What would you like to be added:
Support label or annotate the pod to indicate that Kmesh is in charge of traffic management.

Why is this needed:
Kmesh supports collaborating with existing mesh data plane. Consider the following scenario: a namespace has already been injected with a sidecar, and then the Kmesh data plane is injected into this namespace.

According to the design, existing pods in the namespace will continue to have their traffic governed by the sidecar. However, the traffic of new pods created in the namespace will be taken over by Kmesh, although a new pod will still have a sidecar created, as shown in the diagram.

In this situation, there needs to be a method to inform the operations team which pods' traffic is being managed by Kmesh; otherwise, confusion may arise.

@YaoZengzeng What's the behavior of ambient vs sidecar?

Please ref: https://istio.io/latest/docs/ops/ambient/usage/ztunnel/

Of course it's not recommanded to have a ns or a pod both labeled with ambient and sidecar, but if it happend, always sidecar first, sidecar always should be in charge of traffic, according to reference above.

So it should be same for kmesh.

However, the traffic of new pods created in the namespace will be taken over by Kmesh, although a new pod will still have a sidecar created, as shown in the diagram.

So we should create sidecar and let sidecar manage the traffic in this situation @hzxuzhonghu @nlgwcy WDYT?.

Agree with that sidecar takes precedence.

1. sidecar takes precedence: For a namespace, if sidecar is already enabled, even if Kmesh is also enabled in that namespace, traffic will still be handled by the sidecar.
2. Adding Kmesh label to Pod: After enabling Kmesh for a namespace, newly created Pod traffic will be taken over by Kmesh, while existing Pod traffic will not be taken over by Kmesh. For Pods taken over by Kmesh, they need to be labeled to explicitly indicate the state of traffic takeover, facilitating operations and maintenance.
   @bitcoffeeiux