such that prioritization of hostname matching is based on the creation time of hostnames used by Gateway resources instead of the creation time of the Gateway resources themselves. As it is unclear if using vanilla Kubernetes APIs alone, without some additional caching mechanism to track Gateway creation, it may be worthwhile to create an Istio Hostname resource that can be referenced by Gateways, which include something like Terraform to deploy a cluster with Callico CNI along with OPA or another dynamic admission controller that can show how Istio can integrate with something like OPA. 6https://istio

container is not ready? Stabilizing Istio ● 2 cases where it happens frequently: ○ During pod creation ○ During pod deletion ● To prevent it, we need to make sure that: 1. Envoy is started before applicable ○ Load testing application, load testing the sidecar -> seems the only way We just want a dynamic smart autoscaler for Istio sidecars! 60 Istio proxy performance and capacity Adopting Istio ●

Automation ● Automate the Istio setup during Kubernetes cluster creation ● Automated endpoint config creation on new micro-service creation or updation ● Templatise the Kubernetes deployment including

“orderValue”: “28.00” } Reference data Problem • Not all differences are errors Challenge • Assertion creation/maintenance is effort intensive Solution • Comprehensive comparison of results • ML-driven identification & Integration Testing Improve productivity of each of your developers 10x API test and mock creation speed | CONFIDENTIAL 20 DEMO | CONFIDENTIAL Download MeshD and use http://www.meshdynamics

#IstioCon Please Build System ● https://github.com/thought-machine/please ● Uses BUILD and allows for creation of miscellaneous rules Misc please rule for autogeneration K8s Greeter service example #IstioCon

protocols other than just HTTP and gRPC. You can think of Aeraki as the “Controller" to automate the creation of envoy configuration for layer-7 protocols #IstioCon Aeraki: Manage any layer-7 traffic in an