Last active
May 13, 2022 01:57
-
-
Save afeiszli/f53f34eb4c5654d4e16da2919540d0eb to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| On Server | |
| 1. docker-compose down | |
| 2. wget -O /root/mosquitto.conf https://raw.githubusercontent.com/gravitl/netmaker/master/docker/mosquitto.conf | |
| 3. vi Caddyfile, remove gRPC section | |
| 4. MAKE SURE broker.<your netmaker domain> points to this machine. | |
| 5. Update docker-compose.yml (two options, CHOOSE ONLY ONE) | |
| a. Mmake changes to existing docker-compose: | |
| netmaker | |
| image: | |
| - CHANGE to gravitl/netmaker:v0.13.0 | |
| volumes: | |
| - ADD: /root/certs:/etc/netmaker/ | |
| sysctl: | |
| - ADD: net.ipv6.conf.all.disable_ipv6=0 | |
| environment: | |
| - ADD: SERVER_NAME: broker.DOMAIN | |
| - CHANGE: MANAGE_IPTABLES="off" | |
| ports: | |
| - REMOVE "50051:50051" | |
| netmaker-ui | |
| image: | |
| - CHANGE to gravitl/netmaker-ui:v0.13.0 | |
| mq | |
| image: | |
| - CHANGE to eclipse-mosquitto:2.0.11-openssl | |
| ports: | |
| # This is IMPORTANT, do not skip | |
| # You need both 1883 AND 8883 exposed on the container (and host firewall if applicable) | |
| - ADD "8883:8883" | |
| volumes: | |
| - ADD /root/certs/:/mosquitto/certs/ | |
| b. Overwrite docker-compose and reset base domain | |
| - write down base domain IP, and master token ex: | |
| - nm.111-222-123-123.nip.io | |
| - 111.222.123.123 | |
| - agj834tuq39tqag | |
| - wget -O /root/docker-compose.yml https://raw.githubusercontent.com/gravitl/netmaker/master/compose/docker-compose.contained.yml | |
| - sed -i "s/NETMAKER_BASE_DOMAIN/nm.111-222-123-123.nip.io/g" /root/docker-compose.yml | |
| - sed -i "s/SERVER_PUBLIC_IP/111.222.123.123/g" /root/docker-compose.yml | |
| - sed -i "s/REPLACE_MASTER_KEY/agj834tuq39tqag/g" /root/docker-compose.yml | |
| - sed -i "s/COREDNS_IP/111.222.123.123/g" /root/docker-compose.yml | |
| 6. docker-compose up -d | |
| 7. confirm working: | |
| - docker logs mq (check to make sure certs are valid) | |
| - docker logs netmaker check to make sure start is successful) | |
| 8. download new netclient on all machines: | |
| - ex: sudo rm -f /usr/sbin/netclient && sudo wget -O /usr/sbin/netclient https://github.com/gravitl/netmaker/releases/download/v0.13.0/netclient && sudo chmod +x /usr/sbin/netclient | |
| 9. Modify all netconfig-<network> files, add the "server:" and "api:" fields, ex: | |
| server: | |
| corednsaddr: "" | |
| accesskey: aegfaet3uag | |
| server: "broker.<your domain>" | |
| api: api.<your domain>:443 | |
| 10. netclient pull -n (on each network) | |
| 11. Remove comms | |
| - netclient leave -n <comms netid> | |
| - if that fails: | |
| - ip link del <comms iface> | |
| - rm -rf /etc/netclient/config/netconfig-<comms netid> | |
| - Log into UI, delete comms nodes, delete comms network |
If you set
MANAGE_IPTABLES="off"the DNS won't work anymore since the main server won't be able to redirect the traffic.
You are correct, and can leave this in. Just be sure to remove "mq" from the PORT_FORWARD_SERVICES list, since we no longer port forward mq traffic.
brilliant guide!
only issue i had was the netclient pull -n myNetwork would hang on first run?
but after CTRL+C and then a second run it worked no prob?
you also DONT need to expose port 1883 on the MQTT as the clients connect to 8883 externally instead
also the latest is now v0.13.1
Make sure you delete / regenerate any access keys you have from prior to the upgrade. They will contain outdated information and not allow nodes to properly join the network anymore.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
If you set
MANAGE_IPTABLES="off"the DNS won't work anymore since the main server won't be able to redirect the traffic.