When managing a virtual environment, there are two layers of patching that need to be considered. Guest operating systems and applications inside the virtual machines need regular updates — patch Tuesday for Windows. And the hypervisor platforms themselves, like any other software, also need to be patched.
What happens to the virtual machines when the hypervisor needs to be restarted? Well, if you are a VMware ESX administrator, you simply migrate the VMs to another host with zero impact to the end users by using VMotion. Take all the time you need to patch, upgrade, reboot, and test. Move the VMs back when you know the host is ready.
But what about a platform like Hyper-V that does not have live migration? (Let’s talk about what is in your datacenter today, not on the vendor roadmap. I know about R2, thanks.) Well, you do it pretty much like you would a virtual machine guest OS patch that requires rebooting: maintenance windows.
Sander Berkouwer recently discussed this on his excellent blog in A Best Practice approach to updating Hyper-V environments:
Updating environments with Hyper-V can be more of a challenge compared to updating an environment that consists of mere physical servers. Not only the workloads need regular updating, but also the Windows servers and Hyper-V servers underneath them.
Hyper-V relies on a Parent Partition, whether you’re using a Full installation of Windows Server 2008, a Server Core installation of Windows Server 2008 or the stand-alone Hyper-V Server. When you restart the Parent Partition your Child Partitions will also be paused. How to plan your maintenance window?
The article later suggests a few possible maintenance windows:
- The company’s weekly happy hour
- A departments weekly birthday cake eating hour
- Lunch time
Users complaining about excessive service downtime caused by hypervisor patching?
Let them eat (birthday) cake!
