►
From YouTube: Technical Oversight Committee 2021/07/12
Description
Istio's Technical Oversight Committee for July 12th, 2021.
Topics:
- Welcome John and Brian as new TOC members
- Istio 1.11 Feature Freeze
- Compatibility Flags
A
About
it
in
the
toc
being
two
weeks
ago,
but
the
actual
vote
didn't
close
until
the
next
the
day
after
that
poc
meeting.
So
but
congratulations
to
john
and
brian.
Thank
you.
D
C
F
A
Okay,
we'll
get
going
okay,
the
release
for
111
the
feature
freeze
is
tomorrow:
we
pushed
it
back
a
couple
of
days.
Is
everybody
still
comfortable
with
that,
or
is
there
something
burning
that
we're
trying
to
get
in
that
we
might
need
another
day
or
two,
so
just
to
clarify
today's
the
12th.
A
F
Yeah
we
do
so.
We
have
the
telemetry
api
implementation.
It's
roughly
halfway
done
right
now,
some
of
it's
already
merged
some
of
it's
not
yet
merged.
It
may
be
good
to
get.
I
don't
think
we
need
to
delay
the
freeze,
but
it
may
be
good
to
get
an
exception
to
kind
of
backward
that
in
once
it's
merged.
It
should
be
new
functionality
really,
so
it
shouldn't
be
too
risky,
hopefully,
or
if
it
is,
we
will
make
sure
to
de-risk
it,
and
the
other
thing
is
the
wasm
api.
H
Oh
yeah,
it
is,
it
is
pretty
close
to
merging,
but
but
it
still
hasn't
first
yet,
and
it
would
probably
there's
also
an
implementation
pr
which
is
kind
of
based
on
on
the
api.
Okay,.
A
G
So
we
have
testing
starting
from
tomorrow.
Do
you
think
there
will
be
any
impact
like
do?
We
need
to
retest
any
of
those
as
a
regression
or
it's
okay,.
H
D
So,
since
this
is
new-
and
this
is
gonna,
this
is
gonna
be
a
recommended
api.
For
you
know
people
going
forward
to
customize
telemetry.
D
I
I
think
we
don't
want
a
broken
experience,
even
if
it's
alpha
right.
So
my
question
here
is:
if
you're
rushing
the
implementation
like
what's
the
trade-off
here
since
it's
additive
and
the
api
pr,
I
think,
is
merged,
I
don't
remember,
is
it
okay
to
have
the
implementation
come
out
in
a
patch
release,
or,
though,
is
this
too
much?
A
I
J
A
And
the
wasm
api
is
kind
of
almost
sort
of
in
the
same
boat,
although
maybe
a
little
bit
less
far
along
because
there's
a
pr
but
there's
no
implementation.
Today.
D
H
E
D
D
D
D
I
H
So
that's:
okay!
How
about
how
about
this.
H
H
If
that
checks
out,
then
we
are
saying
that
it's
okay
to
have
an
exception.
If
it
doesn't
check
out,
then
we
should
do
something
asynchronously
or
with
toc
of
the
stock.
D
H
Okay
and
then
then,
I
think
that
the
second
thing
that
I
think
needed
you
raised
about
the
api
goes
in
and
yeah
it's
declared
kind
of
usable
in
the
past
release,
it
seems
seems
weird,
but
it
solves
this
problem,
so
I
like,
I
would
like
to
get
other
people's
thoughts
on
this
as
well
like.
What's
the
it
definitely
circumvents
some
rules,
but
does
it
also
circumvent
the
spirit
of
the
rules?
That's
the
question.
K
Yeah
is
there
any
reason
to
you
know
ship
with
this
particular
data,
very
important
feature
in
911
that
we
must
ship
or
is
just
we
got
three
years
ago.
We
started
to
release
every
x
months
and
we
kept
doing
it
without
you
know
realizing
why
we
are
why
we
are
doing
it.
I
mean
what,
if
we
just
delay
one
month
release
and
then
get
everything
in
a
good
shape,
and
will
the
user
benefit
from
having
another
upgrade
that
does
not
matter
it's
an
important
api.
That's.
D
I
think
that's
a
valid
question
question
I
was
going
to
raise
this
up
myself
in
general.
I
believe
having
some
predictability
in
the
release.
Cadence
is
good
for
the
community
in
the
phase
vr
right
just
so
that
people
don't
have
to
understand.
Okay,
is
this
really
this
push
like?
If
you
make
a
conscious
choice,
the
release
is
late
because
of
stuffing
or
some
critical
bugs
that's
a
different
asian.
If
you
fall
into
the
pattern
of
x,
number
of
features
need
to
go
in
and
as
long
as
they
don't
go
in
the
release
is
getting
pushed.
D
A
Well,
that's
a
separate
topic
yeah,
as
we
all
know,
kubernetes
moved
to
four
months
and
it
might
be
perfectly
reasonable
to
move
to
four
months,
which
would
give
us
one
more
month
of
development
time
and
one
last
release
qualification
effort
a
year.
J
Not
clear
that
that
matters,
it
does
envy's
support
policy.
If
we
were
to
move
to
a
four-month
release
cadence,
we
would
not
be
able
to
stay
within
a
supported
envoy
release
in
each
of
our
shipments,
and
we
explored
that
brian
avery
and
I
did
in
the
document
for
extended
support
releases.
I
think
it's
in
the
test
and
release
working
group
folder.
If
you
wanted
to
follow
up
on
it.
D
I
think
this
release
cadence
rabbit
hole
is
something
that
we
shouldn't
get
into
just
yet.
We
should
answer
these
questions
for
mandar
and
his
team
so
that
they
can
move
forward.
Costan,
I'm
not
trying
to
dismiss
what
you
raised.
We
can
come
back
once
this
is
done.
A
A
G
F
These
days,
it's
it's
pretty
rare,
like
we
find
you
know
very
localized
bugs
sometimes
they're
fairly
impactful,
but
they're
still
like
this
happens
on
egress
gateway
with
the
re-tries,
or
something
like
that,
like
very
localized,
just
because
their
test
coverage
is
better
to
answer
schweda's
question.
These
new
features
would
be
you
know
experimental,
so
we
either
have
no
docs
officially
or
they
would
be
probably
untested
initially.
F
A
A
Well,
we
can
make
the
decision
right
right.
So
that's
that's
the
other
thing
if
we're
happy
with
the
test
coverage,
if
it's
met
all
the
requirements
for
alpha
right,
so
the
concern
was
community
testing
finding
a
bug
caused
by
these
two
exceptions,
given
that
both
of
these
things
happen
in
the
processing
flow
of
the
control
plane,
they're
pretty
well
covered
by
the
automation.
At
this
point.
D
A
H
Yeah
the
api
dock
in
both
these
cases
is
actually
like
fairly
comprehensive.
Maybe
we
could
add
a
little
bit
towards
them,
so
so
the
the
api
log
itself
is
enough
for
people
to
get
started,
especially
those
that
are
interested.
So
so
I
think
I
think
that
we
can
definitely
like
having
a
proper
doc
separate
dog
just
from
the
api
doc.
I
don't
think,
is
a
requirement
to
get
some
mileage
out
of
this
okay.
A
I
think
we
can
somewhat
short
circuit.
This
conversation
lena
had
a
timeline
expectation
right.
We
have
another
toc
meeting
next
week.
Okay,
I
would
suggest
that
we
check
in
on
the
state
of
this
and
that
if
it
looks
like
it's
going
to
go
beyond
next
week,
then
maybe
we
don't
allow
it
right.
So
what
do
other
toc
members
think
about
a
week
to
get
the
feature
and
the
implementations
checked
in
with
their.
F
Tests
that
sounds
fine
to
me,
but
I
want
to
make
sure
who,
like
what
are
we
actually
blocked
on
on
the
telemetry
api?
I
think
it's
mostly
reviewing
of
the
pr
on
the
wasm.
I
think
it's
review
of
the
api,
so
that
would
be
the
toc
blocking
for
now
and
then
review
the
implementation
once
that's
through.
Is
that
accurate?
F
Yes,
that
exactly
okay?
I
just
want
to
make
sure
if
we,
you
know
have
such
a
tight
deadline
that
people
that
are
blocking.
It
are
aware
that
you
know
they
should
invest
some
time
in
this
this
week.
E
So
yeah,
I
think
that
that's
reasonable.
I
I
remember,
I
think
it
was
a
week
or
two
amanda,
you
hold
a
meeting
and
you
invite
us
to
we'll
give
you
the
final
feedback
on
the
tonometry
api.
So
if
you
need
such
a
thing
for
wasm
feel
free,
just
let
us
know
because
we
don't
want
to
block
you
also,
because
I
do
find
out
having
a
meeting
to
discuss
is
actually
really
helpful.
Then
just
you
know,
comment
on
the
pr
and
then
two
days
later,
you
know
we
forgot
to
follow
up.
H
A
H
C
E
Yeah
they
did
that
last
time
with
the
ternamentary
api,
so
I
think
doc
did
that
good
job.
A
Okay,
okay,
I'm
coming
back.
What
is
there
anything
else?
You
wanted
to
say
about
the
release
and
yeah.
G
That's
about
it.
We
do
have
a
release
manager
now
from
red
hat
as
well
as
google.
So
I
was
talking
to
john
and
brian,
so
I
think
the
red
hat
I
forgot,
the
name.
I
think
his
name
is
john
2
he's
starting
with
the
feature
freeze
today
and
one
from
google.
Maybe
we
can
start
taking
his
heart
from
112.
A
Sorry,
what
were
the
names?
I'm
gonna
capture
them.
G
A
Okay,
I
spelled
that
right
and
google.
G
A
A
Okay,
mandar,
you
wanted
to
talk
about
compatibility
flags.
H
H
So
the
the
request
was
that
when
we
break
compatibility
in
any
way-
and
here
we
have
like
a
couple
of
examples
of
when
we
did
break
compatibility-
we
provide
some
way
for
users
to
still
choose
to
use
the
compatible
behavior
and
the
request
was
that:
can
we
lend
in
it
so
right
now
it's
like
a
three
release
thing,
but
can
we
lend
it
to
four
or
five
to
give
those
people
more
time?
H
The
the
fact
that
the
request
came
means
that
the
three
release
thing
wasn't
enough
right
and-
and
both
these
were,
I
mean-
are
actually
like
good,
specific
examples
of
especially
the
use
legacy
selectors,
so
so
yeah.
So
the
request
was
that,
can
we
can
we
keep
the
compatible
behavior
longer
than
just
two
or
three
releases
or
three,
which
is
what
it's
today.
H
So
use
legacy,
selectors
change,
the
behavior
of
how
of
which,
when
sidecars
energy
injected
so
in
the
in
the
new
behavior.
Even
if
you
don't
have
the
name
space
marked
for
sidecar
injection,
but
you
have
a
workload
mark
for
sidecar
injection,
then
it
will
work
in
in
the
new
behavior,
whereas
in
the
old
one
you
had
to
have
the
name
space
selected.
D
H
Yeah,
right
and-
and
I
think
the
the
the
other
part
was
just
just
that
some
things
which
people
didn't
expect
would
be
injected
are
suddenly
injected
and
that
can
break
things
up
costing
your
hand.
K
I
mean
changing
it
to
opt-out
seems
perfectly
reasonable
and
it's
already
happened.
Removing
it.
I
completely
agree.
We
should
not
remove
any
more
options
or
anything
really
for
a
very
very
long
time.
K
I
mean
even
more
than
that
four
weeks
whatever
we
are
past
the
point
where,
where
we
can
just
remove
stuff
and
assume
that
everyone
will
upgrade
and
and
do
stuff,
I
mean
we
add
features,
we
need
to
accept
that
we
have
to
pay
the
price
and
you
know
be
more
careful
when
reviewing
your
riding
features
but
extends
the
period
because
it
will
hurt
a
lot
of
people
accidentally.
K
F
F
I
mean
it
was
over
three
releases,
but
it's
more
aggressive
than
say
the
original
destination
change
process
is
because
it's
like
the
only
way
it
could
be
impacted
is,
if
you
happen
to
put
a
label
that
does
nothing
on
a
pod
and
then
like
you,
have
to
also
put
in
a
namespace
that
has
a
weird
labeling
setup.
It's
like
this
incredibly
bespoke
configuration
that
it
could
impact
you.
So
while
I
do
agree
that
for
impactful
changes
like
the
inbound
cluster
one,
we
should
definitely
keep
it
around
longer.
F
D
F
We
shouldn't
focus
on
just
one
customer,
but
in
this
particular
case
it's
actually
not
that
they
want
to
stay
on
older
versions,
but
that
they
want
to
upgrade
new
versions
but
turn
off
certain
changes
in
that
version
so
that
they
can
more
quickly
upgrade
without
having
to
handle.
Everybody
can
change
at
once.
So
like
they'll,.
F
D
K
That
that
happens-
and
you
it's
very
hard
to
predict
and
people
will
be
nervous
about
upgrading
they'll,
stick
with
old
version
longer
than
necessary,
because
they're
scared
that
the
new
operator
breaks
them
and
then
so
on,
and
we
keep
the
cycle
of.
I
mean
until
we
have
a
clear
beta
apis
that
that
is
an
and
and
we
we
are
clear
that
only
better
icbps
are
supported
in
reality.
All
alpha
apis
are,
you
know,
used
by
people.
F
I
think
it's
case
by
case
is
part
of
the
issue.
I
mean
this
legacy
of
selector
one.
It
was
actually
a
moderate
amount
of
tech
debt
to
keep
around
for
some
of
the
other
ones.
F
It's
just
you
know
an
if
statement
in
the
code
and
it's
not
that
big
of
a
deal,
but
once
you
add
you
know
10
20
of
these
flags,
then
over
time
they
kind
of
start
to
accumulate
some
in
the
past,
we've
had
ones
that
are
extremely
high
cost,
but
we
don't
currently
have
any
of
those
active
now,
but
I
could
see,
for
example,
once
we
add
some
like
bts
or
I
don't
that's
the
only
example
I
can
think
of
in
the
future.
We'll
probably
have
some
of
these.
F
You
know
really
heavy
flags
that
may
be
pretty
costly
to
keep
over
time.
K
E
A
H
H
F
F
F
Hyper
focus
on
one
customer,
but
that
is
the
case
for
this
one.
So.
K
One
more
thing
I
want
to
add
here:
we
are
also
discussing
the
tags
and
and
introducing
a
new
new
mechanism
to
selection
and
and
other
things,
so
maybe
just
wait
until
we
have
the
replacement
in
place,
stable
and
move
to
better
and
and
clearly
you
know
we
used
before
we
delete
so
and
then
we
can
or
wholesale
delete
the
whole
selection.
If
you
want.
A
H
Afford
it,
okay,
so
so
so
one
actually
that
there
are
a
couple
of
things
right.
One
is
sort
of
this
policy
decision
forward.
Looking
of
what
should
the
guideline
be,
right
is
three
releases
enough
or
should
we
just
say
you
know
what
the
standard
is?
Five
releases
four
releases
and
if
we
need
to
make
it
sooner,
then
then
that's
an
exception
and
then
we
can
bring
it
to
the
toc
and
say
yes,
why
do
we
need
to
remove
this
code
earlier?
H
So
that's
that's
kind
of
the
first
question
and
then
a
more
localized
question
is
that
since
in
this
particular
case
the
code
has
been
removed
from
1
1
11
already,
do
we
do
any?
Do
we
do
something
or
like
it
is
what
it
is
so
yeah?
Those
are
the
two
specific
ones
that
we
should
answer.
A
A
H
So
as
long
as
this
is
communicated
with
all
the
different
customers
saying
that
when
you
upgrade
use
this
flag-
and
I
think
some
maybe
louie-
that's
your
point
at
some
point-
someone
needs
to
touch
those
clusters
and
the
question
is
whether
it's
easier
when
you
touch
those
to
just
turn
the
tool
and
find
out
whether
you're
affected
or
use
a
or
use
a
flag,
and-
and
I
think
that
the
use
of
flag
is
easier
because
it
it
doesn't
involve
a
decision.
H
You
can
just
have
instruction
that
says
hey
when
you
upgrade
use
this
flag
and
that's
it.
There
is
no
there's
no
decision
point,
whereas
you
run
the
tool
and
if
you
are
like,
if
you
are
affected,
then
you
go
fix
it
now
and
then
you,
then
you
come
back
after
you
fix
and
you
install
it
again.
So
I
think
that
I
mean
yeah,
that's
that's
what
I
suspected
it
would
be
that.
K
I
I
would
remind
her
that
that
you
know
people
running
manual,
easter
cattle,
to
install
whatever
is
not
something
that
works
everywhere,
because
there
are
managed.
You
know,
versions
where,
where
the
students
is
automatically
upgraded
and
and
users
main
stories
are
never
touched
again,
because
they
expect
someone
else
to
manage
it
for
them
and
this
kind
of
stuff.
K
I
mean
in
this
particular
case,
it's
not
a
problem,
because
because
it's
values-
and
it's
specific
to
to
to
this
new
cattle,
install
an
operator
that
installs
not
but
for
any
features
in
mesh,
config
and
anywhere,
where
you
know
it's
not
installer
only.
I
think
it's
super
dangerous
for
because
a
lot
of
people
do
not
actually
install
themselves
for-
or
there
are
many
teams
and
it's
very
complicated-
that
would
still
be
something
that
the
control
plane
operator
could
run.
Wouldn't
it
cost
him?
K
How
I
mean
it's
not
in
in
some
cases
you
don't
even
have
access
to
the
cluster
itself.
You
cannot
actually
run
tools
inside
the
cluster
or,
and
then
what
are
you
going
to
do?
You're
going
to
to
freeze
it
in
an
old
version
that
is
out
of
support.
K
D
I
have
one
question
for
john,
so
is
the
negative
case
here
also
impacted
so
in
the
old
method.
If
I
didn't
have
a
namespace
annotation,
then
all
the
parts
in
that
name
space
will
never
get
injected
right.
So
now,
how
do
I
achieve
that?
Is
that
possible,
because
any
part
which,
but.
D
D
A
H
H
That's
all
fine,
but
they
want
to
have
more
control
and
more
time
on
how
long
it
takes
them
to
deal
with
incompatible.
K
Can
I
mention
an
alternative
solution
to
this
problem,
which
we
briefly
discussed,
which
is
to
give
power
to
the
users?
Basically,
I
mean
like
we
do
with
gateways
and
other
things
where
we
let
them
control
the
web
hooks.
However,
this
is
it
we
already
kind
of
have
a
stable
protocol.
It's
pretty
clear
how
it
works,
and
you
know
there
are
some
samples
charts
we
can
provide,
and
then
they
can
control
label
injection
to
their.
You
know,
whatever
they
feel
necessary
for
their
cluster.
K
We
stay
out
of
the
business
of
configuring,
the
imitating
webhook
ourselves,
which
is
wonderful
for
many
other
reasons
I
mean
because
it's
you
know
removes,
I
mean
it
gives
them
a
lot
of
opportunities
with
a
little
cost
for
us.
K
A
K
A
H
For
most
users,
it
would
represent
additional
unwanted
burden
right,
like
the
the
way
it
is
today
actually
works
for
kind
of
many
most
users.
So
if
we
say
that
now
it's
your
responsibility
and
they
haven't
actually
considered
it
a
problem
to
begin
with,
I
I
think
I
think,
having
an
option
for
advanced
users.
That's.
K
No,
it
doesn't
solve
a
preference
for
serious
users
who
have
this
kind
of
concerns
because
hey
you
have
this
helm
chart
that
you
apply.
You
can
customize
if
you
need
it
and
it
deserves
all
behavior.
We
don't
have
to
to
to
put
it
part
of
the
main
code.
We
just
provided
hey
for
backward
compatibility,
user
job
just
apply
this
chart
and
you
have
the
behavior
that
we
had
in
the
past
or
apply
this
other
and
you
can
customize
to
have
label
foobar.
Do
the
same
thing.
K
E
D
D
You
shouldn't
make
exceptions
to
that
without
an
approval
from
toc
right.
So
that's
the
first
thing
second
thing
is,
in
my
opinion,
whether
we
should
extend
this
to
four
releases
or
five
releases
or
six
digits.
I
don't
have
enough
signals
to
say
four
is
the
right
magic
number
here,
but
I
do
think
on
a
case-by-case
basis.
We
should
be
able
to
extend
for
few
backward
compatibility
options
to
more
releases
or
say
you
know
what
the
cost
is
fairly
low,
magically
fairly
low
and
we're
gonna
not
remove
it
at
all.
D
But
I
don't
think
generically
in
my,
at
least
in
my
mind,
we
should
just
say
it's
four
or
five
until
we
have
more
information,
and
the
third
is
the
specific
issue
that
you
brought
up,
this
one
is
interesting.
I
don't
know
I'm
still
thinking
about
it.
I
don't
have
a
good
answer
yet
someone
let
others
talk
about
it.
H
Okay,
so
so
this,
so
we
can,
I
mean
it's,
it's
okay.
We
like
we
can
think
about
this
offline
asynchronously
on
on
the
dock.
But
now
everyone
knows
what
the
what
the
issue
is
there
is,
I
mean
like
one
or
two
weeks
is
fine.
There
is
no
actually
sorry
if
we
decide
that
we
need
to
bring
back
use
legacy.
Selectors,
yeah.
H
D
Yeah,
I'm
just
worried
about
the
running
state
and
john.
You
can
correct
me
so
basically,
I
have
no
name
space
annotation
and
currently
I
did
my
check
all
none
of
my
parts
in
the
name
space
I
don't
want
psycho
injected,
have
the
injection
labels,
but
then
in
future
somebody
adds
it
now
that
pod
will
get
the
sidecar
injected,
because
I
had
not
explicitly
disabled
it
on
the
namespace.
F
Yeah,
but
no
one
should
be
impacted
by
this
on
upgrade
because
it's
if
you
have
a
new
label
that
was
introduced
in
1.10
and
you
don't
have
the
label
explicitly
on
the
namespace,
then
you'll
be
injected
when
you
won
it
previously.
Yeah.
F
F
E
E
F
E
Okay,
yeah,
I
I
mean
I
don't
see
any
breakage
issues
honestly,
but
I
do
recall.
I've
spent
a
lot
of
time
learning
the
differences
and
the
impact
for
the
user
about
the
months
ago.
Now
I
can't
remember
most
of
it
I
so
it's
complicated
that
that's
the
key
takeaway
for
me.
It's
like
many
scenarios.
People
have
to
think
through
and
then
probably
perform
a
lot
of
testing
to
make
sure
you
know
their
existing
behavior
are
not
impacted.
E
K
And
lynn,
thank
you.
That's
I
completely
agree
with
you.
I
mean
the
statement
that
it's
complicated.
It's
absolutely
correct
in
this
kind
of
situation.
That's
that's
why
I
think
you
know
having
giving
users
a
chat
and
explaining
them
how
they
can
set
a
simple
label
that
they
control
and
they
don't
have
to
understand,
very
complicated
helm
chart.
You
know
templates,
maybe
better
for
some
users,
because
I
don't
think
anyone
I
mean
except
john.
Probably
nobody
fully
understand
all
the
combinations
and
options
and
interactions
that
exist.
H
F
It
was
just
a
change
to
the
mutating
web
hook,
but
I
don't
know
if
we
want
to
put
it
in.
1.11
like
it
should
be.
1.10
is
when
the
behavior
changed
right,
and
it
is
already
in
the
upgrade
notes
for
1.10.
D
F
F
I
We're
already
marking
it
as
a
warning
and
we
removed
it.
Should
we
convert
that
to
an
error.
K
K
F
F
D
Will
you
be
okay
if
we
create
a
tool
for
detecting
it?
If
you
know
if
this
change
will
impact
your
user
hanging.
H
I
think
that
yeah,
so
the
two
will
be
useful,
but
just
some
guidance
on
how
they
can
change
the
yaml
files
to
get
the
old
behavior
would
actually
be
just
as
or
or
kind
of
more
useful
here,
because
then
that,
then
that
moves
us
to.
I
think
what
costume
was
saying
earlier,
which
is
that,
okay,
if
you
need
something
different
or
more
okay
here,
you
can
use
this
other
part.
D
Okay,
oh,
I
think
louis
dropped
off
the
call,
so
we're
not
sharing
the
screen.
Can
someone
capture
that
this
station?
I
don't
have
the
document
open.
D
All
right,
someone
do
it.
Sorry,
I
haven't
I've
moved
on
to
my
tab,
so.