0x405c3b 0x135de04 0x4674a1 # 0x135de03 k8s.io/client- go/tools/cache.(*controller).Run.func1+0x33 k8s.io/client- go@v0.18.0/tools/cache/controller.go:124 32 @ 0x4374a0 0x447663 0x1355d95 0x135561b 0x135ea23 0x1355d94 k8s.io/client- go/tools/cache.(*Reflector).watchHandler+0x1e4 k8s.io/client- go@v0.18.0/tools/cache/reflector.go:430 # 0x135561a k8s.io/client- go/tools/cache.(*Reflector).ListAndWatch+0xa1a k8s k8s.io/client- go@v0.18.0/tools/cache/reflector.go:393 # 0x135ea22 k8s.io/client- go/tools/cache.(*Reflector).Run.func1+0x32 k8s.io/client- go@v0.18.0/tools/cache/reflector.go:177 # 0x1226f5e k8s.io

Service Service Service Service Service Message Broker RPC RPC RPC Message Message Message Cache RDB NoSQL We need to manage multiple types of layer-7 traffic in a service mesh, not just HTTP ● RPC：HTTP, gRPC, Thrift, Dubbo, Proprietary RPC Protocol … ● Messaging: Kafka, RabbitMQ … ● Cache: Redis, Memcached ... ● Database: mySQL, PostgreSQL, MongoDB ... ● Other Layer-7 Protocols: ...

Welfare Administration 5,2 million nais.io github.com/nais CD CD metrics alerts deploy cache events logs secrets storage runtime app dev prod

ent。 Ø rpc框架查询bns-agent IP与治理策略数据。 Ø bns-agent判断否使用envoy进行服务治理。 Ø rpc框架根据反馈的IP，治理策略信息请求对 应IP，会cache数据，需要即时更新。 Ø envoy离线或者被干预则立即通知bns-agent， fallback会使用原有治理策略。 #IstioCon 架构介绍 Ø Mesh控制中心： ü 运维中心：基于Mesh的统一运维操作中心。

盘到对应的节点上; 15 创建私钥仓库登录Secret ● 获取私有仓库登录信息之后, 按照如下命令创建Secret ○ kubectl create secret generic asmwasm-cache -n istio-system --from- file=.dockerconfigjson=myconfig.json --type=kubernetes.io/dockerconfigjson

10.4.4.4 DNS queries to the system configured name servers. Envoy does not use the agent’s DNS cache. http req to 10.4.4.4 GET /status/200 httpbin.ns1.svc.cluster.local SVC IP: 10.4.4.4 http req

object. Future Works ● Migrating Egress TLS origination mechanism to using Egress Gateway, we block because we are using Istio 1.6 and Egress gateway not support adding certificate via SDS (Istio #14039)