Anmelden
 
HomeLibraryDownloadsSupportWebcasts & EventsCommunityForenBlogs
Ressourcen für IT-Professionals >
cluster aware updating via WSUS

Answered cluster aware updating via WSUS

  • Freitag, 28. Dezember 2012 19:48
     
     
    Anmelden
    0

    I can't seem to find this information anywhere,

    I have setup a 2 node hyper-v 2012 baremetal cluster and configured it with cluster aware updating role (CAU)

    the environment is not internet facing and the updates need to come through a local WSUS server, a capability mentioned in many articles, however no guidelines on how to actually do it

    CAU is configured with the microsoft.windowsupdateplugin in self-updating mode

    I'm not sure how to point the CAU role to the local WSUS host, obviously no updates are occuring since there is no internet access to the MS update servers and WSUS cannot simply be auto-discovered

    has anyone done this or know how to make this work?  I can only assume I would have to pass on some sort of argument to the CAUpluginArguments field with the http/s link to the WSUS infrastructure but can't find the proper string

    thanks in advance,

    armin

     

Alle Antworten

  • Freitag, 28. Dezember 2012 21:35
     
     
    Anmelden
    0

    I'm not using CAU myself, but from the documentation: http://technet.microsoft.com/en-us/library/hh847234.aspx

    it doesn't seem that it is configured any differently than any other WU implementation - just the invocation and scheduling would be under the control of CAU so as to avoid cluster unavailability?

    Don
    (Please take a moment to "Vote as Helpful" and/or "Mark as Answer", where applicable.
    This helps the community, keeps the forums tidy, and recognises useful contributions. Thanks!)

     
  • Samstag, 29. Dezember 2012 04:46
     
     
    Anmelden
    0

    I've looked at that link as well but as you saw, nothing specific in there for pointing to another update server, the only thing that comes close is how to go through a proxy server, but that's not the issue either.

    I wish it was as easy as you say but CAU creates a virtual computer object in AD which seems to act as the "update broker" if you will for all the nodes in the cluster requiring updates, more than just invocation/scheduling.  During validation if CAU sees your local cluster nodes are configured to go through WSUS it will actually throw a flag since it sees it as a conflict.  It's noted in the best practices section that CAU should be exclusively managing patches, not WSUS/SCCM/etc. on the cluster nodes.

    I even tried to put the CAU virtual computer object in the OU where my usual WSUS policies reside but it didn't do anything since that object is not really a traditional computer object in AD, it never showed up in the WSUS console after reboots and manual update triggers from the CAU snap-in.

    Thanks anyway, let's see if anyone has this working.

     
  • Dienstag, 1. Januar 2013 02:18
    Moderator
     
     Beantwortet
    Anmelden
    0

    I'm not sure how to point the CAU role to the local WSUS host, obviously no updates are occuring since there is no internet access to the MS update servers and WSUS cannot simply be auto-discovered

    You configure Cluster-Aware Updating in exactly the same way you would configure a standalone node. Use Group Policy to configure the WUAgent. 

    http://technet.microsoft.com/en-us/library/dd939933(v=ws.10).aspx

    What CAU does is coordinate the activities of the individual WUAgents on each node of a cluster, but that still requires that the nodes be configured as WSUS clients.

    Lawrence Garvin, M.S., MCITP:EA, MCDBA, MCSA
    SolarWinds Head Geek
    Microsoft MVP - Software Distribution (2005-2012)
    My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin
    The views expressed on this post are mine and do not necessarily reflect the views of SolarWinds.

    • Als Antwort markiert armin19 Mittwoch, 2. Januar 2013 15:57
    •  
     
  • Dienstag, 1. Januar 2013 02:27
    Moderator
     
     
    Anmelden
    0

    It's noted in the best practices section that CAU should be exclusively managing patches, not WSUS/SCCM/etc. on the cluster nodes.

    What that means is that you should not use policy to specify a scheduled installation time for the nodes, but rather allow the CAU subsystem to 'schedule' the installations.

    Regarding the configuration, this statement in the Overview may shed some light:

    To enable self-updating mode, the CAU clustered role must also be added to the failover cluster. To do this by using the CAU UI, under Cluster Actions, use the Configure Self-Updating Options action.

    Lawrence Garvin, M.S., MCITP:EA, MCDBA, MCSA
    SolarWinds Head Geek
    Microsoft MVP - Software Distribution (2005-2012)
    My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin
    The views expressed on this post are mine and do not necessarily reflect the views of SolarWinds.

     
  • Mittwoch, 2. Januar 2013 15:56
     
     
    Anmelden
    0

    You're right, my default WSUS GPO which the cluster nodes were initially inheriting has a schedule for installing updates so the CAU analysis report was reporting a conflict.

    I created a new WSUS GPO with no scheduling defined and ran the CAU report and it passed this time, the update wizard also seems to work ok but I'll know for sure when new updates come out next week as they're all up to date right now.

    Thanks for your help.