John Howard
John Howard
That is only authorizing /headers. I mean the ext_athuz server returns something like `user: foo` and we have a VS that has `match.header.user=foo`
Ingress gw can do both. Its just like JWT claim routing. It was from 3 different people verbally.
I think the limitations may be beyond Rust vs Envoy if we include the full scope of Telemetry customization. We probably don't want per-workload overrides on node proxy
> For Kiali users looking to save metric storage space, we recommend the following labeldrops: > chart|destination_app|destination_version|heritage|.*operator.*|istio.*|release|security_istio_io_.*|service_istio_io_.*|sidecar_istio_io_inject|source_app|source_version Most of these are not set at all by Istio, but by users...
Chatted with @louiscryan a bit, here is where we arrived. Primary focus is retaining metrics value while keeping cost reasonable. I setup a small spreadsheet to put in theoretical numbers...
cc @kyessenov
I have mixed feelings on this. I like the deduplication, and seems useful in other context as well like access logs. But seems complex and risky
> Result What do the numbers mean?
Doesn't that show its now larger, not smaller?
/hold cancel looks like this was added on the pr creation and not intended