Releases: gravitl/netmaker
Releases · gravitl/netmaker
v0.20.6
Netmaker v0.20.6
Whats New
- Sync clients with server state from UI
What's Fixed
-
Upgrade Process from v0.17.1 to latest version can be now done seamlessly, please refer docs for more information: https://docs.netmaker.io/upgrades.html#id2
-
Expired nodes clean up is handled correctly now
-
Ext client config generation fixed for ipv6 endpoints
-
installation process will only generate certs required for required Domains based on CE or EE
-
support for ARM machines on install script
known issues
- Windows installer does not install WireGuard
- netclient-gui will continously display error dialog if netmaker server is offline
- Mac IPv6 addresses/route issues
- Docker client can not re-join after complete deletion
- netclient-gui network tab blank after disconnect
v0.20.5
Netmaker v0.20.5
Whats New
- Extclient Acls
- Deleting a host will now remove it from associated networks automatically.
- Proxy is deprecated
What's Fixed
- Solved Race condition for multiple nodes joining network at same time
- Node dns toggle
- Simplified Firewall rules for added stability
known issues
- Database issues cause "Ghost Clients". Deleted Ext Clients may not get cleaned up and cause unusable clients to be visible in the UI. This is fixed in develop and will be solved in the next release. As a workaround, please restart Netmaker if you see this in the UI and the clients should disappear.
- Expired nodes are not getting cleaned up
- Windows installer does not install WireGuard
- netclient-gui will continously display error dialog if netmaker server is offline
- Incorrect metrics against ext clients
- Host ListenPorts set to 0 after migration from 0.17.1 -> 0.20.5
- Mac IPv6 addresses/route issues
- Docker client can not re-join after complete deletion
- netclient-gui network tab blank after disconnect
v0.20.4
Netmaker v0.20.4
Whats New
- FreeBSD 13/14 specific binaries
- Whitelabelling capabilities
What's Fixed
- Fixes for FreeBSD
- Mac installer installs WireGuard
- ACL rendering on UI
- Updating Endpoint IP from UI
known issues
- Windows installer does not install WireGuard
- netclient-gui (windows) will display an erroneous error dialog when joining a network (can be ignored)
- netclient-gui will continously display error dialog if netmaker server is offline
- Incorrect metrics against ext clients
- Host ListenPorts set to 0 after migration from 0.17.1 -> 0.20.4
- Mac IPv6 addresses/route issues
- Docker client can not re-join after complete deletion
- netclient-gui network tab blank after disconnect
v0.20.3
Netmaker v0.20.3
Whats New
- Moved to new licensing server for self-hosted
- STUN removed from netmaker server to improve memory performance
- Added DB caching to drastically reduce read/writes from disk
What's Fixed
- Major memory leak resolved due to STUN
- Issues with netclient ports on daemon restart
- Windows GUI unable to find netclient backend
- Major scalability fixes - Can now scale to hundreds of hosts with low resources
- Resolved ACL panic
- Reverted blocking creation of Ingress with NAT
known issues
- netclient-gui (windows) will display an erroneous error dialog when joining a network (can be ignored)
- netclient-gui will continously display error dialog if netmaker server is offline
- Incorrect metrics against ext clients
- Host ListenPorts set to 0 after migration from 0.17.1 -> 0.20.3
- Mac IPv6 addresses/route issues
- Docker client can not re-join after complete deletion
- netclient-gui network tab blank after disconnect
v0.20.2
Netmaker v0.20.2
whats new
- Endpoint detection can be disabled
- User settings reverted to more simple implementation
- Graph edges reflect ACLs
whats fixed
- TURN replacing Relays >> Relays moved to EE only
- Can now copy/paste on Mac GUI
- Endpoint check
- Minor TURN fixes
- NAT check for Ingress creation
- Firewall manager changes that should make Ingress and Egress way more reliable
- Metrics fixes
- Remove non-TURN proxy operations
known issues
- Migration causes a listen port of 0 for some upgraded hosts
- Docker clients can not re-join after deletion
- Issue with Mac + IPv6 addressing
- Nodes on same local network may not always connect
- List populates egress ranges twice
- If you do NOT set STUN_LIST on server, it could lead to strange behavior on client
v0.20.1
Netmaker v0.20.1
whats new
whats fixed
- enrollment keys for non-admins
- client version displayed correctly in UI
- upd hole punching improvments
- SSL fallback to letsencrypt
- permission handling for non-admin users
known issues
- Migration causes a listen port of 0 for some upgraded hosts
- Docker clients can not re-join after deletion
- Innacurate Ext Client Metrics
- Issue with Mac + IPv6 addressing
- Nodes on same local network may not always connect
- List populates egress ranges twice
- If you do NOT set STUN_LIST on server, it could lead to strange behavior on client
v0.20.0
Netmaker v0.20.0
whats new
- New UI
- Revamped compose-files and install scripts
- Reactive TURN (makes connections whenever p2p is not working)
- Ext Client editing + configurable allowedips
whats fixed
- Netmaker exporter now works with Caddy
- Major issue with Endpoint Detection fixed - local connections should be much better now
known issues
- cannot use OAUTH login on new UI. If this is required, continue to use v0.19.0
- Cannot use "$" character in installer as a value in variables, or it will break config.
- QR code is very difficult to scan. Fix is in next release.
- Migration causes a listen port of 0 for some upgraded hosts
- Docker clients can not re-join after deletion
- Innacurate Ext Client Metrics
- Issue with Mac + IPv6 addressing
- Nodes on same local network may not always connect
- List populates egress ranges twice
- If you do NOT set STUN_LIST on server, it could lead to strange behavior on client
v0.19.0
Netmaker v0.19.0
whats new
- TURN
- dependency updates
- internet gateways (0.0.0.0/0) for egress
- deprecated editing of network parameters
- allow extra ips for extclient (not enabled in UI)
whats fixed
- unbiased random string
- get traffic keys on pull
- CI updates
- install/update script updates
- firewall checks
known issues
- Caddy does not handle netmaker exporter well for EE
- Migration causes a listen port of 0 for some upgraded hosts
- Docker clients can not re-join after deletion
- Innacurate Ext Client Metrics
- Issue with Mac + IPv6 addressing
- Nodes on same local network may not always connect
- List populates egress ranges twice
- If you do NOT set STUN_LIST on server, it could lead to strange behavior on client
Upgrade from 0.18.7
How to upgrade your server to include TURN. In docker-compose.yml:
- Replace v0.18.7 with v0.19.0 for both netmaker and netmaker-ui images.
- In docker-compose.yml, add the following to services.netmaker.environment:
TURN_SERVER_HOST: "turn.NETMAKER_BASE_DOMAIN"
TURN_SERVER_API_HOST: "https://turnapi.NETMAKER_BASE_DOMAIN"
TURN_PORT: "3479"
TURN_USERNAME: "REPLACE_TURN_USERNAME"
TURN_PASSWORD: "REPLACE_TURN_PASSWORD"
USE_TURN: "true"
2.a Replace NETMAKER_BASE_DOMAIN with your base domain. Replace REPLACE_TURN_USERNAME with a username of your choice, and REPLACE_TURN_PASSWORD with a password (should be strong)
- Add the following section to services (in line with netmaker:, caddy:, mq:, etc):
turn:
container_name: turn
image: gravitl/turnserver:v1.0.0
network_mode: "host"
volumes:
- turn_server:/etc/config
environment:
DEBUG_MODE: "off"
VERBOSITY: "1"
TURN_PORT: "3479"
TURN_API_PORT: "8089"
CORS_ALLOWED_ORIGIN: "*"
TURN_SERVER_HOST: "turn.NETMAKER_BASE_DOMAIN"
USERNAME: "REPLACE_TURN_USERNAME"
PASSWORD: "REPLACE_TURN_PASSWORD"
3.a replace NETMAKER_BASE_DOMAIN, REPLACE_TURN_USERNAME, and REPLACE_TURN_PASSWORD with the same values as in 1.a.
- Add "turn_server: {}" to your "volumes" section. It should look like this:
volumes:
caddy_data: {}
caddy_conf: {}
sqldata: {}
dnsconfig: {}
mosquitto_logs: {}
turn_server: {}
- add an "extra_hosts" section to caddy in the docker-compose. It should now look like this:
caddy:
image: caddy:2.6.2
container_name: caddy
restart: unless-stopped
extra_hosts:
- "host.docker.internal:host-gateway"
volumes:
- /root/Caddyfile:/etc/caddy/Caddyfile
- caddy_data:/data
- caddy_conf:/config
ports:
- "80:80"
- "443:443"
- Modify the Caddyfile to add two new domains for TURN and TURN_API. Add the following sections, adjusting for your domain:
# TURN
https://turn.NETMAKER_BASE_DOMAIN {
reverse_proxy host.docker.internal:3479
}
#TURN API
https://turnapi.NETMAKER_BASE_DOMAIN {
reverse_proxy http://host.docker.internal:8089
}
- run docker-compose up -d
You should now have turn configured with your server.
v0.18.7
Netmaker v0.18.7
whats new
- internet gateways (0.0.0.0/0) for egress
- deprecated editing of network parameters
- allow extra ips for extclient (not enabled in UI)
whats fixed
- nm-quick - determine lastest version from releases
- wireguard public/private key rotation
- ee-license checks
known issues
- Caddy does not handle netmaker exporter well for EE
- Migration causes a listen port of 0 for some upgraded hosts
- Docker clients can not re-join after deletion
- Innacurate Ext Client Metrics
- Issue with Mac + IPv6 addressing
- Nodes on same local network may not always connect
- List populates egress ranges twice
- If you do NOT set STUN_LIST on server, it could lead to strange behavior on client
v0.18.6
Netmaker v0.18.6
Limitations
-
Egress to 0.0.0.0/0 (internet gateways) is currently disabled. Will be re-implemented in a near-future release. If you use or need internet gateways, either stay with 0.17.1, or use the following list of ranges in place of 0.0.0.0/0:
0.0.0.0/5,8.0.0.0/7,11.0.0.0/8,12.0.0.0/6,16.0.0.0/4,32.0.0.0/3,64.0.0.0/2,128.0.0.0/3,160.0.0.0/5,168.0.0.0/6,172.0.0.0/12,172.32.0.0/11,172.64.0.0/10,172.128.0.0/9,173.0.0.0/8,174.0.0.0/7,176.0.0.0/4,192.0.0.0/9,192.128.0.0/11,192.160.0.0/13,192.169.0.0/16,192.170.0.0/15,192.172.0.0/14,192.176.0.0/12,192.192.0.0/10,193.0.0.0/8,194.0.0.0/7,196.0.0.0/6,200.0.0.0/5,208.0.0.0/4 -
EE should still be considered pre-release, and we do not recommend upgrading yet.
Follow Upgrade Instructions Carefully - You must upgrade server before netclients
- You must be on v0.17.1 in order to upgrade
- SSH to your Netmaker server
- Run the upgrade script:
wget https://raw.githubusercontent.com/gravitl/netmaker/release_v0.18.5/scripts/nm-upgrade.sh && chmod +x nm-upgrade.sh && ./nm-upgrade.sh - Follow prompts until the upgrade process on the server is completed.
- Upgrade all netclients using whichever method you prefer. Either download the netclient from the release page or follow the upgrade instructions for your operating system (e.x. "apt-get install netclient")
whats new
- no new features
whats fixed
- a few ext client/ingress issues
- viewing addresses (UI)
- when deleting an ingress gateway, ext clients are now removed from peers immediately
- ext client peers should be populated immediately after creation
- ext clients no longer reset public key when disabled/enabled
- can delete an ingress without clients
- removed unnecessary host update
- host nat type is now collected from clients
- fix peer update issue where caclulation was happening to frequently
- nm-quick && nm-upgrade
- EMQX image change && api routes
known issues
- Caddy does not handle netmaker exporter well for EE
- Migration causes a listen port of 0 for some upgraded hosts
- Docker clients can not re-join after deletion
- Innacurate Ext Client Metrics
- Issue with Mac + IPv6 addressing
- Nodes on same local network may not always connect
- List populates egress ranges twice
- If you do NOT set STUN_LIST on server, it could lead to strange behavior on client
- No internet gateways/default routes