ZeroTier RPM Installer Script Failing
-
ZeroTier RPM 1.1.12 is out now.
-
@adam.ierymenko said in ZeroTier RPM Installer Script Failing:
MacOSX and Windows have auto-update functionality but we've been sort of gun shy about using it for the same reason. So far our policy has been to keep it around in case we ever have a critical security vulnerability that we need to force-patch ASAP. So far that has not happened.
So how would I enable an auto update on my windows clients? Is there some secret setting I can manually enable? Or is it only something you guys can push in emergency? ZeroTier is not available via Chocolatey and I have no other means to easily push an update setup at this time.
-
Right now it's a button we can push. There's a signing key we have that we keep in cold storage for it.
We'd like to revisit the update schedule at some point in the future since auto-updating quickly can be a desirable feature if it's done well. But it's very hard to do well, especially with an app that integrates with the OS the way ZeroTier does. ZeroTier has drivers, services, etc.
BTW we had a couple releases in a row over the last week since we were fixing minor issues with route management and default route override / full tunnel, both of which were new and non-trivial. Hopefully it's calmed down now.
-
@adam.ierymenko said in ZeroTier RPM Installer Script Failing:
Right now it's a button we can push. There's a signing key we have that we keep in cold storage for it.
We'd like to revisit the update schedule at some point in the future since auto-updating quickly can be a desirable feature if it's done well. But it's very hard to do well, especially with an app that integrates with the OS the way ZeroTier does. ZeroTier has drivers, services, etc.
BTW we had a couple releases in a row over the last week since we were fixing minor issues with route management and default route override / full tunnel, both of which were new and non-trivial. Hopefully it's calmed down now.
The problem is I have 32 devices all running 1.1.4 and I now need to upgrade them with no simple way to do it.
-
I thought there were simple ways of pushing MSIs to Windows machines. That's why we've worked really hard to keep the installer in MSI format even though it does a number of complex things that Advanced Installer keeps wanting to kick us into the EXE track to accomplish.
What's the current state of the art for managing software installs across Windows machine pools?
-
Also what do most sysadmins think about auto-updates? I know some are -- like in the Linux world -- against auto-updating software and want things to update on a schedule (for obvious reasons).
-
@adam.ierymenko said in ZeroTier RPM Installer Script Failing:
Also what do most sysadmins think about auto-updates? I know some are -- like in the Linux world -- against auto-updating software and want things to update on a schedule (for obvious reasons).
Linux I generally see as against because integrated updates are already inclusive. So the whole YUM Repo integration thing is perfect.
On Windows I generally see the opposite. Since there isn't an existing OS system for this built in, auto-updates from apps makes sense.
-
@adam.ierymenko said in ZeroTier RPM Installer Script Failing:
I thought there were simple ways of pushing MSIs to Windows machines.
In the enterprise doing this with GPO or other tools is possible. Sometimes in the SMB. But often in the SMB there isn't a unified network for this stuff and it isn't very practicable.
-
Hmm... we've wanted to rework updates for quite some time so maybe we'll do something with a setting.
Like I said it's very hard to do... you can fire off a background MSI installer but if it fails you are SOL. Google built an entire auto-update system for Chrome themselves because of this.
Windows software deployment is terrible. Of course Mac is not that much better... you have Apple's absolutely awful app store with its restrictions that exclude almost all interesting desktop software.
-
Do you have anything set up to ssh into these machines? If so you might be able to ssh in and run the MSI installer with a single command line. Maybe we can create a Windows equivalent of
curl|bash
?(
curl|bash
is proof that software deployment across the diverse Linux ecosystem is not that much better than Windows or Mac... but at least Linux being fully OSS has an excuse.) -
@adam.ierymenko said in ZeroTier RPM Installer Script Failing:
Do you have anything set up to ssh into these machines? If so you might be able to ssh in and run the MSI installer with a single command line. Maybe we can create a Windows equivalent of
curl|bash
?(
curl|bash
is proof that software deployment across the diverse Linux ecosystem is not that much better than Windows or Mac... but at least Linux being fully OSS has an excuse.)Except that you are comparing a family of operating systems to a single OS. And the Linux approach is STILL easier. If you were comparing a single OS (CentOS or Ubuntu) to Windows you'd have no reason for that approach.
Plus you are setting up repos, not just deploying. So you are handling a family of OSes to a full order or magnitude more powerful and complex of an approach than you are even trying to do on Windows.
-
Agreed. Linux is fragmented into many distributions and it's still easier.
-
The most expensive piece of software ZeroTier, Inc. has ever purchased is Advanced Installer, a Windows installer builder. We needed the full enterprise version. Worth every penny.
-
Actually I'm heading over to their site to see what kind of auto-update stuff they have. I know they have something. If it's included we might start using it.
-
GPO works great as SAM said, but even if you can't use GPO you can use products such as PDQ Deploy.
-
@Jstear said in ZeroTier RPM Installer Script Failing:
GPO works great as SAM said, but even if you can't use GPO you can use products such as PDQ Deploy.
And they have to be setup and maintained.
-
@adam.ierymenko said in ZeroTier RPM Installer Script Failing:
Actually I'm heading over to their site to see what kind of auto-update stuff they have. I know they have something. If it's included we might start using it.
Get ZeroTier added to Chocolatey. Then I will be happy. I already update most things with Chocolatey now.
-
@JaredBusch said in ZeroTier RPM Installer Script Failing:
@adam.ierymenko said in ZeroTier RPM Installer Script Failing:
Actually I'm heading over to their site to see what kind of auto-update stuff they have. I know they have something. If it's included we might start using it.
Get ZeroTier added to Chocolatey. Then I will be happy. I already update most things with Chocolatey now.
I would love to see ZeroTier in the Chocolatey repos, and I bet that it would encourage adoption, too, because people like to try things that they find in there.
-
Will check that out... thanks!
The real problem is that none of us use Windows for our primary environment. We use Macs for desktop and Linux for servers/cloud, so that's where the love goes. But the entire SMB and corporate world uses Windows so we do need to spend more time on that platform.
-
Yeah Chocolatey looks cool but the site looks like it was designed in the 2000s! So not hipster enough for us.