Releases: gravitl/netmaker
Releases · gravitl/netmaker
v0.18.2
Netmaker v0.18.2
Do not attempt upgrade from 0.17.x quite yet
whats new
- Enrollment Keys, give the ability for an admin to enroll clients into multiple networks, can be unlimited, time, or usage based
- EMQX broker support and better MQTT support in general
- Now you must specify BROKER_ENDPOINT
- Also specify SERVER_BROKER_ENDPOINT, if not provided server will connect to broker over BROKER_ENDPOINT
- Thsi gives ability for user to specify any broker endpoint and use any protocal on clients desired, such as,
mqtts://mybroker.com:8083
(we will still default to wss)
whats fixed
- Fixed default ACL behavior, should work as expected
- Peer calculations enhancement
- main routines share a context and docker stop/ctrl+c give expected results now
- Github workflow edits
- Removed Deprecated Local Network Range from client + server
known issues
- EnrollmentKeys may not function as intended in an HA setup
- If a host does not receive a message to delete a node, it could become orphaned and un-deletable
- Network interface routes may be removed after sometime/unintended network update
- Upgrade script does not handle clients
- Caddy does not handle netmaker exporter well for EE
- Incorrect latency on metrics (EE)
- Swagger docs not up to date
v0.18.1
ATTENTION: Do not attempt to upgrade to 0.18.1. This is for testing purposes only, and will remain in pre-release. Upgrading from a prior version will not succeed. You are welcome to try a fresh install of 0.18.1 for testing purposes, but do not run in production.
What's New
- New Topics in broker for DNS updates
What's Fixed
- Updates to nm-interactive
- Fix to host update endpoint
- Update workflows
- Fixed issue with deleting nodes from default hosts and deleting nodes in general
- nmctl issues around host updates resolved
- pull fixed on netclient
- removed a duplicate peer update
- ext clients have better routing
- ext clients receive egress ranges again
- updates to zombie processing
- logs cleanup
- fixed issue setting correct port for ext clients
- continued work on upgrade script for 0.17 -> 0.18
- more efficient client DNS updates
Known Bugs
- Issues connecting to multiple netmaker servers
- Peer updates sometimes cause disruption in connection
- can not refresh public keys
- can not use 0.0.0.0 egress
- ext clients can not reach an egress range through a relay
- keepalives do not update
- changing mtu has no effect on windows
- peers are not cleared on leaving of last network
v0.18.0
ATTENTION: Do not attempt to upgrade to 0.18.0. This is for testing purposes only, and will remain in pre-release. Upgrading from a prior version will not succeed. You are welcome to try a fresh install of 0.18.0 for testing purposes, but do not run in production.
What's New
- All New Netclient
- https://github.com/gravitl/netclient
- Apache 2.0 License
- Proxy for STUN behind NAT
- Operates on a single network interface
- New GUI
- Automatic client upgrades
- clients will now track server version
- All New Hosts Functionality
- Hosts represent machines
- Nodes represent machines on networks
- 1 Host --> Many Nodes
- Hosts can be added to networks via UI
- Hosts can be made "Default Hosts"
- Automatically added to any network
- Relay functionality moved to host level
- Removed Server Node
- "Default Host" replaces Server Node functionality
- Server no longer requires root, wireguard, or special networking permissions
- STUN server on Netmaker
- Ingress and Egress routing now operate without system commands
- Postup/Postdown removed
- Simplified Message Queue
- Removed "Point to Site"
- Health Check endpoint added to server
- Windows installer improved (does not require uninstall)
What's Fixed
- Database Synchronization
- Node expiration works again (set expiration, node deletes)
Known Bugs
- Upgrading to 0.18.0 WILL NOT WORK. Do not attempt it
- If a host becomes a zombie, you cannot delete it
- Local network does not work, will be depricated
- Interface IP disappears sometimes
- Only iptables nodes will work as ingress/egress
- Can't ping ext clients on one Ingress from an ext client on another ingress
- Failover (EE) does not work
- Internet gateway will not work
- GUI doesn't work on linux
- Only AMD architecture is available for FreeBSD
- netclient MSI/exe (Windows) does not default to run as administrator
v0.17.1
Important Note: Upgrade instructions for 0.16.1 --> 0.16.3 and for 0.16.3 -- 0.17.1, can be found here: https://docs.netmaker.org/upgrades.html#upgrade-the-server-after-v0-16-1
Community
What's New
- Just one big item: beta version of
nmctl- a CLI tool for Netmaker servers!! Check it out in the release assets below! (Only available for linux-amd64 for now)
What's Fixed
- A lot of code cleanup
- QoL enhancements around different pointers in the code base
- peers are sent more uniformly every update, which should help with netclient caching
- validation for ext-client and node names
- CORS allowed origin issue with default reverse proxy
- A longer netclient daemon startup, which should help netclient not start before DNS services are online in some cases
- an admin can no longer make another admin, a non-admin (but they can delete them still)
- netclients now collect local interfaces and you can select which one to use for your local address via the Admin Dashboard/UI
- removed two unused api endpoints
Known Issues
- unable to ping ext clients from windows
- if node is disconnected via cli and then reconnected via netmaker UI -- peers may take some time to be populated
- IPv6 node public endpoints are not supported
- some users have experienced interrupted connections/packet loss, we are monitoring the situation, but can not replicate currently
EE
What's New
- no additions
What's Fixed
- bug where admin users would change their password in ee and it would make them a non-admin, as a result admins can no longer make other admins non-admins (have to delete them instead)
v0.17.0
Important Note: Upgrade instructions: https://docs.netmaker.org/upgrades.html#upgrade-the-server-after-v0-16-1
Important Note 2: As a result of the switch to Websockets, from mqtt, if you want to stay with traefik as your reverse-proxy of choice, please refer to https://github.com/gravitl/netmaker/blob/5384ff14e2317360fa38ee63cef5ba0809b1f85f/compose/docker-compose.reference.yml and update your compose accordingly!
Community
What's New
- MQ Broker connections are now established via Websockets rather than the MQTT protocol
- Default to Caddy for reverse proxy
- new interactive install script which supports EE installs
- Additional log message if Netmaker fails to connect to DB (thanks @yunginnanet)
What's Fixed
- multiarch release for Netclient docker
- added Netclient support for Mips (thanks @shan100github)
- IPV6 Addressing issue
Known Issues
- unable to ping ext clients from windows
- if node is disconnected via cli and then reconnected via netmaker UI -- peers may take some time to be populated
- IPv6 node public endpoints are not supported
EE
What's New
- no additions
What's Fixed
- moved some controller files into the ee directory in anticipation of license change
Contributors
shan100github and yunginnanet
Assets 33
v0.16.3
Important Note: Upgrading to 0.16.3 from a release prior to 0.16.1 requires special upgrade instructions.
See here: https://gist.github.com/abhishek9686/287563a848932f59768989f054025b37
Updating from 0.16.1 only requires updating netmaker/netmaker-ui image tags in your docker-compose and installing updated binaries on your clients
Community
What's New
- Everything from v0.16.2 (did not make it out of pre-release)
- Windows GUI search bar (thanks @t4ke0
- better synchronization between broker + netmaker for MQ admin passwords
- support for OpenWrt-mips arch
What's Fixed
- postup command fix
- default postgres username now matches docs
- bug around non-admin user's fetching network data
- bug where making a user an admin would not actually make them an admin
Known Issues
- unable to ping ext clients from windows
- if node is disconnected via cli and then reconnected via netmaker UI -- peers may take some time to be populated
EE
What's New
- no notable EE changes
What's Fixed
Version 0.16.2
Important Note: Upgrading to 0.16.2 from a release prior to 0.16.1 requires special upgrade instructions.
See here: https://gist.github.com/abhishek9686/287563a848932f59768989f054025b37
Updating from 0.16.1 only requires updating netmaker/netmaker-ui image tags in your docker-compose and installing updated binaries on your clients
Community
What's New
- Windows GUI connection button (thanks @BracemAbroug @Noexperience-Team)
- Zombie Processing re-enabled
- Mac Client refactor
- Turris OS support (thanks @Xeevis)
What's Fixed
- arm7 images
- windows connection issue
Know Issues
- unable to ping ext clients from windows
- if node is disconnected via cli and then reconnected via netmaker UI -- peers may take some time to be populated
EE
What's New
- Ext client metrics
What's Fixed
- failover deletion
Version 0.16.1
Important Note: Upgrading to 0.16.1 requires special upgrade instructions. See here: https://gist.github.com/abhishek9686/287563a848932f59768989f054025b37
You can also use the automated script here to update your server from 0.16.0 to 0.16.1: https://gist.github.com/abhishek9686/191eaf31c634b00bcc0e9da5dc8e8c5e
Community
What's New
- Dynamic Security Model for MQ: We moved from a certificate-based to a password-based model which is more reliable. In previous versions, users reported connectivity issues with MQ due to certificates. The new model should resolve these issues, however, it requires some changes to setup. See upgrade steps.
What's Fixed
- network jitter due to "local port" frequent updates
- Disabled ipv6 gateways on server to prevent issues with docker
- Fixed relayed egress gateways
- Fixed iptables for server which is both ingress and egress
- Peer check for disconnected nodes
Known Issues
- Userspace docker netclient doesn't work
- Zombie cleanup still disabled
- IsEE does not get updated when downgrading from EE to non-EE
New Contributors
@naofel1 made their first contribution! They fixed an issue with the netclient daemonset for Kubernetes.
EE
What's New
- Automatic Failover Nodes: New Feature which allows you to set nodes as "failover nodes." These nodes will automatically relay connections between any 2 machines where a p2p connection cannot be established (takes about 2 minutes before it takes effect).
- Metrics now send every minute
What's Fixed
Known Issues
Full Changelog: v0.16.0...v0.16.1
Contributors
naofel1
Assets 25
v0.16.0
Community
What's New
- View server logs via UI
- Default Node-level ACL; enables 2 use cases:
- 1. Allows you to create a network where one or more nodes are unreachable by default
- 2. Allows you to create a network where only X number of nodes are reachable / added to peers lists - User Join: You can now join a network with username/password (rather than token) or SSO sign-in (if OAuth configured). Example:
netclient join -n mynet -s api.mynetmaker.com -u myuser[Basic Auth] ornetclient join -n mynet -s api.mynetmaker.com[SSO]
What's Fixed
- Several issues with internet gateways resolved
Known Issues
- Server can get into a state where dynamic port is turned on, which will break the network
- Observed postup/postdown not getting set on the server in some edge cases
- If node fails to join via login:
- extra access key created, valid for one use
- a zombie node ID, not visible in UI
New Contributors
@Agraphie made their first contribution! They fixed a bug where PostUp was being set instead of PostDown, good catch!
EE
What's New
- EE is new. EE did not exist before this release.
- Metrics: Nodes collect metrics and display in the UI. Metrics include latency, transfer, and connectivity status. Note: Needs ICMP to work
- Prometheus Exporter + Grafana: Metrics can optionally be exported via a new Prometheus Exporter to a custom Grafana dashboard
- Users: Users can now be created with multiple "access levels:"
0: Network Admin - Works like current network admin
1: Node Access - User is allowed to create and view nodes (up to their limit)
2: Remote Access (ext clients) - User is allowed to create and view ext clients (up to their limit)
3: No Access - User cannot access the network- When users login, views will be filtered based on their access level
- Default access levels can be set per network, and adjusted per user
- Default Node/Ext Client limits can be set per network, and adjusted per user
- Groups: Groups can now be created and managed to grant network access
Full Changelog: v0.15.2...v0.16.0
Contributors
Agraphie
Assets 25
v0.15.2
What's New
- Updated swagger docs to add more detail to operations.
- Improved IPv6 Internet Gateways.
- Network CIDRs are normalized on network and gateway creation.
What's Fixed
- Client connect/disconnect is now working.
- Fixed panic while running commands on machines without wg-quick.
- Fixed problem when local address resolves to IPv6 address.
Known Issues
- Docker userspace netclient is not available.
- Delay before nodes will reconnect after the creation of an Internet gateway.
Full Changelog: v0.15.1...v0.15.2