►
From YouTube: Kuma Community Call - April 14, 2021
Description
Kuma hosts official monthly community calls where users and contributors can discuss about any topic and demonstrate use-cases. Interested? You can register for the next Community Call: https://bit.ly/3A46EdD
A
B
For
today
I
don't
have
anything
particular
in
mind.
C
I
think
that
should
be
good
to
go.
We
got
to
update
some
docs
and
yeah.
I
I
still
have
to
it's
good
for
rear
view.
I
think
I
addressed
all
the
notes.
I
implemented
the
v1
api
and
the
prometheus
sd,
but
what
I
haven't
done
yet
is
recompile
the
the
protobufs
to
work
with
the
the
the
library
on
the
prometheus
side.
So
it
looks
like
they
use
a
different
library
than
we
do,
which
is
is,
unfortunately
not
compatible.
C
B
Okay,
so
does
that
mean
that
if
we
merge
this,
this
is
not
going
to
break
anything.
C
It
shouldn't
because
the
v1
alpha
api
is
still
served
by
default.
D
C
Yeah,
so
in
the
meantime,
before
we
have
native
prometheus
support,
you
do
the
same
thing
that
you
do
right
now
with
the
prometheus
sidecar,
the
kuma
prometheus
sd
running
it
as
a
sidecar.
C
Immediately
after
this
is
merged,
I'm
going
to
make
a
pr
into
prometheus
to
add
the
native
support
and
then,
as
soon
as
that's
in
users,
will
have
to
upgrade
their
prometheus
to
that
version.
Whatever
it
lands
in
and
all
you
really
have
to
do
is
provide
the
management
endpoint,
the
the
the
kuma
cp
endpoint
for
the
metrics
discover
the
the
mads
discovery
api.
B
Okay,
so
does
anyone
have
any
any
any
concerns
about
this
pr?
Because
it's
kind
of
big-
and
you
know.
C
C
Yeah,
that's
a
good
idea.
I
can.
I
can
work
on
some
loose
diagrams
and
post
them
to
the
pr
and
then
in
the
next
week,
but
yeah
it
should.
It
should
have
no
immediate
impact
on
on
anyone,
but
it
would
yeah,
eventually
it'll
feel
like
a
more
native
experience
with
prometheus.
So,
instead
of
doing
like,
like
any
other
prometheus,
can
figure
right,
you
would
just
write
a
kuma
sd
section.
A
Super
and
a
few
more
questions
on
the
same
line
right
so
let's
say
I
have
multiple
cps
and
and
prometheus
can
connect
to
any
of
the
cp
to
know
all
the
endpoints
or
we
should
have
one
to
one
mapping
between
a
prometheus
and
an
nscp.
C
I
would
think
you
would
want
well
so
your
your
cps
they're,
all
managing
distinct
sets
of
data
plane,
proxies
right.
A
D
A
D
D
A
Okay,
okay,
okay,
that
is
nice
again.
One
more
thing
is:
let's
say
I
have
multiple
prometheus
just
to
make
sure
that
prometheus
is
also
having
resiliency.
A
So
will
it
automatically
shard
the
data
planes
or
something
that
we'll
have
to
put
in
our?
That
is
not
a
good
use
case.
C
It
will
do
basically
everything
that's
possible
with
the
kuma
prometheus
sd
sidecar
right
now.
It
will
function
exactly
the
same
as
that,
except
instead
of
running
a
sidecar.
It
will
be
natively
integrated
into
prometheus.
C
So
I
I
don't
think
if,
if
there's
any
features
that
you're
looking
for
like
sharding,
that
aren't
that
are
aren't
supported
in
the
current
prometheus
integration,
then
they
won't
be
with
this
pr.
It's
out
of
the
scope
for
this.
A
B
D
Yeah
yeah,
you
could,
you
could
charge
this
by
by
the
mesh.
D
C
D
It's
done
for
parts
I
see,
but
this
should
be
fairly
okay,
I
don't
want
to
say
easy,
but
it
should
be
possible
to
to
do
and
then
you
could.
You
know
you
could
call
configure
your
prometheus
to,
for
example,
only
fetch
the
database
from
one
mesh
and
other
probe
is
used
to
fetch
from
other
mesh,
and
this
could
be
a
way
to
shard
my
tricks.
A
C
B
And
this
will
add
some
new
options
to
dns.
What's
what
you
can
do
with
the
dns?
I
don't
know
if
if
people
are
following
the
ongoing
prs,
but
essentially
we
are
redesigning
the
dns
a
little
bit
and
after
we
do
this
release
next
week,
I
think
we
can.
We
can
and
probably
should
just
merge
this
one
and
then,
if
some
other
changes,
follow-up
changes
in
integrating
new
primitives
and
whatever
is
needed.
C
B
B
We
have
this
problem
with
external
services
and
again
not
a
problem
limitation,
which
we
received
many
many
like
feedback
from
many
endpoints
from
many
customers
and
users,
because
today,
essentially,
when
you
want
to
consume
external
services
like
this,
you
will
see
it
under
the
it's
dot:
mesh
representation,
which
is
essentially
the
service
name
and
then
dot
mesh,
and
then
it
will
be
always
on
port
eight.
So
if
this
service
would
have
to
be
on
port
8091,
you
will
still
have
to
access
it
under
port
80
and
with
this
dot
mesh
extension.
B
So
what
we
are
doing
now
is
we
are
adding
an
option
that
if
someone
turns
flips
a
switch
sets
a
setting,
this
would
not
be
the
case,
so
you
sitting
inside
the
mesh,
you
would
be
able
to
actually
consume
hdbin.org
at
its
native
port
8091,
whatever
that
is,
and
just
transparently
get
access.
There
get
policy
supplied.
B
Get
encryption
whatever
is
going
there
so
for
this
we
are
adding
additional
set
of
components
in
the
sidecar.
If
you
look
at
kubernetes
from
in
kind
of
a
kubernetes
deployment,
these
components
consist
of
coordinates
additional
settings
in
the
invoice
side
car
I
like
that
proxy
that
will
allow
for
local
dns,
name
resolving
and
a
set
of
ip
tables
that
will
essentially
hijack
all
all
the
services
dns
requests
and
pass
them
to
that
new
dns
infrastructure.
B
This
would
make
this.
This
will
allow
us
to
essentially
take
control
of
all
the
resolving
of
the
services,
and
we
believe
that
in
the
future
we
might
be
able
to
actually
progress-
and
maybe
I
don't
know,
just
drop
the
whole
dot
mesh
domain
and
be
able
to
do
to
be
more
flexible
in
the
naming
of
the
services
leveraging
native
names
and
whatever
whatever
this
was
there.
We
haven't
talked
deeply
in
that
direction,
but
let's
say
that
this
is
the
first
step.
We
see
that
the
external
services
are
somehow
more
pressing.
B
B
Overall,
we
will
make
this
with
just
turn
on
turn
off
feature,
and
this
will
make
it
into
the
new
into
the
new
release
which
we
are
planning
for
this
studio
by
the
end
of
this
week,
so
essentially
by
friday.
B
That's
it
for
the
what's
going
on
and
what's
what's
going
on,
we
were
somehow
thinking.
Can
we
do
1.2,
but
maybe
if
we
go
1.2,
we
will
make
this
the
default.
I
don't
know
we'll
see,
but
for
for
the
time
being
we
are
meaning
this
as
an
opt-in
feature,
and
maybe,
if
we
go
to
1.2,
we
might
make
this
the
default.
B
D
A
But
would
you
would
you
support
like
some
kind
of
certificate
for
this
particular
external
service.
A
And
can
I
ask
you
like
another
extension
of
the
same
question,
so
is
it
I
mean,
do
you
guys
see
any
need
of,
let's
say
external
service,
just
service
registry
like
console
or
something
like
that
from
where
you
can
feed
in
these
kind
of
external
services
into
the
mesh?
B
D
A
Service
right
and
let's
say
if
there
are
applications
who
are
already
connecting
or
already
using
console
or
spring
cloud
gateway,
or
something
like
that
or
registry-
maybe
a
way
to
inject
those
endpoints
into
the
mesh,
a
more
native
way
of
injecting
in
end
point
into
the
mesh.
D
D
Scrape
the
names
yeah,
I
think,
okay,
I
think
we
would
need
to
put
more
thought
into
this,
but.
D
B
D
This
use
case,
nikolai,
remember,
like
we
had
similar
thing
with
eureka
yeah
and
the
conclusion
was
what
like
what
was
the
end
of
the
story.
B
Well,
I
mean
it's
like:
can
we
have
an
external
registry
as
a
source
of
endpoints?
Is
that
not
the
question
right
yeah
I
mean.
B
B
I
don't
know
I
mean
to
me
as
as
long
as
there
is
the
api
that
people
can
use,
you
can
have
fun
like
your
component
external
component,
some
python
thing
that
connects
to
both
entities
and
just
does
the
sync.
A
Okay,
so
what
is
suggesting
is
like
put
another
component
in
between
which
can
sync
the
data
from
console
or
eureka
or
whatever
it
is
into
into
the
service
mesh.
D
B
Okay,
I
see
we
have
a
new
new
new
face
here.
Martes,
would
you
like
to
introduce
yourself
with
a
couple
of
words?
At
least
I
don't
remember
seeing
you
before.
It
would
be
interesting
to
see.
E
Yeah,
so
I'm
actually
director
of
technical
marketing
for
morpheus
data,
which
is
a
essentially
a
cloud
management
platform.
So
for
me,
I've
got
a
large
interest
in
service
mesh
and
mainly
specifically
with
kuma,
given
the
fact
that
it
supports
both
virtual
machines
as
well
as
kubernetes,
and
for
me,
part
of
the
the
story.
I'm
working
on
telling
is
being
able
to
bridge
the
gap
between
what
would
typically
be
termed
as
old
world
and
new
world
and
then
be
able
to
provide
that
automation
wrapper
around.
What's
being
done
from
a
kuma
service
mesh
standpoint.
B
Okay,
thanks
do
you
have
any
any
particular
question
we
have
like
five
minutes
left,
so
maybe
we
can
address
something
or.
E
Now,
for
me,
I'm
just
just
following
along,
I
saw
the
the
changes
recently
with
the
transparent
proxy
for
virtual
machines,
just
trying
to
keep
up
with
the
pace
of
innovation,
yeah.
B
That
transport,
unfortunately,
for
virtual
machines,
definitely
made
made
the
difference
and
we
get
a
lot
of
positive
feedback
there,
and
I
hope
that
now,
with
this
new
dna
story
that
we're
going
to
call
so,
as
you
can
imagine
within
this
also,
I
hope
we
are
not
going
to
do
some
bigger
mess.
You
know
iptables
dns.
E
E
I'm
trying
to
figure
out
the
the
good
divide,
because
I've
done
a
lot
with
puppet
and
obviously
announceable
from
a
configuration
management
standpoint
so
trying
to
figure
out
where
best
to
allow
kuma
to
do
some
of
those
things,
but
also
potentially
look
at
other
tools
to
sort
of
augment
what
kuma
could
do.
But
maybe
that's
not
the
the
ideal
place
to
do
it.
E
You
know
in
terms
of
the
like
the
the
transparent
proxy,
as
I
dig
more
and
more
into
it,
trying
to
figure
out
whether
it's
best
to
completely
let
kuma
do
it
or
sort
of
replicate
what
kuma
would
do,
but
leave
it
in
a
tool
like
a
puppet
or
an
answer.
B
Well,
yeah,
that's
that's
an
interesting,
interesting
approach.
We
we
had
some
users
leveraging
like
using
on.
B
Centos
sorry,
seven
like
the
old
one
and
they
had
some
specifics.
There.
D
B
It's
always
like
when
you
go
to
the
virtual
machines.
People
have
different
set
of
sense
like
what
we
do
with
the
install
transparent
box.
Is
it's
a
convenience
tool
it
can
help.
You
see
what
we
we
are
intending
to
do,
but
certainly
that
that
could
be
also
done
with
with
other
tools.
That's
that's
not
definitely,
definitely
an
option.
D
B
A
A
Yeah
I
wanted
to
know
about
the
http
routing,
support
or
feature
that
you
were
trying
to
identify
targeting
some
release
for
that.
D
Yes,
this
is
marco.
Here
we're
going
to
be
prioritizing
that
in
extremely
soon,
so
I
would
expect
that
first
support
for
l7
http
routing
will
ship
in
there.
A
D
A
A
D
A
Okay,
how
do
I
connect
more
actually,
so
the
problem
is
okay.
Let
me
see
if
I
can
put
it
on
wife
itself,
so
entire
auth
2
after
or
through
it
is
jw
token
validation,
after
that
it
is
our
backing.
And
after
that
it
is
passing
certain
jwt
token
to
the
backend
application,
but
if
we
can
at
least
manage
the
oauth,
2
plus
jwt
token
validation,
that
will
be
a
great
addition
on
top
of
the
http
routing
feature
that
we
are
planning
to
add.
D
Okay,
okay,
yeah!
So
if
you
have
this
configuration,
probably
it's
it's
viable
to
put
this
into
proxy
template.
If
you
like,
if
you
have
troubles
with
this,
you
can
always.
You
know,
ask
on
the
community
channel.
If
you
can
pause
the
this
better
color
configuration
of
android.
We
can,
you
know
always
help
you
with
composing
proxy
template
yeah.
A
D
A
D
That
nikolai
had
to
switch
yeah,
so
I
guess
we
should.
We
should
wrap
up
yep.
So
thanks
everyone
for
joining
and
see
you
in
tweaks,
and
you
can
always
you
know,
ask
us
questions
on
the
slag
from
community
channel.