Tag: Install Updates

Azure IaaS VM enable Update Management

How to Manage Updates for Azure IaaS VMs

As a lot of customers are moving their workloads to Azure and specifically moving virtual machines to Azure Infrastructure-as-a-service (IaaS), the question is how do I manage my Azure virtual machines (VMs) efficiently. The great thing about Azure IaaS, it is not just another virtualization platform. Azure IaaS also offers a lot of other benefits versus classic virtualization. Azure IaaS and Azure Management provide a lot of functionality to it make it more efficient to run and manage virtual machines. One of them is Azure Update Management. In this blog post, I am going to show you how you can efficiently manage updates for your Azure IaaS VMs.

Overview and benefits Azure Update Management ☁

The Azure Update Management solution is part of Azure Automation. And with Azure Update Management you can manage operating system updates for your Windows and Linux computers in Azure, in on-premises environments, or in other cloud providers. That is right, it is not only for your Azure VMs, it also works with all your environment and provides you with a single pane of glass for your Update Management. It allows you to quickly assess the status of available updates on all virtual machines and servers, and manage the process of installing required updates for servers.

  • Azure Update Management works with Azure IaaS VMs, on-premise servers and even servers running at other cloud service providers.
  • Update Management supports Linux and Windows servers
  • It is directly integrated into the Azure portal and onboarding of Azure VMs is very simple.
  • It works with existing update sources like Microsoft Update, WSUS or on Linux with private and public update repositories.
  • Azure Update Management can be integrated into System Center Configuration Manager. You can learn more about Azure Update Management and System Center Configuration Manager integration on Microsoft Docs.
  • You can onboard new Azure VMs automatically to Update Management in multiple subscriptions in the same tenant.
Architecture

Architecture

How to onboard Azure IaaS VMs ✈

Onboarding Azure VMs to Azure Update Management is fairly simple and there are many different ways you can enable Update Management for an Azure VM.

One thing I want to highlight is, that you can set up automatic enablement for future virtual machines. With that Azure virtual machines, you create in the future, will automatically be added to the Update Mangement solution.

Onboarding

Onboarding

Since this blog post is all about managing updates for Azure VMs, I will keep it short, but if you want to add servers running on-premises or at other service providers, you can have a look how you can configure Azure Update management from Windows Admin Center. If you are running Azure Stack, you can also easily add your Azure Stack VMs to the Update Management solution.

Update Assesment 📃

Azure Update Management Compliant Assessment

Azure Update Management Compliant Assessment

After you have enabled and connected your virtual machines, Azure Log Analytics and Update Management start to collect data and analyze it and creates a continuous assessment of your Azure VM infrastructure and the additional servers you added. It will let you know which servers are compliant and which updates are missing. In the Azure documentation for Azure Update Management, you can find the schedules and time new updates will be added to the assessment.

Manage and deploy updates to Azure VMs 🔧

After you know which servers are compliant or not, you can schedule an update deployment, to update your servers.

Update Azure VMs using Update Deployment

Update Azure VMs using Update Deployment

An update deployment configuration is done very easily.

  1. Enter a name for the update deployment
  2. Select which operating system you want to target with the deployment (Linux or Windows)
  3. Choose the machines you want to update. You can select specific Azure virtual machines, non-Azure machines, groups, AD, WSUS, SCCM groups and filters.
  4. Select the Update Classifications you want to deploy
  5. Include or exclude updates
  6. Schedule the deployment. You can also create recurring update deployments for example for monthly patching.
  7. Configure pre- and post-scripts
  8. Configure the maintenance window size
  9. Configure the reboot update after the updates are installed

View update deployments ✔

Update Azure VMs Status

Update Azure VMs Status

During and after the duration of the update deployment, you can see an overview of the deployment, which updates on which machine were installed and if they were successful.

Pricing – What does it cost? 💵

Now I know what you are thinking now, this is great, but I am sure Microsoft is making me pay for this. No! there are no charges for the service, you only pay for log data stored in the Azure Log Analytics service. You can find more pricing information here.

Conclusion and Learn more 🎓

Update Management is a great solution to keep your environment up to date. If you want to know more, check out Microsoft Docs or follow this tutorial to onboard Azure VMs. There is also a very good blog series by Microsoft MVP Samuel Erskine. If you don’t have Azure today, create an Azure Free account.

Create free Azure Account ☁

Create your Azure free account today and get started with 12 months of free services!

If you have any questions, let me know in the comments.



Download Azure Stack Update

How to install and manage Azure Stack Updates

At itnetX, we help customers to implement as well as to operate  Azure Stack. One part of operating Azure Stack is keeping it up-to-date. This means installing Microsoft Azure Stack Updates, hotfixes as well as OEM update packages like drivers and firmware. In this blog post, I will cover all the information you need to keep your Azure Stack up-to-date.

Why should you update your Azure Stack

Azure Stack Update

This may sound like a simple question, but a lot of people ask for it. First of all, Microsoft and the hardware vendors are delivering quality fixes and security updates to keep Azure Stack stable and secure. But Microsoft also adds new functionality with their updates packages to keep up with the rapid cloud development on Azure. This is important if you want that your Azure Stack stays consistent with Azure in terms of functionality.

Another essential reason to stay current is to remain supported. You are allowed to be behind two major versions of Azure Stack, which means 2-3 months. You basically should update monthly, to make sure that you are secure and stable. However, there are reasons why you might have to defer an update. For example, this can happen for some companies, when they are in a freeze period where they are not allowed to do changes in their systems. If you are more than three major versions behind, your Azure Stack is considered out of support and will not be supported from Microsoft, until you have the at least required version installed.

You can read more about the Azure Stack servicing policy on the Azure Stack documentation site.

Updates for the Azure Stack Integrated System

Azure Stack Operations

As mentioned before, there are three types of updates to Azure Stack. The monthly Azure Stack Update Packages from Microsoft, Hotfixes, and OEM updates.

  • Microsoft software updates – Microsoft is responsible for the end-to-end servicing lifecycle for the Microsoft software update packages. These packages can include the latest Windows Server security updates, non-security updates, and Azure Stack feature updates. These update packages are non-cumulative updates and need to be installed one after the other. These updates are fully automated and will update the complete Azure Stack infrastructure.
  • OEM hardware vendor-provided updates – Azure Stack hardware partners are responsible for the end-to-end servicing lifecycle (including guidance) for the hardware-related firmware and driver update packages. In addition, Azure Stack hardware partners own and maintain guidance for all software and hardware on the hardware lifecycle host.
  • Microsoft hotfixes – Microsoft provides hotfixes for Azure Stack that address a specific issue that is often preventative or time-sensitive. Each hotfix is released with a corresponding Microsoft Knowledge Base article that details the issue, cause, and resolution. Hotfixes are downloaded and installed just like the regular full update packages for Azure Stack. Other then the major updates, Azure Stack hotfixes are cumulative per iteration.
 ReleaseCumulativeWhere to find
Microsoft Software UpdatesMonthly (4th Tuesday of very month)NoRelease Notes
OEM Hardware Vendor UpdatesDepending on OEMDependsOEM Website
Microsoft HotfixesWhen neededYesKnowledge Base article

By the way, you can only update Azure Stack multi-node systems, and the Azure Stack Development Kit needs to be redeployed.