Updated OS package repo docs (#31541)

* Updated OS package repo docs * Fixed linter issues * Added table for repo channel info on ent installations * Fixed import path
gravitational · Sep 18, 2023 · 6f462de · 6f462de
1 parent 0111c24
commit 6f462de
Show file tree

Hide file tree

Showing 9 changed files with 86 additions and 29 deletions.
diff --git a/docs/cspell.json b/docs/cspell.json
@@ -166,6 +166,7 @@
     "SIEM",
     "SIGINT",
     "SLAVEOF",
+    "SLES",
     "SLOWLOG",
     "SSUBSCRIBE",
     "SSWS",
@@ -224,6 +225,7 @@
     "acpi",
     "actionstest",
     "adcli",
+    "addrepo",
     "addserver",
     "adduser",
     "adutil",
@@ -712,6 +714,7 @@
     "signup",
     "skipreconcile",
     "slacktokenfromsecret",
+    "sles",
     "snowsql",
     "splunkd",
     "splunkd",

diff --git a/docs/pages/architecture/agent-update-management.mdx b/docs/pages/architecture/agent-update-management.mdx
@@ -62,8 +62,8 @@ For this reason, all updaters must subscribe to a release channel targeting
 versions that are compatible with their Teleport cluster. Teleport Cloud users
 must use the Teleport Cloud version server with the `stable/cloud` release
 channel. Self-hosted Teleport users must host their own version server and
-updater their release channel each time they update their Auth and Proxy
-instances.
+either update their release channel each time they update their Auth and Proxy
+instances, or use the `stable/rolling` channel.
 
 ### Teleport Cloud
 

diff --git a/docs/pages/includes/cloud/install-linux-cloud.mdx b/docs/pages/includes/cloud/install-linux-cloud.mdx
@@ -1,5 +1,5 @@
   <Tabs>
-  <TabItem label="Debian 8+/Ubuntu 16.04+ (apt)">
+  <TabItem label="Debian 9+/Ubuntu 16.04+ (apt)">
 
   Add the Teleport repository to your repository list:
 
@@ -9,7 +9,7 @@
   -o /usr/share/keyrings/teleport-archive-keyring.asc
   # Source variables about OS version
   $ source /etc/os-release
-  # Add the Teleport apt repository for cloud.
+  # Add the Teleport APT repository for cloud.
   $ echo "deb [signed-by=/usr/share/keyrings/teleport-archive-keyring.asc] \
   https://apt.releases.teleport.dev/${ID?} ${VERSION_CODENAME?} stable/cloud" \
   | sudo tee /etc/apt/sources.list.d/teleport.list > /dev/null
@@ -19,16 +19,16 @@
   ```
 
   </TabItem>
-  <TabItem label="Amazon Linux 2/RHEL 7 (yum)">
+  <TabItem label="Amazon Linux 2/RHEL 7/CentOS 7 (yum)">
 
   ```code
   # Source variables about OS version
   $ source /etc/os-release
-  # Add the Teleport yum repository for cloud.
-  # First, get the major version from $VERSION_ID so this fetches the correct
+  # Add the Teleport YUM repository for cloud.
+  # First, get the OS major version from $VERSION_ID so this fetches the correct
   # package version.
   $ VERSION_ID=$(echo $VERSION_ID | grep -Eo "^[0-9]+")
-  $ sudo yum-config-manager --add-repo "$(rpm --eval "https://yum.releases.teleport.dev/$ID/$VERSION_ID/Teleport/%{_arch}/stable/cloud/teleport.repo")"
+  $ sudo yum-config-manager --add-repo "$(rpm --eval "https://yum.releases.teleport.dev/$ID/$VERSION_ID/Teleport/%{_arch}/stable/cloud/teleport-yum.repo")"
   $ sudo yum install teleport-ent-updater
   #
   # Tip: Add /usr/local/bin to path used by sudo (so 'sudo tctl users add' will work as per the docs)
@@ -41,12 +41,12 @@
   ```code
   # Source variables about OS version
   $ source /etc/os-release
-  # Add the Teleport yum repository for cloud.
-  # First, get the major version from $VERSION_ID so this fetches the correct
+  # Add the Teleport YUM repository for cloud.
+  # First, get the OS major version from $VERSION_ID so this fetches the correct
   # package version.
   $ VERSION_ID=$(echo $VERSION_ID | grep -Eo "^[0-9]+")
   # Use the dnf config manager plugin to add the teleport RPM repo
-  $ sudo dnf config-manager --add-repo "$(rpm --eval "https://yum.releases.teleport.dev/$ID/$VERSION_ID/Teleport/%{_arch}/stable/cloud/teleport.repo")"
+  $ sudo dnf config-manager --add-repo "$(rpm --eval "https://yum.releases.teleport.dev/$ID/$VERSION_ID/Teleport/%{_arch}/stable/cloud/teleport-yum.repo")"
   
   # Install teleport
   $ sudo dnf install teleport-ent-updater
@@ -55,5 +55,22 @@
   # echo "Defaults    secure_path = /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin" > /etc/sudoers.d/secure_path
   ```
 
+  </TabItem>
+  <TabItem label="SLES 12 SP5+ and 15 SP5+ (zypper)">
+
+  ```code
+  # Source variables about OS version
+  $ source /etc/os-release
+  # Add the Teleport Zypper repository for cloud.
+  # First, get the OS major version from $VERSION_ID so this fetches the correct
+  # package version.
+  $ VERSION_ID=$(echo $VERSION_ID | grep -Eo "^[0-9]+")
+  # Use Zypper to add the teleport RPM repo
+  $ sudo zypper addrepo --refresh --repo $(rpm --eval "https://zypper.releases.teleport.dev/$ID/$VERSION_ID/Teleport/%{_arch}/stable/cloud/teleport-zypper.repo")
+  
+  # Install teleport
+  $ sudo zypper install teleport-ent-updater
+  ```
+
   </TabItem>
   </Tabs>
diff --git a/docs/pages/includes/install-linux-ent-self-hosted.mdx b/docs/pages/includes/install-linux-ent-self-hosted.mdx
@@ -1,5 +1,5 @@
 <Tabs>
-<TabItem label="Debian 8+/Ubuntu 16.04+ (apt)">
+<TabItem label="Debian 9+/Ubuntu 16.04+ (apt)">
 
 ```code
 # Download Teleport's PGP public key
@@ -47,6 +47,31 @@ For FedRAMP/FIPS-compliant installations, install the `teleport-ent-fips` packag
 $ sudo yum install teleport-ent-fips
 ```
 
+</TabItem>
+<TabItem label="Amazon Linux 2/RHEL 7 (yum)">
+
+```code
+# Source variables about OS version
+$ source /etc/os-release
+# Add the Teleport Zypper repository for v(=teleport.major_version=). You'll need to update this
+# file for each major release of Teleport.
+# First, get the OS major version from $VERSION_ID so this fetches the correct
+# package version.
+$ VERSION_ID=$(echo $VERSION_ID | grep -Eo "^[0-9]+")
+# Use zypper to add the teleport RPM repo
+$ sudo zypper addrepo --refresh --repo $(rpm --eval "https://zypper.releases.teleport.dev/$ID/$VERSION_ID/Teleport/%{_arch}/stable/cloud/teleport-zypper.repo")
+$ sudo yum install teleport-ent
+#
+# Tip: Add /usr/local/bin to path used by sudo (so 'sudo tctl users add' will work as per the docs)
+# echo "Defaults    secure_path = /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin" > /etc/sudoers.d/secure_path
+```
+
+For FedRAMP/FIPS-compliant installations, install the `teleport-ent-fips` package instead:
+
+```code
+$ sudo yum install teleport-ent-fips
+```
+
 </TabItem>
 <TabItem label="Amazon Linux 2023/RHEL 8+ (dnf)">
 

diff --git a/docs/pages/includes/install-linux.mdx b/docs/pages/includes/install-linux.mdx
@@ -27,9 +27,13 @@ Select an edition, then follow the instructions for that edition to install Tele
   </TabItem>
   <TabItem label="Enterprise" scope="enterprise">
   (!docs/pages/includes/install-linux-ent-self-hosted.mdx!)
+
+  (!docs/pages/includes/repo-channels.mdx!)
   </TabItem>
   <TabItem label="Enterprise Cloud" scope="cloud">
   (!docs/pages/includes/cloud/install-linux-cloud.mdx!)
+
+  (!docs/pages/includes/repo-channels.mdx!)
   <Details title="Is my Teleport instance compatible with Teleport Enterprise Cloud?">
 
   Before installing a `teleport` binary with a version besides v(=cloud.major_version=),

diff --git a/docs/pages/includes/repo-channels.mdx b/docs/pages/includes/repo-channels.mdx
@@ -0,0 +1,10 @@
+### OS repository channels
+
+The following channels are available for APT, YUM, and Zypper repos. They may be used in place of
+`stable/v(=teleport.major_version=)` anywhere in the Teleport documentation.
+
+| Channel name      | Description                                                                                |
+|-------------------|--------------------------------------------------------------------------------------------|
+| `stable/<major>`  | Receives releases for the specified major release line, i.e. `v(=teleport.major_version=)` |
+| `stable/cloud`    | Rolling channel that receives releases compatible with current Cloud version               |
+| `stable/rolling`  | Rolling channel that receives all published Teleport releases                              |
diff --git a/docs/pages/installation.mdx b/docs/pages/installation.mdx
@@ -31,7 +31,7 @@ running Teleport on UNIX variants other than Linux \[1].
 
 | Operating System | `teleport` Daemon | `tctl` Admin Tool | `tsh` and Teleport Connect User Clients [2] | Web UI (via the browser) | `tbot` Daemon |
 | - | - | - | - | - | - |
-| Linux v2.6.23+ (RHEL/CentOS 7+, Ubuntu 14.04+, and Debian 8+) \[3] | yes | yes | yes | yes | yes |
+| Linux v2.6.23+ (RHEL/CentOS 7+, Amazon Linux 2+, Amazon Linux 2023+, Ubuntu 16.04+, Debian 9+, SLES 12 SP 5+, and SLES 15 SP 5+) \[3] | yes | yes | yes | yes | yes |
 | macOS v10.13+  (High Sierra)| yes | yes | yes | yes | yes |
 | Windows 10+ (rev. 1607) \[4] | no | no | yes | yes | no |
 
@@ -54,23 +54,24 @@ All installations include `teleport`, `tsh`, `tctl`, and `tbot`.
 
 Some Teleport features have additional requirements:
 
-| Feature                                                                        | Requirement   | Debian                   | Ubuntu   | CentOS/RHEL | Amazon Linux            |
-|--------------------------------------------------------------------------------|---------------|--------------------------|----------|-------------|------------------------|
-| [Enhanced Session Recording](./server-access/guides/bpf-session-recording.mdx) | Kernel  v5.8+ | 11, or 10 with backports | 20.04.2+ | 9+          | 2 (post 11/2021), 2023 |
-| Automatic Updates                                                              | systemd-based | 8+                       | 16.04+   | 7+          | 2, 2023                |
-| Installation through apt/yum repos                                             | systemd-based | 8+                       | 16.04+   | 7+          | 2, 2023                |
+| Feature                                                                        | Requirement   | Debian                   | Ubuntu   | CentOS/RHEL | Amazon Linux           | SLES           |
+|--------------------------------------------------------------------------------|---------------|--------------------------|----------|-------------|------------------------|----------------|
+| [Enhanced Session Recording](./server-access/guides/bpf-session-recording.mdx) | Kernel  v5.8+ | 11, or 10 with backports | 20.04.2+ | 9+          | 2 (post 11/2021), 2023 | 12 SP5, 15 SP5 |
+| Automatic Updates                                                              | systemd-based | 9+                       | 16.04+   | 7+          | 2, 2023                | 12 SP5, 15 SP5 |
+| Installation through apt/yum/zypper repos                                      | systemd-based | 9+                       | 16.04+   | 7+          | 2, 2023                | 12 SP5, 15 SP5 |
 
 <Admonition type="note">
-`apt` and `yum` repos don't expose packages for all distribution variants.
+`apt`, `yum`, and `zypper` repos don't expose packages for all distribution variants.
 When following installation instructions, you might need to replace `ID` with
 `ID_LIKE` to install packages of the closest supported distribution.
 
 Currently supported distributions (and `ID`) are:
 - RHEL >= 7 (`rhel`)
 - CentOS >= 7 (`centos`)
-- Debian >= 8 (`debian`)
+- Debian >= 9 (`debian`)
 - Ubuntu >= 16.04 (`ubuntu`)
 - Amazon Linux 2 and 2023 (`amzn`)
+- SLES >= 12 SP5, >= 15 SP5 (`sles`)
 
 </Admonition>
 

diff --git a/docs/pages/management/operations/enroll-agent-into-automatic-updates.mdx b/docs/pages/management/operations/enroll-agent-into-automatic-updates.mdx
@@ -23,8 +23,8 @@ description: How to enroll an agent into automatic updates
 </Details>
 
 Teleport supports automatic agent updates for
-systemd-based Linux distributions using `apt` or `yum` package managers,
-and Kubernetes clusters. The [automatic updates architecture 
+systemd-based Linux distributions using `apt`, `yum`, or `zypper` package
+managers, and Kubernetes clusters. The [automatic updates architecture 
 page](../../architecture/agent-update-management.mdx) describes how agent
 updating works.
 

diff --git a/docs/pages/management/operations/self-hosted-automatic-agent-updates.mdx b/docs/pages/management/operations/self-hosted-automatic-agent-updates.mdx
@@ -14,7 +14,7 @@ description: How to setup automatic agent update for self-hosted Teleport
 </Details>
 
 Teleport supports automatic agent updates for
-systemd-based Linux distributions using `apt` or `yum` package managers,
+systemd-based Linux distributions using `apt`, `yum`, and `zypper` package managers,
 and Kubernetes clusters. The [automatic updates architecture 
 page](../../architecture/agent-update-management.mdx) describes how agent
 updating works.
@@ -27,12 +27,9 @@ already done, or you are a Teleport Cloud user, you can directly
 Systemd agents enrolled into automatic updates can only install versions
 present in their package repositories. As Teleport 14 won't be published to
 `stable/v13`, those agents will require manual intervention to be updated to
-the next major version (adding a new apt/yum repo for `stable/v14`).
-
-This limitation will be fixed before Teleport 14. We'll provide a rolling
-update channel for agents to be able to automatically update from one major
-to another. When this will happen, you will have to update the repos of the
-existing agents to point to the new repo.
+the next major version (adding a new APT/YUM/zypper repo for `stable/v14`).
+Alternatively, you can use the `stable/rolling` channel, which contains
+Teleport v13.3.2 forward, including future major releases.
 
 </Admonition>