►
From YouTube: Kuma Community Call - March 3, 2021
Description
Kuma hosts official monthly community calls where users and contributors can discuss about any topic and demonstrate use-cases. Interested? You can register for the next Community Call: https://bit.ly/3A46EdD
A
And
okay,
in
the
meantime,
let's
start
so,
let's
start
with
upcoming
1.1.0
for
release.
So
this
will
be
the
next
major
release
of
kuma
and
the
release
is
planned
for
the
next
week.
So
be
aware
of
this,
and
the
major
features
are
avoid
config
d3,
which
will
be
now
default,
configuration
that
we
will
be
using,
which
of
course
enables
us
to
use
the
new
features
so
fundraising
and
so
on,
and
also
we
will
be
using
next
major
version
of
android
itself.
A
A
So
until
now
the
timeouts
were
pre-configured
for
you
and
you
could
configure
them
by
using
proxy
template,
which
is
not
really
convenient
for
users
right.
So
we
will
be
introducing
completely
new
policy
to
fine-tune
all
the
timeouts
when
you
are
communicating
between
your
services
and
also
we
introduced
in
some
minor
release.
A
The
retract
policy,
and
with
this
major
we
will
be
introducing
the
default.
Read,
write
policy
when
you
configure
kuma,
when
you
call
configure
your
mesh.
A
Because
it
will
help
us
to
fix
the
issue
when
we
are
scaling
down
the
workload
on
kubernetes
for
some
for
some
time
we
could
pass
there
the
traffic,
but
with
this
retry
this
will
be
fixed
and,
of
course,
yeah.
I
think
it's
it's
good
practice
overall
to
have
some
retries
in
the
communication
between
your
services
and
yeah,
and
this
major
release
also
will
contain
more
and
more
small
improvements
that
we
did
along
the
way
between
the
1,
0
8
release
and
this
1.1.
A
So
this
new
release
will
be
coming
next
week
and
yeah.
That's
it.
The
next
topic
is
permissions
integration.
So
austin,
maybe
you
can
say
something
about
this.
B
Yeah,
so
I
think
it
really
comes
down
to
exposing
the
mods
api
over
http
to
prometheus,
so
I've
got
and
that's
over
xds,
so
I've
been
working
on
that
proposal
and
implementation
work
in
progress
for
upgrading
or
for
a
v1
mads
implementation
in
kuma,
which
I'll
then
bring
over
to
prometheus
and
we'll
have
a
akuma
sd
over
there.
That's
running
over
http
on
the
xds,
so
it'll
it'll
be
a
little
bit
more
kuma
specific.
B
But
I
think,
like
you
said
in
our
conversation
jacob,
anyone
really
could
implement
this
right.
A
B
B
Now,
just
http
because
of
prometheus
constraints,
they've
got
some
dependency
hell
entanglement
that
they
plan
to
fix
when
go
117
is
released,
I
believe,
is
what
I'm
forgetting
his
name,
but
the
prometheus
guy.
I've
been
talking
to
said,
but
I
think
we
can
have
a
a
caching.
The
caching
client
wasn't
hard
to
build
for
http
and
the
server
looks
like
it'll
be
pretty
simple
as
well.
B
So
I
think
the
overhead,
as
long
as
things
aren't
changing
super
super
frequently
won't
be
too
much,
but
that's
a
that's
a
big
assumption.
A
Okay,
okay,
so
what
do
we
need
from
the
rest
of
the
team.
B
I
think
feedback
on
the
current
api
proposal.
It's
not
too
different
from
what's
currently
there,
but
if
people
could
take
a
look
at
that
and
then
maybe
how
I'm
starting
to
implement
that
on
the
kuma
side,
that
would
be
good.
A
B
B
Okay,
I
I'm
hoping
to
get
something
that
we
can
test
out
locally,
like
a
local
prometheus,
build
and
a
local
kuma
build,
so
we
can
show
them
working
together
natively
before
we
start
to
merge
these
things
or
promote
them,
because
that
should.
A
B
A
Okay,
okay,
yeah!
So
let
me
let
me
try
to
go
for
this
proposal
tomorrow,
yeah,
because
I
I
thought
I
reviewed
some
proposal
before,
but
is
it
the
new
one?
I
don't
know.
B
Yeah
you,
I
think
you,
you
reviewed
the
initial
proof
of
concept
if
we're
gonna
put
that
proposal
in
right
yet
itself
here.
A
B
Okay,
okay,
exactly
I've
also
been
doing
some
research
on.
Have
you
guys
interacted
with
open
telemetry
at
all
the
cncf
project.
B
Oh
yeah,
because
it
seems
like
I
I
don't
know
almost
anything
about
it,
except
that
they've
been
debating
on
whether
they
should
include
a
spec
for
service
discovery
and
like
metric
service
discovery
in
their
1.0
yeah.
There's.
B
We
might
be
able
to,
because
that's
that's,
essentially
what
prometheus
doesn't
want
to
do
and
what
we're
forced
to
do
now
is
to
find
an
api
spec,
but
it
would
be
nicer
if
a
group
like
open
telemetry
defined
that
spec
for
us
and
we
just
implemented
it
and
then
prometheus
did
the
same.
A
Okay,
but
will
this
spec
be
wait,
but
they
are
working
on
this
spec
right
now,
right,
okay,
okay,
so.
A
I've
used
open
telemetry,
but
only
as
instrumentation,
libraries,
okay
and
they
they
move
very
cautiously.
So
I
don't
think
the
the
service.
A
Yeah,
okay,
so
native
here's
integration.
A
C
I
have
a
question
I
just
wanted
to
mention.
I
just
found
because
it
was
tricky
to
run
end-to-end
tests
of
the
human
docker
for
mac.
I
had
to
downgrade
to
3.0.3.
C
D
So
I
was
looking
at
the
community
channel
and
we
we
saw
something
that
I
want
to
bring
to
your
notice,
as
in
in
in
the
universal
mode
with
1.07.
A
D
Okay,
yeah
the
last
committee
channel
the
chat,
the
big
one
on
which
I
also
replied
back,
so
we
we
didn't
do
that
that
detailed
debugging
to
see
what
exactly
is
going
on.
So
we
basically
moved
back
to
0.1.06
and
then
saw
that
things
are
okay,
but
with
0.7
same
configurations
we
saw
that
data
planes
are
not
getting
updated
with.
What
is
what
is
with
whatever,
with
the
configuration
that
we
have
on
on
the
control
pane.
A
A
B
Yeah
we
started
debugging
this
problem.
B
We
don't
have
much
results,
but
we
think
that
might
be
because
of
the
the
way,
how
an
resolves
the
address
of
the
control
plane.
So
it
might
happen
that
it
resolves
it
only
once
and
if
you
restart
your
control
plane,
then
it
gets
new
ip
and
then
dp
can't
connect
the
second
time.
So
I
think
we
will
debug
this
problem.
D
A
Should
be
visible
in
the
gui,
but
can
you
can
you
see
the
data
plane
in
the
in
the
api
or
I
don't
know
in
other
yeah.
A
Okay,
is
it
swift
with
many
instances
of
the
control
plane
now?
Okay,
only
one
instance,
and
with
with
copper,
hdb
right
as
a
backhand.
A
Yeah,
okay,
but
it's
if
this
is
visible
in
the
integrity
in
the
api
itself.
This
should
be
visible
in
the
gui
part
question
about
the
gui,
because
you
said
that
we
we
are
storing
the
response
of
the
apis
to
some
to
some
local.
D
C
C
No
currently,
we
are
not.
We
are
just
storing
it
into
the
memory
for
the
session
being
of
of
one
refresh.
So
when
you're
refreshing
it's
it's
not
reading
it
from
the
store,
but
actually
it
would
be
very
hard
to
debug
with
that
amount
of
information.
So
if
you
will
have
any
time
encounter
this
kind
of
issue
and
in
the
future,
my
first
question
would
be
to
look
into
the
network
tab
and
see.
C
Second,
if
there
is
a
delay
from
this
response
and
the
third,
if
the
data
planes
are
in
the
response,
because
if
they
are
it's
the
gui
particular
issue,
if
they
are
not,
then
there
is
something
on
our
data
plane
way
and
even
better
would
be
to
to
record
the
short
video
with
that
situation.
That
would
be
really
grateful
to
see
what
is
in
the
console.
D
C
Yeah
just
put
in
that
community
slack
just
a
message
and
I
will
jump
into
it
and
help
debug
more
if
there
will
be
some
if
there
won't
be
anything
obvious.
A
Yeah
also,
I
have
a
question:
does
it
happen
only
when
you
spin
up
new
data
planes
or
even
when
data
planes
are
running
normally
randomly
okay.
A
B
D
One
more
very
interesting:
sorry:
do
you
use
safari
as
a
browser.
D
Yeah
on
the
browser
part,
I
was
about
to
say
something
that
is
one
more
observation,
as
in
we
use
mozilla,
and
then
only
we
see
the
ui
and
if
we
use
chrome,
then
we
don't
see
the
ui
it.
It
stops
saying
that
it
is
not
able
to
reach
the
api
endpoint,
but
but
the
same
ui
endpoint.
When
we
open
on
on
mozilla,
we
can
see
the
ui
coming
and
then
things
are
okay
on
mozilla.
D
So
this
also
could
be
one
issue
going
forward
as
in
this
is
something
I
want
to
like,
bring
you
or
not
to
notice.
C
So
actually,
the
first
thing
which
I
have
in
mind
is
to
see
what
is
in
the
console,
because
I
have
some
kind
of
idea
that
probably
there
is
some
error
which
would
kind
of
give
us
some
more
hints
that
shouldn't
be
the
case,
because
there
is,
I
don't
know
about
any
apis
which
we
are
using,
which
are
incompatible
between
browsers,
but
maybe
there
is
something
or
related
to
the
caching
or
some
do
maybe
some
browser
extensions
which
can
be
different,
also
can
intercept
the
connections
so
probably
if
there
will
be
anything
like
that,
it
will
be
visible
in
the
console
or
and
the
network
type
too.
D
A
And
going
back
to
the
previous
issue
for
a
second
when,
when
you
say
that
the
config
is
not
delivered
to
the
to
the
data
plane,
do
you
see
anything
interesting
in
the
logs
of
either
envoy
or
the
control
plane
itself.
D
On
vlogs,
we
don't
see
any
listener,
we
don't
see
any
clusters,
it's
mostly
a
bootstrap
configuration
is
what
we
see.
Nothing
majorly
locked
on
the
control
plane,
control
plane
keeps
showing
all
the
data
plane
as
active.
A
Okay;
okay,
if
you
are
in
this
situation
like
if
you
encounter
this
situation
again,
please
dump
the
airplane
inside.
This
is
the
object
that
we
have,
that
is
yeah
that
takes
history
of
of
the
call
call
connection
between
android
and
the
control
plane.
So
we
can
see
if
those
configs
are
sent
to
the
envoy
and
rejected
by
amvoi
or
what
is
really
happening
there.
D
We
don't,
I
have
not
seen
any
reject
I'll
do.
As
you
said,
I
just
remember
weekly
that
you
mentioned
that
data
plane
inside.
Is
that
a
call
which
is
done
by
the
by
the
stored
procedure.
D
Okay,
yeah.
I
want
to
pick
your
brain
around
one
con
one
deployment.
D
So
let's
say
there
is
a
vm
on
which
there
are
multiple
instances
of
your
of
your
data.
Plane
running
can
be
what
a
user
wants
now
is
to
basically
have
onwards,
reverse
proxy
for
all
of
them,
so
that
he
need
not
configure
all
the
all
the
instances.
So,
okay,
let
me
first
of
all
tell
you
how
it
actually
happens.
D
A
Okay,
so
we
are
breaking
a
bit.
I
don't
know
if
this
is
my
connection
or
or
not.
Okay,
yeah
yeah,
if
you,
if
you
could,
could
repeat
this,
so
there
is
a
vm.
D
A
D
On
a
vm,
let's
say
that
let's
say
there
are
n
number
of
instances.
D
A
user
wants
to
basically
put
all
the
n
number
of
instances
behind
one
reverse
proxy
one
on
y
and
he
wants
to
expose
the
listener
of
onward
on
the
vm
and
and
and
that
way
we
will
never
have
to
configure
the
ip
port
addresses
that
the
the
applicant
that
the
application
would
expose.
So
that
way
he
will
only
expose
the
reverse
proxy
ib
vote
addresses
and
he
can
bring
up
as
many
number
of
instances
that
he
wants.
D
D
A
A
No,
actually,
no,
no!
No!
No!
No!
Actually,
let
me
think
no,
I
I
think
that
should
be
possible.
Let
me
share
a
screen
and.
A
A
Like
assuming,
there
are
one
vm
with
apps.
A
A
Right
so
when
the
gateway
when
gateway
is
using
localhost
8080,
the
traffic
will
go
either
here
here
or
here
right,
so
you
can
kind
of
multiplex
different
instances
with
many
inbounds.
Of
course,
your
vm
now
has
to
expose
this
ip
with
parts
this
this
and
this
right,
but
still
you
could
you
could
do
this.
D
A
Okay,
yeah,
okay:
we
are
five.
D
A
Yeah
yeah,
we
are,
we
are
out
of
time
unless
you
have
really
quick
question.
D
A
Routing
that's
a
good
question.
There
was
one
guy
from
the
community
that
wanted
to
implement
this,
but
he
didn't
finish
this
yeah
sure.
I
think
nobody
is
working
on
this
right
now.
So,
if
you,
if
you
can,
if
you
can
grab
this,
then
that
would
be.
That
would
be
great
here
we
are.
Did
we
have
any
discussion
on
l7
no.
A
Okay,
so
if,
if
you
want
to
implement
this,
it
would
be
great
if
you
can
start
with
a
proposal
with
the
api
changes
to
a
traffic
route
right
and
once
we
agree
on
the
implementation,
then
yeah,
then
we
can
improve
pro
proceed
with
the
implementation
right.
So
we
won't
waste
your
time
if
you
know,
if
we
have
some
remarks
after
you
implement
this
sure,
okay,
okay,
great.