[teleport-update] Add link subcommand #48712
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
sclevine
force-pushed
the
sclevine/teleport-update-link
branch
from
84bac8f to
3b37722
Compare
sclevine
added
the
no-changelog
zmb3
approved these changes
Nov 13, 2024
|
Could use one more review when someone has a chance 🙂 |
vapopov
approved these changes
Nov 14, 2024
public-teleport-github-review-bot
bot
removed the request for review
from probakowski
public-teleport-github-review-bot
bot
removed request for
hugoShaka and
Joerger
This was referenced Nov 19, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR adds the
linksubcommand to theteleport-updatecommand.This subcommand will allow the
teleportRPM and DEB packages to co-exist with versions of Teleport that are installed by theteleport-updatebinary, by ensuring that Teleport binaries installed by the package into/usr/local/teleport-systemare always linked to/usr/localwhen noteleport-update-managed installation is present.The
linksubcommand links the system (package) installation of Teleport from/usr/local/teleport-systemto/usr/local/{bin,lib/systemd/system}. This subcommand will be executed by theteleportpackage's postinst script to ensure that when auto-updates are disabled, the package continues to function as it does today. See the RFD linked below for more details.Note that the Teleport package will have its files moved into
/usr/local/teleport-systemin a future PR. This command is not useful until this packaging change is complete.This PR also fixes the following small bugs related to linking:
teleport.servicemust be copied instead of linked, sincesystemctl enableresolves multi-level linksteleport-entas the top-level directoryThis is the sixth in a series of PRs implementing
teleport-update:Update Command: #48244
Reloading with rollbacks: #47929
Linking: #47879
Enable Command: #47565
Initial scaffolding PR: #46418
The
teleport-updatebinary will be used to enable, disable, and trigger automatic Teleport agent updates. The new auto-updates system manages a local installation of the cluster-specified version of Teleport stored in/var/lib/teleport/versions.RFD: #47126
Goal (internal): https://github.com/gravitational/cloud/issues/10289
Examples:
bash$ sudo ./teleport-update update 2024-11-12T23:02:56Z INFO [UPDATER] Update available. Initiating update. target_version:17.0.0-beta.1 active_version:18.0.0-dev.updates.2 agent/updater.go:435 2024-11-12T23:03:56Z INFO [UPDATER] Version already present. version:17.0.0-beta.1 agent/installer.go:140 2024-11-12T23:03:56Z INFO [UPDATER] Target version successfully installed. target_version:17.0.0-beta.1 agent/updater.go:510 2024-11-12T23:03:56Z INFO [UPDATER] Teleport gracefully reloaded. agent/process.go:74 2024-11-12T23:03:56Z INFO [UPDATER] Backup version set. backup_version:18.0.0-dev.updates.2 agent/updater.go:535 2024-11-12T23:03:56Z INFO [UPDATER] Configuration updated. agent/updater.go:450 bash$ sudo ./teleport-update link 2024-11-12T23:11:02Z INFO [UPDATER] Automatic updates enabled. Skipping system package link. active_version:17.0.0-beta.1 agent/updater.go:626 bash$ sudo ./teleport-update disable bash$ sudo ./teleport-update link ERROR: failed to link system package installation: failed to find Teleport binary directory: open /usr/local/teleport-system/bin: no such file or directory bash$ sudo cp -r /var/lib/teleport/versions/17.0.0-beta.1 /usr/local/teleport-system bash$ sudo ./teleport-update link 2024-11-13T01:42:18Z WARN [UPDATER] Automatic updates disabled, but a non-package version of Teleport is linked. active_version:17.0.0-beta.1 agent/updater.go:633 bash$ sudo rm /usr/local/bin/{teleport,tsh,tctl,tbot,fdpass-teleport} bash$ sudo rm /usr/local/lib/systemd/system/teleport.service bash$ sudo ./teleport-update link 2024-11-13T01:47:01Z INFO [UPDATER] Successfully linked system package installation. agent/updater.go:638 bash$ ls -l /usr/local/bin/ lrwxrwxrwx 1 root root 46 Nov 13 01:47 fdpass-teleport -> /usr/local/teleport-system/bin/fdpass-teleport lrwxrwxrwx 1 root root 35 Nov 13 01:47 tbot -> /usr/local/teleport-system/bin/tbot lrwxrwxrwx 1 root root 35 Nov 13 01:47 tctl -> /usr/local/teleport-system/bin/tctl lrwxrwxrwx 1 root root 39 Nov 13 01:47 teleport -> /usr/local/teleport-system/bin/teleport lrwxrwxrwx 1 root root 34 Nov 13 01:47 tsh -> /usr/local/teleport-system/bin/tsh bash$ ls -l /usr/local/lib/systemd/system -rw-r--r-- 1 root root 435 Nov 13 01:47 teleport.service