-
Notifications
You must be signed in to change notification settings - Fork 37
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Info on "Windows Update" setting #59
Comments
So I feel like there are a few scenarios we would need to be able to handle for this to work and expose as an API:
I feel that this would actually be a prime place for SF Observer. @GitTorre would this be pretty straight forward to implement as an observer? |
Agree. Fabric Observer is a better tool to surface this information. |
Thanks for the feature request. Yes, this is something that OSObserver could look for and, if detected, emit an informational health event that contains a link to related documentation much as it does today with links to kb articles about OS updates/patches that have been installed on the VM it's running on. This information would also reside in the structured telemetry data OSO emits. |
May be create a different health event specifically for Windows Updates related information so they can be marked as warning and/or error as the case may be. Auto Windows update enabled should always be a warning in SF scenarios - Use automatic Image update or POA (for bronze durability) Warnings if OS updates are not installed after a grace period? |
@sridmad Yes, if it should be a warning, then OSO will generate one if AU service is enabled. In terms of OS update grace period expiration warnings, that should really be something POA does, as it is already configurable for that type of thing, for example. I'm not sure FO should join the WU game. For stuff like AU detection, that's easy. For monitoring updates, generally, this will add redundancy if POA is installed. FO doesn't orchestrate patching and as such warning users that an update must take place due to some configurable (?) grace period expiration makes more sense in a service that does. AU enabled Warning, which will take place on each node: |
Pushed change to develop. It's not ready for merge into master (code refinement/refactoring/review, more testing). You can pull latest from there and test it out. I will merge into master and produce signed builds early next week. Let me know what you think. If you can think of more OS-level configurations/settings/services to monitor, please create a new Issue. Thanks again for filing this one. |
Pull latest from develop. The first impl was too aggressive. |
I think this should be reopened. Currently the code does the following check for if Windows Updates are enabled (which is if the service is enabled then the setting must be "notify before download"):
In my environment, the service is enabled but Windows Update is set to "never check for updates". I think the above check should be amended to include that as an acceptable sign that Windows updates are disabled (the enum to check I believe would be Note also that I set |
Created a new issue for this as I think it makes more sense/easier to relate to the next release. |
Would be great if we can add Banner/Warning/Link to clusters where Windows Update is still enabled and potentially causing VM’s to reboot unexpectedly. Link in banner pointing to recommended SF configuration for VMSS OS Updates or POA
The text was updated successfully, but these errors were encountered: