Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Teleport 9 rpms don't work on CentOS 7 #10686

Closed
r0mant opened this issue Mar 1, 2022 · 2 comments
Closed

Teleport 9 rpms don't work on CentOS 7 #10686

r0mant opened this issue Mar 1, 2022 · 2 comments
Assignees
@fheinecke
Labels
bug release-engineering

Comments

@r0mant
Copy link
Collaborator

r0mant commented Mar 1, 2022

Description

Teleport binaries that currently get packaged inside .rpm's that we publish to both rpm repo and those on our downloads page are currently built on Ubuntu that has a newer glibc and as such do not work on CentOS 7. I.e. these binaries are the same that are present inside our regular Linux 64-bit tarball instead of Linux 64-bit (RHEL/CentOS 7.x compatible).

These binaries require a newer version of glibc and as such do not run on CentOS 7:

[centos@ip-172-31-94-185 ~]$ wget https://get.gravitational.com/teleport-9.0.0-beta.1-1.x86_64.rpm
[centos@ip-172-31-94-185 ~]$ sudo rpm -i teleport-9.0.0-beta.1-1.x86_64.rpm
[centos@ip-172-31-94-185 ~]$ teleport version
teleport: /lib64/libc.so.6: version `GLIBC_2.25' not found (required by teleport)
teleport: /lib64/libc.so.6: version `GLIBC_2.18' not found (required by teleport)

Instead, our rpms should contain same binaries that are present inside CentOS 7 compatible package i.e. the ones that are built using CentOS 7 buildbox - the one that builds build-linux-amd64-centos7 and build-linux-amd64-centos7-fips targets.

For the previous major release, Teleport 8, this was addressed in a hacky way that only updated rpms published to the rpm repo to be CentOS 7 compatible and we never went back and addressed this properly. We should do that before Teleport 9 release. Here's the commit with the v8 fix for reference: c0a1e07.
@r0mant r0mant added the bug label Mar 1, 2022
@fheinecke
Copy link
Contributor

There's a few different solutions that I see here:

  • Start releasing Teleport in OS-specific channels. Lots of repos do this, it's just not something we've had a need for up to this point so I didn't mention it in my RFD.
  • Statically link our binaries. This would solve to issue permanently for all systems, but comes with the drawback of larger file sizes and needing to push an update for each glibc version.
  • Require clients to build Teleport themselves if they're on CentOS 7 or earlier. Not ideal as this raises the barrier for entry and increases maintenance.

Any thoughts on which solution would be best here?

Also, do we have a policy/list of what OS versions we support somewhere?

@r0mant
Copy link
Collaborator Author

r0mant commented Mar 1, 2022

@fheinecke We already have Dockerfile-centos7 and Dockerfile-centos7-fips buildboxes that are used to build CentOS 7 compatible binaries (build-linux-amd64-centos7 and fips counterpart). For now we just need to make sure that these binaries are being used in the RPMs that we publish (build-linux-amd64-rpm).

@fheinecke fheinecke mentioned this issue Mar 9, 2022
Merged
@r0mant r0mant closed this as completed Mar 14, 2022
@zmb3 zmb3 mentioned this issue Apr 1, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@fheinecke fheinecke

Labels
bug release-engineering
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@r0mant @zmb3 @fheinecke