►
From YouTube: Technical Oversight Committee 2021/04/09
Description
Istio's Technical Oversight Committee for April 9th, 2021.
Topics:
- Moving TOC meetings to Monday morning instead of Friday morning, and an hour earlier.
- Inbound Forwarding for 1.10: Approval to add upgrade pre-check command.
- istioctl analyze warnings on alpha/experimental: Approval to add whitelist of expected alpha/experimental usage, warn on the rest.
- 1.10 release pushed to 5/18
B
All
right
so,
let's
get
started
so
the
weekly
routine.
Here
I
guess,
raise
managers.
That's
done
right
for
110,
so
we
should
just
take.
C
B
Yeah,
that's
excellent,
that's
good
to
know.
We
really
need
to
start
sending
some
swag
once
things
become
better
in
qs,
I
guess
for
people
who
are
doing
many
jobs,
let's
see
so
the
weekly
routine
here
feature
freeze
was
april.
Sixth,
we
have
done
the
branch
cut
and
our
free
feature
frozen.
That's
good!
Anything
to
add
there.
C
Correct
we
have
a
couple
of
automation
which
needs
to
be
done,
but
separate
than
that
there
is
no
sign
up
since
last
week
and
the
automation
required
the
ones
which
actually
requires
testing
at
34,
because
other
than
that
they
are
automated.
So
34
test
cases
which
are
still
p
zeros
requires
the
ownership
and
the
testing
is
starting
tuesday.
B
Okay,
so
this
is
a
call
out,
I
guess
for
all
the
attendees
and
your
buddies
who
work
in
sto,
let's
sign
up
and
crack
these
34
manual
tests,
so
I'm
guessing
there's
no
way
to
automate
these.
That's
why
they
will
remain
manual
forever
or
is
that
just
lower
priority.
C
D
B
B
B
Anything
to
add
here,
other
folks:
okay,
it's
pretty
routine
stuff
release
health
for
110,
so
there
are
three
release
blockers.
Do
you
want
to
talk
about
what
they
are.
C
E
Yeah
so
three
release
blockers,
I
think,
as
of
like
the
last
hour,
that
should
actually
be
two
release
blockers
and
ten
p0's,
but
I
think
it's
premature
to
discuss
the
specifics
right
now
in
toc,
but
I've
reached
out
to
the
owners
individually
and
I
I
think
that
these
are
release
blockers.
We
have
paths
to
resolution
for
so.
B
Okay,
yeah
all
right,
so
it
looks
like
the
way
you
said
it.
You
removed
one
of
the
blocker
to
be
a
p0
okay,.
B
All
right,
so
let
us
know
again
if
you're
short,
stuffed
and
somebody
needs
nudging.
It
looks
like
sam
and
the
other
release
managers
have
this
handled
well,
so
we'll
keep
moving
next
release,
istio
111,
all
right,
so
the
timelines
are
10th
august.
What's
that,
I
think
we
discussed
it
last
time.
Do
you
need
an
explicit
approval?
Srita
or
this
is
again
an
fi?
F
B
All
right
docs
for
achievements,
there's
nothing
written
here,
but
I
just
want
to
open
the
floor
up.
Are
there
any
achievements
somebody
wants
to
highlight?
We
should
do
that,
and
this
is
not
restricted
just
to
the
toc
members.
G
B
G
Want
to
say
I
thank
you
to
everybody
working
on
security
related
fixes
and
cds.
G
B
Yes,
yes,
I
mean
I'm
part
of
product
security,
working
group
louis
and
there's
lots
and
lots
of
effort
going
on
so
for
folks
who
are
on
this
call,
it
just
means
we
are
gonna,
make
our
security
better,
it's
not
where
it
is,
but
it
takes
a
village
to
make
it
better
and
that's
what
we're
going
through.
B
There
are
any
docks
for
offline
review.
Shruta
did
you
have
something
nope
all
right
jacob?
I
think
this
has
been
here
for
a
while.
I
don't
think
is
this
ready
now.
B
B
Does
that
sound
good
all
right?
So,
first
one.
Hopefully
this
is
quick,
I'm
proposing
to
move
toc
to
the
monday
time
time
slot
at
9
am
pst.
The
two
reasons
for
it.
First
is
I
wanted
to
move
the
time
earlier
so
that
folks,
like
me
and
other
from
different
time
zones,
can
attend
in
a
reasonable
hour.
I
had
discussed
it
with
other
toc
members
and
we
had
rough
approval.
B
B
G
Oh
yeah,
I
was
on
vacation
yeah.
I
think
this
is
fine.
I
think
you
know
we'll
have
a
couple
of
more
missed
days,
because
u.s
kind
of
national
holidays
tend
to
fall
on
mondays
right
when
there
are
three
day
weekends.
So
I
think
you
know
we'll
probably
that
will
cause
us
to
have
three
or
four
more
non-scheduled
toc
meetings
a
year,
maybe
a
bit
more
than
that,
like
I
don't
remember
how
many
it's
somewhere
in
the
four
to
six
range
right,
so
we'll
lose
one
and
a
half
a
quarter.
B
G
I
mean
that
that
that
you
know
that
that's
this
year,
it's
not
durable,
but
yeah.
I
mean
we
can
always
revise
this
anyway
so
and
if
we
need
to
schedule
one-off
toc
meetings
to
compensate,
we
can
do
that
too.
So
I
think
it's
fine.
I
G
I
think
feedback
is
open
for
everybody.
We
didn't
actually
just
vote.
That
was
just
more,
but
certainly
the
toc
members
need
to
be
available
for
the
meeting.
I
D
A
Say
we
just
try
it
for
try
it
in
like
something
on
the
on
the
schedule
to
revisit.
I
don't
know
in
four
weeks
or
something.
B
All
right,
so
I'm
gonna,
say
approved
is
that,
okay
with
everyone.
F
C
So
can
I
then
just
move
it
from
next
week
to
4
19?
If
you
all
agree
right.
C
K
Yeah,
so
we've
discussed
this
a
couple
times
in
the
past.
This
is
basically
about
the
changes
to
the
inbound
forwarding
with
the
local
host
cluster
and
matching
kubernetes.
K
We
got
the
feedback
previously
that
we
want
to
do
this,
but
we
are
a
bit
worried
about
the
impact
it
may
have
on
upgrade
and
the
feedback
from
qsc
was
yes,
sorry,
if
that's
too
small,
we
should
have
some
command
that
you
know
before
every
upgrade
users
run
the
upgrade
check
and
we'll
encode,
all
of
or
as
much
of
like
upgrade
notices
in
code
rather
than
I
expect
users
to
read
them,
and
the
first
would
be
checking
for
this.
So
we
have
done
that.
K
You
can
kind
of
see
the
output
here,
it's
a
bit
small,
but
it
will
show
you
all
of
your
pods.
That
will
be
impacted.
So
if
you
run
this
before
you
upgrade,
then
assuming
all
goes
well.
You
should
be
notified
that
anything's
going
to
change
and
you
can
go
fix
those
pods
or
if
it
was
just
a
mistake
and
they're
not
actually
broken,
then
ignore
it.
So
that's
pretty
much
it.
I
wanted
to
make
sure
that
this
is
what
we
wanted
and,
if
there's
anything
else
we
want
to
do
before.
B
K
Two
we'll
mention
it
in
the
upgrade
notes
like
run
the
pre-check
command,
and
I
think
we
can
also
put
on
the
install
and
upgrade
documentation
it's
actually.
It
can
be
used
for
both.
So
it's
meant
to
be
not
just
upgrade
check.
We
changed
the
name
since
that
picture,
but
it's
a
check
for
pre-install
and
pre-upgrade.
K
J
One
question
I
have
is:
what's
the
thought
process
for
you
to
have
a
dedicated
command
was:
have
it
part
of
the
analyzer
command,
because
I
do
remember
we
kind
of
tell
people
you
know
if
you
need
to
upgrade
issue,
go
ahead
and
run
the
analyzer
command
and
see
what
only
you
got
right.
If
we
have
newer
version
of
api
that
may
not
be
compatible
with
your
environment,
we
would
want
you.
So
I
assume
this
is
an
additional
command
and
what's
your
thought,
process
of
not
having
it
as
part
of
the
analyzer.
K
Yeah,
so
I
it's
a
good
question
yeah,
like
you
may
note,
this
is
using
the
analyzer
stuff
under
the
hood,
both
under
the.
D
So,
in
particular,
the
reason
that
we
don't
have
this
running
as
part
of
the
analyzers
today
it's
twofold
one.
It
reads:
data
that
the
analyzer
framework
does
not
have
access
to
analyzers
are
by
definition
config
only
they
do
not
have
runtime
access
to
envoy,
etc,
and
this
particular
operation
does
require
that
so
things
like
ci
cd
would
not
be
able
to
use
this.
The
second
is:
we
are
trying
to
create
a
set
of
analysis
like
operations
that
are
particular
to
upgrade.
D
So
if
you're
running
istio,
one
nine
you're
running
istio,
one
nines
analyzers,
and
so
those
analyzers
are
not
going
to
include
any
problems
with
an
upgrade
to
110.
The
idea
would
be
that
you
download
istio
cuddle
110
and
run
upgrade
pre-check,
which
runs
only
commands
that
are
relevant
to
your
upgrade.
Does
that
make
sense.
D
Yeah
running
all
of
analysis
will
will
give
you
a
lot
more
information
than
is
necessarily
relevant
to
your
upgrades
and
also
will
not
give
you
this
particular
check
that
john
has
written.
So
that's
why
we
have
a
particular
command.
It's
just
the
subset
of
analyzers
that
are
relevant
to
upgrade
along
with
a
few
other
runtime
checks.
K
K
That
the
easter
cuddle
analyze
command
can't
also
include
this
right.
It
seems
like
I
mean
we
have
to
think
about
the
details,
but
we
could
probably
combine
them.
You
can
add
a
flag,
that's
like
dash
dash
include
upgrade
checks
or
whatever
we
want,
but
ultimately
I'm
sure
we
can
find
a
way
to
make
it
reasonably
be
just
one
command.
D
K
L
H
Right
can,
I
add,
was
one
small
comment
here
on
this
topic
in
in
practice.
Yeah.
I
understand
that
how
it
is
today,
but
there
is
a
need
to
have
more
fine
granularity
of
permissions
and
access
control,
starting
with
ability
for
users
to
to
run
analyze
with
access
to
an
a
space
only
and
then
with
file
only
which
is
very
important
for
csd,
but
also
what
what
john
mentioned
with
cluster
admin
or
with
mesh
admin.
So
we
need
to
to
to
kind
of
refine
a
bit
the
analyzer
permission
model.
H
So
all
three
models
are
supported
because
in
particular,
where
you
have
access
to
namespace
only.
D
So
right
now
that
is
supported.
Analyzers
can
be
run
against
a
particular
namespace
only
and
no
matter
what
model
you're
running
them
under
they
are
read
only
so
they
don't
do
any
port
forwarding
any
pod
exec.
If
you
have
read
permissions
to
the
kubernetes
api
server
or
to
a
file
system
that
has
your
configs
in
it,
you
can
run
all
the
analyzers.
H
B
What
the
source
of
confusion
here
is,
I
feel
like
like
there
are
too
many
sub
commands
or
commands,
and
sometimes
it's
not
clear
when
to
run
for
a
user,
because
I
think
there
is
a
osteoctl
verifying
stall.
Maybe
that's
going
to
get
deprecated,
I
don't
know,
then
this
new
one
and
then
istio
ctl
analyze.
I
understand
mitch
your
point
that
there
are
security
boundaries
where
some
commands
you
know
fit
very
well.
B
D
Together,
this
command
is
actually
not
the
final
form
right.
We're
not
using
upgrade
check
we've
combined
it
with
the
pre-check
command,
so
that
it's.
K
K
New
yeah,
but
we've
gone
from
having
a
set
of
commands
to
six
commands,
we're
still
like
check
analyze,
verify
install
upgrade,
install
like
there's
a
ton
of
commands.
I
I
even
couldn't
figure
it
out,
so
I
kind
of
agree.
It's
complex.
G
E
G
There's
probably
some
desire
to
consolidate
or
rationalize
the
ux
across
that
set
of
commands,
but,
but
I
think
we're
all
in
agreement
that
we
we
want
a
very
clear
definition
of
a
command
that
is
a
pre-upgrade
or
pre-install
as
a
use
case,
and
it's
perfectly
fine
for
that
to
be
well
a
command
that
is
named
differently
than
analyze
analyzes,
an
incredibly
generic
name
anyway.
So
we
might
want
to
think
about
that.
But
if
the
question
here
is,
you
know,
should
the
toc
approve
this
command?
I
think
the
answer
is
yes.
G
B
B
Okay
and
istio
city
experimental
is
like
experimental
in
other
pieces
of
stu,
so
we
can
take
it
away
and
break
things
without
without.
D
B
B
So
and
then
I
agree
with
louis
actually
I'm
fine
approving
this
with
the
caveat
that
we
will
revisit
and
understand.
What's
the
gambit
of
commands
look
like
and
can
we
give
a
clearer
instruction
to
the
users.
G
D
B
D
Now
I
want
to
be
clear:
we
do
consume
our
own
structured
output
as
well
in
the
use
of
the
analyte
analysis
messages
in
the
status
which
we
are
hoping
we'll
move
to
beta
in
111.
B
A
E
D
Yeah
one
thing
to
be
aware
of
too:
this
is
reporting
on
any
use
of
alpha
or
deprecated.
What
is
it
annotations
in
your
install,
which
we
do
use
by
default
in
istio
install?
So
one
of
the
reasons
for
keeping
this
experimental
is
that
we
know
we
need
to
clean
up
our
existing
alpha
and
experimental
et
cetera
features
by
default.
This
will
so
we're
going
to
get
some
users
who
see
this
and
are
a
little
bit
concerned,
as
they
should
be.
Frankly,.
K
D
Okay,
yeah.
K
D
Okay,
that
is
something
we've
gone
back
and
forth
on
a
number
of
times
now,
whether
we
want
this
enabled
or
like
how
we
move
forward,
and
the
most
recent
decision
that
we
had
was
that
the
best
way
to
move
forward
is
to
set
it
up
as
experimental,
where
it's
not
going
to
be
bothering
users
that
are
using
our
normal
commands
and
then
iterate
and
improve
from
there.
K
I
I
yeah
I
mean
this
is
going
to
the
weeds,
but
I
don't
see
how
it's
useful
to
report
an
error.
When
there
is
none,
I
mean
we,
we
literally
inject
these
annotations
onto
every
pod,
so
then
to
go
around
and
warn
them
that
we
injected
an
annotation
is
kind
of.
Not
it
just
doesn't
make
sense
to
me
so,
but
we're
probably
going
too
far
into
the
weeds
here.
B
Yeah,
so
for
me
what
I
have
heard
and
then
feel
free
to
pitch
in
if
you
still
have
reservations
about
this,
looks
like
the
experimental
upgrade
pre-check
command
is
approved.
We
want
to
make
sure
for
110.
We
are
highlighting
this
in
all
the
forums
and
documentation,
blogs,
release,
notes
we
have
and
then
the
last
thing
is
after
110
we
want
to
have
the
ux
working
group.
Look
at
the
various
htoc
till
commands
come
up
with
a
better
ux
with
a
consolidated
workflow.
J
G
So,
john,
just
just
to
be
clear
in
the
behavior
when
we
provide
the
the
warning
is
telling
users
that
the
change
that
the
they
are
going
to
be
affected
by
a
change
in
default
behavior
and
that
they
should
correct
right.
That
is
what
we're
doing.
It
is
not
that
we're
trying
to
do
anything
more
refined
than
that.
K
Yeah,
so
it
will
detect
where
this
behavior
will
change
and
then
they
can
go
to
that
link
for
the
details
and
get
you
know
explanation
of
what's
going
on.
Okay,
all
right.
A
A
K
Yeah
yeah
the
error.
I
changed
the
air
a
bit.
I
don't
know
if
it
fully
does
that,
because
it
was
already
getting
kind
of
long,
but
it
gives
you,
I
think,
a
summary
and
then
the
intent,
or
at
least
my
expectation
is
that
they
would
then
go
to
the
ist
code,
which
I
don't
think
you
can
see
down
here
at
the
bottom.
K
I
E
D
G
J
Yeah
I
want
to
make
one
comment
before
we
move,
I
mean
I
certainly
agree.
We
should
look
into
the
links.
I
almost
feel
the
warning
is
a
little
bit
too
weak.
I
think
it's
like
an
action.
J
They
actually
have
to
do
something
correct
me
if
I'm
wrong
john,
if
they
take
the
walling
and
not
do
anything,
their
application
will
be
broken.
K
Well,
it
may
be
broken,
maybe
they
just
expose
the
port
on
their
service
and
they
don't
actually
care
and
no
one
actually
calls
it.
Okay,
so.
B
G
Yeah,
so
certainly
if
the
plot,
the
port
number
was
like
80
or
443
right,
there's
a
very,
very
high
probability,
it's
going
to
be
called,
but
I
think
users
can
make
that
assessment
right
as
long
as
the
documentation
tells
them
they
can
always
try
it
and
if
it
breaks,
then
you
know
they
were
warned,
but
they
prefer
not.
They
should
go,
read
the
documentation.
I
think.
J
Yeah,
we're
just
thinking
change
that
one
into
action,
because
we
really
need
them
to
assess
this
and
do
something
to
evaluate
whether
their
app
going
to
be
broken
or
not.
B
Here
is
my
suggestion,
lynn,
so
john,
why
don't
you
link
the
pr
here
and
lynn
and
anyone
else
in
the
toc?
Otherwise
we
can
go
and
comment
on
it
and
see
if
the
error
messages
or
the
warning
is
suitable.
I
think
that
can
be
done
on
the
pr
side
instead
of
deciding
here
how
about
that?
Yes,
yeah
all
right.
D
Well,
I,
since
we're
on
the
topic,
I'd
like
to
raise
the
issue
of
this
alpha
analyzer
and
ask
for
some
kind
of
gridlock
breakage.
This
is
something
that
we
added
to
one
nine
and
because
of
it,
the
verbosity
in
analyze,
we
decided
to
roll
it
back.
So
we
didn't
want
these
analysis
messages
going
out.
The
analyze
command
is
not
experimental,
and
so
there
was
some
concern
that
we're
we're
telling
users
we're
a
little
bit
more
noisy
than
we
should
be
there.
D
The
decision,
then,
was
to
add
it
to
110
disabled
by
default,
which
we've
done
well.
We
did,
and
now
it
sounds
like
it's
been
pulled
back
from
110
as
well,
who
should
be
deciding
how
we
move
forward
on
this
feature
and
how
do
we
ensure,
because
we're
kind
of
stuck
on
it
at
this
point.
M
D
I
totally
agree
with
you
ed
it's.
I
think
I
don't
think
it's
a
question
about
that,
because
I
think
we
have
agreement
there
that
we
shouldn't
be.
You
know,
warning
users
about
things
that
are
set
by
default.
The
question
is
more:
how
to
move
forward.
Do
we
enable
the
command,
knowing
that
we're
using
some
alpha
features
by
default?
Or
do
we
wait
to
build
this
command
until
we
are
comfortable
that
we're
not
using
any
alpha
features
by.
G
An
option
to
have
the
roll-up
the
instance
the
separate
levels
of
detail
right
so
right
if
you're,
using
an
alpha,
annotation
or
an
alpha
label
or
some
other
funky
edge
legacy
stuff.
The
default
behavior,
if
we
think
it's
noisy,
is
that
we
tell
you,
you
have
three
of
these
things
and
then
run
with
this
flag.
D
I
don't
think
it's
noisy
and
the
the
concern
around
noise
is
about
how
many
alerts
you're
going
to
get
as
much
as
that
you're
going
to
get
alerts
on
things
that
we
set
for
you
by
default.
You're,
going
to
be
warned
against
things
that
we've
done
rather
than
things
that
the
user
has
done
so.
B
I
I
think
the
path
forward,
then,
is
reasonably
straightforward
here,
right
for
things
that
we
have
to
do
to
make
istio
functional,
we
have
to
allow
them
or
whitelist
them
like
ed,
was
saying
until
we
don't
no
longer
depend
on
them,
and
even
after
that,
if
we
find
that
the
verbosity
of
the
output
is
high,
we
can
do
some
level
of
collapsing
and
then
expanding.
We
are
more
detailed,
cli
arts
right.
D
D
B
A
All
right,
I
I
don't
think
we
should
mark
something
data
just
because
we
use
it.
I
don't
think
that's
the
right
way,
yeah.
I
think
the
right
path
is
but
like,
let's
allow
list
the
things
that
we're
using
and
that
actually
is
a
nice
checklist
for
us
of
things.
We
need
to
resolve
right
in
the
future.
Absolutely
all
the
stuff
that
we're
we're
sort
of
cheating.
D
L
J
B
All
right,
this
is
good,
any
other
topics
we
have
for
discussion
today.
A
Oh
sure,
oh
sorry,
I
think,
john
well.
I
guess
that
everyone,
so
should
we
make
it
an
error
instead
of
a
warning.
So
john
john
in
the
chat
said
that
basically,
the
actual.
M
A
Warning
here
is
the
pod
is
listening
on
that
port
and
there's
a
service
pointing
at
it,
which
means
like.
I
thought
it
was
just
there's
a
pod
listening
and
you
know
it's
listening
on
localhost,
but
so
what?
If
there's
no
service,
but
this
is
actually
the
ones
where
there
is
a
service.
So
that's
not.
J
B
I
I
would
say
john,
when
you
start
writing,
release,
notes
and
stuff
like
that,
for
this
feel
free
to
include
us
to
get
early
feedback.
If
you
know
this
is
a
breaking
change
already,
we
want
to
make
sure
it's
front
and
center.
K
Yep
I
plan
to
make
a
lot
of
noise
about
this.
I
do
have
a
pr
for
a
blog
already
and
then
we'll
probably
link
to
it
or
copy
it
in
the
release,
notes
or
some
something
like
that.
So
it's
in.
K
L
K
We
technically
don't
have
it
as
cve.
I
was
thinking
as
a
way
to
give
more
visibility.
It
might
be
useful
to
do
a.
What
do
we
call
a
security
advisory.
L
K
B
C
A
C
I
would
like
josh
to
be
here.
It
was
discussed
in
the
pswg
group,
so
I'm
still
not
here
how
to
bring
these
things
up.
So
I
would
like
to
wait.
I
think
we.
K
C
B
B
B
Yeah,
let's
see
anything
else,
folks,
if
not
we'll
meet
on
the
monday
and
we'll
have
a
whole
week
without
seeing
each
other.
So
that's
good!
I
guess.