Regions/languages supported: Base specs for Japan/Japanese ● Total number of listings to date: More than 2 billion *As of December 2020 Many sellers enjoy having the items they no longer need purchased stopped after any other container in a pod ● Adjust your pods terminationGracePeriodSeconds to be more than the sum of all sleeps in the preStop hooks. ➔ If the pod is terminated too early, connection draining only recommended if you know what you are doing. Once Kubernetes supports the sidecar pattern in a better way, these workarounds should be deprecated. 21 Shortcoming 2: Autoscaling multi-containers pods

worthwhile to create an Istio Hostname resource that can be referenced by Gateways, which would allow for better tracking of hostnames — and hostname collisions — in a Kubernetes cluster. This would also enable especially when relying on features like REGISTRIES_ONLY7 or Egress policies. A service mesh is different than a CNI in that one facilitates communications, and the other controls them. Istio’s service mesh is trafficPolicy.tls (ClientTLSSettings) field into Envoy’s UpstreamTlsContext ,13 and — for modes other than ISTIO_MUTUAL in which Istio generates the PKI to use — defaults to converting such fields that lack

Extensibility #IstioCon Why Should Istio Support VMs ● ≈ Why VMs? ○ Technical reasons ■ Better known security controls ■ Better isolation (of resources, fault domains etc.) ■ Compatibility (non-Linux, unikernels) ExternalName ■ Service <-> DNS name ○ External IPs #IstioCon V1.1 ServiceEntry #IstioCon V1.6-1.8 Better VM Workload Abstraction A K8s Service and Pods Two separate object with distinct lifecycles it, w/o giving a first-class representation for the workloads themselves #IstioCon V1.6-1.8 Better VM Workload Abstraction Item Kubernetes Virtual Machine Basic schedule unit Pod WorkloadEntry

com/istio/istio/wiki/Reviewing-Pull-Requests #IstioCon Learn Istio is a complex project, and Istio.io is the perfect place to start committing. #IstioCon Connect With the Community ● Working groups - great way

Architect, Aspen Mesh) Louis Ryan (Principal Engineer, Google) #IstioCon Highlights of 2020 ● Better life cycle management ○ Istioctl install & Operator support ● Architectural simplification ○ Monolith Promoting revision based upgrades ○ Support skip-level upgrades ○ Pre & Post Upgrade checks ○ Better testing mirroring production use cases ● Enhanced troubleshooting ● Aligning APIs with Istio user

multi cluster at scale ● They can’t have k8s cluster in the DMZ zone ● Simpler and better VM onboarding expereince ● Better zero trust architecture DMZ F5 -> Two Tier Gateway • Istio Fundamentals (Free)

Internal Presentation AGENDA Why? Reasons Options How? Strategy Compromise What could have been better? Learnings Hurdles What’s next? Projects Ideas Excitement! Internal Presentation New Square

- Istio setup and Microservices ● Export metrics to central prometheus ● Outlier detection for better reliability ● Enable Zonal routing, zonal deployment and HPA ● Endpoint accessed by service via

Mocks are like any other software: ● Bugs ● Maintenance Why don’t you ? #IstioCon Can we do better ? #IstioCon What if ? #IstioCon EnvoyFilter - #IstioCon Envoy HTTP LuaFilter function en

io/latest/docs/reference/commands/pilot-agent/#envvars Remember: Always look to see if there are other, better ways of enabling functionality; environmental variables are considered experimental. #IstioCon