The FRED (Free Registry for ENUM and Domains) system has been used for the .cz TLD since 2007 and is also utilized by eleven other domain registry operators worldwide. For us, this leads to an international responsibility for adding functionalities according to operational and legislative requirements, as well as for the security, stability and technological development of the FRED system.
At the end of 2024, we have released the next public version of FRED, introduced new features in version publishing, and we have plans for further development. So let’s take a closer look.
Public release of FRED v2024.1
In December 2024, we released a new version, FRED v2024.1, thereby changing the previous versioning style of FRED 2.*. We have been planning major changes to the public release process for some time, and the transition to the new versioning is part of those changes. What do we mean by “public release”? We implement every minor new release of the FRED project into the .cz registry production to meet operational requirements, even if it results in significant overheads. For other registries, we endeavor to minimize the frequency of upgrades to reduce workload while keeping everything up to date. In addition, some of the new features we implement add functionality specific to the Czech Republic or the .cz zone. Therefore, it would be impractical to release a version for foreign registries due to these features. For this reason, we designate releases intended for foreign registries as “public”.
The former designation of the release was actually kind of misleading: while it was originally based on the versioning of one of the key components of the system, it no longer said anything about the version of the system as a whole. For this reason, we switched to versioning the entire release independently of the version of its components. The syntax is FRED vYYYY.X, where YYYY is the release year and X is the sequence number of the release within that year. Our latest release is named according to this new syntax, FRED v2024.1. Together with the release, we publish a list of packages and their versions (see the APT preferences file) as they are available in the stable repository. For each release, we update the release notes.
The reason why we have planned a smaller frequency of releases for 2023-24 was described by Zdeněk Brůna at the end of 2023, so I’ll just briefly mention it here. We decided to rework the core of the whole system. Putting in all the smaller changes would require administrators to do a lot of work and understand the bigger picture, so we decided not to put an unnecessary burden on our foreign colleagues. For example, the logger (auditing of all registry operations) or messaging (defining message templates, their data filling and sending processes including verification of delivery status) are used by many components of the system, so for some time we ran two versions/interfaces of these services concurrently until we gradually rewrote all client applications.
In FRED v2024.1, we completed the transition from CORBA to gRPC for the most important services, continued dockerization of other components, and completed the upgrade of all supported python applications to stable python3 versions. We linked the transition to gRPC with a revision of the application interfaces to meet the new requirements for the various kernel services. The component diagram of the entire FRED system in the public documentation shows the current state after these changes.
Besides the changes to the technology, there are also functional innovations in this release, and I will mention the most important ones. The Daphne administrative web interface is no longer part of the release and is replaced by the FERDA application, which is built on Vue.js. A new version of the automated DNSSEC management system, called AKM (for more details, see the article “New version of AKM in the .CZ domain registry“ on the CZ.NIC blog), now has universal key management functionality made into a separate subsystem with a defined API. We have replaced fred-client, the interactive terminal EPP client, with a completely new application called eppic, which is built on top of the standalone python library epplib. It offers better possibilities for automated use and integration into other systems. We have redesigned the NSSET technical control system, which is newly built on the Zonemaster project, and its web interface is available at zonemaster.nic.cz.
In spring 2024, we have implemented and launched a domain auction system for the .cz registry, but it is currently still tied to some processes specific to CZ.NIC, so this subsystem is not yet ready to be made available to other registries. We are in the process of generalizing and making available the entire Domain Browser, which includes a web interface for domain auction bidders.
FRED Technical Support
Our technical support is aimed not only at new adopters but also at existing foreign registries running FRED, as we recommend keeping up to date with all our releases. In fact, if they miss some upgrades, our support will still guide them to go through all the minor releases one by one.
When providing technical support, we continuously update the installation procedure in the public documentation, publish the source code of all open-source parts of the system on our public GitLab server along with the public release, and run a public testing environment and community mailing list. In addition, we offer a paid support service to assist in designing and commissioning the system or upgrading an already running FRED installation. In the case of upgrading a very old version of the system, we recommend a clean install of the latest system, with the biggest technical challenge being the correct data migration. As part of the paid support, we also offer extension modules that are not available in the open-source version: at the moment it is GlobalBlock, a Domain Name Blocking Service operated by Brand Safety Alliance, and we plan to prepare a domain auction subsystem in a similar way. A benefit of paid support available to some FRED registries is the opportunity to engage in prioritization of development.
Starting last year, we now offer a ready-to-use demo of FRED in the form of a single-server installation and publish it as a KVM image. We use this virtualized FRED server ourselves to verify the installation and to test the functionality before releasing a new version. We have chosen the KVM virtualization option as the most suitable because it allows us a greater degree of automation in the preparation stage.
Plans
The FRED system is a living project that we are not just maintaining but also developing, and we have a vision of where we want to take the system going forward. One of the major system changes we are currently addressing is the choice of server OS for the parts of FRED that are not yet dockerized. As support for the current preferred system, Ubuntu 20.04 LTS, is coming to an end, we are considering and testing whether to upgrade Ubuntu LTS to 24.04 or move from Ubuntu to Debian 12.
We definitely want to continue the process of dockerization, further extending the kernel APIs to gRPC services and expanding the functionality of the FERDA administration interface. We plan to generalize the auction system and add it to the paid extensions offered to other domain registries. We are also analyzing FRED’s compatibility with ICANN’s requirements for systems to manage assigned TLDs, which will certainly result in the necessary software modifications in order to gradually achieve compliance with these requirements.
We intend to continue automating the process of preparing and publishing public editions of FRED. We plan to make the creation of documentation for each new release as automated as possible in the FRED project’s public GitLab repository. In addition to the sheet of pinned APT packages, we will add a complete changelog for a given release, eliminating the need to go through the history of release notes in the documentation, as is currently the case.
Conclusion
The FRED system is a live open-source project, which is backed not only by a group of enthusiasts at CZ.NIC, who take care of the development and operation of the .cz domain, but also by colleagues in foreign registries, where they use FRED for their agenda. Like any open-source project, we welcome feedback and new suggestions, as well as anyone who would like to lend a hand. If you would like to contribute to the development of the FRED project, please do not hesitate to contact us and apply for a position at CZ.NIC.