►
From YouTube: Istio Networking WG meeting 2019-04-25
Description
Discuss multi all-the-things (multi-cluster, multi-networks, multi-meshes).
A
These
two
networking
community
meeting
today
we
will
have
a
few
follow-ups
on
previous
topics,
notably
the
proposed
names
for
the
multi
cluster
implementation.
I.
Also,
like
body
mist
with
us
a
bit
later,
I'll
follow
up
on
some
toc
response
and
we'll
also
go
a
bit
of
order.
The
github
epics,
so
I
propose.
We
start
with
your
topic.
Vadim
the
multi
cluster
naming.
B
Can
you
see
my
screen?
Yes,
the
document?
Okay,
so
to
provide
the
context
in
a
production
environment.
You
can
have
multiple
clusters
connected
together.
Okay
and
clusters
could
be
on
different
on
the
same
network
on
different
networks
in
different
clouds.
You
can
have,
for
example,
compliance
regulations,
for
example,
some
applications
have
to
be
on
different
network
and
so
on,
and
you
can
have
multiple
clusters
and
these
clusters
can
be
connected
by
different
patterns.
B
Let's
say,
and
currently
we
have
three
different
examples
that
describe
these
different
patterns
and
what
I
propose
is
to
give
these
patterns
all
these
examples.
You
know
some
kitchen
names
like,
for
example,
for
design
patterns.
We
have
neutering,
we
have
easy
to
run
so
on.
Let's
just
mainly
decide
on
the
name
means
for
the
cluster
connectivity
patterns.
Let's
say
okay,
so
there
are
two
aspects
in
cluster
connectivity.
First
is
network
connectivity.
We
have
either
folder
connected
classes.
B
It's
the
meaning
is
that
pods
can
connect
pods
from
one
cluster
can
connect
to
poles
from
a
number
classroom,
so
it's
called
like
so
it's
so
cold
sled
network
or
VPN
connectivity,
and
so
on.
So
basically
simply
saying
it's
all
the
hood
connected
or
want
to
put
connected
clusters,
or
you
can
have
gateway
connected
clusters.
That
means
that
gateways
would
say.
Egress
gateways
from
one
cluster
can
connect
to
English
gateways.
B
C
The
internet,
but
on
this
topic,
what
do
you
mean
I'm
not
into
how
you
are
going
to
use
it
in
the
documentation?
Are
we
are
going
to
use
it
because
in
reality,
is
your
mesh
support
both
in
the
same
booty
clusters?
You
can
have
a
multi
class
environment
with
20
clusters,
five
of
zemana
VPN,
another
500
VPN
and
the
others
each
on
each
in
its
own
network.
Exactly.
C
B
C
D
C
Effort
for
this
particular
subject:
I
think
we
already
have
an
API
is
I
mean
in
mesh
config
and
and
where
we
define
the
networks
and
we
use
a
term
networks
to
mean
a
set
of
pods
in
one
or
more
clusters
that
share
connectivity.
So
there
is
an
API
is
that
already
have
and
which
calls
them
networks.
For
some
reason,
can
we
keep
some
networks
as
we
have
in
API,
so
we
don't
have
to
revs
APM.
E
B
C
C
B
Okay,
so
the
first
aspect
is
network
connectivity
and
the
second
one
is
deployment
patterns.
So
here
we
came
up
with
eight
different
names.
Basically
it's
about
either
we
have
shared
control
plane
or
we
have
multiple
control
planes
or
independent
or
decentralized
for
symmetric.
It's
made
the
cluster
Tuesday,
so
here
no
names
are
basically
about
either.
We
are
talking
about
clusters,
primary
secondary
cluster
versus
peer-to-peer
or
somatic
clusters,
or
we
are
talking
about
control
planes,
either
shared,
centralized
or
independently,
centralized
in
engine
multiple
separate
local
documents
right
yeah,
one.
E
E
E
C
And
it
is
not
necessary
that
it
in
one
crime
a
done
completely
outside
of
any
class,
you
can
run
on
a
VM.
You
just
have
pilot
and
some
stuff
running
on
a
VM
outside
of
any
cluster,
or
you
can
have
it
in
already
know.
That
means
that's
kind
of
how
you
install
it,
not
necessarily
how
it's
logically
organized.
B
And
we
have
a
table
of
different
implications,
but
this
one
I
guess
we
can
some
poor
and
published
least
able
to
describe
today
describe
the
user
to
the
users
reasons
where
they
should
return.
Okay.
So
here
we
got
some
Leon
in
different
points
say
there
are
some
practical
implications.
So,
for
example,
in
one
settings
we
the
operators
which
they
have
to
provide
and
configure
access
to
the
next
api's
that
they
had
to
configure
site
has
to
communicate
with
remote
pilots.
B
In
some
cases
you
have
to
create
and
replicate
either
kubernetes
services
or
you
have
to
create
history
service
centers.
You
have
to
install
again
a
server,
for
example,
some
say:
ok,
so
here
we
should.
We
can
do
it
later,
this
implications
table
or
say
with
options,
prescribe
de
options
for
the
noodles,
but
first
I
propose
that
you
know
finally
we'd
somehow
the
side
boat,
I,
don't
know
on
the
names.
So
without
the
current
name
state
options
to
choose
and
they
don't
know
what
should
be
the
process.
How
should
we
proceed
from
here.
C
B
C
C
Don't
really
see
why
there
are
two
cases.
It's
one
case,
and
in
that
case
you
will
need
ombre
in
a
multi
class
admission
we
have
can
have
both
type
of
network
in
both
types
of.
However,
you
want
to
call
it
I
mean
having
one
cluster.
Would
you
have
a
pirate
running
and
using
only
gateways
and
using
what
you
call
the
second
method
and
all
the
other
cluster
using
the
safest
method
or
you
can
have
half
of
alfalfa?
C
F
In
the
description
before
we
describe
the
the
variant,
various
options
for
bridging
networks
is
just
multi,
never
right.
We
kept
multi
cluster
and
multi
network
as
two
separate
topics
and
in
part,
that's
the
reason
why
the
API
is
structured.
The
way
it
is
right.
It
allows
us
to
talk
about
those
two
things
independently.
C
And
I
would
say
that
really
is
a
second
part:
I
mean
how
you
organize.
A
control
plane
is
about
how
you
breach
the
networks,
not
how
you
deal
with
multi
cluster
because
in
reality,
is
a
pilots
in
each
network
need
to
have
visibility
into
that
network.
So
if
you
issue
organize
with
the
second
option
that
what
you
call
peer-to-peer
each
peer
is
really
a
network
with
its
own
locals.
That
is
with
a
pilot
that
is
managing
their
particular
network
and
it
sees
all
the
endpoints
in
that
network
and
can
only
load
balance
within
that
network.
C
B
C
Know
you
can
also
have
a
mix
where,
where
you
know
you
can
have
a
pilot
that
is
having
visibility
to
all
the
networks
across
the
entire
mesh,
but
you
still
use
this
kind
of
pilots
that
are
local
and
only
have
visibility
into
the
local
network.
As
you
know,
failover
mechanism
so
to
mekinese
can
be
combined
and
should
be
combined
and
used
together
in
in
a
production
environment,
because
each
of
them
has
benefits,
and
you
should
not
sacrifice
one
or
choose
between
them.
You
should
actually
try
to
deploy
both
of
them.
B
Right
initially,
so
you
can
have
multiple
like
20
clusters,
you
can
have
multiple
networks
and
you
can
have
multiple
paths
patterns
applied
between
different
clusters.
This
is
agreed
a
yes
okay,
so
what
is
left
is
just
to
give
names,
catchy
simple
names
to
these
patterns.
Okay.
First
second,
also
in
the
pot
to
put
connectivity
on
the
same
network,
you
can
decide
to
use
it
the
connectivity,
so
you
can
still
decide
it
for
some
reason
or
more
control.
B
B
So
you
have
never
connectivity
here
as
if
it's
in
this
table
to
option
spot
to
fold
or
container
to
container,
and
you
can
have
data
connectivity,
and
then
you
can
help
these
lead
patterns,
which
you
mix,
which
we'd
apply,
which
we
deploy
applied
in
different
cases,
okay
in
the
production
environment
and
you
mix
them.
So
what
is
left
is
this.
Give
them
means
that's
all
simple
names,
and
here
these
are
names
or
deployment
oxygen
for
for
these
patterns.
It's
not
like
the
whole
mesh
it's
this
here.
B
So
here
I
primary
secondary
cluster
and
they
need
the
primary
is
the
one
that
has
control
plane
and
secondary
use,
a
secondary
class.
Let's
use
this
control
plane
and
the
primary
coffee
here
the
names
are,
you
know
we
either
name
the
clusters
primary
secondary
versus
peer-to-peer
symmetric
clusters,
or
we
call
the
pattern
by
control.
Planes
like
shared
versus
separate
control,.
C
C
G
D
By
the
way,
I'm
not
sure,
if
you
guys
see
it,
we
did
a
survey
Multi
cluster
deployment
model
as
a
community,
and
we
published
the
result
of
the
survey
probably
a
month
ago
to
discuss
that
is
tilde,
il
and
surprisingly,
I.
Think
a
slightly
larger
chunk
of
the
users
are
more
in
favor
of
using
single
control,
topology
with
split
horizon
and
there's
also
sufficient
large
amount
of
user.
I
interested
in
gateway
connect.
He
connected
control
playing
multiple
control
playing
topology.
We
have
so
I
think
both
are
interesting
for
sure.
D
C
F
C
F
F
Where
with
there's
there's
either
a
global
control,
plane
or
a
federated
set
of
control
planes,
and
then
there's
the
distribution
of
control,
plane,
replicas
and
then
there's
whether
you're
a
multi
network
or
single
Network
right
and
then
that's
gateway
connected
multiple
V
pcs.
But
that's
that's
a
kind
of
tertiary
detail
in
your
decision-making
process.
C
C
F
B
F
We
make
sure
to
use
terminology,
so
we
can
least
distinguish
trade
because
there
are.
There
are
definitely
as
many
people
like
tool
in
point
people
out
there,
whether
you're
gonna
run
each
mesh
separately
and
then
they're
only
gonna,
bridge
subsets
of
the
services
right
right.
So
it's
it's
a
it's
a
an
extreme
form
of
split
horizon.
C
Actually,
that's
a
very
good
idea
if
we
are
saying
split
horizon
networking
to
refer
to
the
connectivity
to
two
gateways,
because
that's
what
it
does.
It's
also
split
horizon
config
ready
we're
talking
about
because
in
that
multiple
control
planes
you
are
describing
here,
you
really
have
a
split
view
of
the
configuration.
In
one
case
you
see
some
service
entries.
Another
case
you
see
several
different
service
entries
and
the
octal
rules
can
be
different,
bigger.
B
C
Split
horizon
or
single
horizon
control,
plane
or
configuration,
so
the
configuration
can
be
either
a
single
set
of
data
does
matter
where
you
put
it,
but
it's
the
same
configuration
everywhere
or
it
can
be
a
split
horizon
configuration
where
different
parts
of
the
mesh
will
see
slightly
different
coffee.
We
see
different
side
cars
different
tools
because
they
are
localized.
Basically.
C
C
C
Tools
that
you
are
building
I
mean
there's
a
whole
installer,
and
these
two
operator,
and
all
the
tooling
that
we
are
building,
will
hide
all
those
things
from
from
the
user.
What
user
will
see
is
either
one
one
configuration
that
is
consistent
across
the
entire
thing,
or
he
will
see
different
configurations
as
only
user
visible
difference
that
they
will
have.
A
F
I'd
like
to
figure
out,
you
know
the:
what
is
the
order
of
determining
that
the
layout
that
the
customer
is
going
to
make
like
what?
What
is
the
first
piece
of
information
that
they
want
to
understand
in
order
to
make
a
decision
about
how
they're
going
to
do
their
deployment
right?
Is
it
the
network
topology?
Is
it
the
organization
of
clusters,
or
is
it
their
administrative
domains.
C
A
F
That
when
you
deal
with
any
one,
individual,
they're,
probably
thinking
about
their
administrative
domain,
first
right,
if
what
we're
trying
to
do
is
pick
terms
of
ours
right
that
resonate
with
people
and
they
understand
easily
right,
then
aligning
with
their
decision
criteria
is
probably
the
best
way
to
go
about.
Choosing
the
names.
F
So
the
other
way
to
do
this
by
the
way
is
to
pick
fairly
recognizable
names
for
what
we
would
consider
the
most
common
use
cases
and
give
them
names
like,
for
instance,
the
I
have
multiple
clusters
and
they
all
have
their
own
networks.
I've
heard
that
describe
is
archipelago
mode
right,
which
sticks
with
our
nautical
terminology,
and
then
you
could
describe
that
and
right.
F
You
could
outline
what
that
use
case
looks
like,
and
then
you
could
talk
about
some
variation
within
that
use
case
right
without
trying
to
have
a
kind
of
perfect
ontology
of
multi
network
global
versus
single
mesh,
no
federated
non
federated
right.
All
those
dimensions,
I'm
trying
to
lay
everything
out
in
a
grid.
F
A
A
F
A
F
D
F
A
C
D
D
C
F
C
G
F
E
F
Yeah,
so
just
coming
back
to
the
names
right.
Obviously,
single
mesh
single
network
is
the
kind
of
this
simple
example,
and
we
could
just
refer
to
that
as
mesh
right
and
then,
if
we
would
refer
to
single
mesh
multiple
network,
you
just
call
that
multiple
multi
network
mesh
right,
if
you're,
looking
for
synonyms
right,
because
we're
probably
gonna
have
synonyms
that
are
people
are
going
to
use
in
kind
of
paragraph
achill
contexts
when
they
refer
to
these
things.
B
C
A
G
C
C
F
B
C
A
A
B
B
B
C
E
C
Can
have
a
controller
in
each
data
centers,
as
the
difference
between
the
cortex
is
in
one
is
the
first
one,
all
the
control
trains
exactly
the
same.
Config
no
matter
where
you
are
is
the
second
kid
you
see
different
on
fixed
I
mean
one
case:
you'll
see
a
service
as
a
service
entry
in
the
other
cluster.
You
see
it
as
a
normal
service.
A
F
C
F
A
C
B
B
C
A
F
F
C
F
A
It's
not
like
different
config,
because
in
both
cases
you
can
have
the
same.
A
pilot
can
learn
about
services
in
another
cluster
directly.
We
are,
you
know,
peering
with
another
pilot
or
necessarily
like
or
from
MCP
from
Ghale
directly.
It
doesn't
need
to
read
the
cube.
Api
server,
so
I
mean
I,
wouldn't
even
get
into
that
level
of
detail.
How
that's
finally
discovered
the
services
in
another
cluster
Louie.
G
F
A
F
G
F
B
Yeah
there
is
another
implication
here
for
the
users
lecture:
okay,
so
in
one
implementation,
the
remote
and
local
services
they
are
named,
you
know
in
the
same
way
and
they're
all
bound
together,
so
the
local
version
and
the
remote
wants
this
load
bounce
between
them
in
the
second
implementation.
You'd
have
overriding.
So
if
you
have
a
remote
version,
this
remote
version
is
called
once
you
define
a
local
girl
with
the
same
name.
The
work
of
learning
will
overwrite
a
movement.
Do
it
still?
You
know
a.
C
B
A
C
F
C
G
A
A
F
C
F
G
F
A
F
A
F
F
A
C
F
Yeah,
either
way,
we're
gonna
have
some
confusion
between
these
two
things
yeah
and
we
have
to
choose
a
refining
term
to
describe
the
behavior
of
look.
It's
a
single
administrative
domain,
but
you
are
controlling
where
services
are
visible,
based
on
your
own
criteria,
right
because
that's
effectively
what
you're
doing
I.
A
F
A
F
So
you
could
say
well
yeah.
It
is
widely
used
in
DNS
right
for
this
use
case,
but
we
could
say
service
discovery,
regionalization
or
localization
or
partitioning,
either
way
we're
gonna
wait,
it's
not
the
primary
term
right.
It's
going
to
be
a
refinement
within
the
documentation.
It
doesn't
have
to
be
a
first
class
reference
term.
C
A
G
To
go
back
to
your
suggestion
of
thinking
about
how
somebody
makes
a
decision
about
their
topology
and
and
the
the
hierarchy
of
these
decisions,
it
seems
to
me
one
of
the
the
the
highest,
if
not
the
most
highest
hierarchy
of
these
decisions
is
mi
one
administrative
domain
or
multiple
right
and
having
a
word
for
that.
That
is,
that
is
clear,
seems
important
and
I
would
say.
I
would
suggest
that
that
at
the
bottom
of
the
criteria
we've
been
discussing
is
whether
services
can
resolve
to
the
same
or
different
destinations.
F
F
So
I,
like
I'm,
happy
to
use
a
term
like
service
discovery
partitioning
or
something
like
that
right
to
describe
the
use
case
and
yes,
I.
It's
a
detail.
I
still
think
single,
mesh
and
Federation
are
the
like.
Those
are
the
two
entry
points
into
the
the
discussion
that,
like
that
I
like
this
administrator
domain,
that's
the
terms
of
thinking
it
right
there
intuitive
and
then
multi
network
or
single
network
is
an
implementation
detail
and
service
discovery.
Partitioning
is
an
implementation
detail
of
your
mesh,
as
is
AJ.
D
F
So
it's
gonna
inflame
what
you're
trying
to
do
right,
but
if
we're
trying
to
what
we're
trying
to
do
is
explain
concepts
to
people
and
then
we're
gonna
give
them
use
cases
that
are
gonna
help
them
make
a
decision
about
right
what
to
choose
right,
how
to
actually
go
to
production
right.
So
when
we
describe
multi
network,
we're
gonna
explain
why
you
might
want
to
do
it
or
white
my
you
might
have
to
do
it
and
if
you
have
to
do
it,
here's
how
you
do
it
right.
C
E
E
G
A
Three
right,
Shannon
and
I.
Actually,
like
a
lot
dislike
this,
we
should
be
able
to
produce
somewhere
this
decision
tree
that
people
can
follow
and
be
directed.
You
know
to
recommend
it
architecture
or
recommended
deployment
order
for
them.
I
think
it.
This
is
very
good,
but
once
you
are
like
let's
say
you
have
administrative
domain
or
multiple,
let's
say:
if
the
answer
is
one
administrative
domain,
then
how
do
we
again
like
name
that
difference?
Because
we
haven't
made
a
decision
on
that.
F
F
C
F
C
F
D
C
A
F
F
A
F
Well,
I
mean
even
forgetting
about
the
actual
physical
implementation
details,
the
network.
What
are
the
reasons?
People
partition
service
discovery
right
it's
to
indicate
to
consumers
what
they
can
or
cannot
use
in
a
particular
regional
context,
or
look
physical
or
calorie
contexts?
You
cannot
call
you
know
the
US.
C
A
Okay,
so
folks,
who
are
actually
five
minutes
over
time
but
I
think
we
did
make
some
progress
on
this.
So
thanks
to
everybody
who
really
commented,
I
think
it
was
a
very
productive
discussion.
So
some
actions
out
of
this
is
I,
guess
the
UX
study
right
so
the
PM's
and
valuation.
We
asked
some
of
the
UX.
A
F
A
A
E
A
Well,
yeah,
so
what
we
definitely
have
to
like
once
where's
the
DA.
We
should
all
keep
using
the
same
name
schists.
Otherwise
people
would
be
very
confused
all
right,
so
there
were
two
more
topics
which
I'm
actually
glad
to
have
deferred,
for
you
know
for
the
importance
of
this
topic
related
to
motocross
there,
so
they
are
not
super
important.
I
we
can
like
follow
up
in
two
weeks
from
now,
but
with
the
you
know,
the
toc
response,
it's
in
the
document
and
I
also
put
I
open
the
github
epics
and
put
the
link
in
there.