►
From YouTube: Istio User Experience meeting July 7 2020
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
Hello,
everyone
so
I
want
to
remind
everybody
that
you
have
only
this
week
and
next
to
do
all
of
our
implementation
for
everything
that
we
have
promised.
Please,
if
you
feel
that
things
are
running
late,
let
me
know
I
want.
Do
you
spend
a
lot
of
time
this
week
and
next
working
on
the
command
line
stuff
for
central
is
2d
and
improving
the
PR
that
is
being
done
for
environments
on
uninstall
and
an
upgrade
and
I'm
somewhat
blocked
on
those
items
expecting
stuff
to
be
done.
A
So
we
have
a
short
agenda
today.
I
wanted
to
briefly
talk
about
environment
variables
that
are
needed,
I,
think
and
motivated
by
a
user
request,
and
also
what
I
experience
working
on
the
central
is.
Tod
changes
we'll
hear
from
Clayton
about
analysis
guarantees,
that's
versioning
for
the
analyzer
and
then
I'm
going
to
show
you
and
give
a
demo
of
steel
eye
flags
for
sto
talking
via
Central
St
OD,
rather
than
for
the
debug
API.
A
The
environmental
variables
were
pointed
out
by
a
user
who
was
installing
his
Geo
in
a
non
default
namespace.
He
really
was
disappointed
always
having
to
set
the
namespace
with
cube
model.
Of
course,
there's
a
way
to
put
that
into
the
context
we
don't
have
it.
I
didn't
want
to
really
give
us
a
file.
Does
anyone
object
to
the
idea
of
having
environment
variables
such
as
these?
That
would
become
the
defaults
and
users
could
just
export
to
get
the
behavior
they
want.
A
Am
happy
to
add
a
file,
I
thought
it
would
be
easy,
just
a
few
lines
to
do
this.
If
we
added
a
file,
I
thought
to
be
much
discussion
about.
Where
should
the
file
go,
what
formats
the
file
be
in?
Do
you
think
there
should
be
able
to
we've
talked
before
about
sto
cuddle
config?
Is
it
time
for
that,
or
should
we
do
this?
As
a
delaying
tactic,
I
mean.
C
I
also
have
some
concern
about
just
just
the
precedence
of
of
the
different
namespaces
coming
from
different
places.
I
think,
potentially
this
could
be
convenient.
I
I
think
we
have
to
be
a
bit
careful
about
just
not
having
unexpected
behavior
for
users.
If,
if
there's
multiple
history
on
namespace
is
defined,.
A
B
A
D
Can
continue,
sharing
okay,
yeah
I'm,
not
gonna,
go
through
the
entire
document,
but
yeah
the
intent
here
is
basically
when
we
started
doing
analyzer
stuff,
or
at
least
when
I
was
was
started
getting
involved.
There
was
kind
of
a
spoken--
agreement
that
we're
gonna
support
like
one
version
back
and
then
we
wrote
down
some
other
stuff,
some
other
places
and
I
think
there's
one
place
in
the
website
where
we
just
generally
say
that
it's
backwards
compatible.
D
So
I
wanted
to
kind
of
just
shore
up
the
the
language
a
bit
and
make
some
harder
guarantees,
unlike
what
we're
actually
supporting
and
that
the
requirements
that
I
put
here
mostly
are
just
around
documentation
and
agreeing
on
stuff.
So
the
two
pieces
that
I
think
are
relevant
or
we
need
to
say
if
we're
running
on
the
CLI,
that
a
misty
Oh
cuddle
will
work
with
a
certain
version
of
Sto
and
then
also
the
CR.
So
everything
in
the
API
repo
I
would
like
to
say.
D
We
support
these
versions
of
CRS
one
so
that,
if
you're
running
like
against
a
cluster,
you
know
that,
like,
if
you're
doing
an
upgrade
or
something
you'll
be
able
to
talk
to
it
and
the
other
one,
because
there's
just
a
lot
of
of
cases
where
the
CLI
would
want
to
consume,
CRS
your
configuration
that
might
be
older
than
the
the
version
of
this
tio
that
it
was
compiled
with,
and
hopefully
this
will
unlock
I
mean
future
work,
because
there's
obviously
like
a
lot
of
tests
and
things
that
we
could
build
on
top
of
this,
but
also
some
more
guarantees
that
we
can
make
about
C,
sed
pipelines
and
how
to
use
analysis,
etc.
D
The
specific
proposals
is
that
the
command
line
should
work
with
at
least
one
minor
version
back,
which
I
think
is
pretty
non-controversial
like
you
want
to
support
the
upgrade
case.
You
don't
want
to
support
every
version
bag,
because
that's
just
ridiculous,
but
supporting
just
the
current
version
misses
out
on
a
lot
so
I
scroll
down
to
that.
What?
Yes,
please,
that
would
be
the
design
ideas
heading.
D
And
I'm
skipping
a
lot
because
I
assume
people
will
just
read
it
by
themselves.
It's
very
interesting
but
yeah.
The
other
part
is
a-
and
this
is
kind
of
like
my
hot
take-
is
that
if
you're
doing
analysis
on
the
CLI
I
want
to
propose
that
we
never
ever
drop
any
support
for
any
CRS
that,
if
you
see
a
CR
that
or
if
you
see
if
it
sees
the
C
yard,
that
it
doesn't
recognize
it
we'll
skip
it,
but
any
any
CR
that
we've
published,
that's
beta
or
more
will
will
they'll.
D
Remember
it
and
at
least
be
able
to
do
what
it
did
at
the
time
that
will
kind
of
add
cruft
to
analyzers,
and
hopefully
we
can
figure
out
a
way
to
do
it,
that
we
can
kind
of
hide
it
below
a
certain
line
and
say:
okay
like
this
is
just
for
future
compatibility
and
everything
new
needs
to
go
up
up
here,
or
somebody
might
have
a
really
good
idea
of
why
that
that
won't
work.
D
D
A
D
E
Yeah,
well,
that's
a
bigger
analysers.
It's
probably
not
that
people
are
gonna
hit
problems
before
they
run
an
analyzer
if
they're
using
the
mixer
and
they
remove
it.
I
mean,
for
simplicity's
sake,
I'll
be
tied
to
the
alpha
beta
G,
a
quality
stages.
That
seems
simplest.
So
if
it's
alpha
there's
very
little
guarantees
best-effort.
If
it's
beta
or
has
been
beta
at
some
point,
then
we
keep
it
around
longer.
So
if
you
e
I
kind
of
wish
the
process
for
removing
the
beta
API.
B
E
A
For
me,
the
problem
has
been
the
removal
of
the
alpha
api's
and
me
not
realizing
it's
something
like
authorization,
I
get
confused
as
to
what
the
old
and
what
the
new
one
was
versioned.
As
so
I'll
see
some
authorizations
there
and
I'll.
You
have
some
old
cluster
and
I'll
forget
to
make
sure
that
they're
the
correct
ones.
A
D
E
Would
still
be
aware
of
them,
so
that's
maybe
a
different.
That's
a
change
from
what
we
have
today.
So
we
would
always
remember,
that's
something
existed,
we
don't
know
and
what
would
replace
it
potentially
again,
which
maybe
is
not
great.
If
somebody's
a
really
old
version
there
is,
depending
on
Alf
API,
but
at
least
they
know.
Okay,
the
remedy
is
not
to
do
some
config
change.
It
just
use
a
different
config
yeah.
D
E
Maybe
that's
an
artifact
of
his
history
or
everything
was
an
F
API,
so
yeah
we
were.
People
were
using
alpha
api's
in
production,
which
seems
like
the
wrong
practice
to
encourage
anyway.
So
we
can
get
to
the
use
beta,
they're,
stronger
guarantees,
alpha,
there's
less
guarantees,
it's
maybe
in
the
end
better
for
everybody
yeah.
That.
D
Makes
sense
and
if
there's
I,
don't
I,
don't
want
to
tie
this
proposal
to
like
discussing
alpha
beta
G,
a
semantics
on
the
API,
because
I
feel
like
that's
way
more
contagious,
I'm,
okay,
taking
a
will
keep
beta
around
for
like
I,
don't
know
a
couple
years
and
GA
around
till
version
bumps
and
be
okay
with
it,
and
we
can.
We
can
fight
more
later
if
we
need
to
no.
E
D
E
D
D
I
mean
I
I
didn't
actually
find
a
strict
here's,
the
guidelines
for
API
and
what
alpha
and
beta
means
for
API
is
versus
features,
so
I'm,
not
sure
yeah,
I'm
not
really
sure
we
should
like
they
were
probably
at
least
a
hopefully
short
conversation
with
the
TOC
saying.
This
is
understanding
we're
moving
forward
with.
If
that
lately
wrong,
please
let
us
know.
E
G
D
A
We
don't
have
an
analyzer
that
doesn't
built
an
upgrade
or
anything
like
that
and
I'm
I'm,
not
convinced
that
we
need
to
keep
analyzing
deprecated
ap
is
there's
little
value
in
saying.
Well,
this
doesn't
work,
but
even
it
wouldn't
have
worked
even
two
years
ago.
I
think
the
big
thing,
though,
is
being
able
to
report
I've
you've
got
some
old
CRS
on
your
cluster.
Don't
expect
them
to
work.
It's
a
it's
helpful
to
to
know
that
I
have
sometimes
deleted
sto
and
had
some
old
stuff
lying
around
and
thought
it
was
supposed
to
work.
A
So
we
definitely
want
to
extend
the
deprecation
analyzer
to
have
a
removal
analyzer.
It
just
says
these
remove
types
exist
for
sure
going
back.
One
version
is
something
that
we
do
sort
of
already.
We
don't
remove
the
code,
one
version
back,
I
think
that's
what
Clinton
proposal
is
it's
just
to
keep
analyzing
things
that
are
old
and
I.
Think
we
you
we
need
to
do
one
extra
thing
that
he's
saying
here,
which
is:
if
field
was
deprecated.
Let's
say
it:
field
was
Deborah
core
unemployment
it
in
one
seven,
it's
implemented
one
eight.
B
A
The
user
wants
to
know
if
the
control
plane
is
gonna
interpret.
Is
this
things
and
if
the
control,
and
because
is
to
cuddle,
works
with
a
back
level
control
plane
the
animals?
This
should
not
promise
that
the
current
control
plan
version
analysis
is
the
same
as
what
will
be
supported
by
the
control
plane.
G
Right
because
you
could
have
I
guess
you
could
have
one
point
point
you
may
be
one
six
or
one
seven
control
plane
and
then
was
with
support
can't
canary
and
control
plane.
You
could
potentially
point
to
one
701
eight
really
soon.
You
would
get
different
results
right
based
on
that
fact,
I
think
for
me,
the
analyzer
I
think
we've
done
really
good
job
with
lonely,
simple
phony
messages,
maybe
wasn't
straightforward.
G
For
instance,
I
got
a
panic
attack
myself
recently
with
opera
theater,
so
somebody
sent
me
a
message
that
my
future
dot
filter
field
was
deprecated
and
I
didn't
interpret
that
particular
field
really
well.
I
had
thought
like
the
young
with
you
to
was
deprecated
and
I.
Think
what's
also
interesting.
Is
we
don't
tell
people
you
know
when
this
is
deprecated
and
what
am
I
supposed
to
do
so
that
takes
time
to
research
away.
G
In
my
case,
I
had
you
ask
on
our
Channel
and
it
takes
multiple
back
and
forth
with
manual
humor,
helped
me
and
responded
and
figure
out
what
to
do
so,
I
think
and
not
only
reporting
like
the
deprecated
field,
but
also
kind
of
a
hint
to
people.
You
know
this
is
what
they
need
to
do.
There
will
be
tremendous
helpful
too,
and
that
goes
back
to
what
ad
was
saying
like.
If
these
resources
are
totally
you
know
old
and
not
going
to
be
useful,
you
know
we
either
have
to
use
it,
they
leave
them.
D
A
Everything
you
say
is
right
Len,
and
we
should
put
more
work
into
our
messages,
especially
advice
about
what
to
do
in
the
case
of
things
and
distinguishing
between
fields
that
are
unemployment,
'add,
because
they're
coming
in
the
future,
and
feels
that
our
unemployment
it
because
they've
been
removed.
I
would
ask
you,
as
a
TOC
member,
when
you
are
reviewing
any
PRS
to
remove
api's
or
even
see
that
one
is
being
out
there
to
flag
it,
demanding
that
the
person
have
a
related
PR
for
the
analyzer
to
indicate
that
a
field
is
about
to
be
deprecated.
A
G
A
So
we
don't
what
we
we
have
generators
that
the
analyzer
uses
for
things
like
what
are
the
valid
annotations,
so
the
analyzer
doesn't
when
people
add
a
new
annotation,
no
code
has
to
be
changed
in
the
analyzer,
but
we
don't
have
any
code
to
sort
of
say
what
are
the
deprecated
fields.
It
might
be
valid
like
when
removing
an
analyzer
to
have
a
generator
sort
of
or
something
something
to
make
a
list
of
what
has
been
removed.
F
A
F
G
So
the
good
news
is
once
it's
been
marked
as
deprecated
there's
at
least
one
more
release
where
it
would
be
continued
to
be
supported
and
where,
once
it's
marked
as
deprecated,
that's
the
time
we
want
to
have
analyzed
kind
of
will
report
your
user
hey.
You
really
need
to
update
this
so
that
when
you
upgrade
to
the
newer
SD
on
the
next
sto,
your
API,
you
deprecated
API,
can
continue
work
by
moving
to
the
new
API.
A
We,
yes,
we
need
that
and
we
need
users
to
stop
putting
hide
from
Docs
and
to
deprecated
particular
fields
without
also
putting
some
kind
of
notes,
and
for
why
it
was
hidden.
Several
times
I've
asked
after
Niraj,
this
field
has
been
hidden,
so
I
marked
as
deprecated.
He
said:
no,
it
was
hidden
because
we
didn't
get
the
implementation
done,
implementation
does
get
done
and
then
I
forget
to
on
market
is
deprecated.
E
So
this
is
one
we
probably
need
better
process
for
how
we
manage
API
cycle
in
terms
of
what's
hidden
from
Docs
and
what's
mark
deprecated
in
way
a
second
one
would
be
what's
the
policy
for
different
analyzers,
which
we
we
kind
of,
have
an
implicit
policy,
I
think
part
of
proposals.
We
want
to
put
it
by
that
in
some
way
and
I
think
that's
the
part
we're
having
some
TSE
feedback,
not
on
the
implementation,
but
just.
E
What
what
we
would
implement
so
yeah
supporting
beta
ap
is
for
a
number
of
minor
versions,
similar
thing
for
GA,
none
for
alpha
and
actually
does
not
making
sure
that's
visible
and
that
everybody
knows
about
it
and
then
the
third
part
is
Seussical
for
analyzers
how
they're
implemented
where
the
code
lives.
I.
E
Don't
know
what
maybe
make
me
well,
the
latter,
how
we
manage
an
implement,
the
analyzers
I
think
depends
on
what
policy
we
want
to
implement.
So
we
want
to
get
that
sorted
out.
First,
the
process
for
API
is
in
general,
that's
most
separate
a
separate
thing
that
we
should
probably
take
a
look
at
these.
G
A
Also
had
people
reporting,
cute
cuddle
explained
and
as
fields
that
appear
in
cute
cuddle
explained,
but
do
you
have
no
expectation
due
to
them
being
hidden
and
I?
Think
there's
a
PR
saying
in
the
future
or
that
maybe
there's
this
an
issue
in
the
future.
When
you
generate
the
CRD
description
documentation,
that
should
say
this
field
is
hidden
rather
than
just
leaving
a
blank
like
I'm.
You
know
this.
A
D
D
E
D
I
think
we
can't
get
away
from
the
API
discussion
and
I
think
we
might
be
able
to
do
something
like
have
some
tooling
in
the
API
repo
to
like
lint
and
generate
the
list
of
stuff
and
then
consume
that
in
the
analyzer,
and
that
will
both
be
a
description
and
an
enforcer
of
what.
What
the
guidelines
are.
I
need
to
work
through,
whether
that's
actually
implementable
or
not.
E
Do
you,
if
that's
a
significant
amount,
a
non-trivial
amount
of
work?
It
might
be
useful
just
to
have
a
quick
like
a
one-page
RFC,
and
maybe
this
is
it's
a
modification
of
what
you
have
and
just
run
it
by
the
TOC,
see
here's
here's
the
policy
that
we
want
to
have,
and
this
outlook
reasonable
and
if
they's
it's
yes,
then
you
know
it's
worth
spending
more
time
on
figuring
out
how
we'd
actually
do
it
sure.
D
A
A
Going
to
be
able
to
talk
if
you're,
just
debugging,
you
can
just
start
a
connection
directly
to
a
deep,
but
of
course
this
will
not
be
available.
Are
it's
unclear
if
this
is
gonna
be
available?
This
is
an
in
cluster
thing
and
it's
unsecured
and
there's
work
items
to
get
rid
of
that
the
security
or
showing
also
within
the
cluster.
You
can
talk
to
these
cure
channel
G
RPC
with
certificates
and
that's
gonna,
be
the
way
that
it's
good
will
be.
The
default
for
users
who
have
self
host
is
tio
they're
running
it
themselves.
A
If
you
are
running
central
as
to
the,
if
you're
like
an
implementer,
you
could
have
a
debug
connection
directly,
it
is
2d,
but
typically
you
will
have
a
secure
connection
to
it.
It
will
come
in
through
the
ingress
gateway
and
talk
to
it.
Maybe
just
not
even
have
humanities
involved.
Those
are
the
four
ways
and
I
have
documented
here.
Just
the
current
rat's
nest
of
how
I'm
giving
certificates
there
are
work,
there's
a
work
item
to
get
them
in
a
better
way.
A
A
A
If
you
are
running
sto
on
your
own
control
plane,
and
you
want
to
do
it
the
secure
way
because
the
1510
has
been
disabled,
you
have
to
give
it
the
certificates
that
you
downloaded
the
floor
and
I
think
there's
been
some
talk
of.
You
know
whether
is
to
a
credible
automatically
done.
Will
you
know
if
you.
A
G
Yes,
a
question
when
I
specify
the
XDS
phone
number
is
that
code
number
to
think
about
if
I'm
not
exposing
that
one
five
zero
ten
on
my
ice
DoD
so.
A
Currently
is
to
de
by
default,
listens
on
two
endpoints
1512,
with
security
1510
without
security,
so
the
fact
that
it
offers
both
of
them
made
me
want
to
offer
both
of
them.
The
my
expectation
is
that
people
won't
be
using
1510,
because
Houston
keeps
telling
me
it's
going
to
be
shut
down,
and
if
we
go
to
the
issue
here
so
this
is
this
is
my
issue
for
it,
something
that's
going
to
happen
to
make
sto
color
get
these
certificates,
because
using
the
make
file
is
ridiculous,
but
the
security
group.
A
It
has
been
tracking
this
through
this
item,
which
is
a
p1
that
there
should
be
certificate
of
clear.
Is
it
authentication
between
the
pilot,
agent
and
pilot?
So
if
they
can
do
this,
p1,
then
they'll
be
able
to
shut
down
1510.
They
also
have
this
other
one
that
got
closed
prematurely,
how
sto
issues
the
certificates
they
won't
pluster
or
maybe
then
this
has
been
consumed
by
something
else.
I
was
hoping.
Someone
from
security
would
join.
Tell
me
about
the
status
of
those
but
I'm
putting
it
through
this.
A
C
A
Whether
it's
configurable
on
pilot
is
Tod
I,
don't
know,
but
the
client
uses
this
number
as
a
hint
not
to
use
security.
So
there
may
be
some
additional
trickery
that
needs
to
be
done.
It's
possible
that
we
can
do
it,
but
in
the
centralist
duty
case
this
1510
will
not
be
involved.
So
what
you've
been
seeing
is
self
hosted
as
to
need
for
central
as
Tod.
A
You
will
be
supplying
2
parameters,
the
XDS
address
and
in
the
certificate
directory
or
if
you're,
not
using
security,
which
you'd
only
use.
If
you're
testing
yourself
on
your
laptop
on
localhost,
you
would
specify
that-
and
maybe
this
sand
name
which
make
sure
that
this
purity
at
least
there's
no
man
in
the
middle.
In
addition
to
those
options,
there
I
added
an
unsecure
option,
similar
to
curl
a
timeout
and
a
label
selector,
because
Costin
asked
for
the
label
selector,
but
those
should
almost
never
be
used
unless
you
have
a
very
strange
situation.
A
A
I've
got
is
to
cuddle
X
version,
it's
exactly
the
same
as
s2
coercion,
but
it's
an
experimental.
This
is
under
the
covers
a
different
technique
to
get
the
version
number
key,
so
I
press
Enter.
It
becomes
like
much
quicker
than
usual.
It
tells
me
the
client
control
plan
and
data
plane
version,
and
some
stuff
happened
on
the
server
log
lines,
so
that
is
sort
of
testing
locally.
A
If
you're
using
security,
you
can
either
use
this
insecure
option
or
you
can
tell
it
the
expected
endpoints,
you
wouldn't
need
the
insecure
option
or
the
expected
end
point
if
you
were
talking
to
a
real
cloud
provider.
So
if
you
were
talking
to
a
real
cloud
provider,
you'd
still
give
it
the
certificates
that
you'd
give
it
some
kind
of
name
like
sto
that
my
cloud
comm
and
it
could
be
a
random
ports.
A
Once
is
a
four
five,
something
like
that.
First,
there
is
no
such
port.
Here,
that's
not
going
to
happen,
you
know,
but
until
the
time
on
and
give
up,
but
that's
that's
the
basic
way
it
works
at
the
end
essential
case,
if
it's
self
hosted
to
go
without
security,
this
XD
s
port,
this
XD
s
port,
talked
to
what
I'm
running
in
my
actual
cluster.
So
you
see
different
burdens
than
what
you
saw
when
I
was
running
locally
pilot,
and
this
just
says
to
use
the
insecure
port.
It
I
did
a
single
port
forward.
A
H
A
H
A
I
I
A
H
Are
some
octave
debates
about
that
particular
protocol
feed
invoice?
So
it
has
to
do
I
use
one
is
to
do
a
dump
of
the
config
and
that's
not
entirely
clear
and
the
other
one.
Is
this
page
that
proxies
that
was?
My
suggestion
was
to
break
it
into
different
pcs,
one
matchings,
the
config
dump
in
one
matching
the
status
and
just
write
a
simple
generator
with
a
simple
protocol.
So
you
can
get
down.
Get
unblocked,
basically
sounds.
I
H
Well,
the
whole
the
whole
XD
is
stopover.
Xds
is
experimental
and
alpha
at
this
moment.
Clearly
they
have
API
again
I.
Think
it's
unacceptable.
It's
a
current
form,
so
I
doubt
it
will
fly
I.
Don't
think
this
really
needs
to
be
a
stable
API
before
it's
time.
So
it's
basically,
we
can
iterate
on
say
API
few
times
and
see
how
it
works.
So.
I
H
H
G
I
A
Long-Term
I
certainly
agree
and
Mitch
I
really
appreciate
you
holding
us
to
being
disciplined
about
doing
this,
because
we
should
not
always
replace
the
one
debug
API
with
another
one
rather
than
going
to
where
we
want
I
do
want
to
mention
that
feature.
Freeze
is
next
Friday
and
I
would
be
very
sad.
There
was
no
way
to
tell
if
the
proxies
were
stale
and.
H
And
also
again
in
way,
apparently
rushed
with
with
an
API
is
that
has
scalability
program
now?
How
much
has
to
do
performance
test
to
verify
that
it's
at
least
viable,
and
even
if
it's
viable,
is
still
a
better
yeah,
because
it
it's
you
know,
kind
of
unnecessarily
expensive
I,
think
it's
very
good
idea
to
iterate
and
you
can
have
a
prototype,
see
how
it
works
and
improve
not
necessary.
Try
to
to
in
two
weeks
to
get
some
things
that
just
to
have
it.
That's
an
API.
So.
E
H
H
E
What's
done
is
done
so
that
the
insecure
endpoints
there
and
we
can
do
things
to
protect
it.
I
guess
my
concern
is,
you
can
say
something
as
a
prototype,
but
if
it's
the
only
way
to
use
a
feature,
that's
that's
in
beta
people
start
depending
on
it
and
then
we
get
it.
Then
it's
difficult
to
support,
because
we
want
to
deprecated
things
and
we
have
to
do
extra
work,
basically,
given
a
false
promise
to
users.
I.
H
So
he
just
just
gave
me
an
idea
what
how
about
use
a
slate
debug
format,
so,
whatever
you
right
now,
we
are
using
slightly
bugs
like
something
status.
Your
I
don't
remember
the
exact
endpoint
which
outputs
a
JSON.
How
about
we
use
over
XDS
exactly
the
same
a
logo.
So
it's
easy
to
parse.
There
is
minimal
change
in
your
code
because
you
already
have
code
that
is
parsing.
H
The
output
of
slash
debug,
slash
whatever
so
many
difference
will
be,
instead
of
getting
it
from
slash,
debug,
slash,
whatever
port
you'll,
get
it
over
XD
SS
resource
type,
because
in
reality
and
XDS
type
you
are
ready
active
all
into
the
URL,
except
that
it's
over
XD
as
it
doesn't
even
have
to
be
proton.
You
can
just
put
a
JSON
there.
I
H
I
I
H
A
I
You're,
stale
or
not
I
think
that
would
be
viable
for
now
I'd
like
to
get
to
where
we
can
include
that
I
know
ed.
You
proposed
a
compromise
where,
if
there's
no
node
filter
or
node
match
or
supplied,
then
we
don't
supply
any
config
dumps
and
then
config
dumps
are
supplied
only
when
node
matters
are
explicitly
set,
I
think
that's
a
viable
compromise
and
I
can
work
with
the
Envoy
team
to
better
understand
their
intention
around
that
for
the
1a
or
one
nine
timeframe,
but.
H
A
H
H
Can't
do
that
it's,
but
you
can
try
it
as
well.
It's
it's
you
it's
a
handler
that
is
generating
the
output.
We
need
to
write
another
method
that
it's
incrementing,
the
generator
interface
of
genetics,
Douglas
amount,
but
it's
it's.
It's
quite
easy.
All
right
I
can
write
you
a
few
lines
of
code.
Then
you
can.
You
can
take
it
over
all.
A
Right
I
will
try
that
I
want
to
experiment
with
it
and
learn
it
whether
or
not
my
stuff
gets
used
or
not.
Okay,
you
remain
a
couple
minutes.
I
wanted
to
discuss
a
few
enhance
them.
Is
this
one
I
mentioned
briefly
at
the
beginning
to
call
not
everyone
was
here
its
idea
of
defaulting
these
values,
so
these
are
doesn't
have
to
type
it
every
time
so
that
the
user
in
different
environments
has
the
short
different
people
with
like
variables.
For
this
they
wanted
a
config
file.
A
So
I'm
gonna
take
a
look
at
the
stuff
that
is
built
into
Cobra
this
afternoon
and
see,
if
it's
possible
to
do
that
in
the
next
few
days.
Otherwise,
we'll
push
that
off
to
1/8
the
other
thing
that
I
wanted
to
ask
everyone's
opinion
on,
so
the
certificates
that
I've
been
doing
this
with
my
tests,
all
experiment
two
days
and
I
got
really
frustrated
with
something
that
I
thought
was
supposed
to
work
and
it
didn't
work
because
my
certificate
said
it's
part.
Is
it
reasonable
for
the
client
to
mean
is
to
cuddle,
be
the
client?
H
H
A
H
B
A
H
E
A
Let's
capture
them
now,
so
the
first
is
that
we
have
no
good
way
for
users
to
make
certs.
You
don't
know.
If
this
you
will
need
certs
in
the
case
of
holistic
disco,
if,
if
Gio,
if
central
is
2d,
if
your
cloud
provider
is
doing
it,
they're
gonna
require
certs,
but
don't
give
it
to
in
some
way.
That
may
not
be
related
to
what's
happened
here,
possibly
so
I'm
gonna
ignore
that
for
now
so.
E
I
B
I
H
So
these
concerns
networking
working
group
as
well.
This
concerns
that
you
see
it's
a
new
API
is
that
that
needs
to
be
adopted
and
again
I.
Don't
think
we
have
a
performance
working
group
anymore,
but
you
will
have
some
some
data
on
how
much
it
costs,
but
in
terms
of
API
design.
I
think
that
you
see
is
the
one
ultimately
approving
APs,
okay,
if
the
TOC.
So
it's
okay,
because
it's
not
my
decision
anyway,
I
mean
it's
it's
it's
that
you
are
see.
I
H
H
I
I
E
Not
specifically
about
the
API,
but
just
trying
to
understand
what
how
everything
supposed
to
fit
together
I
understand,
there's
performance
implications
of
having
one
API
it.
If
we
can
split
things
up
so
there's
stepping
41.7
and
then
beyond
ever
regret.
Are
we
talking
about
a
grain
for
the
tea
beyond,
like
1.8
plus
what
things
might
look
like.
E
I
H
Think
using
the
existing
format
of
the
park
is
not
quite
a
new
API,
it's
exactly
the
same
API
we
have
today
over
a
different
transport.
In
networking
we
had
a
similar
discussion
about
exposing
MCP
over
XDS
and
now
we
it
was
approved
and
it
was
not
treated
as
a
new
API,
because
MCP
was
already
there
so
I
think
grandfathering.
Api
is
that
already
exists?
It's
perfectly
reasonable
and
we'll
have
far
less.
E
Yes,
I
guess:
if
central
STD
is
alpha
and
1.7,
then
I
have
a
lot
less
concern.
If
we
have
a
prototype
command
in
is
to
cuddle.
My
concerns
would
be
I
have
more
concerns.
If
we
were
saying
this
is
a
bailable
feature,
people
are
gonna,
take
a
they're
gonna
put
in
production
and
we
have
no
tooling
or
we
have
tooling.
That's
that's
a
prototype
or
they'll
find
an
API
that
hasn't
been
sufficiently
reviewed.
I
think.
I
E
H
H
E
E
Yes,
right
we
can
say
yes,
it's
it's
not
great
get
reason
in
secret.
We
can
try
to
fix
it.
There's
some
mitigations
without
an
API
change,
but
is
I,
haven't
heard
an
answer
to
the
question
about
what
maybe
that's
what
we
need
if
I
figure
out
what
how
will
be
launching
Central's
duty?
Is
that
something
that
we're
going
to
say
we're
gonna,
fully
support,
or
it's
that
is
experimental
or
alpha
as
well.
H
H
A
H
G
So
I
definitely
would
prefer
at
least
alpha
right,
so
I
think
it
comes
down
to
you
know
how
do
you,
whatever
scenarios
you
are
going
after
for
central,
is
sturdy
support
instance
we're
going
to
promote
him,
multi
cluster
as
beta
I,
think
that's
on
the
plans
for
environment
group
for
wonderful
and
some
of
the
central
issue.
The
work
was
kind
of
related
to
the
multi-class,
the
work
that
we
already
done
and
we're
adding
automation,
test
cases
for
mode
motor
cluster
and
central
is
Jody
for
one
seven,
so
that
would
qualify
probably
for
that
piece.
G
G
Then
the
primary
cluster
user
interact
OSI
I,
don't
think
we
will
be
ready
to
abate
off
with
a
piece
I'm
given
where
we
are
right.
Now.
It's
probably
more
alpha
experimental
is
for
some
of
the
commands,
like
a
version
and
proxy
status,
just
because
it's
not
as
easy
useful
as
when
user
just
interacted
with
one
single
cluster
today.
E
Yeah,
so
that's
so
yeah
we
in
fact
we
have
something
like
centralized
duty,
but
my
understanding
with
the
more
recent
changes
going
into
107
is
its
we're,
making
a
stronger
claim
that
we
support
a
control
plane
that
the
app
cluster
doesn't
have
access
to
or
that
that's
behind
a
thicker
wall.
So
if
we
say
whatever,
we
call
that,
whether
that
centralized,
DoD
or
hardness
DoD
ship
control
plane
most
used
to
be
quote
yeah.
Well,
we
sure
control
plane.
It's
the
users
have
had
access
so
far.
Well,
if
we
claimed
something
as
beta
whatever
it
is.
E
H
E
E
H
G
Thanks
for
people
are
boarding
and
deep
in
their
app,
it's
common
have
access
because
they
need
you
testing
things,
but
I
guess
if
if
this
thing
has
been
certified
to
run
I
missed
you
and
then
the
other
row,
that's
more
focusing
on
you
know,
make
sure
the
apps
can
be
deployed
and
operates
the
the
micro
services
they
don't
have
to
debugging
as
much
right.
Those
rows
I
can
see.
Maybe
they
don't
need
access
to.
Is
your
system
obviously.
A
G
H
I
H
E
E
E
E
B
H
E
I,
don't
think
that's
what
we
need
to
figure
out
right
now,
there's
the
immediate
problem
of
1.7
and
what
what
it
can
do
and
I
think
that's
the
like.
If
we
were
gonna
prioritize
some
of
these,
that
would
probably
be
the
biggest
one.
So
if
we
can
get
it
back
from
you
constant
about
what
are
we,
okay,
supporting
41.7
with
the
minimum
of
changes
without
you
know
having
to
go
through
a
full
API
review?
Maybe
it's
very
minimal.
It's
we're.
E
I
Like
to
zero
in
on
that
one,
eight
focus
Jason,
because
in
the
past
what
we've
seen
is
when
we
do
a
good
enough
API
something
does
a
stop-gap
to
just
go
in
and
get
things
done,
release
oftentimes.
What
we
find
is
when
we
go
to
improve
it.
The
argument
is
well.
Why
improve
it?
We've
already
got
this
API.
It's
functional,
there's
no
reason
to
change
it,
so
I
I'm
hesitant
to
delay
those
concerns.
If.
E
That
makes
sense,
I
don't
know
if
we
can
get
it
in
1.7
and
I
think
well.
If
we
do
the
minimum
well
for
1.7,
it
doesn't
just
work,
it's
not
secure.
There's
issues
with
certs,
potentially
there's
still
a
lot
of
things.
That's
you
mean.
Maybe
the
API.
The
content
is
there's
not
as
many
issues
with
that,
but
everything
else
surrounding
it
still
is
not
it's
still
not
fixed.
What
do
you
mean?
H
It
will
be
secure,
I
mean
what
were
describing
will
be
secure,
I
mean
it's
just
exposes
some
additional
information.
That
is
what
I
mean
it's
the
same
problem.
We
have
for
everything
else.
We
just
speak
security
I
mean
just
added
security
to
to
to
it
to
XDS
and
then
verification
of
certificates,
everything
else.
Okay,
we
may
need
additional
review,
but
again
from
from
security
people,
products
a
critic
point
of
view,
but
so.