Skip to content

Deprecate and remove the L7FlowExporter feature #7542

New issue
New issue
Open
Open
Deprecate and remove the L7FlowExporter feature#7542
Assignees
antoninbas
Labels
kind/designCategorizes issue or PR as related to design.
@antoninbas

Description

@antoninbas
antoninbas
opened on Nov 5, 2025

Describe what you are trying to solve
The L7FlowExporter feature was introduced more than 2 years ago in #5218. It extends the FlowExporter feature and add L7 flow information (L7 protocol name, protocol metadata) to the flow records exported by the Agent's FlowExporter and by the FlowAggregator.
Since the feature was introduced, it has not been enhanced in any way:

  • it still only supports HTTP (and as far as I know, only HTTP 1.x)
  • it has limited test coverage, even though I have to admit the one e2e test we have (TestFlowAggregator/L7FlowExporterController) as been surprisingly stable, with not a single flake in the last 90 days

AFAIK, the feature is not actively used by anyone. One issue has been reported (by us), and automatically closed as it became stale: #6902

My concerns are as follows:

  1. The feature is too limited in scope to be useful
  2. The addition of this feature may have been rushed, with not enough design investigations
  3. The implementation of the feature is quite complex for a visibility feature: traffic has to be mirrored to Suricata
  4. Not enough test coverage
  5. It makes it difficult for us to improve the FlowExporter feature as we have to take into account the existing L7FlowExporter code (e.g., Multi flow exporter targets #7444). Any significant change we make is likely to "break" the L7FlowExporter feature (assuming it's not already broken), given the limited test coverage. We are planning to graduate the FlowExporter feature to Beta soon.

Describe the solution you have in mind
I would like to officially deprecate the L7FlowExporter feature. As it is an Alpha feature with very low usage (if any), I think it would be reasonable to remove the implementation in the next minor release. We can preserve the Feature Gate for now and log an error if it is enabled.

Describe how your solution impacts user flows
Users will no longer be able to use the L7FlowExporter feature. Enabling the FeatureGate in the Agent configuration will cause an error to be logged. Using annotation "visibility.antrea.io/l7-export" will have no effect.

Metadata

Metadata

Assignees

Labels

kind/designCategorizes issue or PR as related to design.

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions