Meeting Recording

Meeting Chat File

Attendees & Representation. Please add your name to the attendance table below.



Daniel HaveyMicrosoft
VM (Vicky) BrasseurWipro
Satya PradhanWalmart
Santhosh FernandesWalmart
Jason NieszWalmart
Balachandra KamatWipro
Dhivya RWalmart
Mike Dvorkin
Eric TiceWipro
Dave ThalerMicrosoft
Meni HillelWalmart

LF Staff: LJ Illuzzi



  • Karan sends regrets (family obligation)
  • Bring L3AF under the LF umbrella
    • Tech advisory council
    • Reached a point with L3AF - have governance, good tech feel for what we are doing
    • Ready for LFN induction
    • Final review of slides
    • Welcome to attend call for tech induction next week (see above for details)
    • Slide review:
      • Any last minute inputs?
      • This is to get us in as a sandbox project.
      • Next phase is incubation (about 1 year)
        • Adoption will help a lot
    • Logistics for TAC review meeting (see above) Mar 9th
      • Vote happens in real time after presentation
  • Santhosh: Secure API
    • Create and manage cert for L3afd API
    • Jason: Use case of why we want to do this
      • Lower latency of control signals going to L3AFd instances
    • Santhosh: Accessing L3AFd APIs from pubilc network
      • L3AFd will only monitor expiration of certs
        • log messages when the cert has expired every 30 days
      • L3AFd will not auto replace the certs, just generate warnings
        • user must get a new cert
      • expose some metrics
        • cert expiration status, etc
      • Token based auth
        • Client user name/pass to get auth token
        • Auth token used for API requests
    • Please review and submit comments
    • Jason: Merge sometime next week and start working on code?
    • Santhosh: Production will need enterprise certs
      • In private by default running on localhost
    • Bala: RBAC based access
    • Santhosh: yes, admins will have privs to change config, users will have view privileges only.
    • Jason: Agree.
    • Vicky: Add as a comment to the PR please.
      • Bala
    • L3AFd on Windows PR open for 2 months
      • Can someone test this and bring up the results so we can merge
      • Jason: This is critical for Windows. Breaking Linux specific sys calls
      • Key timeouts in Windows
      • Can merge with Dave's approval
    • Windows PR
      • Santhosh: Don't have setup on Windows to test this.
      • Dave: Tested that it builds, but don't have an XDP root program for testing
        • What are the licenses on XDP root for Windows?
          • Should I write my own or can I use the existing ones?
        • Preference would be to merge it
        • This is not the end of PRs on Windows
        • Does not break Linux
        • Changes mostly on compiler side
        • Jason: Linux side - good to merger
          • Windows side - could be bugs, but Windows is in dev so we will fix bugs as they show up.
        • Dave: Ran the GitHub tests on Windows
          • Checkout, Build, Go test.
          • Update file to say that it runs on Windows 2019
            • This is a minimal test.
          • Santhosh: Going to add some of the Go stuff
        • Dave: Go ahead and merge and add other stuff on other PRs?
        • Jason: Yes, better to have separate PRs.
      • Santhosh: Check licenses
        • Dave: XDP root - GPL licensed, can we change it to dual with MIT?
          • Should we have a different directiory with the same code that has an MIT or apache license?
        • Santhosh: No, I will dual license this code.
        • Dave: Same for any of the programs, TC, etc.
        • Dave: Okay to merge 13 as is.
          • Next step is CI/CD and dual license
          • Then we can have additional testing using XDP root
        • libbpf version is old
        • Dave: not a blocker. That API is supported on Windows.
      • Ayshri: Are there recordings of a session discussing overall arch and code? For our understanding.
        • Santhosh: has some trainings
          • To set up dev environment: L3AF - trying out L3AFd
          • Vicky: Every meeting recorded with notes publicly available
      • Dev setup timeout issue:
        • repos were private with ssh keys
          • Now they are public and it works without keys
          • Please verify and approve so we can merge
        • Dave: This problem dated from before repos went public
  • Dave: Cloud native eBPF day requests for speaking submitted?
    • Santhosh: yes, 2 were submitted.
    • Dave: 50% more submissions than last year

Action Items

Future Agenda Items