know,
if
I
sign
up
for
my
personal
repo
for
my
personal
organization
and
that
came
through
and
then
I
realized.
Oh
wait.
I'd
actually
need
this.
For
the
network
service
master
Orion
went
to
signed
us
up
for
the
beta
list,
then
so
some
people
are
getting
them.
It's
just
hasn't
come
through
for
us
yet
yeah.
B
Okay,
so
so
I
so
I
think
the
from
an
action
item
then
and
I
know
this
is
a
documents
meeting,
but
we
can
hash.
Some
of
this
out
here
is
perhaps
perhaps
what
we
do
then
is
we
have
the
the
main
production
repo
which
could
be
like
network
service
mesh,
and
then
we
we
separate
out
the
CI
into
into
something:
that's
a
bit
less
lazy
and
that
way,
when
we
ship
we,
we
only
ever
shipped
you
to
a
release
to
release
French
we're
not
we're
not
polluting
the
the
other
branch.
B
B
So
we
so
d,
so
the
so
I
guess
the
question
is
in
the
scenario
is:
is
that
something
that
we
want
to
do
in
in
in
for
before
this
release
and
and
make
sure
that
the
split
is
there
and
and
properly
working?
It
is
a
bit
closer
to
release
which
gives
me,
which
worries
me
a
little
bit,
but
at
the
same
time,
having
something
that's
clean
that
we
can
put
put
out
there
I
think
would
be
a
high
value.
B
B
That's
true,
yeah!
Well,
let's
go
and
and
postpone
that,
and
what
we'll
do
is
we.
This
just
makes
sure
that
when
you
do
the
the
default
poll
that
we're
not
overriding
the
default
master
and
master
should
always
point
to
the
to
the
latest
to
the
latest
release
branch.
So
so,
let's
this
is
the
double-check:
the
infrastructure,
to
make
sure
that
that's
that
that
assertion
is
true
and
then
beyond
that
we
can
punt
any
splitting
or
any
other
things
like
that
up
to
to
the
future
to
the
future
time.
B
So
so
here's
a
question
we
wanted
to
have
them.
So
we
have
when
we
do
a
pull
like
an
like
tillage
of
lingo.
You
can
pull
like
golang
master
and
I,
always
pull
the
latest.
You
put
golang
colon
1
and
that
pulls
the
latest
one
dot
X
French,
which
right
now
there's
only
one
major
release,
but
when
2.0
comes
out,
then
that
that
means
that
people
will
not
automatically
upgrade
from
1.0
2.0.
A
B
Yeah
we'd
focus
on
on
tag,
so
there's
a
new
release
and
then
we
rely
on
the
tags
to
to
allow
people
to
select
they
want.
So
if
someone
wants
an
exact
version,
0
1,
0
I,
don't
want
to
move
up
to
0
1
1
2
like
fully
validate
everything
works.
Then
things
are
ok
and
when
we
start
to
hit
the
full
releases
with
with
MSM,
where
we
have
our
first
1.0
release
with
semantic
versioning
and
then
this
is
this:
will
work
beautifully,
I
think
it'll
it'll
allow
people
to
to
work
out
how
much?
B
B
So
in
terms
of
signing,
perhaps
that
that
could
be,
that
could
be
a
manual
process
to
start
off
with
until
we're
comfortable
or
until
we
find
a
alternative
that
we
can
automate
there's
right
now.
My
main
problem
is
that
we,
when
we
unlock
the
key
and
that
key,
is
sitting
on
a
shared
repository
or
shared
system
and
I'm
a
little
uncomfortable
with
you
know.
When
the
image
goes
away,
all
right
can
we
have
a
guarantee
that
it's
always
going
to
be
cleaned
properly
or
are
they
gonna
be
other
side
channels?
A
One
thing
I
think
that
we
could
probably
do
that.
Would
one
thing
that
this
sort
of
brings
to
mind
immediately
is
we
should
definitely
do
some
key
signing
Thank
You
Connie
you
next
week,
because
that
way,
we've
sort
of
least
got
each
other
on
the
same
web
of
trust.
The
good
news
is
I,
know
reasons
historical
I'm,
a
trust
anchor
for
Linux
Foundation,
though
I'm
a
very
highly
trusted
key,
and
so
you
sort
of
get
the
the
web
of
trust
going
within
the
NSM
community
as
well.
I
think.
B
A
B
Yeah
and
what
I
was
thinking
of
is
if
we
can
publish
the
key
in
a
couple
of
ways.
Of
course,
we
would
publish
them
to
the
standard
PGP
key
servers.
We
can
publish
it
on
to
network
service
website
itself,
which
is
gated
with
with
yet
and
secured,
with,
with
HTTPS
the
and
put
and
publish
the
fingerprints
and
so
on
of
the
the
image
the
third
place
that
we
could
also
stick.
B
Something
is
again
key
base
is
gaining
a
lot
of
popularity
and
they
make
the
tooling
of
C
relatively
easy
to
for
people
to
set
up
their
their
keys
so
that
they
can
verify
images
and
so
on.
So
of
course,
it
begs
the
question
is
to
like
you
trust
a
third-party
entity
to
set
up
your
your
infrastructure
for
this
type
of
signing,
but
if
it's
for
the
purpose
of
verification
of
the
image,
I
think
that
that
that
may
be.
That
may
be
an
acceptable
that
may
be
an
acceptable
risk.
We
just
have
to
see
like
do.
B
We
have
to
give
key
base
the
private
key
or
yeah?
Can
we
publish
our
own
our
own
custom,
key
and
I?
Think
if
we
can
do
a
custom
one,
it
should
be,
it
should
be:
okay,
yeah!
It's
a
lot
of
things
to
look
into
definitely
cool,
so
I'll.
Take
a
I'll.
Take
a
look
into
some
of
that
stuff
and
I.
Think
we'll
we'll
work
out
a
strategy
or
and
I
think
what
you
described
is.
B
Is
it
was
perfectly
so
we
sign
we
sign
each
other
and
any
one
of
us
like
we
either
we
either
select
somebody
as
the
as
the
signer
or
perhaps
we
can
do
something
where
any
one
of
us
can
can
sign
and
verify
the
a
the
keys.
So
we
can
work
out
a
strategy
on
that,
but
let's
work
out
what
our
primitives
are.
First.
B
C
A
We
do
have
the
testing
that
you
could
lie
for
the
make
version
of
the
demos
that
it's
currently
running
to
cover
some
aspects
of
them.
I
did
notice
that
we
had
a
failure
in
there.
We
have
some
intermittent
failures
that
are
happening
so
I'm
trying
to
pull
the
other
something
to
just
better
logging,
so
we
can
figure
out
what's
going
on
there
and
then
I
think
it
would
probably
also
be
good
I
think
the
way
we
want
to
direct
people
to
run
demos
generally
is
probably
via
hell,
rather
than
via
make.
B
B
A
The
only
thing
that
I
would
actually
really
prefer
to
see
is
being
able
to
break
out
the
clients
services
as
separate
charts.
So
you
can
say,
look
you
know
dick
drot
helm
install,
will
never
service
mash
great.
You
got
network
service
machine
able,
oh
and
this
home
install
and
a
sent
monitoring.
Ok,
now
we
could
see
monitoring
no
oh
available.
B
A
A
B
A
A
Is
getting
it
cleanly
documented
and
testing
the
pudding
of
the
CI
one
of
the
things
I
noted
it
is
I've,
had
a
couple
of
people
internally
but
asking
to
go
and
keep
the
tires
on
the
code
and
sort
of
we
have
all
the
pieces
but
they're
in
various
places
like
we
have
a
quick
start,
but
it's
oriented
towards
to
make
files.
We've
got
the
home
box,
but
they
don't
tell
you
anything
about
how
to
get
a
cluster.
We've
got
some.
A
How
to
do
the
checks
with
make
check
in
the
QuickStart,
but
we
don't
have
that
stuff
written
it
into
the
home
charts.
We
have,
you
know,
I,
don't
think
we
have
any
documentation
about
using
skydive
to
go
and
visualize
what's
happening,
though
there
is
there's
sort
of
the
traditional
scatter
gather
problem
and
documentation.
You
write
excellent
boxes,
you're
doing
things
and
they
don't
all
quite
hang
together
as
a
unitary
whole
yeah.
B
So
so
I
guess
the
part
of
what
need
to
do
them
is
will
is
come
up
with
a
with
a
plan
similar
to
how
we
how
we
drive
the
release
itself.
Perhaps
what
we
need
to
do,
then
is
is
come
up
with
like
a
Google
document
or
or
an
issue
or
respect
aspect
that
we
can
then
track
and
say
here
are
the
documentation
tasks
that
we
need
to
do
and
that
way
we
can
track.
You
know
each
each
major
each
major
item
and
make
sure
that
the
progression
gets
done
so
like
it
could
be.
B
A
I
mean
it
turns
out.
Actually
the
the
help
Docs
are
actually
really
amazingly
well
done.
You
did
a
good
job
on
the
mill
yeah.
You
know
they
even
include
things
like
the
following
is
likely
going
to
have
to
be
done.
If
you
get
an
error
like
this,
because
there's
a
degenerate
case
where
you
have
to
go
wrote
a
few
cubed
control
commands
to
set
of
permissions
for
things.
A
B
A
Beginning
Start
Guide
is
excellent
if
you're
going
to
start
and
you're
going
to
use
to
make
machinery,
the
app
is
extremely
well
done.
If
you
have
a
cluster
and
you
just
want
to
run
a
helmet
art-
and
you
are
not
worrying
about
how
you're
going
to
convince
yourself
that
anything
is
working
or
see
how
it's
actually
going
on.
C
A
I
think
this
is
actually
right
and
proper
for
those
guys
as
they
stand,
I
think
they're.
Actually,
scoped
correctly,
you
do
want
to
be
able
to
point
people
to
be.
Oh
you're,
just
gonna
get
home
doing
here's
what
you
do,
but
we
don't
really
have
sort
of
a
demo
walk
that
might
be
helpful.
B
C
C
C
Examples
there
also
the
to
make
it
because
I
split
criminal,
ICMP
and
P
I
simply
to
separate
the
post,
make
essentially
five
demos
in
the
examples.
So
I
know
that
this
is
a
little
bit
of
a
kind
of
controversial
topic
that
we
have
discussed
about
this
back
and
forth
and
maybe
for
the
first
release.
We
are
just
going
to
go
with
the
main
repo.
That
makes
sense,
because
that's
what
we
have
today,
but
maybe
at
some
point
we
could
just
point
the
people
to
this
examples.
Reappoint
everything
could
be
there.
A
Take
me
too
seriously,
I'd
even
make
a
suggestion
that
we
would
be
going
more
granular
right.
So
if,
for
example,
we
were
to
go
and
say,
look
we
have
the
VPN
yo.
Do
we
have
VB
imagine
doing
a
repo
for
each
network
service
in
point
that
we
could
basically
use
because
then
imagine
the
way
the
CI
ends
up
running
right.
So
if
I
just
go
and
I
change
the
ICMP
responder,
then
I,
you
know
the
commit
goes
into
that
repo.
A
It's
CI
goes
to
test
to
make
sure
the
ICMP
responder
honesty
is
still
working
and
I'm
working.
Then
we
go,
and
so
we
don't
have
to
test
the
broad
swath
of
everything,
because
that
has
nothing
to
do
with
the
ICMP
responder
cut
right
as
long
as
it
properly
comes
up
and
does
its
thing
and
I'm
known
to
be
working
version
of
network
service
mesh,
then
we're
not.
A
B
This
is
actually
a
really
common
pattern
when
you
have
little
bit
more
control
over
your
infrastructure.
So
I'll
give
you
an
example.
The
people
at
thought
works,
which
is
headed
by
people
like
Martin
Fowler,
created
a
build
system
which
they
unfortunately
named,
go
and
and
but
one
of
the
things
that
they
did
was
they.
They
had
the
the
insight
from
experience
that
when
you,
when
you
build
a
project
that
you
have
the
that
you
had,
you
do
have
dependencies
on
how
the
projects
are
laid
out
and
you
may
have
a
set
of
pipelines.
B
So
there
is
some
similarity
and
circuit
CI
with
pipelines,
but
part
of
the
part
of
the
issue
that
ends
up
running
is
that
when
you
trigger
a
build
for
that
say,
network
service
client,
and
you
don't
change
in
you,
the
api's,
then
in
that
scenario,
it's
like
what
do
you
have
to
rebuild?
You
have
to
be
able
rebuild
innocent
manager.
No,
you
have
to
rebuild
perhaps
your
demos
and
rerun,
those
and
so
on.
B
So,
instead
of
having
the
umbrella
semantically
version,
which
you
still
do,
but
each
component
gets
her
own
semantic
version
with
the
state
with
similar
properties
that
you
can
then
used
to
to
verify
that
things
work
or
don't
work
and
control
the
the
artifacts
as
they
as
they
change
so
so
there
may
be.
There
may
be
some
strategies
that
we
can
look
at
I'm,
not
suggesting
we
use
their
built
system
because
it's
idling
it'll
be
a
good
fit
for
us,
but
there
may
be
some
strategies
we
can
use
to
to
simplify
and
head
towards
this
pattern.
A
C
What
I
see
now
with
the
example
is
that
essentially
I
hear,
for
example,
nightly
boots,
which
verify
every
day
that
the
example
that
I
hear
for
building
and
running
against
the
whatever
we
have
in
master
or
it
is
the
published
latest
images.
Let's
that's
that's
more
current
because
I
don't
do
images
I,
just
doubled.
C
A
You're
absolutely
right
improve
to
be
a
massive
pain
in
the
ass
I
mean
this
is
always
the
trade-off
like
great
modularity
brings
both
costs
and
benefits
there.
There
is
some
point
at
which
it
stops
making
any
damn
sense
and
I.
Just
don't
know
where
that
is
here,
but
either
way.
I
think
breaking
out.
Two
examples
is
probably
wide.
I
would
be
unsurprised
if
it
turns
out
that
we
don't
quite
get
there
for
the
0.1
release,
but
I
think
the
work
is
still
really
important.
B
All
right,
so
so
in
terms
of
actionable
items
or
for
the
release,
so
it
so.
It
sounds
like
the.
The
main
thing
that
we
need
to
do
is
ensure
that
the
documentation
that
exists
across
the
board
and
the
documentation
that
that
Ilya
put
together
for
helm,
gets
adapted
in
a
way
that
that
we
can
say,
here's
how
you
run
a
demo
and
make
sure
that
those
are
are
tested
by
people
who
have
less
or
no
experience
with
NSM
in
order
to
make
sure
that
they're,
readable
and
understandable.
Actually.
A
I,
do
he's
gonna
be
deeply
abused
than
possibly
not
cooperative,
you
know,
but
but
the
thing
was
when
I,
when
he
could
sit
down
and
from
the
corruptions
cold
in
less
than
30
minutes,
actually
have
things
working.
That's
what
I
knew.
We
had
good
directions
because
he's
a
bright
guy,
but
he
probably
hasn't
touched
code
in
15
years.
B
Yeah
I
added
is
that
is
a
to-do
item,
so
you
can
do
a
search
for
to
do
in
the
in
the
release
notes
area.
What
I'm
going
to
do
is
I'm
gonna,
I'm
gonna
go
in
after
the
fact
and
start
putting
together
a
documents
board,
create
a
new,
a
new
board
and
start
outlining
the
various
things
that
we
need
to
do
in
there
has
in
order
to
improve
and
get
to
the
say
where
we
want
so
so
we'll
turn
these
into
and
could
get
other
shoes
effectively.
B
Let's
see
in
terms
of
the
so
in
terms
of
the
document,
then
I
think
those
are
the
those
are
the
main
ones
that
I
wanted
to
cover
in
in
in
this
one.
So
if
I
guess,
what
not
one
last
thing
is
on
unknown
issues?
What
do
we?
What
do
we
want
to
do
on
on
known
issues?
Do
we
do
we
just
want
to
leave
the
generic
thing
that
we
have
at
the
moment,
or
do
we
want
to
call
out
very
specific
things.
B
B
And
I'm
and
I'm
happy
to
leave
it
as
as
a
generic
thing
right
now
be
I
think
enumerated.
Everything
would
just
be
waste
of
a
waste
of
time
unless
there's
something
really
big
that
we
need
to
call
out,
like
you
know,
don't
don't
use
VPP
in
its
way,
because
a
kernel
bug
will
cause
your
kernel
to
panic.
You
know,
and
even
then
yeah
yeah
I'd
still
be
skeptical
of
whether
we
should
stick
that
in
or
not
so.
B
It
should
be
something
that,
over
time
as
issues
as
major
issues
are
discovered,
we
can
then
populate
that
we
can
populate
that
page
on
the
website
and
say
here
are
the
known
issues
or
the
one
for
the
one-zero-one
release,
and
that
way
people
can
then
track
and
make
sure
that
they
they
see
what
things
are
you
know
what
things
are
going
on
and
so
on,
because
it
does
does
that
sound?
Does
it
sound
reasonable.
B
Cool
I,
don't
have
anything
else
on
the
release.
Notes
at
this
point
I
think
it's
just
a
bunch
of
a
past
items
and
then
once
we're
closer
to
doing
the
release
week,
we
can
go
over
and
make
sure
that
it's
that
everything
is
as
we
want.
So,
as
you
know,
nothing
set
in
stone
until
we
until
we
find
the
commit.
B
B
B
A
Yep
so
I
also
like
the
intro
stuff,
we
still
need
to
get
some
flies
together
as
well,
and
those
are
probably
gonna
come
in
a
little
bit
hot
one
of
the
things
I
would
love
to
do
the
intro
talk.
Is
you
have
a
brand
new
color
palette?
We
have
a
bunch
of
new
graphics
to
work
with
I
may
tweak
some
of
the
iconography.
B
B
A
A
A
B
The
young
boy,
one
is
easy.
It's
also
makes
it
very
easy
for
me
to
deflect
the
the
sto
question
still
like.
Why
well
not
really
difficult
give
a
good
answer,
because
one
of
the
questions
that
I
get
asked
almost
every
time
that
I
speak
with
someone
is
why
don't
we
land
this
thing
in
in
this
deal
or
why
not
contribute
it
to
us?