Ambient Mesh, with Justin Pettit and Ethan Jackson

Kubernetes Podcast from Google

Episode | Podcast

Date: Tue, 20 Sep 2022 22:31:58 +0000

<p>When you think of a service mesh, you probably think of “sidecar containers running with each pod”. The Istio team has come up with a new approach, introduced recently as an experimental preview. Google Cloud software engineers <a href="https://twitter.com/Justin_D_Pettit">Justin Pettit</a> and <a href="https://twitter.com/EthanJJackson">Ethan Jackson</a> join Craig to explore ambient mesh.</p> <p>Do you have something cool to share? Some questions? Let us know:</p> <ul> <li>web: <a href="https://kubernetespodcast.com">kubernetespodcast.com</a></li> <li>mail: <a href="mailto:kubernetespodcast@google.com">kubernetespodcast@google.com</a></li> <li>twitter: <a href="https://twitter.com/kubernetespod">@kubernetespod</a></li> </ul> <h3 id="chatter-of-the-week">Chatter of the week</h3> <ul> <li><a href="https://twitter.com/davemccollough/status/1568381307519893506">Listening immediately</a> and <a href="https://twitter.com/KataMapkon/status/1568759912695734272">listening on a 1 year delay</a></li> <li><a href="https://en.wikipedia.org/wiki/Death_and_state_funeral_of_Elizabeth_II"> Death and state funeral of Queen Elizabeth II</a></li> <li><a href="https://en.wikipedia.org/wiki/The_Queue">The Queue</a> <ul> <li><a href="https://www.bbc.com/news/av/uk-62949220">What the queue says about our relationship with royalty</a></li> </ul> </li> </ul> <h3 id="news-of-the-week">News of the week</h3> <ul> <li><a href="https://www.cncf.io/blog/2022/09/14/cloud-custodian-becomes-a-cncf-incubating-project/"> Cloud Custodian becomes an incubating project</a></li> <li><a href="https://cloud.google.com/blog/topics/anthos/extending-anthos-to-manage-on-premises-edge-vms-now-generally-available"> Anthos VM support</a></li> <li><a href="https://cloud.google.com/blog/products/containers-kubernetes/kubernetes-control-plane-metrics-are-generally-available"> GKE control plane metrics</a></li> <li><a href="https://groups.google.com/g/kubernetes-announce/c/aaOLnyQPXFg/m/oi5CC2XPAAAJ"> CVE-2022-3172: Aggregated API server can cause clients to be redirected</a></li> <li><a href="https://groups.google.com/g/kubernetes-announce/c/3L7PuIBn4hU/m/5DIyRGGHAAAJ"> CVE-2021-25749: runAsNonRoot logic bypass for Windows containers</a></li> <li><a href="https://akuity.io/blog/announcing-akuity-platform/">Akuity Platform</a> <ul> <li><a href="https://kubernetespodcast.com/episode/172-argo/">Episode 172, with Jesse Suen</a></li> </ul> </li> <li><a href="https://www.weave.works/blog/weave-gitops-2022-09">Weave GitOps 2022.09</a></li> <li><a href="https://github.com/coroot/coroot">Coroot Community Edition</a></li> <li><a href="https://github.com/edgelesssys/constellation">Constellation, by Edgeless Systems</a></li> <li><a href="https://g.co/cloudnext">Register for Google Cloud Next</a></li> <li><a href="https://investors.delltechnologies.com/news-releases/news-release-details/dell-technologies-and-red-hat-expand-strategic-collaboration"> Dell and Red Hat expand strategic collaboration</a></li> </ul> <h3 id="links-from-the-interview">Links from the interview</h3> <ul> <li><a href="https://en.wikipedia.org/wiki/Nicira">Nicira</a></li> <li><a href="https://en.wikipedia.org/wiki/Open_vSwitch">Open vSwitch</a></li> <li><a href="https://istio.io/latest/blog/2022/introducing-ambient-mesh/">Introucing Ambient Mesh</a> <ul> <li><a href="https://istio.io/latest/about/service-mesh/">Service mesh</a></li> </ul> </li> <li><a href="https://www.infoq.com/articles/istio-future-service-mesh/">First mention of Ambient in 2018</a></li> <li><a href="https://github.com/kubernetes/enhancements/issues/753">No first class support for sidecars in Kubernetes</a></li> <li><a href="https://docs.google.com/document/d/1xHy2jQ8oiwMponMVY2zJr2eUAmHW_Hi9JK42a7cg5Pc/edit#heading=h.mkuc663xxmt1"> Istio working group meeting, August 2021</a> <ul> <li><a href="https://docs.google.com/document/d/1q1FWaPjW8ko9Eh2m-7DO5wbQTCy6neF8Gl_1r0IoxnQ/edit?resourcekey=0-IJdySFDjGIayhbwLs1bfuA#heading=h.aftfqyuq9wud"> Remote proxy proposal</a></li> </ul> </li> <li><a href="https://pkg.go.dev/github.com/costinm/hbone#section-readme">HBONE</a>: HTTP/2-based overlay network environment</li> <li><a href="https://www.cloudflare.com/en-gb/learning/access-management/what-is-mutual-tls/"> mTLS</a></li> <li><a href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Methods/CONNECT"> HTTP Connect</a></li> <li><a href="https://www.youtube.com/watch?v=N1AL2EMvVy0">GIF</a></li> <li><a href="https://datatracker.ietf.org/wg/masque/about/">MASQUE</a> and <a href="https://en.wikipedia.org/wiki/QUIC">QUIC</a></li> <li><a href="https://istio.io/latest/blog/2022/get-started-ambient/">Get started with Ambient Mesh</a></li> <li><a href="https://istio.io/latest/blog/2022/ambient-security/">Ambient Mesh Security Deep Dive</a></li> <li><a href="https://twitter.com/Justin_D_Pettit">Justin Pettit</a> and <a href="https://twitter.com/EthanJJackson">Ethan Jackson</a> on Twitter</li> </ul>