►
From YouTube: Ambient Mesh WG Meeting 2023 03 08
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
Whose
topics
is
number
one,
okay,
I
put
it
on
the
agenda.
I
think
it
is
here.
Let
me
see,
do
we
have
a
dinta
so
basically
a.
B
A
Opened
up
here
about
some
of
the
initial
work
he's
doing
to
add
part
of
the
VM
support,
so
I
want
to
kind
of
discuss
this
because
there
is
there's
no
design
talk,
I
kind
of
want
to
understand.
You
know
what's
the
direction
for
this
other
than
what's
out
there.
C
A
B
D
C
Yeah
so
I
think,
like
a
teacher's
PR,
pretty
much
just
allows
us
to
include
workload
entries
in
WDS,
so
we
can
send
traffic
to
VMS.
Even
if,
let's
say
they
were
like
not
like
Z
tunnel,
basically
VMS
and
they're,
just
sidecars
or
just
arbitrary
things
that
just
had
no
proxy
on
them.
We
should
still
be
able
to
like
include
them
in
our
load
balancing
like,
but
as
far
as
how
we
actually
make
the
Z
tunnel
work
properly
outside
of
like
a
node
proxy
context.
D
E
E
E
F
But
today
you
know
if
you
have
the
proper
label
on
the
workload
the
entry
as
far
as
I
know,
it
does
route
the
request
to
the
workload
entry
without
a
problem
it's
just
not
receiving
and
what
you
have
to
to
handle
the
request.
E
G
A
So
does
it
make
sense,
then,
to
maybe
have
a
design
doc
to
kind
of
cover
this
for
VM
and
potentially
for
service,
and
also
some
of
us
are
also
using
workout
entry
for
Modi
cluster,
which
is
I,
I
kind
of
want
to
look
at
this
from
a
holistic
perspective
was
just
focus
on
one
scenario.
F
A
F
A
F
G
A
A
C
Yeah
I'm
working
on
kind
of
just
trying
to
force
it
to
work
without
writing
any
code
and
then
I
mean
I've
already
seen.
Other
people
make
some
PR's
to
fix
a
few
of
the
issues
that
we
would
kind
of
naturally
run
into.
But
I
guess,
like
the
questions
are:
how
do
we
want
to
do
interception
and
install,
and
we
can
probably
piggyback
specifically
for
VMS
and
serverless?
C
F
So
I
did
a
bit
of
work
on
on
serverless
and
we're
using
not
the
tunnel
but
the
Go
version
of
Z
tunnel
in
the
past
and
and
it's
been
working
relatively
well
but
I
I
think
this
Italian
is
a
few
small
changes
to
to
work
again.
I
I've
been
doing
it
and
go
but
I'm
happy
to
to
help,
at
least
on
the
serverless
side.
It's
something
I'm
actively
working
on.
C
F
Proxles
grpc
proxles
history
of
analysis,
projects,
I,
don't
know
who
wrote
it,
but
that
supports
process
for
TCP
and
https
also
is.
C
Cool
okay
I
mean
yeah
I'll,
follow
up
with
the
design
dog,
hopefully
in
the
next
week
or
two.
F
So
let
me
get
started
is
a
problem.
We
we
I
have
as
a
main
concern.
I
have
is
that,
in
order
for
ambient
to
be
on
by
default
as
we
want,
we
cannot
change
behaviors
for
existing
kubernetes
applications.
So
if
you
have
a
kubernetes
application
running
in
a
cluster
and
you
deploy
ambient,
nothing
should
change
in
the
kubernetes
application,
except
that
you
get
security
and
Telemetry
and
whatever
zidane
is
doing.
F
There
is
a
class
of
kubernetes
applications
that
we
found
out
that
actually
do
break
when
we
are
the
sidecar,
because
the
requests
for
a
service
X
instead
of
staying
locally
in
the
cluster,
where
you
may
have
state-
or
you
may
have
all
kind
of
other
things,
they
suddenly
start
going
cross-region
and
going
to
other
clusters
where
they
will
fail,
because
the
other
cluster
will
not
actually
have
the
same
state
and
will
not
be
able
to
perform.
The
request
and
Nate
I
believe
added
several
options
in
mesh
config
to
deal
with
those
applications
as
opt
out.
F
So
an
application
that
fails
when
it's
spread
across
clusters
will
be
excluded
to
some
mesh
config
and
you
the
typical
process
and
that
works
for
for
today,
pspo,
but
with
ambient.
It
do
not
work
because
you
don't
know
when
you,
when
the
admin
installs
ambient,
you
will
not
know
what
is
other
applications
that
are
currently
running
or
the
user
will
deploy
later.
If
they
are
in
this
cut,
it's
not
a
very
frequent
category,
but
it
exists
and
it
breaks
users.
F
So
my
proposal
is
to
turn
to
change
the
default
in
ambient
for
clusterable
local
to
be
local
cluster,
as
the
name
implies,
and
instead
use
an
option.
An
opt-in
to
have
the
request,
go
to
multiple
clusters
and
I'm
sure
we'll
have
discussions
about
how
exactly
we
we
express
this.
This
option
that
Services
Global,
instead
of
being
local.
My
initial
proposal
is
to
use
service
import,
which
is
the
API
defined
by
by
the
MCS
working
group,
and
also
included
by
comma
API
and
the
Gateway
API.
F
But
there
are
other
options
as
well:
I'm,
not
so
concerned
about
something
I'm
concerned
about
the
bike
sharing
on
how
exactly
we
express
it.
My
primary
concern
is
the
the
semantic
of
cluster
local
by
default,
so
we
have
on
by
default
ambient
mates.
You
probably
know
more
than
I
do
about
this
subject.
Thanks.
D
For
taking
this
on
because
the
whole
topic
is
very
yucky,
so
I
just
want
to
say
like
it
is
a
little
bit
more
complicated
because
it's
not
just
a
matter
of
it
being
local
or
global,
because
you
can,
you
can
literally
have
so
so
so.
Service
export
is
cluster
by
cluster.
So
you
can
have
the
service
exported
in
some
clusters
and
not
others,
so
it's
actually
really
complicated.
So
if
you,
if
you
really
want
to
guarantee
that
the
behavior
doesn't
change,
we
we
actually
have
to
support
that
kind
of
you
know.
D
F
So
Nathan
I'm
I'm
I,
prefer
simple
things:
I'm,
not
I'm,
trying
to
avoid
all
complicated
things,
because
my
heart
had
Hearts.
F
F
D
F
D
F
If
you
want
to
use
service
entry,
for
example,
you
have
example.com
with
a
label
selector,
because
you
want
to
bring
your
own
domains
and
it's
not
clusters
local.
So
we
may
need
a
way
to
express
that
some
services
that
are
not
cluster
said
local,
because
that's
a
different
specs
that
we
need
to
support.
For
the
same
reason,
I
mean
it's
not
if
someone
is
using.
C
F
D
I
mean:
could
it
really
could
it
just
effectively
be
some
sort
of
detection
mechanism
to
determine
whether
it's
an
MCs
environment
right
like
if
we,
if
we
detect
that
there's
a
service,
export
or
import
anywhere
in
the
mesh,
then
we're
in
MCS
mode
or
something
you
know
and-
and
you
know,
I
I
I
do
agree
that
cluster
local,
but
in
ambient
should
just
be
cluster
local.
We
that
up
in
in
istio-
and
we
should
fix
that.
F
So,
let's
focus
on
one
problem
at
a
time:
let's,
let's
fix
the
the
cluster
local
in
in
as
soon
as
possible.
So
without
the
end
of
ship
with
that
with-
and
my
I
mean
I'm
again,
I
agree
that
that
MCS
is
probably
the
right
solution.
We
definitely
need
to
support
it.
For
the
same
reason,
we
could
have
a
small
label
annotation
for
service
or
some
other
kind
of
quick
solution
to
preserve
the
current
behavior
and
compatibility
for
users
which.
D
F
Mesh,
config,
and,
and
and
and
all
that,
but
but
I,
was
thinking
to
put
a
label
on
on
service
over
short
term,
okay,
to
unblock
people
who
want
to
test
multi-class
services
three
and
start
the
discussion
or
what
is
the
proper
API,
because
there
is
discussion
in
gamma
and
Gateway
apis
as
well
about
using
cluster
I
mean
MCS
that
discussion
about
changing
MCS.
There
are
kind
of
other
things
that
we
can
improve:
the
API
around
expressing
cluster
Global
yeah.
D
I
I,
you
know
I
I'm,
I'm
tempted
to
well
I,
guess:
I!
Guess
we
can't
right.
I
I
was
I
was
going
to
say
like
in
istio.
It
was
actually
a
lot
easier
because
we
had
the
end
points
at
the
at
the
proxy
at
that
Sidecar
right.
If
you've
got
the
endpoints,
then
the
control
plane
just
has
to
limit
what
endpoints
you
see
right.
Yes,.
F
For
to
implement
the
cluster
locally
super
easy
I
mean
it's
basically
just
you
know
picky
at
the
discovery
service
for
Z
tunnel
and
for
waypoints.
We
just
need
to
return
the
cluster.
B
F
D
F
G
And
I
just
wanted
to
summarize
so
just
to
make
sure
I'm
I'm
on
the
same
page
that
there's
kind
of
General
agreement
that
in
ambient
at
least
we
should
fix
the
cluster
local
problem
yeah
and
be
more
like
how
kubernetes
does
it
there's
General
agreement,
at
least
between
Nathan
and
coffin,
that
there
should
be
some
ability
to
configure
this
for
customers,
users
kind
of
migrating
from
traditional
SDM
mode
to
this
new
mode,
and
the
next
step
is
for
costs
and
to
kind
of
write
up
a
specific
proposal
of
how
to
do
that
configuration
is
that
did
I.
F
I'm
happy
to
write
a
proposal
to
make
cluster
local
local
and
to
do
this
as
a
simple
stuff
piece,
but
the
whole
biking,
MCS
and
other
things.
I
just
want
a
quick
get
out
of
jail
card
them
into
to
get
us
something,
what's
the
entire
full
API
and
how
integrate
with
with
the
rest
proposals
that
you
know,
other
people
may.
G
E
Yeah
I
just
wanted
to
clarify.
We
said
this
is
the
behavior
for
ambient.
But
what
do
we
mean
by
that?
Do
we
mean
that
when
you
turn
on
the
ambient
profile,
it
affects
sidecar's,
waypoints
and
Z
tunnels?
It
affects
waypoints
and
Z
tunnels
or
just
Z
tunnel
I.
E
F
Means
for
sure
I
don't
think
for
the
like
I
mentioned
in
previous
meeting
I,
don't
think
we
can
afford
to
touch
Backward
Compatible,
make
recording
compatible
changes
in
sidecar
mode,
so
sidecars
will
keep
using
what
they're
using
because
it
will
be
a
disaster
for
users
to
to
have
this
Behavior
change.
It
will
prevent
people
from
testing
Ambience
side
by
side,
because
then
they
will
have
so
I
would
leave
sidecars
alone
that
my.
If
someone
wants
to
tackle
that
absolutely
that's.
You
know
a
wonderful
thing
to
spend
the
next
few
years
on,
but
I.
E
F
And
Gateway
is
actually
an
interesting
program,
not
with
waypoints.
You
know
is
that
clearly
waypoints
we
can
make
cluster
local
Behavior
as
we
want,
but
for
gateways
probably
will
need
to
wait
to
indicate
if
the
Gateway
is
in
the
ambient
world
or
it's
a
Gateway
since
East
your
world
and
I.
Think
for
that
using
the
the
how
it
is
created,
I
mean
if
we
use
a
new
mechanism
of
creation
of
the
flag
or
some
other
option
or
Gateway
class
will
be
probably
so
leaves
all
gateways
alone.
G
Is
it
going
to
be
awkward
if,
let's
say
it's
three
years
from
now,
ambient
is
the
most
popular
way
of
running
istio
I've
got
a
cluster
I've
started
off
with
Ambien
I've
got
one
workload
that,
for
whatever
reason,
needs
a
sidecar,
and
the
behavior
of
cluster.local
is
totally
different
for
that
sidecar
like
in
the
long
term,
we
want
to
have
different
behavior
for
sidecars,
no.
E
D
Yeah,
okay,
so
so
I
would
just
ask
that,
like
cost
in
in
this
first
talk
that
we
we
capture
all
the
problems,
even
though
we're
not
going
to
solve
them
all
now,
just
just
to
kind
of
like
get
the
landscape.
B
F
Yeah
I,
don't
know
I
I,
don't
disagree.
My
point
was
really
that
it's
eventually
so
we
need
to
solve
the
cluster
local
from
being
now
and
start
iterating
on
on
how
we
can
migrate
users.
So
we
can
introduce
it
to
sidecar,
no
I'm,
not
saying
no,
no,
don't
need,
but
just
don't
couple
it
and
say
we
need
the
solutions
that
solve
all
the
problems
at
once.
Just
do
step
by
step
and
starting
with
the
steps
where
we
already
have
breaking
changes
and
users
expected
yeah.
D
There's
there's
one
other
small
thing
to
consider.
If
you
may
remember
that
MCS
assumes
for
backer
compatibility
reasons,
MCS
assumes
that
not
specifying
the
domain
clustered
at
a
local.
So
you
know
service
dot.
Namespace
alone
goes
to
cluster.local
yeah,
that's
probably
not
what
we
want
in
a
service
mesh,
but
that
that
should
probably
be
an
optional
thing
as
well.
We
should
we
should
consider
like
what
to
do.
For
you
know.
You
know
when,
when
no
domain
name
is
specified
by
default,
John.
E
I
I
agree,
but
I'm
not
sure
that
should
be
just
the
not
fully
qualified
name,
because
I
think
people
treat
the
full
name
and
the
short
name
interchangeably,
but
I
do
think
that
MCS
has
a
gap
that
the
actual
application
picks,
whether
they're,
multi-cluster
or
not,
which
is
kind
of
bizarre.
Like
the
person
you
should
pick,
is
admin
and
or
the
service
owner,
and
maybe
the
client
has
an
override,
so
I
feel
like
we
probably
do
want
some
mechanism
to
have
a
change
but
I'm
not
sure.
D
Yeah
yeah
I
I
I
tried
pushing
Jeremy
a
while
back,
didn't
get
a
lot
of
traction.
I,
don't
know
who
owns
NCS
these
days,
but
I
don't
know
if
you
guys
want
to
try
restarting
that
conversation
on
the
kubernetes
side,
but
I
think
I
think
it
would
be
good
to
get
kubernetes
on
board
with
you
know
that
being
configurable.
F
Last
become
a
meeting
yesterday,
I
don't
know
Jennifer,
so
there
was
a
presentation
from
the
MCS
guys
and
they
want
to
harmonize
MTS
with
gamma
and
Gateway
robot
with
the
proposal.
So
I
think
they
are
open
to
make
some
changes
and
can
improve
once
as
necessary.
F
D
Just
want
to
thank
Carson
for
taking
over
MCS,
because
you
know
that
was
that
was
not
great.