The multi-list watcher implementation which is used in pilot and prometheus has proven to be somewhat fragile when used in large scale meshes (e.g. 100s of namespaces).  Investigate ways in which cluster scoped privileges might be used by the various components, while maintaining security (i.e. allowing regular users to instantiate a mesh, while not leaking elevated permissions through service accounts managed by the operator).  Also investigate how cluster a cluster scoped installation might be supported (i.e. one mesh for the entire cluster).  If necessary, this issue can be split into subtasks.

Acceptance Criteria:

• Produce a design for supporting multi-tenant installs which do not require the use of multi-list watcher
• Produce a design for supporting a cluster scoped installation (i.e. a singleton)
• (Optional) Specify a migration path for existing users.

Time box: 5 days