25.02.001 changelog

25.02.001

Released on 8 February, 2025.

Server

Features

  • It has been observed that network partitions over a certain length (roughly 20 minutes) are not automatically recoverable and require a restart of some control plane components. To recover automatically in these scenarios via automatic server restart on peer failure, enable the “Minimum Peers Behavior” setting in a Controller’s settings in the Control Plane interface. By default, the setting is disabled to retain existing behavior and prevent spurious restarts.

    The “Minimum sync peers” field controls how many other Controllers the Controller being configured must be connected to before it is considered unhealthy. If using the setting, the number should be less than your cluster size, but greater than the number of Controllers at your site. This number is likely between 1 and 3 for most installations, and has a minimum value of 1.

    The “Sync-unhealthy duration” field controls how long (in seconds) it takes for the Controller being configured to restart after its number of connected peers falls below the set minimum. The minimum value of this field is 120 seconds.

    This setting can also be updated using the Controller REST API, with the /-net/api/v0/organization/controller POST endpoint.

    Note that updating the Minimum Peers Behavior setting for a given Controller will restart it.

    Further work is ongoing to make automatic recovery less disruptive and require less up-front consideration.

Enhancements

  • Controllers now ship with a more comprehensive set of terminfo files to facilitate better client remote connection support.
  • Controller updates now offer more fine-grained information regarding whether an update procedure either succeeds or experiences unexpected behavior.
  • The foundational operating system for Controllers has been updated from NixOS 24.05 to 24.11.

    This update includes the following noteworthy version changes. If you rely on any of these packages for downstream integrations (such as observability with Grafana and Loki), ensure that the updated versions are compatible with your existing configuration (and update those configurations if necessary).

    This change includes an upgrade from Linux kernel version 6.1.119 to 6.1.123. System services should continue to operate normally across kernel updates, but if you require that the system run on the newer kernel, you should follow-up with any update actions with a system reboot to run on the newer kernel, but this step is not required.

    Package Old Version New Version
    Linux kernel 6.1.119 6.1.123
    cloud-init 24.1 24.2
    grafana 10.4.13 11.3.2
    loki 3.1.2 3.2.1
    opentelemetry-collector-contrib 0.101.0 0.112.0
    prometheus 2.54.1 2.55.0
    promtail 3.1.2 3.2.1
    python 3.11.10 3.12.7
    tempo 2.4.2 2.6.0
  • Additional logging from systemd is now included in Controller support bundles.

Fixes

  • Controller observability tooling was previously instrumenting all URLs, whether valid or not. Changes to the default Prometheus configuration now proactively drop URLs for paths with 404 responses to reduce noise and improve performance along with axum_http_requests_pending.

Client

Features

  • Adds dns-capture-exclude-cidrs flag to allow bypassing bowtie-dns for one or more address ranges. This expands dns-capture-and-forward strategies to allow additional options for some software to pass bowtie unobstructed. CIDRs are delimited by a comma. Example: dns-capture-exclude-cidrs = "10.193.0.0/16,10.194.0.0/16"
  • MacOS clients have now packaged wireguard-go as the default tunnel provider. Set wireguard-provider="Boringtun" to go back to prior functionality.

Fixes

  • Improved behavior when installing or uninstalling Windows packages that should avoid notifications about needing to restart or failing to close the Bowtie client.

Meta Control Plane

Features

  • The staging meta control plane (available for software downloads like release candidates) now has a more user-friendly URL at https://dev.api.bowtie.works available for general use.