►
From YouTube: Technical Oversight Committee 2020/11/06
Description
Meeting of Istio's Technical Oversight Committee on November 6th 2020
Topics:
- 1.8 Release blockers
- 1.9 Release Managers
- Feature status for Annotations (and ENV vars and CLI args)
A
I
think
we
we
need
to
really
delete
the
release
by
week
for
the
fourth
fix
for
us
I
mean
all
right,
there's
already
like
two
fixes
on
the
way
like
I
I
believe
they
will
land
like
already
next
week,
so
so
that
we
can
make
a
call
like
how
it
looks.
It's
not
like
far
away
we're
following
so
all
right,
say:
let's
get
together
release
by
the
week.
C
B
C
C
It
could
fall
into
some
situation
that
sds
is
not
ready,
but
cluster
or
listener
to
be
active
and
then
like
it
rejects
or
doesn't
connect
to
stuff,
and
that
that's
one
thing
and
the
another
thing
is
for
this:
one
that
we
don't
have
the
for
for
the
uds
sds.
We
don't
have
the
like,
proper
retry
or
timeout
to
form
void
to
retry
on
that,
so
that
two
two
things.
B
And,
and
are
they
both
like?
You
know,
what
is
the
blast
radius
in
those
changes?
Are
they
both
kind
of
sweeping
changes?
The
first
one
sounds
like
it
might
be:
a
sweeping
change
where
you
need
a
design
dock
and
everything,
and
it
would
take
time,
I'm
not
sure
about
the
second.
What
do
you
think
I
I.
C
D
F
I
think
we
could
yeah,
we
could
add
a
wideness
world
that
would
kill
itself,
but
the
the
issue
is
one
of
the
issues
is
we
would
need
to
get
the
bug
of
the
clusters,
not
warming,
rather
than
the
bug
with
the
secrets
now
setting
up,
because
if
the
secrets
don't
set
up,
then
it
will
be
marked
ready
and
so
then
you'll
actually
have
major
traffic
impact.
The
cluster
not
getting
ready.
One
is
a
much
better
bug
because
it
will
never
be
marked
ready,
so
traffic
will
never
be
sent
there.
F
So
we
have
a,
I
think
the
entire
readiness
probe
will
fail
because
the
it's
not
even
listening
on
the
readiness
port,
and
so
if
we
added
a
liveness
port
for
the
same
thing,
it
would
also
fail,
like
we'd,
basically
add
a
liveness
probe.
That's
the
same
as
the
readiness
probe.
So
if
it
doesn't
become
ready
in
like
a
minute
or
two
minutes,
then
it
fails.
C
F
H
G
F
So
I
think
one
would
be
like
the
liveness
pro
has
a
longer
timeout.
So
if
it's
okay,
it's
not
ready
for
like
two
minutes
or
something,
then
we
kill,
but
the
readiness
probe
like
immediately
when
it's
ready,
which
could
be
hopefully
like
two
seconds,
then
it
will
be
a
marked
writing
it's
it's
for
my
I've
seen
it's
not
that
uncommon
to
have
them
be
the
same
check,
but
just
different
intervals
and
yeah.
As
long
as.
F
Yeah,
it's
pretty
minimal.
Now
we
used
to
check
like
the
envoy
stats,
which
would
get
overloaded,
sometimes
by
things
that
didn't
cause
the
pod
to
actually
fail.
So
that's
why
I
was
always
hesitant
to
add
this,
but
now
we're
just
going
through
like
the
real
traffic
path.
So
I'm
going
to
be
concerned
about
adding
that
okay.
D
D
B
F
B
I
B
D
D
I
A
D
D
A
F
B
C
F
B
But
we
have
actually
told
some
of
our
users
to
use
this
to
use
envoy
filter
to
configure
aggregate
cluster.
I
think
we
had
a
discussion
once
back
when
we
assure
him,
as
one
of
the
networking
work
group
leads
where
he
basically
said
before.
We
create
a
first
class
api
for
aggregate
cluster.
We
should
just
let
them
try
it
via
on
voice
record
and
then
advertise
it
later.
B
B
D
I
B
D
B
D
B
J
O
N
N
D
D
I
J
D
Q
Yeah,
so
this
this
was
kind
of
like
a
journey
down
the
rabbit
hole.
I
I
started
thinking
I
wanted
to
promote
the
locality
load
balancing
label
to
the
api
since
it's
kind
of
a
hidden
label
down
within
its
ud.
When
I,
when
I
started
kind
of
going
down
that
route,
I
realized
api
istio
api
it.
It
doesn't
actually
current,
currently
document
labels
as
an
api.
Q
We
do
this
with
annotations,
but
we
don't
want
labels
so
then
start
looking
at
labels
or
the
annotation
stuff
and
the
machinery
behind
generating
the
docs
for
that
and
realized
man.
We
we
need
to
give
us
some
love.
He
had
taken
this
kind
of
arbitrarily
assigned
feature
status
and
there
was
like
this
combination
of
incorporating
the
feature
status
in
the
in
the
name
of
the
annotation
itself,
which
doesn't
seem
very
user-friendly
going
forward
once
it
goes
to
a
different
feature
status.
Q
So
I
so,
I
think,
we've
gone.
I
I
rolled
up
some
prs
and-
and
I
think,
we've
gotten
some
general
consensus
around
not
wanting
to
embed
the
feature
status
in
in
the
name
of
the
annotation
itself.
But
then
the
discussion
became.
What
should
the
feature
status
be
of
all
the
annotations
that
we
have
today?
So
that's
that's
kind
of
like
I
think
what
I'd
like
to
kind
of
discuss
here.
So
we've
got
a
bunch
of
annotations
in
istio
api
already.
Q
Q
This
is
probably
at
least
beta
right,
but
it'd
be
good
to
to
to
kind
of
like
as
a
group
kind
of
decide
how
like
an
approach
for
how
we
should
like
categorize,
these
save
for
one
nine,
so
that
we
actually
have
like
something.
We
all
agree
on
and
a
way
to
kind
of
assign
these
feature.
Statuses
for
for
annotations
and
labels
going
forward.
D
D
Q
Do
we
think
that
that's
fine,
I
guess
like
do
we?
I
mean
it
ultimately
comes
down
to
everybody's
kind
of
gut
feel
for
yeah.
This
is
kind
of
beta.
This
is
kind
of
stable.
I
don't
know
that
everybody's
necessarily
using
the
same
criteria
for
for
doing
that,
and-
and
I
think
that's
a
one.
One
question
I
think
I
think
it
was
doug
raised-
was
what
exactly
is
the
distinction
between
the
status
of
a
feature
and
the
annotations
or
labels?
D
You
know,
there's
there's
some
ways
to
make
these
decisions
right
I
mean,
obviously,
if
the
annotation
is
basically
a
stand-in
for
a
an
api
right,
that
we
would
use
like
at
a
different
level
of
granularity
like
putting
an
annotation
on
namespace
instead
of
using
sidecar
or
something
like
that
and
the
equivalent
feature
in
my
car
is
at
beta
or
in
development.
Then
the
annotation
should
be
at
the
same
level
unless
the
annotation
came
before
the
api
and
we
communicated
to
users
that
that
annotation
was
stable.
M
I
D
M
D
M
I
New
annotations
just
go
by
the
normal
process
right.
The
interesting
question
here
would
be
so
I
already
know
there
will
be
annotations,
which
I
invite
spread
use
which
are
widespread
documented,
but
don't
have
tests
and
their
users
relying
on
it.
So
the
impetus
from
us
should
be
for
one
nine:
let's
try
to
add
those
tests
so
that
we
can
actually
call
it
beta.
Is
that
correct,
louis.
I
D
M
D
Q
M
Q
Q
Yep,
this
is
a
good
thing.
It
should
be
pretty
quick
to
work
through.
One
last
question,
then,
with
respect
to
all
the
stuff,
so
we
have
a
bunch
of
annotations
now.
Well,
not
a
bunch,
maybe
like
a
handful
that
actually
start
with
alpha
in
the
name.
So
I
think
we
had
talked
about
wanting
to
change
that.
So
what
sort
of
deprecation
and
replacement
process
should
we
follow
here?
For
those.
D
D
The
deprecation
could
be
for
a
long
time
right.
The
documentation
should
update,
but
there's
probably
no
reason,
because
we
now
in
theory
have
a
framework
where,
if
the
decorated
buy
was
deprecated
by
another
annotation,
with
a
cleaned
up
name
like
we
could
deal
with
that
automatically
in
a
framework.
D
P
I
We'll
take
the
benefits
just
I
want
to
make
sure
if
we
do
what
I'm
seeing
through
that
pr
is
there
a
lot
that
I
have
commented
that
seemed
deprecated
now
if
a
annotation
was
alpha
and
we
decided
that
nobody
actually
used
it,
it's
totally
fine
to
deprecate
it
right.
I
just
want
to
make
sure
we
clear
out
the
documentation
so
that
people
or
we
give
them
a
migration
path.
So
that
might
be
increasing
your
scope
a
bit,
but
somebody
will
have
to
do
a
scan
of
the
docs
and
update.
Q
F
D
D
F
D
I
F
F
Verbals
that
are
super
useful,
like
there's
the
trace
sampling,
one
that
mitch
gave
as
an
example
like
these
are
real
things
that
we
need
in
our
api,
but
the
fix
isn't
to
make
them
the
environment
variable
stable.
The
fix
is
to
move
them
to
a
real
api
which,
for
the
tracing,
what
we're
doing
with
the
telemetry
api
for
the
secret
stuff,
there's
a
bunch
of
those
actually
not
just
the
ttl.
R
M
R
R
R
D
Right
and
then
the
the
obvious
thing
we
issue
we
have
with
right.
So
now
we
have
a
really
good
mechanism.
You
know
based
on
what
nate
and
what
mitch
are
doing
to
at
a
very
fine
level
of
granularity
capture,
features,
status
of
features
and
almost
like
it
feels
level.
But
we
don't
have
the
ability
to
do
that
on
the
field
level
in
apis
right
and
that's
really
problematic
in
mesh
config
right,
because
mesh
config
is
the
thing
for
each
individual
field
is
a
feature
more
or
less.
R
D
Like
this
yeah
like
it
becomes
a
much,
it
becomes
a
very
nuanced
and
detailed
conversation.
I
think
what
I'm
saying
right
now
is
we
don't
have
the
tracking
ability
and
we
don't
have
right
and
we
can't
even
produce
the
dock
like
what
nate
just
did
for
annotations.
Actually
lets
us
produce
good
doc
right.
We
can
go
work
on
the
docs
tooling,
so
we
can
help
set
users
expectations.
P
So
we
we
can't
use
exactly
the
same
because
it
creates
a
circular
reference
between
our
repositories,
but
we
can
duplicate
it
in
the
package
repository
and
that's
fine.
My
question
is,
you
know:
I've
dropped
the
link
to
where
we
document
environment
variables
per
command
on
istio
io.
There
are,
I
believe,
163
that
we
document.
Where
are
we
documenting
that
these
are
alpha
or
pre-alpha?
Today?
Where
are
we
letting
users
know
that
these
are
not
safe.
R
At
the
top
or
somewhere,
yes
and-
and
I
mean
command
line,
parameters
are
also,
I
think,
are
still
documented
for
yesterday
and
other
things
which
again,
we
never
supported
as
an
api,
and
we
should
make
it
clear
that
they
are
not.
I
don't
know
even
why,
where
we
are
documenting
them,
since
nobody
can
set
them.
D
R
Internal
use,
let's
call
it
internal
use.
I
mean
there
are
a
lot
of
command
line,
flags
and
environment
because
the
api
is
mesh
config
I
mean
they
get
set
from
mesh
config
or
from
from
values.tml,
which
is
exposed
to
the
user.
But
users
does
not
need
to
know
that
something
in
mesh
config
gets
translated
into
some
environment
variable
or
some
command
line
parameter
for
internal
use.
R
D
M
R
Much
for
a
user
how
about
how
about
we
put
an
internal
right
now
we
discuss
only
experimental
alpha,
but
let's
put
an
internal
and
both
environment
variables,
even
annotations
and-
and
you
know,
definitely
command
line
flags
and
other
things
that
are
not
supposed
to
be
used
by
user
they're
internal.
So
that's
a
completely
different
category.
I
P
R
I
F
I
What
that's
yeah
yeah,
I
agree
with
costing
here.
So
we
have
alternatives
match
here
where
either
we
masquerade
it
as
a
mesh,
config
api
or
some
other
high
level
api,
where
eventually
they
get
distilled
down
as
command
line
arcs,
because
if
you're
using
a
operator
or
s2ctl
to
manage
your
sq
installation,
if
you
manipulate
them
directly,
they
will
get
lost
anyways
right.
R
P
D
P
C
O
R
I
know
for
a
fact
that
one
of
the
few
of
the
recent
cleanups
removed
a
bunch
of
command
line.
I
mean
trust
domain
and-
and
you
know
some
of
them
quite
critical-
they
were
removed.
So
if
someone
is
setting
trust
domain
as
a
command
line
flag,
probably
they
are
not
getting
what
they
expect
and
that's
fine.
I
mean
it
was
reviewed
as
a
code
change
and
as
a
cleanup
and
and
nobody
treat
it
as
an
api,
because
it's.
D
D
R
So
louis
for
for
us,
my
my
goal
was
to
completely
get
rid
of
them
and
use
environment
variables
everywhere,
because
the
complexity
of
operator
which
cannot
move
up
to
to
have
another
install
mechanism,
was
due
to
the
command
line,
parameter.
The
fact
that
you
cannot,
you
know,
use
customize,
for
example,
to
change
query
environments.
R
D
P
D
Two
points
right,
that's
the
second
part.
The
first
part
is
to
do
what
mitch
said
right.
So
if
mitch
is
willing
to
do
the
basically
put
together
a
pr
which
the
working
group
leads
can
review,
which
is
here's
a
list
of
all
the
command
line.
Args
that
looks
a
bit
like
the
thing
that
nathan
had
mitch's
job
is
not
to
assess
what
the
support
level
is
he's
just
providing
a
framework
for
people
to
do
that
review.
That
would
be
super
helpful
and
then
we
can
do
the
next
thing
right.
D
Q
One
one
last
tiny
topic
related
to
all
this.
Looking
at
our
our
io
page
for
feature
status,
we
don't
we
only
list
the
three
we
list
alpha
beta
and
stable.
We
don't
list
a
pre-alpha,
so
it'd
be
good
to
get
some
sort
of
get
to
get
that
updated
to
include
that
whatever
we
want
to
call
pre-alpha.
Is
it
experimental.
Q
D
Q
O
I
H
R
Could
we
could
you
have
a
setting
on
the
site
or
or
on
a
separate
site
or
or
you
know,
put
them
on
wiki
or
some
other
place,
so
so
the
documentation
and
easter
is
clean,
and
it's
only
you
know
the
things
that
are
supported
and
better
and
stable.
And
then,
if
you
want
to
do
experimental
or
internal
stuff,
you
go
to
the
developer
site
or
or
some
other.
O
D
I
mean
that's,
you
know
some
of
you
would
like
to
be
in
that
state
and
they
would
like
to
know
if
they
were
in
that
state
right.
I
mean
this
would
probably
help
us
with
some
of
our
upgrade
pain,
and
it
would
also
let
us
make
an
assessment
of
like
do.
We
have
too
much
api
surface.
Where
do
we
start
shaving
right,
and
how
do
we
shave?
D
D
D
D
P
P
J
M
I
Right,
I
I
reluctantly
say
this
that
yeah
you
should
clarify
because
we
release
like
like
yeah.
We
are
in
a
state
where
we
have
experimental
features
and
they
are
not
explained
well,
so
your
clarification
will
help,
but
I
want
to
go
to
a
state
where
we
don't
have
those
we
straight
away.
Go
to
alpha.
I
have
not
seen
a
lot
of
other
mature
infrastructure
products
have
a
pre-alpha
stage.
To
be
honest,.
Q
It's
still
useful,
even
if
we
don't
document
them
like
to
actually
like
if
we,
if
we
store
like
for
look
for
annotations,
for
example,
if
we,
if
we
create
a
new
annotation,
but
it's
experimental,
we
put
it
in
the
api
repository,
we
mark
it
hidden
from
docs,
but
it
still
has
like
in
the
in
the
go
code
that
its
feature
status
is
experimental
or
something
like
that.
I
think
that's
still
a
useful
signal.
R
D
S
Yeah,
actually,
no,
what
I
was
suggesting
is
we
have
things
like
tracing
or
whatever
that
are
marked
experimental,
and
then
we
have
other
pages
that
are
marked
pre-alpha,
and
so
I
think,
to
end
users.
It's
just
not
clear
to
them
like
how
how's
experimental
different
from
pre-alpha.
What
does
that
even
mean?
So
I
can.
I
can
help
with
that
initiative
and
as
far
as
helping
below
the
fold,
I
mean
I'm
also
willing
to
to
help
people
kind
of
coordinate
that
that
effort
as
well.
D
I
D
Q
D
D
T
J
R
One
tiny
comment:
I
don't
know:
if
people
are,
I
mean
we
had
a
discussion
about
having
got
environmental
is
normally
our
required
start
and
we
had
a
discussion
about
having
a
sexual
mesh
config
with
the
proxy
config
having
the
important
variables
and
actually
making
them
dynamic.
It's
for
your
info.
It's
something
that
we'll
probably
do.
Okay,.
R
D
R
D
D
I
Yeah
yeah,
so
so
louie.
I
think
what
nathan
you
have
a
pr
out.
Let's
make
sure
we
just
discuss
the
runtime
field
nomenclature
there,
so
we
don't
have
to
have
another
document
for
it
and
maybe
what
jacob's
pr
will
do
when
he
adds
it?
Toc
can
jump
on
that
pr
to
figure
out
how
we
want
to
convey
the
messaging
for
pre-alpha,
alpha,
beta
and
stable.