Add a meeting Rate this page

A

Having it was such situations, someone else's problems, yeah.

B

Exactly.

B

Cool, so shall we get going we're about ten minutes into the call I? Don't know we mean that being a short call today, yeah I know, for example, like the the one thing I'm aware of is the desire to go and turn the technology tree into more of a roadmap and I think that that is gonna require a little bit of work coming up to the next meeting before it actually is useful to go over it I.

A

Think up to the place you strike them. Okay,.

B

So yeah definitely I mean that's. Gonna require a little bit of work, because I basically just have the same tree. That I had last week, which is good at all, but the other one is that it's sort of rapidly becoming the world is moving on. So things like I got word yesterday from the from one of the folks, is working on it or domain that they they sort of. Basically have it working now and now: they're cleaning things up and testing across different plows and so forth before they go ahead and push their.

A

Pr I, so we also have a preliminary DMS implementation. We.

B

Do we do it's? It's really well done as far as it goes, but there are still some questions that is asking that I think need to be resolved before you get there. If I'm reading it correctly, the current implementation will do the fan-out quite correctly, but all the right pieces are in place, which means that once we get the fan-out functionality, there I think it's in the right place.

B

So and there's also great progress coming down on the security apparently forward, security is not working. Backward security is being looked at. Oh cool.

A

When you say for security, that's patching the spiffy history, IDs up the chain.

B

It's doing the right thing for Providence for JWT tokens up the chain: okay,.

A

Yeah.

B

And then the trick is that coming back properly and then the ability to safely and properly to healing, based upon the returned things.

A

Okay, that makes sense.

B

Do we have anything else? Do we want to discuss today, I.

A

Think I don't think that we do at this point, I mean the the important some of the important discussions we need to have around around the release. I think are gonna, require people like Nicolae to be to be present.

B

Yeah I agree.

A

Let's see a couple comments: Oh listening the pointed out that work surface, my shot, iOS live.

A

Yeah I'm still blown away by the quality of the website, so.

B

Ya know it really is I mean I I find myself being tempted to go ping Luke on update on certain updates and say: hey here's the update your just pasted check on this, because clearly your taste is better than mine.

A

Yeah my my one concern is that the the one is network service. Much document he's been promoted to the first page on box, so we need to fix that up. Oh.

B

Okay, yeah definitely do fix that up.

B

Cool, hey, welcome, Joshua, you sort of just wandered in, and we've determined that we we have a bunch of homework to do for the next meeting, but we don't have a bunch to cover this meeting.

C

It's yeah Watson. It is a it's a glossary, pretty much done or are.

B

We filled with fill works in progress, I think so I mean their husbands stuff committed to the repository on the glossary, if they're a thing but you're. Obviously, everything always subject to improvement. Okay,.

A

Yeah, my my understanding is like we've wear it we're no longer a listing. The clustering has a main item on the agenda, so I think it's pretty much done, except for except for minor improvements as as I had mentioned. So if you, if you want to use that or you want to share it around, but that should be, that should not be a problem.

A

Okay,.

A

Is there, is there a specific contribution you were looking to to make towards it, or is there something? That's that you think needs to be expressed out of more detail, yeah.

C

There's stuff that I've been trying to work on for T doubts along the lines of the OSI model and then the different components and glossary and CNF said general and I.

C

Don't know I just keep going around in circles when I'm thinking of the different peaches that we have named here so like the local mechanisms, tunnel, interface and MMI ass, and these types of things and remote mechanisms and stuff- and it seems like to me some language, there's people familiar with as far as like layer, 1 layer 2, it seems like the local mechanisms are like layer, 1 they're, like virtual layer, 1 or something like that, and and then maybe the robot mechanisms are things that are layer, 2 and above the fact that things might be useful to start using some language and other people are familiar with I'm, not so sure.

C

But I I don't see the like OSI model use so maybe once or twice.

B

The audience's, if you're working people, the OSI model, is super useful. If you're talking to dubs, they don't even know us.

C

Yeah well so I'm I'm, a deaf and.

C

Tria stuff right: well, the thing that I have a hard time with when going into any domain is when people change the language, so I'll do a pass on something like this glossary. If I wasn't familiar with it and I'm.

C

Looking at these this terminology and then I go cross-reference to a networking book and I'm, saying: okay, I'm not able to cross-reference here, I, see some words, but where is this this model and then, when you're in it you're in a dialog of six or seven people, group and they're, talking and they're, the networking people are talking about layer, 1, layer, 2, layer, 3 and all these things, and we were like wait a minute. You know. Is it that NSM kind of goes around these things or or what?

C

And it seems to me that sometimes I was thinking. Maybe sometimes some things get lost when we start talking about software data planes and the difference between that and an ASIC and meh my kernel interfaces. These are all things that maybe I'm wrong, but it seems these things are kind of looks like with aid, which you would always say they are virtual, represent it's kind of sometimes when we think about it. Sometimes it's a mistake.

C

We think we made the physical into the virtual now looks a problem if we force that abstraction too much, but it's all layer.

A

One.

C

So there are better ways to you know: some ways are better than others as far as implementing layer one, but then, after that you have layer, 2 which solves or brings up other issues solves other problems, these types of things they need to be addressed and.

B

I.

C

Think we're well, my point is, is that there are certain problems that are addressed at every layer and that's where I, when I'm in different discussions, that's where things get lost with devs devs, don't believe any. There are any problems like so like the spanning tree protocol like a layer, 2, Ethernet type problems. We don't know anything about that, and we don't care about. It must be, it must be done, must be fixed. You don't care about that. We.

B

Only share.

C

About layer 3 after.

B

I'm well like this is a matter of personal opinion. For me, I I think it is ludicrous how much we just still care about layer two and this mutt day and age I you you you can make. You can make a really strong case that the two central sins of networking, the two things that have brought the most mystery to the world- well I, actually put three in. There would be number one.

B

The ridiculous ways that we weld IP to Ethernet right and that we basic kept l2 along I mean it comes down to shared media, was the original sin and that led to all kinds of stupidity and l2, and therefore all kinds of stupidity, the interface between l2 and l3. So sure media is the first in the second sin was having IP addresses identified, both the location used as both identifiers and locators, which means now your identity that the IP layer is tied to location in a way.

B

That's really unhelpful and leads to all kinds of crazy and then the the third sin is tying TCP. Connections to IP addresses the way we currently do. Id I P addresses imports in such a way that they sort of mushed together in a fortunate way that makes the transport layer a little bit screwed up and the good news is the you know. Kubernetes is pure l3, which means it's done away with the shared media myth you know, locator it at a fire.

B

Separation still a little bit of matte of a mess, and then you know when it comes to TCP and its sins. Quickest coming and quick has not made those mistakes, so lots of things are getting better.

C

Yes,.

C

So makes it all make sense the thing so one thing I would say, though, is whenever, and you guys are better at this types of discussion like whenever I'm in some of these conferences and I, couldn't Ted told us to Fred before when there's when there's the discussion with you guys it I can see people don't really ask you certain questions, because.

A

They're.

C

Just like you know in they're, not dag, maybe they don't want to look silly, but when I'm talking with people, one thing that maybe it just it's silly people don't believe they need a software data plane. Mm-Hmm.

B

They.

C

Don't think that they need any data plane. They think that the IP tables Colonel sessions- all right does all of it. We don't care about that. Why do you need any of that? No.

D

I and most of the time they're right.

B

The way I usually describe to trying to explain this to network people right because network people are like. Oh, you know they have to do blah blah blah because of performance and scale, and my response is to turn there are people would say: look that the cloud native people will decide what they want. They will find a tool that solves the problem in the most straightforward way and they will call it good up until the point they hit the wall on scale and performance.

B

So it doesn't argument to try and go in and say, hey but bloody, bloody, bloody blah, lots, more complexity because scale and performance.

B

That's a losing argument, generally speaking and part of why it's losing argument is that, quite honestly, if you're sitting on the other table with the cloud native people at least half the time and probably closer to 80% of the time when someone tries to Buffalo you with that argument, it's you don't care right. So, um where I see the people actually starting to care, is you know when they hit the wall on scale and performance right so table stuff?

B

You know you came in literally 18 months ago and there were lots of people already hitting the wall on that, where it simply did not scale, and so you know they came back. It's like well we'll do this I PDS well, which was a little bit better but still doesn't really scale or perform when you actually get a scale off. So you've got a bunch of people.

B

Who've hit the wall there, and now people are saying what we'll do with EVPs and it'll be interesting to see to what degree that actually scales and performs it'll clearly be better than what we're doing right now with ipbs. But my guess is that once you get a critical mass of people hitting the wall.

C

There and you'll.

B

Have people looking for solutions as well and again, I think this is actually smart, which is you you try and solve your performances best measure to not imagined, but you know it is a. It does make the conversation different than what the network people are used to buying yeah.

A

Right, yeah I think there's there's a few things going on as well. So first I think people are more comfortable talking to you than they are talking to us like with us. They'll say they obviously know what they're doing. There must be something right there, I, don't I, don't really see it, but I don't want to, but but I don't want to look stupid by asking a question, and so that's where our messaging becomes very important to to help with, with with them to understand, like not only like.

A

It's not. The question is not only like. Do you like?

A

How do you do this stuff, but you would do even need it in the first place, like most developers, if they're saying I, don't think I need this, that's perfectly fine and in fact we would encourage them to not use it if they came up to us with so with a is something that looked like a the opposite of a need, and so when it comes to another issue that I think that where we're going to to see is I think we start looking at the two different communities.

A

So if, if you talk to someone like I use a Ian as an example, so you talk to someone like Ian who's, very invest in the telecommunications industry, and you know he's looking for like that that srl B support and how do you maximize that overall performance, it's like you talk to and you talk to the people who are looking for his type of services. There they're gonna, be all about. Let's maximize speed: let's get throughput, you know, while controlling complexity developers, they couldn't care less or they so what they end up doing.

A

Is they end up that? That's part of the reason why we we focus on be on the Sarah. A narrative is that you know and when I talk with the developer and say well, why do I need this and says? Well, usually you don't? But what, if you, but let's say that you had a workflow where you were connecting a pod to a financial BPM, and you know want to expose your entire cluster to it.

A

You want to make sure that that specific workload was the only thing that was able to connect to it because of your business security policies. How would you do it and then, usually by then they they say: oh okay, I see I can see where I would use MSM for that, and so so it really. It really depends on on the on the user where, like they, they know that there's some interesting amazing magic that goes on, but they really don't want to care about it.

A

It's literally, it is the embodiment of the situation and Hitchhiker's Guide to the galaxy and I. Don't think they're wrong about about that, because, even if they knew about the problems that occurred in the telco space, what could they do about it? And so it's it's good for them to be able to focus on their on their specific problems that they have in need and make sure that they build something that can make use of new new improvements going on on the infrastructure, yeah.

C

Okay, so the app developer is one and.

B

They don't care.

C

They just aren't they what we were saying this fourth profile, we're talking about profiles, maybe there's a fourth profile: it's like an infrastructure developer and a data center type person he's setting up the networks and stuff in a larger data center. Let's say a government type data center or something where there's going to be. You have to care about performance at some, so at some level me not a telco but you're you're hitting that you have to be mindful. You just can't set up the infrastructure.

C

However, you want, and they don't seem to be the biggest networking gods oftentimes or they.

B

Could.

C

Be if.

B

You want high performance, then you have to do things right, so they could do just willy-nilly anything and looking for a service carefully designed to keep working. um But you know if they want all kinds of cool tricks, neither physical network could do for them. They may have to do something to expose that via Network Service mash.

A

So I had a fantastic conversation with a person who actually sets up data centers and I found that all of my usual discussions that I typically have with people then did I feel appropriate with with this individual.

A

So when I was describing every service to him, one of the things that I that I realized was that the data center has a couple of problems that they're running into so the first one is the they have no insight into the workloads that are running on top of them, which means that they cannot adjust for the type of workloads that they that they need. So, if you just need standard networking, okay, that's fine!

A

If you want to bring in something that does something special, then they're they're very limited like they can provide something special but they're, very limited in ability to goose or or or express it out, and when they do so, they they end up use then the expressing out API is that are then, are potentially tightly coupled them to that particular family of data centers and so on.

A

So when we were talking about never service, my shows, like you know, well what additional services or things that they provide access to and potentially bundle up as a service. So if you wanted something that that, provided you know, even something is like it could be something at a higher level if we make a VPN or might be something of a lower level.

A

That does something special in their infrastructure to use to do some traffic management or to or to guarantee some type of quality, then being able to to request for those things with in a declarative way with labels and so on. It's something that they could build towards. That would give them a unified interface for requesting those type of those type of things, and so so he was quite excited with the concept of network service mesh from from the purposes of being able to expose out and refine the abilities of the dentist data centers fabric.

B

I've had similar conversations as well.

C

So.

A

But that's a very specific type of infrastructure person. I. Think your average infrastructure person that we're probably gonna run into in the beginning is going to be enterprise infrastructure. So not the data center person, but like the person who runs the the clusters and to be honest, I think the biggest use case we're gonna have for them. In the beginning, it's probably going to be Sara's Sara's use case. You know literally hooking up VPNs from one organization to another and I yeah.

A

It turns out that's a crazy, difficult problem even today, and it's not uncommon for that scenario- to take several months, sometimes up to six months to to establish connectivity Wow. So if you can go and say hey, we can do this. You know once you've signed the paperwork, so you can doesn't fix the legal side entirely, but once once they've signed the paperwork and have agreed to share to share a connection, you know the my hope is that they can. They can set it up in five minutes. That's my that's my hope.

A

You know you're sure you share the key, that's their the secrets and then you used to use load of network service message and say you make me do this thing with these secrets and then you know there. You have a yellow pod loaded that that's or the VM loaded in your in your over structure. Just it just does its thing.

B

So no it's a lot of it is about keeping the world simple.

B

It turns out that there's only really one feature that people are looking for in layer. One and that's things you shopping wouldn't come out the other. Then you go to layer 2. The number exists that people want and what features they want, and the fact that the features conflict with each other gets to be really gnarly.

D

Yeah.

A

And the way that I try to think about it is so also have you heard of the term link-local I am so so what I try to think of is the NS MV wires as we're calling them is trying to keep link local, actually local, between just two connections. So that way and and above that use you can have crowding and so on, but it literally tries to constrain as much as possible the link local to a to a very small, very small domain.

A

That won't work on enterprise developers now for most of them.

C

Well, I have a bunch of things that I was going to try to push into the dock, that Jeffrey is doing and I guess there's the other dock. That is the more I guess on the vendor side. So I guess there's some things there. We should probably I, don't know in the end, merge everything but I'm trying to trying to, as far as on the CI CD side and trying to pull the best practices on over and try to look at some of the things that MSM bring to the table.

C

One of the we have another dog called the out-of-band doc for the best bed and you're saying okay, what all is installed here. That is what we're saying out of man will kind of installed anyway. That is not maybe kubernetes. I've made.

D

So.

C

Outside of right so, um and then say, this is one of the drivers for using the NSM in the testbed. It's because, okay, now we're installing things using helm and getting away from the imperative file scripts for installing and trying to get closer to declarative and these types of things and trying to say: okay. This is property. Icd nicer,.

C

Installation scripts that can be used and orchid within the orchestration for kubernetes and then, if you guys, are talking about with self feeling and everything some of that stuff, it's all wound up together, so trying to pull that in and then the reasoning behind. Why.

C

Why something is even cloud native? You know having things like what you would say, added loosely coupled and other things why you can't have everything all call together, most likely all in one big, BM, three different concerns or, however many and then call it cloud native I. Think that that's maybe some of Jeffrey's concern and I know that.

B

There's a lot to be drawn from the cloud native definition itself right. So you you start, you know the the really top place to start is a mutable infrastructure and I suspect that a hundred percent of everything you're doing for out of and deployment violates that right, miss.

C

Coupling.

B

I'm not sure that 100% everything you're doing for what you call out-of-band violates this coupling boom I guess a lot of it does and then minimal toil. You guys can comment on on how minimal the toy was to.

C

Me.

B

That's right silly right there I'd say: look, you know you guys went in totally eyes open. You wanted to be able to get performance numbers. You make very, very well reasoned choices around the out of bounced off, but that can't be the way the world works in the in the limit of actual appointments. Yeah.

C

Yeah, the Numa Numa zone, struggling CPU, pinning that's all gonna, be like with the immutable infrastructure. That's gonna, be all probably out of there and trying to talk about how we're gonna, bring it in scope and make it natives. It's gonna, be part of the discussion, so.

C

But yeah all that stuff I want to somehow circulate back into. It seems like some piece that could be for NSM talking about how you bring things. If we use that language in band out of man and we decide to keep their language bringing things more making them more cloud native I mean.

B

Which is you have the non cloud native things you're doing you're doing.

B

Yeah.

C

I know.

A

That praise that've, been yeah I think. The reason why Dan prefers those terms is that for certain for certain communities and people, those are those are fighting words like what do you mean what I'm doing is like? They know.

B

I community that are very attached to doing non cloud native things and don't like it being point lock.

A

Which, which is part of the reason that we're that we're looking at using the term bronze, then.

B

Perhaps too shiny and durable of metal, but yes, I trust, dense wisdom in this regard, but I I, nothing, nothing that you do to massage. The term has changed as the facts. They're significant sees, who desperately want to go to market as vendors with their utterly.

C

Non-Cognitive.

B

Solutions and show them at customers who are SPS and desperately want people to stop pointing out how non-cognitive they are.

C

Yeah, so my goal is to not something it's really to say. This is what it means, and here the argument, if you're not doing these things, then you're, not cloud native but I'm not going to on cloud maybe and for CIT D. These are the goals for it to be cloud native, so it can be orchestrated on things. Otherwise, I don't get the benefit.

A

Actually, instead of bronze CNF like perhaps the browser needs to be a term towards has I mean the entire concept on that stuff quotes to provide a progression so as a first is to provide a progression. So if you're trying to become a best practices on native network function, here's a here's, a reasonable path that things you can do to move up the to move up the chain. The second thing is: is risk mitigation for the operators, because your risk profiles will look very different than you take up a bronze CNF.

A

Our main goal, see enough and so I think I. Think that's part of what's been end up happening is my hope is that what happens? Is that the operators? They they don't look at it as a rubber stamping of a CNF where you just had to lift and shift things that require privilege and stick it in a container and instead look at it as an a well.

A

We are risk profile is, we will only accept golde CNS and we will review on a case-by-case basis, bronze and silver based upon and based upon, availability in the market and need and so on. And so so. My hope is to provide.

B

Them with a breakthrough pointing out some of the other entertaining monikers that have been suggested to replace bronze. Yes,.

A

I just say they were, they were not. They were not friendly.

C

So I have.

A

Yeah, but keep I keep telling us to me when you hear things that you know where people are are unwilling or unable to tell us like this. This is very. This is very useful as well. Yeah.

C

Yeah, my the rule of thumb, I'm saying, is: if I hear something you know 50 times, they'll make a video explaining things have been changing a lot lately, but we keep saying things over and over then you know we can deal five three five minute. Video on I was hoping this glossary or something along these lines. It's you know we keep using this terminology, then that might be it so see.

A

Ya, to per phrase the Department of Homeland Security. If you see something say something.

A

It is very useful like it's it, it helps us work out if we get the messaging right and helps us work out where we need to where we need to improve and- and it also helps us work out where, where we are getting things wrong.

A

So sometimes the questions due to the lack of understanding, but because there is understanding there and and they write to define a problem.

B

Awesome so shall we do anything else to be discussed in this call I.

A

Don't think so I think I think it's pretty much. Okay, all.

C

Right cool.

B

She.

D

Got it next week, thank you, okay, thank you.
youtube image
From YouTube: Network Service Mesh Meeting - 2019-06-26

Description

Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io

Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects