l3af-project / l3af-arch Goto Github PK

Hi ,
please let me know how is ratelimiter and connection-limit binaries connected to l3af . i mean which file config is responsible for getting the binaries (o files) in the environment setup .

Thanks in advance.

Grafana Installation Failing In l3afd E2E workflow

The list of architecture type supported by golang is increasing, this is causing to fail in vagrant environment.

There are multiple golang arch types are supported in the list, it fails to select the correct type.
curl -s https://go.dev/dl/?mode=json|jq '.[0].files[].filename'|grep $os|grep $arch
"go1.21.0.linux-amd64.tar.gz"
"go1.21.0.linux-arm64.tar.gz"
"go1.21.0.linux-loong64.tar.gz"
"go1.21.0.linux-mips64.tar.gz"
"go1.21.0.linux-mips64le.tar.gz"
"go1.21.0.linux-ppc64.tar.gz"
"go1.21.0.linux-ppc64le.tar.gz"
"go1.21.0.linux-riscv64.tar.gz"

Need a fix - curl -s https://go.dev/dl/?mode=json|jq '.[0].files[].filename'|grep $os|grep $arch|egrep -v "arm|ppc"|tr -d '"'

Hi all,

please let me know if we can add tcplife (analyzing TCP connection behavior on Linux systems) as an eBPF program to the L3AF environment same as ratelimiting and connection-limit programs ?

Thanks.

As intellectual property, these files also require a license.

Please add one. Apache v2 can work, as can any of the Creative Commons licenses. CC is probably better as these are documents and diagrams.

Document product environment deployment and best practices similar to dev env.

Hi,
while trying to get the data of eBPF programs on grafana, it shows all empty graph.

please let me know for your suggestions. Thanks in advance.

The last blog entry is over a year old.
Should there be a newer entry created?

When l3afd is running on a non-loopback IP address, mTLS is enabled automatically even if setting it to false in the config file. This use case expects certs to be provided even for dev testing purposes.

is l3af support xdp/tc eBPF program only? only for network function?

Modify the development environment request payloads to enable the loading of BPF programs from L3AFD.

The default log path is set to /var/log/l3af from /var/log/tb/l3af

Grafana Installation Failed

What I did:

1. Edited config.yaml and copied everything from dev_environment into /vagrant
2. Ran commands in Vagrantfile
3. Ran commands in provision.sh
4. Ran commands in start_test_servers.sh
5. Noticed 2 servers started on port 8080 and port 8081
6. Ran hey -n 200 -c 20 http://localhost:18080 command
7. Received following error message:
   Error distribution:
   [200] Get "http://localhost:18080": dial tcp 127.0.0.1:18080: connect: connection refused

Issues:
Due to the above error message, where is the server 18080 coming from and how do I start it?

I saw that in config.yaml, there is a port 18080. Then, I saw that config.yaml is referenced in the Vagrantfile, where I found that the cfg variable, which is joined to config.yaml, is referenced in the following line of code:
config.vm.synced_folder cfg['host_l3afd_code_dir'], "/home/vagrant/code/l3afd"
The above directory does not exist because I am not using a Vagrant VM, I am using an Azure VM.
How should I proceed?

In the instruction "On the VM, go to ~/code/l3afd and run go install ." the ~/code/l3afd directory does not exist because I am using an Azure VM. Additionally, in the instruction "On the VM, go to ~/go/bin and run l3afd as root: sudo ./l3afd --config /vagrant/cfg/l3afd.cfg", the ~/go/bin directory also does not exist.

Enable l3afd to run in a container to support cloud-native environments. Setup dev env with container

While setting up a L3AFd dev environment from: https://github.com/l3af-project/l3af-arch/tree/main/dev_environment
Windows build 25102. On the third bullet under Trying out L3AF:

vagrant.exe up
A Vagrant environment or target machine is required to run this command. Run vagrant init to create a new Vagrant environment. Or get an ID of a target machine from vagrant global-status to run this command on. A final option is to change to a directory with a Vagrantfile and to try again.

Did I miss something? Where is the Vagrantfile that creates the VM for:

Ubuntu version check fails even with the correct version of ubuntu.
Here are the details:

./setup_linux_dev_env.sh

+ [[ 0 -ne 0 ]]
++ uname -v
++ cut -d. -f1
++ cut -d~ -f2
+ VER='#152-Ubuntu SMP Wed Nov 23 20:19:22 UTC 2022'
+ '[' '#152-Ubuntu SMP Wed Nov 23 20:19:22 UTC 2022' '!=' 20 ']'
+ echo 'The Ubuntu version #152-Ubuntu SMP Wed Nov 23 20:19:22 UTC 2022 is not supported by the script'
The Ubuntu version #152-Ubuntu SMP Wed Nov 23 20:19:22 UTC 2022 is not supported by the script
+ exit 1

My ubuntu details:

Distributor ID:	Ubuntu
Description:	Ubuntu 20.04.4 LTS
Release:	20.04
Codename:	focal

If this is a valid issue, I can submit a patch.
Thanks

Start by joining the community on Slack: l3afworkspace.slack.com

The above link has expired. I have attached the Screenshot of the error below for your quick reference.

Update l3afd.cfg ebpf-repo

[ebpf-repo]
url: file:///srv/l3afd

Remove the python web server running as ebpf-repo.

"KF" and "Kernel Function" appear multiple times on the page

L3af can be used on various development environments, where the hostname and interface may vary. However, the Payload.json file contains fixed values. To resolve this issue, we can generate dynamic payloads file while provisioning.

Duplicate of issue 336 from the l3afd repo.

So one can develop and test BPF programs for IPv6.

Investigate running eBPF programs inside a k8s POD

Installed the prereqs, but I get these errors:

> vagrant up
Bringing machine 'default' up with 'virtualbox' provider...
==> default: Importing base box 'ubuntu/focal64'...
==> default: Matching MAC address for NAT networking...
==> default: Checking if box 'ubuntu/focal64' version '20211026.0.0' is up to date...
==> default: Setting the name of the VM: dev_environment_default_1642787951925_14933
Vagrant is currently configured to create VirtualBox synced folders with
the `SharedFoldersEnableSymlinksCreate` option enabled. If the Vagrant
guest is not trusted, you may want to disable this option. For more
information on this option, please refer to the VirtualBox manual:

  https://www.virtualbox.org/manual/ch04.html#sharedfolders

This option can be disabled globally with an environment variable:

  VAGRANT_DISABLE_VBOXSYMLINKCREATE=1

or on a per folder basis within the Vagrantfile:

  config.vm.synced_folder '/host/path', '/guest/path', SharedFoldersEnableSymlinksCreate: false
==> default: Clearing any previously set network interfaces...
==> default: Preparing network interfaces based on configuration...
    default: Adapter 1: nat
==> default: Forwarding ports...
    default: 8080 (guest) => 18080 (host) (adapter 1)
    default: 8081 (guest) => 18081 (host) (adapter 1)
    default: 3000 (guest) => 33000 (host) (adapter 1)
    default: 9090 (guest) => 39090 (host) (adapter 1)
    default: 7080 (guest) => 37080 (host) (adapter 1)
    default: 8899 (guest) => 38899 (host) (adapter 1)
    default: 22 (guest) => 2222 (host) (adapter 1)
==> default: Running 'pre-boot' VM customizations...
==> default: Booting VM...
==> default: Waiting for machine to boot. This may take a few minutes...
    default: SSH address: 127.0.0.1:2222
    default: SSH username: vagrant
    default: SSH auth method: private key
Timed out while waiting for the machine to boot. This means that
Vagrant was unable to communicate with the guest machine within
the configured ("config.vm.boot_timeout" value) time period.

If you look above, you should be able to see the error(s) that
Vagrant had when attempting to connect to the machine. These errors
are usually good hints as to what may be wrong.

If you're using a custom box, make sure that networking is properly
working and you're able to connect to the machine. It is a common
problem that networking isn't setup properly in these boxes.
Verify that authentication configurations are also setup properly,
as well.

If the box appears to be booting properly, you may want to increase
the timeout ("config.vm.boot_timeout") value.

Running it again gives:

> vagrant up
Bringing machine 'default' up with 'virtualbox' provider...
==> default: Checking if box 'ubuntu/focal64' version '20211026.0.0' is up to date...
==> default: Running provisioner: shell...
An error occurred in the underlying SSH library that Vagrant uses.
The error message is shown below. In many cases, errors from this
library are caused by ssh-agent issues. Try disabling your SSH
agent or removing some keys and try again.

If the problem persists, please report a bug to the net-ssh project.

timeout during server version negotiating