We are pleased to announce the GA release of enhanced patching capabilities for SQL Server on Azure VMs using Azure Update Manager. When you register your SQL Server on Azure VM with the SQL IaaS Agent extension, you unlock a number of feature benefits, including patch management at scale with Azure Update Manager.
Overview
Azure Update Manager is a unified service to help manage and govern updates for all your machines. You can monitor Windows and Linux update compliance across your deployments in Azure, on-premises, and on other cloud platforms from a single dashboard. By enabling Azure Update Manager, customers will now be able to:
- Perform one-time updates (or Patch on-demand): Schedule manual updates on demand
- Update management at scale: patch multiple VMs at the same time
- Configure schedules: configure robust schedules to patch groups of VMs based on your business needs
- Periodic Assessments: Automatically check for new updates every 24 hours and identify machines that may be out of compliance
Azure Update Manager has more categories to include for updates, including the ability to automatically install SQL Server Cumulative Updates (CUs), unlike the existing Automated Patching feature which can only install updates marked Critical or Important.
To get started using Azure Update Manager go to the SQL virtual machine resource in the Azure portal, choose Updates under Settings.
To allow your SQL VM to get SQL Server updates, customers will need to enable Microsoft Updates.
Migrate from Automated Patching to Azure Update Manager
If you are currently using the Automated Patching feature offered by the SQL Server IaaS agent extension, and want to migrate to Azure Update Manager, you can do so by using the MigrateSQLVMPatchingSchedule PowerShell module to perform following steps:
- Disable Automated Patching
- Enable Microsoft Update on the virtual machine
- Create a new maintenance configuration in Azure Update Manager with a similar schedule to Automated Patching
- Assign the virtual machine to the maintenance configuration
To migrate to Azure Update Manager by using PowerShell, use the following sample script:
$rgname = 'YourResourceGroup'
$vmname = 'YourVM'
# Install latest migration module
Install-Module -Name MigrateSQLVMPatchingSchedule-Module -Force -AllowClobber
# Import the module
Import-Module MigrateSQLVMPatchingSchedule-Module
Convert-SQLVMPatchingSchedule -ResourceGroupName $rgname -VmName $vmname
The output of the script includes details about the old schedule in Automated Patching and details about the new schedule in Azure Update Manager. For example, if the Automated Patching schedule was every Friday, with a start hour of 2am, and a duration of 150 minutes, the output from the script is:
Additional Considerations
If you are currently using the SQL IaaS extension to patch, then be aware of conflicting schedules or consider disabling Automated Patching and migrating to Azure Update Manager to take advantage of the robust features.
At this point, patching SQL Server on Azure VMs through Azure Update Manager or Automated Patching via the SQL IaaS extension is not aware if the SQL Server is a part of an Always On availability group. It is important to keep this in mind when scheduling your updates with an automated process.
You can always go back to Automated Patching by selecting Leave new experience from the new Updates page.
Learn More
- About Azure Update Manager
- Review the following article about how to check and install on-demand updates
- Schedule patching configuration on Azure VMs
- Managing update configuration settings in Azure Update Manager
- Azure Update Manager for SQL Server on Azure VMs