 Hey guys Hey guys So let me sit this in the chat quick reminder, please add yourself to the attendee list in the meeting minutes Also, please note this call will be recorded Automatically in fact, it's already being recorded and posted to YouTube and we usually get going about five after Did anything change it in the meeting note for share access List I could not add myself to the list Now there shouldn't be let me let me check and see what the share settings are Oh, that's not good. Um, anyone the link can edit. There we go Not sure why it got so differently than that. So I have now updated you should now be able to add yourself to the list apologies Do you confirm whether or not you're able to not sure how that got screwed up? No, just View mode Try refreshing your page because I have changed the share, but you may have to refresh the page for that to propagate. Oh Yeah So thank you for my I'm sure everybody else is having exactly the same issue. So thanks for speaking up Is someone able to share the Minutes with the call. Thank you, Nicola. Much appreciated. Oh, I'll get started in a brief moment Okay, let's get started Well first can people hear me Yes perfect, okay, so Welcome to the next network service match meeting We have this meeting every Tuesday at 8 a.m. Pacific time We also have a Asia friendly time which occurs I believe every other week at 3 a.m. Pacific time Nicola, did we have one today? No, it's so it was last week and then it's next week So we'll have one in next week. Yeah, we also participate in the CNCF SIG network which occurs every first and third Thursday of every month at This occurs at I think I want to say one one p.m. Pacific time it's definitely not 11 a.m. Pacific time and It's interlaced with the CNC with the Kubernetes network same so whenever there is a Kubernetes network SIG on There is not a CNCF network SIG and vice versa Upcoming events on March 18th I will be giving a talk at go San Francisco on Cognitive zero trust, which will include NSM in it plus other projects that are in the CNCF and March 30th through April 2nd We have QCon cognitive con Europe coming up which is happening at the RAI Amsterdam in the Netherlands and The agenda is now up So we have a pretty good lineup of talks that are anti-sem related We have the CNC we we also have a co-located event NSM con which is occurring on day zero on March 30th the proposals close on Valentine's Day, the very 14th, so please go ahead and submit before before then I highly recommend 13th if you're doing something and Schedules will be posted on February 21st. We also have some available sponsorship, so Please go and download the prospectus which is here if you are interested in sponsoring the conference We have ONES coming up CFPs have already closed We're waiting for the announcements in early March and that will be held in Los Angeles in April 20th or 21st Other upcoming things include QCon cognitive con China in Shanghai the CFPs close in February 21st, so a couple of weeks from now The notifications will be in May and schedule announced in May 13th And finally, ONES Europe, it will be in the end of September The CFPs are currently open. I believe are they open? Yeah, and they They close in June 7th. The notifications for those will go out in July 9th and Finally there's QCon, CognitiveCon in Boston and the CFPs open on April 22nd and They close in June 12th. The notifications will be out in September and schedule announcements will be September 16th Highly likely it will be an NSMCon Day 0 event there, 0 Stay tuned for that And with that are there any other events that people want to announce? I think that's a pretty thorough list I think so too So I know these are repetitive at times, but the idea is to help remind people about CFPs. So So I think so I think this is for me, this is quite quite useful. It's saved me many times from forgetting to submit things Cool. We also have In the in the announcements that we've made this announcement before there is a new cross Project project page, which is linked in the agenda. You can also find it by going to the network service mesh organization in on github and clicking on the projects tab and For social media community team, do we have Ashley on the call? Yes, I am here. Hello everybody Thanks So this past week again We have had some steady increase in numbers and engagement on the network service mesh Twitter and LinkedIn account As far as followers go we've gained an additional seven We followed an additional 10 accounts and tweets and retweets a total of 21 in Twitter And included in those as far as NSM con related tweets some general event details some retweets by Gary About NSM con and getting the word out there from him as well. Some CFP due date remind is last week Friday a one week reminder as well as another one out yesterday and that'll be the main focus of this week and Just reminding people to get their proposals in before the deadline on Friday And then general tweets core reminders video recaps from previous meetings CNCF news related There was a really nice cloud native landscape board shared a few times on Twitter this week so got that out nice visual there and Then individual tweets for CNCF weekly webinars other events that were promoted this week was the intro to NSM Which is a cloud native meetup happening in Austin next week and general tweets and retweets about open source service mesh and containers As far as a LinkedIn goes we gained an additional eight followers and Posted the same as any original tweets that went out through the network service mesh Twitter account As far as the plan for the next week to continue with an SM con related tweets mostly focusing on CFP users those are due at the end of this week start bumping up the sponsorship tweets as well and Any other events because it seems like they are a lot that are starting to pop up and some individual NSM Sessions that will be presented at cube con that is on the list for this week as well So do you see that the next point recently in an SM con there is some information there So I'll go and dig in and see if there's anything worth tweeting about There as well and again if there's anything else that needs to be promoted then please do let me know Fantastic. Thank you very much Yeah, thank you. We do appreciate the thoroughness of all of this. We're incredibly blessed to have a strong social media community No problem Another nice thing that we will eventually do and maybe we should do it sooner than later before I get to a Is see about grabbing some of those stats and sticking them on a seeking them on the spreadsheet so we can look at the the change over time and Make pretty graphs out of them It's not suggesting you have to do this This is something that we can that we can take up But we actually have that tracked on our end. So I can send that over to you at some point as well Oh, cool. Well, when you think the the graph looks Nice enough and tells a good story, you know, we'd love to see something in that area show That you all think of everything Awesome Fantastic Can we get the agenda back when you're ready area? Fantastic Great Okay, so recently in NSM, so are these from the 730 a.m. Pacific No, the sort of I mean effectively this was I went through and scraped some of the stuff That's landed recently to put this together just to sort of highlight some of the things that are going on to the broader community It's super easy to get lost in the flurry of PRs and things and a lot of good stuff has been happening So I wanted to sort of point out some of it. So We got the SROV API changes have landed in the API repo Which is great news The SDK kernel guys have started moving forward in the SDK kernel repo with Zemmick landing the Machable net link client, which is super helpful because that means it becomes easy to unit test things So thank you very much for that And it also for the SROV API stuff. That's that's also Zemmick So the core DNS fan out plug-in This is the plug-in that we wrote so that we can appropriately propagate DNS over network services and Denise has gone ahead and engaged with the upstream core DNS folks and they have at the level of concepts said they're perfectly happy to have this land as a Internal plug-in to core DNS, which means it will be available out of the box Which means we consume the out-of-the-box for DNS, which is really good news Anything you want to say about either of those Zemmick or Denise? not really maybe one news Those who had this PR against the SROV network device plug-in that allows for overriding resources Names that's going to be useful with NSM and it's already got merged to the master branch there Another good news Very cool Cool, so I do have a question on the netlink one because that is incredibly vague and specific at the same time Not not everyone knows what netlink is You can think of it as a kernel messaging system The question that I have is at what level of detail do we Do we go with netlink like where are we able to mock pretty much any netlink message or just the ones related towards towards networking? they were mostly wrapping the Golang netlink library for manipulating network interfaces that are handled by kernel modules That's pretty much it and currently we're focusing on basic stuff like Setting IP addresses dating IP addresses changing admin state and and so on The cool part about it is that now we can actually test without having to set up netlink Which means we can write unit tests that can be run everywhere not just on a Linux box Yeah, this is exactly Yeah, and we had this issue before with CNI plug-in or Divas plug-in in other communities where we're blocked by CI for example, how are you gonna test the SROV related stuff on Travis, right? So the only way to do that is to create Rapper like the one we already have in NSM Okay, so this this makes sense to me. Thank you very much Okay, and So we also have I guess do you want to continue on it? Sure, uh, so The we do these did you anything you wanted to say about the core DNS fan out plug-in stuff? Oh No, you said Okay, no, but it's very exciting So cool on the the next up that I wanted to point out was and I know that we have some people who care a lot about SRV six in the community and an SRV six mechanism Chain element was landed in the SDK VPP agent so that we should have SRV six support In that forwarder Obviously, you know the API is the mechanism API is fairly generic. So any other forwarder could also implement it But you at the end of the day what you wind up with is the ability to have virtual wires that are based on SRV six No, for those who don't know that segment routing v6. It's super cool if you're networking if your network geeky But Cool Anybody have comment? I know Artemis is here today. Anyone have comments or questions on that? I got a comment on that One of the things I find very interesting with this is that SRV six you can think of as another way to implement Or shape traffic so it has roots and like NSH for those of you that are familiar with it The things that I find really interesting is I remember having a conversation with multiple people at a previous on us and some people were of the opinion that SRV six is like one of the next best things coming up ahead and others were a Bit cautious and thinking oh, they were going back to the entire time where we were focusing on network Circuitry and and dedicated paths and we're weary of that. But it's interesting is that the type of abstraction we have with the vwire Actually makes it very easy to to shift from one to to the other in terms of your like it's the same Model of Thinking at the top level that works across both the circuit and switch based paths at least on the conceptual level and so I think this is gonna This is going to help a lot of people who they can when they implement their their systems They don't like they still have to worry like this is my This is my infrastructure support SRV six or not But at the top level they're not gonna have to really think about those particular things they just have to think about how do I wire things together and they and make them work and so There's there's a really interesting abstraction that that that that occurs that That's very that to me feels very natural about How all this stuff ends up in interoperating all together and To add to this something that's not mentioned on the list because it's not yet Merged but still if you don't have SRV six, but you happen to want to use a more recent kernel that have the wire guards Enabled you might be able to switch to wire guard instead This is true Yep Now one of our great strengths is actually our flexibility around the mechanisms because it turns out that There are entire holy wars that people want to fight over these things and we just sort of shrug and say just whatever you want to do It's fine So Cool, so that's exciting. The other thing is the initial cross-connect chain landed in the SDK VPP agent So this is sort of this gives you an idea of how all the chain elements would string together to form a cross-connect network service for a forwarder So that's probably an interesting thing to go look at You know it sort of shows where the pieces actually sort of fit together and it literally is something you can probably look at and see in a single screen Because it's very semantic at the level of the chain. It's literally saying you do these things and then you do those things in a list so That's actually pretty good stuff then The so any any questions on that or I'd encourage folks to go take a look It's pretty simple to read through Cool, and then the other one I wanted to call out because this has me super excited because I love things that increase testability the gRPC folks finally realized that having gRPC client connect be a Struct was really a bummer when you're trying to test things And so they created gRPC client con interface to replace it and We are most of the way now to having adopted that inside our own code We're just waiting on the VPP agent staff to catch up And they're on they should be doing that shortly I've chatted with them and what this will allow us to do is when you want to go test a thing You can literally Provide a client con interface that's mocked out instead of one that will do real connections So you can string together things that normally would talk over the network with gRPC You can string them together with these mockable client con interfaces and the net result will be unit testable So you could sort of literally stand up the entire virtual system in a unit test And while that doesn't get the places where it chases the outside world It does a lot to keep the system stable and functional as you make changes in the code So I think some of them will be useful for the broader community is Once once we're comfortable with where these things are and are seeing them working well We should probably do like a short could be a five or ten minute YouTube video and stick it on for people to see the netlink mocked out to see gRPC client connections Locked out and and the testability of the system in order to encourage other projects to take similar similar paths and similar roles in in their own projects and Like that's two areas where you look at at any CNI plugin. We look at a sort of different Systems are out there That rely on go and networking they almost all exclusively used the same netlink library I forget the name of the of the individual who wrote it but And and they and most and several of them also end up using gRPC for other particular projects as well and such being able to shut those things off is Incredibly useful Yep, no, I mean my guess is that that if Vishay Brahms had actually written his netlink library in a way that was Mockable like it would have saved saved hundreds of people writing rappers and shimlairs So Yeah, and he did a fantastic job with the actual netlink library and functionality itself So I don't don't get it wrong with that, you know, it's a pretty amazing library It is it is and in from the sort of simple usability point of view It's actually right it sort of reminds me of what happened with the log risk stuff Where when the log risk guys started they started in the same sort of like hang a function off a package style Because that actually turns out to be a really useful pattern And then they came back around at the end of the day and and provided the ability to go create additional ones and have field You know feel log or interfaces and that kind of stuff so That you know, they followed a really good path on starting the whole thing out Cool and that's the sort of it for the stuff that I wanted to sort of focus on recently in an SM Are there other things that have recently landed an SM that people wanted to point to? Or discuss not I think we should Move on to Ivana who has some Discussion about visualizing traffic metrics Hi, I wanted to share what I researched right out I'm just like to share screen did some small presentation just to help follow up. I Will stop sharing Okay, I'll probably for a second just to stop sharing Okay, so do you see my screen now? Do Great just second. Oh I don't see my yeah, I see it now So what we discussed is just to have some good way to some good to to visualize the topology that is deployed fire and a same on all the clients and points and The traffic going between them the dropped packages the successful RXTX packages, etc just not not just by looking at Prometheus or some other ways but to have a good Graphic way of that and for that I Did some research. I looked at the CNCF landscape and actually Almost all of the projects Except Kali don't work for us. They are They are a bit off topic and not exactly what we need a don't represent poetry and things like that Very very different from what we are looking for the open matrix project was said to be That the plan is to be the standard for For kind of visualizing such things but actually the project is Bit frozen for the last six months and I saw an issue As someone asking for estimates when when their API is going to be shared and They don't they they say they're working on it, but they don't give any estimates So this is not something to consider in the moment and many of you know about Kali. Yeah, it was Presented on the previous course. It's actually a very good tool It shows exactly what we need to apologies. It has metrics and other stuff and the it's This is it's architecture front and it has back-end that takes data from Prometheus which we have for the old Ensame API and we would like to also have for the new API But the problems here is that it is a very tightly coupled with Istio I play it a bit with it and It needs actually it needs a lot of work in order to Decouple this from Istio. It doesn't work with Very well with kind. It cannot be deployed if you don't have It's deployed only with Istio together can be separately deployed It's it needs to to have Helm charts the couple the deployment from Istio support Kind and also it needs to decouple we need to decouple the implementation because the current API is very strictly Corresponding to Istio's API And if we choose to use this tool, we need to join the community Ask them what they think about that or they like to make the tool more general And they agree that we can do all those efforts The other thing that we already have is skydive. I think it's pretty nice way of visualizing we have metrics there, but They are from interface to interface not the way that we expose them lately to be from pot to pot from client to endpoint We don't have yet Support for a path But yeah, where we reached it's before the path was implemented and we had just a client and endpoint ports and we had Data for the metrics between specific clients and endpoints with what we have in skydive by now we don't have Exposed information about the ports. We have just for the network interfaces and we still have some things to do there I try to deploy in kind hit some issues there And I'll still I'll contact Matt. Maybe he I think he succeeded to deploy with kind and we need to We have a choice to update the NSM probe With the Prometheus integration or I think what is better is just to create a separate probe That is just for Prometheus because we have the data exposed there and we don't need to To be tied it to the NSM probe here. It will be more generic Yeah, I think that's almost certainly a good idea to try and tie it to Prometheus Yeah, it's it just a better abstraction I think I think it will be a bit easier instead of editing and we still can use the old probe But yeah, that's With the Prometheus probe if we implement that we would needs to somehow because what we start currently in Prometheus We have the pod names as labels. We would like to add path segments as labels as well for the matrix cure data and we would need to To take those labels and build the topology on top of them Just to have the labels as a vertex in the graph and you have the matrix for specific labels shown and I Didn't try out with that Didn't do any estimates Whether it will be trivial or it will be more tricky to implement and actually yeah, this is what was I did this a bit research try it out some things by now and I opened an issue So I would like to hear the opinion of the community what you think would be Better to focus on what do you think on that idea? Do you have any other ideas any other projects? Etc. So one of the idea that occurs to me and I literally don't have any idea if this is a good one or a bad one Is there appear to be some topology visualization plugins for Grafana? Which is what's hidden directly on top of Prometheus anyway. I have no idea if this is good bad or indifferent I just don't know But it's it might be worth taking a look at I Think I'm not sure if I Checked exactly what you're talking about. I tried out some things actually what I found by now is some charts Visualized charts exposed on Grafana, but what we need is to have the topology Visualized if you see something like here, and I don't know if there is something integrated with Grafana That works like that. I will check as well. So they do have a diagram plugin that comes up with a shot of quick googling I literally have no idea if it's good or bad I mean, the the lovely thing of Kali is Kali is just beautiful, right? It's just pretty And it would be very nice to have something like Kali Yeah, it's just with Kali. I think it's if This is the visualization tool for Istio. It might become a standard for service mesh I think I found out someone that Decapitated and deployed it with linker D but Yeah, the question here is The effort that it needs It will need some dedicated effort to Officially the couple from Istio and here it is a general tool. Will they agree? Do we want to invest that effort? And yeah, this is actually the question here, but I think to me it feels like the best option in terms of Result if we have that it would be great Skydive is the easier way But the question is do we want to stick to skydive or we want to have some dashboard like that? Yeah, no, that's This is good. Thank you for sort of driving this I think this actually is going to become super important And we'll actually end up making for super happy users Yeah, I I don't actually Don't know how much I think it's enough interactive and good. It would be a really great have if anyone has opinion that if you think that if have been on what Solution we should choose that would be great. I I'm still trying to estimate and find out what's better But yeah, I'd like to hear the other people Opinion on that before focusing some effort on this So if you have any pros and cons regarding some of the proposals would be great share So I think one of the questions that would be interesting to me, but If Matt's not here probably I don't know if someone else can answer for him What's the story of skydive? Like I mean it was obviously chosen to be the tool That we used to have till now It feels kind of Abandoned on our end. I think that the tool itself goes on I have seen other Versions and implementations with some other plugins that were showing traffic statistics, etc. Not for an SM Just for think it was something with VPP integration I Mean How do we feel about it in general as a as a community? Is this something that is kind of a standard? within the network ish, you know telco type of Workloads and providers Yeah, I don't know. Do you do folks have experience or do they see some trending in terms of people converging on something particular? We've got a lot of experience in this call. So hopefully someone's seen something Okay, so we need to see a live presentation of the grass, right? I mean Okay, no because I I do agree here if if we want to have the wow You know effect would be really to to be able to say, okay So this is your key Ali and now it shows you your Istio and now it shows you your NSM and It's just like yeah, but that's obviously Longer discussion and There's a comment on the chat about figlet Yeah You said you like the someone said that they like the sea life Yeah, as a programmer we tend to like sea life things but having been on the operational side, I can see the value of visual things Interestingly Perhaps the question is not what do people use but should there should there be one That that was being asked and I think I'm pretty confident answers. Yes, there should be something something there One of the things that It's going to strike me as potentially lacking in all of the solutions though is we we have a concept of a connection that In many scenarios spans multiple hops And Think of it like the view wire that span that ends up Spanning multiple multiple hops and I don't think any of them will nicely show this And so regardless as to which one we take That'll probably be a limit that we'll have to just call out but I it's one thing to consider is the complexity of adding such a such a feature into Into one of the solutions and whether they may be amenable to it as well where Like we wanted to show a specific specific connection going through you know went through this firewall into this intrusion detection system I do this VPN gateway to this VPN concentrator, etc. Etc. being able to show that entire Chain and what's going on with a specific chain would be would be Very nice. Although we do have a way to potentially Help with this like if we have a monitor That goes across the entire chain and we hope that only that monitor up to one of these solutions that we can We can approximate that so that they don't have to support it natively so it may not be an issue But it's something to think about like what should that thing look like from a from an NSM native quay and Presemic also added a GUI topology view which is in in onus, but not know how relevant it is So that's something else we can toss on the list to take a look at Yeah, you sit on it once and it looks really cool, but I have no idea what's the underlying technology How relevant that is I would bet on some monolithic Java Cool, is there anything else that we want to discuss on this topic? Does anyone want to take as an action item? investigating this or Issue we just stick it in the icebox for now for someone to eventually pick up later on I Can investigate the other proposals as well And yay What's good if there is some common Community agreement on I just don't want to lose effort on something we would not prefer to be the solution so I Can share feedback from I can try out what? shared It's an addition and Yeah, maybe if we can stick to something that we decide would be the way to go I Think it's better to choose something and to dedicate the efforts there or Yeah, it depends on the amount Yeah, I think that's a good idea at least The important I guess there's two important things to look at number one is like what do we use in some like imagineers? I go a reference architecture of NSM and I think the kind installation that need the installation that we have in terms of installing spiffy spire and Opa and NSM and all that kind of stuff into the same cluster through our door Make and build system is probably the closest thing we have to reference architectural disappoint And so anything So on one path, it's like how do we make it easier for you to see what's going on and to to understand the concepts to Play around with it to see what's going on the other side of that as well though is we need to make sure that Often these decisions are made across cutting across multiple project products So in the long run we're gonna end up having to ask the question does this work with the The thorough of commercial Utilities that are out there and at the UI side, but the collection and reporting side. And so this is this is also The beginning of answering such a question is to like how do we effectively communicate with with those particular types of systems? So so I think this is this is definitely heading in the right In the right path to help answer both questions Okay, are there any other topics that people would like to discuss? Okay? Well, if there are If there are no other topics then we'll yield back 12 minutes of time Thank you everyone for attending and we will see you all again at the end of or Tuesday next week at the same time and remember your CFPs are due In a few days. So if you intend to add something in please make sure you you get the Those in as soon as possible. I have I have no other way to remind you during any future meetings. So thank you very much Thank you. Thanks. Bye. Thanks