-1

We have a public website hosted on two Azure IaaS VMs which are behind a Network Load Balancer. What are the available solutions to auto patch and reboot without impacting site availability?

I am looking for a solution like this

  1. Suppress the IaaS VM in NLB to stop the traffic coming to the VM. (apply a network security group to stop the traffic)

  2. Run the monthly patches/updates on the IaaS VM

  3. Restart the IaaS VM
  4. Enable the IaaS VM in NLB to allow the traffic.
  5. Move on to next server

Are there any solution available for this in Azure? or do we need to prepare our own PowerShell scripts to do this? if its a PowerShell script how to make it run monthly once?

Jyothi
  • 89
  • 1
  • 2
  • 13

1 Answers1

0

Are there any solution available for this in Azure?

I suggest you could use Update Management solution in the Operations Management Suite, you can now configure an automated patching schedule for your Azure IaaS VMs.

There you can define a one time, a weekly or monthly schedule. The possibility adding different VMs to different schedules ensures that your services running on Azure IaaS VMs will be always available during an automated patching schedule.

More information please refer to this link.

Shui shengbao
  • 18,746
  • 3
  • 27
  • 45
  • Thank you, I have gone through this, but confused on how to take the server out of the rotation in NLB before its gets rebooted? – Jyothi May 19 '17 at 10:04
  • `Network Load Balancer` Do you mean Azure Load Balancer. Based on my knowledge, if a VM behind a LB, when you reboot VM, it will not send message to the VM, when LB detects that a virtual machine can provide services, it will add the VM to the LB pool. – Shui shengbao May 22 '17 at 02:22
  • If your `Network Load Balancer` does not support this, it is difficult to achieve your scenario automation. – Shui shengbao May 22 '17 at 02:23
  • My bad, its Azure Load Balancer, I have configured the 'Health Probes' for the same but never tested. I have created an NSG with denied access 80, 443 and assigns tits to NIC before restarting the particular VM. – Jyothi May 22 '17 at 17:16
  • @Jyothi VM behind Azure Balancer will automation add to pool and provide service after the VM start successful, you don't need do anything. `Health Probes` will check the port is listening. When the VM stops, Load balancer will not send message to the VM. When the VM starts, `Heath Probes` could detected the service, you VM will continue provide service. – Shui shengbao May 23 '17 at 02:19