Skip to content

Latest commit

 

History

History
79 lines (64 loc) · 3.03 KB

README.md

File metadata and controls

79 lines (64 loc) · 3.03 KB

L3AFD: Lightweight eBPF Daemon

L3AF_Logo

CII Best Practices Go Report Card GoDoc Apache licensed L3AF Slack

L3AFD is a crucial part of the L3AF ecosystem. For more information on L3AF see https://l3af.io/

Overview

L3AFD is the primary component of the L3AF control plane. L3AFD is a daemon that orchestrates and manages multiple eBPF programs. L3AFD runs on each node where the user wishes to run eBPF programs. L3AFD reads configuration data and manages the execution and monitoring of eBPF programs running on the node.

L3AFD downloads pre-built eBPF programs from a user-configured repository. However, we envision the creation of a community-driven eBPF package marketplace where L3AF users can obtain a variety of eBPF programs developed by multiple sources.

L3AF Platform

Try it out

See our L3AF Development Environment for a quick and easy way to try out L3AF on your local machine.

Installing

Try a binary release.

Building

To build on your local machine, including swagger docs do the following.

For Linux:

make

For Windows:

cmake -B build
cmake --build build

Docker build

  • L3AFD binary & configuration that is required in the Docker image needs to be built locally and copied to build-docker directory
  • Execute below command to build the docker image
docker build -t l3afd:<version> -f Dockerfile .

Requirements to run L3AFD as a Container

  • BPF, debugfs & shared-memory filesystems mount points should be available in the container
  • L3AFD container needs privileged access as it needs to manage eBPF programs
  • eBPF programs should be attached to the host interface so that it will apply to all the containers in the host

In order to satisfy the above requirements L3afd docker container needs to be run using the below command

docker run -d -v /sys/fs/bpf:/sys/fs/bpf -v /sys/kernel/debug/:/sys/kernel/debug/ -v /dev/shm:/dev/shm --privileged --net=host l3afd:<version>

Testing

To test on your local machine, do the following.

For Linux:

go test ./...

For Windows:

go test -tags WINDOWS ./...

Generate Swagger Docs

See our Swaggo setup

Contributing

Contributing to L3afd is fun. To get started: