Skip to content

@timbru timbru released this Nov 19, 2019 · 4 commits to master since this release

This release focused on remote publication.

You can now use Krill as an RFC 8181 compliant Repository Server. If you want to use it as a dedicated repository server only, you can simply do this by not configuring any CAs in that particular instance.

You can now also update your CAs to use a remote RFC8181 Repository Server. This is particularly useful if you want to outsource the responsibility of 24/7 availability of your RPKI repository to a third party.

We have also made some breaking changes to the API. So, you may have to look again at any automation you may have set previously up for release 0.2.0.

Updated documentation can be found on Read the Docs.

Two of the known issues listed under release 0.2.0 have been solved:

  • CAs now do full re-syncs when publishing (solves #116)
  • RIPE NCC RPKI Validator 3.1 now validates our objects (solves #115)

The next release of Krill is aimed for early December and will focus fully on stability, and the other known issues listed under release 0.2.0. But, note that there may still be small API changes in the coming release, as we are still optimizing things.

Assets 2

@timbru timbru released this Oct 18, 2019 · 60 commits to master since this release

This release focused on testing, and fixing, any issues found when running Krill under various parent CAs (Apnic, Lacnic and RIPE NCC). ROAs were tested using routinator, OctoRPKI, FORT, RIPE NCC RPKI Validator 2.x and 3.x.

Furthermore, the CLI got a big overhaul aimed at making it easier to use, especially for users who manage one CA only. You can now use ENV variables to set defaults for the Krill instance to connect to, the token, and which CA you want to operate on.

We also added the --api argument which will simply print out the API call that the CLI would have made, without executing it. We plan to add proper (OpenAPI) documentation for the API, but for the moment this can help to explore it.

Updated documentation can be found on Read the Docs.

Known issues:

  • Despite our best efforts RIPE NCC RPKI Validator 3.1 is the only remaining RP we tested, which
    does not seem to like our manifests. We will look into this again later. (#115)
  • There appears to be a race condition that can cause commands to be processed twice. (#64)
  • Showing the full history, or logging it in case of the above condition, uses too much memory. (#112)
  • The CA and publication server can be out of sync after a re-start. (#116)

Work for the next release has already started. Release 0.3 will focus on (remote) publication, and will also solve the out-of-sync issue.

Assets 2

@timbru timbru released this Sep 10, 2019 · 129 commits to master since this release

This is the first version of Krill that is released to the wild!

It features:

  • A CLI
  • An embedded TA (for testing)
  • Any number of CAs with either embedded or remote parents
  • Any number of delegated CAs
  • ROAs
  • Publishing locally only

If you want to have a taste of this, please give it a try! If you want to see what's coming up, have a look at the projects tab! Spoiler alert: a UI, remote publishing, and more stability.

Assets 2
You can’t perform that action at this time.