diff --git a/articles/virtual-machines/automatic-extension-upgrade.md b/articles/virtual-machines/automatic-extension-upgrade.md index 436648c2cf..9847f22c83 100644 --- a/articles/virtual-machines/automatic-extension-upgrade.md +++ b/articles/virtual-machines/automatic-extension-upgrade.md @@ -1,5 +1,5 @@ --- -title: Automatic Extension Upgrade for VMs and Scale Sets in Azure +title: Automatic Extension Upgrade for VMs and scale sets in Azure description: Learn how to enable the Automatic Extension Upgrade for your virtual machines and virtual machine scale sets in Azure. ms.service: azure-virtual-machines ms.subservice: extensions @@ -9,89 +9,102 @@ ms.date: 11/7/2023 ms.custom: devx-track-azurepowershell --- -# Automatic Extension Upgrade for Virtual Machines (VM) and Scale Sets (VMSS) in Azure +# Automatic Extension Upgrade for virtual machines and scale sets in Azure -Automatic Extension Upgrade is available for Azure VMs and Azure Virtual Machine Scale Sets. When Automatic Extension Upgrade is enabled on a virtual machine or scale set, the extension is upgraded automatically whenever the extension publisher releases a new version for that extension. +Automatic Extension Upgrade is available for Azure Virtual Machines and Azure Virtual Machine Scale Sets. When Automatic Extension Upgrade is enabled on a virtual machine (VM) or scale set, the extension automatically upgrades whenever the extension publisher releases a new version for that extension. Automatic Extension Upgrade has the following features: -- Supported for Azure VMs and Azure Virtual Machine Scale Sets. + +- Azure VMs and virtual machine scale sets are supported. - Upgrades are applied in an availability-first deployment model. -- For a Virtual Machine Scale Set, no more than 20% of the scale set virtual machines upgrades in a single batch. The minimum batch size is one virtual machine. -- Works for all VM sizes, and for both Windows and Linux extensions. -- You can opt out of automatic upgrades at any time. -- Automatic extension upgrade can be enabled on a Virtual Machine Scale Sets of any size. -- Each supported extension is enrolled individually, and you can choose which extensions to upgrade automatically. -- Supported in all public cloud regions. +- For a virtual machine scale set, no more than 20% of the scale set VM upgrades are in a single batch. The minimum batch size is one VM. +- All VM sizes and both Windows and Linux extensions are compatible. +- Automatic upgrades are optional at any time. +- Virtual machine scale sets of any size are enabled. +- Each supported extension is enrolled individually. You can choose which extensions to upgrade automatically. +- All public cloud regions are supported. ## How does Automatic Extension Upgrade work? -The extension upgrade process replaces the existing extension version on a VM with a new version of the same extension when published by the extension publisher. The health of the VM is monitored after the new extension is installed. If the VM isn't in a healthy state within 5 minutes of the upgrade completion, the extension version is rolled back to the previous version. + +The extension upgrade process replaces the existing extension version on a VM whenever the extension publisher publishes a new version of the same extension. The health of the VM is monitored after the new extension is installed. If the VM isn't in a healthy state within five minutes of the upgrade completion, the extension version rolls back to the previous version. A failed extension upgrade is automatically retried. A retry is attempted every few days automatically without user intervention. -### Availability-first Updates -The availability-first model for platform orchestrated upgrades ensures that availability configurations in Azure are respected across multiple availability levels. +### Availability-first updates + +The availability-first model for platform-orchestrated upgrades ensures that availability configurations in Azure are respected across multiple availability levels. + +For a group of VMs undergoing an upgrade, the Azure platform orchestrates upgrades across regions, within a region, and within a set. -For a group of virtual machines undergoing an upgrade, the Azure platform orchestrates upgrades: +#### Across regions -**Across regions:** - An upgrade moves across Azure globally in a phased manner to prevent Azure-wide deployment failures. -- A 'phase' can have one or more regions, and an upgrade moves across phases only if eligible VMs in the previous phase upgrade successfully. +- A phase can have one or more regions, and an upgrade moves across phases only if eligible VMs in the previous phase upgrade successfully. - Geo-paired regions aren't upgraded concurrently and can't be in the same regional phase. -- The success of an upgrade is measured by tracking the health of a VM post upgrade. VM health is tracked through platform health indicators for the VM. For Virtual Machine Scale Sets, the VM health is tracked through application health probes or the Application Health extension, if applied to the scale set. +- The success of an upgrade is measured by tracking the health of a VM post upgrade. VM health is tracked through platform health indicators for the VM. For virtual machine scale sets, the VM health is tracked through application health probes or the Application Health extension, if it's applied to the scale set. -**Within a region:** -- VMs in different Availability Zones aren't upgraded concurrently with the same upgrade. -- Single VMs that aren't part of an availability set are batched on a best effort basis to avoid concurrent upgrades for all VMs in a subscription. +#### Within a region -**Within a 'set':** -- All VMs in a common availability set or scale set aren't upgraded concurrently. -- VMs in a common availability set are upgraded within Update Domain boundaries and VMs across multiple Update Domains aren't upgraded concurrently. -- VMs in a common virtual machine scale set are grouped in batches and upgraded within Update Domain boundaries. [Upgrade policies](../virtual-machine-scale-sets/virtual-machine-scale-sets-upgrade-policy.md) defined on the scale set are honored during the upgrade. Each group is upgraded using rolling upgrade strategy. +- VMs in different availability zones aren't upgraded concurrently with the same upgrade. +- Single VMs that aren't part of an availability set are batched on a best-effort basis to avoid concurrent upgrades for all VMs in a subscription. -### Upgrade process for Virtual Machine Scale Sets -1. Before the upgrade process starts, the orchestrator ensures that no more than 20% of VMs in the entire scale set are unhealthy (for any reason). +#### Within a set -2. The upgrade orchestrator identifies the batch of VM instances to upgrade. An upgrade batch can have a maximum of 20% of the total VM count, subject to a minimum batch size of one virtual machine. Definition of Upgrade Policy and Availability Zones is considered while identifying the batch. +- All VMs in a common availability set or scale set aren't upgraded concurrently. +- VMs in a common availability set are upgraded within update domain boundaries. VMs across multiple update domains aren't upgraded concurrently. +- VMs in a common virtual machine scale set are grouped in batches and upgraded within update domain boundaries. [Upgrade policies](../virtual-machine-scale-sets/virtual-machine-scale-sets-upgrade-policy.md) defined on the scale set are honored during the upgrade. Each group is upgraded by using a rolling upgrade strategy. -3. After the upgrade, the VM health is always monitored before moving to the next batch. For scale sets with configured application health probes or Application Health extension, application health is also monitored. The upgrade waits up to 5 minutes (or the defined health probe configuration) for the VM to become healthy before upgrading the next batch. If a VM doesn't recover its health after an upgrade, then by default the previous extension version on the VM is reinstalled. +### Upgrade process for virtual machine scale sets -4. The upgrade orchestrator also tracks the percentage of VMs that become unhealthy after an upgrade. The upgrade stops if more than 20% of upgraded instances become unhealthy during the upgrade process. +- Before the upgrade process starts, the orchestrator ensures that no more than 20% of VMs in the entire scale set are unhealthy (for any reason). +- The upgrade orchestrator identifies the batch of VM instances to upgrade. An upgrade batch can have a maximum of 20% of the total VM count, subject to a minimum batch size of one VM. The orchestrator considers the definition of the upgrade policy and availability zones while the batch is identified. +- After the upgrade, the VM health is always monitored before moving to the next batch. For scale sets with configured application health probes or the Application Health extension, application health is also monitored. The upgrade waits up to five minutes (or the defined health probe configuration) for the VM to become healthy before upgrading the next batch. If a VM doesn't recover its health after an upgrade, then by default, the previous extension version on the VM is reinstalled. +- The upgrade orchestrator also tracks the percentage of VMs that become unhealthy after an upgrade. The upgrade stops if more than 20% of upgraded instances become unhealthy during the upgrade process. This process continues until all instances in the scale set are upgraded. -The scale set upgrade orchestrator checks for the overall scale set health before upgrading every batch. During a batch upgrade, there could be other concurrent planned or unplanned maintenance activities that could impact the health of your scale set virtual machines. In such cases, if more than 20% of the scale set's instances become unhealthy, then the scale set upgrade stops at the end of current batch. +The scale set upgrade orchestrator checks for the overall scale set health before upgrading every batch. During a batch upgrade, other concurrent planned or unplanned maintenance activities could affect the health of your scale set VMs. In such cases, if more than 20% of the scale set's instances become unhealthy, the scale set upgrade stops at the end of the current batch. ## Supported extensions + Automatic Extension Upgrade supports the following extensions (and more are added periodically): -- [Azure Automation Hybrid Worker extension](/azure/automation/extension-based-hybrid-runbook-worker-install) - Linux and Windows -- Dependency Agent – [Linux](./extensions/agent-dependency-linux.md) and [Windows](./extensions/agent-dependency-windows.md) -- [Application Health Extension](../virtual-machine-scale-sets/virtual-machine-scale-sets-health-extension.md) – Linux and Windows -- [Guest Attestation Extension](../virtual-machines/boot-integrity-monitoring-overview.md) - Linux and Windows -- [Guest Configuration Extension](./extensions/guest-configuration.md) – Linux and Windows -- Key Vault – [Linux](./extensions/key-vault-linux.md) and [Windows](./extensions/key-vault-windows.md) -- [Azure Monitor Agent](/azure/azure-monitor/agents/azure-monitor-agent-overview) -- [Log Analytics Agent for Linux](/azure/azure-monitor/agents/log-analytics-agent) + +- [Azure Automation Hybrid Worker extension](/azure/automation/extension-based-hybrid-runbook-worker-install): Linux and Windows +- Dependency Agent: [Linux](./extensions/agent-dependency-linux.md) and [Windows](./extensions/agent-dependency-windows.md) +- [Application Health extension](../virtual-machine-scale-sets/virtual-machine-scale-sets-health-extension.md): Linux and Windows +- [Guest Attestation extension](../virtual-machines/boot-integrity-monitoring-overview.md): Linux and Windows +- [Guest Configuration extension](./extensions/guest-configuration.md): Linux and Windows +- Azure Key Vault: [Linux](./extensions/key-vault-linux.md) and [Windows](./extensions/key-vault-windows.md) +- [Azure Monitor agent](/azure/azure-monitor/agents/azure-monitor-agent-overview) +- [Log Analytics agent for Linux](/azure/azure-monitor/agents/log-analytics-agent) - [Azure Diagnostics extension for Linux](/azure/azure-monitor/agents/diagnostics-extension-overview) -- Service Fabric – [Linux](../service-fabric/service-fabric-tutorial-create-vnet-and-linux-cluster.md#service-fabric-extension) +- Azure Service Fabric: [Linux](../service-fabric/service-fabric-tutorial-create-vnet-and-linux-cluster.md#service-fabric-extension) --- -## Enabling Automatic Extension Upgrade +## Enable Automatic Extension Upgrade + +To enable Automatic Extension Upgrade for an extension, you must ensure that the property `enableAutomaticUpgrade` is set to `true` and added to every extension definition individually. + +### Use the Azure portal + +In the Azure portal, use the **Extension** pane to enable automatic upgrade of extensions on existing VMs and virtual machine scale sets. + +1. Go to the [Virtual Machines](https://portal.azure.com/#view/HubsExtension/BrowseResource/resourceType/Microsoft.Compute%2FVirtualMachines) or [Virtual Machines Scale Sets](https://ms.portal.azure.com/#view/HubsExtension/BrowseResource/resourceType/Microsoft.Compute%2FvirtualMachineScaleSets) pane, and select the resource name. +1. Under **Settings**, go to the **Extensions + applications** pane, which shows all extensions installed on the resource. The **Automatic upgrade status** column shows you if the automatic upgrade of the extension is enabled, disabled, or not supported. +1. Select the extension name to open the **Extensions** details pane. + + :::image type="content" source="media/auto-extension.png" alt-text="Screenshot that shows the Extensions pane in the Azure portal." lightbox="media/auto-extension.png"::: + +1. Select **Enable automatic upgrade** to enable automatic upgrade of the extension. Use this button to disable an automatic upgrade, if necessary. -To enable Automatic Extension Upgrade for an extension, you must ensure the property `enableAutomaticUpgrade` is set to `true` and added to every extension definition individually. + :::image type="content" source="media/auto-extension-upgrade.png" alt-text="Screenshot that shows Enable automatic upgrade in the Azure portal."::: -### Using Azure portal -You can use Azure portal - Extension blade to enable automatic upgrade of extensions on existing Virtual Machines and Virtual Machine Scale Sets. -1. Navigate to [Virtual Machines](https://portal.azure.com/#view/HubsExtension/BrowseResource/resourceType/Microsoft.Compute%2FVirtualMachines) or [Virtual Machines Scale Sets](https://ms.portal.azure.com/#view/HubsExtension/BrowseResource/resourceType/Microsoft.Compute%2FvirtualMachineScaleSets) blade and select the resource by clicking on its name. -2. Navigate to "Extenisons + applications" blade under Settings which shows all extensions installed on the resource. The "Automatic Upgrade Status" column tells if Automatic upgrade of the extension is enabled, disabled or not-supported. -3. Navigate to Extension details blade by clicking on the extension name. -:::image type="content" source="media/auto-extension.png" alt-text="Screenshot of Azure portal - Extension blade." lightbox="media/auto-extension.png"::: -4. Click "Enable automatic upgrade" to enable automatic upgrade of the extension. This button can also be used to disable automatic upgrade when required. -:::image type="content" source="media/auto-extension-upgrade.png" alt-text="Screenshot of Azure portal to enable automatic upgrade of the extension."::: +### For virtual machines -### For Virtual Machines #### [REST API](#tab/RestAPI1) -To enable automatic extension upgrade for an extension (in this example the Dependency Agent extension) on an Azure VM, use the following call: + +To enable Automatic Extension Upgrade for an extension (in this example, the Dependency Agent extension) on an Azure VM, use the following call: ``` PUT on `/subscriptions//resourceGroups//providers/Microsoft.Compute/virtualMachines//extensions/?api-version=2019-12-01` @@ -113,6 +126,7 @@ PUT on `/subscriptions//resourceGroups//provi ``` #### [PowerShell](#tab/powershell1) + Use the [Set-AzVMExtension](/powershell/module/az.compute/set-azvmextension) cmdlet: ```azurepowershell-interactive @@ -127,6 +141,7 @@ Set-AzVMExtension -ExtensionName "Microsoft.Azure.Monitoring.DependencyAgent" ` ``` #### [CLI](#tab/cli1) + Use the [az vm extension set](/cli/azure/vm/extension#az-vm-extension-set) cmdlet: ```azurecli-interactive @@ -139,9 +154,9 @@ az vm extension set \ --enable-auto-upgrade true ``` - #### [Template](#tab/template1) -The following example describes how to set automatic extension upgrades for an extension (Dependency Agent Extension in this example) on a Virtual Machine using Azure Resource Manager + +The following example describes how to set automatic extension upgrades for an extension (Dependency Agent extension in this example) on a VM by using Azure Resource Manager. ```json { @@ -165,7 +180,7 @@ The following example describes how to set automatic extension upgrades for an e ``` ---- -### For Virtual Machine Scale Sets +### For virtual machine scale sets #### [REST API](#tab/RestAPI2) @@ -198,6 +213,7 @@ PUT on `/subscriptions//resourceGroups//provi ``` #### [PowerShell](#tab/powershell2) + Use the [Add-AzVmssExtension](/powershell/module/az.compute/add-azvmssextension) cmdlet to add the extension to the scale set model: ```azurepowershell-interactive @@ -209,9 +225,10 @@ Add-AzVmssExtension -VirtualMachineScaleSet $vmss -EnableAutomaticUpgrade $true ``` -Update the scale set using [Update-AzVmss](/powershell/module/az.compute/update-azvmss) after adding the extension. +Update the scale set by using [Update-AzVmss](/powershell/module/az.compute/update-azvmss) after you add the extension. #### [CLI](#tab/cli2) + Use the [az vmss extension set](/cli/azure/vmss/extension#az-vmss-extension-set) cmdlet to add the extension to the scale set model: ```azurecli-interactive @@ -225,7 +242,8 @@ az vmss extension set \ ``` #### [Template](#tab/template2) -Use the following example to set automatic extension upgrade on the extension within the scale set model: + +Use the following example to set Automatic Extension Upgrade on the extension within the scale set model: ```json { @@ -252,41 +270,46 @@ Use the following example to set automatic extension upgrade on the extension wi } ``` ---- + > [!NOTE] -> These operations sets the "enableAutomaticUpgrade" property to true on the VMSS resource but not on the underlying VMs. -If the VMSS defines [automatic or rolling upgrade mode in the upgradeProfile](../virtual-machine-scale-sets/virtual-machine-scale-sets-change-upgrade-policy.md), then VMSS automatically propagates the change to each underlying VM. -If the VMSS defines manual mode in the upgradePofile, then you also need to [manually update each instance](../virtual-machine-scale-sets/virtual-machine-scale-sets-perform-manual-upgrades.md) and propagate the change to each underlying VM. +> These operations set the `enableAutomaticUpgrade` property to `true` on the virtual machine scale set resource but not on the underlying VMs. + +If the virtual machine scale set defines [automatic or rolling upgrade mode in the upgradeProfile](../virtual-machine-scale-sets/virtual-machine-scale-sets-change-upgrade-policy.md), the virtual machine scale set automatically propagates the change to each underlying VM. + +If the virtual machine scale set defines manual mode in the `upgradeProfile`, you also need to [manually update each instance](../virtual-machine-scale-sets/virtual-machine-scale-sets-perform-manual-upgrades.md) and propagate the change to each underlying VM. --- ## Extension upgrades with multiple extensions -A VM or Virtual Machine Scale Set can have multiple extensions with automatic extension upgrade enabled. The same VM or scale set can also have other extensions without automatic extension upgrade enabled. +A VM or virtual machine scale set can have multiple extensions with Automatic Extension Upgrade enabled. The same VM or scale set can also have other extensions without Automatic Extension Upgrade enabled. + +If multiple extension upgrades are available for a VM, the upgrades might be batched together, but each extension upgrade is applied individually on a VM. A failure on one extension doesn't affect the other extensions that might be upgrading. For example, if two extensions are scheduled for an upgrade, and the first extension upgrade fails, the second extension is still upgraded. + +You can also apply Automatic Extension Upgrade when a VM or virtual machine scale set has multiple extensions configured with [extension sequencing](../virtual-machine-scale-sets/virtual-machine-scale-sets-extension-sequencing.md). Extension sequencing is for the first-time deployment of the VM. Any future extension upgrades on an extension are applied independently. -If multiple extension upgrades are available for a virtual machine, the upgrades may be batched together, but each extension upgrade is applied individually on a virtual machine. A failure on one extension doesn't impact the other extensions that may be upgrading. For example, if two extensions are scheduled for an upgrade, and the first extension upgrade fails, the second extension is still be upgraded. +## Difference between EnableAutomaticUpgrade and AutoUpgradeMinorVersion -Automatic Extension Upgrades can also be applied when a VM or virtual machine scale set has multiple extensions configured with [extension sequencing](../virtual-machine-scale-sets/virtual-machine-scale-sets-extension-sequencing.md). Extension sequencing is applicable for the first-time deployment of the VM, and any future extension upgrades on an extension are applied independently. +- `AutoUpgradeMinorVersion`: -## Difference between enableAutomaticUpgrade and autoUpgradeMinorVersion -1. AutoUpgradeMinorVersion: - - This property is used during VM creation and while upgrading the VM with a new configuration. - - When set to “true,” it ensures that the latest minor version of the extension is automatically installed on the virtual machine. - - It overrides the TypeHandlerVersion with the latest stable minor version available. - - While upgrading the VM configuration, if a new minor version is available, then it's considered a configuration change and the extension is reinstalled with latest minor version. - - This helps keep newly created VMs up-to-date with the latest stable minor extension version. - - If you want to manually set the extension to a specific version, set this property to “false.” + - This property is used during VM creation and while you upgrade the VM with a new configuration. + - When set to `true`, it ensures that the latest minor version of the extension is automatically installed on the VM. + - It overrides the `TypeHandlerVersion` with the latest stable minor version available. + - When you upgrade the VM configuration, if a new minor version is available, it's considered a configuration change. The extension is reinstalled with the latest minor version. + - In this way, newly created VMs keep up to date with the latest stable minor extension version. + - If you want to manually set the extension to a specific version, set this property to `false`. -2. EnableAutomaticUpgrade: - - This property affects existing virtual machines. - - It does not impact the version installed during VM creation. - - After VM creation, if the VM is not running the latest minor version of the extension, enabling this property triggers an automatic upgrade. - - Upgrades do not cause VM reboot, are rolled out in a safe rolling manner and failed upgrades are rolled back immediately to provide high service availability and reliability. - - It ensures that existing VMs stay secure and up-to-date by automatically updating them to the latest minor version. +- `EnableAutomaticUpgrade`: + - This property affects existing VMs. + - It doesn't affect the version installed during VM creation. + - After VM creation, if the VM isn't running the latest minor version of the extension, enable this property to trigger an automatic upgrade. + - Upgrades don't cause VM reboot and are rolled out in a safe rolling manner. Failed upgrades are rolled back immediately to provide high service availability and reliability. + - Existing VMs stay secure and up to date by automatically updating them to the latest minor version. -It is recommended to enable both properties to keep all VMs secure and up-to-date. +We recommend that you enable both properties to help keep all VMs secure and up to date. -Upgrades to major extension versions are never performed automatically by either properties since major versions can include breaking changes. You must manually set the TypeHandlerVersion to a major version and manually upgrade each existing VM to the latest major version. +Upgrades to major extension versions are never performed automatically by either properties because major versions can include breaking changes. You must manually set `TypeHandlerVersion` to a major version and manually upgrade each existing VM to the latest major version. -## Next steps +## Next step > [!div class="nextstepaction"] -> [Learn about the Application Health Extension](../virtual-machine-scale-sets/virtual-machine-scale-sets-health-extension.md) +> [Learn about the Application Health extension](../virtual-machine-scale-sets/virtual-machine-scale-sets-health-extension.md) diff --git a/articles/virtual-machines/extensions/agent-dependency-linux.md b/articles/virtual-machines/extensions/agent-dependency-linux.md index df127f5cb0..e1476fd1a8 100644 --- a/articles/virtual-machines/extensions/agent-dependency-linux.md +++ b/articles/virtual-machines/extensions/agent-dependency-linux.md @@ -147,7 +147,7 @@ az vm extension set \ ## Automatic extension upgrade A new feature to [automatically upgrade minor versions](../automatic-extension-upgrade.md) of Dependency extension is now available. -To enable automatic extension upgrade for an extension, you must ensure the property `enableAutomaticUpgrade` is set to `true` and added to the extension template. This property must be enabled on every VM or VM scale set individually. Use one of the methods described in the [enablement](../automatic-extension-upgrade.md#enabling-automatic-extension-upgrade) section enable the feature for your VM or VM scale set. +To enable automatic extension upgrade for an extension, you must ensure the property `enableAutomaticUpgrade` is set to `true` and added to the extension template. This property must be enabled on every VM or VM scale set individually. Use one of the methods described in the [enablement](../automatic-extension-upgrade.md#enable-automatic-extension-upgrade) section enable the feature for your VM or VM scale set. When automatic extension upgrade is enabled on a VM or VM scale set, the extension is upgraded automatically whenever the extension publisher releases a new version for that extension. The upgrade is applied safely following availability-first principles as described [here](../automatic-extension-upgrade.md#how-does-automatic-extension-upgrade-work). diff --git a/articles/virtual-machines/extensions/agent-dependency-windows.md b/articles/virtual-machines/extensions/agent-dependency-windows.md index 0a6cd66938..e96468b2aa 100644 --- a/articles/virtual-machines/extensions/agent-dependency-windows.md +++ b/articles/virtual-machines/extensions/agent-dependency-windows.md @@ -147,7 +147,7 @@ Set-AzVMExtension -ExtensionName "Microsoft.Azure.Monitoring.DependencyAgent" ` ## Automatic extension upgrade A new feature to [automatically upgrade minor versions](../automatic-extension-upgrade.md) of Dependency extension is now available. -To enable automatic extension upgrade for an extension, you must ensure the property `enableAutomaticUpgrade` is set to `true` and added to the extension template. This property must be enabled on every VM or VM scale set individually. Use one of the methods described in the [enablement](../automatic-extension-upgrade.md#enabling-automatic-extension-upgrade) section enable the feature for your VM or VM scale set. +To enable automatic extension upgrade for an extension, you must ensure the property `enableAutomaticUpgrade` is set to `true` and added to the extension template. This property must be enabled on every VM or VM scale set individually. Use one of the methods described in the [enablement](../automatic-extension-upgrade.md#enable-automatic-extension-upgrade) section enable the feature for your VM or VM scale set. When automatic extension upgrade is enabled on a VM or VM scale set, the extension is upgraded automatically whenever the extension publisher releases a new version for that extension. The upgrade is applied safely following availability-first principles as described [here](../automatic-extension-upgrade.md#how-does-automatic-extension-upgrade-work). diff --git a/articles/virtual-machines/includes/disks-premv2-regions.md b/articles/virtual-machines/includes/disks-premv2-regions.md index 8d279e3fa2..2d7e6196a4 100644 --- a/articles/virtual-machines/includes/disks-premv2-regions.md +++ b/articles/virtual-machines/includes/disks-premv2-regions.md @@ -29,7 +29,7 @@ Currently only available in the following regions: - North Europe (Three availability zones) - Norway East (Three availability zones) - Poland Central (Three availability zones) -- Spain Central (Two availability zones) +- Spain Central (Three availability zones) - South Africa North (Three availability zones) - South Central US (Three availability zones) - Southeast Asia (Three availability zones) diff --git a/articles/virtual-machines/updates-maintenance-overview.md b/articles/virtual-machines/updates-maintenance-overview.md index 54127ff138..f61944f7df 100644 --- a/articles/virtual-machines/updates-maintenance-overview.md +++ b/articles/virtual-machines/updates-maintenance-overview.md @@ -1,6 +1,6 @@ --- title: Guest updates and host maintenance overview -description: Learn about the updates and maintenance options available with virtual machines in Azure +description: Learn about the updates and maintenance options that are available with virtual machines in Azure. author: mimckitt ms.author: mimckitt ms.service: azure-virtual-machines @@ -13,76 +13,92 @@ ms.reviewer: cynthn **Applies to:** :heavy_check_mark: Linux VMs :heavy_check_mark: Windows VMs :heavy_check_mark: Flexible scale sets :heavy_check_mark: Uniform scale sets -This article provides an overview of the various guest updates and host maintenance options for Azure virtual machines (VMs). +This article provides an overview of guest update and host maintenance options for Azure virtual machines (VMs). -Azure periodically updates its infrastructure to improve reliability, performance, security or to launch new features. Most updates are transparent to the customers. To incorporate these updates Azure uses a robust infrastructure including region pairs, availability zones in combination with multiple tools and features. Azure also offers customers the ability to control updates on various Azure machines including Virtual Machine Scale Sets, Host Machines, Guest Virtual Machines and Extensions attached to VMs. This control is possible through maintenance configurations which customers can use to set up recurring schedules for when they want available platform updates to occur. +Azure periodically updates its infrastructure to improve reliability, performance, and security or to launch new features. Most updates are transparent to you. To incorporate these updates, Azure uses a robust infrastructure that includes region pairs and availability zones combined with multiple tools and features. -Azure infrastructure updates can range from upgrading network components, decommissioning hardware on network, patching software components in hosting environment or updating guest OS/ software’s on VMs. Each of these updates are performed using different tools available in Azure. +Azure also offers you the ability to control updates on Azure machines like virtual machine scale sets, host machines, guest VMs, and extensions attached to VMs. This control is possible through maintenance configurations, which you can use to set up recurring schedules for times when you want available platform updates to occur. -Maintenance platform aims to provide customers with *unified maintenance experience* for all Azure resources that are impacted during maintenance. Maintenance experience is available for a variety of Azure resources, including host ([Azure Dedicated Host](dedicated-hosts.md) and [Isolated](isolation.md) VMs), guest (VMs and Arc VMs), AKS, SFMC, Network Gateways (VPN Gateway, ExpressRoute, Virtual Network Gateway) resources either via Azure Portal, PowerShell or CLI. [Maintenance control](maintenance-configurations.md) provides customers with an option to skip or defer certain updates and schedule them only during their preferred maintenance window. However, in exceptional circumstances where a high-severity security issue arises that could potentially compromise customer services, Azure reserves the right to bypass these schedules to implement urgent changes. This measure is taken solely to ensure the safety and integrity of customer services and is employed only when the updates have no impact on customer resources. Such instances are infrequent and are invoked only as a last resort to safeguard resources. +With Azure infrastructure updates, you can: + +- Upgrade network components. +- Decommission hardware on networks. +- Patch software components in hosting environments. +- Update guest operating system (OS) software on VMs. + +To perform these updates, use the tools that are available in Azure. + +The maintenance platform aims to provide you with a *unified maintenance experience* for all Azure resources that are affected during maintenance. The maintenance experience is available for host ([Azure Dedicated Host](dedicated-hosts.md) and [isolated](isolation.md) VMs) and guest (VMs and Azure Arc VMs) resources, Azure Kubernetes Service, Salesforce Marketing Cloud (SFMC), and network gateways (Azure VPN Gateway, Azure ExpressRoute, and virtual network gateways in Azure). To deploy, use either the Azure portal, PowerShell, or the Azure CLI. + +[Maintenance control](maintenance-configurations.md) provides you with an option to skip or defer certain updates and schedule them only during your preferred maintenance window. In exceptional circumstances where a high-severity security issue arises that could potentially compromise customer services, Azure reserves the right to bypass these schedules to implement urgent changes. This measure is taken solely to help ensure the safety and integrity of customer services. It's employed only when the updates have no effect on customer resources. Such instances are infrequent and are invoked only as a last resort to safeguard resources. ## Host maintenance -Host maintenance is performed on the physical hosts where VMs are located and are usually transparent to the customers. But some updates can have an impact that is tolerated by most customers. During these updates the VMs that are allocated on the hosts might freeze (*non-rebootful updates*), reboot (*rebootful updates*) or be live migrated to another updated hosts. Azure chooses the update mechanism that's least impactful to customer VMs. +Host maintenance is performed on the physical hosts where VMs are located and is usually transparent to you. Some updates might have an effect on hosts that you can tolerate. During these updates, the VMs that are allocated on the hosts might freeze (*non-rebootful updates*), reboot (*rebootful updates*), or migrate live to another updated host. Azure chooses the update mechanism that affects your VMs the least. -### Dedicated hosts, Isolated VMs and Shared Hosts - - Host maintenance experience is available for [Dedicated](dedicated-hosts.md) hosts, [Isolated](isolation.md) VMs, and Shared hosts. Dedicated hosts are hosts in which all VMs are owned by one customer. Shared hosts are hosts in which VMs from multiple end-customers reside together. Isolated VMs are large machines that are isolated to a specific hardware type and dedicated to a single customer. +### Dedicated hosts, isolated VMs, and shared hosts + +The host maintenance experience is available for [dedicated](dedicated-hosts.md) hosts, [isolated](isolation.md) VMs, and shared hosts. Dedicated hosts are hosts in which one customer owns all VMs. Shared hosts are hosts in which VMs from multiple customers reside together. Isolated VMs are large machines that are isolated to a specific hardware type and dedicated to a single customer. - On [Dedicated](dedicated-hosts.md) hosts, customers have host maintenance experience available for all updates. Customers can opt into a maintenance control and schedule maintenance window based on their needs within 35days from last maintenance date. [Isolated](isolation.md) VMs have maintenance control experience available like Dedicated hosts. +On [dedicated](dedicated-hosts.md) hosts, you have the host maintenance experience available for all updates. You can opt into maintenance control and schedule a maintenance window based on your needs within 35 days from the last maintenance date. [Isolated](isolation.md) VMs have the maintenance control experience available like dedicated hosts. -Customer can use [maintenance control](maintenance-configurations.md) to: +You can use [maintenance control](maintenance-configurations.md) to: - Apply all updates together. -- Wait up to 35 days to apply updates for Host machines. +- Wait up to 35 days to apply updates for host machines. - Set up a maintenance schedule or use Azure Functions to automate platform updates. -- Maintenance configurations are effective across subscriptions and resource groups. +- Configure maintenance across subscriptions and resource groups. + +On shared hosts, the maintenance experience is available for rebootful updates or high-impact updates. Currently, the maintenance control experience isn't available for updates that take less than 30 seconds. + +### Maintenance notifications + +Azure provides notifications before, during, and after maintenance operations. [Scheduled events](./windows/scheduled-events.md) provide notifications before an event starts and while it's in progress so that your application can react automatically. [Flash Health events](flash-overview.md) provide information that you can consume to analyze alerts and trends in VM availability for reporting and root cause analysis. + +#### Scheduled events + +[Scheduled events](./windows/scheduled-events.md) provide advance notification of upcoming availability impacts so that you can prepare your application ahead of time. They're delivered directly to the affected VM and to all VMs in the same placement group for automated resilience. For information on scheduled events, see [Scheduled events for Windows VMs](./windows/scheduled-events.md) and [Scheduled events for Linux](./linux/scheduled-events.md). -On Shared hosts, customers have maintenance experience available for rebootful updates or for high impact update. For updates that are <30sec maintenance control experience isn't available today. +#### Flash Health events -### Maintenance notifications - - Azure provides notifications before, during, and after maintenance operations. [Scheduled events](./windows/scheduled-events.md) provide notifications before an event starts and while it is in progress so your application can react automatically. [Flash Health Events](flash-overview.md) enable you to consume and analyze alerts and trends in VMs availability for reporting and root cause analysis. - - #### Scheduled Events - - [Scheduled events](./windows/scheduled-events.md) provide advance notification of upcoming availability impacts so you can prepare your application for the impact ahead of time. They are optimized for automated resiliency by being delivered directly to the impacted VM and to all VMs in the same placement group. For information on Scheduled Events, see [Scheduled Events for Windows VMs](./windows/scheduled-events.md) and [Scheduled Events for Linux](./linux/scheduled-events.md). - - #### Flash Health Events - - [Flash Health Events](flash-overview.md) provide near real-time information about past availability impacts so customers can react to events and easily mitigate incidents. Flash information is available in Azure Monitor, AzureResource Graph, or Event Grid to integrate with your systems and processes. +[Flash Health events](flash-overview.md) provide near real-time information about past availability impacts so that you can react to events and easily mitigate incidents. Flash information is available in Azure Monitor, Azure Resource Graph, or Azure Event Grid to integrate with your systems and processes. -## Guest updates +## Guest updates -### OS Image upgrade - - [Automatic OS upgrades](../virtual-machine-scale-sets/virtual-machine-scale-sets-automatic-upgrade.md?context=/azure/virtual-machines/context/context) are available for Virtual Machine Scale Sets. An upgrade works by replacing the OS disk of a VM with a new disk created using the latest image version. Any configured extensions and custom data scripts are run on the OS disk, while data disks are retained. To minimize the application downtime, upgrades take place in batches, with no more than 20% of the scale set upgrading at any time. - Maintenance Control is also available for OS Image upgrades. Customers can opt into this experience by using maintenance configurations to schedule when these image upgrades are applied. To use this experience scale sets, need to have automatic OS upgrades enabled. Customers can schedule recurrence for up to a week (seven days) and a minimum of 5 hours is required for the maintenance window. +This section explains guest update options. + +### OS image upgrade + +[Automatic OS upgrades](../virtual-machine-scale-sets/virtual-machine-scale-sets-automatic-upgrade.md?context=/azure/virtual-machines/context/context) are available for virtual machine scale sets. An upgrade works by replacing the OS disk of a VM with a new disk that was created by using the latest image version. Any configured extensions and custom data scripts are run on the OS disk, while data disks are retained. To minimize the application downtime, upgrades take place in batches. No more than 20% of the scale set upgrades at any time. + +Maintenance control is also available for OS image upgrades. You can opt in to this experience by using maintenance configurations to schedule when to apply these image upgrades. To use this experience, scale sets need to have automatic OS upgrades enabled. You can schedule recurrence for up to a week (seven days). A minimum of five hours is required for the maintenance window. ### Guest VM patching - - [Automatic VM guest patching](automatic-vm-guest-patching.md) is integrated with Azure update manager that allows you to save recurring deployment schedules to install updates for your Windows Server and Linux machines in Azure, in on-premises environments, and in other cloud environments connected using Azure Arc-enabled servers. + +[Automatic VM guest patching](automatic-vm-guest-patching.md) is integrated with Azure Update Manager. You can save recurring deployment schedules to install updates for your Windows Server and Linux machines in Azure, in on-premises environments, and in other cloud environments that are connected by using Azure Arc-enabled servers. ### Guest extension upgrades - [Automatic Extension Upgrade](automatic-extension-upgrade.md) is available for Azure VMs and Azure Virtual Machine Scale Sets. When Automatic Extension Upgrade is enabled on a VM or scale set, the extension is upgraded automatically whenever the extension publisher releases a new version for that extension. The extension upgrade process replaces the existing extension version on a VM with a new version of the same extension when published by the extension publisher. The health of the VM is monitored after the new extension is installed. If the VM isn't in a healthy state within 5 minutes of the upgrade completion, the extension version is rolled back to the previous version. -Maintenance control on extensions is currently only available via CLI and PowerShell. Customers can schedule recurrence for up to a week (7 days) and a minimum of 5 hours is required for the maintenance window. -### Hotpatch +[Automatic Extension Upgrade](automatic-extension-upgrade.md) is available for Azure Virtual Machines and Azure Virtual Machine Scale Sets. When Automatic Extension Upgrade is enabled on a VM or scale set, the extension is automatically upgraded whenever the extension publisher releases a new version for that extension. The extension upgrade process replaces the existing extension version on a VM with the new version of the same extension. + +The health of the VM is monitored after the new extension is installed. If the VM isn't in a healthy state within five minutes of the upgrade completion, the extension version rolls back to the previous version. Maintenance control on extensions is currently available only via the CLI and PowerShell. You can schedule recurrence for up to a week (seven days). A minimum of five hours is required for the maintenance window. + +### Hotpatch -[Hotpatching](/azure/automanage/automanage-hotpatch?context=/azure/virtual-machines/context/context) is a new way to install updates on new Windows Server Azure Edition virtual machines (VMs) that doesn’t require a reboot after installation. Hotpatch for Windows Server Azure Edition VMs, has the following benefits: +[Hotpatching](/azure/automanage/automanage-hotpatch?context=/azure/virtual-machines/context/context) is a new way to install updates on new Windows Server Azure Edition VMs that doesn't require a reboot after installation. Hotpatching for Windows Server Azure Edition VMs has the following benefits: -- Lower workload impact with less reboots -- Faster deployment of updates as the packages are smaller, install faster, and have easier patch orchestration with Azure Update Manager -- Better protection, as the Hotpatch update packages are scoped to Windows security updates that install faster without rebooting +- Lower workload effect with fewer reboots. +- Faster deployment of updates because the packages are smaller, install faster, and have easier patch orchestration with Update Manager. +- Better protection because the hotpatch update packages are scoped to Windows security updates that install faster without rebooting. -### Azure update management +### Azure update management -You can use [Update Management in Azure Automation](/azure/automation/update-management/overview?context=/azure/virtual-machines/context/context) to manage to operate system updates for your Windows and Linux virtual machines in Azure, in on-premises environments, and in other cloud environments. You can quickly assess the status of available updates on all agent machines and manage the process of installing required updates for servers. +You can use [Update Manager in Azure Automation](/azure/automation/update-management/overview?context=/azure/virtual-machines/context/context) to manage system updates for your Windows and Linux VMs in Azure, in on-premises environments, and in other cloud environments. You can quickly assess the status of available updates on all agent machines and manage the process of installing required updates for servers. -### Update manager +### Update Manager -[Update Manager](/azure/update-center/overview) is a new-age unified service in Azure to manage and govern updates (Windows and Linux), both on-premises and other cloud platforms, across hybrid environments from a single dashboard. The new functionality provides native and out-of-the-box experience, granular access controls, flexibility to create schedules or take action now, ability to check updates automatically and much more. The enhanced functionality ensures that the administrators have visibility into the health of all systems in the environment. For more information, see [key benefits](/azure/update-center/overview#key-benefits). +[Update Manager](/azure/update-center/overview) is a unified service in Azure that helps you manage and govern updates (Windows and Linux), both on-premises and with other cloud platforms, across hybrid environments from a single dashboard. The new functionality provides a native and an out-of-the-box experience with granular access controls. You have the flexibility to create schedules or act now and the ability to check updates automatically. The enhanced functionality ensures that administrators have visibility into the health of all systems in the environment. For more information, see [Key benefits](/azure/update-center/overview#key-benefits). -## Next steps +## Related content -Review the [Availability and scale](availability.md) documentation for more ways to increase the uptime of your applications and services. +For more ways to increase the uptime of your applications and services, see [Availability options for Azure virtual machines](availability.md). diff --git a/articles/virtual-machines/workloads/oracle/oracle-vm-solutions.md b/articles/virtual-machines/workloads/oracle/oracle-vm-solutions.md index 0b9b524fcb..8ad16773e1 100644 --- a/articles/virtual-machines/workloads/oracle/oracle-vm-solutions.md +++ b/articles/virtual-machines/workloads/oracle/oracle-vm-solutions.md @@ -1,6 +1,6 @@ --- -title: Oracle solutions on Azure virtual machines | Microsoft Docs -description: Learn about supported configurations and limitations of Oracle virtual machine images on Microsoft Azure. +title: Oracle virtual machine images and their deployment on Microsoft Azure +description: Learn about Oracle virtual machine images and their deployment to Microsoft Azure. author: jjaygbay1 ms.service: oracle-on-azure ms.custom: @@ -9,7 +9,7 @@ ms.topic: article ms.date: 04/11/2023 ms.author: jacobjaygbay --- -# Oracle VM images and their deployment on Microsoft Azure +# Oracle virtual machine images and their deployment on Microsoft Azure **Applies to:** :heavy_check_mark: Linux VMs diff --git a/articles/virtual-machines/workloads/oracle/toc.yml b/articles/virtual-machines/workloads/oracle/toc.yml index 8949d2e3f5..7ec1be45fb 100644 --- a/articles/virtual-machines/workloads/oracle/toc.yml +++ b/articles/virtual-machines/workloads/oracle/toc.yml @@ -13,6 +13,10 @@ items: href: weblogic-server-azure-virtual-machine.md - name: WebLogic Server on Azure Kubernetes Service href: weblogic-aks.md + - name: Oracle application solutions integrating Microsoft Azure and Oracle Cloud Infrastructure + href: oracle-oci-overview.md + - name: Oracle VM images and their deployment on Microsoft Azure + href: oracle-vm-solutions.md - name: Quickstart for WebLogic Server on Azure Kubernetes Service href: /azure/aks/howto-deploy-java-wls-app?toc=/azure/virtual-machines/workloads/oracle/toc.json&bc=/azure/virtual-machines/workloads/oracle/breadcrumb/toc.json - name: Configuration @@ -21,6 +25,8 @@ items: href: configure-oracle-asm.md - name: Implement Oracle Data Guard on an Azure Linux VM href: configure-oracle-dataguard.md + - name: Connect Azure ExpressRoute with Oracle Cloud Infrastructure + href: configure-azure-oci-networking.md - name: Implement Oracle Golden Gate on an Azure Linux VM href: configure-oracle-golden-gate.md - name: Migration