►
From YouTube: Gateway API GAMMA Meeting for 20221206
Description
Gateway API GAMMA Meeting for 20221206
A
A
And
welcome
to
the
December
6
meeting
of
the
Gateway
API
gamma,
as
always
kubernetes
code
of
conduct
for
alternative
effect.
So
please
treat
each
other
respectfully
and
with
that
we
can
get
started
my
screen
and
if
there
is
anyone
who
was
present
at
the
last
gamma
meeting,
who
was
interested
in
recapping
I
would
certainly
appreciate
that
as
I
was
out
of
office,
foreign.
B
B
Let's
see
poll
1493
we
kind
of
got
to
the
point
of
going
yeah.
We
should
just
go
ahead
and
accept
this
one
and
realize
that
we
will
probably
have
to
I,
guess
I
think.
The
way
it
was
put
was
along
the
lines
of.
B
There
was
a
really
good
point
about
the
fact
that
we
don't
really
get
to
mess
with
HTTP
route
as
much
as
we
might
like
to.
There
was
a
little
bit
of
discussion
about
the
Gateway
API
0.6
review.
B
The
most
interesting
thing
that
came
out
of
that
was
some
discussion
about
the
possibility
of
the
Gateway
API
people
thinking.
It
would
be
nice
to
split
out
the
front
end
and
back-end
functionality
of
a
service
in
some
different
ways.
So
several
of
us
were
interested
in
learning
more
about
that.
B
I'll
spare
you
all
the
rabbit
holes
around
HTTP
3
that
conflicts
are
weird
point
in
the
dock
boils
down
to
nobody's
terribly
happy
with
the
idea
that
we
just
say
a
consumer
route
always
takes
precedence
over
a
provider
route.
But
again
it's
probably
a
reasonable
way
to
get
started
right
now
and
then
see
what
things
change,
because
conflict
handling
is
strange.
B
Headless
Services
had
some
interesting
conversation
because
it's
not
entirely
unstreetforward
to
think
about
how
to
deal
with
headless
Services,
where
only
one
headless
service
maps
to
a
given
set
of
back
ends
and
as
soon
as
you
start
talking
about
overlapping
Services,
it
becomes
somewhere
between
not
straightforward
and
impossible,
depending
on
lots
and
lots
of
things.
There's
a
note
in
here
about
we're
going
to
be
chatting
asynchronously
about
this
I.
B
Don't
think
that
actually
happened,
everybody
was
okay
with
saying
and
well
everybody
was
everybody
accepted
that
defining
the
overlapping
endpoints
Behavior
as
implementation
specific
was
okay,
and
there
was
some
question
about
whether
the
non-overlapping
endpoint
case
should
be
implementation,
specific
or
extended,
or
what.
B
There
was
also
a
note
that
implementation
specific
and
extended
have
carefully
defined
meanings,
namely
that
extended
means
there
are
compliance
tests
and
implementation.
Specifics
means
there
are
not
compliance
tests,
so
there
there's
an
important
difference
between
those
two
and
since
Shane
is
on
the
call
I'll
ask
him
to
keep
me
honest
about
my
sense
of
those
two
definitions.
C
He's
not
I'm
here,
I'm,
sorry,
no,
that
that
definition
is
correct.
Extended
is
when
implementation
specific
is,
when
you
don't
have
conformance
tests
extended
is
when
you
do
plus
it's
where
we
put
things
that
actually
have
more
than
one
implementation.
So
it's
not
just
conformance
tests,
but
it's
implied.
B
I
believe
also
am
I
correct
in
remembering
that
a
given
implementation
can
be
conformant
without
executing
the
extended
the
conformance
test
for
extended
Behavior
correct.
Do
I,
remember,
okay!
That
was
the
other
thing
that
I
found
important,
because
that
was
the
difference
between
extended
in
court
right.
B
Yeah,
but
that
was
a
thing
where
it
was
clearly
not
something
that
everybody
on
the
call
last
time
had
already
internalized.
So
I
thought
that
distinction
was
worth
calling
out
again
that
when
we
say
things
like
core
and
extended
and
implementation
specific,
there
are
very
specific
meanings
attached
to
those
it's
kind
of
like
the
difference
between
should
and
May
and
must,
if
you're
reading,
an
RFC
and
it's
important
to
recognize
that
those
don't
always
overlap
exactly
with
their
English
definitions.
B
B
Sorry
I
believe
that
last
week,
well,
okay,
looking
over
the
lists.
B
But
also
John
was
there
cage?
Was
there
I'm
just
looking
over
the
list
of
attendees
this
week,
so
I'm,
not
the
only
one.
This
week
it
was
here
last
week,
excellent.
C
I
just
wanted
to
watch
the
recording
of
you
just
talking
to
yourself.
That
would
have
been.
B
Well,
you
know
I
mean
you:
can
we
can
set
that
up
anytime
you're,
like
it'll,
probably
be
a.
B
C
A
Right,
yeah
yeah
definitely
I
tried
to
check
out
the
reporting,
but
it
looks
like
it.
Hadn't
quite
been
posted
yet
last
time,
hopefully,
that'll
be
all
Now
by
hours.
A
C
I
can't
think
of
anything
off
the
top
of
my
head.
That's
specifically
relevant,
hang
on
now,
you're
making
me
rack
my.
F
Brain
yeah
I
know
I,
can't
think
of
anything
either.
I
I
think
we're
in
a
reasonable
spot
right
now,
but
there's
some
longer
term
discussions
to
have
in
preparation
for
070,
where
I
think
we
had
a
goal
of
having
some
mesh.
Some
mesh
Concepts
well
thought
out
and
formalized
and
fully
approved
at
that
point.
C
Yeah
and
then
just
for
this,
it's
kind
of
not
a
a
v060
thing,
but
we
did
decide
last
night
between
the
gamma
maintainers
and
the
Gateway
API
maintainers.
So
we're
going
to
make
a
gepster
just
for
gamma
to
help
kind
of
keep
things
focused
on
gamma
in
one
place,
which
also
will
help
with
making
sure
we
can
assign
reviews
more
appropriately.
C
A
What's
that
this
is
an
open
gender.
If
there's
any
topics
that
anyone
would
like
to
discuss
at
this
time,
please
feel
free
to
add
them
to
the
agenda.
We're
happy
to
make
some
time
for
that
or
I
will
find
some
stuff
to
follow
up
on,
but
yeah
we
can
certainly
we
have
time
so
any
topics
that
are
on
people's
minds
that
we
would
like
to
spend
some
time
discussing.
Let's
go
John,
you
will
start
with
conflicting
protocol
roots.
E
Yeah
actually
I
realized
I,
maybe
have
two
things
so
there's
been
kind
of
two
open
PR's
for
a
while
on
enhancing
the
Gap.
The
first
is
the
namespace
boundary
stuff,
I
think
Keith
approved
it,
but
it's
not
actually
approved
I,
don't
know
if
that's
because
either
through
GitHub,
instead
of
the
slash
commands
or
the
Nissan
house,
but
I
think
we're.
We
established
that
we
wanted
that
to
merge.
So
if
someone
could
take
a
look
at
that,
we
could
do
that.
E
The
other
thing,
though,
is
what
I
want
to
talk
about
was
the
other
one
which
is
allowing
non-hdp
types,
which
is
this
conflicting
thing,
so
the
main
open
question
for
that
is
what
happens
when
we
Define
multiple
different
routes
of
different
protocol
types
for
the
same
service.
So
you
can
imagine
it.
You
know
TCP
route
and
HTTP
route
for
the
same
service
and
same
port,
I.
Guess
specifically,
this
related
issue
on
different
ports.
It's
probably
pretty
easy
to
resolve
right.
E
So
this
is
something
that's
not
really
discussed
in
Gateway
or
Ingress,
which
is
largely
because
you
have
the
listener
to
kind
of
tell
you
which
protocol
the
routes
need
to
be
I.
Think
it's
not
currently
supported,
like
you,
can't
actually
have
a
TCP
route
and
HTTP
route
for
the
same
listener
and
Gateway,
because
the
protocol
and
The
Listener
defines
what
routes
are
valid
and
we
don't
let
you
attach
a
TCP
route
to
an
HTTP
protocol
listener,
although
technically
it
would
work
if
we
wanted
to
Define
it
that
way,
we
didn't
so.
E
We
sidestep
this
problem.
We
did
reintroduce
the
problem
in
Ingress
with
grpc
round
HTTP
route,
though
both
of
those
can
be
defined
on
the
same
port
in
we
need
to
do
something
there.
So
that's
left
undefined
and
mesh
is
entirely
undefined.
So
now
the
question
is:
how
do
we
want
to
resolve
those
conflicts?
E
I've
been
talking
for
a
while,
so
I'll
put
out
some
ideas,
but
then
I
want
to
see
to
the
other
people.
You
know.
One
idea
is
that
we
just
have
a
strict
hierarchy
of
some
protocol,
takes
precedence
over
others
like
issues
who
are
out
then
TCP
routes,
then
Qs
routes
or
whatever
order
we
want
I,
don't
know
we
could
do
something
else.
E
I
wanted
to
get
some
feedback,
I
think
for
HTTP
route
and
grpc
route.
Well,
that's
kind
of
outside
the
scope
of
mesh,
specifically
how
we
should
handle
that
it
should
probably
not
just
be
like
one
takes
complete
precedence
over
the
other,
given
that
to
your
PC
route
is
effectively
an
HTTP
route,
but
I
think
we
probably
don't
need
to
decide
that
here
and
we
can
inherit
the
decision
from
the
English
side.
I
don't
know.
Does
anyone
have
any
strong
thoughts
on
on
this.
B
You
know
it's
been
a
whole
week:
I
mean
yeah
yeah
I.
Have
this
I?
Have
this
really
vague
feeling
that
one
of
the
you
know,
one
of
the
principles
we
talked
about
was
that
Gateway
API
already
had
this
more
specific,
ever
less
specific
idea,
which
could
provide
some
help
in
terms
of
resolving
conflicts
like
this.
E
E
The
question
would
be:
if
the
route
doesn't
match,
then
do
we
fall
back
to
the
TCP
route
or
not
it's
technically
implementable,
either
way
it
becomes
potentially
a
bit
weird,
because,
if
I'm
defining
a
TCP
route,
I
might
assume
that
my
traffic
is
being
TCP
proxied,
but
obviously
we
need
to
actually
terminate
the
HTTP
in
order
to
tell
if
it
matches
HTTP
routes.
E
It
should
be
implementable.
I
would
imagine
at
least
an
Envoy
like
I
guess
how
you
would
implement.
It
would
be
like
if
there's
no,
like
you
just
add
a
wild
card
to
http
match,
which
then
becomes
a
TCP
match
again
I'm,
not
trying
to
focus
too
much
on
religious.
What
I'm
familiar
with
I?
Don't
think
it
could
do
that
for
TLS,
though
like
if
you
missed
the
all
the
HTTP
matches,
there's
no
way
to
then
like
go
back
to
do
a
TLS
match
an
Envoy.
B
E
D
I
think
and
kubernetes
are
kind
of
acting
as
a
Distortion
for
for
very
simple
things
in
the
internet
and
the
the
fact
that
we
can
Implement
whatever
written,
voy
and
kubernetes
may
allow
all
kind
of
weird
things.
You
know
that's
interesting,
but
in
reality,
when
application
Port,
you
know
you
see
that
HTTP
or
TLS
or
tcpl
has
a
clear
intent.
And
then
that
means
whoever
is
providing.
E
B
E
D
I
think
I
think
the
owner
of
an
HTTP
service
should
somehow
declare
that
it's
an
HTTP
service
and
it
doesn't
matter.
If
you
have
a
route,
you
don't
have
a
route.
You
have
multiple
routes,
it's
whatever
the
owner
of
the
service
declares
because
they
know
exactly
what
they're
exposing
they
know
that
their
application
is
expected
and
whoever
else
wants
to
talk
to
TPP
doesn't
matter,
I
mean
it's,
it's
really
content
of
the
publisher,
because
nobody
else
knows
what
applications
that
the
publisher.
A
D
A
B
I
tend
to
agree
with
Customs
point
that
all
the
prior
art
I
can
think
of
involves
a
port
having
a
single
protocol
associated
with
it
and
being
able
to
do
things
like.
Oh,
if
we
can't
route
TCP
or
account
route
HTTP,
let's
try
it
as
a
raw
TLS
route
seems
or
a
raw
TCP
route,
either
way.
That
feels
a
little
strange
to
me.
B
Having
said
that,
the
grpc
versus
httpsing
is
a
little
more
surreal
to
me,
like
I
could
conceivably
imagine,
maybe
possibly
a
little
bit
that
if
you
don't
get
a
valid
grpc
method,
you
just
route
the
rest
of
it
as
HTTP,
but
even
there
I'd
probably
be
inclined
to
say,
that's
asking
for
trouble
more
than
anything
else.
D
But
the
grpc's
https
I'm
not
talking
about
what
you
do
over
HTTP,
so
you
can
have
an
https
Port
that
is
multiplexing
multiple
things
and
that
can
be
HTTP
because
again,
as
there
was
a
discussion
about
who's,
you
know
over
TLS
who
decides
what
protocol
it
is
if
kubernetes,
whatever
route
or
whatever
or
is
there
a
negotiation
and
on
the
Internet?
Is
your
negotiations?
I
should
decide.
So
once
you
do
a
LPN,
you
know
it's
HTTP
I
mean
if
opportunities
to
stls,
then
you
know
if
it's
HTTP
it
can
be.
D
Tcp
can
be
a
lot
of
other
things
and
then
you
go
to
to
H2
and
it
could
be
grpc
and
grpc
just
means
that
you
use
service,
slash
method.
So
it's
really
HTTP
I,
don't
think
we
are
talking
about.
You
know
kubernetes
apis
overriding,
the
internet
standards,
for
you
know,
LPN,
negotiation
or
or
for
whatever
user
wants
to
expose
on
HTTP
port
with
grpc
or
build
plane
http.
E
So
would
it
be
sufficient
to
just
say
that
if
you
have
multiple
different
routes,
route
types
for
a
single
service,
we
pick
the
most
exact
type,
which
would
be
HTTP,
then
TLS
and
TCP
I
would
imagine
and
on
the
least
specific
ones.
We
emit
some
sort
of
conflict
rule
the
one
concern
I
have
with.
That
is
that
you
maybe
have
a
TCP
route.
That
says,
like
I,
don't
know
natural
480
and
send
it
to
XYZ,
and
someone
adds
an
HP
route
for
something
specific
and
suddenly
the
TCP
one's
wiped
out.
E
In
the
existing
logic,
it's
that's
kind
of
the
discriminator
of
last
choice.
True
if
two
Protocols
are
or
two
routes
are
completely
equal
in
terms
of
priority
and
then
it's
based
on
time,
yeah
I
mean
we
could
do
that,
though
we
could
say
the
oldest
protocol
wins
and
conflict,
and
then,
if
you
want
to
change
it
to
http,
you
apply
your
HTTP
routes.
They
do
nothing
and
then
you
delete
the
TCP
routes.
E
B
Sorry
I
was
thinking
you
know
imagining
a
case
where
you
have.
You
know
a
catch-all
HTTP
route
with
a
slash
as
a
prefix,
and
then
somebody
adds
a
more
specific
prefix
in
that
one.
Suddenly,
your
catch-all
isn't
routing
all
of
it,
but
I
think
that's
a
fundamentally
different
thing.
Sorry
Rob,
you
were
going
to
say
yeah.
F
I
would
just
you
know,
one
of
the
things
we've
really
struggled
with
in
API
usage
elsewhere
is
how
we
handle
or
what
we
expect
from
stateful
controllers
or
if
we
expect
controllers
to
have
state
one
of
the
concerns
of
any
approach
that
you
know
requires.
On
the
you
know,
the
the
it's
one
thing
to
say:
the
oldest
route
we've
done
that
it's
a
different
thing
to
say
the
route
that
was
that
matched
this
first.
F
Basically
right,
you
know
you
could,
you
could
say
the
oldest
route
resource,
but
it
may
not
have
been
used
to
match
a
given
service
or
destination
until
more
recently,
similar
with
Gateway
similar
with
anything
class
tonight,
maybe
I'm
misunderstanding.
So
all
you're
saying
routes
are
not
the
source
of
Truth.
Here.
D
Yeah,
that's
my
point:
I
mean
it's
not
just
the
route
that
determined
what
there
was
a
protocol.
That
was
my
point,
so
it
doesn't
matter
if
the
TCP
route
is
attached
or
not
it
matters.
If
the
user
says
that
hey
I
have
a
port
that
it's
TLS
and
on
TLS
I
have
HTTP,
2
and
and
other
things,
that
is
a
sort
of
two
things
returning
for
out
is
allowed
or
not.
F
D
Is
that
I
don't
know
I
mean
I'm,
not
clear?
Where
is
the
right
place
to
put
the
intent
of
the
user
in
the
service
in
the
Pod
itself
or
some
other?
You
know
attachment
I'm,
not
sure
about
this,
but
I.
My
feeling
is
that
it
needs
to
be
something
where,
as
an
owner
of
application,
publishing
for
8080
I
can
specify
that
what
88
is
the
http.
D
That's
that's
a
good
one,
yes,
but
is
it
what
we
want
to
do
I
mean
do
we
do
we
want
to
require
a
protocol
to
be
used
and
specify
HTTP
or
something
syntax
to
to
identify?
Well.
E
D
D
E
B
E
A
F
I
think
what
we're
describing
is
just
a
way
of
a
way
of
defining
preference
here,
but
not
disallowing
other
route
types,
but
I
just
want
to
make
sure
that
we
allow
any
valid
route
type
to
route
to
a
service
and
not
like
prevent
that
based
on
that
protocol
or
something
something
like
that.
I
I
think
that's
what
others
are
saying,
but
I
just
want
to
be
sure.
D
C
E
If
I
had
an
HTTP
service
and
I
had
an
HTTP
route,
matching
slash,
Google
and
TCP
route,
just
matching
the
port
in
terms
of
how
we
would
configure
that
in,
let's
just
say,
Envoy
that
would
become
a
two
HTTP
matches,
one
on
slash,
goo
and
one
on
Match.
Anything
essentially
like
we
basically
turned
the
TCP
route
into
an
HTTP
route.
Effectively
applies.
D
A
B
Mike
FYI
checking
the
Gateway
API
Gateway
type.
It
looks
like
the
protocol
is
required
in
The
Listener,
section.
Okay,.
B
F
A
B
D
E
Yeah
so
I
guess
if.
C
E
My
phone's,
like
literally
an
inch
away
from
it
so
I'm
kind
of
weird,
set
up
right
now,
so
I
guess.
If
we
go
with
what
Mike
said,
which
I
I
think
I'm
tending
to
agree
with
that
it
at
least
makes
things
simpler.
We
could
always
expand
it
later
right
right.
This
is
kind
of
a
more
restrictive
option
and
we
still
just
need
to
decide.
Do
we
go
with
all
those
protocol
wins
or
most
specific
protocol
wins
right
or
a
third
option,
but
those
are
the
two
that
I've
heard
mentioned.
E
D
F
F
We
specifically
have
put
a
lot
of
effort
into
supported
route
kinds
right,
so
you
you,
as
a
consumer
or
as
a
user,
can
specify
these
are
the
kinds
of
routes
I
want
this
listener
to
support
and
the
implementation
can
tell
you
what
kinds
it
actually
supports
in
status,
so
you
can
set
an
HTTP
protocol
and
I.
F
F
Grpc
route
was
really
the
first
thing
we
ran
into
and
it's
experimental
so
I.
You
know
as
much
as
you
technically
could
mix
and
match.
Tcp
and
HTTP
I
don't
see
a
clear
use
case
for
it
maybe
I'm,
just
not
creative
enough.
Actually.
D
No
I
I'm
starting
to
to
see
some
use
cases
I
mean
given
that
TCP
route
is
based
on
cidr
ranges
like
the
addresses
and
comparative
City
level.
There
is
a
valid
use
case
for
someone
to
apply
PCP
routes
for
an
HTTP
to
hdb
traffic,
so
that
is
deny
or
send
traffic
from
Russia
to
devnal
or
to
some
specific
server
to
really
apply
some
TCP
routes
first
based
on
cidr
ranges,
and
then
the
HTTP
route
should
apply
like
with
normal.
D
Just
just
translate
them
into
firewall
rules
and
to
into
routes
basically,
and
then
HTTP
also
combines
and
grpc
it's
effectively.
You
know
you
can
have
an
HTTP
setup
exposes
both
grpc
and
HTTP,
and
it
really
is
not
under
the
control
of
the
routing
crpc
route
can
be
translated
into
HTTP
routes.
They
are
equivalent
synthetically.
D
F
Just
to
clarify
we,
although
we
very
temporarily
experimented
with
IP
range
matching
in
TCP
route,
it
does
not
exist
today.
D
D
E
F
No
worries
yeah,
we're
just
curious,
I
get
well,
maybe
costing
you
can.
You
can
ask
better
than
I.
Can.
D
I
know
I
I
wonder
what
do
you
think
about
about
applying
guys
apply
for
CCP
routes,
apply
zonage
to
keep
your
routes
and
Xena
plays
grpc
routes,
just
like
Keenan
boy,
and
you
know
how
it
will
happen
on
TCP
routes
are
applied
by
a
different
system
and
a
router,
and
then
HD
browser
applied
by
an
HTTP
load.
Balancer
that
doesn't
know
grpc
and
finally,
grpc
routes
are
applied
locally.
E
Yeah
I,
it's
part
of
me
likes
it,
because
it's
much
easier
to
apply
TCP
routes
first
and
then
fall
back
to
http
routes.
Part
of
me
doesn't
like
it
because
it
kind
of
conflicts
with
the
idea
that
most
specific
route
wins
and
I
I
mean
I,
don't
think
we
need
to
solve
HTTP
and
grpc
Route
precedence
in
mesh,
because
it's
more
of
a
general
problem
but
I
tend
to
think
that
they
shouldn't
be
so
orthogonal.
E
It
seems
a
bit
odd
that,
like
all
HTTP
routes
are,
have
higher
precedence
under
your
BC
routes
or
vice
versa,
but
I
don't
want
to
get
too
hung
up
on
grbc
semantics
here,
necessarily.
F
I
I,
like
the
direction
you
were
going,
I
think
it
was
you
John
that
you
were
going
of.
Basically
anything
from
a
lower
level
can
be
translated
to
some
kind
of
common
understanding
right.
So
that's
especially
clear
with
it.
You
know
grpc
and
HP,
which
are
basically
going
to
be
translated
to
the
same
set
of
matchers
yeah,
and
you
can
kind
of
stretch
that
and
say
well.
Tcp
could
largely
also
be
translated
to
the
same
set
of
matchers.
F
D
B
The
idea
that
a
grpc
route
you
could
consider
to
be
more
specific
than
HTTP
or
you
could
view
it,
as
you
know,
their
peers,
because
grpc
is
HTTP,
but
yeah
H3
really
does
mess
with
a
really
ridiculous
amount
of
stuff.
In
what
we're
talking
about
brief
aside
here,
Rob
was
at
gep
724.
That
was
talking
about
the
supported
route
kinds.
B
B
Check
but
yeah
that
that's
the
only
thing
that
I
was
able
to
find,
but
the
the
concept
that.
B
F
B
I
certainly
do
like
the
idea
of
adding
a
status
to
say:
hey,
you
know
this
particular
route
is
going
to
be
ignored
because
you
did
something
incompatible
with
other
stuff
I'm
kind
of
leaning
towards
we
should
Define
a
specificity
and
then
let
the
most
specific
thing
win,
because
that
feels
to
me
the
most
consistent
with
existing
things
out
there
in
the
world,
but
yeah
I,
don't
know
it's.
A
tough
call
is.
D
B
B
So
from
the
perspective
of
an
app
developer,
it's
very
natural
to
think
about
things
like
oh,
hey,
Port,
573
is
already
in
use
for
a
TCP
route,
so
I
should
probably
not
try
to
put
my
HTTP
server
on
that
port,
and
you
know
that's
a
that's
a
pretty
sane
thing.
Likewise,
people
generally
don't
try
to
do
raw
TCP
routing
on
Port
80
when
there's
also
an
HTTP
server
there.
So
you
know
I'm,
I'm,
biased,
100,
biased
in
this,
by
the
way,
like
I
I,
recognize
that.
D
I
only
agree
with
you
and-
and
that
used
to
be
true
when
the
internet
was
plain
text
and
supports
were
simple,
but
nowadays
with
you
know,
require
you
know
a
lot
of
people
Multiplex,
almost
every
single
over
https
for
gateways,
that's
actually
not
for
gamma,
but
where,
because
it's
very
common,
other
ports
are
blocked
because
friendly
isps
and
and.
D
C
B
D
B
I
I
could
certainly
imagine
an
Ingress
controller
that
needed
to
do
the
demultiplexing
for
sure
I
haven't
seen
it
in
practice
in
my
own
career,
just
because
of
honestly,
because
the
stuff
that
I've
been
doing
in
my
own
career
is
from
the
perspective
of
the
application
developer,
and
we
tried
really
hard
to
not
make
them
think
about
stuff
like
that.
B
B
Mesh
has
to
do
it,
but
maybe
not.
D
B
D
I
would
agree
with
you.
My
only
concern
is
when
we
need
to
implement
that
cidr
based
stuff
for
everything,
because
there
is
a
customer
is
required
by
regulation
to
do
whatever.
How
do
we
do
that,
then?
We
start
cutting
crdr
ranges
to
http
route
to
express
this
requirement,
or
what
do
we
do
because
normally
is
a
cidr,
it's
better
to
be
isolated.
It's
IP
routing
in
that
particular
use
case.
It's
you
know
clearly
exist
because.
D
E
I,
don't
know
I
mean
if
you
have
like
Linux
routing
table
and
you
define
a
route
for
32
cider
and
a
graph
or
a
slash,
16
cider,
the
more
specific
one
wins
right:
basic
peer
routes
effectively
bound
to
a
single
IP
address,
so
that
seems
more
specific
than
a
range.
B
Sorry
can
I
just
to
double
check
cost
in.
Are
you
and
I
apologize
I
feel
like
I
missed
some
of
this
earlier?
Are
you
thinking
about
cider
for
Ingress,
routing
or
egress,
routing
or
East-West
routing.
D
All
of
them
is
a
use
case
with
keeping
you
know.
European
traffic
in
Europe,
for
example,
applies
for
everything,
including
in
in
in
network.
So
you
are
saying
everything
coming
from
Europe
will
be
routed
to
supporting
Europe
and
that
apply.
It
is
best
expressed
with
cidr
ranges
or
network
policies
to
deny
everything
that.
D
Ipv6
probably
allows
that
long
term
I,
don't
I'm,
not
so
worried
about
the
space,
but
my
my
real
I
mean.
Let
me
let
me
tell
you
why
why
I'm
I'm
prefer
this
option?
Is
that
what
we
are
doing
in
history
with
Envoy?
Combining
everything
is
one
option,
but
in
reality
you
may
want
to
to
split
it
to
different
layers,
so
you
may
want
to
put
all
the
PCP
routes
to
translate
them
into.
D
D
So,
basically,
you
can
call
in
a
way
I'm
behind
this,
a
good
model
for
that,
where
you
have
you
kind
of
separate
the
layers
again
instead
of
combining
them,
and
for
that,
it's
better
to
to
to
to
to
have
a
way
to
clearly
separate
what
goes
to
the
you
know
underlying
fabric.
What
goes
to
the
load?
Balancers
that
are
sharing
what
goes
to
the
most
specific
load,
balance
waypoints
or
whatever?
We
call
them.
B
B
Yeah
I
feel
like
the
existing
okay
first
off
I
feel
like
we
are
in
fact
talking
about
kubernetes
at
this
point,
and
second
I
feel
that
the
the
existing
kubernetes
resources,
possibly
implicitly,
are
modeling
some
layers
that
they
are
assuming
are
not
going
to
be
combined
and
then,
and
then
you
know,
then
we
split
out.
B
So
there
are
a
lot
of
ways
that
I
feel
like
the
case
that
you're
talking
about
May
itself
be
a
little
bit
at
odds
with
the
way
kubernetes
is
put
together.
So
I
would
really
like
to
understand
the
use
case
that
you're
talking
about
better
to
to
understand
where
I'm
missing
stuff.
D
Yeah
I
can
try
to
write
something
down
there.
I
mean
I'm,
not
strong
about
them,
I'm,
okay
with
because,
in
reality,
I
suspect.
What
I
want
will
happen
anyway
with
separate
apis,
because
no
matter
what
we
are
saying,
people
who
want
to
configure
IP
routing
will
be
able
to
do
it
at
a
higher
levels
outside
of
kubernetes,
because
that's
more
multi-cluster
and-
and
you
know,
yeah
regions-
you
don't
have
to
do
that.
So
it's
not
necessarily
much
into
kubernetes.
A
B
With
it,
I
mean
a
lot
of
my
gut
reaction
to
the
problem
of
using
cider
to
keep
European
traffic
within
Europe
is
okay.
Why
don't
I
just
have
a
Europe
cluster
and
then
I
have
a
cluster,
that's
in
North,
America
and
then
I
have
a
cluster,
that's
in
Asia
and
then
I
could
just
get
to
rely
on
Kube.
To
already
do
this
for
me
in
a
lot
of
ways,
then
you
get
into
many
more
interesting
such
a
nice
situations
around.
You
know
your
one
of
your
services
in
the
Asian
cluster
has
died.
D
D
A
A
I
just
want
to
kind
of
close
with
something
of
I
think
it
may
be
helpful
to
get
like
a
example
of
like
how
would
you
express
an
application
that
serves
multiple
protocols
through
a
spec
like
that
through
aspect
like
this,
whether
that's
separate
routes,
whether
that's
like
different
Cube
Services,
whether
that's
a
single
service
with
multiple
ports,
specified
like
let's
work
through
like
a
kind
of
concrete
example
like
what
does
this
actually
feel
like
in
practice
to
write?
Does
that
feel
useful
to
folks.
B
A
A
Ground
here
and
I'm
indented
like
six
columns
or
something
like
that,
Are
there
specific
next
steps
that
folks
want
to
take
on
to
drive
a
decision
of
some
sort
on
this
and
again
this
is
all
falling
out
from
which
issue
not
that
one,
the
other
one.
C
D
B
E
D
E
F
Yeah
so
I
I
would
say
we
we
would
want
to
Mark
something
like
as
implementable
and
actually
usually
we
would
move
it
to
experimental,
Channel
I
think
one
of
the
things
that
we
still
need
to
follow
up
back
up
with
is
when
we
did
the
060.
F
When
we
started
off
with
o60
review
with
the
broader
Sig
Network
group
of
reviewers,
which
were
specifically
Tim
and
Cal,
we
got
some
feedback
that
here
attaching
to
a
service
as
a
parent
was
on
unexpected,
and
there
was
you
know
there
was
some
related
effort
coming
coming
through
a
Sig
network
of
pulling
out
some
of
the
pieces
of
service.
F
The
API
like
IP
address
allocation
as
well
as
DNS
resolution
into
something
else
that
could
be
attached
to
Gateway
or
any
other
thing
that
could
be
very
relevant
to
mesh
I,
not
sure
that
that's
a
blocker
to
implementing
something
in
an
experimental
state,
but
it's
definitely
something
that
would
be
a
blocker
towards
moving
much
further
than
that
I.
Have
it
as
an
AI
to
try
and
set
up
some
kind
of
follow-up
discussion
on
that
there
are
some
people
like.
F
Basically,
we
need
to
Loop
in
people
from
Sig
Network
that
are
working
on
these
things,
with
people
from
gamma
and
Gateway
API,
and
try
and
have
some
big
discussion
about
all
this.
It's
hard
to
schedule,
something
with
that
many
people,
but
that
that
is
kind
of
The
Next
Step.
There
I
think
we
need
to
clarify
how
much
of
a
concern
that
is,
whether
that's
a
blocker
or
just
a
let's.
B
B
D
Yeah
I
I
would
it
help
to
to
change
the
language
to
say
itself
we're
attaching
to
service?
We
cannot
touch
to
service
or
equivalents
teachers,
so
basically
it's
do
not
say
which
strictly
a
card
to
a
service,
but
we
can
attach
to
any
object
that
represents
group
of
workloads
yeah.
So
in
future,
because
even
if
we
Define
this
brand
new
split
people
take
a
very
long
time
to
adopt
and
we
still
want
to
be
able
to
express
that
you
attach
the
service.
If
only
service
is
available.
A
A
D
F
Yeah
so
so
to
clarify:
I
I
think
that's
unlikely
to
block,
but
we
have
not
considered
anything
for
the
sake
of
o60.
We've
considered
this
an
informational,
only
review
on
gamma.
We
have
not
tried
to
include
any
part
of
gamma
in
o60,
so
I
I,
don't
think
anything's
a
formal
blocker,
but
it
you
know
we
will
not
consider
any
gamma
spec
part
of
the
060
release
as
a
result,
so
we
can
provide
some
guidance
of
hey.
A
B
A
To
me,
cool
all
right
with
that,
we
are
out
of
time
so
we'll
wrap
it
up
as
always
thanks.
Everyone
definitely
appreciate
discussion
and
thank
you.