11-04-2024 TSC Meeting Minutes

TSC Meeting Zoom link

Meeting Recording: 

Meeting Chat File: 

Attendees & Representation. Please add your name to the attendance table below.

LFN Staff: LJ Illuzzi

Agenda

• LF Antitrust Policy
• Meeting note taker
• Welcome new attendees
• Issue discussion/Dev updates
• R2.1 Roadmap discussion
  • https://github.com/l3af-project/l3af-arch/discussions/39#discussioncomment-7657406
  • What is the plan for L3AF on Windows now that Microsoft has taken a pause?
  • R2.1 Blog
• TSC membership discussion
• R2.1 Media/Marketing
• 2025 LFN Budget
• DockerHub
• K8s/Cilium Strategy
• L3AF overview summary for LFN year-end report
• Events
• New TSC Meeting day/time
• KubeArmor Collaboration
• AOB
• Out of Office
• Kubernetes / L3AF https://github.com/l3af-project/l3af-arch/issues/94
• General Topics (cover as needed)

• • Use Cases

  • Roadmap

  • Project structure

    • Governance

    • Technical Steering Committee

Minutes/Updates

PRs to be reviewed:

• • https://github.com/l3af-project/eBPF-Package-Repository/pull/97
  • https://github.com/l3af-project/l3afd/pull/492
• Release - https://github.com/orgs/l3af-project/projects/5
  • R2.1 Blog. Coordinate with any Walmart Global Tech blog. Jill Lovato, LFN Marketing will reach out.
• R2.1 Media/Marketing - Planning for a press release and blog. Is there a marketing team within Walmart we can work with?
  • 2.1 PR Draft
    • Can we add a few paragraphs on L3AF in Use at Walmart? How does it help run sales backend/global network infrastructure?
    • Developer quotes
  • Intro - background on L3AF and its journey today
  • High level info on the release, call out of what is significant and what the expected impact is
  • Developer quotes
  • Release highlights (bullets)
  • What's next
  • Call to action and where to go for more information
    • Seeking Windows expertise for next release
  • Blog -
    • How to setup l3afd in production with popular ebpf programs (graceful restart)
    • How to setup Observability usecase with L3AF
    • YouTube Videos - How to setup l3af
  • Timeline
    • 30 Oct 2024 community input complete
    • 31 Oct 2024 start Walmart approvals
    • TBD publish date. Tentative 3rd week Nov. Aligns with Kubecon media
• K8s/Cilium Adoption Strategy
  • Develop a strategy for L3AF adoption around K8s and Cilium. Karan?
  • Cilium Adoption
• L3AF overview summary for LFN year-end report. Complete review by early December 

  • • DRAFT FOR REVIEW: 

      In 2024, L3AF  made significant strides in enhancing eBPF (extended Berkeley Packet Filter) program management and networking capabilities, in addition to being promoted to an "Incubation" project within LF Networking, representing a growth in maturity. 

      L3AF in Action

      The L3AF platform provides full lifecycle management for running ebpf programs at several hook points to defend against DDoS attacks, it offers deep visibility into network infrastructure, which are usually hidden outside of the Linux kernel, and enables complex functions to be performed directly in the traffic flow within the technology stack of Walmart's retail and e-commerce platform.

      A notable milestone was the release of L3AF R2 in January, which introduced several key improvements, followed by the availability of L3AF 2.1 in the fourth quarter. Collective updates over both releases include:

      • Native eBPF Program Loading: L3AF now supports native loading and management of eBPF programs, eliminating the previous necessity for user-space programs to handle initial loading. This streamlines the deployment process and enhances efficiency.
      • Enhanced Chaining and Monitoring: The update improved eBPF program chaining across multiple network interfaces and introduced monitoring capabilities for eBPF program versions, providing greater flexibility and control over network configurations.
      • Open-Source Traffic Mirroring: An open-source traffic mirroring program was added, offering network administrators a powerful tool for monitoring and analyzing network traffic. 
      • L3AF 2.1 introduces Graceful Restart functionality, allowing seamless upgrades of the L3AF control plane without impacting any running eBPF programs in the data plane.
      • Container Support for l3afd: L3AF can now run within a container, equipped to operate in cloud native environments, improving orchestration and scalability for users leveraging Kubernetes and other cloud-native platforms.
      • BPF CO-RE in the eBPF Package Repository: L3AF 2.1 now supports BPF CO-RE, enabling portable BPF applications that run across different Linux kernels without modifications.
      • Support for KProbes and Tracepoints: Enhanced observability with support for kprobes and tracepoints, providing deeper kernel-level insights for better eBPF troubleshooting.
      • Dynamically add programs to new interfaces: L3AF 2.1 allows dynamic program attachment to new interfaces, benefiting complex network environments like multi-VM hypervisors.
      • Alternative traffic management options: L3AF now supports attaching eBPF programs to HTB qdisc hooks for refined traffic shaping and resource allocation.
      • Enhanced Logging and Storage for Easier Debugging: Improved logging with local filesystem storage simplifies debugging, accelerates issue resolution, and supports integration with centralized log analysis systems for better observability.
      • L3AF Goes to Dockerhub: L3AF is now available on Docker Hub, making deployment easier within containerized environments for streamlined DevOps integration.

      These advancements have solidified L3AF's role in simplifying and enhancing networking performance and security. The project's commitment to open-source collaboration continues to drive innovation in the networking landscape.

•  Events
  • Telco Day co-located with Kubecon. CFP is already open and closes on Dec 4.
  • https://events.linuxfoundation.org/kubecon-cloudnativecon-europe/co-located-events/cloud-native-telco-day/
  • From Ranny:

    • Please submit your proposed session and encourage colleagues and fellow community members to do the same. Any topic related to open networking is welcome, and may include:

      • War stories: Share your cloud native war stories – victories or challenges.
      • Dream big: Share your visions on the ongoing adoption of cloud-native in telecom.
      • Sustainability: Discuss ways to reduce the telecom industry’s environmental impact using cloud native tech.
      • Networking in and with Kubernetes: Networking is key for telecom. Share your best practices for making Kubernetes network native.
      • Integrate: Telecom involves many vendors. Share ideas to reduce integration costs and integration stories.
• Upcoming Out of Office
  • 9th Dec to 2nd Jan 2025 - Santhosh
  • 30th Dec to 2nd Jan 2025 - Pat
  • 11th Dec,18th Dec, 25th Dec and 1st Jan - Meeting Cancellation
• KubeArmor Collaboration
• Openssf silver F&Q continue in next meeting
• Openssf silver F&Q Accessibility is Met and updated.

Action Items

• Send an email to Lin Sun to connect on container strategy
• Windows expert resource in the community
• Design doc for K8s support

Future Agenda Items