question

Silvan-2161 avatar image
0 Votes"
Silvan-2161 asked Silvan-2161 commented

Linux ring deyploment with Azure Update Management

Dear community,

Azure Update Management always references the local package manager (e.g., apt, zypper) in the Linux environment. The open patches are read out together with the version number and written to the Log Analytics workspace.

Do I have the possibility to set a preselection or filter criterion that one or more patches are installed based on a specific version?

I ask because I want to do a ring deployment over 3 stages.
1. install patch XY version 1.0 on the development environment
2. install patch XY version 1.0 on the test environment
3. install patch XY version 1.0 on the production environment

There is about 1 week between steps 1 and 3. If now after the test installation the version 1.1 of patch XY appears, then an untested patch would be installed directly on the production environment.
I am aware that I could solve this with a local repository server and synchronize it regularly with the online repository server.

But does Update Management not provide a solution for this in the Linux domain?

Many thanks for your feedback in advance

Best regards,
Silvan

azure-automation
· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi @Silvan-2161,

I believe this isn't easily achieved with the current release of Azure Update Management but I think it is possible. You can specify a particular patch to install with Azure Update Management using the include mechanism (and I think you can specify the particular version when specifying the package here) and you can target machines for patching using dynamic grouping and something like tags. So I believe it can be done but it would require some manual effort to achieve it. I am reaching out to our internal product team to confirm the same and see if we have any better solution for this. Will keep you updated as I hear more information.

0 Votes 0 ·

Hi @tbgangav-MSFT

Thank you very much for your comments. I'm curious to hear your feedback after talking with the internal product team.

In particular, I'm also curious to know if I can reference individual patch versions in the include and exclude mechanism.

0 Votes 0 ·

0 Answers