►
From YouTube: Kuma Gateway API: Your Secret Weapon for Multi-region and Universal API Connectivity | #kuma
Description
π» In this episode of #kongbuilders @ViktorGamov , a principal developer advocate at kong, talks to Mike Beaumont, Software Engineer at @KongInc about deploying a mesh spanning multiple regions and using Kong Meshβs built-in, Envoy-based Gateway for directing traffic.
β¬β¬β¬β¬β¬β¬ KONG COMMUNITY β¬β¬β¬β¬β¬β¬
β https://github.com/Kong/kong
π¦ https://twitter.com/thekonginc
π https://konghq.com/community/
π» https://www.meetup.com/pro/kong
β οΈhttps://discuss.konghq.com/
π― https://konghq.com/kong-champions/
A
Welcome
back
to
quonk
YouTube
channel,
it
is
Kong
Builders,
it
is
Wednesday,
so
Kong
Builders
is
the
show
where
we
showing
you
how
you
can
rule
your
API
jungle.
I'm,
Victor,
gamof
I
am
developer,
advocate
here
with
Quant
joined
by
my
friend
and
colleague
here
at
Quant
Mike,
and
where
are
you
coming
to
us
Mike
today?
Are
you
coming
to
us
from
from
from
Germany
right?
Yes,.
A
So
since
we're
recording
this-
and
this
is
kind
of
like
one
of
the
experiments-
what
we're
trying
to
do
on
this
channel,
there
will
be
no
live
chat
or
maybe
there
will
be
live
chat.
We're
going
to
be
primarily
so
write
down
in
the
live
chat.
Where
are
you
coming
from?
It's
very.
We
are
very
interested
to
know.
A
Where
are
you
coming
from
and
watch
this
show
live
I'm
coming
to
you
from
East
Coast
of
United
States,
New
Jersey,
so
Mike
tell
us
about
a
little
bit
about
yourself
what
you
do
at
konk
and
what
brought
you
here
in
the
con
Builders,
what
we're
going
to
be
building
today.
B
B
And
what
I'm
going
to
be
talking
a
little
bit
about
today
is
setting
up
Kuma
in
a
multi-zone
configuration
and
talking
a
little
bit
about
Gateway,
which
is
one
of
the
features
that
I've
been
working
on
in
the
past
couple
of
weeks
and
months
and
I
just
want
to
go
through
how
we
can
use
it,
how
we
set
it
up
and
what
it
can
do
for
us.
A
Yeah,
that's
super
cool,
so
one
of
the
things
when
I
when
I'm
talking
to
people
during
the
some
of
the
interactions
Audible
for
the
conferences
and
people
asking
okay,
so
the
kuma,
how
it's
the,
how
it's
different
from
other
meshes
and
some
of
what
are
the
Beats
are
distinguished
Kuma
from
from
I,
don't
want
to
say
competitors,
because
this
is
the
like
a
very
interesting
and
more
or
less
inclusive
space,
because
there's
a
different
Technologies
around
so
I
would
want
to
say
like
a
competitors.
But
what?
What?
B
Yeah
I
mean
we're
all
cncf
products
right,
there's
multiple
meshes,
but
they
do
have
differences.
I.
Think
one
of
the
main
things
about
Kuma
is
it's
Envoy
base,
but
we
have
our
own
control
plane
and
we
built
a
control
plane
sort
of
from
the
ground
up
to
support,
not
just
kubernetes,
but
also
you
know
a
VM
anything.
You
want
to
run
it
on
any
anywhere.
Your
workload
is
running.
You
can
connect
it
into
the
mesh.
A
You
can
span
your
mesh
across
kubernetes
cluster,
VM,
virtual
machines
and
even
like
the
windows
machines
right,
so
you
can.
You
can
run
some.
B
A
Things
with
with
the
with
the
clunk
mesh,
not.
B
Access
machines,
exactly
Cloud
mesh
even
has
ECS
support
on
AWS,
for
example,
yeah
exactly
and.
A
B
B
Exactly
so,
you
could
have
like
one
zone
zone
is
the
term
for
like
region
or
whatever
that
we
use
in
Kuma.
So
you
could
have
one
zone,
which
is
a
kubernetes
cluster.
You
could
have
another
Zone,
which
is
a
universal
cluster,
a
universal
deployment
and
they
can
communicate
seamlessly
with
each
other,
and
you
get
all
the
features
that
you
would
get
otherwise
running
inside
the
mesh.
That's.
A
Cool
and
what
we're
gonna
be
building
today,
Mike.
B
Today,
I
just
want
to
show
you
how
to
set
up
Kuma
on
so
I'll
use
the
example
of
one
kubernetes
zone
and
another
Universal.
Zone
and
I'll
show
how
you
can
then
set
up
a
Gateway
in
the
kubernetes
zone,
and
then
you
can
the
example
being
if
you
want
to
move
a
workload
from
a
universal
Zone
into
the
kubernetes
zone,
so
you're
migrating
to
kubernetes
and
how
you
can
direct
traffic
and
and
sort
of
do
a
switch
over
from
Universal
to
kubernetes.
C
B
The
end,
if
there's
time,
I
will
show
our
cross
mesh
Gateway
feature,
which
is
something
that
you
can
use
when
you're
using
multiple
meshes
and
I'll
talk
about
what
a
mesh
is
in
this
context
later.
A
On
as
well
wow,
that's
that's
pretty
cool
and
how
one
of
my
like
Heroes,
Of,
My,
Life,
Arnold
Schwarzenegger,
used
to
say,
if
you
don't
have
a
time
for
gym
like
make
time.
So
if
we
only
have
a
time,
we
will
make
time
for
mesh.
So
before
we
jump
into
the
building
stuff.
I
want
to
do
like
a
quick
housekeeping
items
here
and
you
can
find
all
the
episodes
of
the
Kong
Builders
here
in
con
website.
You
can
go
to
collegeview.com
builders.
A
You
can
find
all
the
previous
episodes
here
or
that's
even
more
more
canonic
way
to
do
this.
Is
you
to
subscribe
for
Kong
in
con
YouTube
channel?
Enable
notifications
make
sure
you
have
all
here,
so
you
will
get
all
the
videos
that
we
do
in
here
at
Kong
and
again
you
will
get
all
cool,
exciting
content
about
API
management,
about
service
measuring
technology,
Cloud
native
and
stuff,
all
right
and
without
any
other
fiddling
tumbling
around
I'm.
A
B
All
right,
so
what
I
have
set
up
here
is
I'm
on
Google
Cloud
I
have
two
kubernetes
clusters
and
I
have
a
VM
and
how
it's
gonna
work
is
we're
going
to
take
one
cluster
and
it's
going
to
be
our
global,
a
global
Cuba
deployment,
and
it's
that's
going
to
serve
as
like
the
sort
of
touch
point
for
all
the
other
zones
that
we're
going
to
use.
So
we're
not
going
to
have
any
workloads.
D
B
It
but
it's
going
to
be
our
like
place
for
policy
and
all
of
that's
gonna
happen
on
kubernetes,
so
I
have
downloaded
here.
B
A
A
bar
fight
during
kubecon,
you
ask
people
like
or
tell
people
how
to
pronounce
Coupe
CTL
local
control,
and
this
this
way
you
got
into
fight
so
okay.
So
here
we
settle
for
Kuma
CTL,
but
I
prefer
control.
A
Cuddle
right,
yeah,
no,
we're
not
calling
it
here,
we're
not
calling
it
here.
Okay,.
B
Yeah,
so
this
is
just
launching
all
the
resources
we
need
to
run
the
control
plane
in
our
cluster,
and
so
we
have
one
pod.
That's
our
control
plane.
A
We've
with
Kuma
control,
obviously
you
can
do
installation.
You
can
do
some
of
the
observability
Beats.
You
can
see
like
a
status
of
control,
plane
status
of
meshes.
You
can
even
apply
like
policies
and
stuff
right.
So
you
can.
You
will
be
able
to
do
all
the
things
from
some
of
the
configuration
from
cool
control.
So
it's
pretty
cool.
B
Yeah
yeah
I'll
use
it
later
on
to
set
up
to
set
up
some
when
I
do
the
VM
stuff
I'll
set
up
some.
A
To
make
is
that,
when
we're
running
this
in
kubernetes
mode,
we
have
a
luxury
to
do
things,
configure
things
through
Cloud
native
things
like
you
crds
and
stuff,
but
if
you're
in.
B
There's
a
lot
more
steps
if
you're
not
using
kubernetes.
B
We
have
the
control
plane
running
in
global
mode
and
what
we
also
have
is
a
service
which
lets
us
connect
to
this
Global
control
plane
right
now.
It
just
has
an
external
IP
like
over
the
Internet
just
for
ease
of
setting
it
up.
Of
course,
it's
not
necessary.
You
can
have
everything
you
know
private
to
your
network,
but
right
now
it's
exposed
just
on
external
IP,
so
I'm
going
to
go
to
the
second
cluster,
that
I
have
and
set
up
a
Zone
control
plane,
and
that
looks
something
like
this.
A
So
when
you,
when
you
select,
started
the
global
control
plane,
it
automatically
provision
this
load
balancer
right.
This.
B
Exactly
that's
exactly
right
and
that's
something:
I
need
to
tell
this
second
control
plane
so
that
it
can
connect
to
the
global
Patrol
plane.
And
what
I'm
doing
here
is
you
know
setting
up
to
be
a
Zone
naming
the
Zone
I'm,
enabling
what's
called
Zone
Ingress,
which
is
basically
a
central
proxy
where
traffic
will
flow
from
other
zones
will
flow
through
first
when
it
enters
this
Zone
and
finally,
I
am
yeah
telling
the
new
control
plane
where
to
find
the
global
control
plane.
A
So
while
it's
installing-
let's-
let's-
let's
talk
a
little
bit
about
this,
so
when
we
deployed
this
into
multi-zone
mode,
we
we
also
Define
it.
We
cannot.
We
cannot
expose
all
possible
service,
all
all
possible
node
inside
the
mesh
or
or
service
inside
the
mesh
the
outside
world.
So
we
need
to
have
kind
of
like
an
entrance
point
to
to
this
zone.
So
that's
why
we're
enabling
this
like
a
Zone,
Ingress.
A
The
things
that
you
know
I,
it
should
be
somewhere
here
there
would
be.
There
will
be
a
link
to
to
the
video
that
I
explained
the
difference
between
that
Gateway
and
the
service
mesh,
and
this
is
where
example,
where,
like
Gateway,
that
is
built
in
inside
mesh
works
within
service
mesh
as
a
as
a
component
to
enable
this
multi-zone
communication.
D
B
I
had
it
previously
installed
control
plane,
so
this
is
just
launching
it
again
yeah.
So
it's
okay,
that's
done
terminating
and
we
have
our
second
control
plane.
B
See
how
things
look
logs,
just
quick
check.
A
B
A
In
the
code
Builders
we're
building
stuff,
but
not
necessarily,
we
come
unprepared.
So
we.
C
A
D
B
And
then
we
can
see,
we
can
actually
see
our
known
Ingress
pod
here
as
well.
So
this
is
just
an
Envoy
I
mean,
usually
you
know,
Envoy
the
purpose
or
the
role
that
Envoy
serves
in
the
meshes
as
a
sidecar
right,
but
we're
also
using
Envoy
just
as
a
normal
sort
of
proxy
and
this
proxy.
Essentially
it
doesn't
deal
you
know
in
layer,
7
or
anything
like
that.
It
just
sort
of
takes
it.
Just
like
the
central
point
for
all
Network
into
this
Zone
flows
through
the
Ingress
Yeah.
C
A
Basically,
it
doesn't
do
any
like
a
traffic
shaping
capabilities,
but.
D
B
Know
right,
let's
say
it
is
kind
of
a
Gateway
in
in
a
network
sense,
but
it
doesn't
actually
look
into
the
traffic
right.
It's
just
like
a
level
four
TCP
forward.
Everything
and
we
have
you
know
we
have
a
mesh
Gateway
which
I'll
talk
about
later,
which
is
also
Envoy,
but
that
is
the
configurable
one
that
lets
us.
Do:
traffic
shaping
and
routing,
and
things
like
that.
B
So,
let's
see
so
I
have
you
know
we
have
a.
We
know
we
have
like
a
com,
Kong
mesh,
Kuma
demo
here,
basically
I'm
gonna,
deploy
this
part.
I'm
gonna
deploy
part
of
the
demo
into
the
kubernetes
cluster
and
then
I
will
set
up
the
VM
Zone
and
deploy
the
front
end
for
the
for
the
demo
there
and
then
move
the
front
end
into
the
clust
into
the
kubernetes
cluster.
So
the
scenario
is
sort
of
like
okay.
We
have
you
know
some
leftover
workload
in
this.
So.
B
We've
got
postgres,
we've
got
a
you
know,
you've
got
a
deployment
of
service,
we've
got
a
redis
deployment
and
a
service,
and
then
we've
got
like
a
back-end
service
and
the
back
end
service
has
two
versions
which
we'll
see
if
we
can
do
something
fun
with
later
on.
B
B
That
all
conserve
traffic
meant
for
that
deployment.
So
yeah,
that's
that's!
That's
sort
of
the
jumping
off
point
here
see.
B
The
fun
part
will
be
setting
this
up
on
the
VM.
Of
course,.
A
That
we
are
getting
for
granted
in
in
kubernetes,
World
and
yeah,
installing
in
the
like,
VM
stuff,
is
a
little
bit
like
humbling
experience.
Yeah.
A
That
separates
you
a
voice
from
men,
basically.
A
Still
manage
it
to
manage
VMS
right
now,
write
down
in
the
comments.
Don't
forget,
write
down
in
the
comments,
if
you,
if
you
still
not
in
kubernetes
world,
you
would
love
to
be
there,
but
you
still
manage
virtual
machines
in
the
like
ec2
instances
and
stuff.
A
Can
you
actually
like
fire
up
UI
and
show
like
the
the
how
this
would
you
know,
look
like
in
in.
B
The
Google
right
sure
can
so
I'm
gonna
join
gonna,
connect
to
the
the
global
control
plane
and
see
what
we
see,
but
it's
Port
order
to
the
yeah.
B
D
B
We
see
that
the
Zone
Ingress
there
is
is
online
as
well
Services.
We
see
a
leftover
pod
here,
but
we
see
these
three.
These
are
the
three
components
of
the
demo
I
just
launched.
You
know
we
have
our
backend
service,
our
postgres
and
redis
yeah.
This
is
sort
of
the
overview
that
you
get
in
the
GUI.
It's.
C
A
Only
but
it's
still
good
good
tool
at
least
officially
see
what
you
have
here.
A
B
Get
suggestions
about
you
know
so:
yeah
mtls
we're
going
to
enable
as
well
yeah.
So.
A
Yeah,
so
if
your
first
time,
if
you're
first
time
starting
this
UI
Kuma,
we
got
you
covered,
you
know
we'll
give
you
a
few
suggestions:
how
we
can
improve
security,
how
you
improve
observability
of
this,
so
there's
a
there's,
a
cool
thing
to
have.
B
Yeah
for
sure
so
Let's
do,
let's
before
we
start
the
new
Zone,
let's
enable
ntls
on
our
mesh,
and
this
may
be
a
good
point
to
talk
about
what
it
matches.
B
Like
a
match
right,
it's
like
the
service
mesh
Kuma
is
a
service
mesh,
but
whom
also
has
the
idea
of
a
mesh
resource
which
is
basically
like
you
can
think
of
it
as
like,
a
way
to
isolate
services
from
each
other
part
of.
B
You
know
like
a
unit
you
can
use
to
to
to
organize
things
really,
and
so,
when
we
start
our
Global
control
plane,
it
will
create
like
what
is
called
the
default
mesh
and
you
can
just
use
the
default
like
you
can
just
use
one
mesh
and
Cuba
there's
a
there's,
no
like
requirement
or
assumption
that
you'll
have
multiple
meshes,
but
you
can
also
create
multiple
matches
and
the
advantage
is
when
you
enable
mtls,
which
we
will
do
right
now.
B
You've
isolated
the
services
that
are
in
each
mesh
from
each
other,
so
like
when
you're
using
mtls
right
any
any.
The
only
way
you
can
communicate
with
a
service
in
your
mesh
is,
if
you,
you
know,
have
a
valid
certificate
that
you
know
service
is
talking
to
service
B.
Then
it
wants
to
see
that
service
B
wants
to
see
that
service
a
is
really
inside
the
mesh,
and
it
does
that
by
checking
checking
the
TLs
connection.
B
So
let's
turn
on
mtls.
Of
course,
the
default
right
now
is
that
when
you
create
a
master,
doesn't
have
mtls,
enabled
Mutual
TLS.
A
B
Exactly
so,
the
easiest
way
is
just
to
use
the
built-in,
like
a
built-in
CA,
that
the
control
plate
generates
for
you.
You
can,
of
course,
also
provide
your
own
and
you
do
that
by
creating
some
some
Secrets
and
then
you
can
reference
them
inside
the
mesh
object,
but
that
is
yeah.
Let's,
let's
we'll
stick
with
with
the
built-in
ca
for
now
yeah.
It.
A
Would
be
more
than
enough,
at
least
for
for
demo
purposes
and
again,
when
we're
writing
this
through
public
Internet?
It's
always
good
to
have
this.
Every
tail
lights
enabled.
A
Now
this
mtls
also
will
span
across
all
the
services
that
will
be
deployed,
including
services
that
our
application
uses
in
services
that
the
Kumon
uses
like
Ingress
and
like
load
bands
and
things
like
that.
So
those
those
certificates
would
be
injected
through
Sidecar.
B
I
made
the
common
mistake
of
being
in
the
wrong
control
plane,
although
I
think
that's
just
because
my
this
context
is
wrong.
There
yeah,
so,
okay,
let's
try
that
again,
yeah!
So
one
thing
is
you
can
only
you
can
only
so
the
way
policies
work
is.
Kuma.
Policies
exist.
B
In
the
global
control
plane
so
anytime,
and
then
there's
synced
downwards
from
each
Global
control
plane
to
every
Zone
control
plane.
So
anytime,
you
want
to
do
which
kind
of
makes
sense
right,
because
if
we
have
multiple
zones,
then
one
like
when
you
edit,
the
mesh,
which
is
a
Zone
which
is
an
object
which
expands,
which
can
span
multiple
zones,
and
you
want
to
edit
it
from
from
the
top
as
it
were.
So
we
edited
things
like
that
in
the
global
control
plane.
So
now
we
just.
A
Enabled
so,
in
this
case
it's
kind
of
like
there
should
be
like
single
source
of
Truth
for
configuration,
yeah.
A
Plane
would
be
responsible
for
pushing
down
to
to
to
Zone
control
planes.
That's.
B
Exactly
right
and
the
we'll
see
that
later,
maybe
the
the
thing
that
don't
control
planes
do
differently
is
that
they
manage
their
own
services.
So
when
a
service
is
launched,
it's
always
in
a
Zone.
You
can't
launch
a
service
in
a
global
control
plan.
You
always
launch
it
into
Zone
and
then
the
Zone
syncs,
those
Services
as
part
of
the
Zone
Ingress
object
into
the
Zone
into.
B
For
this
mesh,
which
you
can
probably
see
the
best
looking
at
the
GUI
yeah,
you
can
see
for
this
mesh.
The
default
mesh
we've
got
mtls
enabled
here.
A
Has
a
like
separate
UI
that
shows
like
a
report
of
like
what
kind
of
services
are
in
certificates
and
the
expiration
of
the
certificate.
So
this
is
something
that
you
would
be
interested
in
just
check
out.
The
Quan
Quant
mesh
UI.
C
Soon,
anyway,
yeah
so.
B
That's
the
setup
there
so
now
we
have
mtls
enabled
in
our
mesh.
So
all
of
our
servers
are
communicating,
go
ahead
and
CLS
and
we
have
our
backhand
set
up
in
our
kubernetes
cluster.
So
we
can
go
to
the
VM
and
see.
B
B
Control
plane,
there's
the
control
plane,
obviously,
but
there's
also
the
Zone
Ingress.
So
we're
going
to
set
up
first
of
all
the
control
plane,
then
we're
going
to
set
up
a
Zone
Ingress
and
then
we're
going
to
set
up
the
front-end
service.
So.
B
I'm
just
going
to
run
the
Zone
control
plane
in
memory
mode,
because
otherwise
we
need
to
set
up
a
postgres
and
setting
up.
Postgres
is
a
little
bit.
I,
don't
know
out
of
scope.
Yeah
I've
decided
just
to
run
it
yeah.
A
And
one
of
the
things
that
you
know
people
can
can
do
is
maybe
using
like
manage
boss
grass
and
set
up
these
things
so
for,
for
example,
like
to
to
optimize
this,
like
a
management
specific
like
for
con,
we
have
like
our
own,
like
managed
service,
that
you
know,
runs
the
control,
plane
and
database,
and
things
like
that.
Maybe
we
should
do
something
for
for
mesh
as
well
something
foreshadowing.
A
Like
remember,
remember
this
remember
this
stream.
Let
us
know
like
how
you
deploy
your
service
mesh
like
if
you
deploy
this
with.
What's
your
Disaster
Recovery
strategy
like
if
using
like,
manage
service
databases
or
using
your
manage
your
own
database,
you're
running
I,
don't
know
like
postgres
operator
or
something
like
that.
B
So
Google
Cloud
can
decide
to
upgrade
the
control
plane
in
the
middle
of
our
in
the
middle
of
our
recording
here.
So
that's
fine.
A
Yeah,
that's
that's
kind
of
goes.
You
never
know
so.
B
We
saw
before
I
need
the
endpoint
that
the
load
balancer
endpoint
that's
configured
to
expose
like
the
zone
to
Zone
a
Zone
to
Global
Communication,
so
I
mean
I
can't
do
much
right
now,
anyway,
since
the
cluster
as
well.
That's
not
true
I
can
actually
look
at
my
other
cluster
and
see
which
address
I
ended
up
using
yeah.
B
Here
we
go,
we
should
still
be
able
to
connect
to
the
club
the
control
plane,
even
though
the
kubernetes
control
point
is
being
updated
by
Google
Cloud,
so
yeah,
so
I
have
like
downloaded
already
Kuma,
just
like
I
had
here
locally
I've
downloaded
Kuma
onto
the
VM
and
I'm
just
gonna
SSH
into
it
and
run
some
things.
B
So
that's
sort
of
the
the
whole
the
way
I'm
doing
things
here
is
just
running
Google
Cloud,
you
know
gcloud
SSH
to
get
in
and
running
new
commands,
I
need
to
run
and
we,
like
you,
know,
I
downloaded.
The
release
of
Kuma
and
inside
is
which
I've
been
using
as
Kumasi.
Well,
I.
Don't
have
to
use
Kuma
CTL
yet,
but.
D
B
Is
the
archive
that
we
get
when
we
download
Kuma
and
what
it
has
inside?
It
is
Kuma
CTL
and
that's
because
I'm
running
Arch
Linux
and
we
don't
build
the
control
plane
components
specifically
for
Arch
Linux.
But
if
we
download
this
is
a
Debian
machine.
If
we
download
Kuma
there,
if
we
use
the
installer,
then
we
get
like
the
actual
components
like
the
actual
images
or
not
the
images,
the
binaries,
that
we
need
to
run
the
control
plane
and
to
run
beside
cars.
B
So
we
have
a
CP
and
we
have
Kuma
DP
CP
is
the
control,
plane
and
yeah
I'm
gonna
run
it
and
see
what
happens.
B
B
A
This
is
this:
what
we're
running
inside
the
instance
like
Linux
instance
that
runs
yeah.
B
B
Exactly
this
thing,
Google
Cloud
compute
instance
right
and-
and
you
can
I-
mean
I'm-
going
to
deal
with
this
all
in
one
VM,
but
these
can
be
different,
VMS
and
maybe
just
to
be
clear.
The
way
our
network
is
set
up
here
is
I
mean
you
need.
There
needs
to
be
network
connectivity
like
level
four
connectivity
between
all
of
his
own
ingresses
and,
of
course,
the
global
control
plane,
but
so
the
way
it
works
here
is
since
we're
all
we're
all
on
the
same
Google
Cloud
Network.
B
B
Exactly
so
you
could
you
could
set
it
up
so
that
only
the
Zone
Ingress
is
exposed.
A
Yeah
because
we
specifically
specified
if
we
specify
the
external
IP
address
to
connect
to
so
we're
not
specifying
like
an
internal
to
to
to
Google
Cloud
I
I,
don't
know
like
how
the.
B
Yeah
yeah
the
Network's
pretty
yeah
exactly,
but
so
so
to
be
so,
there's
two
there's
two
things
happening
like
one
is
the
Zone
control
plane
to
Global
control
plane,
and
that's
like
what
you
said
where
we
have
where
we
have
this:
what
is
it
called
the
global
Zone
sync
endpoint
and
that's
my
load
balancer
that
just
gets
an
external
IP.
B
The
other
thing
is
the
Zone
Ingress,
and
so
when
we
have
like
right
now,
we
have
our
our
VM
Zone,
all
of
the
services
that
we
launch
in
the
VM
Zone
whenever
they
want
to
connect
to
a
service
in
the
kubernetes
zone,
they're
configured
in
such
a
way
that
all
those
requests
get
sent
to
the
Zone
Ingress
The
kubernetes
Zone
Ingress,
and
that
is
also
not
a
public
like
that's,
not
public.
B
That's
just
that's
just
a
pod
in
the
in
the
kubernetes
cluster
and
because
the
VMS
have
Network
like
access
to
the
to
the
IPS
of
the
pods,
because
that's
just
how
the
Google
Cloud
network
is
set
up
by
default.
Yeah.
That's
that's
that,
but
you
could,
but
you
could
imagine
like
just
exposing
the
Zone
Ingress
via,
for
example,
a
load
balancer,
and
then
you
can
configure
The
Zone
Ingress,
with
whatever
IP
or
with.
However,
it
should
be
accessed
from
the
VM.
A
Let's,
let's
imagine,
let's
imagine
we
deployed
this
in,
say
ec2
so
another
another
one
in
Institute.
What
would
be
requirement
for
both
sides
like
if.
D
A
This
Zone
will
need
to
have
connectivity,
obviously
to
Global
control,
plane,
yes,
and
so,
but
the
traffic
will
not
go
through
the
global
control
plane.
So
when.
C
A
Need
to
hit
one
service
to
another.
They,
the
traffic,
will
go
through
Zone
Ingress
in.
A
Would
be
between
Google
Cloud
to
is
YouTube,
because
we
were
not
configuring
about
address
right.
So
we're
not
we're
not
talking
about
this
one.
Yet
yeah.
B
I
forgot
their
their
namespaced
yeah.
Okay,
zoning
grass
object
yeah,
so
I'm
in
the
global
control
plane
right
now,
and
so
we
have
well.
We
do
have
two
zones
right
now
actually,
but
we
only
have
one
zone
Ingress,
because
we
haven't
launched
a
Zone
Ingress
in
the
VM
Zone
yet,
but
we
have
the
Zone
Ingress
in
the
kubernetes
zone
and
if
we
go
to
the
global
control
plane,
we
can
list
our
Zone
ingresses,
and
you
see
that
this
Zone
Ingress
is
what
is
synced
to
the
VM
zone.
B
So
we
can
see
that
in
a
second
when
we
start
the
zoningers
in
the
VM,
but
you
can
see
that
The
Zone
Ingress,
you
can
The
Zone
Ingress
has
an
internal
IP.
You
know
inside
the
Google
network,
but
it
also
has
an
advertised
IP,
which
is
just
the
the.
B
B
Risk
is
configured,
that's
okay,
so
it's
configured
to
have
a
load
balancer
service
by
default
when
you
install
with
Kuma
CTL.
So
it
also
has
an
external
IP,
but
but
again
same
as
the
Zone
control
as
the
global
control
plane.
B
B
Yeah,
so
we
could
use
a
public
IP
to
to
handle
that
and.
A
So
and
it's
all
what
it's
a
L7
traffic,
because
it's
a
grpc
protocol
for
that
will
be
pushed
through
so
for
people
who
you
know
configuring,
firewalls
and
stuff
like
that.
So
it's
still
L7.
B
The
control
plane,
Zone
Global,
is
L7
yeah,
it's
going
to
be
our
grpc
endpoint,
but
actually
the
Zone
Ingress
itself
is
just
like
TCP,
because
of
course
you
can
have
you
know
non-http
Services
running
in
your
mesh
and
the
only
thing
is
just
protected
by
mtls.
So
you've
got
it
like
you.
That's
the.
A
D
A
Deployed
one
more
Zone.
D
B
C
A
Yeah,
so
we
see
two
zones
and
one
zone
inside
vm1
in
currents.
That's
what
we
wanted
to
to
to
start
playing
around
yeah.
B
A
Want
to
you
want
to
deploy
your
service
inside
VM
so
like
front
end
to
connect
to
back-end
services
that
deployed
in
a
kubernetes
Zone.
B
A
B
One
thing
we
need
to
do
is
so
the
first
of
the
things
that
kubernetes
makes
very
easy
for
us
is
authentication
between
services
that
are
like
between.
You
know
the
envoy
sidecar
and
the
control
plane
and,
of
course,
the
Cyclone
even
itself
is
started
automatically
via
VIA
injection
into
the
Pod
yeah.
A
So
in
kubernetes
we
have
sidecar
injection
that
is
configured
through
your
deployment,
manifest
basically
just
like
a
specified
either
a
notation,
so
in
this
case
control
plane.
That's
what
another
thing
that
control
plane
does.
Apart
from
again
management
configuration
we
now
learn:
control
plane
can
do
certificate
Authority,
but
also
a
control
plane
sitting
there
and
waiting
for
some
annotation.
So
it
will
be
able
to
inject
the
side
cars
inside
your
application
Port.
A
So
your
your
configuration
that
you,
configuring,
your
your
your
stuff
or
when
you
find
your
code,
you
don't
have
to
do
this.
It
can
be
happened
automatically.
Now.
C
A
B
Exactly
and
yeah
so
the
first
thing
we
have
to
do
is
set
up
the
Zone
Ingress
in
the
VM,
so
that
traffic
can
flow
from
other
zones
into
the
VM.
And
so
let's
look
at
that.
Like
I
said,
the
zoning
nurse
is
simply
a
an
Envoy.
It's
wrapped,
you
know
it's
Kuma
DP,
but
it's
essentially
an
Envoy.
You
know
with
it's,
not
a
sidecar,
it's
a
proper,
proper
proxy.
A
B
B
Configuration
looks
like
it's
similar
to
what
we
saw
before
with
advertise,
and
you
know
not
advertised,
and
it
looks
something
like
this
I
mean
this
is
the
the
IP
of
our
VM
private
IP,
accessible
from
the
kubernetes
cluster
and
so
yeah
we're
also
going
to
advertise
the
same
IP
because
it
is
accessible
from
the
kubernetes
cluster
so
that
all
the
service
is
running
in
in
the
other
zones.
Can
access
and
the
kubernetes
cluster
can
access
it
by
this
address
so
yeah?
A
And
if
you
look
into
documentation
of
Kuma,
you
always
will
find
a
kubernetes
way
how
to
configure
all
these
resources
and
policies,
and
also
you
will
find
the
way
how
we
can
configure
this
in
Universal
world.
So.
B
B
B
Thing
we
need
to
do
is
set
up
so,
like
I
said
the
authentication
isn't
handled
automatically.
B
B
So,
let's
keep
our
Global
control
plane
Port
forwarded
to
our
local
machine.
With
that.
In
the
background,
this
is
Cube
CTL.
Then
we
need
to
set
up
Puma
CTL,
oh
right,
okay,
so
the
way
it
works
is
there's
an
admin
token
created
when
the
control
plane
first
runs
and
there's
a
little
a
little
message
about
that
in
the
output
here
about
how
to
grab
it.
B
A
Going
to
take
this,
as
a
matter
of
fact,
in
one
of
the
episodes
from
the
past,
you
will
find
the
link
somewhere
like
somewhere.
Here
there
will
be,
there
will
be
a
link,
will
pop
up
right
now.
We
actually
went
through
the
process
of
creating
in
what.
B
That
is
my
computer,
that
is
the
fan
of
my
laptop,
which
is
at
the
moment.
It
literally
started
like
an
hour
before
this.
A
That's
fun
right,
that's
funny!
I
will
keep
this
in
the
recording.
It's
gonna
be
fun,
so
we
actually
went
through
the
process
of
explaining
how
all
this
thing
is
working
with
Greg
in
one
of
our
previous
episodes,
where
we
talk
about
specifically
about
managing
these,
the
tokens
for
cool
mode
control,
planes
and
data
planes.
If
and
if
you're
interested
in
this
type
of
jazz
folks
go
and
check
these
no,
no
wrong
wrong
way.
I
I'm
not
good
at
this.
A
So
you
know
not
the
professional
YouTuber
I'm
just
learning
how
to
do
this,
but
the
content
is
there
go
check
it
out.
It
actually
goes
in
in
a
very
good,
deep
ways
explaining
those
beats.
B
Wonderful,
okay,
so
back
to
it
yeah,
so
I've,
just
configured
Kuma
CTL
using
the
admin
token
so
now,
I'm
I
can
basically
act
as
an
admin
in
terms
of
talking
to
the
the
kuma
API,
the
control
plane.
So
now
I'm
just
going
to
generate
a
Zone
token,
and
that
looks
something
like
this
generating
a
token
for
the
Ingress
to
connect
to
the
to
the
control
plane
as
the
VM
Zone
as
an
Ingress
for
the
VM
Zone.
B
B
There
we
go
so
we
saw
the
Zone
Ingress
the
ammo
file
just
a
couple
of
minutes
ago.
We
have
the
address
here
that
we're
using
like
this
address
is
the
address
of
our
VM
and
we're
connecting
to
the
local
control
frame
which
we
started
earlier.
We've
got
our
token
file
configured,
not
actually
ammo
file.
We
got
our
token
file
configured
with
the
Zone
English.
Silk
I
just
created
see
what
happens.
B
Okay,
that
looks
good,
so
we've
got
Envoy
running.
It's
got
a
listener
at
the
Port
that
we
configured
now
we
can
probably
go
into
the
GUI.
Here
we
go
yeah,
it's
already
updated.
B
We've
got
two
zone
ingresses
now,
oh
cool
one,
so
we've
got
the
VM
so
okay,
so
those
are
sort
of
the
prerequisites
to
to
running
multiple
zones.
Now
any
services
that
we
start
will
be
able
to
communicate
with
other
zones,
and
you
know
by
default
that
that
looks
something
like
I
mean
by
default.
That
happens
automatically
any.
If
you
have
a
Zone,
if
you
have
a
service
running,
if
you
have
workloads
running
in
multiple
zones
and
they
are
using
the
same
service,
then
requests
will
be.
B
You
know
balanced
between
those
zones.
So
let's
see
what
that
looks
like,
let's
start
now
front
end
the
front
end
exactly
I'm
thinking.
B
Who
I
want
to
just
do
it
here?
Yeah,
okay,
Let's
Escape
into
the
machine,
so
I
got.
You
know,
I've
got
Docker
installed
on
this
on
this
VM,
but
we're
just
gonna
run
the
the
front
end
process
by
a
Docker,
but
you
know
it
doesn't
require
Docker.
You
can
run
if
ever
you
want.
D
B
Here
we
go
so
yeah
we're
gonna
run
the
docker
run
command,
we're
going
to
use
host
networking
so
that
we
can,
you
know,
easily
connect
to
the.
B
Yep
yeah,
yeah
and
so.
B
So
this
is
going
to
be
so
we're
going
to
configure
the
front
end
oops
we're
going
to
configure
the
front
end
with
the
backend
endpoint
low
flows,
8080
and
I'll-
explain
where
that
comes
from
in
a
second.
But
that's
what
this
means
here.
So
the
front
end
is
going
to
communicate
with
the
back
end
via
port
8080
on
localhost,
and
then
it's
going
to
expose
the
front
end
on
Port
9080.
So
let's
start
that-
and
you
know
that's
that's
just
running
like
this-
has
nothing
to
do
with
with
the
service
mesh.
B
Yet
now,
if
we
SSH
into
the
machine,
we
can
see
what
I've
got
set
up
for
the
sidecar
of
that
process.
B
Because
we
need
it
similar
to
The
Zone
Ingress,
we
need
configuration
for
the
data
plane
for
the
sidebar,
which
is
called
the
data
plane,
but
you
can
think
of
that
as
a
data
plane
proxy.
It
really
is
the
correct
term,
and
that
looks
something
like
this,
so
we've
configured
so
the
meaning
here
is
that-
and
this
is
something
that's
automatically
created
for
us
on
kubernetes,
so
this
exists
on
kubernetes
as
well.
We
just
don't
have
to
create
it.
It
uses
the
kubernetes
resources.
C
A
Vms
we
need
to
do
this
manually.
B
Yeah,
so
we've
got
a
we've,
got
it
configured
with
an
inbound,
so
the
inbound
is
is
going
to
be.
You
know
a
listing
for
it
that
we
want
to
expose
to
the
rest
of
our
mesh
and
so
we're
going
to
run
the
sidecar
and
we're
going
to
have
our
service
like
we
just
launched
we're
going
to
have
it
listening
on
90,
80.
and
inside
the
mesh.
We
want
to
expose
this
on
Port
80.
B
and
then
we're
gonna.
Give
this
we're
going
to
call
this
the
front
end
service,
and
then
it's
gonna,
because
we
don't
have
transparent
proxy,
which
is
another
thing
that
kubernetes
we
can
enable
the
transparent
proxy
on
universal.
But
it's
another
step
right
here,
we're
just
going
to
list
explicitly
which
Services
we
want
to
access
for
my
front
end
and
that
actually
yeah,
so
we've
got.
B
We've
got
our
backend
service
running
already
and
we
can
go
to
the
GUI
and
actually
see
you
know
where
this
is
coming
from
our
service
is
this
back,
and
you
know
this
is
running
in
the
kuma
demo
namespace
and
it's
a
service
at
Port,
3001,
and
so
that's
the
service.
We
want
to
connect
to
when
we
are
using
our
front
end
and
then
we're
going
to
basically
use
the
sidecar
to
forward
traffic
from
the
process
on
localhost
port
8080
and
forward
that
traffic
to
the
back-end
service
here.
B
So
that's
what
our
setup
looks
like
you
know:
we've
got
the
address
set
up
here,
the
address
being
the
the
VM
address.
So
let's
see
what
happens.
B
Before
we
can
actually
run
it,
we've
got
to
create
another
token:
do
this,
you
can
go
to
Kuma
CTL
again,
instead
of
generating
a
Zone
token
will
generate
a
data
plane
token,
and
the
name
of
our
service
is
going
to
be
front
end
and
then
we'll
use
this
token
configure
Kuma
DP
with
it
and.
B
A
We
should
okay,
so
now
we
should
call
this.
We
should
call
the
stream
the
service
mesh
for
developers
the
hard
way,
because,
again,
a
lot
of
things
that
kubernetes
gives
us
and
the
things
that
automatically
configured.
D
A
Kubernetes,
it's
difficult
to
do
or
like
it's
possible,
but
it
requires
a
lot
of
steps
with
Universal
in
in
in
VM
mode.
D
B
D
B
Do
some
port
forwarding
we
can?
We
saw
here
that
our
you
know
I
mean
so
we
configure
90
80
right
to
to
expose
our
front
end.
We
can
just
connect
to
the
VM
and
forward
9080
to
our
local
machine
and
see
what
happens.
B
A
Okay,
so
let's,
let's,
let's
do
recap
quickly,
so
we
do
have
two
zones.
One
zone
is
kubernetes
all
weekend.
Services
deployed
there
we
created
a
VM
Zone,
which
would
be
configured
in
obviously
VM,
and
we
showed
how
to
configure
control
plane,
how
to
control,
how
to
configure
a
data
plane.
How
deploy
service
that
will
be
connected
to
this
one.
So
now
we're
going
to
be
doing
what
next.
B
So
next
we're
going
to
create
so
we're
going
to
do
like
communication
from
kubernetes
to
the
VM
and
then
back
to
kubernetes
kind
of
a
setup.
We're
going
to
launch
a
mesh
Gateway,
which
is
the
envoy
Gateway
feature
of
Kuma
in
the
kubernetes
zone.
We're
going
to
configure
it
to
forward
traffic
to
the
front-end
service,
which
is
running
in
the
VM
and
then
that
front
end
service
will,
of
course,.
C
A
Case
we
as
a
we
can
give
this
to
our
users,
so
the
users
will
be
able
to
connect
to
IP
or
hostname
of
Gateway,
but
underneath
they
will
not
be
able
to
see
what
is
going
on
here.
That's
the
that's!
What
the
you
know,
beauty
of
the
Gateway
that
will
be.
B
B
And
the
next
step,
if
we
have
time
is
then
so
we
can
move
the
we
can
have
the
Gateway.
As
is
we
can
have
the
back
end
as
we
can
move.
We
can
launch
the
front
end
into
the
kubernetes
cluster.
So
if,
whatever
we've
finished
our
migration
from
VM
to
kubernetes,
and
then
we
can
configure
our
our,
we
can
configure
our
mesh
gateway
to
route
trap.
B
You
know,
initially,
we
can
do
some
sort
of,
let's
say:
green
blue
green
deployment,
type
situation
or
Canary
deployment
where
we
send
some
traffic
to
the
kubernetes
front
end
and
then
slowly
move
all
traffic
from
so
that
there's
eventually
no
traffic
going
to
the
VM
front,
end
yeah!
So,
okay,
so
we
have.
So,
let's
look
at
like
how
what
it
is
to
configure
a
Gateway.
B
So
there's
there's
the
configuration
of
the
Gateway
and
that's-
and
these
are
going
to
be
two
Kuma
resources.
We've
got
our
gate,
the
mesh
Gateway,
it's
you
know
a
kubernetes
excuse
me
Akuma
resource.
It
runs
inside
a
specific
mesh
and
a
specific
Zone,
but
the
policy
we
create
on
the
global
control
plane.
B
And
it's
you
know
what
you
expect.
Looking
at
a
Gateway
we've
got
listeners,
you
know
what
port
we
want
to
listen
on
which
protocol
and
then
we
select
which
service
which
Kuma
service
is
going
to
serve
the
Gateway.
So
you
can
imagine
the
Gateway.
This
is
just
the
config.
B
This
doesn't
actually
start
any
Envoy
instances,
but
we're
going
to
start
an
Envoy
instance
and
then
point
that
Envoy
instance
around
the
other
way
and
we're
going
to
point
the
Gateway
policy
to
the
envoy
instance
and
we're
going
to
start
an
Envoy
instance
that
has
the
kuma
service
Gateway
configured
and
then
the
second
part
of
the
config
is
the
routing
and
we're
just
going
to
Route
all
can
all
requests
that
come
into
the
Gateway,
we're
gonna
route
them
and
we're
going
to
match
essentially
all
traffic
by
matching
this
prefix
and
you
can
do
a
bunch
more
stuff
here.
B
You
know
filter,
you
can
add
headers.
You
can
mirror
traffic
initially
we're
just
going
to
send
all
traffic
to
the
front-end
service,
which
is
the
service
that's
running
on
the
VM
right.
B
That's
exactly
right
and
of
course
we
do
support
Gateway
API
in
kubernetes
zones,
but
since
we're
doing
multiple
zones
here,
the
best
way
is
to
is
to
use
the
native
group
and.
A
B
Yep
Okay,
so
we've
created
that
policy
that
configuration
again
there's
no
Gateway
running
anywhere,
yet
we're
going
to
actually
start
the
Gateway
in
our
kubernetes
Zone,
and
that
looks
like
this.
We've
got
the
message:
Gateway
instance
resource
and
basically
the
mescue
instance
resource
is
going
to
handle
managing
like
a
deployment
and
a
service,
the
kubernetes
objects,
and
then
that
deployment
is
going
to
launch
Kuba
DP.
So
we
want
to
have
a
you
know.
We
want
to
have
our
Gateway
get
assigned
to
external
IP,
so
we
have
a
load
balancer
service
type.
B
We
use
the
same
Gateway.
Excuse
me,
the
same
service
tag
that
we
used
in
the
two
policies
we
just
created
and
we
can
launch
in
the
Kuba
demo
namespace.
It
happens.
B
D
B
So,
okay,
so
this
is
the
external
IP
of
the
of
the
you
know:
Kuma
DP,
slash
Envoy
running
as
Gateway
and
yeah.
So
we've
got
a
request
coming
in
the
kubernetes
cluster
going
over
to
the
DM
and
then
that
front-end
service
spanning
out.
A
Maybe
can
we
take
a
look
on
the
headers
and
see
like
if
it
we
can?
We
can
find
something
interesting
here
like
if
you
open
developer
Tools
in
in
here
and
just
like
you
refresh.
D
A
And,
for
example,
let's
take
a
look
on
some
headers
like
what
we
have
in
here
like
response
headers
and
no.
D
A
Headers
like
throw
slow
down,
so
there
should
be
something
like
Envoy
headers
like,
and
they
see
it
as
it
goes
through
the
kuma
Gateway
as
a
service
so
and
underlying
that
there
should
be
some
sort
of
like
do.
We
have
a
like
a
node.js,
so
our
server
doesn't
do
anything
like
what
is
that,
like
Express
or
something
like
that,
I
don't
see
anything
that
would
be
added
by
actual.
A
D
A
Is
pretty
cool
so,
with
the
with
the
Gateway,
does
exactly
what
Gateway
is
supposed
to
do
right
it
is?
It
does
routing
to
to
the
to
the
underlying
service,
okay,
yeah.
So
now
we.
B
Now,
let's,
let's
I'm
gonna,
deploy
the
front
end
in
somewhere
else.
B
Somewhere
I
have
the
front
end.
Let
me
here
we
go
yeah.
Of
course,
I
didn't
move
it
yet.
Okay,
now
I'm
gonna
launch
the
same
front-end
you
know
process,
but
as
a
deployment
and
service
in
the
kubernetes
cluster
and
yeah
I
mean
this
just
looks
like
a
service
and
a
deployment
right.
The
same
sort
of
the
same
arguments
same
drop
your
image
as
running
on
the
VM
and
we're
going
to
connect
to
the.
B
D
B
Yeah
exactly
but
and
then
when
we
yeah,
so
that's
when
we
started
the
deployment
before
with
the
back
end.
You
know
we
created
this
back-end
service
here
and
we
could
use
that
to
connect
to
the
to
the
back
end
services,
but
we
could
also
use
the
kubernetes.
B
Excuse
me
the
kuma
Kuma
DNS.
We
can
do
something
like
this
instead
and
I
think
just
because
it's
a
little
bit
more
consistent
with
whatever
what
everything
else
looks
like
using
these
demo
names,
these
service
names,
so
I'm
going
to
use
this
and
the
other
way
the
source
is.
That
Envoy
is,
you
know,
has
its
own
DNS.
A
That
basically
control
plane.
Another
thing
that
control
plane
does
is
it's
registered
as
a
DNS
server
and
manages
all
these
names.
When
you
registered
service,
what
the
service
comes
in
data
plane
service
registered
in
control
plane,
it
will
create
a
DNS
instance,
the
next
record,
and
we
actually
can
have
a
ability
to
configure
now
those
DNS.
We
can
have
a
not
only
dot
Mash
but
dot
blah
something
and
have
your
own
kind
of
like
a
network
structure.
A
So
in
this
case
we
layer
up
on
top
of
the
whatever
Network
infrastructure
we
have
here.
We
do
have
kubernetes,
we
have
a
in
you
know,
just
in
general
internet
thing,
we
have
VMS
and
we
layer,
Kuma
managed
Network
infrastructure
on
top
of
it.
So
it's
it's
also
some
some
sort
of
like
unification
of
networking
right.
So
in
this
case
you
have
a
it's,
not
video
rated
right,
how
you
call
it?
No,
basically,
it's
a
yes!
It's
a
it's
a
multi-zone,
multi-uh,
multi-regional,
right
or
multi
yeah.
B
Deployment
I
think
I
think
once
you
start
like
once,
you
start
talking
about
having
kubernetes
and
non-kubernetes
zones.
I
think
it
makes
more
sense
to
talk
about
to
like
to
handle
this
DNS
because,
for
example,
I
mean
we
set
up
the
we
set
up
the
front
end
running
in
the
VM
using
an
explicit
outbound.
So
we
listed
the
services
that
we
want
to
use.
B
But
if
you
were
setting
up
transparent
proxying,
which
again
is
by
default
on
in
kubernetes,
but
it
is
possible
on
universal
as
well,
then
you
would
use
exactly
that.
B
You
would
use
exactly
that
DNS
name
in
order
to
contact
your
services
right,
because
if
you,
if
you
just
write
back
end
back
end,
is,
is
coming
from
the
kubernetes
service
and
this
only
works
inside
the
kubernetes
Zone.
Whereas
this
you
know
dot
mesh
functionality,
Works
across
all
of
your
zones,
yeah.
B
So,
okay,
we
can
just
make
sure
that's
working
so
that
the
connection
between
front
end
and
back
end
is
working
properly.
So
my
tab
forwarding
is
somehow
playing
along
here.
Kuma
demo,
that's
called
right,
so
I
think
it's
a
8080.
If.
B
Politicalhost
8080
yeah
we've
got
the
marketplace,
we've
got
the
same
thing,
but
of
course,
in
this
instance
we're
contacting
the
the
new
front
end
that
we
just
set
up
so.
C
B
And
now
we
want
to
handle
traffic,
for
we
want
to
send
traffic
to
both
front
ends.
Yeah.
A
Kind
of
like
weighted
like
a
50
50.
yeah,
just.
B
Yep,
that's
exactly
what
I'm
gonna
do:
let's
go
back
to
the
GUI,
real
quick
just
to
see
what
that
you
know
what
actually
we
have
set
up
so
yeah,
so
we
saw
the
mesh
Gateway
route
object
before
right.
It's
what
handles
directing
traffic
that
matches
some
rules
to
certain
destinations.
B
What
I
want
to
do
now
is
send
you
know:
half
the
traffic
to
the
front
end
that
we
had
configured
before
and
then
half
of
the
traffic
to
the
new
front-end
service,
which
is
called
you
know.
It's
called
this
because
of
the
kubernetes-based
naming.
B
Let's
see
you
can
actually,
and
we
can
confirm
that
it's
you
know
some
of
the
traffic
is
coming
to
wanted.
Somebody
that's
coming
from
the
other.
So
if
we
look
at
the
standard
out
of
our
of
the
service,
we
started
the
front
end
service.
We
can
see
that
you
know
every
time
a
request
comes
in.
We
can
see
it
here.
So
let's
look
at
the.
This
is
the
Gateway
again
that
we
have
so,
let's
see,
let's
see
when
we
get
a
new
line
here.
B
Okay,
so
we
saw
that
by
this
refreshing,
a
request
came
in.
Let's
see
what
happens
if
we
look
at
the
standard
out
of
the
Brunetti's
instance.
B
Yeah,
so
we
also
have
traffic
coming
in
here,
another
refresh
yeah.
Okay,
so
we
see
we're
getting
requests
both
to
the
kubernetes
pod
and
to
the
VM
that
we
saw
before
and
that's
because
we
configured
the
mesh
Gateway
route
to
send
half
the
traffic
to
one
half
to
half
the
traffic
to
the
other,
and
so
that
would
you
know
the
next
step
would
be.
Let's
look
at.
B
Let's
look
at
the
functionality
of
this
new
version
of
the
front
end
that
we've
deployed
in
kubernetes
and
make
sure
it's
working
properly
and
if
we
had
more
time
I
could
go
into
like
you
know,
looking
at
the
metrics
I.
Think
of
that
kumas
that
Kuma
provides
to
make
sure
you're
like
looking
at
the
well.
You
would
have
to
install
the
observability
functionality
or
could
set
up.
You
know
grafana
and
Prometheus
and
whatever,
but
but
the
key
is
to
look
at
the
envoy
metrics
and
if
you
know,
there's
failing
requests.
B
You
can
see
that
there,
but
you
know
once
you're
satisfied
that
the
new
pod
is
working
as
intended.
You
can
foreign.
A
B
So
remember
the
one
on
the
end
was
just
called
front
end
and
the
one
the
new
one
has
a
kubernetes
based
name,
so
you
can
get
rid
of
that.
Instead
of
set
it
up,
save
it,
and
now
we
can
look
at
the
output.
B
Of
that
and
make
sure
that
no
requests
are
coming
in
yeah,
so
we
don't
see
the
request
that
we
saw
before
yeah
no
new
listed.
So
we
know
okay,
it's
disabled,
yeah
and
then
finally,
we
can
just
kill
it.
And
now
it's
not
running
anymore
and
we
still
have
traffic.
We
still
have
a
functional
website,
so
yeah.
A
Great
yep,
it's
it's
sounds
like
a
huge
win
for
me.
I
think
we
broke
broke
many
things,
but
we
we
finally
landed
or
something
cool
folks,
if
you
are
enjoying
this
and
you
want
to
have
Mike
get
back
in
the
showing
like
all
the
beats
with
observability
I.
Definitely
I'll,
try,
I'll,
try,
I
have
to
I
have
to
bribe
him
to
to
come
to
the
stream
one
more
time,
but
it
was
exciting
it's
for
me.
A
It
was
also
very
interesting
to
to
learn
some
of
the
beats
that
allowed
me
to
explain
some
of
the
use
cases
better
for,
for
you
also
don't
hesitate
to.
Let
us
know
What,
you
want
to
see
next
in
in
the
Kong
Builders
again
it's
it's.
Definitely
we
have
a
lot
of
things
to
show.
We'll
have
a
lot
of
things
to
talk
about
this,
but
it's
really
up
to
our
listeners
to
know
like
what
do
you
want
to
learn?
A
Kuma
is
super
powerful,
a
tool
for
like
the
to
manage
this
infrastructure
and
that
networking
for
for
your
hybrid
I,
just
another
inside
the
joke,
because
we
have
a
a
very
long
conversation
about
some
of
the
hybrid
deployments
in
in
in
in
in
connect
in
in
YouTube,
like
deployment
into
heterogeneous
environments
and
providing
unification
using
the
kuma
mesh
and
the
current
mesh,
and
things
like
that.
A
As
a
reminder,
every
Wednesday
stay
tuned
for
more
episodes
of
con
Builders.
I
am
super
grateful
to
having
Mike
here
to
to
talk
about
the
stuff.
I
personally
I
learned
a
lot
just
like
sitting
around.
A
That's
the
that's
another
way
to
learn
things
just
like
be
around
the
smart
people,
don't
forget
to
come
to
the
next
episodes
and
learn
some
of
the
cool
things
Mike
Beaumont
from
from
kwank
Victor
Gamo
from
Quan.
Thank
you
so
much
for
being
with
us.