►
From YouTube: Kuma Community Call - February 3, 2021
Description
Kuma hosts official monthly community calls where users and contributors can discuss about any topic and demonstrate use-cases. Interested? You can register for the next Community Call: https://bit.ly/3A46EdD
A
Okay:
okay,
let's
start
then-
and
let's
see
okay,
so
welcome
to
the
kumar
community
call.
We
have
a
couple
of
things
for
today.
So
first
thing
is
that
we
released
command
one
zero
six,
and
can
I
click
on
this
yeah?
Okay?
So
it's
mostly
about
fixes,
but
also
I
don't
see
this
changelog,
but
we
released
gui
with
new
charts
and
it
looks
pretty
good
and
we
are
adding
even
more
charts
bart
is
working
on
this
right
now,
so
the
gui
will
be
flashy
so
also
yeah
in
107.
A
We
will
see
more
chats
and
what
I
liked
about
this
release
that
we
had
many
external
contributors.
We
had
one
two,
three
four
five
contributors
on
the
minor
release.
So
that's
that's
pretty
awesome
and
yeah.
It's
mostly
about
fixes.
You
can
now
see
remote
cpu
version
in
zone
inside,
so
that's
also
helpful
when
you're
running
multi-zone
deployment
and
see
all
the
versions
whether
you
need
to
update
the
remote
control
planes
or
not,
and
we
introduced
the
health
discovery
service.
That's
super
useful
on
universal,
because
previously
we
had
the
health
checks,
but
those
health
checks.
A
Works
like
this,
that
every
android
health
checks
every
other
android
right,
which
has
some
advantages,
that
it
does
not
depend
on
the
control
plane,
but
with
very
large
deployment.
Of
course,
it
does
not
scale
really
well.
So,
with
this
one,
we
send
the
information
to
the
control
plane
and
the
control
plane
propagates
this
information
to
other
envoys,
which
is
pretty
nice,
that
we
now
see
a
status
of
the
data
plane,
the
control
plane.
A
I
suspect
we
will
just
switch
to
1.1
because
we
also
upgraded
envoy
in
the
master.
So
in
next
major
you
will
see
the
envoy
upgrade
and
v3,
probably
by
default
and
yep-
that's
pretty
much
it
for
the
106
release.
There
are
a
couple
fixes
there
and
yeah
so
x,
dsb,
free
support
is
done
and
that's
it.
So
are
there
any
questions
or
demos
or
anyone
wants
to
ask
or
share
the
story
asking?
Will
you
use
kuma
in
in
your
current
company.
B
B
C
A
A
A
D
D
C
A
C
About
so
my
my
guess,
so
that's
me
that
commented
there.
Okay,
my
guess
was
maybe
if
you
have
too
many
meshes,
you
might
just
want
to
have
ingresses
that
are
responsible
of
a
subset
of
meshes
so
that
there's
not
too
much
configs
or
even
like
you
know.
If
you
have
one
very
busy
mesh
and
then
like
other
meshes,
and
you
don't
want
traffic
to
just
be
melted
on
to
be
mixed
together
on
the
same
ingresses.
A
E
Hey
jacob,
actually,
I
have
a
couple
of
questions
when
it
comes
to
ingress
since
we're
already
talking
about
this.
Okay
today
it
seems
like
there
is
a
mesh
requirement
for
the
ingress
resource,
but
that
mesh
requirement
should
not
be
there
because
really
an
ingress,
it's
not
associated
to
any
specific
mesh.
It's
for
all
the
meshes.
A
Yeah
so
the
first
question
about
the
mesh
requirement
in
the
resource.
That's
true
that,
right
now
we
require
the
mesh,
because
it's
a
data
plane
resource
right
and
every
data
plane
resource
is
a
mesh
scoped
resource.
So
we
don't
use
this
when
we
generate
configurations.
So
that's
kind
of
confusing.
I
agree
here.
A
Even
if
you
put
comma
dot
io
service
of
any
service
in
the
mesh,
I
don't
think
it
will
break
anything
right,
because
when
we
how
to
how
to
say
this,
when
we
generate
configuration
with
endpoints
of
of
of
a
service,
we
treat
the
ingress
data
planes
in
a
special
way
right,
so
that
shouldn't
break
anything
and
also
ingress
itself
is
not
asking
for
mtls
certificates.
So
that's
that's
also.
Okay,
but
you're,
probably
right
that
it's
a
little
bit
weird,
that
comada
tails
service
that
you
can
kind
of
control
this.
A
A
E
C
Yeah
I
agree
like
ingresses
are
very
confusing
at
first
like
coming
from
the
outside
is
just
like
it's
a
data
plane,
but
it's
it's
not
very,
not
really
a
data
plane.
It
belongs
to
a
mash,
but
actually
it
belongs
to
all
the
meshes
yeah.
It's
it's
a
little
confusing
at
the
moment
and
making
it
separate
would
probably
simplify
things.
E
A
A
E
E
A
Yeah,
that's
probably
a
good
idea
to
do
in
one
1.1
right,
since
that's
that's
a
breaking
change.
Of
course,
we
would
need
to
kind
of
support
both
but
still
1.1,
probably
our
next
major
version
after
after
that,
okay
cool
cool,
so
that
was
that
was
interesting.
Any
other
interesting
thoughts
to
share
to
discuss.
E
C
I
mean
this
ingress
stuff
was
definitely
like
something
like
I
find.
This
is
once
you
understand
it,
you
you
understand
it
but
like
it
definitely
took
me
a
while
to
get
it
so
this
would
definitely
help
people
getting
started
with
kuma
and
then
one
one
thing
that
is
tricky
for
us
is
the
the
gateway
being
per
mesh,
because
we're
planning
to
actually
have
like
quite
a
bunch
of
matches,
and
it
would
just
be
easier
to
have
one
gateway
that
then
redispatches
to
all
the
mesh.
C
C
And
the
final,
the
other
thing
that
we
were
chatting
about
internally
was
about
ports
on
the
vip,
as
in
currently
the
vips
just
force
you
to
be
on
port
80,
which
technically
doesn't
like,
is
just
a
port.
Who
cares,
but
from
a
user
point
of
view,
people
just
sometimes
get
confused
if
they
can't
use
their
usual
ports
for
their
services.
C
C
A
A
With
the
metadata
with
yeah,
so
technically
you
could.
We
could
implement
this
with
some
special
tag
on
the
inbound.
So
imagine
you
have
this
situation
right
and
you
put
on
the
on
the
conch
proxy
inbound
special
tag,
for
example,
comma
dot,
io,
slash
vport
with
some
part
right
and
then,
once
you
have
this
information
when
you
generate
veep,
you
can
use
this
information
and
you
know
generate
the
outbound
with
a
proper
part,
not
not
80,
but
with
a
part
that
you
picked
yeah.
A
E
Okay,
looking
back
looking
back
choosing
port
80,
you
know
port
80,
it's
already
being
associated
in
the
mindset
of
people
as
being
a
part,
that's
already
familiar
for
other
use
cases.
Perhaps
you
know
looking
back,
you
know,
besides
the
fact
that
we
should
or
should
not
add
a
way,
for
you
know,
choosing
your
own
port.
E
We
should
have
in
the
first
place,
choosing
a
port
that
was
not
four
days
like
something
that
was
associated
to
cuba.
You
cannot
mistake
it
for
anything
else.
Like
you
know,
four
four,
four
four
part
80
just
raises
more
questions,
because
people
associate
that
part
with
a
different
use
case
as
opposed
to
a
part,
that's
not
being
associated
with
any
use
case
because
it
didn't
exist
in
you
know
elsewhere.
E
B
E
A
Yeah
yeah,
so
that's
the
one
thing
that
you
need
to
have
certificates
for
different
ma
for
different
measures,
and
the
second
thing
is
that
our
whole
envoy,
config
generation
is
built
with
an
assumption
that
everything
is
mesh
scoped
right,
every
every
policy,
every
end
point
that
we
are
trying
to
consume
and
so
on
right.
So
I'm
not
saying
that's
impossible
to
introduce
and
implement
right
be
because
of
course
it
is,
but
it
won't
be
super
easy
yeah.
C
So
and
then
we
also
end
up
hacking,
the
spiffer
on
the
on
the
receiver
side,
so
that
you
you
accept
like
like,
so
that
the
mtls
actually
does
work
out,
which,
which
is
why
I
was
saying
I
don't.
I
don't
think
it's
very
nice
and
I
don't
think
it
should
be
pushed
upstream
and
there's
probably
a
nicer
way
to
do
it.