Steven Landow
Steven Landow
We should identify all of the “bad” cases we can possibly take and make sure to have tests for them and we can verify sane behavior. Examples: Sending to a...
Trace should give extreme detail on every decision made for every single connection. Essentially super verbose connection logging. Follow prior art in Envoy. There should be a mechanism to enable...
All configuration options and APIs should be well documented. Ideally, the docs are written in code and through generation are imported into istio.io
Can be cheaply incremented (no locking, etc). Used primarily for devs to see how many times some codepath is hit. Not “prometheus-y” metrics (e.g. byte counts, etc) It should be...
John: > I wonder if we should/can run K8s conformance tests as well. Probably not automated, but as a one-off
Automated tests of basic attacks: SYN flood Ping/ICMP flood Slow loris (are we vulnerable to L7 things here?) The libraries we use may have sufficient testing depending on the layer...
Currently, if you create a sandwiched-waypoint with ```yaml kind: Gateway spec: listeners: - port: 15123 # not 15008! ``` The `hboneMtlsPort` on a gateway address will still be 15008 (we...
# Description ## API changes The only API is an internal code API to allow GME to take control of the Gateway translation. Changed `CreatePluginRegistry` to `GetPluginRegistry`. AFAICT there is...
# Description Allow filter chain matches to match on destination IP/port. This bug fixes ... \ This new feature can be used to ... ## API changes In `Matcher` added:...
* The current implementation of multi-network gateways relies on SNI to identify the last hop. * In sidecars, headless services use original destination so they won't have EDS redirect traffic...