Closed klizhentas closed 1 year ago
Feedback from customer c-tm
-> Able to do the upgrade in a controlled fashion for PCI reasons. Staged Deployment.
-> OSS Mirror / RPM. Internally then promote those repos to sets of systems.
Best: 10 Worst: 25
Target for design document is mid-August and beta is mid-September.
Ideally for Debian/Ubuntu users, there'd be a Teleport repo so that users can download/install new versions when they run apt update/upgrade.
++ for this feature :)
Phase | PR | Date |
---|---|---|
~Phase 0: RFD~ | ~#10690~ | ~Q1 2022~ |
~Phase 1: Inventory Control~ | ~#12715~ | ~Q2 2022 - Teleport 10~ |
~Phase 2: Notification-only~ | ~Q3 2022 - Teleport 10.2~ | |
Phase 3: Script-based Upgrades | Q4 2022 - Teleport 11.2 | |
Phase 4: Cloud | ||
Phase 5: TUF-based Upgrades | Q1 2023 - Teleport 12.x | |
Phase 6: Anonymized metrics | Unknown |
apt
/rpm
, curl
, etc)tctl
) run script on defined subset of nodes to upgradeAdd automatic enrollment into script-based upgrades for all Cloud tenants.
@klizhentas @xinding33 @fspmarshall
Long term our plan is for OSS users to opt-in to anonymized metrics to use script-based upgrades.
However, for 11.2 we don't have any thing to anonymize metrics for OSS users or infrastructure to receive anonymized metrics.
I propose we still prompt OSS users to opt-in to anonymized metrics when using script-based upgrades. Nothing will actually be sent, it will just be a prompt that requires the user to accept. If we don't do this now and wait until have infrastructure to receive anonymized metrics it will feel like we are taking something away from users.
What do you think?
@russjones
This upgrade system metrics section is obsolete because it was written pre-posthog. Please updated it to make it similar to connect anonymized metrics RFD that use pre-hog (our anonymized collection endpoint)
I'm going to close this in favor of #21516, which is more up to date with our latest thinking on this topic.
Description
Teleport should support automatic upgrade system both for clients and servers
Rationale
Automatic upgrades improve security of the system, improve user experience through delivering newer versions, reduce the amount of support by keeping large deployments of infrastructure up to date.
Design
TBD.