►
From YouTube: Layer5 Community Meeting (May 22nd 2020)
Description
@Codydearkland and @blakecova demonstrate @hashicorp Consul's HCS and 1.8 beta features.
A
A
A
And
that
is
that
last
night
we
had
a
virtual
meetup
for
cloud
native
Austin
and
dr.
Austin,
at
the
end
of
which
one
of
the
attendees
asked
it's
a
you
know
this
is
being
recorded
in
the
recording
would
be
available
later,
and
you
know
naturally
assuming
that
the
recording
had
automatically
started
when
I
started
hosting
the
Meetup
I
didn't
double-check
that
so
that's
one
less
recording
that
people
will
have
to
watch.
And
yes,
that's
that's
too
bad.
A
A
Okay,
very
good:
well,
it's
actually
six
after,
and
so
that
means
it's
about
time
to
get
going.
We
there's
a
couple
of
us
that
are
on
the
today's
call
that
are
under
deadline
for
other
items
due
today,
so
we
might
have
a
shorter
call,
which
means
that
for
once,
I
will
shut
my
Yap
pretty
quick
on
that
I
am
please
from
a
couple
of
perspectives
that
we
have
about
today's
agenda.
A
If
you're
inclined,
there's
a
darker,
calm
presentation
coming
up,
there's
a
bunch
of
other
activities
that
that,
frankly,
we
just
didn't
have
time
to
track
today,
and
so
with
that
a
quick
call
for
topics
outside
of
our
discussion
and
kind
of
presentation
of
console
functionality.
If
others
have
topics
that
you'd
like
to
cover
in
the
community
meeting.
Now
is
the
time
to
get
those
listed.
A
If
you
don't,
that
might
actually
be
good
because,
instead
of
running
over,
like
we
usually
do,
maybe
it
will
actually
be
somewhat
professional
about
ending
on
time.
So
so
fair
enough,
blake
say
thanks
for
thanks
for
kidding,
I'm
consul
on
the
agenda
there's
enough
of
the
audience
here,
whether
they're
on
now
or
that
will
watch
later
that
I
think
you
know
in
our
discussions,
we've
been
yearning
for
we've
been
behind
on
console
sort
of
essa
as
a
community.
A
C
Just
brings
me
around
act
as
like
a
bodyguard
and
played
jokes
for
him.
That's
that's
pretty
I
know
I,
do
so
I
partner
up
with
Blake
and
do
a
technical
marketing
for
consult
so
Blake
Blake
builds
a
sausage
I
present
the
sausage
in
really
nice
ways
best
way
to
describe
it.
I've
been
doing
a
lot
of
work
with
the
Hochberg
cross-terms
on
on
adjure,
as
well
as
just
consul
in
general,
so
play
guest
if
I,
if
I
wanted
to
come
share
share
the
goodness
with
everybody,
and
so
here
we
are
sharing
the
sausage.
A
D
C
A
So
so
1.8
and
that's
the
latest
and
Greg,
says
hot
off
the
press.
This
is
this
is
not
beta.
This
is
GA,
so.
C
C
But
1.8
is,
is
a
beta,
the
one
that
I'm
going
to
show
on
how
script
console
service
is
still
on
1.7.2,
because
it
that's
it's
a
production
platform,
so
we're
not
gonna,
run
beta
beta
on
the
PI
on
a
production
platform,
but
honestly
I'm
I'm
way
more
excited
for
1.8,
but
I
am
HTS
right
now
there
was
a
lot
of
really
good
stuff
in
and
one
that
day
anything
you
want
to
say
like
I.
B
Know
I
just
I
mean
agree,
we're
I'm
pretty
excited
about
it.
It's
really
been
released
from
our
perspective,
a
lot
of
cool
capabilities.
We
did
a
webinar
last
week
with
the
CEO
CTO
of
hosh
support,
Mitchell
Hashimoto.
So
if
you
want
to
go
look
that
up
check
it
out,
you
can
find
a
link
to
that
on
our
blog.
We
walk
through
some
of
the
new
features
that
are
available
like
a
native
ingress
gateway
and
console
terminating
gateway
and
a
couple
of
they're
pretty
exciting
enhancements.
So,
yes,
it's
definitely
beta.
You
want
to
try
it
out.
B
C
What's
fun
about
that,
just
like
to
kind
of
mention
is
that,
like
one
of
the
things
when
I
was
prepping,
for
this
call,
like
it's
always
a
little
bit
of
a
bummer
to
do
you
like
the
public
cloud
resources,
because
it
means
that,
like
anybody
in
this
cost
to
go,
spend
money
to
try
it
out
right?
It's
like
anything,
I
show
you
right
now.
C
If
we
wanted
to
like
it's
like
that
one
day,
it's
a
real
fun
one
to
play
with,
because,
like
everybody
on
this
call
could
go
use
it
right
now
we
can
walk
through
setting
all
of
that
stuff
up.
If
we
want
to
do
not
in
the
timeline,
we
have
I
take
a
little
longer
than
that,
but
that's
the
best.
That's
the
more
exciting
thing
for
community
calls
for
me
than
like
this
I'm
not
supposed
to
say
that,
but.
A
A
C
About
HDS,
is
it
school
for
its
own
reasons,
I'm
just
giving
a
little
bit
ahead
right
now?
What
are
things
like
interesting
about?
Hds
is
less
it's
less
than
like
consoles
the
thing,
and
it's
more
the
fact
that,
like
using
HDS,
you
can
create
consistent
networking
and
in
copper
in
Azure
with
console,
like,
obviously,
you
have
like
the
backplane
networking
I'm
just
regular
two
subnets.
But
when
you
look
at
how
like
IKS
clusters
communicate,
they
typically
communicate
in
an
island,
and
you
can.
C
But
they're
not
a
single
mesh
at
that
point
right
there,
individual
networks
and
they're,
connecting
as
individual
networks
but
like
when
you
use
HDS.
You
can
wire
these
things
all
up
into
one
single
network.
You
can
apply
policy
on
that.
Your
new
traffic
splitting
between
that
so
like
time
about
1.8
versus
like
console
and
in
mind
you
like
HDS,
is
gonna
have
1.8
very
very
soon
like
we've.
This
was
a
topic
I
chatted
with
about
yesterday,
and
you
think
it's
gonna
happen
very
very
soon.
So
this
debate
doesn't
really
this
debate.
C
Has
that
has
a
heavy
shelf
life,
but
what's
that's
the
things
that
are
cool
about?
Hds
are
cool
because
it's
in
Azure
and
because
it's
a
platform
for
creating
that,
like
consistent
service
mesh
for
everything
inside
edge
or
whether
it's,
whether
it's
virtual
machines
or
multiple
kubernetes
clusters,
one
day
it's
just
cool
because
of
like
we
kind
of
complete
a
lot
of
our
like
I,
would
say
our
gaps
in
the
surface
mentor
story,
and
we
extend
the
things
that
we
did
in
service
managed
to
be
a
more
complete
story
with
what's
already
in
customer
environments.
C
C
B
A
Yeah,
well
maybe
we'll
digress
for
just
a
moment.
Just
because
is
element
two
in
part.
What
we
were
looking
to
show
well
during
the
dr.
Khan
demo,
and
that
is
having
a
small
sample
app
that
that,
because
of
its
small
nature,
only
having
a
couple
of
services
that
we're
or
I
think
initially,
when
we
had
this
demo
app,
it
was
a
single
service.
Granted.
A
We
know
very
well
that
they,
the
service
meshes,
are
sort
of
written
in
context
of
many
many
services.
So
probably
you
get
most
functionality
and
most
benefit
when
you've
got
a
larger
service
or
multiple
services
set
up
for
your
app
anyway.
It
was
just
a
point
of
reflection
for
for
some
of
us
involved
that,
like
oh,
yes,
that's
a
reminder
that
there
isn't
a
an
ingress
gateway,
so
to
speak,
that
that
comes
with
the
version
of
console
that's
available
today,
yeah.
C
B
Sure
yeah
go
ahead,
so
Louie.
What
you
mentioned
is
exactly
the
problem
that
we
were
trying
to
solve
today
when
people
deploy
console
Service
mesh
if
they
want
to
set
up
an
ingress
or
allow
that
ingress
connectivity
into
the
cluster,
they
need
to
immediately
go
and
rely
on
a
third
party
solution,
like
ambassador
88
proxy
glue.
One
of
those
things
that
integrate
with
console
what
we
wanted
to
do
by
providing
a
built-in
ingress
is
to
have
a
more
batteries
included.
Experience,
allow
you
to
stand
up
console
and
not
have
to
rely
on.
B
A
third
party
have
something
that's
built-in
that
can
facilitate
and
allow
that
north-south
connectivity.
That
was
really
the
goal
of
bundling
this
together,
and
so
you
know,
this
gateway
is
really
designed
to
help
enable
service
to
service
communication
as
you're
migrating
services
into
the
mesh,
and
you
know
potentially
some
applications.
They
may
be
exponents
to
end
users
within
your
enterprise,
but
it's
really
to
help
again
in
that
migration.
Our
goal
is
specifically
not
to
try
to
build
a
full-featured
ingress
like
some
of
the
other
solutions
in
the
market.
B
Just
because
that's
a
big
undertaking,
there's
already
a
lot
of
great
things
out
there.
You
know
Oscorp
has
a
very
strong
partner
ecosystem
and
we
do
integrate
with
you
know
a
couple
companies
that
I
previously
mentioned
that
played
really
well
in
that
space
and
have
a
lot
of
good
set
of
functionality,
and
so
we
don't
want
to
go
reinvent
the
wheel.
This
was
again
just
a
big
make
the
getting
started,
experience
on
console
easier,
but
then
it
you
develop
into
more
advanced
use
cases.
B
We
would
recommend
folks
code
and
deploy
something
that
is
better
suited
for
that
scale
or
those
features
that
you're
looking
for
with
that
said,
I
will
say
that
this
proxy
is
implemented
using
on
voice,
so
it
there
is
no
scale
built
in
it's
not
like.
We
wrote
something
from
scratch.
We
are
using
on
voice
same
as
you
know,
for
our
sidecars
within
the
service
mesh.
You.
C
Know
one
thing
to
call
out
that
I
think
is
really
goes
on
the
end
there.
What
Blake
said
about
it
being
it
being
an
envoy
like
from
a
technical
architecture
standpoint.
What
makes
me
excited
about
having
a
native
ingress
the
Blake's
totally
right
in
that
there
are
companies
that
do
this
as
their
business.
So
obviously
they're
gonna
have
a
bigger
feature.
Set
they're
gonna
be
like
more
whole
features.
C
That's
all
they
do,
but
what
really
excites
me
about
us
having
one
is
that
now,
this
ingress
gateway
is
part
of
the
mesh
directly
right
like
it's
built
into
to
the
mesh.
So
we
can
do
like
traffic
splitting
and
stuff
right
at
the
edge
of
the
mesh
instead
of
instead
of
having
to
use
like
if
you
use
something
like
like
traffic
or
Kong
or
ambassador,
and
you
can
split
traffic
outside,
but
that
that
traffic
policy
now
lives
outside
of
your
service
mesh
right.
C
It's
two
environments
that
you're
gonna
manage
that
traffic
policy,
and
it's
not
like
this
insurmountable
task.
I,
don't
want
to
like
spread
fund
that
it's
this
horrible
thing,
that's
totally
fine,
but
for
like
the
getting
started,
and
the
quick
start
experience
it's
nice
to
have
it
all
inside
of
one
platform
and
be
able
to
say
that
all
my
traffic
splitting
happens
here
as
well.
All
of
my
security
policy
happens
here
as
well.
I
like
the
integrated
aspect
of
it.
C
C
That's
like
very
basic
I've
had
a
couple
of
couple
of
conversations
and
customers,
it's
hard
to
say
where
they
have
very
small
environments
but
they're
looking
just
at
ways
to
do
simple,
app
lifecycle.
How
do
I
bring
in
version
2
of
an
application
and
not
have
to
do
this
hundred
percent
failover
to
the
new
app
right,
simple
90
percent,
10
percent
traffic
split
is
a
pretty
easy
thing
to
accomplish
with
that.
So
I
think
it's
thanks.
Pretty
cool
makes
me
happy
starts
my
Friday
off
well
yeah.
B
I
think
we
one
thing
I
would
add
to
that.
Is
that,
because
it's
so
well
integrated,
we
do
offer
mutual
TLS
from
the
ingress
services
within
the
mesh.
So
you
have
that
security
at
your
edge.
All
the
way
in
the
ingress
is
also
able
to
take
advantage
of
things
like
console
mesh
gateways,
so
mesh
gateways
provide
or
enable
service
to
service
communication
between
different
console
clusters
across
the
internet,
hosted
on
different
cloud
environments
and
what
they
we
support
failover.
B
So
if
you
have
a
service
instances
in
data
center
one
and
they
become
unavailable
or
unhealthy,
you
can
fail
those
over
to
data
center.
With
the
ingress
solution,
you
can
still
take
traffic
in
on
dc1,
but
again,
if
there's
instances
that
are
unhealthy,
the
ingress
can
failover
directly
you're
not
having
to
do
any
kind
of
external
DNS
redirection
or
anything
like
that.
To
move
users
over
to
that
secondary
data
center.
C
And
you
know:
we've
done
something
there.
That's
I
have
to
mention
it
now.
My
favorite
feature
of
1.8
is
what
we've
done
with
the
mesh
gateways.
So
without
going
down
too
deep
of
rabbit
hole,
console
works
on
a
gossip
system
between
the
nodes
in
an
environment,
so
all
systems
have
to
be
able
to
typically
have
to
be
able
to
communicate
over
those
gossip
ports.
C
So
if
you
have
five
servers
that
are
console
things
or
five
nodes
that
our
console
things
in
data
center,
one
that
gossip
communication
has
to
be
able
to
talk
to
Dana
Center
two
as
well
over
a
couple
of
specific
ports
that
still
halls
you
have
to
punch
in
your
firewalls.
For
those
five
to
be
able
to
talk
to
those
five,
we
enhance
the
mesh
gateways
in
1.8
to
add
this
one
Federation
capability,
and
it's
it's
a
long
name
wish.
C
We
would
get
to
a
place
where
we
make
names
a
little
a
little
friendlier,
but
what
it
ends
up
doing
is
being
able
to
send
all
traffic
through
the
mesh
gateways.
So
this
is
this
is
my
one
down
a
demo
environment
I
did
the
demo
with
Mitchell?
Last
week-
and
this
is
the
environment
I
used
for
that-
and
between
these
two
data-
centers
there's
one
port
open,
so
I
have
nine
nine
nine,
eight
open
between
AWS
and
Azure
and
all
of
my
service
matched
traffic
runs
through
that
port.
C
So
this
is
a
three-tier
like
this
demo
application
if
I
go
and
hit-
and
we
are
like
way
off
the
demo
rails
here
so
this
might
not
things
might
break.
Beware
so
like
this
application
is
communicating
across
at
your
an
AWS
right
now
and
if
you
look
inside
console,
we've
got
the
front
end
services
coming.
F
C
Through
the
ingress
gateway
we
hit,
the
upstream,
we
can
see
up
streams
pointed
at
the
front
end
service
I've
got
two
instances
of
the
front
end
service.
These
are
both
living
in
AWS.
If
I
take
a
look
at
the
intentions,
we
can
see.
I
have
an
intention
allowed
from
the
ingress
gateway
to
the
front
end
service,
so
I'm
allowing
Blake's
earlier
point.
Tls
is
the
lab
communications
allowed
between
between
these
services?
If
I
flip
down
to
a
sure?
Oh,
oh,
it's
because
I
don't
want.
C
That
is
that's
a
as
a
UI
bug
for
beta
I
switch
out
the
azure
we
see
I
have
my
API
tier
yeah
I.
Have
this
external
Postgres
database?
So
if
we
look
at
the
app
we
can
see,
I've
got
good
connectivity
to
API
and
good
connectivity
to
a
database.
There's
something
unique
about
the
database
here,
that's
actually
an
external
service,
that's
a
Azure
managed
Postgres,
so
I
have
a
terminating
gateway
that
is
set
up
to
resolve
service
mesh
injuries
to
external
services.
Specifically
this
Postgres
database
outside.
So
the
translation
here
is.
C
We
can
bring
services
that
are
not
a
part
of
the
mesh
that
we
don't
have
a
sidecar
running
on
that
we
don't
have
envoy
running
on
into
the
mesh
with
terminating
gateways
and
the
speech
I
give
to
like
the
internal
teams,
the
internal
teams
love
to
say
that
this
is
for
like
legacy
services
right.
So
if
you
have
a
big
Oracle
database
or
a
big
post
chris
davis
in-house
that
you
can
drop
a
terminating
gateway
and
connect
to
it,
but
we
have
to
remember
that
legacy
doesn't
always
mean
old
right.
C
Somebody
could
have
spent
a
lot
of
time
to
migrate
their
on-prem
databases
to
manage
databases
in
Azure
and
it's
not
a
thunderbolt.
That's
not
an
old
platform.
That's
that
might
be
legacy
for
them
because
of
the
journey
and
the
speed
of
the
velocity
they're
moving
at.
But
it's
certainly
not
an
old
platform
at
that
point,
and
they
want
to
be
able
to
have
that
consistent
communication
to
that
service,
as
well
so
terminating
gateways
solve
that.
C
All
of
that
long
winded
to
say
this
all
all
this
communication
between
these
environments
is
happening
over
port
nine,
nine,
nine,
eight
just
that
that
mesh
gateway.
So
it's
that's
my
my
favorite
feature
is
that
I
think
that's
gonna,
end
up
being
a
very,
very,
very
popular
and
very
big
thing
when
you
don't
have
to
we're
not
forced
to
set
up
a
VPN
for
any
connectivity
between
sites
and
you're,
not
forced
to
set
up
like
an
Express
route
or
a
or
direct
connect.
C
A
C
So
I
came
from
I'm
supposed
to
say
these
things
publicly
I
came
from
VMware
before
this,
so
I
have
a
lot
of
friends
in
that
community
still
and
a
lot
of
them
are
like
on
this
journey
as
well,
trying
to
figure
out
how
this
kind
of
like
next-generation
tech
in
their
in
their
world
I
was
talking
to
one
of
the
community
members
who's
got
those
massive
home
lab
and
he
really
likes
it.
He
have
service
mission.
He
doesn't
really
know
how
to
get
started
with
and
he's
like.
You
know,
I've
been
SX
running
I.
C
Have
all
of
this.
I
have
also
traditional
networking
stuff
set
up.
How
can
I
start
to
use
service
finish
and
I
was
like
well,
dude
will
get
on
a
call
we'll
do
this,
as
community
style
jump
on
it
will
have
the
option.
Work
like
how
she
gets
thing
and
I'll
have
and
we'll
link
up
our
environments
using
service
mesh
on
on
console.
So
we'll
run
it
locally
and
connect
those
into
two
irons
together.
C
I'll
show
you
how
we
can
have
your
stuff
in
your
lab
connected
stuff
in
my
lab
over
a
single
port,
yeah
community
call
would
be
fun
doing
that
I
would
be
even
though
I'm
doing
that
one
of
them
I
would
gladly
do
one.
As
a
group
like
we
could
easily
feder
a
tab.
Unchewed
esque
tops
together,
whereas
knowing
that
the
developer
advocate
I
was
telling
him
about
it,
so
he
can
help
you
get
set
up
and
he's
like
dude.
Don't
do
port
forwarding
just
use
end
grog,
and
it
was
this
mind-blowing
moment
of
like
yeah.
C
A
C
A
Let
me
clarify
on
the
terminating
gateway
or
like
in
the
example
that
you'd
used
about
someone
having
migrated
into
their
database
to
manage
database
service.
In
that
case,
that
is
the
terminating
gateway
here,
a
logical
instance,
a
logical
configuration
or
is
that
a
separate
sort
of
physical
deployment
of
of
an
envoy?
Yes,.
C
So,
in
this
case,
so
the
terminating
gateway
here
is
running
inside
of
azure
and
it's
actually
running
on
a
node.
So
I
have
a
VM
that
I've
deployed
in
connacher
and
I've
thrown
console
on
and
I
throw
an
envoy
on
it
and
I've
configured
that
as
a
terminating
gateway.
So
it
is
effectively
like
a
machine
sitting
in
there
proxying
the
traffic
back
from
better
order.
The.
B
Difference
between
like
the
terminating
gateway
and
say
a
sidecar
in
the
mesh
is
psyche
are
typically
represents.
A
single
service
in
the
mesh.
A
terminating
gateway
is
like
an
egress
proxy
that
confront
multiple
services,
so
you
can
have
10
20
100.
You
have
single
terminating
gateway
and
scale.
Those
out
you
know
appropriately,
based
on
your
load.
C
Let
me
see
it
connects
services
here.
This
is
just
very
like
I,
said
very
simple,
Postgres
database
point
and
the
point
behind,
but
what's
interesting
about
this
is
we
have
so
like
into
being
a
full-featured
demo
right
to
the
to
the
previous
point
about
putting
lipstick
on
a
pig
we
have
ingress
running
that
this
ingress
is
passing
into
UI
bug.
C
C
That's
that's
a
it's
a
favorite
topic
of
mine
and
Lance's
talk
about
so
we
do
have
this
routing
view
to
Blake's
point:
it
handles
the
layer,
7
routing
visualization.
So
if
I
had
splitter
setup,
so
I'm
saying
those
two
nodes
that
I
have
or
actually
two
different
versions,
I
can
see
them
both
here
and
I
can
like
balance
traffic
between
the
two
of
them
right
now,
the
visualization
doesn't
include
the
full
service,
but
that's
a
very,
very,
very
active
conversation.
I
would
say
the
other
Blake
if
you'd
like
to
see
that
he
I.
B
Was
moreso
just
trying
to
get
you
to
show
this
page
I?
Think
it's
cool
and
you
do
see
different
routing
splitting
and
helps
you
reason
about
your
configurations
versus
just
looking
at
the
text.
You
can
actually
see,
what's
the
end
result
of
everything
that
I've
actually
configured
how
our
packets
going
to
flow
after
all,
this
stuff
is
processed
and
evaluated.
B
C
Absolutely
so
most
of
the
stuff
I
had
I
had
a
deck,
but
most
of
that
stuff
we've
already
talked
about
about
what
console.
Isn't
that
what
it
does
so
I'm
just
gonna
stick
with
the
stick
with
the
live
demo
path,
since
that
seems
to
be
working
pretty
well,
so
we'll
bail
out
of
this
console
environment,
a
lot
of
demo
app.
So
here
I
am
in
hazard.
If
we
bring
up
my
C,
we
should
have
a
instance
in
here
that
was
still
deploying
there
we
go
so
this
is
the
Husker
console
service
on
Azure.
C
Shows
up
in
the
catalog
here,
so
what
this
deploys
is
a
fully
managed
console
environment.
So
all
the
work
that
I
did
on
that
other
demo
to
stand
at
these
individual
nodes.
We
can
actually
just
run
this
and
it
will
deploy
out
an
instance
of
console
if
I
go
in
to
my
existing
console
node
in
here.
So
that's
console,
hds
and
I
hit
the
UI.
C
We
can
actually
see
the
console
UI
built
into
built
into
this
environment
here,
and
this
gives
us
all
the
same
capabilities
that
I
just
talked
about
with
the
exception
right
now
of
the
whole
Federation
aspect.
Right
now
you
can't
federate
an
HDS
cluster,
meaning
you
can't
connect
it
to
another
to
another
server
cluster
externally,
but
you
can
join
multiple
environments
to
this
one.
So
I
can
bring
multiple
after
Humanity
service
clusters
into
this
and
route
traffic
between
those
clusters.
What
we're
doing
love
it,
like
the
sales
teams
and
I,
are
talking
about
this.
C
That's
becoming
kind
of
central
plane
for
managing
the
way
applications
communicate
between
platforms
in
the
environment
or
within
azure
I
should
say
so.
We
can
go
down
here.
We
can
hit
the
resources
view
the
properties
of
this
and
grab
the
actual
address.
A
couple
things
to
call
out
for
those
who
aren't
familiar
are
familiar
with
fonts
or
a
console
and
how
it
works
in
general.
This
environment
is
a
CL
turned
on
by
default.
C
What
that
means
is
that
any
services
that
need
to
register
will
need
to
provide
their
token
just
makes
it
a
more
secure.
Environment
just
adds
another
layer
of
security,
but
you
can
also
use
this
to
break
out
access
to
this
environment
right
now.
I've
applied
this
global
token,
so
I
can
see
everything,
but
if
I
was
registering
additional
services,
I'd
come
in
and
I
create
additional
policies
that
would
allow
me
to
register
by
then
we
can
add
additional
clusters
into
this
one.
C
That
was
not
overlapping,
and
the
reason
that
is
is
because
we
actually
use
Azure
peering
to
peer
IKS
clusters
to
the
HDS
environment,
and
what
that
does
is
allow
the
nodes
to
all
communicate
and
that's
mostly
because
of
the
previous
example.
I
gave
around
nodes
all
needing
to
be
able
to
communicate
with
each
other
right.
Well,
I
talked
before
about
between
environments,
but
it
still
applies
within
one
cloud
as
well.
C
All
agent
nodes
need
to
be
able
to
talk
to
other
agent
nodes
and
when
you're,
behind
the
traditional
kubernetes
routing,
you
can't
do
that
with
aks.
We
have
the
ability
to
deploy
with
the
azure
CNI.
That
gives
you
the
ability
to
have
every
pod
have
an
IP
address
that
you
still
need
to
peer
the
network
that
HCS
creates
to
that
IKS
network.
C
Just
so,
you
can
see
the
fail
if
I
go
into
the
networking,
which
I
would
typically
do
when
I
do
a
demo.
I
would
go
into
this.
Manage
network
manage
resource
group
I've
hit
this
v-net
for
console,
so
console
creates
its
own
being
it
I
would
go
in
and
I
would
peer.
This
I
would
choose
the
network
that
I
wanted
to
peer
against,
which
is
this
demo
network
and
I'll
just
give
it
some.
C
Let's
find
error
because
it's
an
overlapping
Network,
so
I've
got
an
overlapping
prefix
in
there.
So
it's
not
I
can't
peer
those
two
things
together
right
now,
so
that
part
of
the
demos
have
failed,
but
we
use
a
jerk
console
manager
to
bind
these
like
virtual
machines,
not
behind
mesh
these
virtual
machines
and
kubernetes
clusters
together
and
we're
able
to
do
all
of
that
traffic.
Splitting
stuff
I
showed
before
I've
got
a
couple
of
videos
out.
The
most
interesting
of
them
is
where
I
take
a
virtual
machine.
That's
running
an
application.
C
I
said
it
with
a
traffic
splitting
policy
to
say
that
90%
traffic
goes
to
or
100%
goes,
the
virtual
machine.
Nothing
goes
to
cure
entities,
a
deployed
version
and
do
the
AKS
cluster
and
I
show
live
migrating
that
traffic
using
blade,
7
policies
into
into
the
kubernetes
cluster,
and
it
tells
the
story
there
of
people
have
systems
that
live
in
existing
environments
today
on
virtual
machines,
whether
it's
on
pram
or
in
public
cloud,
and
they
want
to
be
able
to
have
a
path
to
like
gradually
move
over
it.
C
Slow
progress
and
delivery
concept
like
James
governor
talks
about
they
want
to
be
able
to
gradually
move
traffic
and
gradually
do
these
things
progressively
without
having
it
just
be
a
light
switch
that
gets
flipped
and
we
kind
of
unlock
that
ability
using
console
and
stuff.
You
can
only
really
do
with
the
service
mesh
right.
There's
not.
You
can
certainly
make
that
work
with
like
complex
load,
balancers
and
traffic
waiting
between
environments,
but
it's
certainly
not
as
simple
as
just
a
point
that
are
applying
a
splitting
policy
and
having
it
bounce
between
two
environments.
C
C
We
deploy
this
helm
jar,
there's
a
script
in
here,
that's
specifically
for
HDS,
and
this
will
go
in
and
basically
bootstrap
the
cluster
for
for
adding
communities
clusters
to
it.
It
will
pull
down
the
necessary
configure
like
the
certificate,
because
it
is
that
is
a
TLS
encrypted.
By
default,
it
will
hold
on
certificate.
It'll
set
up
the
gossip
communication,
set
up
security
keys
and,
like
you
basically
QuickStart,
they
can
a
cluster
in.
C
C
C
B
So
one
thing
I
want
to
mention:
you
know
Cody's
talking
about
the
hump
chart
in
that
being
a
way
to
deploy
a
console
in
the
stand-up
environments.
You
know
folks
might
be
wondering
what's
the
value
of
HCS,
or
this
seems
like
it's
also
standing
up
console.
Why
would
I
use
one
over
the
other?
What
HTS
score
console
an
usher
is
really
designed
to
do?
Is
it's
a
fully
managed
service
of
console
and
so
the
you
can
deploy
and
stand
up
a
console
environment
and
start
consuming
it
from
day
one?
B
And
when
things
break,
you
have
pasta
clips
that
sorry
team
that
you
can
you'll
call
up
and
say
you
know,
fix
this
rather
than
requiring
that
expertise
in-house
in
order
to
maintain
consoles.
So
that's
of
this
you
know
plausible
it
is.
He
has
a
lot
of
moving
spoke
about.
The
gossip
communication
ACLS
obviously
uses
a
distributed
consensus.
A
A
B
You
would
have
full
control
of
those
it's
mean
more
so
I
would
say
the
server
configuration.
Maybe
you
know
backup
policies
or
things
like
that
that
you
may
have
to
reach
out
to
the
HTS
team.
If
you
need
to
change
those
I,
guess
I
don't
want
to
speak
too
much.
I
know
a
lot
of
us
ended
on
I,
don't
exactly
what
we
planned
to
what
knobs
are
gonna,
be
available
on
GA
and
then
kind
of
what
the
roadmap
is
going
forward.
B
But
the
idea
is
that
you
wouldn't
have
to
worry
so
much
about
all
the
back.
End
kind
of
you
know
operational.
How
do
I
keep
my
servers
running
and
you
really
just
focus
on
how
do
I
get
value
out
of
this
as
a
product,
so
anything
all
the
knobs?
That
would
be
what
kind
related
to
that
you
would
have
control
over
it
and.
C
The
thing
to
think
about
there
is
that,
like
this
is
I
mean
we,
we
brought
this
out
into
public
beta
just
a
couple
of
weeks
back
so
there's
a
lot
of
a
lot
of
changes
planned.
You
know
you
look
at
1.8
will
certainly
be
part
of
the
general
availability
release
which
will
change
the
will
change
the
landscape
quite
a
bit
of
even
HDS,
by
bringing
like
things
like
the
egress
gateway
and
a
terminating
gateway
into
into
HDS.
C
Is
it's
going
to
change
this
sort
of
some
of
the
ways
that
you
would
operate
the
platform
so
dip
Lakes
point?
A
lot
of
this
stuff
is
still
very,
very
fluid
and
we
don't
want
to
talk
too
much
about
about
where
things
are.
You
know,
but
I
would
not
expect
things
to
stay
the
same
way
they
are.
They
are
right
now
for
sure.
C
The
other
thing,
I,
think,
is
really
interesting.
Think
about
with
running
I.
Think
what's
really
interesting
about
running
consul
in
a
or
directly
as
a
managed
service
is,
is
kind
of
the
integration
path
when
you
think
about,
like
being
able
to
run
something
like
the
azure
DevOps
tools
and
pipelining
tools
against
deployments
and
have
those
integrate
into
your
service
mesh
like
to
me,
that's
the
dream
right.
C
B
C
So
the
best
place
is
the
Hasek
or
blog
blog,
and
you
hit
console,
let's
see
my
name
pop
up
in
there.
So
there
we
go
it's
like
that's
the
video
I
had
and
all
of
these
to
the
notes.
If
you
want
Li,
this
is
the
one
for
a
managing
application
traffic.
This
is
what
I'm
bringing
a
virtual
machines
into
the
service
mesh
and
then
I've
got
another
one
in
here.
It's
just
an
intro
video
and
where
I
joined
the
AKS
cluster
and
each
one
of
those
has
like
they're,
very
demo.
C
G
H
And
I
had
just
a
one
question
from
Blake
so
like
we
have
the
like
as
you're
managing
the
pupil,
it
is
cluster
for
us
like
that
store.
Does
the
same
said.
We
have
to
find
that
together,
the
a
Asia
cluster
and
survey
can
service
smash
and
behind
that,
what's
everything
is
done
by
the
agile,
a
SES.
What
does
this
have
to
consider
the
secrets
or
configuration
everything
managed
by
that
just
a
SES
service,
so
so,
first
time
we
have
to
join
this
cluster.
What
is
it's
done
by
automatically
by
default?
C
Probably
I
can
probably
answer
answered,
I
think
I
follow
so
the
first
time
you
join
a
cluster.
You
do
have
obviously
secrets
to
configure,
so
you
do
have
to
create
a
secret
and
because
there's
a
few
things
you
need
when
you
join
a
console
in
regular
in
any
console
environment.
When
you
join
a
console
closer
together,
you
need
the
gossip
key.
If
you're
doing
Gustav
Egyptian,
you
need
the
certificate,
that's
running
on
the
console
server
cluster
and
then
obviously
you
need
to
know
the
destination.
C
Need
to
bootstrap
the
ACL
token,
so
most
of
that's
had
before
you
buy
the
join
script
that
we
provide.
We
pull
down
the
certificate.
We
create
the
secret
in
a
KS
cluster.
For
that
certificate.
We
pull
down
the
gossip
key.
We
create
a
secret
for
the
gossip
ki
if
you've
already
set
up
a
CLS,
you
have
to
create
the
secret
for
that
and
those
are
being
created
in
the
kubernetes
cluster
that
you're
joining.
So
you
create
all
it
like.
C
Those
are
pulled
down
out
of
HTS
and
place
this
files
locally
and
then
created
as
secrets
in
your
kunai's
cluster.
Then,
when
you
run
the
helm,
install
for
console
it
reads
those
those
secrets,
those
configurations
and
joins
them
to
the
cluster.
So
there
is
a
little
bit
of
steps
you
have
to
take
there
to
set
up
basically
to
give
it
the
keys
right
to
give
the
keys
of
the
door,
so
it
can
open
it
and
walk
through,
but
those
are
things
you
have
to
do
is
that
was
that
kind
of
essence
of
your
question.
H
Yes,
one
last
thing
that,
as
as
your
cumulative
services
manage,
is
the
updated
version
of
the
kind
of
doing
the
update
itself
well,
a
cubed
is
newer
version
so
once
that
ICS
they
have
also
have
a
thing.
They
call
containers
updation
of
the
earth,
so
the
console
that's
adopted
is
it's
going
to
the
cust
customers.
They
have
to
do
or
it's
just
done
by
default
by
the
IC
service.
B
I'll
be
something
that
you
would
schedule
so
you'd
get
a
notification,
that's
there's
a
new
version
available
at
least
four
major
versions,
and
you
can
schedule
those
upgrades
I
believe,
there's
a
policy
that
they
will
automatically
upgrade
for
security
fixes
or
things
in
the
environment.
If
you
go
to
close
vulnerabilities,
you
can
get
some
details
on
that.
That
should
all
be
available
for
sure
once
the
service
goes
GA
of
exactly
what
those
what
to
expect
there
on
that
front.
H
But
elastic
I
think
that's
a
quite
over
there's
il
also
uses
other
products
of
Hasek
or
like
terraform
and
actually
pokeballs
specifically,
so
is
there
any
doubles,
participating
specific
teams,
but
they
have
a
channel
from
script.
That's
can
be
generated
by
the
ICS
colostrum.
Isn't
this
a
roadmap
right
now?
Can
we
see
in
that
newer
version
of
ICS.
C
C
This
module
will
actually
take
you
through
and
deploy
HTS.
So
for
those
who
don't
know
about
a
lot
about
terraform
tier
4
modules
are
effectively
shortcuts
for
terraform,
they
run
larger,
manifests
behind
them
by
just
providing
simple
inputs.
So
in
this
case,
if
we
take
a
look
at
this,
this
is
like
the
minimum
set
of
code
that
would
be
needed
to
deploy
this
this
version
of
of
HTS.
So
if
you
take
a
look
at
like
a
real
example,
I'll
drag
my
example
over
that
I'm,
using
in
my
environment
and
BS
code.
C
This
is
like
the
definition
of
my
of
my
HCS
cluster,
the
one
that
failed
to
deploy
or
still
the
plushies.
They
failed.
Still,
it's
still
running
the
deployment.
So
this
will
give
you
a
HDS
cluster.
Now
you
could
write
the
terraform
manually
and
if
you
go
into
here,
we
can
actually
see
the
module
definition,
which
is
quite
long
right
here.
C
This
is
the
actual
tear
for
module,
but
it's
sexual
tear
for
resource
I'd
obviously
recommend
using
the
tear
for
module
just
because
it's
a
much
shorter
and
much
simpler
path
forward
and
that's
in
our
terraform
registry.
So
if
you
just
define
out
that
object
in
your
code,
you
just
define
out
module
HCS
it'll
reach
out
automatically
the
terraform
registry
and
pull
that
down,
pull
that
actual
module
down
and
be
able
to
run
it.
C
H
C
So
you
think
a
really
interesting
thing.
There
is
being
able
to
link
all
of
this
together
right
so
being
able
to
deploy
like
in
that
example
that
I
had
up.
Just
a
second
ago
of
my
visual
studio
code,
you
can
see
I'm
also
deploying
out
my
kubernetes
clusters
here.
Maya
casts
clusters
and
I've
got
two
of
them,
deploying
as
well
as
like
referencing,
existing
environment
stuff
right
so
like
that's.
The
real
power
of
this
is
being
able
to
change
things
together
and
do
and
do
more
what
I
also
do
in
my
environment.
C
C
Add
your
image
that
is
fully
configured
for
console,
so
that
now,
when
I
deploy
my
virtual
machines,
they're
already
boots
for
consul,
they
join
the
consul
cluster
automatically.
So
this
Packard
file
will
go
out
for
me
and
build
my
my
PM's
that
have
the
cert
already
on
it
that
have
the
gossipy
configured
that
have
the
encryption
stuff
already
set
up
and
then,
when
I
power,
those
VMs
on
or
deploy
that
image.
It
just
joins
them
to
the
cluster,
and
it's
already
set
up
with
on
boy
and
everything.
C
H
And
goodie
egg
is:
is
it
linked?
Oh
good,
good,
github
repo,
that's
like
able
to
check
out
how
the
things
going
in
a
terraform
I
said
just
let
check
out
the
blog
and
a
learn
dot
as
your
work
at
Hashi.
Gob
I
doesn't
find
that's
related
to
the
terraform
script
and
you
please
share
them.
If,
if
available,
Leah.
C
B
C
At
its
at
its
core
I
know
it's
the
ability
to
execute
like
half
terraform,
execute
cup
github
at
execute
terraform
code,
let's
inside
of
a
repo
through
actions.
So
instead
of
having
it
like
get
out
through
like
different
cloud
or
something
like
that.
Having
executed
locally
inside
of
actions
well
interacting
between
terraform
cloud
and
actions,
but
like
the
deep
details
and
any
sort
of
like
actual
useful
information,
I'm
I'm,
useless
on
like
I
I,
was
so
hurt
by
infrastructure,
provisioning
that
I
ran
away
to
service
meshes.
So.
A
Nice
Kody,
this
is
I,
got
a
couple
of
regards
Minh.
Maybe
this
isn't
a
one-shot
thing
for
having
you
on
the
call.
Actually
it'd
be
nice
to
have
you
on
the
call,
whether
you're
being
put
on
the
spot,
to
talk
about
any
number
of
things
or
not.
Yeah
I'd
like
to
join
again
for
sure.
It's
all,
definitely
a
more.
A
Fair
enough,
we've
developed
an
intentional
reputation
for
some
bad
dad
jokes
before
we
get
started
at
the
start
of
the
call,
so
that
people
have
time
to
join,
but
an
unintentional
reppin
reputation
for
going
a
few
minutes
or
and
I
know
that
that's
anxiety
invoking
for
folks
who
have
call
starting
in
two
minutes
with
that
maybe
leave.
If
we
can.
Let's
conclude,
Cody,
will
look
for
and
Blake
a
few
of
the
links
in
the
community
meeting
minutes
a
couple
of
updates
that
had
occurred
or
transpired
this
week
that
we
didn't
unnecessarily
review.
A
A
A
Part
of
that
is
reviewing
projects,
and
so
whether
or
not
it's
so
so,
whether
or
not
people
step
up
to
do
that
type
of
a
thing
I'm
here
we're
gonna
be
talking
about
kuma
a
little
bit
just
like
me.
It's
talking
about
chaos,
mesh
and
heard
from
limb
is
chaos
and
cast
a
fair
bit
because
of
the
overlap
of
the
activities
between
this
community
and
that
cig
and
so
measuring.
A
But
you
know,
priority
was
actually
in
advance
priority
wise
for
the
project
in
advance
of
creating
an
adapter
for
kuma
up
leveling.
The
adapter
for
console
is
well,
as
you
can
see,
by
what
cody
and
Blake
have
been
showing
is
a
much
needed
thing.
There's
much
functionality
to
expose
that
today
measure
he
isn't,
and
so
so
that's
like--that's
I
have
another
call
for
attention
to
that
adapter
by
those
there
in
the
community.
A
F
Just
wasn't:
we
can
discuss
one
briefie
about
the
fellowship
program,
a
priest,
Rancher
yeah,
so
around
11
days
ago,
I
applied
for
the
fellowship
program
for
Mesrine.
So
basically,
the
amulets
fellowship
program
is
a
very
new
program
that
is
coming
up.
So
basically
emulators
major
league
hacking,
which
has
been
you,
know,
organizing
hackathons
throughout
the
world,
and
it
is
like
one
of
the
most
oldest
you
know,
organization
which
organizes
for
high
school
and
for
all
students.
F
So
we
have
partnered
with
companies
like
Facebook
github
to
organizes
a
you
know,
open
source
program,
which
will
be
very
similarly
based,
for
example,
how
the
googles
are
of
code
works
where
students
will
be.
You
know,
given
open-source
projects,
so
some
some
projects,
like
the
reactor
ethic
from
Facebook,
was
also
part
of
it.
Facebook
this
apartment,
so
I
looked
right
for
Misha
to
be
a
part,
and
they
were
very
happy.
You
know
or
to
have
a
mystery
on
boarded
as
I
say,
you
know
a
potential
project,
so
they
have
already.
F
You
know,
sent
out
the
documentation
for
filling
it
out.
You
know
that
it
becomes
so.
Basically,
how
this
will
work
out
is
that
mesh
like
mystery
itself,
will
be
a
like
a
project
maintainer.
So
basically
the
main
role
for
us.
As
you
know,
the
community
will
be
to
this
sort
of
need,
or
you
know,
in
what
exact
friends
do
we
want
or
which
particular
projects
do
we
want?
F
That
will
happen
how
its
structured
is
that
you
know
there
are
bunch
of
students,
for
example,
twelve
ten
to
ten
twelve
students
safe
working
together,
and
they
have
one
collective
or
save
two
collective
mentors
who
will
be.
You
know,
mentoring
these
tend
to
tell
students,
so
all
of
them
will
be
is
like
given
allocated
us
like,
we
will
like
say
a
particular
project
and
how
we
will
be.
F
You
know
these
are
the
expectations
of
further,
like
whatever
project
that
we
you
know
through
this
upon
so
like
I,
guess
ever
since
a
lot
of
the
focus
is
to
geared
towards
let
cloud
or
cloud
programming
and
like
JavaScript.
So
you
know,
since
mastery
is
also
based
on
react
so
again
like
some.
If
there
are
some
like
front
end
based
iterations,
that
need
to
be
done
or
say
it
back
and
so,
like
those
are
the
potential
projects
well,
so
that
can
be
like
taken
up.
F
And
oh
yeah,
this
one
last
thing
that
basically
in
the
in
the
recent
github
announcements
that
took
place
in
the
satellite,
there
was
a
new
feature
with
the
with
the
name
of
discussions.
So
basically,
if
anyone
wants
to
see
their
like
right
now
live
on
the
site,
which
is
the
nexus
framework
and
like
I
had
applied
for
discussions
for
the
beta
version,
so
they're
like
a
cup
of
a
few
few
companies
which
are
you
know,
part
of
it,
but
basically
how
good
a
discussion
this
works
is
that
you
know
it
basically
provides
you.
F
So
we
have
something
like
issue
tracking
and
you
know
where
people
can
discuss
on,
say,
definitions,
but
basically
just
get
up.
Discussions
is
that
it
provides
you
a
very
in
general,
multiple
rooms
set
up.
You
know
where
you
can
discuss
say
in
general,
you
know
or
not
say
totally
technical
things
related,
or
example,
onboarding
new
people.
So
it's
something
like
you
know.
We
have
slack
over
here
where
we're
discussing.
F
We
have
different
channels,
so
you
can
create
over
there
and
then
you
can
directly
link
your
issues,
your
so
basically
it
it
does
have
a
potential
use.
I
had
to
early
about
this
earlier,
so
I
mean
I.
Do
find
that
you
know
we
can
have
some
kind
of
suitable
role.
You
know
where,
at
least,
for
example,
when
we
have
onboarding
new
developers,
so
we
can
provide
them
the
sources
over
there.
F
We
can
have
separate
rooms
for
each
and
every
different,
save
one
for
mache
for
different
or
adapters
same
one
for
onboarding,
one
for
like
facial
tracking
or
whatever
discussion
you
want
to
have.
It
was
like
some
companies
have
totally
moved
there.
You
know
entire
sort
of
these.
You
know
conversations
that
they
have
that
if
you
and
github
itself
since
now,
they're
you
know
directly
managing
because
it
becomes
very
easier
to
you
know
like
to
refer
to
one
one
problem.
F
Otherwise
we
would
want
to
copy
and
paste
the
issue
or
the
pull
requests
in
slack
itself,
so
I
mean
that
we
have
a
potential
use
like
it
can
be
tested
out.
So
basically,
if
we
this
now
need
to
go
to
the
settings
phase
of
machinery
and
enable
it
yeah
like
it's
a
beta
version,
so
I
mean
we
can
definitely
use
it
in
the
school
case.
If
it's
like
viable
I
mean
we
can
reduce
this
little
yep.
A
Both
really
exciting
by
me
that
everyone
here
every
well
and
almost
everyone
on
the
call,
is
a
member
of
this
organ,
so
that'll
be
nice
to
for
everyone
to
get
it
to
play
with
discussions
and
see
just
how
well
well
I
guess
I'll
say
it
like
this.
Will
you
know
we've
seen
container
Orchestrator,
Wars
proxy
wars,
service,
mesh
battles
happening
I,
think
we'll
be
seeing
the
battles
of
the
hubs
soon
she
got
a
figure.
If
you
attend
dr.
cono
you'll
see
what
I
mean
very
good
all
right.