This Knowledgebase article describes how to deliver patches and hot fixes distributed via Windows Live Update or Windows Server Update Service (WSUS) to passive servers, and if desired to patch both servers simultaneously. The principles and techniques presented in this article may be applicable to, or extended to other third party patch management systems; Neverfail recommends that administrators attempt this in a lab environment before deploying on production servers. Please note, fully automated patching may require some application downtime if the patch requires systems to reboot; recommendations have been provided to accommodate differences in time to apply patches and for the servers to reboot across the Neverfail pair/ trio.
- All hosts in Cluster are synchronized
- Windows Update is set to: Download updates but let me choose whether to install them.
- An Inclusion Filter has been created to replicate patches as they are downloaded to the Windows patch download location; %SystemRoot%\Windows\SoftwareDistribution\Download\**.
- You are working from the console of the active Server with the Primary server active and the Secondary and Tertiary servers are passive.
- All machines in the cluster are currently at the same patch level
- The Fast Check process will be leveraged.
Note: The update process should be performed during a maintenance window, as a reboot of the servers may be required.
- On the Primary server, start Windows Update Client. Ensure that all patches are downloaded and are ready to install (do not install at this time).
- Perform a Managed Switchover making the Secondary server active.
- Open the Windows Update Client and Check for updates. This should verify that all patches have been downloaded and are ready for install (do not install at this time).
- Perform a Managed Switchover making the Primary server active.
- Apply patches to all servers in the cluster (Primary, Secondary, and Tertiary if present), but do not reboot at this time.
- Once all patches have been applied to all servers in the cluster, using the Neverfail Heartbeat Management Client, on the Server: Summary page, click Shutdown.
- When prompted in the Shutdown Options dialog, select all servers in the cluster (Primary, Secondary, and Tertiary if present) and select the option to Stop protected Applications. Click OK.
- When Neverfail Heartbeat has completed the shutdown process on all servers in the cluster, restart the servers in the following order:
- Tertiary (if present)
- All servers in the Cluster should come back up and once the Startup process has completed, Neverfail's Fast Check process should bring the Cluster into sync quickly.
Knowledgebase article #832 : How to Apply Operating System (OS) Patches or Hotfixes on a Neverfail Pair With Minimal Interruption
Knowledgebase article #2438 : How to Apply Operating System (OS) Patches or Hotfixes in a Tertiary Configuration With Minimal Interruption