►
From YouTube: Istio ambient mesh - what does it mean to you?
Description
Hoot livestream episode 36: Join contributors on Istio ambient to celebrate Istio ambient live today and understand what it means to you!
A
B
Hello,
I
believe
we
are
live.
Welcome
to
another
live
stream.
Today
we
have
actually
very
special
announcement
and
very
special
guest
as
well
about
istio
ambient.
So
I'm
not
sure
if
you
guys
have
just
with
istio.io.
If
you
go
there
and
go
to
the
blog,
you
will
see.
Let
me
actually
go
ahead
and
share
my
screen,
so
you
know
what
I'm
talking
about.
B
So,
if
you
go
to
istio,
let's
see
if
I
have
right
all
right,
so
you
guys
can
see
my
screen
right.
So
if
you
go
to
istio.io
and
I'm
not
getting
page,
not
found
okay,
so
we
just
published
three
blogs.
Regarding
istio
ambient
mesh,
there
is
a
announcement
blog
about
introducing
nbn
mesh,
which
is
a
new
data
plan
for
istio
without
psycho.
B
There
is
also
a
get
started
with
ambient
mesh
where
you
can
follow
the
get
start
guide
to
actually
run
ambient
in
your
kubernetes
environment.
I've
been
using
it
locally.
I've
also
tried
the
google
cloud.
I
believe
we
have
people
tried.
Aws
clouds
work,
so
that's
the
steps
you
can
follow
along.
If
you
are
wondering
about
the
security
implication,
definitely
check
out
our
security
blog
between.
B
B
Yeah,
so
today
I
am
so
excited.
I
have
a
bunch
of
the
initial
contributors
on
istio
ambient
with
me,
so
I
like
to
have
them
introduce
themselves,
and
you
know
we
want
you
this
to
be
live.
So
I
would
like
to
ask
you
guys
questions
and
if
there's
any
questions
from
our
audience,
we
would
love
to
also
hear
from
you
guys
for
any
questions
you
may
have
with
that.
I
will
pass
the
mic
to
you.
Let's
see,
let's
start
with
alphabetic,
which
is
john,
go
ahead,
introduce
yourself.
C
B
B
D
F
G
E
B
G
Going
backwards,
okay,
all
right,
so
I
think
you
know
it's
really
kind
of
an
amazing
achievement
that
we
have
brought
an
entirely
new
deployment
model
to
an
existing,
mature
and
incredible
product,
and
we
really
know
that-
or
we
hope
and
know
that
it
will
bring
a
lot
of
value
to
our.
You
know
to
the
to
the
users,
to
the
people
in
the
seo
community
and
the
enterprises
using
sdo
because
of
the
unique
benefits
that
it
brings
and
we'll
talk
more
about
that.
F
Yeah
so
yeah,
so
I
came
to
the
istio
project
fairly
late,
and
so
I
was
you
know
it,
and
there
are
a
lot
of
things
that
are
really
cool
about
the
project,
but
I've
always
had
some
issues
with
the
sidecar
model,
and
so
I
you
know
so.
This
is
something
that
I
was
really
interested
in
looking
at
like
is
there.
There
was
something
that
we
could
do.
F
B
We
are
actually
really
thankful.
We
have
users
contributors
in
the
community
like
you
right,
come
with
fresh
eye
and
start
to
challenging
the
psycho
architecture.
I
still
remember,
I
think
it
was
just
a
year
ago-
justin
you,
I
think
it
was
you
maybe
ethan,
also
you're
coming
and
at
the
issue
network
meeting.
You
come
to
kind
of
present
this
idea
of
michael
proxy,
which
actually
clicked
on
me.
I
was
like
wow,
that's
a
really
really
cool
idea,
and
then
we
start
to
kind
of
socialize
that
idea
as
solo
too.
B
It's
just
it's
just
an
interesting
way
to
kind
of
break
the
traditional
layer,
7
proxy,
and
break
that
down
into
also
a
lightweight
micro
proxy
and
do
certain
job,
and
I
hope
they
do
a
certain
job
really
really
well
and
then
not
be
able
to
forcing
the
notion
of
psycho
on
everybody.
So
that
was
really
really
cool.
F
F
We'll
have
some
future
blogs
that
will
go
into
alternatives
that
we
considered
and
why
we
ended
up,
ended
up
with
this
architecture,
but
it
was
great
to
go
out
to
the
community.
Talk
to
solo
talk
to
other
folks,
and
you
know,
I
think
we
ended
up
with
a
much
stronger
solution
in
the
end.
That
is
really
excited
about.
B
A
A
A
The
the
big
headline
feature
of
ambient
is
side,
carlos,
of
course,
but
there's
a
lot
of
interesting
things.
We've
done,
particularly
around
layering
layering
of
functionality,
changes
in
how
routing
works,
changes
in
the
transport
protocol
that
I
think
are
gonna,
be
pretty
profoundly
impactful
in
the
long
term.
So
I
I
think
it
kind
of
bodes
well
for
the
future
of
the
project
and
I'm
excited
about
it.
B
B
D
C
So
what
I
really
like
is
that
now,
there's
kind
of
like
mpls
is
almost
the
baseline
and
that's
kind
of
always
there
and
you
can,
you
know
slowly
add
rules
as
you
need
one
of
the
things
that
we
hadn't
touched
on
much
in
the
blog
post.
I
think,
but
that
I
think
is
really
important
is
previously
like.
If
you
create
a
virtual
service,
say
canary
my
workload,
you
actually
need
all
of
your
clients
to
be
in
the
mesh,
otherwise
they
will
just
ignore
that
rule
and
use
standard,
kubernetes
routing
with
the
ambient
approach.
B
That's
a
great
point,
so
essentially
you
are
having
just
a
proxy
waypoint
proxy
on
the
server
side
not
needing
to
on
the
client
side
for
a
lot
of
virtual
service
configuration
which
helps
you
to
do
traffic
resilience,
traffic,
shifting
right,
it's
essentially
just
on
one
proxy.
I
guess
the
last
thing
for
you
to
debugging
right.
If
anything
goes
wrong
and
less
than
two
upgrades.
B
Oh,
that's
great,
you
know,
I'm
mostly
excited
about
the
resources
usage
right
because
I
don't
know
about
you.
It's
like
once
in
a
while.
I
would
see
people
on
twitter
and
then
they
were
saying.
Look
it's!
Your
concern
consume
more
than
50
of
my
resources
right,
so
you
guys,
probably
all
see
those
tweets
right
whether
they
were
complaining
about
the
psycho,
I
think
mostly
about
zaika
and
sometimes
also
about
the
control
plan.
So
what
I'm
really
excited
about
is
the
resource
consumption.
It's
really
really
going
to
help
user.
B
You
know
how
much
they
are
paying
for
their
resources.
Am
I
just
a
very
cost
conscious
person
myself,
like
I
always
look
at
the
price
before
I
spend
any
dollar,
even
though
it's
just
minor
thing,
I
always
check
in
the
grocery
store
before
I
understand
the
price
before
I
purchase
right.
So
to
me
that
cost
is
just
super
important.
B
I
guess
if
I
can
say
two
things.
The
next
thing.
That's
really
really
cool
about
ambience.
It's
just
how
easy
it
is
to
participate
your
pods
and
services
in
nbn
right,
because
I
remember
inside
car
that
was
like
four
five
years
ago.
When
I
was
trying
to
add
in,
I
think
it
was
a
kubernetes
guestbook
application,
so
I
tried
the
kubernetes
guestbook
application
and
then
I
added
to
participate
into
istio
as
a
as
a
application
in
service
mesh
with
psycha.
It
actually
discovered.
Okay,
I
forgot
to
name
my
protocol.
B
B
The
guest
book
was
using
database
there's
some
covered
along
with
database
support
back
when
issue
was
.01.02
when
I
was
on
a
project,
so
it
actually
took
me
over
a
day
literally
over
a
day
to
add
that
simple
kubernetes
booking
application
to
seo
when
it
still
was
that
early
now,
these
days
adding
a
simple
application
like
guest
book.
It's
it's
pretty
easy
with
sidecar
these
days,
but
it's
not
as
easy
as
I
just
go
to
label
my
namespace
with
dataplane
ambient
right.
B
I
just
love
that
experience
because
a
lot
of
users
I
talk
to
they
don't
necessarily
understand
like
seo.
Resources,
like
virtual
service
destination,
rule
gateway
resources,
is
very
complicated
to
understand
to
average
developers
because
they
need
to
focus
on
writing
code.
They
don't
want
to
learn
all
that
right.
They
they'd,
rather
their
operator
team,
to
learn
that
for
you,
which
is
a
which
is
the
mode
we
see
in
solo,
well,
developers
like
to
label
things,
so
ambien
really
really
enabled
that
labeling
experience,
which
is
super
super
cool
to
me,.
B
I
know
I'm
rumbling
around.
I
saw
more
people
join.
So
if
you
just
join,
please
come
say
hi
to
us
in
the
chat
and
also,
if
you
have
any
questions
regarding
ambient,
we
would
really
love
to
hear
from
you
because
we
run
this
live
stream,
particularly
here
to
answer
questions
from
the
audience.
I
know
it's.
We
just
had
this
announcement,
it's
like
a
foul
drill
of
information,
so
you
may
not
have
any
immediate
question
at
the
moment.
In
that
case,
I
will
ask
my
speakers.
B
C
Favorite
part,
I
think,
we're
just
getting
started
on
on
the
favorite
parts.
I
think
that
architecture
actually
opens
up
so
many
doors
that
we
have
had
closed
in
east
geo
and
a
lot
of
them.
We've
already
realized
like
these
dramatically
different
things.
Like
I
briefly
mentioned
like
oh
now,
routes
are
applied
on
the
producer
side.
You
know
it
seems
like
a
simple
thing,
but
it
actually
dramatically
changes
everything
from
apis
to
usage.
C
So
I
think,
there's
still
a
lot
of
things
we'll
discover.
You
know
that.
Are
these
huge
improvements
with
the
architecture
like,
for
example,
before
you
couldn't
have
in
it
containers
that
did
traffic
with
mtls?
That's
that's,
not
great
right
people
using
the
containers
and
that's
just
another
source
of
friction.
So
you
know
just
there's
kind
of
a
whole
stream
of
things
that
I
think
will
be
improved
by
ambient.
F
C
F
B
F
Yeah
and
like
in
google,
we
were
having
conversations
like
we
wanted
to
be
able
to
have,
for
you
know
the
project
product
that
we
sell.
Asm,
that
you
know
we
wanted.
People
were
talking
about
like
well.
We
should
make
this
easy,
like
there's
just
a
button,
you
click
and
then
you
know,
and
then
all
of
your
you
know
we
convert
everybody
to
to
being
in
the
service
mesh
and
that
always
scared
me,
because
I
was
worried
you
know
like
well,
you
know
we
can
break
the
application.
F
You
know
we're
forced
we're
going
to
reload
all
of
the
applications.
You
know
like
they're,
all
you
know,
or
the
workloads
and
so
istio
was
so
disruptive
that-
and
it's
great
you
know
like
if
you
know
what
you're
doing,
if
you're
ready
to
deploy
it
it.
You
know
it's
a
great
solution
but
to
move
to
that
next
level,
where
anybody
can
use
it,
and
you
know
we
just
have
a
clip.
You
know
like
a
single
box
to
enable
it.
D
F
But
now
you
have
it,
you
happen
to
have
an
http
stack,
that's
broken,
and
now
your
application
doesn't
work
the
disabling.
It
now
becomes
really
messy.
You
know,
and
so
you
know
having
to
then
restart
all
your
workloads
again,
you
know
take
it
all
out
becomes
really
complicated,
but
with
ambient
it
really
just
becomes
a
single
click.
If
well.
First
of
all,
we
shouldn't
be
breaking
that
application,
and
you
know
if
we're
just
doing
the
secure
overlay
since
we're
not
turning
l7,
but
it
becomes.
B
Yeah,
I
would
agree
with
you
justin.
I
think
that
is
also
my
favorite
part
of
ambient.
It's
just
how
easy
it
is
to
opt
in
and
opt
out
and
there's
no
question
on
the
api.
I
would
say
you
know
people
see
it
they
get
it
there's
no
confusing
like
in
in
the
virtual
service
today
you
know
people
tends
to
put
attributes
in
the
wrong
place
or
maybe
with
the
wrong
indent,
and
then
the
yamo
doesn't
work
the
experience
we
have
with
opt-in
and
opt-out.
B
A
I
probably
think
h-bone
actually
again,
it's
not
that
it's
not
the
flashiest
part
of
the
project,
but
I
think
the
implications
for
istio
and
the
networking
community.
More
broadly,
of
standardizing
the
transport
protocol
based
on
hdp
rather
than
istio's
kind
of
hodgepodge
of
mtls
hacks,
that's
going
to
have
a
really
big
implications.
In
the
long
term,
it's
going
to
allow
mesh
to
interoperate
it's
going
to
allow
us
to
incorporate
firewall
and
mats
and
other
different
types
of
metal
boxes
into
the
mesh
in
a
really
clean
way.
A
B
Yeah,
I'm
glad
you
mentioned
edge
ball,
because
I
think
the
implement
implication
for
most
of
the
users
out
there
who
are
using
sidecars
right.
That's
huge
right,
because
that
essentially
enables
the
cycles
to
talk
to
parts
in
ambience
right,
so
that
enables
user
today
in
istio,
potentially
to
seamlessly
transition
to
ambient.
If
they
prefer
some
of
the
simplicity
or
operation
of
ambient,
they
can
easily
do
that.
A
Yeah-
and
I
mean
that's-
one
of
the
h
bone
is
an
important
way
that
we
implement
ambient
it's
kind
of
a
prerequisite
for
that,
but
also
standardizing
on
this
new
protocol.
It
allows
ambient
to
interoperate
with
side
cars,
which
are
also
getting
an
h-bone
implementation
and
that
kind
of
segues.
To
another
thing
that's
great
about
this-
is
it's
incremental.
E
G
G
And
you've
all
can
call
me
on
this-
is
that
you
know
some
like
with
a
technology
like
like
envoy
that
istio
is
built
on
top
of
you
know,
things
like
like
xds
being
so
important
and
monumental
and
game
changing
and
they
kind
of
fall.
They
don't
necessarily
make
get
as
many
headlines,
and
so
I
think
it's
a
it's
a
really
good
point
to
bring
h-bone
into
the
conversation.
B
G
I
do,
I
think
I
agree
with
everyone
when
they
say
that
you
know
this
mode
is
a
lot
more
flexible.
I
also
think
that
yeah
I
mean
the
favorite
part
for
me.
I'm
sorry
that
I'm
going
to
repeat,
but
the
favorite
part
for
me
is
the
is
the
ease
of
ease
of
adoption
and
ease
of
of
yeah
upgrades
onboarding
off-boarding
everything
related
to
operations
around
mesh
workloads
and
really
just
the
monumental.
I
mean
truly
monumental
shift
there
and
so
yeah.
D
D
It's
no
longer
a
side,
car
and
plus
with
the
standardization
that
ethan
and
nathan
just
talked
about
it
kind
of
unlocks
a
lot
of
future
innovation
right
because
the
the
data
plan,
we
have
a
lot
more
flexibility
on
how
it's
implemented
and
when
there's
a
lot
of
innovations
in
the
you
know
in
the
linux
kernel
and
analytics
io
in
general,
and
that
a
lot
will
allow
us
to
kind
of
hyper
optimize.
It
ceo
going
forward.
So
I'm
really
excited
about
what's
in
store.
B
G
Yeah,
I
think,
just
to
to
harken
back
to
what
john
said
a
bit
ago.
I
think
the
the
coolest
part
for
me
going
forward
is
in
istio
or
one
of
them.
Obviously
I
think
we've
all
said
it's
cool,
but
the
sort
of
shift
from
producer
side
or
sorry
from
consumer
side
to
producer
and
that
the
the
sort
of
you
know,
ownership
semantics
that
come
along
with
that
and.
E
G
G
You
know
the
people
producing
the
services
now
have
control
over
how
their
services
are
produced
more
control
anyway,
and
so
I
think
that's
a
really
cool.
You
know
shift
towards
the
direction
of
like
unifying
and
also
tenancy
with
istio
istio,
so
I'm
really
excited
about
that
kind
of
stuff
and
how
we
can
also
enable
users
on
those
new
concepts
as
they
roll
out
so.
B
A
A
Yeah,
I'm
actually
very
excited
about
evolving
the
data
plane
in
ambient,
so
in
this
kind
of
experimental
branch,
everything's
based
on
envoy
and
envoy's,
been
pretty
good
for
us
so
far,
but
I
think
certainly
for
the
waypoint
proxies
there's
a
lot
of
innovation
in
envoy
and
how
envoy
works
with
istio
that
we
can
do
to
optimize
it
from
a
performance
and
simplicity
and
maintainability
perspective
and
for
the
z
tunnels.
I
think
there's
a
lot
of
opportunity
to
really
experiment
with
wild,
crazy,
totally
different
implementations.
A
I
could
imagine
something:
that's
based
partially
on
bpf
or
dpdk
or
or
there's
opportunities
to
build
extremely
high
performance,
lightweight
things
that
are
based
on
envoy
or
or
partially
based
on
envoy
or
not
at
all.
So
that
is
an
exciting
area
that
I'm
certainly
going
to
invest
in
over
the
next
couple
months
exploring
and
could
have
a
really
big
impact.
A
A
Obviously,
internally,
we
have
a
bunch
of
fancy,
google
specific
networking
components
that
will
also
be
integrating
ambient
with
over
time,
we're
kind
of
in
early
stages
on
that
and,
obviously,
obviously
that's
more
kind
of
proprietary.
I
can't
talk
as
much
about
but
yeah
this.
This
general
idea
that
we're
not
married
to
one
data
plane,
implementation
for
all
all
situations
and
different
vendors
can
have
different
things
and
there
can
be
a
multitude
of
implementations
in
open
source
and
all
that
sort
of
stuff.
A
F
Just
more
on
the
data
plane,
I
agree
with
everything
that
ethan
said
and
also,
I
think,
there's
some
exciting
opportunities
for
like
improving
the
redirection,
for
example.
So
you
know
we
could
use
ebpf
or
you
know,
psyllium
to
you
know,
do
that
redirection
and
skip.
You
know
a
lot
of
the
networking
layers,
there's
a
lot
of
opportunity
for
optimization
and
you
know
doing
interesting
work
there,
and
also.
The
way
that
you
know
currently
to
bring
istio
to
a
new
platform
is
fairly
heavy
weight.
F
So
the
first
thing
you
need
to
do
is
port
envoy
to
whatever
that
platform
is
or
if,
like
you're
in
a
vm
environment.
You
know
you
need
to
take
the
the
envoy
and
then
run
it.
You
know
probably
as
a
process
that
might
not
be
very
secured
in
you
know
in
the
the
vm
or
maybe
you
know
you
can
do
something
so
that
you
can
run
it
as
a
service
vm,
but
it's
all
very
complicated
and
heavy
weight.
F
The
nice
thing
about
the
using
these
these
z
tunnels
is,
it's
pretty
straightforward
to
implement
them,
and
so
I
think
that
we'll
also
have
more
opportunity
to
go
into
new
platforms
where
you
know,
for
example,
windows.
We
don't
need
to
do
a
envoy
port
of
windows.
You
know
we
could
just
have
something
that
handles
the
the
z
tunnel
encapsulation
and
then
redirects
it
to
a
linux
based
envoy.
You
know
so
there's
a
lot
of
cross-platform
things
too.
That
I
think
will
be
interesting
going
forward.
B
C
Yeah,
for
me,
I'm
definitely
thinking
most
on
how
we
actually
get
this
from.
You
know
experimental
code
and
a
branch
that
is
good
for
demos
to
production,
ready,
and
you
know
the
first
step
of
that
is
actually
getting
it
merged
into
the
master
branch.
You
know,
of
course,
standard
way
of
easter
life
cycle
behind
future
flags.
C
First
and
then
you
know
slowly
progressing,
so
you
know
that's
what
I'm
mostly
focusing
on
trying
to
actually
get
this
into
a
state
where
we
can
use
it
beyond
just
simple
demos,
and
I
think
there
will
be
a
lot
of
work
there.
Both
from
you
know
the
folks
on
the
call
and
the
rest
of
the
community
and
in
terms
of
you
know,
making
these
changes
in
the
upstream.
B
Yeah
totally,
this
is
where
we
would
love
to
get
help
from
the
community.
So
correct
me
if
I'm
wrong,
here's
what
I'm
thinking
so
when
ambiance
is
launched
today,
it
doesn't
impact
any
of
you
if
you're
using
the
seo
default
profile
or,
if
you're,
using
a
profile
building
on
top
of
the
seo
default
profile
right.
So
we
have
zero
impact
for
you.
So
if
you
do
try
ambient
it's
only
enabled
in
the
ambient
profile
longer
term
as
ambient
gets
more
mature,
more
stable,
I'd
envision.
B
The
issue
community
would
want
to
enable
ambient
as
the
default
profile,
because
essentially
what
ambient
means
is
we
support
cyclops.
We
also
support
sidecut
right
and
we
also
support
interrupt
between
the
two.
So
that's
probably
the
profile
we
want
to
target
for
the
default
profile
going
forward
when
it's
stable.
Would
you
agree
with
that.
B
Okay,
we
have
more
people
join,
so
I
would
really
really
love
to
hear
some
questions
from
the
audience.
We
noticed
our
audience
are
very,
very
shy
today.
So
if
you
could
just
come
by
say
hi
to
us
before,
you
ask
a
question
that
would
be
also
be
appreciated.
So
just
we
know
you
know,
you
guys
exist
that
you
come
by
and
even
congratulate
us.
We
would
love
to
hear
that
to
you
and
congratulate
you,
the
entire
istio
community,
for
this
big
announcement.
B
Is
there
anything
you
guys
want
to
share?
Besides
what
was
just
covered,
I
think
we
covered
a
bunch
of
stuff,
so
we
covered
producer
side
right.
We
cover
evpf.
We
cover
simplification,
how
simplified
the
user
experience
it
is.
We
also
cover
h4
right,
the
impact
of
edge
ball
and
we
covered
about
data
plane,
optimization,
particularly
on
the
layer,
4
side.
We
also
covered
about
how
z
tunnel
could
be
implemented
for
different
platform
to
allow
workloads
to
be
run
besides.
What
is
your
already
supports
today?
A
I'll
sorry,
to
put
john
on
the
spot
a
little
bit,
but
one
interesting
choice
we
made
with
ambient
was
to
use
the
gateway
api
to
signal
that
a
point
should
be
deployed
at
l7.
Processing
should
be
enabled
in
the
name
space,
and
I
thought
that
was
kind
of
an
interesting
technical
decision
to
make
and
john.
I
I
wonder
if
you
could,
I
think
it
might
be
worth
talking
for
a
minute
about
like
why
we
went
that
path.
C
Yeah,
where
to
start
it's
kind
of
a
complex
topic,
so
if
you're
not
familiar
with
the
gateway
apis,
it's
basically
this
new
api
coming
from
from
kubernetes
itself.
That
in
many
ways,
plays
the
same
role
as
the
gateway
and
virtual
service
apis
in
istio.
So
far,
it
may
also
extend
to
things
like
destination
rule,
etc.
C
So
this
exists
today,
you
can
go,
run
estio
and
configure
it
with
the
gateway
api
and
then
use
the
same
api.
That's
used
by
gke
engine
x,
contour,
a
bunch
of
other
products
as
well,
so
it's
kind
of
a
standardized
api
similar
to
ingress,
and
so
that's
kind
of
where
we
see
the
future
of
networking
apis
for
easter,
and
so
it's
kind
of
a
natural
fit
to
want
to
use
those
apis
in
the
new
ambient
right.
So
we
have
new
apis
new
deployment
model,
they
kind
of
go
hand
in
hand.
C
Some
of
the
nuance,
though,
is
that,
as
as
this
is
going
on,
the
gateway
api
is
also
going
through
this
project.
That's
they
call
gamma,
which
is
basically,
how
do
we
take
this
api
and
use
it
for
service
mesh
use
cases,
so
part
of
that
is,
you
know,
defining
what
is
a
mesh?
How
is
that
represented
all
those
types
of
things?
C
So
it's
pretty
plausible
that
we
will
actually
switch
how
we
do
this
based
on
the
results
there
there's
still
early
discussion,
but,
for
example,
there's
been
talk
about
having
a
resource,
that's
called
literally
mesh.
You
could
see
us
having
a
mesh
resource
instead
of
a
gateway
resource,
actually
provision.
It
similar
story
under
the
hood
that
we
just
have
a
signal
that
we
should
provision
a
proxy
but
slightly
different
api
to
align
with
the
common
spec.
C
One
of
the
other
interesting
parts
about
using
gateway
in
particular,
though,
is
that,
if
you
think
about
going
through
like
a
deploying
say
book
info,
you
first
hit
the
ingress
gateway.
That's
a
full
l7
envoy
proxy
that
can
do
you
know
all
sorts
of
rules
we
want,
and
then
we
go
to
our
next
top,
which
is
the
waypoint
proxy
for
the
product
page.
That's
also
a
full
l7
proxy
that
can
implement
all
sorts
rules.
Now,
there's
there's
many
valid
use
cases
to
have
both
these
hops
right.
C
B
That's
great
by
the
way
I
just
noticed
there
are
some
questions
from
the
audience
which
I
think
ethan.
You
kind
of
will
answer
that.
Well,
thanks
for
for
the
question,
I'm
not
sure
how
to
pronounce
your
name
so
so
the
question
was
around
z,
tunnel
agent,
basa
envoy
and
it's
their
plan
to
integrate
evpf
to
nbn.
I
think
we
just
answered
the
question
not
so
long
ago.
B
D
B
D
Yeah,
so
that's
actually
something
I'm
looking
into
basically
right
now
and
the
that
the
idea
is
to
there's
two
aspects
to
it:
right,
there's
the
redirection
piece
of
getting
traffic.
You
know
from
a
pod
and
to
the
whatever
tunnels
it
right
and
then
there's
the
part
that
tunnels
it
and
I'm
currently
looking
at
the
first
approach
and
which
is
essentially
getting
traffic
from
empirical
envoy
very
efficiently,
using
ebpf
and
then
a
further
research
area
is
to
see
if
we
can
use
ebpf
to
further
optimize
the
job
andre
is
doing
or
potentially
replacing.
B
So
I
guess
I
have
a
question
then
related
to
this,
because
early
on,
I
think,
justin.
You
said
about
potentially
supporting
z
tunnel
windows
right
and
then
you
just
talk
about
rewrite,
potentially
rewrite.
Not
only
the
traffic
redirect
between
the
terminal
to
the
collocated
parts
on
the
same
node
using
evpf,
but
also
the
actual
job
that
z
tunnel
is
doing
potentially
also
using
evpn.
B
D
F
Yeah
I
mean
so
like
I
have
some
background
on
the
open
v
switch
project
and
so
like
open
v
switch
port
to
windows.
There
are,
there
are
hooks
that
you
can
go
that
so
we
could,
you
know,
implement
in
you
know
portable
code,
the
z
tunnel,
implementation
that
and
then
make
that
work
within
the
windows
kernel
using
those
hooks.
I
think
that
would
make
more
sense
than
ebpf,
because
so
much.
C
F
Evpf
inherits
the
specifics
of
the
linux.
Networking
stack
that,
even
though
there's
a
lot
of
talk
about
ebpf
on
windows,
I
don't
know
how
practical
that
actually
is,
but
I
think
the
the
feature
set
that
we
need
is
fairly
minimal.
So
you
know
doing
a
port
to
get
that
that
capability
into
windows,
I
think,
would
not
be
too
hard
much
easier
than,
for
example,
you
know
getting
envoy,
oh
envoy,
and
then
especially
if
we
wanted
to
use
those
hook
points
you
wouldn't
want
something
so
heavy
weight.
B
Okay,
very
cool,
okay.
Folks,
I
want
to
be
very
respectful
of
your
time.
I
think
we're
getting
into
was
the
end
of
over
live
stream.
I
haven't
seen
a
lot
of
questions.
If
you
do
have
questions,
please
do
make
a
comment
and
we'll
try
to
get
to
them.
Also.
We
have
a
ambient
channel
in
isro
slack,
so
that
is
a
good
place
for
you
to
ask
questions
all
right,
so
we
have
one
other
question
coming
from
another
john.
Thank
you
for
that
great
question.
So
how
does
this
affect
the
tonometry?
C
Yeah,
I
was
actually
so
I
mean
there's
like
long
term
and
short
term
long
term.
We
expect
the
telemetry
outputted
to
be
the
same
shape.
Now
there
will
be
some
differences,
semantically
right
if
before
we
have
source
and
reporter
metrics
and
in
between
those
there's,
the
network
latency
right
in
many
cases
now
we're
only
reporting
from
a
single
l7
proxy,
and
so
those
are
virtually
the
same
same
metric
there.
C
B
Maybe
maybe
target
yeah.
I
think
we
have
target
for
on
layer,
seven
we're
still
working
on
layer
for
tonometry,
but
I
believe
the
api
is
similar
yeah.
So,
if
you
plug
in,
like
the
stats
permissive
endpoint,
you
will
be
able
to
see
like
some
of
the
issue
layers
of
the
metrics
today,
it's
in
fact
in
our
get
started
guide.
If
you
follow
that.
C
B
B
Awesome,
thank
you
so
much
john
for
that
question.
All
right.
I
want
to
take
a
minute
to
thank
the
audience,
the
audience
everybody
for
joining.
I
also
want
to
thank
all
of
our
speakers.
It's
so
nice
to
be
able
to
share
your
thoughts
so
before
we
end
the
live
stream,
I
want
to
say
a
big
congratulations
to
everybody
on
the
ambient
lunch
today.
B
It's
such
an
exciting
day,
I
feel,
like
I
couldn't
sleep
very
well
last
night
and
thank
you
for
that
comments,
john
about
yes,
we
will
be
touchy
soon,
so
we
appreciate
that
with
that.
I
would
like
to
ask
each
speaker
if
they
have
one
parting
words,
one
parting
sentence
they
want
to
share
before
I
let
them
go.
B
F
You
know
I
I
agree,
I'm
excited
to
hear
the
feedback
and
we
kind
of
been
toiling
on
this,
so
it
will
be
great
to
you
know,
get
the
reaction
from
the
community,
and
you
know
you
know
hear
about
the
parts
that
we
you
know
like
rough
edges,
that
we
need
to
stand
off.
That
will
be,
but
I'm
excited
about
it.
I
think
it's
going
to
be
a
great
new.
B
Yeah,
I
think
you
guys
all
said
what
I
wanted
to
say.
I
guess
I
would
say
I
am
super
super
grateful
to
working
with
all
of
you,
I'm
israel
ambient
I'm
also
very
continue
working
with
the
broader
community
on
it's
your
ambient.
This
is
like
a
special
moment
for
the
isro
project.
I
feel
like
we
haven't,
had
a
big
announcement
like
this,
for
maybe,
since
it's
still
1.41.5,
when
we
consolidate
all
the
control
plane
into
one
components.
That
will
be
the
last
time.