In my recent article about the realities of managing a virtualised infrastructure, I mentioned the need to patch offline virtual machine images. Whilst many offline images will be templates, they may still require operating system, security or application updates to ensure that they are not vulnerable when started (or when a cloned VM is created from a template).
Now Microsoft has a beta for a tool that will allow this – imaginatively named the Offline Virtual Machine Servicing Tool. Built on the Windows Workflow Foundation and PowerShell, it works with System Center Virtual Machine Manager and either System Center Configuration Manager or Windows Server Update Services to automate the process of applying operating system updates through the definition of servicing jobs. Each job will:
- “Wake” the VM (deploy and start it).
- Trigger the appropriate update cycle.
- Shut down the VM and return it to the library.
Although I haven’t tried this yet, it does strike me that there is one potential pitfall to be aware of – sysprepped images for VM deployment templates will start into the Windows mini-setup wizard. I guess the workaround in such a scenario is to use tools from the Windows Automated Installation Kit (WAIK) to inject updates into the associated .WIM file and deploy VMs from image, rather than by cloning sysprepped VMs.
“I mentioned the need to patch offline virtual machine images.”
I haven’t read the mentioned article but there is as much ‘need’ to patch an offline virtual machine as there is a need to patch a physical server. The same applies for templates in the virtual world or installation media in the physical.
I don’t think it’s a “need” but it’s an opportunity that we have due to virtualization and there is a ‘need’ to exploit that opportunity. “…the need to patch offline virtual machine images.” sounds like this is some sort of disadvantage created by virtualization and a solution is ‘needed’.
Why am I talking about this? Because I feel that currently there are many “problems” being highlighted about virtualization that really aren’t or have to the same or similar degree existed in the physical world as well.
rgds
Osama Salah
…and if you had read the aforementioned article then you would have realised that it discusses how virtualisation is a great technology, but no panacea, and that how you manage the virtualised infrastructure is the difference between success and failure (just as it is in a physical environment, but more so with an extra layer of management to consider and many servers consolidated onto one physical platform).
Incidentally, I haven’t seen much evidence of people bringing up “problems” with virtualisation – more the opposite, with people ploughing in headfirst and not considering the consequences of how they will manage the virtualised infrastructure.
Just pointing out that VMware Virtual Infrastructure has this ability as well via its Update Manager utility.