VyOS project news in September
VyOS 1.2.3 GA
Final VyOS 1.2.3 release is now available for download for contributors and subscribers, and everyone is welcome to build their own image from the Crux branch.
Cloud images for Amazon EC2, Microsoft Azure, and Google Cloud platform have also been updated and submitted for review, so they should be available soon.
Earlier we've made an early access release, and with help from our community we've identified and fixed a few bugs. Our own routers are running it without any issues and we are rolling out it to managed customers too
The complete list of resolved issues can be found in Phabricator.
One notable change is that there's a new "allow-from" option in DNS forwarding.
set service dns forwarding allow-from 192.0.2.0/24
That option is required in version 1.2.3 and the current branch. Existing configs will not break thanks to the config syntax migration mechanism: "allow-from 0.0.0.0/0" and "allow-from ::/0" options will be automatically inserted into older configs when you add an 1.2.3 image to your system.
When you configure DNS forwarding from scratch, you will get a descriptive commit error if you forget that option. The main reason for it is that an open DNS resolvers is much more of a security problem these days when DNS amplification attacks become increasingly common. You still can allow queries from everywhere, but it's now opt-in rather than opt-out.
Website overhaul
We kept promising a new website version for a while, and it's been taking longer than expected. Now the new website is finally live and we hope it's a huge improvement over the previous version.
Visit https://vyos.io/ to check it out.
Let us know what you think. One potential issue is link rot—if you find any links on our own or third party websites that broke due to the update, let us know, and we'll fix the links or try to make redirects.
There are also page load speed issues that we are already working on, but if you have your own suggestions how to improve it, please share.
Changes in subscriptions
One obvious improvement is that subscriptions can now be purchased online, using Stripe or Paypal.
Subscription prices have been increased, to 600 EUR/year for Professional and to 2400 EUR/year for Corporate. However, it only applies to new subscriptions. For the early adopters who already have a subscription, the renewal price remains the same as their initial purchase price.
We are also introducing "cloud packs" for customers who run multiple cloud instances of VyOS. Since cloud images are priced per instance, costs of running large numbers of routers can grow quickly. Instead, your company can purchase a "cloud pack"—a subscription for running an unlimited number of instances for a yearly fee. Customers with Professional subscriptions can purchase access to unlimited instances in a single cloud provider for 6000 EUR/year. Corporate level subscribers have an option to pay 10000 EUR/year for unlimited instances in all supported clouds.
You can find the details at vyos.io/subscriptions
Rewriting old CLI in the new style got easier
The new approach to CLI definitions that uses XML files and a RelaxNG schema made the definition files much more observable and put an end to commands broken due to syntax errors, since invalid definitions break the build now.
Actually rewriting old commands was always a tedious task though, since you'd have to go through dozens node.def files in deeply nested directories.
Lately we've made a script that simplifies that task by automatically importing old definitions into the new format. It takes a directory with command definitions as an argument, so you can try it out by cloning some of the old repositories (e.g. vyos/vyatta-nat) and running "import-conf-mode-commands templates-cfg". The result is written to a file named "output.xml".
The conversion is far from perfect. It simply can't be, because the new format intentionally doesn't include some of the features of the original like embedded shell scripts—avoiding those features and their unfortunate consequences for ease of maintenance was one of the goals. The output.xml file is more of a starting point for hand editing, but it still should save contributors a lot of time compared to importing commands by hand.
Comments