We are pleased to announce the general availability of FreeNAS 11.3-BETA1. The 11.3 series represent a year-long development and testing effort. In a departure from previous BETA release cycles, this BETA has been fully vetted by the iXsystems QA team internally and users should notice a significant improvement in both stability and usability.
Please read these Release Notes thoroughly before updating to become familiar with the potential impacts of the many new features brought in by this update. Please report any bugs to https://jira.ixsystems.com/projects/NAS.
To install this release, refer to https://www.freenas.org/download/ for installation instructions and to download the installation file.
Before updating an existing FreeNAS system:
The replication framework has been redesigned, adding new back-end systems, files, and screen options to the Replication system and Periodic Snapshot Tasks. The redesign adds these features:
Network interface management has been redesigned to streamline the management of both physical and virtual interfaces using one screen. VLANs and LAGGs are now classified as interface types and support for the Bridge interface type has been added. The addressing details for all physical interfaces, including DHCP, are now displayed but are read-only if the interface is a member of a LAGG. When applying interface changes, the web interface provides a window to cancel the change and revert to the previous network configuration. A new MTU field makes it easier to set the MTU as it no longer has to be typed in as an Auxiliary Parameter.
Automatic Certificate Management Environment (ACME) support has been added. ACME simplifies the process of issuing and renewing certificates using a set of DNS challenges to verify a user is the owner of the domain. While the new API supports the addition of multiple DNS authenticators, support for Amazon Route 53 has been added as the initial implementation. The ACME DNS screen is used for authenticator configuration which adds the ACME Certificates option for Certificate Signing Requests. Once configured, FreeNAS will automatically renew ACME certificates as they expire.
The Alert system has been improved:
The Dashboard has been rewritten to provide an overview of the current state of the system rather than repeat the historical data found in Reporting. It now uses middleware to handle data collection and provide a web interface with real-time events. Line charts have been replaced with meters and gauges. CPU graphs have been consolidated into a single widget that provides average usage and per-thread statistics for both temperature and usage. Interfaces are represented as a separate card per physical NIC unless they are part of a LAGG card. Pool and Interface widgets feature mobile-inspired lateral navigation, allowing users to “drill down” into the data without leaving the page.
Reporting has been greatly improved. Data is now prepared on the backend by the middleware and operating system. Any remaining data manipulation is done in a web worker, keeping expensive processing off of the main UI thread/context. The SVG-based charting library was replaced with a GPU-accelerated canvas-based library. Virtual scroll and lazy loading prevent overloading the browser and eliminate the need for a pager. Users can zoom by the X or Y axis and reset the zoom level with a double click. Graphs do not display if there is no related data. Support for UPS and NFS statistics has been added.
Options for configuring the reporting database have been moved to System ➞ Reporting. This screen adds the ability to configure Graph Age as well as the number of points for each hourly, daily, weekly, monthly, or yearly graph (Graph Points). The location of the reporting database defaults to tmpfs and a configurable alert if the database exceeds 1 GiB has been added to Alert Settings.
The web interface has received many improvements and bug fixes. Usability enhancements include: the ability to move, pin, and copy help text, persistent layout customizations, customizable column views, size units which accept humanized input, improved caching and browser support, and improved error messages, popup dialogs, and help text. An iX Official theme has been added which is the default for new installations.
NAT support has been added as the default for most Plugins. With NAT, a plugin is contained in its own network and does not require any knowledge of the physical network to work properly. This removes the need to manually configure IP addresses or have a DHCP server running. When installing a plugin into a virtualized environment, NAT removes the requirement to enable Promiscuous Mode for the network.
The Plugins page has been streamlined so that most operations can be performed without having to go to the Jails page. Support for collections has been added to differentiate between iXsystems plugins, which receive updates every few weeks, and Community plugins. In addition, there have been many bug fixes and improvements to iocage, the Plugins backend, resulting in a much better Plugins user experience.
An ACL Manager has been added to Storage ➞ Pools ➞ (Options) and the permissions editor has been redesigned.
A new iSCSI wizard makes it easy to configure iSCSI shares.
There have been several Pool Manager improvements. The labels and tooltips for encryption operations are clearer. Disk type, rotation rate, and manufacturer information makes it easier to differentiate between selectable disks when creating a pool. A REPEAT button makes it easy to create large pools using the same vdev layout, such as a series of striped mirrors.
Support for collecting daily anonymous usage statistics has been added. Collected non-identifying data includes hardware information such as CPU type, number and size of disks, and configured NIC types as well as an indication of which services, types of shares, and Plugins are configured. The collected data will assist in determining where to best focus engineering and testing efforts. Collection is enabled by default. To opt-out, unset System ➞ General ➞ Usage collection.
Significant improvements to SMB sharing include ZFS user quotas support, web service discovery support, and improved directory listing performance for newly-created shares.
The middleware and websockets APIv2 rewrite is complete. APIv1 remains for backwards compatibility but will be deprecated and no longer available in the next major release.
A complete list of the new features and changes to the UI can be found in the New Features in 11.3 section of the Guide.
The legacy web interface has been removed and no longer appears as an option in the login screen.
Warden has been removed along with support for warden jails or plugins installed using FreeNAS 11.1 or earlier.
Netdata has been removed from Services due to a long-standing upstream memory leak. TrueCommand provides similar reporting plus advanced management capabilities for single or multiple FreeNAS systems and is free to use to manage up to 50 drives.
The built-in Docker template has been removed, though Docker can still be deployed in a Linux Virtual Machine.
Domain Controller has been removed from Services. To migrate an existing Domain Controller configuration, follow the steps in Migrating an Existing Domain Controller before updating.
The system no longer allows moving the system dataset to an encrypted pool containing a passphrase. Since Directory Services and some SMB state information is stored in the system dataset, these services will not function correctly if the system dataset is locked or otherwise unavailable. It is recommended to move the system dataset to a non-encrypted pool or an encrypted pool not containing a passphrase.
Syncing to a B2 bucket does not delete files from the bucket, even when those files have been deleted locally. Instead, files are tagged with a version number or moved to a hidden state. To automatically delete old or unwanted files from the bucket, adjust the Backblaze B2 Lifecycle Rules.
If Time Machine over SMB shares has been configured using Auxiliary Parameters, backups may fail. Since the middleware now performs SMB, AFPOVERTCP, and ADISK mDNS registration, SMB share auxiliary parameters are no longer evaluated to determine whether to advertise Time Machine. To resolve, remove fruit:time machine = yes from smb4.conf, check the Time Machine box in the SMB share, and run the command midclt call mdnsadvertise.restart.
The default nfs4:mode was changed from “special” to “simple”. This change is recommended as it synchronizes with Samba defaults and provides a better user experience. If the legacy behavior is required, add the following auxiliary parameter to all SMB shares: nfs4:mode=special. It is important that all shares have the same nfs4:mode setting as they share a common caching backend for SID to ID lookups.
The samba_server rc script has been broken into separate rc scripts for each of the Samba-related services. To manually invoke a script, add the “one” prefix to the rc commands, such as samba server onerestart, or restart the desired service directly: service winbindd restart.
Legacy AD monitoring has been replaced by the following health checks:
Existing SMB shares are migrated to use a new libzfs-based shadow copy module. By default, all ZFS snapshots will be visible through “previous versions” in FIle Explorer. To disable this behavior, uncheck the Enable Shadow Copies checkbox for the SMB share and add the shadow_copy2 VFS module. Configuration parameters for shadow_copy2 are explained here.
If the FreeNAS system is currently configured as the Domain Controller (DC) for a network, follow these steps to transfer its domain role to a separate system running Samba which will act as the new DC.
samba-tool domain join SAMDOM.FUN DC -U SAMDOM\\administrator
samba-tool fsmo show
samba-tool fsmo transfer --role=all -U SAMDOM\\administrator
samba-tool domain demote -U SAMDOM\\administrator