VMware Cloud Community
Hedleyp
Contributor
Contributor
Jump to solution

How do you handle rebooting for Windows Updates

Hi,

I am a complete and utter Virtualisation Virgin having only just been to a VMWare/Dell Workshop yesterday in Frimley and I have a couple of questions...

1) We seldom have problems with our hardware (after the usual bedding in period) and the only time I have to shut down a server and reboot it is when applying the copious Microsoft Security patches. These updates have to be performed out of hours due to the customer requirements, either late at night or at the w/end.

If we go down the VMWare route, would it be possible to reboot a VM but have another copy of that server running so as to make the process seemless to the customer?

2) If a machine bluescreens or hangs, does VMWare recognise this and bring up another copy?

Thank you,

Hedley Phillips

Tags (2)
Reply
0 Kudos
1 Solution

Accepted Solutions
crazex
Hot Shot
Hot Shot
Jump to solution

There really is not good, or easy, way to accomplish what you are asking. Your best bet is to set a schedule for when the servers will be rebooted. If Windows requires a reboot, it doesn't matter if it is physical or virtual, it needs to reboot. I have a scheduled time every month when our servers are rebooted, to apply all recently installed updates. If I have to apply out-of-band updates, I coordinate the reboot so that it is after business hours, and does not really affect the end users. If you are using WSUS to do your updates, you can setup a GPO so that the machines will not automatically reboot, if that is what you are truely worried about.

-Jon-

VMware Certified Professional

-Jon- VMware Certified Professional

View solution in original post

Reply
0 Kudos
12 Replies
gary1012
Expert
Expert
Jump to solution

The only way I'm aware of to make OS patching transparent to the end users is to setup some type of clustering within the OS. I'm unaware of a way to do so at the VM/hypervisor level. I'm also unaware of an ASR-like feature within the VM. I'm far less confident about that than the patching question. I'm sure others will correct the errors of my ways if I'm wrong.

Community Supported, Community Rewarded - Please consider marking questions answered and awarding points to the correct post. It helps us all.
Reply
0 Kudos
DLeid
Expert
Expert
Jump to solution

Hi Hedley,

The virtual Windows guests will have to get updated just as the physical servers and if it calls for a reboot, it will have to be rebooted.

"If we go down the VMWare route, would it be possible to reboot a VM but have another copy of that server running so as to make the process seemless to the customer?"

It depends on which vmware product you are going to use.

Although the time it takes for Windows to reboot is not long enough to justify for me having a failover server during the reboot time, you can purchase the Virtual Infrastucture Standard edition product you can use HA (High Availability) to keep the servers up 24/7

"2) If a machine bluescreens or hangs, does VMWare recognise this and bring up another copy?"

Virtual Infrastructure with HA will accomplish this.

Hope this helps.

If you find this or any other information helpful or correct, please consider awarding points.
JohnADCO
Expert
Expert
Jump to solution

Maybe I am not understanding the issue? We use normal WSUS servers to do updates and reboot windows machines / servers. Works just fine on our VM's.

Reply
0 Kudos
Hedleyp
Contributor
Contributor
Jump to solution

Thanks for all your replies.

I will look into Virtual Infrastructure Standard & HA.

@John

It isn't so much the handling of the updates that worries me as we would continue to use WSUS, but having to reboot the machines after an update that I would like to address.

We are a small Typesetting company that uses a Webservice to allow our customers to upload Word docs and have a print ready pdf back within a few minutes (after a lot of rules based processing using Perl, Omnimark and XPP), 24 hours a day. Server reboots after updates cause over 95% of my downtime and I would like to reduce this if possible. If virtualisation allows me to reboot a machine but have zero break in service then this would be fantastic.

I watched the VMWare demo yesterday with my jaw on the ground as a server was migrated from hardware A to hardware B with no break in a streaming video, but this trick isn't that important to me as the last time I had to drop a server because of a hardware issue was early 2008. But MS security updates and reboots are a constant problem.

Reply
0 Kudos
DLeid
Expert
Expert
Jump to solution

I think it is the downtime of the reboots that he is concerned with.

If you find this or any other information helpful or correct, please consider awarding points.
Reply
0 Kudos
JohnADCO
Expert
Expert
Jump to solution

Hmm, we don't really do clustering, but we did determine friday night 10:30-ish rarely if ever had any use-age going on.

The time windows required for doing the updates and letting WSUS restart the servers, as well as a planned shut down of each VM to get a weekly snapshot to be about 15min.

We don't really cluster here.

We just make sure all users are aware of the system down window each week.

crazex
Hot Shot
Hot Shot
Jump to solution

There really is not good, or easy, way to accomplish what you are asking. Your best bet is to set a schedule for when the servers will be rebooted. If Windows requires a reboot, it doesn't matter if it is physical or virtual, it needs to reboot. I have a scheduled time every month when our servers are rebooted, to apply all recently installed updates. If I have to apply out-of-band updates, I coordinate the reboot so that it is after business hours, and does not really affect the end users. If you are using WSUS to do your updates, you can setup a GPO so that the machines will not automatically reboot, if that is what you are truely worried about.

-Jon-

VMware Certified Professional

-Jon- VMware Certified Professional
Reply
0 Kudos
Hedleyp
Contributor
Contributor
Jump to solution

Thank you for all your answers and input, appreciated.

Reply
0 Kudos
crazex
Hot Shot
Hot Shot
Jump to solution

Don't forget to award points for helpful/correct answers.

-Jon-

VMware Certified Professional

-Jon- VMware Certified Professional
Reply
0 Kudos
Hedleyp
Contributor
Contributor
Jump to solution

I have awarded points as best as possible. Could have done with some extra "helpfuls" to award.

Reply
0 Kudos
meistermn
Expert
Expert
Jump to solution

Maybe the stratus solution is a way to go.

Stratus® ftServer® Active Upgrade technology is a first-of-its-kind technology for fault-tolerant Microsoft Windows® operating system environments. It enables customers to perform online software upgrades and critical operating system hot fixes without having to take the server or application offline for extended periods.

The question which is open, if it works with esx.

Reply
0 Kudos
Josh26
Virtuoso
Virtuoso
Jump to solution

I supported a Stratus server for five years. During that time it had more downtime than most desktop PCs* and the costs associated with running that monstrosity far outweighed the costs of putting in two Windows servers on moderate hardware and clustering them. Until recently, their "enterprise" servers came with Veritas Storage Foundation and instructions on how to build a server with software RAID, because they were still struggling to get any form of hardware RAID working in their environment. Every firmware upgrade you applied came with instructions on how to break the array, reboot the server, and rebuild the array.

It really depends on your application. If it really is effectively just a web service, and you have the resources available, two VMs running NLB will allow you to seamlessly reboot them one at a time without any interruption to service.

Your other option is considering different operating systems. You can apply almost all Linux updates without a reboot right out of the box, and there's been a hot update kernel project we've been following for some time.

  • Reasons for downtime included single hard drive failures where "proactive monitoring" services took a week and a half to respond to, firmware bugs that required hardware modules be physically removed while updates were applied, continuous hacking caused by the fact you couldn't actually apply a Microsoft Update until it's Stratus approved or modified, sometimes weeks after official release. I stopped supporting that server two years ago and haven't looked at Stratus' more recent offerings. Nor will I ever.

Edit: I'll also throw in, Stratus were one of the sponsors of the recent VMWare forum in Sydney. At the stall, the salesman gave me his pitch that, his servers were so reliable, VMWare HA was completely redundant and pointless.

Aside from being interested in how VMWare ever supported a "sponsor" that actually discouraged the use of one of their own products, basic maths demonstrated that the Stratus in question was more than two times the price of a more powerful single server. It was still more cost effective to continue using HA, and I never could quite swallow that a single server operation would be "better".

Reply
0 Kudos