Tag: update

Azure IaaS VM enable Update Management

How to Manage Updates for Azure IaaS VMs

As a lot of customers are moving their workloads to Azure and specifically moving virtual machines to Azure Infrastructure-as-a-service (IaaS), the question is how do I manage my Azure virtual machines (VMs) efficiently. The great thing about Azure IaaS, it is not just another virtualization platform. Azure IaaS also offers a lot of other benefits versus classic virtualization. Azure IaaS and Azure Management provide a lot of functionality to it make it more efficient to run and manage virtual machines. One of them is Azure Update Management. In this blog post, I am going to show you how you can efficiently manage updates for your Azure IaaS VMs.

Overview and benefits Azure Update Management ☁

The Azure Update Management solution is part of Azure Automation. And with Azure Update Management you can manage operating system updates for your Windows and Linux computers in Azure, in on-premises environments, or in other cloud providers. That is right, it is not only for your Azure VMs, it also works with all your environment and provides you with a single pane of glass for your Update Management. It allows you to quickly assess the status of available updates on all virtual machines and servers, and manage the process of installing required updates for servers.

  • Azure Update Management works with Azure IaaS VMs, on-premise servers and even servers running at other cloud service providers.
  • Update Management supports Linux and Windows servers
  • It is directly integrated into the Azure portal and onboarding of Azure VMs is very simple.
  • It works with existing update sources like Microsoft Update, WSUS or on Linux with private and public update repositories.
  • Azure Update Management can be integrated into System Center Configuration Manager. You can learn more about Azure Update Management and System Center Configuration Manager integration on Microsoft Docs.
  • You can onboard new Azure VMs automatically to Update Management in multiple subscriptions in the same tenant.
Architecture

Architecture

How to onboard Azure IaaS VMs ✈

Onboarding Azure VMs to Azure Update Management is fairly simple and there are many different ways you can enable Update Management for an Azure VM.

One thing I want to highlight is, that you can set up automatic enablement for future virtual machines. With that Azure virtual machines, you create in the future, will automatically be added to the Update Mangement solution.

Onboarding

Onboarding

Since this blog post is all about managing updates for Azure VMs, I will keep it short, but if you want to add servers running on-premises or at other service providers, you can have a look how you can configure Azure Update management from Windows Admin Center. If you are running Azure Stack, you can also easily add your Azure Stack VMs to the Update Management solution.

Update Assesment 📃

Azure Update Management Compliant Assessment

Azure Update Management Compliant Assessment

After you have enabled and connected your virtual machines, Azure Log Analytics and Update Management start to collect data and analyze it and creates a continuous assessment of your Azure VM infrastructure and the additional servers you added. It will let you know which servers are compliant and which updates are missing. In the Azure documentation for Azure Update Management, you can find the schedules and time new updates will be added to the assessment.

Manage and deploy updates to Azure VMs 🔧

After you know which servers are compliant or not, you can schedule an update deployment, to update your servers.

Update Azure VMs using Update Deployment

Update Azure VMs using Update Deployment

An update deployment configuration is done very easily.

  1. Enter a name for the update deployment
  2. Select which operating system you want to target with the deployment (Linux or Windows)
  3. Choose the machines you want to update. You can select specific Azure virtual machines, non-Azure machines, groups, AD, WSUS, SCCM groups and filters.
  4. Select the Update Classifications you want to deploy
  5. Include or exclude updates
  6. Schedule the deployment. You can also create recurring update deployments for example for monthly patching.
  7. Configure pre- and post-scripts
  8. Configure the maintenance window size
  9. Configure the reboot update after the updates are installed

View update deployments ✔

Update Azure VMs Status

Update Azure VMs Status

During and after the duration of the update deployment, you can see an overview of the deployment, which updates on which machine were installed and if they were successful.

Pricing – What does it cost? 💵

Now I know what you are thinking now, this is great, but I am sure Microsoft is making me pay for this. No! there are no charges for the service, you only pay for log data stored in the Azure Log Analytics service. You can find more pricing information here.

Conclusion and Learn more 🎓

Update Management is a great solution to keep your environment up to date. If you want to know more, check out Microsoft Docs or follow this tutorial to onboard Azure VMs. There is also a very good blog series by Microsoft MVP Samuel Erskine. If you don’t have Azure today, create an Azure Free account.

Create free Azure Account ☁

Create your Azure free account today and get started with 12 months of free services!

If you have any questions, let me know in the comments.




PowerShell 7 Installer

How to Install and Update PowerShell 7

Currently, you can install the cross-platform version PowerShell Core 6 on Linux, macOS, and Windows. Early April the PowerShell team announced the next release called PowerShell 7. PowerShell 7 is built on .NET Core 3 and brings back many APIs required by modules built on .NET Framework so that they work with .NET Core runtime. While PowerShell Core 6 was focusing on bringing cross-platform compatibility, PowerShell 7 will focus on making it a viable replacement for Windows PowerShell 5.1 and bringing near parity with Windows PowerShell. Here is how you can install and update PowerShell 7 (preview) on Windows and Linux using a simple one-liner.

If you want to know more about the roadmap, check out Steves blog post.

One great example of how cross-platform PowerShell can work, check out my blog post: How to set up PowerShell SSH Remoting.

Install PowerShell 7 (Preview)

As mentioned PowerShell 7 is currently in preview. You can download and install it manually from GitHub. However, the easiest way to install it is to use the following one-liners created by Steve Lee (Microsoft Principal Software Engineer Manager in the PowerShell Team). You can also use the same one-liners with different parameters to install the current GA version of PowerShell 6.

If you are installing the PowerShell 7 Preview, this will be a side by side installation with PowerShell 6. You can use the pwsh-preview command to run version 7.

One-liner to install or update PowerShell 7 on Windows 10

Install and Update PowerShell 7

You can use this single command in Windows PowerShell to install PowerShell 7. The difference between the installation of version 6 versus version 7 is the -Preview flag.

iex "& { $(irm https://aka.ms/install-powershell.ps1) } -UseMSI -Preview"

There are additional switches to, for example, install daily builds of the latest PowerShell previews.

-Destination
The destination path to install PowerShell Core to.

-Daily
Install PowerShell Core from the daily build.
Note that the ‘PackageManagement’ module is required to install a daily package.

-Preview
Install the latest preview, which is currently version 7. This will

-UseMSI
Use the MSI installer.

-Quiet
The quiet command for the MSI installer.

-DoNotOverwrite
Do not overwrite the destination folder if it already exists.

-AddToPath
On Windows, add the absolute destination path to the ‘User’ scope environment variable ‘Path’;
On Linux, make the symlink ‘/usr/bin/pwsh’ points to “$Destination/pwsh”;
On MacOS, make the symlink ‘/usr/local/bin/pwsh’ points to “$Destination/pwsh”.

One-liner to install or update PowerShell 7 on Linux

Install PowerShell 7 on Linux

You can use this as a single command to install PowerShell 7 on Linux

wget https://aka.ms/install-powershell.sh; sudo bash install-powershell.sh -preview; rm install-powershell.sh

Depending on your distro you are using, this will register Microsoft’s pkg repos and install that package (deb or rpm).

You can also use the following switches:

-includeide
Installs VSCode and VSCode PowerShell extension (only relevant to machines with a desktop environment)

-interactivetesting
Do a quick launch test of VSCode (only applicable when used with -includeide)

-skip-sudo-check
Use sudo without verifying its availability (hard to accurately do on some distros)

-preview
Installs the latest preview release of PowerShell side-by-side with any existing production releases

To currently run the PowerShell Preview, you can run the following command:

pwsh-preview

After Installing

After you have installed PowerShell 7, also make sure to update PowerShellGet and the PackageManagement module.

Remember PowerShell 7 is still currently in preview, if you have any questions, please let me know in the comments.



Install or Update PowerShell 6 on Windows 10

How to Install and Update PowerShell 6

Today Windows 10 and Windows Server 2019 ship with Windows PowerShell 5.1 as the default version. PowerShell Core 6 is a new edition of PowerShell that is cross-platform (Windows, macOS, and Linux), open-source, and built for heterogeneous environments and the hybrid cloud. PowerShell 6 today is a side by side version next to Windows PowerShell 5.1. That means on Windows you cannot just upgrade to PowerShell 6, you will need to install it, same as on Linux and macOS. This blog post shows you how simple you can install PowerShell 6 or update PowerShell 6, if you have already installed it, on Windows 10, Windows Server 2019 or Linux.

One great example of how cross-platform PowerShell can work, check out my blog post: How to set up PowerShell SSH Remoting

Of course, you can find excellent documentation out there on Microsoft Docs. However, Steve Lee (Microsoft Principal Software Engineer Manager in the PowerShell Team) shared some one-liner, which helps you quickly install and update PowerShell 6.

Install PowerShell Core 6

Before showing you the one-liner option to install PowerShell 6, I want to share with you the documentation to install PowerShell Core 6 on different operating systems like Windows, macOS, and Linux.



Updated PowerShellGet and PackageManagment

Update PowerShellGet and PackageManagement

Since I am just setting up a new work machine, I wanted to share some information how you can update PowerShellGet and PackageManagement to the latest version. This will give you the usual bug fixes and performance enhancements. Since you don’t get the latest version in Windows PowerShell nor PowerShell Core, you will need to update it manually.

PowerShellGet is a PowerShell module with commands for discovering, installing, updating and publishing the PowerShell artifacts like Modules, DSC Resources, Role Capabilities and Scripts. For example you use PowerShellGet to install the Azure PowerShell module, or other modules.

PowerShellGet module is also integrated with the PackageManagement module as a provider, users can also use the PowerShell PackageManagement cmdlets for discovering, installing and updating the PowerShell artifacts like Modules and Scripts.

(source: GitHub)

How to update PowerShellGet and PackageManagement

Updating to the latest version of PowerShellGet and the PackageManagement module is simple. Since both modules are part of the PowerShell Gallery, you can update them using a couple of simple commands.

You can find both modules in the PowerShell Gallery:

First lets check which versions of the modules you have available. If you use Update-Module, it will automatically load PowerShellGet and PackageManagement and list them as loaded PowerShell modules. Of course you can also use Get-Module -ListAvailable.

PowerShell Modules PowerShellGet and PackageManagement

 
Get-Module -ListAvailable PackageManagement, PowerShellGet

As you can see, In my default installation, I got PowerShellGet version 1.6.7 and PackageManagement 1.1.7.2. If you have a look at PSGallery, you will see that these are pretty old versions and that there are newer available.

To get the latest version from PowerShell Gallery, you should first install the latest Nuget provider. You will need to run PowerShell as an Administrator for all  the following commands.

 
Install-PackageProvider Nuget –Force
Exit

If you run PowerShell 5.0 or newer, you can install the latest PowerShellGet using the following command. PowerShell 5.0 is included in Windows 10, Windows Server 2016, Windows Server 2019, any system with WMF 5.0 and 5.1 or a system running PowerShell 6.

 
Install-Module –Name PowerShellGet –Force
Exit

Two quick tips, first of, you will need to set the execution policy to RemoteSigned to allow the new module to run. Secondly in some cases you will need to use the -AllowClobber parameter to install the updated version of the module.

 
Set-ExecutionPolicy RemoteSigned
 
Install-Module –Name PowerShellGet –Force -AllowClobber

You can then use Update-Module to get newer versions:

 
Update-Module -Name PowerShellGet
Exit

Updated PowerShellGet and PackageManagment

After that you will see the latest versions of PowerShellGet and PackageMangement available

If you run older versions of PowerShell you can check out the full documention on the PowerShell Docs. I hope this blog post helps you to update PowerShellGet and benefit from the latest versions. If you have any questions, please let me know in the comments.



Windows Server 2019 Upgrade

Windows Server 2019 In-place Upgrade

As another part of my series for Windows Server 2019, this blog post covers the in-place upgrade feature. The in-place upgrade allows you to upgrade your existing LTSC versions of Windows Server 2012 R2 or Windows Server 2016 servers to Windows Server 2019. Windows Server 2019 In-place Upgrade will enable businesses to update to the latest version quickly. Especially if you have servers which you might need to install some dependencies for the applications. I saw a lot of customers who not have documented their server installations and neither used infrastructure as code to deploy them. For these customers, it can be hard to upgrade to newer versions of Windows Server. With the Windows Server 2019 In-Place Upgrade feature, this should get a lot easier. Especially since Windows Server 2019 brings a lot of improvements.

Upgrade Matrix

You can in-place upgrade to Windows Server 2019 from

If you run older versions of Windows Server, you might have to upgrade to Windows Server 2012 R2 or Windows Server 2016 first.

Windows Server Upgrade Path

Windows Server Upgrade Path (Image: Microsoft Docs)

To find out more about the in-place upgrade on the Microsoft Docs page.

How to in-place upgrade to Windows Server 2019

Windows Server 2016 upgrade to Windows Server 2019

To in-place upgrade to Windows Server 2019, insert the Windows Server 2019 media into the existing server, by attaching an ISO file, copying the sources, adding a USB drive or even a DVD drive and start the setup.exe.

Installing Windows Server 2019

The setup will discover the existing installation and will let you perform an in-place upgrade. The installation will run for a couple of minutes; it will take quite some time depending on the speed of your server hardware and the installed roles and features.

Microsoft MVP Didier Van Hoye did write a great blog post about Upgrade testing. In that blog post, he has a quick look at upgrading to Windows Server 2019.

You can also find an overview of what is coming new in Windows Server 2019, in my blog: Windows Server 2019 – What’s coming next.



Download Azure Stack Update

How to install and manage Azure Stack Updates

At itnetX, we help customers to implement as well as to operate  Azure Stack. One part of operating Azure Stack is keeping it up-to-date. This means installing Microsoft Azure Stack Updates, hotfixes as well as OEM update packages like drivers and firmware. In this blog post, I will cover all the information you need to keep your Azure Stack up-to-date.

Why should you update your Azure Stack

Azure Stack Update

This may sound like a simple question, but a lot of people ask for it. First of all, Microsoft and the hardware vendors are delivering quality fixes and security updates to keep Azure Stack stable and secure. But Microsoft also adds new functionality with their updates packages to keep up with the rapid cloud development on Azure. This is important if you want that your Azure Stack stays consistent with Azure in terms of functionality.

Another essential reason to stay current is to remain supported. You are allowed to be behind two major versions of Azure Stack, which means 2-3 months. You basically should update monthly, to make sure that you are secure and stable. However, there are reasons why you might have to defer an update. For example, this can happen for some companies, when they are in a freeze period where they are not allowed to do changes in their systems. If you are more than three major versions behind, your Azure Stack is considered out of support and will not be supported from Microsoft, until you have the at least required version installed.

You can read more about the Azure Stack servicing policy on the Azure Stack documentation site.

Updates for the Azure Stack Integrated System

Azure Stack Operations

As mentioned before, there are three types of updates to Azure Stack. The monthly Azure Stack Update Packages from Microsoft, Hotfixes, and OEM updates.

  • Microsoft software updates – Microsoft is responsible for the end-to-end servicing lifecycle for the Microsoft software update packages. These packages can include the latest Windows Server security updates, non-security updates, and Azure Stack feature updates. These update packages are non-cumulative updates and need to be installed one after the other. These updates are fully automated and will update the complete Azure Stack infrastructure.
  • OEM hardware vendor-provided updates – Azure Stack hardware partners are responsible for the end-to-end servicing lifecycle (including guidance) for the hardware-related firmware and driver update packages. In addition, Azure Stack hardware partners own and maintain guidance for all software and hardware on the hardware lifecycle host.
  • Microsoft hotfixes – Microsoft provides hotfixes for Azure Stack that address a specific issue that is often preventative or time-sensitive. Each hotfix is released with a corresponding Microsoft Knowledge Base article that details the issue, cause, and resolution. Hotfixes are downloaded and installed just like the regular full update packages for Azure Stack. Other then the major updates, Azure Stack hotfixes are cumulative per iteration.
 ReleaseCumulativeWhere to find
Microsoft Software UpdatesMonthly (4th Tuesday of very month)NoRelease Notes
OEM Hardware Vendor UpdatesDepending on OEMDependsOEM Website
Microsoft HotfixesWhen neededYesKnowledge Base article

By the way, you can only update Azure Stack multi-node systems, and the Azure Stack Development Kit needs to be redeployed.