You dont have javascript enabled! Please enable it!

4 thoughts on “Patch Azure VMs using Azure Update Management”

Leave a comment...

  1. Great blog post – thanks for sharing!
    The only part I’m missing is a staging approach for a patch – before a production VM is patched it needs to be verified, that the patch did not break Dev or QA environment. Having 2/3 schedules doesn’t help because all available patches are applied unless you exclude them manually. What would you recommend?

  2. Hello Axel, thanks for the comment and feedback!
    What I recommend is to leverage the Dynamic Group (Groups to update) with Tagging where you can patch Dev and QA environments only (first).
    Once you verify that all patches did not break Dev or QA environment, you can Tag them with verified (I assume, the verification is done manually).
    Then, you could leverage the Pre-scripts option for your production deployment schedule and have it check against the Tag if it’s verified or not.
    If it’s verified, then it will move to deployment and patch your production VMs.
    Hope it helps!

  3. I see a lot of failure during the automatically scheduled patching (disk full, one patch fails and the rest is rolled back, and other reasons).
    Are you looking at the scheduled patching logs and warning the team their patching failed?

  4. Hello Martin, thanks for the feedback!
    Yes, we have an alert configured that will open a service ticket in Jira if the OS scheduled patching failed.
    The Ops team will look into those alerts and resolve them.
    In between, we are not seeing the issues that you mentioned above.

Let me know what you think, or ask a question...

error: Alert: The content of this website is copyrighted from being plagiarized! You can copy from the 'Code Blocks' in 'Black' by selecting the Code. Thank You!