Azure Update Management

 

Step by step procedure to install updates on Azure Windows/Linux servers with Azure Update Management:

Azure Update management is an Automation tool /service used to install patches on Azure on-premises Windows/Linux computers. Below are the four steps to be followed to install the missing patches on computers using Azure update management component.

  • Create a Log Analytics workspace.

  • Create an Automation account.

  • Link the Automation account with the Log Analytics workspace.

  • Enable Update Management for Azure VMs.

Create a Log Analytics workspace:

In the Azure portal, select create a resource> Log Analytics workspaces>create


Fill up the details such as Resource group,Name,Region in basics tab> Review and create with default settings

Create an Automation account:

In the Azure portal, select create a resource>Automation accounts>create


Fill up the details such as Resource group,Name,Region in basics tab> Review and create with default settings

Link the Automation account with the Log Analytics workspace:

Go to Automation Account pane>Update Management>Select existing Log Analytics workspace>Enable


Click on Add Azure VM’s>Select the VM and enable update management for Azure VM’s

It will take approx. 15 mins to reflect your virtual machine in Update management pane


Deploy the Log Analytics agent and connect to a Log Analytics workspace. Before you deploy agent copy the Workspace and primary key from Log analytics >Agents Management

Install Log analytics agent on windows:

Download the Agent file from Microsoft and install on On-premises computer

I Agree>Next>Connect the agent to Azure log Analytics (OMS)

>Next>Azure Commercial> Fill up the Workspace ID and Key you copied from Agent Management

>Next >Install

Install OMS Agent on Linux Server

You can use the below command to install OMS agent on linux server. Update your Workspace id and Primary key in the below command and run as root /sudo

wget  https://raw.githubusercontent.com/Microsoft/OMS-Agent-for-Linux/master/installer/scripts/onboard_agent.sh && sh onboard_agent.sh -w <YOUR WORKSPACE ID> -s <YOUR WORKSPACE PRIMARY KEY>


Example : sudo wget https://raw.githubusercontent.com/Microsoft/OMS-Agent-for-Linux/master/installer/scripts/onboard_agent.sh && sh onboard_agent.sh -w d442485a-6cb6-47e5-be9d-39f6584d8198 -s LTfuzoXtrDxamiCl7CeNbeDgK8XDE+p4s6WgRClvlaxpd2OomayUJZXI9au44Tc5qfTzezGWTvjL5qh+rQxs/w==


Schedule and update Deployment:
Go to Automation account>Update management >Schedule update deployment

Under New update deployment>Provide name>Operating System

Select  Groups to update > Fill Up subscription, resource groups, locations  of Azure VMs for your deployment >add >ok

Select Machines> Select the VM’s you want to deploy patches

Select the update classification as mentioned below based on the requirement.

Select Include/exclude selecting specific updates for deployment


Select Schedule setting to configure the schedule for deployment of patches>ok

Once the deployment is completed, Go to Update Management >History > to View the results of completed update deployment

Now you successfully deployed the missing patches using Azure update manager.


Use Dynamic groups with Update Management:

If you have more than 1000 machines, Microsoft recommend that you split up the updates among multiple update schedules.

Dynamic Groups can be created based on 

  1. Subscription

  2. Resource groups

  3. Locations

  4. Tags

Creating Dynamic Group for Patch Deployment:

Go to Azure monitor>Logs>

Example : Heartbeat | where Computer contains "Red" | distinct Computer 

>Run > Save as function 

Provide the group name >Save

Now you should be able to view the dynamic group while scheduling the Windows update deployment.

                                                                 Thank you!!!




 

Comments

Post a Comment

Popular posts from this blog

AZURE ADMINISTRATOR ASSOCIATE (AZ-104)

Image
                                     AZURE ADMINISTRATOR ASSOCIATE                                        AZ- 104       Welcome to Azure AZ-104 Certification Course: Setting up Azure free account: Creating the Free Azure account Go to https://azure.microsoft.com/free. Click on “Start for free” button. You will be redirected to a sign-in form. You need the Microsoft account . After your successful authorization you will be redirected to Identity verification by card form click sign up and your Azure account is created For First Azure registration , Microsoft  free credits and services Micro...
Read more

Auto-Stop Virtual Machines based on CPU utilization

Image
  Auto-Stop Virtual Machines based on CPU utilization: Microsoft Azure provides a service to Start or stop virtual machines (VMs) whenever there is more/less load of CPU utilization.   Prerequisites to test the Auto shutdown based on CPU utilization: A resource group containing the VMs An automation account with an azure run as account An azure monitor log analytics workspace Go to Home> "Start/Stop VMs during off hours" > Create Click on Add Solution> Create New Workspace > Fill-up the details > Create. Click on Automation Account> Create an Automation Account> Ok Click on Configuration> Parameters >Fill-up the  required details. You can mention * to include for all resource group as target resource group and none to include all VM’s .  In this case we mentioned a resource group.To exclude any VM’s mention the VM Name with comma separated values. Mention the Start and Stop schedule of the VM’s and configure mail id for notification ...
Read more

AZCopy : Upload and Download files from or to Azure Storage account using AZcopy

Image
  Upload and Download files from or to Azure Storage account using AZcopy: AzCopy is a command-line utility used to upload and download files to or from a storage account . Create a storage account and Create a container. Select the Storage account >IAM> Grant “Storage blob data Contributor” and “Storage blob data Owner” access. Download the AZcopy executable files based on your Operating system (Windows/ Linux) from Microsoft site.Upload the executable AZcopy file and upload in Azure Storage fileshare       To access the AZcopy file go to the file share path you have mounted on the system. Open the Bash shell and access the file: Windows : Extract the azcopy_windows_amd64_10.13.0.zip  Linux :To extract the file use tar –xvzf azcopy_linux_amd64_10.13.0.tar.gz Upload a file to Storage account : Login to Azcopy : Azcopy login: Use azcopy copy to upload a file: Command : azcopy copy “file path” “container URL” Example :azcopy copy 'C:\path\reports.txt' 'ht...
Read more