06-22-2022 TSC Meeting Minutes

TSC Meeting Zoom link

Meeting Recording

Meeting Chat File

Attendees & Representation. Please add your name to the attendance table below.

LF Staff: 

Agenda

• LF Antitrust Policy

• Meeting note taker

• Welcome to new attendees

• Roadmap proposal: https://github.com/l3af-project/l3af-arch/discussions/39

• General Topics (cover as needed)

  • Use Cases

  • Roadmap

  • Project structure

    • Governance

    • Technical Steering Committee

• PR discussion

  • Multiple repo support - https://github.com/l3af-project/l3afd/pull/69

  • Remove hardcoded paths - https://github.com/l3af-project/l3afd/pull/78

  • New API to add / remove programs / needs test - https://github.com/l3af-project/l3afd/pull/76/files

Minutes/Updates

• L3AF Roadmap discussion: Issue #39

  • Please review/comment

  • Will discuss next week.

• Repo support: Issue #69

  • In the repo guideline req:

    • Update docs and update tests

    • What test is being updated for this issue?

      • OSS Scorecard - we can use this for proof that we have testing

    • Atul to look into adding test

• Implemented map name without full path

  • Has hard coded path - needs to reference configs.

  • Is there a test required for this?

    • Yes, we have a test.

  • Any path that is pinned should not assume that the path starts with: /sys

  • In Windows a path is optional. It's in memory

    • You can't use filesystem commands

    • You have to use bpftool or netsh, etc.

• Granular APIs to add, delete ebpf programs on a node #57

  • Do this without posting the whole JSON file.

  • Missing a test.

• Chala

  • Linux team in MSFT 

    • More clear remote tests and tests for everything

• Guide to use L3AF in production environments

  •  Draft - Convert to mark down and make a PR

  • Prod best practices

    • mTLS, supported versions, no self-signing, no debug logs, 

    • Should we recommend 1.3 or later?

      • Yes, will change from 1.2

    • Never recommend a public repo

• Next week: discussions

  • Interaction between Kubernetes, docker and l3afd

  • Didn't support containerized environment right now

    • l3AFd runs in container and can attach to host interface

    • Chaining with Cilium has not been tested

    • A lot of dependency on the CNI

• Which clients can call the REST APIs?

  • implement a lib that can support multiple backends

    • One local, one using the cloud services

    • Have to have recommendations for production.

  • Local dB for dev environment

  • Cloud services fro prod using framework

• Deployment Guide

  • how to deploy on Ubuntu, Windows, Mariner

  • Recommend what CI/CD pipeline to use?

    • No, we should not get into that level of detail with implementation

• Ready to go reciepies?

  • If you want to deploy with Azure VMs do this. If you want to...

  • Yes, it should be easier to deploy.

• Governance:

  • PR to replace Kathy

  • Also need to replace Steve Laughlin

  • And need an alt for Vicky

    • This spot will remain unfilled for now.

• WalMart summit (internal)

  • L3AF project topics (next month

• Links:

  • https://whynowtech.substack.com/p/ebpf

  • https://lfnetworking.org/the-linux-foundations-open-networking-and-edge-one-summit-expands-programming-with-keynote-and-mini-summit-by-the-us-government-enabling-secure-open-and-programmable-5g-networks/

  • https://events.linuxfoundation.org/one-summit-north-america/

Action Items

Future Agenda Items