This talk will explore the mental leap from understanding basic Kubernetes abstractions, to understanding how Istio enhances or extends these abstractions with its own. When working with Istio, its sidecar model influences one’s mental model in subtle ways that become more overt over time. It takes two to tango, and Istio’s API are implemented across two interacting sidecars. You get a sense of what happens in “client side” sidecars (like routing decisions), or “server side” sidecars (like authorization policies), and all of a sudden the world starts to make sense. Istio Ambient mesh moves away from the sidecar model, and offers flexibility of when and where to place proxies, at the cost of having to make such decisions. While Istio Ambient Mesh supports the same Istio API primitives, when and where policies are implemented under the hood is completely different. The sidecar tango has evolved into the waypoint waltz, and suddenly your existing mental model gets turned upside down. There’s always an “aha” moment (or maybe even a mind-blowing experience) when a new mental model starts to make sense and everything is good again. We’d like to share our experience getting there with Istio Ambient Mesh, and put you on the path to achieving something similar!