I have started to use Azure Update Management, but I am finding that it is missing updates, which show up when I go into the VM I am running it against, then to Windows Updates.
For Example, in Azure Update Management, for VM1 I can see the following as outstanding:
But if I log into VM1 and open Windows Update, I see the following:
But isn't the Update Management showing these updates, which are available if I go into the VM.
I have also noticed that for some VM's, Azure Update Management reports that during the scheduled deployment, a certain KB has successfully installed, but if I log into the VM and go to Windows Update, it shows as available to be installed.
Related
A few days ago I have enabled orchestrated patching on a few of my Azure-hosted VMs in the Azure portal. I am planning to add an automatic and scheduled upgrade to those VMs using orchestrated patching with a scheduler through the Azure update management center.
However, I have not finalized the date for when to run window updates and have thus not created any scheduler for my VMs.
I noticed today, that over the last few days patches have been installed onto the VM without my authorization. This made me want to ask what the expected behavior of azure orchestrated patching without a scheduler being added. Does it automatically install the latest patches as they come in? What kind/category of patches are they installed on my VMs?
I have created a custom OS images on Azure containing my app, omsagent, and a configuration file to track my application logs. I verified that the custom logs were available on Log Analytics Workspace for that VM.
When I create a new VM with this custom OS, using Python SDK, I don't receive logs in the workspace. I verified that omsagent is working. It is sending heartbeats that are visible on the Log Analytics Workspace > Insights > Agents.
I found out that the new is was not Connected to the workspace.
So my question is how do I automatically connect a VM to Log Analytics Workspace at creation time?
I would advise against baking the Log Analytics Agent (OMS Agent) into the image directly - Azure doesn't recommend this kind of setup. Instead, you should be using an Azure Policy that they provide exactly for this scenario.
We have dozens of VMs and Scale Sets we need to manage with Log Analytics Agent installed on each of them when we build the custom images. In the beginning everything was working fine but a couple of months later those images stopped working.
After spending some time investigating with the Azure team we found out that the agent's certificate wasn't being renewed and it wouldn't connect to the Workspace automatically. Even worse was that because of this, it was failing all our images builds.
We were told that this is not the right practice and we should look at Azure Policies. They are rather easy to setup - just assign once and forget about them. It's also good for compliance and will let you know if there's any machine that's non-compliant.
Check this link for more info about Azure Monitor policies.
And this link will open your Azure Portal directly into the policies page for Windows VMs.
Here's a preview of the policies available:
I am new to Microsoft Azure and working on a MVP for a client. I am able to successfully deploy my ASP.NET MVC web app to a Web Role. The issue I'm facing is that Azure Web Role seems to recycle itself and revert to the deployment package. This leads to rollback of manual changes done (if any) after the deployment (like I allow user to upload profile images and am storing them in file system).
Is this the expected behavior? If not, when can I look from debugging purposes?
Looking for any help possible.
Is this the expected behavior? If not, when can I look from debugging
purposes?
It is expected behavior. Azure Fabric Controller is responsible for managing the Virtual Machines in which your WebRole runs. It takes care of patching the VM and do other maintenance related work on that VM. It is also responsible for taking out faulty VMs and replace them with brand new VMs. When the replacement happens, Fabric Controller will create the new VM based on the last deployment package.
You should not be making any changes manually after VM hosting WebRole has been created, these are Stateless VMs. Any changes you make to VM will be rolled back if Fabric Controller decides to recycle the VM. Please note that these changes do persist if the VM is simply rebooted.
I have a azure VM. I setup the Backup in the Recovery Service vaults. Installed Windows Azure Guest Agent on VM (WindowsAzureVmAgent.2.7.1198.778.rd_art_stable.160617-1120.fre.msi), update GuestAgentStatus based on https://blogs.msdn.microsoft.com/mast/2014/04/07/install-the-vm-agent-on-an-existing-azure-vm/ . Now if I check GuestAgentStatus, I can see ProvisionGuestAgent has value.
However, once I setup backup, run it, it always failed. The error message is:
The VM Agent is not in Running State.
The recommended action is:
This is mostly because of older version of VM agent. Please update the VM agent as mentioned in the troubleshooting guide at http://go.microsoft.com/fwlink/?LinkId=800034
It also has another link: https://azure.microsoft.com/en-us/documentation/articles/backup-azure-vms-troubleshoot/
However, they do not provide solution for the same error. There is a similar error:
Could not communicate with the VM agent for snapshot status. - Ensure that VM has internet access. Also, update the VM agent as mentioned in the troubleshooting guide at http://go.microsoft.com/fwlink/?LinkId=800034
The VM agent is the latest, also, I can use its DNS RDP to the VM, there is no problem to browser website like google, etc., and no Network Security Group.
Anyone has any ideas why the backup failed? How do I check whether the VM agent is running?
Thanks
See if restarting the VM post updating the agent is solving the issue. VM agent will be listed under services running inside a Windows machine.
I'm trying out Team Services and I see that I can add queues but I can't add any agents to them. In fat, I had two starting queues: Default and Hosted and only the latter had an agent in it.
Are agents necessary for enabling automatic builds or am I a victim of misconception?
How do I do more agents to the queues?
To Add more Hosted Agents, which as of this writing cost $40 each, you also have to have an Azure account and have it linked to your Visual Studio Team Services account.
Assuming your VSTS and Azure accounts are linked, log in to the new Azure Portal, go to All Resources and search for Team Services Account. Select your Team and then choose the option Build And Deployment service. The first option that shows up is Hosted Agents which defaults to 1, and you can increase up to 5 per pool.
If you're going to be depending on Microsoft to provide the agents, use the Hosted queue. You can't add machines to the hosted queue, the idea there is that agents are provisioned on-the-fly for your builds.
For other queues, you need to install and configure an agent on a machine (whether on-prem or in Azure/AWS). For Windows machines, there's a download link right on the agent pool screen.
For non-Windows machines, you can install the Node.JS build agent from NPM.