►
From YouTube: Istio Community Meeting 20191003
Description
B
Well,
sorry,
folks,
it's
being
a
while,
since
I've
actually
been
able
to
come
to
one
of
these
community
meetings,
so
you're
just
gonna
have
to
tolerate
me
stumbling
through
and
your
agenda
or
questions
but
kind
of
given
that
I'm
on
the
steering
committee
and
on
the
TOC.
You
know
it
might
be
a
good
opportunity.
If
people
have
questions
about
you
know
what
what
those
different
groups
do.
What
issues
you
know
we're
dealing
with.
You
know
the
TOC.
We
try
to
deal
with
kind
of
the
higher
level
roadmap
helping
prioritize.
B
You
know
what
goes
into
specific
releases
kind
of
providing
a
framework,
the
other
working
groups
to
be
effective
and
then
a
steering
committee,
which
chase
also
participates
on
right.
We
deal
with
some
of
the
other
kind
of
for
one
of
a
better
term:
the
business
side
of
learning
the
project,
marketing
community
event
management,
you
know
or
other
kinds
of
pressing
issues
that
don't
really
have
a
technical
solution.
Now
they
kind
of
get
handed
over
to
the
steering
committee.
A
B
B
A
B
D
Right
that
sounds
good
okay,
so
the
first
thing
I
was
I,
wanted
to
talk
about.
We
added
some
capabilities
for
external
service
telemetry
in
one
three
and
one
three
one.
So
if
someone
can
click
on
that
link,
it
takes
you
to
the
blog,
that
is
on
steels,
it's
dot
IO
website,
and
that
blog
explains
how
you
can
use
these
capabilities
to
understand.
Whatever
external
services
you
are
accessing.
So
previously
there
were
gaps
in
our
telemetry
where,
if
external
service
was
blocked,
we
used
to
not
get
any
telemetry.
D
D
So
if
someone
wants
to
provide
feedback
to
me
or
the
policies
and
telemetry
workgroup
I
would
really
like
to
improve
this,
and
we
want
to
explore
ideas
on
how
to
make
it
even
better,
because
having
visibility
into
your
external
service
is
one
of
the
key
benefits
you
can
get
out
of
SEO
and
it's
really
important
to
understand
it.
From
a
security
point
of
view,
so
that's
it
if
anyone
have
and
it
has
any
questions.
I
am
happy
to
answer.
E
E
E
D
E
D
E
D
Does
is
that
this
gives
you
if
you
have
blocked
all
traffic
and
you're
still
trying
to
access
something,
but
it
is
getting
dropped
or
you're
getting
a
5-4.
You
will
get
telemetry,
so
you
can
add
alerts
and
then
say.
Is
this
a
security
violation
or
is
there
service
entry?
We
are
missing,
so
you
can
do
more
incremental
approach.
You
can
take
a
more
incremental
approach
with
the
new
telemetry
I
got
it.
Thank.
E
B
Yeah
I
mean
we
added
some
features
in
the
past
couple
releases,
particularly
the
the
traffic
sniffing
stuff.
That's
you
know
was
you
know
a
prototype
of
it
went
into
1.3
and
we
expect
a
full
asia
to
1.4
right.
That
allows
us
to
do
a
better
job
of
classifying
traffic
that
really
wasn't
being
classified
before
right,
because
there
wasn't
enough
information
in
what
the
communities
api's
were
saying
about
the
traffic,
so
we
could
attacked
whether
it
was
HTTP
or
not.
B
What
host
was
it
going
to
write
and
you
could
start
to
apply
policies
to
it,
and
that
would
be
true
whether
it
was
direct
from
the
sidecar
or
out
through
an
egress
proxy
right,
and
it
wouldn't
just
look
like
plain
TCP
and
all
that
you
would
know
about
it
was
the
IP
address.
I
told
the
goal
with
telemetry
in
general
is
to
make
sure
that
we
can
kind
of,
even
if
there
aren't
declarations
within
you
know.
The
combination
of
these
two
API
is
in
the
kubernetes.
B
D
Yeah-
and
that
makes
sense
and
just
to
add
on
that
note,
we
are
trying
to
add
some
more
visibility
into
traffic
failures.
When
you
have
failures
related
related
to
M,
TLS
errors,
that's
another
gap.
We
have
in
the
current
elementary
where,
if
you
have
incompatible
MPLS
on
the
server
on
that
line
or
if
there
are
failures
related
to
certificates
being
out
of
date,
for
example,
so
I
don't
know
if
we'll
get
it
in
one
for
but
hopefully
one
five.
D
G
H
I
Yummy
can
hear
you
fine
Archie.
Alright,
no
I
was
just
gonna
say
thank
you
to
nourish
and
to
Lee
the
guys
from
their
five
in
Aspen
mesh,
who
were
emotional,
helping
us
to
organize
deaf
Fest,
and
we
had
an
Easter
workshop,
which
was
pretty
popular
choice.
We
had
three
tracks
and
was
over
three
people
who
was
attending
the
workshop
and
Arash
get.
I
It
was
a
very
interesting
overview
of
what
developers
my
developers
should
use
these
geoserver
smash,
which
was
one
of
the
most
popular
talks
as
well
at
the
conference,
so
trying
to
spread
spread
around
East.
You
know
around
the
Canadian
community,
I
think
went
very
successfully
and
thanks
for
than
sending
some
swag
with
James
as
well
I
think
people
were
very
happy
to
learn
about
those
things.
I
J
J
I
J
Thanks
for
the
invitation
by
the
way,
Archie
sorry,
we
couldn't
go.
One
thing
we
we
should
use.
People
should
feel
comfortable
using
this
meeting
as
a
platform
for
is
kind
of
a
call
for
our
presentations.
If
you're
planning
an
event
then
feel
free
to
advertise.
It
here,
I
see
Christian
posters
on
here,
Megan
was
on
here
before
I
have
certainly
spoken
at
events
before
and
and
so
this
is
a
good
place
if
you're
trying
to
get
some
content
rate
I
see
regs
if
you're
trying
to
get
some
content
for
an
event.
J
J
J
I
I
The
reason
is,
we
didn't
get
everybody
in
there
because
there
were
so
many
options
and
people
when
I
go
to
the
tracks
to
see
the
talks
and
the
workshop
was
like
more
than
half
a
day.
So
I
think
it
was
a
hard
choice
for
everybody,
but
the
people
who,
when
they
they
had
good
feedback,
learned
a
lot
despite
some
challenges
with
the
environments
because
they
were
running
on
the
laptops,
so
something
could
improve
for
the
next
one.
K
J
The
Mountain
Time
Zone
nice,
hey
Megan,
did
you
see
a
range
I
know
when
we
had
to
meet
up
in
New
York,
we
had
a
range
of
of
kind
of
knowledge
of
ISTE
Oh
from
you
know,
barely
heard
of
it
trying
to
figure
out
what
it's
about.
Yes,
we're
in
the
middle
of
an
implementation.
Did
you
see
the
same
thing
at
the
fest
in
Albany?
J
K
Was
a
lot
of
I
have
never
heard
of
sto
and
I?
Don't
use
kubernetes
and
so
I
was
sort
of
anticipating
that
it
was
a
lot
of
like
UX
folks,
front-end
developers
of
different
industries
like
the
trucking
industry
was
represented,
I
think
manufacturing,
and
so
it
was
trying
to
approach
a
CEO
from
and
its
value
proposition
from
a
ok.
You
know
services,
containers
and
sort
of
work
our
way
up,
but
they
were
super
excited.
J
D
D
Something
about
the
crowd
knowledge
base
for
the
Deaf
West
Montreal,
so
it
was
really
interesting
because
there
were
few
folks
at
least
two
of
them
who
had
been
using
sto
in
their
new
production
environment
for
a
while
I
think
it
was
Sebastian
from
Toyota,
which
was
very
interesting.
They
have
been
I've,
been
interacting
with
them
through
issues.
I
just
never
knew
that
the
he
was
there.
They
went,
but
at
the
same
time
they
were.
D
I
I
H
I
talked
about
this
before,
but
I
wasn't
able
to
produce
a
link
for
it
because
it
wasn't
posted
on
the
schedule
yet,
but
it's
it's
meant
to
be
like
intro
to
hto
workshop.
So
if
you
have
co-workers
going
from
your
company
that-
but
you
haven't
played
with
this
to
you
as
much
this
might
be
a
good
place
for
them
to
you
know,
get
hands-on
experience
with
us.
I
think
that's
about
all
I
have
to
say
about
it.
J
E
E
The
theme
of
the
various
talks
I'm
going
to
try
to
do
every
every
quarter
or
so
and
a
few
weeks
after
an
sto
release
is
using
sto
in
production
or
use
cases
of
those
folks
that
we
know
that
would
use
you
know
in
in
production
and
then
also
giving
a
overview
of
some
of
the
new
releases
for
that
particular
quarter.
In
this
case,
we're
going
to
be
looking
at
is
Co
ingress.
So
last
last
time
we
did
it
back
in
jail
and
of
July.
J
J
In
the
in
the
meeting
notes
for
right
now,
Megan
is
actually
answering
a
question
that
occurred.
I
think
this
is
the
first
time
I've
seen
the
meeting
agenda
used
as
a
as
a
method
for
asking
questions.
I
will
remind
everybody,
we
do
have
slack
and
we
do
have
good
participation
on
slack
one
of
I
think
it
was
you.
One
of
the
engineers
recently
said.
Have
you
checked
in
there
and
looked
at
the
general
there's
a
lot
of
things
that
are
going
on?
There's
a
lot
there's
a
lot.
There
are
a
lot
of.
J
There
are
a
lot
of
questions,
but
yeah
you
can
always
use
the
meeting
agenda
as
well.
Speaking
of
things
that
have
been
announced,
there
will
be
a
release
next
week
coming.
It
is
security,
related
I,
think
Tuesday
is
the
day
it
is
coming
out
you'll
it's.
We
can't
talk
about
details
until
it
comes
out,
but
if
you
are
running
in
production
and
care
about
things
like
that,
you
should
plan
on
a
new
one,
three,
a
new
one,
two
and
a
new
one,
one
being
released
on
Tuesday.
B
D
B
Any
so
I
guess
we're
now
at
the
kind
of
general
Q&A
section.
Although
the
Q&A
is
happening
inside
the
dog.
B
But
if
people
want
to
ask
questions
in
live
near
real-time
video
form,
depending
on
how
well
zoom,
is
doing
I'm
happy
to
take
questions
or
hand
questions
helped
other
people
who
work
full
of
ions
for
them
than
I
am.
But
you
know,
I
can
talk
about
the
TOC
I
can
talk
about
the
steering
committee.
I
can
talk
about
the
roadmap
and
whatever
people
want
to
talk
about
you.
C
Yeah,
this
really
was
I'm
trying
to
play
around
with
the
still
an
existing
classroom,
so
the
trustor
doesn't
have
this
field
so
that
the
goal
is
to
enable
MPLS
across
multiple
services
in
existing
cluster,
so
I
thought
of
two
strategies,
one
getting
the
steel
installed.
First
and
all
these
services
exist
in
one
specific
namespace,
either
I
can
create
another
namespace
apply.
These
services
enable
automatic
cycler
injection
for
that
namespace
and
redirect
the
traffic
to
the
newer
main
space
services.
That's
one
strategy,
I
have
otherwise.
C
What
I
can
probably
do
is
do
a
manual
injection
the
existing
service
definitions
that
way
it
would
take
down
the
existing
services
and
inject
the
say
sidecars
inside
the
newer
parts
which
are
coming
up
and
then
I
can
apply
the
auto
sidecar
on
the
namespace.
For
this
way
it
keeps
a
intact
and
I'm
I
want
to
hear
from
people
who
have
done
it
in
the
past,
which
would
be
a
better
approach
and
also
I
want
to
know.
B
C
B
You
know
there's
two
types
of
deployments
where
they
can't
either
spin
up
a
new,
namespace
or
spin
up
a
new
replica
of
the
entire
kind
of
graph
of
services
that
they're
trying
to
do
this
transition
with,
and
so
they
have
to
do
things
incrementally
in
place
and
then
there's
a
kind
of
very
specific
set
of
recommendations.
For
that
you
know,
if
you
don't
care
about
doing
any
of
that
right,
then
you
could
just
kind
of
clone
everything
enable
automatic,
sidecar
injection
and
turn
on
strict
MTA
lists
right,
because
you're
not
doing
any
law.
B
I
have
traffic
transitions
between
services
that
have
side,
cars
and
services
that
work
not
work,
those
that
don't
and
so
that
only
one
of
those
kind
of
intermediate
states
that
you
would
care
about.
So
that's
a
much
simpler
kind
of
setup
right
you,
it's
like
I,
have
a
new
cluster.
The
first
thing
I
do
is
install
this.
Do
I
turn
on
strict
MT,
LS
and
I
just
deploy
things
into
it
and
then
I
just
make
sure
that
they
work
and
there's
telemetry
to
show
you
when
M
TLS
is
enabled
for
traffic
between
workloads.
B
I
B
You
know
if
you're
trying
to
do
this
live
in
production,
and
you
can't
you
know
you
have
to
do
this
with
a
cluster
and
workloads
that
are
effectively
pets.
Then
there's
a
a
more
complex
transformation
that
you
have
to
go
through
a
number
of
steps,
we're
actually
working
on
trying
to
automate
that
sequence
for
you
and
there's
a
reasonable
chance
of
that
feature.
B
Would
ship
in
1.4,
where
we
would
just
kind
of
automatically
for
any
traffic
converted
up
into
m
TLS
when
we
could
detect
that
we
can
all
right
and
the
goal
there
is
to
be
able
to
kind
of
install
into
an
existing
cluster
and
get
that
cluster.
To
the
point
where
you
know
90
to
99
percent
of
traffic
is
M
TLS,
and
then
you
can
kind
of
diagnose.
Why
that
one
percent
hasn't
made
the
transition
yet
and
then
maybe
make
some
adjustments
to
enable
that
last
1%
and
then
go
kind
of
flip.
B
J
Add
there
is
you're
you're
doing
the
right
thing
by
by
doing
this
in
staging
first
and
that's
not
obvious,
or
there
are
certainly
people
who
don't
have
a
good
staging
environment
where
they
can
test
these
things
out
best
practice
would
say.
Not
only
do
you
test
it
out,
but
in
staging
attempt
to
roll
it
out
the
way
you
will
roll
it
out
production.
So
if
you
want
to
test
first,
you
know
and
just
to
make
sure
it
words.
C
That's
exactly
how
I
say
redundant
code,
but
what
I
did
is
like
I've
got
a
set
of
scripts
da
Christ,
so
it
takes
the
subscription
details
right,
I'm,
trying
it
out
on
Azure
aks
and
what
I'm
trying
to
do
is
like
get
all
the
parameters
and
first
stage
one
or
phase
one
I'm,
just
getting
the
east.
You
install
then
next
phase,
I'm,
just
getting
me
say,
sidecar
enabled
on
the
namespace
and
then
going
from
there.
So
it
is
like
a
stage
approach
which
I'm
taking
here.
B
B
F
Is
we
sent
you
here?
I
have
a
staging
environment,
exam
desk
and
I'm
playing
with
the
locality
low
balancing.
So
what
I've
done
is
basically
I
have
three
notes
in
three
different
zones
and
I've
put
two
deployments
in
kubernetes
that
spans
service
a
and
service
B
I've
made
sure
that
the
global
flag
on
Easter
1.3
is
enabled
for
the
locally
load.
F
Balancing
I
also
made
sure
that
I've
set
up
an
outlier
detection
for
the
service
B,
which
is
the
endpoint
that
service
a
is
calling,
but
I
just
get
a
round
robin
load
balance
and
no
matter
what
I
try
to
do
so.
I'm,
not
really
sure.
If
I'm
missing
some
piece
of
the
configuration
or
eventually
the
locality,
low,
bouncing
only
works
when
it's
coming
from
an
ingress
gateway.
So
I
might
be
missing
something
no.
B
F
No
existed
an
experience
that
I
get
when
I'm
doing
like
curls
from
service.
Oh
I,
see
like
round
robin,
but
I've
tried
to
dump
the
config.
I
could
see
like
way
being
all
one,
but
I
could
not
get
anything
explicitly
saying
that
I
was
completed.
That
envoy
was
configured
to
do
the
locality
load
balancing
when.
F
L
B
H
B
The
the
user
lounge
channel
on
slack,
which
were
you
know,
kind
of
pointing
to
for
people
like
you,
have
support
questions
like
I'm
trying
to
do
XYZ
and
just
that's
the
right
place
to
go
and
kind
of
get
those
questions
answered
or
obviously
discuss.
If
you
don't
mind
sitting
around
for
people
to
respond
to
emails,
you
know
in
between
their
coffee
and
lunch
breaks,
etc.
B
B
So
that's
what
you
probably
are
observing
right
now,
if
you're
saying
well,
if
you're
not
seeing
that
then
you're,
probably
just
getting
round-robin
across
all
the
invites
like
you
described,
and
we
can
usually
tell
if
you
give
us
an
envoy
config
done,
we
can
usually
tell
if
that's
precisely
what
you're
getting
and
then
we
can
kind
of
work
backwards
from
that
up
into
the
sto
APs
and
it
sounds
like
you
might
be
missing.
A
setting
on
the
destination
rule
right
now,
right.
B
Thanks
for
trying
out
the
by
the
way,
all
right
there's,
you
know,
we've
had
feedback
from
a
moderate
number
of
people
about
it.
There
are
certainly
being
some
big
customers
who
or
they're,
either
very
dependent
on
this
feature
working,
but
we
want
to
make
sure
that
everybody
can
adopt
it
because
it's
it's
quite
a
powerful
feature.
Yeah.
F
We're
very
interested
in
lowering
the
latency,
but
I
was
lowering
the
cost
to
enter
AZ
cost.
So
it's
a
good
trade-off.
You
when
you
introduce
a
sidecar.
You
know
you
have
some
additional
latency,
but
you
can
get
battled
back
if
you
keep
your
your
traffic
within
the
same
zone,
so
yeah.
Well!
No,
it's
a
good
point.
Are
you?
Are
you
already
using?
Is
geo
AB,
not
in
production,
so
we're
close
to
that
we
we're
thinking
on
launching
our
first
services,
we're
gonna
start
with
no
critical
services
around
end
of
q4.
B
No
no
makes
sense.
Yeah
we've
certainly
heard
people
say
that
being
able
to
manage
their
kind
of
cross
region.
Transit
cuff,
is
a
big
reason.
They
want
to
use
this
feature,
but
the
more
typical
use
cases
want
to
keep
you
know.
Layton
sees
median
Layton
sees
down
all
right.
Obviously
you
know
when
you
start
talking
about
higher
percentile
agencies,
then
you
know
you
do
end
up
starting
to
hit
cross
region
traffic,
sometimes
depending
on
service
availability.
J
B
G
J
B
Everyone
thanks
for
thanks
for
stopping
by,
and
you
know,
hope
they'll
get
to
come
to
a
few
more
of
these
yeah
catch
you
next
time
thanks.
Everybody.