This article provides an overview of applying Windows® Updates to your Hyper-V hosts and rebooting them so that you can maintain the security of the Hosts as well as the VMs (virtual machines).
For the first scenario described below you should plan the appropriate downtime and communicate this to your user base.
The Hyper-V infrastructure is mainly classified into standalone hosts and clustered hosts. Depending on your infrastructure, please follow the procedures below:
Identify whether the host is clustered or not:
- Check for the presence of Cluster Service.
- Log on to the Hyper-V host and select Services.
- Check for Cluster Service being present.
If the Cluster Service is not present, the Hyper-V host is standalone, so please follow the 'Patching standalone Hyper-V Hosts' section below.
If the Cluster Service is present, the Hyper-V host is a node in a failover cluster. Follow the 'Patching clustered Hyper-V hosts' section below.
Note: All RM installed multi-host setups will have CAU (Cluster Aware Updating) enabled.
Patching standalone Hyper-V hosts The patches are configured to 'Notify for download and auto install' only. You will need to check Windows Update on the host monthly, download and install the updates and manually reboot the host to complete the patch installation. If this is the only Hyper-V host in the site and the primary domain controller is virtualised, then you will need to select a suitable time to perform the reboot (as there will be downtime for your users).
Reboot standalone host:
- RDP to the Hyper-V host.
- Run Server Manager, Tools, Hyper-V Manager.
- Shut down each virtual machine in a controlled manner.
- Now run Windows Update on the host and download and install the available updates.
- Reboot the Hyper-V host.
- After the reboot, open Hyper-V Manager and power on each virtual machine, starting with your domain controller(s).
Patching clustered Hyper-V hosts Clustered Hyper-V hosts are CAU (Cluster Aware Updating) enabled and Windows Update patches the host as per the default RM schedule (Saturday at 6 pm). Cluster Aware Updating automatically drains the roles from a node, installs patches and then reboots it. Once the host comes back online, roles are failed back to the node and CAU continues with the next node in the failover cluster. |