mitzen

We will lable our default namespace to turn on ambient support.  kubectl label ns default istio.io/dataplane-mode=ambient Next we will deploy our httpbin workload kubectl apply -f https://raw.githubusercontent.com/istio/istio/release-1.26/samples/httpbin/httpbin.yaml kubectl apply -f https://raw.githubusercontent.com/istio/istio/release-1.26/samples/curl/curl.yaml kubectl apply -f https://raw.githubusercontent.com/istio/istio/release-1.26/samples/httpbin/sample-client/fortio-deploy.yaml Deploying waypoint for default namespace istioctl waypoint apply -n default --enroll-namespace --wait And we will apply this to turn on telemetry and logging  apiVersion : telemetry.istio.io/v1 kind : Telemetry metadata :   name : enable-access-logging   namespace : default spec :   accessLogging :     - providers :       - name : envoy Next, lets verify the logs are coming through  kubectl logs --follow deploy/waypoint When we run the command below,...

First we create our namespace  kubectl create ns test  Next we will label it accordingly kubectl label namespace test istio.io/dataplane-mode=ambient --overwrite and then apply waypoint  istioctl waypoint apply --namespace test To view envoy dashboard for this  istioctl dash envoy deployment/waypoint.test

In this setup, I am installing istio ambient mode using windows docker with kind. The steps that I've used are as follows:-  kind create cluster --name my-cluster install kubectl gateway crds kubectl get crd gateways.gateway.networking.k8s.io &> /dev/null || \   kubectl apply --server-side -f https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.4.0/experimental-install.yaml export PATH= "$PATH:/home/nzai/istio-1.28.1/bin" istioctl install --set profile=ambient -y or if you prefer the helm approach This didn't really work for me. helm repo add istio https://istio-release.storage.googleapis.com/charts helm repo update helm install istio-base istio/base -n istio-system --create-namespace --wait helm install istio-cni istio/cni -n istio-system --set profile=ambient --wait helm install ztunnel istio/ztunnel -n istio-system --wait And then install the sample app from here https://istio.io/latest/docs/ambient/getting-started/deploy-sample-app/ from yo...

This is really a good site for istio learning resource  https://ambientmesh.io/docs/resilience/timeouts/

 Yep, i think i would go to that extend of saying it is an anti-pattern for organization who still enable it

 You can older doc of keycloak here https://www.keycloak.org/documentation-archive.html

Trying to test out microsoft kosmos 2.5 model with a smiple copy and paste code and running it on Google colab.  The docs given here (https://huggingface.co/microsoft/kosmos-2.5) works. :)  The notebook here https://colab.research.google.com/drive/1TmTygY_4MB5otLZI5UZcXN4N9PQW-JF-#scrollTo=gcbvTV5lv_EG And output from the notebook are shown here:-  

In this blog, we will be setting envoyfilter that uses lua to intercept and log payload,  Ground work We will be using httpbin that is shipped as part of istio samples for our sidecar setup.  kubectl apply -f gateway.yaml kubectl apply -f httpbin.yaml And then we can create our envoyfilter. This is what our envoyfilter looks like this. Points to note : we are enabling buffering. Without buffering, the lua won't log and there won't be any output in the istio-proxy container log.  Before apply the script below ensure you have set the logging level - otherwise you might not see the logs details. You need to configure the logging level with the following command:- istioctl proxy-config log httpbin-65bbd9c89d-n449w --level lua:info Next we will apply the following script apiVersion : networking.istio.io/v1alpha3 kind : EnvoyFilter metadata :   name : log-payload   namespace : default spec :   workloadSelector :     labels :       app : h...

Top 10 Continuous Delivery Anti-Patterns (2025) 1 “Pipeline Theater” Automated steps that  look  like CD but don’t enable safe, fast releases. — e.g., “We have a pipeline!” but: • Manual gate between every stage • Tests take 4+ hours • No rollback capability Creates false confidence . Teams think they’re doing CD while still blocked, slow, and high-risk. CD is about outcomes (lead time, reliability), not tooling. 2 Monorepo + Microservices = Mega-Pipeline One giant pipeline for 50+ services — changes to  service-a  trigger full rebuild of all. Wastes resources, causes queueing, discourages commits → kills trunk-based flow . Optimize for small batches & fast feedback. 3 GitOps ≠ CD Using Argo CD/Flux to sync  manifests  — but builds, tests, and approvals still happen outside the pipeline. e.g., “We GitOps!” but: • JAR built on dev laptop • No automated quality gates • Image tag = latest Confuses deployment sync with delivery . You’re doing continuous de...