cluster aware updating v1.0
DESCRIPTION
Hyper-V.nu event 16-04-2013 - Cluster Aware Updating by Maarten WijsmanTRANSCRIPT
#hypervnu
Cluster-Aware Updating
Maarten Wijsman
Wortell | [email protected] | www.hyper-v.nu | @myhyper & @hypervnu
about the speaker
• Engineer @ Wortell• Focus on:• System Center Virtual Machine Manager • System Center AppController• Server virtualization
• Blog: www.hyper-v.nu | blogs.wortell.nl• Twitter: @myhyperv | @hypervnu• Mail: [email protected]
Cluster Aware Updating (CAU)Update orchestration across all nodes in a cluster• Windows Server 2012 only & available in the box• No intended to reinvent Windows Updating & Patching• Ability to preview, apply & reports on updates for a cluster
Two modes: Self-updating & Remote-updating• Workload reduction through increased automation > Self-updating• Needed where closer administrator attention is preferred or warranted > Remote-updating
Extensible • Integrate with your patching tools with plug-ins (API)• Two inbox plug-ins: Windows Update & hotfix plug-in• Per-node pre-update and post-update scripts
Where to put CAU?
Windows Update Services
CAU ships with two plug-ins
1. Windows Update Plug-in• Installs GDRs* => From Windows Update Or WSUS
2. Hotfix Plug-in • Installs QFEs** from a SMB 3.0 file share
• 3rd party updates such as BIOS & Firmware Updates from a SMB 3.0 File Share*GDR = General Distribution Release | **QFE = Quick Fix Engineering (nickname for hotfix)
Plug-ins & Supported Update Types
Windows Server 2012 Hyper-V clusters | nodes 1 - 64
Windows Server 2012 File Server (SMB 3.0) Dedicated WSUS server
Microsoft Update Services
You, Cluster Admin (RSAT)
CAU overview
Windows Server 2012 Failover Cluster
Windows Server 2012 File Server (SMB 3.0) Dedicated WSUS server
Microsoft Update Services
You, Cluster Admin (RSAT)
Why not apply
updates on this cluster
1. Moves the clustered roles off the node being updated 2. Places the node being updated into maintenance mode 3. Installs the required updates 4. Performs a restart if necessary5. Brings the node out of maintenance mode 6. Restores the clustered roles on the node7. Proceeds to the next node to complete the same process
Cluster Aware Updating Process
Windows Server 2012 Failover Cluster
Windows Server 2012 File Server (SMB 3.0) Dedicated WSUS server
Microsoft Update Services
You, Cluster Admin (RSAT)
CAU UC
Self-Updating Mode
Windows Server 2012 Failover Cluster
Windows Server 2012 File Server (SMB 3.0) Dedicated WSUS server
Microsoft Update Services
You, Cluster Admin (RSAT)
Remote-Updating Mode
CAU UC
DEMO
DefaultHotfixConfig.xml
Hotfixes applicable to all nodes
CAU Hotfix Root Folder
CAUHotfix_All
MySwUpdateTypeSpecial software updates
Hotfixes applicable to < Node Name 1 >
< Node Name 1 >
MySwUpdateTypeSpecial software updates
Hotfixes applicable to < Node Name N >
< Node Name N >
MySwUpdateTypeSpecial software updates
Hotfixes Folder Structure & Security
<ExtensionRules><Extension name="MSI"><Extension name="MSU"><Extension name="MSP">
<FolderRules> <Folder name="MySwUpdateType" alwaysReboot="true">
“Hotfix” Support Internals
• Rich/extensible Hotfix installation– Microsoft QFEs, or third-party driver updates, or even Firmware/BIOS updates…
• Select hotfix behavior at start. Two key inputs:1. Root Folder: on an SMB File Share2. Configuration xml file: defines the Rules
\System32\WindowsPowerShell\v1.0\Modules\ClusterAwareUpdating\DefaultHotfixConfig.xml
• Configuration Rules are the key to flexibility– Easy to specify new Rules
» hotfix installer name, install options, reboot behavior, return values etc.
NTFS permissions CAUFile SHARE
• First you’ll need to do your home work as described in the TechNet article
• But that doesn’t quite cover it
• Adjust NTFS Permissions on the CAU Share– Give cluster node computer accounts (or an AD group containing them, which
makes for easier administration) Read/Execute permission to the location– If Not => they can’t run the DUPs.
NTFS permissions Log File
• DUPs allows logging with /L switch
• Locally (per node) or to central share
• Must use another share than the CAU Share:– Need to give the computer accounts (or an AD group containing them, which makes for easier
administration) write permission to the location– You’re not allowed to do that for other then specific accounts as described on TechNet
• The log can grow quite large if used a lot– Keep an eye on it– For clarities sake use different log per cluster or folder type
CAU Hotfix plug-in in action
LinksCluster-Aware Updating Overview • http://technet.microsoft.com/en-us/library/hh831694.aspx
Cluster-Aware Updating Cmdlets in Windows PowerShell • http://technet.microsoft.com/en-us/library/hh847221.aspx
Starting with Cluster-Aware Updating: Self-Updating• http://blogs.technet.com/b/filecab/archive/2012/05/17/starting-with-cluster-aware-updating-self-updating.aspx
Update Dell Servers with Microsoft Windows Server 2012 Cluster Aware Update by Integrating SUU/DUP• http://en.community.dell.com/techcenter/extras/m/white_papers/20217029.aspx
Troubleshoot CAU: Log Files for Cluster-Aware Updating• http://social.technet.microsoft.com/wiki/contents/articles/13414.troubleshoot-cau-log-files-for-cluster-aware-updating.aspx
#hypervnu
Questions & Answers
Many, many thanks to: