Releases: gravitl/netmaker
v0.18.7
Netmaker v0.18.7
whats new
- internet gateways (0.0.0.0/0) for egress
- deprecated editing of network parameters
- allow extra ips for extclient (not enabled in UI)
whats fixed
- nm-quick - determine lastest version from releases
- wireguard public/private key rotation
- ee-license checks
known issues
- Caddy does not handle netmaker exporter well for EE
- Migration causes a listen port of 0 for some upgraded hosts
- Docker clients can not re-join after deletion
- Innacurate Ext Client Metrics
- Issue with Mac + IPv6 addressing
- Nodes on same local network may not always connect
- List populates egress ranges twice
- If you do NOT set STUN_LIST on server, it could lead to strange behavior on client
v0.18.6
Netmaker v0.18.6
Limitations
-
Egress to 0.0.0.0/0 (internet gateways) is currently disabled. Will be re-implemented in a near-future release. If you use or need internet gateways, either stay with 0.17.1, or use the following list of ranges in place of 0.0.0.0/0:
0.0.0.0/5,8.0.0.0/7,11.0.0.0/8,12.0.0.0/6,16.0.0.0/4,32.0.0.0/3,64.0.0.0/2,128.0.0.0/3,160.0.0.0/5,168.0.0.0/6,172.0.0.0/12,172.32.0.0/11,172.64.0.0/10,172.128.0.0/9,173.0.0.0/8,174.0.0.0/7,176.0.0.0/4,192.0.0.0/9,192.128.0.0/11,192.160.0.0/13,192.169.0.0/16,192.170.0.0/15,192.172.0.0/14,192.176.0.0/12,192.192.0.0/10,193.0.0.0/8,194.0.0.0/7,196.0.0.0/6,200.0.0.0/5,208.0.0.0/4
-
EE should still be considered pre-release, and we do not recommend upgrading yet.
Follow Upgrade Instructions Carefully - You must upgrade server before netclients
- You must be on v0.17.1 in order to upgrade
- SSH to your Netmaker server
- Run the upgrade script:
wget https://raw.githubusercontent.com/gravitl/netmaker/release_v0.18.5/scripts/nm-upgrade.sh && chmod +x nm-upgrade.sh && ./nm-upgrade.sh
- Follow prompts until the upgrade process on the server is completed.
- Upgrade all netclients using whichever method you prefer. Either download the netclient from the release page or follow the upgrade instructions for your operating system (e.x. "apt-get install netclient")
whats new
- no new features
whats fixed
- a few ext client/ingress issues
- viewing addresses (UI)
- when deleting an ingress gateway, ext clients are now removed from peers immediately
- ext client peers should be populated immediately after creation
- ext clients no longer reset public key when disabled/enabled
- can delete an ingress without clients
- removed unnecessary host update
- host nat type is now collected from clients
- fix peer update issue where caclulation was happening to frequently
- nm-quick && nm-upgrade
- EMQX image change && api routes
known issues
- Caddy does not handle netmaker exporter well for EE
- Migration causes a listen port of 0 for some upgraded hosts
- Docker clients can not re-join after deletion
- Innacurate Ext Client Metrics
- Issue with Mac + IPv6 addressing
- Nodes on same local network may not always connect
- List populates egress ranges twice
- If you do NOT set STUN_LIST on server, it could lead to strange behavior on client
- No internet gateways/default routes
v0.18.5
Netmaker v0.18.5
Limitations
-
Egress to 0.0.0.0/0 (internet gateways) is currently disabled. Will be re-implemented in a near-future release. If you use or need internet gateways, either stay with 0.17.1, or use the following list of ranges in place of 0.0.0.0/0:
0.0.0.0/5,8.0.0.0/7,11.0.0.0/8,12.0.0.0/6,16.0.0.0/4,32.0.0.0/3,64.0.0.0/2,128.0.0.0/3,160.0.0.0/5,168.0.0.0/6,172.0.0.0/12,172.32.0.0/11,172.64.0.0/10,172.128.0.0/9,173.0.0.0/8,174.0.0.0/7,176.0.0.0/4,192.0.0.0/9,192.128.0.0/11,192.160.0.0/13,192.169.0.0/16,192.170.0.0/15,192.172.0.0/14,192.176.0.0/12,192.192.0.0/10,193.0.0.0/8,194.0.0.0/7,196.0.0.0/6,200.0.0.0/5,208.0.0.0/4
-
EE should still be considered pre-release, and we do not recommend upgrading yet.
Follow Upgrade Instructions Carefully - You must upgrade server before netclients
- You must be on v0.17.1 in order to upgrade
- SSH to your Netmaker server
- Run the upgrade script:
wget https://raw.githubusercontent.com/gravitl/netmaker/release_v0.18.5/scripts/nm-upgrade.sh && chmod +x nm-upgrade.sh && ./nm-upgrade.sh
- Follow prompts until the upgrade process on the server is completed.
- Upgrade all netclients using whichever method you prefer. Either download the netclient from the release page or follow the upgrade instructions for your operating system (e.x. "apt-get install netclient")
What's New
- Logic for ext client ACLs (not really usable until new UI is finished)
- Default proxy mode, enables users to determine if all Hosts should have proxy enabled/disabled/auto by default
- specify with DEFAULT_PROXY_MODE="on/off/auto"
What's Fixed
- Proxy Peer calculation improvements
- DNS is populated correctly after registration by enrollment key
- Migrate is functional for Windows/Mac note Ports may be set to 0 after an upgrade, can be adjusted via UI to fix
- Interface data is sent on netclient register
- Upgrade script
- Latency issue with Node <-> Node Metrics
- Ports set from server for Hosts on register/join are actually used
Known Issues
- Caddy does not handle netmaker exporter well for EE
- Migration causes a listen port of 0 for upgraded hosts
- Docker clients can not re-join after deletion
- Innacurate Ext Client Metrics
- Issue with Mac + IPv6 addressing
- Nodes on same local network may not always connect
- List populates egress ranges twice
- If you do NOT set STUN_LIST on server, it could lead to strange behavior on client
v0.18.4
Netmaker v0.18.4
Wait till out of pre-release to fully upgrade
whats new
- Logic for ext client ACLs (not really usable until new UI is finished)
- Default proxy mode, enables users to determine if all Hosts should have proxy enabled/disabled/auto by default
- specify with DEFAULT_PROXY_MODE="on/off/auto"
whats fixed
- Proxy Peer calculation improvements
- DNS is populated correctly after registration by enrollment key
- Migrate is functional for Windows/Mac note Ports may be set to 0 after an upgrade, can be adjusted via UI to fix
- Interface data is sent on netclient register
- Upgrade script
- Latency issue with Node <-> Node Metrics
- Ports set from server for Hosts on register/join are actually used
known issues
- Caddy does not handle netmaker exporter well for EE
- Migration causes a listen port of 0 for upgraded hosts
- Docker clients can not re-join after deletion
- Innacurate Ext Client Metrics
- Issue with Mac + IPv6 addressing
- Nodes on same local network may not always connect
- List populates egress ranges twice
- If you do NOT set STUN_LIST on server, it could lead to strange behavior on client
v0.18.3
Netmaker v0.18.3
Wait till out of pre-release to fully upgrade
whats new
- Forced node deletions, if a host doesn't not receive message to delete a node, you can forcefully remove it by deleting it twice from UI/CLI
- Allows user to remove orpahned Nodes + Hosts easier
- EMQX ACLs, if using EMQX as broker, ACLs per host will be created, enhancing security around messages
- You can now create ext clients with your own public key, but this feature will not be represented on current UI (new UI on the horizon)
- STUN is now represented as a list including your NM server + 2 we are hosting + 2 of googles (clients will only use 2) for better NAT detection
- you specify which STUN servers to use with STUN_LIST env variable
whats fixed
- More Peer calculation improvements
- JSON output on list commands for
nmctl
- Upgrade script
- Ports set from server for Hosts on register/join are actually used
- CLients
- More efficient Windows daemon handling
- Better peer route setting on clients
- Some commands involving the message queue on client have been fixed
- NFTables masquerading issue
- Some logging has been adjusted
- Migrations on Linux work for 0.17.x - 0.18.3
- EnrollmentKEys in an HA setup should function fine now
- Registration by enrollment key on client GUI
known issues
- Network interface routes may be removed after sometime/unintended network update
- Caddy does not handle netmaker exporter well for EE
- Incorrect latency on metrics (EE)
- Swagger docs not up to date
- Lengthy delay when you create an ext client
- issues connecting over IPv6 on Macs
- Nodes on same local network may not always connect
- Netclient GUI shows egress range(s) twice
- DNS entries are not sent after registration with EnrollmentKeys
- If you do NOT set STUN_LIST on server, it could lead to strange behavior on client
v0.18.2
Netmaker v0.18.2
Do not attempt upgrade from 0.17.x quite yet
whats new
- Enrollment Keys, give the ability for an admin to enroll clients into multiple networks, can be unlimited, time, or usage based
- EMQX broker support and better MQTT support in general
- Now you must specify BROKER_ENDPOINT
- Also specify SERVER_BROKER_ENDPOINT, if not provided server will connect to broker over BROKER_ENDPOINT
- Thsi gives ability for user to specify any broker endpoint and use any protocal on clients desired, such as,
mqtts://mybroker.com:8083
(we will still default to wss)
whats fixed
- Fixed default ACL behavior, should work as expected
- Peer calculations enhancement
- main routines share a context and docker stop/ctrl+c give expected results now
- Github workflow edits
- Removed Deprecated Local Network Range from client + server
known issues
- EnrollmentKeys may not function as intended in an HA setup
- If a host does not receive a message to delete a node, it could become orphaned and un-deletable
- Network interface routes may be removed after sometime/unintended network update
- Upgrade script does not handle clients
- Caddy does not handle netmaker exporter well for EE
- Incorrect latency on metrics (EE)
- Swagger docs not up to date
v0.18.1
ATTENTION: Do not attempt to upgrade to 0.18.1. This is for testing purposes only, and will remain in pre-release. Upgrading from a prior version will not succeed. You are welcome to try a fresh install of 0.18.1 for testing purposes, but do not run in production.
What's New
- New Topics in broker for DNS updates
What's Fixed
- Updates to nm-interactive
- Fix to host update endpoint
- Update workflows
- Fixed issue with deleting nodes from default hosts and deleting nodes in general
- nmctl issues around host updates resolved
- pull fixed on netclient
- removed a duplicate peer update
- ext clients have better routing
- ext clients receive egress ranges again
- updates to zombie processing
- logs cleanup
- fixed issue setting correct port for ext clients
- continued work on upgrade script for 0.17 -> 0.18
- more efficient client DNS updates
Known Bugs
- Issues connecting to multiple netmaker servers
- Peer updates sometimes cause disruption in connection
- can not refresh public keys
- can not use 0.0.0.0 egress
- ext clients can not reach an egress range through a relay
- keepalives do not update
- changing mtu has no effect on windows
- peers are not cleared on leaving of last network
v0.18.0
ATTENTION: Do not attempt to upgrade to 0.18.0. This is for testing purposes only, and will remain in pre-release. Upgrading from a prior version will not succeed. You are welcome to try a fresh install of 0.18.0 for testing purposes, but do not run in production.
What's New
- All New Netclient
- https://github.com/gravitl/netclient
- Apache 2.0 License
- Proxy for STUN behind NAT
- Operates on a single network interface
- New GUI
- Automatic client upgrades
- clients will now track server version
- All New Hosts Functionality
- Hosts represent machines
- Nodes represent machines on networks
- 1 Host --> Many Nodes
- Hosts can be added to networks via UI
- Hosts can be made "Default Hosts"
- Automatically added to any network
- Relay functionality moved to host level
- Removed Server Node
- "Default Host" replaces Server Node functionality
- Server no longer requires root, wireguard, or special networking permissions
- STUN server on Netmaker
- Ingress and Egress routing now operate without system commands
- Postup/Postdown removed
- Simplified Message Queue
- Removed "Point to Site"
- Health Check endpoint added to server
- Windows installer improved (does not require uninstall)
What's Fixed
- Database Synchronization
- Node expiration works again (set expiration, node deletes)
Known Bugs
- Upgrading to 0.18.0 WILL NOT WORK. Do not attempt it
- If a host becomes a zombie, you cannot delete it
- Local network does not work, will be depricated
- Interface IP disappears sometimes
- Only iptables nodes will work as ingress/egress
- Can't ping ext clients on one Ingress from an ext client on another ingress
- Failover (EE) does not work
- Internet gateway will not work
- GUI doesn't work on linux
- Only AMD architecture is available for FreeBSD
- netclient MSI/exe (Windows) does not default to run as administrator
v0.17.1
Important Note: Upgrade instructions for 0.16.1 --> 0.16.3 and for 0.16.3 -- 0.17.1, can be found here: https://docs.netmaker.org/upgrades.html#upgrade-the-server-after-v0-16-1
Community
What's New
- Just one big item: beta version of
nmctl
- a CLI tool for Netmaker servers!! Check it out in the release assets below! (Only available for linux-amd64 for now)
What's Fixed
- A lot of code cleanup
- QoL enhancements around different pointers in the code base
- peers are sent more uniformly every update, which should help with netclient caching
- validation for ext-client and node names
- CORS allowed origin issue with default reverse proxy
- A longer netclient daemon startup, which should help netclient not start before DNS services are online in some cases
- an admin can no longer make another admin, a non-admin (but they can delete them still)
- netclients now collect local interfaces and you can select which one to use for your local address via the Admin Dashboard/UI
- removed two unused api endpoints
Known Issues
- unable to ping ext clients from windows
- if node is disconnected via cli and then reconnected via netmaker UI -- peers may take some time to be populated
- IPv6 node public endpoints are not supported
- some users have experienced interrupted connections/packet loss, we are monitoring the situation, but can not replicate currently
EE
What's New
- no additions
What's Fixed
- bug where admin users would change their password in ee and it would make them a non-admin, as a result admins can no longer make other admins non-admins (have to delete them instead)
v0.17.0
Important Note: Upgrade instructions: https://docs.netmaker.org/upgrades.html#upgrade-the-server-after-v0-16-1
Important Note 2: As a result of the switch to Websockets, from mqtt, if you want to stay with traefik as your reverse-proxy of choice, please refer to https://github.com/gravitl/netmaker/blob/5384ff14e2317360fa38ee63cef5ba0809b1f85f/compose/docker-compose.reference.yml and update your compose accordingly!
Community
What's New
- MQ Broker connections are now established via Websockets rather than the MQTT protocol
- Default to Caddy for reverse proxy
- new interactive install script which supports EE installs
- Additional log message if Netmaker fails to connect to DB (thanks @yunginnanet)
What's Fixed
- multiarch release for Netclient docker
- added Netclient support for Mips (thanks @shan100github)
- IPV6 Addressing issue
Known Issues
- unable to ping ext clients from windows
- if node is disconnected via cli and then reconnected via netmaker UI -- peers may take some time to be populated
- IPv6 node public endpoints are not supported
EE
What's New
- no additions
What's Fixed
- moved some controller files into the ee directory in anticipation of license change