Open LostOnTheLine opened 1 year ago
sudarshan-reddy
commented
1 year ago This is indeed old information. Ideally, you can achieve this now by simply using replicas: https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/install-and-setup/deploy-cloudflared-replicas/
We should get this instruction set updated.
cc: @obezuk
LostOnTheLine
commented
1 year ago A few issues. I'm trying to follow the details of the page but it's instructions differ from other instructions I've followed. I decided to just try to update my cloudflared as it seemed easier... but it doesn't work. doing cloudflared update returns cloudflared has been updated but then a version check says the old version is installed.
PS C:\Users\LostO> cloudflared update
2023-02-04T18:30:48Z INF cloudflared has been updated version=2023.2.1
cloudflared has been updated to version 2023.2.1
PS C:\Users\LostO> cloudflared version
cloudflared version 2022.12.1 (built 2022-12-20-1252 UTC)I tried restarting, sc stop cloudflared all with the same results.
So I uninstalled it & reinstalled it using the method outlined in the link you provided... or at least I tried to...
First, download cloudflared on your machine. Visit the downloads page to find the right package for your OS.
Next, rename the executable to cloudflared.exe, and then open PowerShell. Change directory to your Downloads folder and run .\cloudflared.exe --version. It should output the version of cloudflared. Note that cloudflared.exe could be cloudflared-windows-amd64.exe or cloudflared-windows-386.exe if you havenāt renamed it.
Replace the path in the example with the specifics of your Downloads directory:
PS C:\Users\Administrator\Downloads\cloudflared-stable-windows-amd64> .\cloudflared.exe --version I replaced the directory to the Download directory I used, while CDed into that directory
PS K:\Services\Download\Install\Cloudflared> .\cloudflared.exe --versionBut it returns an error
Get-Process: A positional parameter cannot be found that accepts argument '.\cloudflared.exe'.
If I run the PS command cloudflared is not on the list because, well, it was never installed... It's still in the download directory...
Having that not work I went with the install that I originally used, from the Cloudflare Zero Trust dashboard, but stopping after running the installer to finish using the provided method
Install and run a connector To connect your tunnel to Cloudflare, copy-paste one of the following commands into a terminal window. Remotely managed tunnels require that you install cloudflared 2022.03.04 or later. Download https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-windows-amd64.msi.
Run the installer.
Open Command Prompt as Administrator. Run the following command:
$ cloudflared.exe service install eyJ...###REDACTED###...iJ9
The next part of the instructions is seriously lacking
- Authenticate cloudflared
cloudflared tunnel loginRunning this command will: Open a browser window and prompt you to log in to your Cloudflare account. After logging in to your account, select your hostname. Generate an account certificate, the cert.pem file, in the default cloudflared directory.
Open a browser window and prompt you to log in to your Cloudflare account. After logging in to your account, select your hostname. I don't understand what I am supposed to do here... I have multiple domains that I use with my tunnel, so I don't know what it wants me to select... If I select one does it mean I can only use that one? That's counter-productive...
- Create a tunnel and give it a name
cloudflared tunnel create <NAME>Running this command will:
Create a tunnel by establishing a persistent relationship between the name you provide and a UUID for your tunnel. At this point, no connection is active within the tunnel yet. Generate a tunnel credentials file in the default cloudflared directory. Create a subdomain of .cfargotunnel.com. From the output of the command, take note of the tunnelās UUID and the path to your tunnelās credentials file.
Confirm that the tunnel has been successfully created by running:
cloudflared tunnel list
I already have a tunnel created, & I have over 40 hostnames on the tunnel, so creating a new one is very cumbersome & the instructions don't give me confidence that it will even work, plus it shouldn't be necessary. I can finish the Zero Trust instructions but that leads to problems later.
- Create a configuration file Create a configuration file in your .cloudflared directory using any text editor. This file will configure the tunnel to route traffic from a given origin to the hostname of your choice.
Add the following fields to the file:
If you are connecting an application
url: http://localhost:8000 tunnel: <Tunnel-UUID> credentials-file: /root/.cloudflared/<Tunnel-UUID>.jsonIf you are connecting a network
tunnel: <Tunnel-UUID> credentials-file: /root/.cloudflared/<Tunnel-UUID>.json warp-routing: enabled: trueConfirm that the configuration file has been successfully created by running:
cat config.yml
Since I didn't create the tunnel I don't have a credentials-file that I can find. Doing a search for Default cloudflared location for Windows says that it should be C:\Cloudflared\bin but C:\Cloudflared doesn't exist. & the only thing in the $USERNAME$\.cloudflared directory is cert.pem. On my 2nd system, the one I want to add a replica on, if I try to follow the instructions for a replica
In a separate window or on another host, run the same command again:
cloudflared tunnel run <NAME>This will initialize another cloudflared instance and generate another connector_id.
I get the following
root@server:~# cloudflared tunnel run TunnelName
tunnel credentials file not foundThis is a different machine, so it doesn't have a credentials file, I can't create one following the instructions because they only tell you to create a new tunnel, not how to connect to an existing one. It says
In a separate window or on another host
But on another host you need to create the tunnel to have it's credentials file, which can't be the existing one, so there's no way for it to work properly. I was trying to find the credentials file on the original machine (Windows) but I can't find it anywhere. It's not in the directory outlined here
| OS | Path to default directory |
|---|---|
| Windows | %USERPROFILE%\.cloudflared |
This page says it's at credentials-file: C:\Windows\System32\config\systemprofile\.cloudflared\<Tunnel-ID>.json but that directory .cloudflared\ doesn't exist either.
I'm not sure what else I can do, but the instructions are unusable
threepeakschallenge
commented
1 year ago I believe @LostOnTheLine is referring to updating cloudflared itself. How does running multiple replicas help with this?
It currently appears that there isn't a documented method of updating cloudflared on a single Windows host without downtime, or temporarily opening the origin to normal web traffic.
Describe the bug On the documents page https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/install-and-setup/installation it lists an option to
Updating with multiple cloudflared instanceswith the following instructionsStep 2
Configure the instance to point traffic to the same locally-available service as your current, active instance of cloudflareddoes not seem to be possible. I believe it is saying to, in the New Tunnel I created in Step 1, create the same routing addresses, which is a lot when you have multiple addresses, but when done returns the errorTo complete the setup I need to create a new subdomain. But even when I do I then attempt to follow Step 3
In the Cloudflare DNS dashboard, replace the address of the current instance of cloudflared with the address of the new instance. Save the record.Which seems to be saying I need to go to the Regular Dashboard not the Zero Trust dashboard, as there is no DNS dashboard there. Assuming that to be correct, as it is the closest I can find, I select the domain, selectDNS>[Records], edit the CNAME record that I created, copy theTarget& replace theTargetin the other DNS subdomains. But the new subdomain does not appear in the Zero Trust dashboard for me to route, they do not connect to the location of the original one, they lead to a genericEven after step 4, removing the other one, it does not work
Environment and versions
2022.12.1 (built 2022-12-20-1252 UTC)(Windows) &2023.1.0 (built 2023-01-16-0850 UTC)Debian