This article explains the above 3 properties in detail. Though these three properties sound similar, but are quite different from each other. Let’s talk about them.
- This property is used to enable automatic updates for Windows Virtual Machine. Its default value is true.
- Ideally, when we set “enableAutomaticUpdates” to true, we are enabling windows updates i.e. patch upgrades, etc.
- Need to mention the upgrades are not with respect to Windows Upgrade i.e. not from Windows 2012 to Windows 2016 or similar.
- Once configured, the latest OS image published by image publishers is automatically applied to the scale set without user intervention.
- However, for the effect to take place in the Azure portal under VMSS section, we need to reimage the nodes and then only the corresponding value will be displayed in “Windows automatic updates.” Please refer below screenshot where we have configured “enableAutomaticUpdates” to true:
- On the other hand, “enableAutomaticOSUpgrade” indicates whether OS upgrades should automatically be applied to scale set instances in a rolling fashion when a newer version of the OS image becomes available. Default value is false.
- If this is set to true for Windows based scale sets, recommendation is to set enableAutomaticUpdatesto false.
- The caveat here is that the upgrades to the VM’s are applied in a rolling fashion and therefore there shall be no downtime to the applications deployed. However, the specific node undergoing the upgrade shall go down for some time till the upgrade is finished.
- There are some prerequisites for this property which are mentioned in this link https://docs.microsoft.com/en-us/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-automat....
- The above 2 properties can be seen in resources.azure.com as below:
Fabric Upgrade Mode
- Fabric Upgrade Mode is applicable to the Service Fabric Code and Configuration. Microsoft announces service fabric upgrades regularly and the same can be found in service fabric team blog. Usually for a specific version the support gets ended after a minimum of 60 days from date of announcement.
- We can either use an Automatic Upgrade Mode or can change to Manual Mode. We need to keep in mind that Microsoft introduces lot of security upgrades/fixes, bug fixes, etc. with the release of new versions therefore its always recommended to use the latest Service Fabric Version.
- For a production cluster, we recommend using Manual Mode and explicitly upgrade the SF version whenever a new release is introduced. We can probably do this in off production hours.
Some Use cases
- If “enableAutomaticUpdates” is set to true, upgrade mode is set to Automatic and “enableAutomaticOSUpgrade” is set to False, this means we are allowing OS upgrades to get installed automatically in all the VM’s in one go and there is a high possibility where a number of VM’s nodes in a cluster will go down.
- However, if we change the “enableAutomaticOSUpgrade” to true, the updates will be implemented in a rolling fashion i.e. one node at a time and this shall not cause any downtime for your applications deployed.
- In case we want to disable the windows updates, we need to set “enableAutomaticUpdates” as false and as mentioned in the article https://docs.microsoft.com/en-us/dotnet/api/microsoft.azure.management.compute.models.windowsconfigu... the updates will take effect only on OS re-provisioning i.e. reimaging the node one by one. Reimaging will put the specific node down for short bit of time but as your applications are deployed in different nodes, there will be no downtime.
- We need to note here that the above step is not a recommended option as there are updates based on security vulnerabilities, bug fixes, patches, etc.