ZeroTier RPM Installer Script Failing
-
ZeroTier hasn't been self-updating on Linux since very early versions. We found that many Linux users were using it on servers and really did not want software auto-updating itself independent of their scheduled use of 'yum' or 'apt'.
In 1.1.6+ we have finally developed real Linux packages and our own Linux package repository. The install script we created just adds that repo and installs the package, and once the repo is added it should auto-update along with other Linux packages when you do system package updates. This is expected behavior on Linux for a packaged app.
We also have people working to get this into Fedora/EPEL and Debian upstream but that's another matter, and many users might still prefer our repos since they will be updated more quickly.
MacOSX and Windows have auto-update functionality but we've been sort of gun shy about using it for the same reason. So far our policy has been to keep it around in case we ever have a critical security vulnerability that we need to force-patch ASAP. So far that has not happened.
-
@adam.ierymenko said in ZeroTier RPM Installer Script Failing:
ZeroTier hasn't been self-updating on Linux since very early versions. We found that many Linux users were using it on servers and really did not want software auto-updating itself independent of their scheduled use of 'yum' or 'apt'.
That's what I would want to.
-
1.1.8 is the current client, right? I'm "going around" updating the clients now.
-
@travisdh1 Are you adding the repo too?
-
@aaronstuder said in ZeroTier RPM Installer Script Failing:
@travisdh1 Are you adding the repo too?
Yes, I'm running the "more secure" method. It just worked on my CentOS7 box. The remote connection is so slow that even text updates sent over ssh take some time, waiting for that to confirm it's finished currently.
-
@travisdh1 said in ZeroTier RPM Installer Script Failing:
@aaronstuder said in ZeroTier RPM Installer Script Failing:
@travisdh1 Are you adding the repo too?
Yes, I'm running the "more secure" method. It just worked on my CentOS7 box. The remote connection is so slow that even text updates sent over ssh take some time, waiting for that to confirm it's finished currently.
Remember... tmux / screen are your friends... just in case you get disconnected!
-
@dafyre said in ZeroTier RPM Installer Script Failing:
@travisdh1 said in ZeroTier RPM Installer Script Failing:
@aaronstuder said in ZeroTier RPM Installer Script Failing:
@travisdh1 Are you adding the repo too?
Yes, I'm running the "more secure" method. It just worked on my CentOS7 box. The remote connection is so slow that even text updates sent over ssh take some time, waiting for that to confirm it's finished currently.
Remember... tmux / screen are your friends... just in case you get disconnected!
I'll have to head over latter today anyway, so I don't care so much if I loose my limited ability to connect/manage those things.
As it turns out, they install the new thing and wait for you to restart/reload the service. Everything worked (that one is on wheezy.)
-
@travisdh1 said in ZeroTier RPM Installer Script Failing:
1.1.8 is the current client, right? I'm "going around" updating the clients now.
As of yesterday, yes.
-
@adam.ierymenko said in ZeroTier RPM Installer Script Failing:
ZeroTier hasn't been self-updating on Linux since very early versions. We found that many Linux users were using it on servers and really did not want software auto-updating itself independent of their scheduled use of 'yum' or 'apt'.
Ah I knew I read that somewhere. Glad I'm not going crazy.
-
ZeroTier RPM 1.1.12 is out now.
-
@adam.ierymenko said in ZeroTier RPM Installer Script Failing:
MacOSX and Windows have auto-update functionality but we've been sort of gun shy about using it for the same reason. So far our policy has been to keep it around in case we ever have a critical security vulnerability that we need to force-patch ASAP. So far that has not happened.
So how would I enable an auto update on my windows clients? Is there some secret setting I can manually enable? Or is it only something you guys can push in emergency? ZeroTier is not available via Chocolatey and I have no other means to easily push an update setup at this time.
-
Right now it's a button we can push. There's a signing key we have that we keep in cold storage for it.
We'd like to revisit the update schedule at some point in the future since auto-updating quickly can be a desirable feature if it's done well. But it's very hard to do well, especially with an app that integrates with the OS the way ZeroTier does. ZeroTier has drivers, services, etc.
BTW we had a couple releases in a row over the last week since we were fixing minor issues with route management and default route override / full tunnel, both of which were new and non-trivial. Hopefully it's calmed down now.
-
@adam.ierymenko said in ZeroTier RPM Installer Script Failing:
Right now it's a button we can push. There's a signing key we have that we keep in cold storage for it.
We'd like to revisit the update schedule at some point in the future since auto-updating quickly can be a desirable feature if it's done well. But it's very hard to do well, especially with an app that integrates with the OS the way ZeroTier does. ZeroTier has drivers, services, etc.
BTW we had a couple releases in a row over the last week since we were fixing minor issues with route management and default route override / full tunnel, both of which were new and non-trivial. Hopefully it's calmed down now.
The problem is I have 32 devices all running 1.1.4 and I now need to upgrade them with no simple way to do it.
-
I thought there were simple ways of pushing MSIs to Windows machines. That's why we've worked really hard to keep the installer in MSI format even though it does a number of complex things that Advanced Installer keeps wanting to kick us into the EXE track to accomplish.
What's the current state of the art for managing software installs across Windows machine pools?
-
Also what do most sysadmins think about auto-updates? I know some are -- like in the Linux world -- against auto-updating software and want things to update on a schedule (for obvious reasons).
-
@adam.ierymenko said in ZeroTier RPM Installer Script Failing:
Also what do most sysadmins think about auto-updates? I know some are -- like in the Linux world -- against auto-updating software and want things to update on a schedule (for obvious reasons).
Linux I generally see as against because integrated updates are already inclusive. So the whole YUM Repo integration thing is perfect.
On Windows I generally see the opposite. Since there isn't an existing OS system for this built in, auto-updates from apps makes sense.
-
@adam.ierymenko said in ZeroTier RPM Installer Script Failing:
I thought there were simple ways of pushing MSIs to Windows machines.
In the enterprise doing this with GPO or other tools is possible. Sometimes in the SMB. But often in the SMB there isn't a unified network for this stuff and it isn't very practicable.
-
Hmm... we've wanted to rework updates for quite some time so maybe we'll do something with a setting.
Like I said it's very hard to do... you can fire off a background MSI installer but if it fails you are SOL. Google built an entire auto-update system for Chrome themselves because of this.
Windows software deployment is terrible. Of course Mac is not that much better... you have Apple's absolutely awful app store with its restrictions that exclude almost all interesting desktop software.
-
Do you have anything set up to ssh into these machines? If so you might be able to ssh in and run the MSI installer with a single command line. Maybe we can create a Windows equivalent of
curl|bash
?(
curl|bash
is proof that software deployment across the diverse Linux ecosystem is not that much better than Windows or Mac... but at least Linux being fully OSS has an excuse.) -
@adam.ierymenko said in ZeroTier RPM Installer Script Failing:
Do you have anything set up to ssh into these machines? If so you might be able to ssh in and run the MSI installer with a single command line. Maybe we can create a Windows equivalent of
curl|bash
?(
curl|bash
is proof that software deployment across the diverse Linux ecosystem is not that much better than Windows or Mac... but at least Linux being fully OSS has an excuse.)Except that you are comparing a family of operating systems to a single OS. And the Linux approach is STILL easier. If you were comparing a single OS (CentOS or Ubuntu) to Windows you'd have no reason for that approach.
Plus you are setting up repos, not just deploying. So you are handling a family of OSes to a full order or magnitude more powerful and complex of an approach than you are even trying to do on Windows.