Windows Server runs best in Microsoft Azure, especially when you look at the great management capabilities like Azure Automanage. At Microsoft Ignite, the team announced the new Windows Server 2022 Azure edition and some great new features for Azure Automanage and one called hotpatch for Windows Server Azure virtual machines (VMs). Yes, this allows you to patch and install updates to your Window Server VMs in Azure without requiring a reboot.
Since I was part of this preview feature, I am happy to finally publicly talk and write about this feature. Hotpatching is a new way to install updates on new Windows Server Azure Edition virtual machines (VMs) that doesn’t require a reboot after installation and comes with the following benefits:
- Lower workload impact with less reboots
- Faster deployment of updates as the packages are smaller, install faster, and have easier patch orchestration with Azure Update Manager
- Better protection, as the Hotpatch update packages are scoped to Windows security updates that install faster without rebooting
You can find more about this feature on Microsoft Docs.
Hotpatch works by first establishing a baseline with a Windows Update Latest Cumulative Update. Hotpatches are periodically released (for example, on the second Tuesday of the month) that build on that baseline. Hotpatches will contain updates that don’t require a reboot. Periodically (starting at every three months), the baseline is refreshed with a new Latest Cumulative Update.
Microsoft Docs
There are two types of baselines: Planned baselines and unplanned baselines.
- Planned baselines are released on a regular cadence, with hotpatch releases in between. Planned baselines include all the updates in a comparable Latest Cumulative Update for that month, and require a reboot.
- Unplanned baselines are released when an important update (such as a zero-day fix) is released, and that particular update can’t be released as a Hotpatch. When unplanned baselines are released, a hotpatch release will be replaced with an unplanned baseline in that month. Unplanned baselines also include all the updates in a comparable Latest Cumulative Update for that month, and also require a reboot.
You can find more details on how hotpatch for Windows Server Azure VMs works, on Microsoft Docs.
How to get started with Hotpatch for Windows Server Azure Virtual Machines
Now you can start using hotpatching for new Azure VMs running Windows Server 2022 Datacenter: Azure Edition Core Gen2.
Deploy a new Azure VM with hotpatch for Windows Server enabled
To use this feature you currently need to deploy a new Azure virtual machine running the Windows Server 2022 Datacenter: Azure Edition Core Gen2 image.
Now on the create page make sure you still have the Windows Server 2022 Datacenter: Azure Edition Core Gen2 selected.
To use this feature you currently need to deploy a new Azure virtual machine running the Windows Server 2022 Datacenter: Azure Edition Core Gen2 image.
Now on the create page make sure you still have the Windows Server 2022 Datacenter: Azure Edition Core Gen2 selected.
If you now go to the virtual machines, you can manage the patch settings and review the patch status of your Azure virtual machine.
Here you can find an overview of missing updates of the virtual machine. If you don’t have an assessment right now (since you just deployed the VM, you can trigger it by pressing Access now.)
Conclusion
Azure Automanage is an excellent feature to automatically manage your Azure virtual machines, and with hotpatch for Windows Server VMs, it just became even better! It helps you to reduce reboots of your Windows Server, and with that reduce downtime. And at the same time, makes sure that your servers are patched. If you have any questions, feel free to leave a comment below.
By the way, if you are running Linux VMs in Azure, we have some great news for you too! We now have Automanage for Linux VMs in Azure!
Last modified: February 20, 2022
Hi Thomas, its nice article. Can i know whether its is chargeable from Azure or free
Interesting – would be interesting to know what’s happening under the covers here. Is this something that is dependent on Azure – or can we expect this functionality to be available on other cloud / hypervisor platforms further down the line?
It will included as part of running Azure VMs
What about non-azure servers? You know on-prem wants it too
We announced that this feature will be coming to Azure Stack HCI VMs too