[RPKI] Krill 0.14.0-rc3 released

Tim Bruijnzeels tim at nlnetlabs.nl
Mon Oct 23 12:07:19 UTC 2023 

Dear list,

As it turned out, the migration code was easier to add than expected, so we decided to make a third release candidate 0.14.0-rc3, that adds support for support for the ASPA v1 syntax. Existing objects will be re-issued using the new profile if you upgrade Krill 0.13.1 or lower to this version.

NOTE: you cannot upgrade from 0.14.0-rc1 or 0.14.0-rc2 to this release if you have existing ASPA objects, and while we welcome testing, we recommend that you do NOT upgrade your production environment until 0.14.0 is released on Monday, 30 October.

On behalf of the NLnet Labs RPKI Team,

Tim


> On 18 Oct 2023, at 10:39, Tim Bruijnzeels <tim at nlnetlabs.nl> wrote:
> 
> Dear list,
> 
> A helpful user pointed out that the ROA delete buttons were not shown if BGP previews were disabled ("bgp_risdumps_enabled = false" in config). This issue is also present in 0.13.1.
> 
> We just released 0.14.0-rc2 with a fix for this.
> 
> On behalf of the NLnet Labs RPKI Team,
> 
> Tim
> 
> 
> 
> 
>> On 17 Oct 2023, at 19:01, Tim Bruijnzeels <tim at nlnetlabs.nl> wrote:
>> 
>> Dear list,
>> 
>> We just released the first release candidate for the coming 0.14.0 Krill release. We invite all interested users to test this version, but please do not upgrade your production environment until 0.14.0 has been released.
>> 
>> This release introduces the following small features and fixes:
>> - Add traditional and simplified Chinese translations #1075
>> - Let the testbed automatically renew the TA manifest and CRL #1095
>> - Show the delete icon for AS0 ROA when there is another existing announcement #1109
>> 
>> But, we spent the main effort in this release on improving how Krill stores its data. This will help improve robustness today and pave the way for introducing support for Krill clustering using a database back-end in a future release. For now, these issues have been done:
>> - Improve transactionality of changes (e.g. #1076-1078, #1085, #1108, #1090)
>> - Remove no longer needed 'always_recover_data' function #1086
>> - Improve upgrade failed error: tell users to downgrade #1042
>> - Crash Krill if the task scheduler encounters a fatal error. #1132
>> - Add support for importing delegated child CAs #1133
>> 
>> Note that this release still uses the now outdated ASPA object syntax. We plan to make another focused release to address this immediately after 0.14.0 is released. See issue #1080.
>> 
>> Note that if you were running 0.13.1 as a testbed, you might have symlinked the "signer" directory to "ta_signer" to support a manual workaround for re-signing the trust anchor CRL and manifest (issue #1095). If you did, you may need to delete any surplus files and directories under "/var/lib/krill/data/ta_signer" other than the " ta " directory.
>> 
>> Please let us know if you have any issues, questions or comments. We are running this release candidate in our production environment and will continue testing it in the wild over the coming weeks. If no issues arise, we will release Krill 0.14.0 on Monday, 30 October.
>> 
>> On behalf of the NLnet Labs RPKI Team,
>> 
>> Tim
> 
>

More information about the RPKI mailing list