Update cloudflared
Updates will cause cloudflared
to restart which will impact traffic currently being served. You can perform zero-downtime upgrades by using Cloudflare’s Load Balancer product or by using multiple cloudflared
instances.
Remotely-managed tunnels
To update cloudflared
for a tunnel created through the dashboard:
Run the following command:
PS C:\> cloudflared update
This updates cloudflared
and automatically restarts the service.
- Update the
cloudflared
package:
$ brew upgrade cloudflared
- Restart the service:
$ sudo launchctl stop com.cloudflare.cloudflared
$ sudo launchctl unload /Library/LaunchDaemons/com.cloudflare.cloudflared.plist
$ sudo launchctl load /Library/LaunchDaemons/com.cloudflare.cloudflared.plist
$ sudo launchctl start com.cloudflare.cloudflared
If installed via apt:
- Update the
cloudflared
package:
$ sudo apt-get upgrade cloudflared
- Restart the service:
$ sudo systemctl restart cloudflared.service
If installed manually via dpkg -i
:
You can check if cloudflared
was installed by a package manager by running ls -la /usr/local/etc/cloudflared/
and looking for .installedFromPackageManager
in the output.
- Update the
cloudflared
package:
$ curl --location --output cloudflared.deb https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64.deb && sudo dpkg -i cloudflared.deb
- Restart the service:
$ sudo systemctl restart cloudflared.service
- Update the
cloudflared
package:
$ sudo yum update cloudflared
- Restart the service:
$ sudo systemctl restart cloudflared.service
- In Zero Trust, go to Networks > Tunnels.
- Select your tunnel and select Configure.
- Select Docker and copy the installation command shown in the dashboard.
- Paste this command into a terminal window.
This creates a new container from the latest cloudflared
image. You can now delete the old container.
If you installed cloudflared
from GitHub-provided binaries or from source, run the following command:
$ cloudflared update
If you installed cloudflared
with a package manager, you must update it using the same package manager. You can check if cloudflared
was installed by a package manager by running ls -la /usr/local/etc/cloudflared/
and looking for .installedFromPackageManager
in the output.
Update with Cloudflare Load Balancer
You can update cloudflared
without downtime by using Cloudflare’s Load Balancer product with your Cloudflare Tunnel deployment.
- Install a new instance of
cloudflared
and create a new Tunnel. - Configure the instance to point traffic to the same locally-available service as your current, active instance of
cloudflared
. - Add the address of the new instance of
cloudflared
into your Load Balancer pool as priority 2. - Swap the priority such that the new instance is now priority 1 and monitor to confirm traffic is being served.
- Once confirmed, you can remove the older version from the Load Balancer pool.
Update with multiple cloudflared
instances
If you are not using Cloudflare’s Load Balancer, you can use multiple instances of cloudflared
to update without the risk of downtime.
- Install a new instance of
cloudflared
and create a new Tunnel. - Configure the instance to point traffic to the same locally-available service as your current, active instance of
cloudflared
. - In the Cloudflare DNS dashboard, replace the address of the current instance of
cloudflared
with the address of the new instance. Save the record. - Remove the now-inactive instance of
cloudflared
.
Run multiple instances in Windows
Windows systems require services to have a unique name and display name. You can run multiple instances of cloudflared
by creating cloudflared
services with unique names.
- Install and configure
cloudflared
. - Next, create a service with a unique name and point to the
cloudflared
executable and configuration file.
sc.exe create <unique-name> binPath='<path-to-exe>' --config '<path-to-config>' displayname="Unique Name"
Proceed to create additional services with unique names.
You can now start each unique service.
sc.exe start <unique-name>