Windows Server 2012 / 2012 R2 - How to update a failover cluster

Page 1 / 3

As you probably know, all the servers (nodes) of a cluster must use the same version of Windows Server and have exactly the same service pack and the same Windows updates.
This means that to update a server, you should exclude it from the cluster before putting your servers back into the same cluster.

To overcome this problem, Microsoft provides a console called "Cluster-Aware Updating (CAU)" which allows :

  • download and install automatically all important (and recommended if you wish) updates now
  • schedule the download and installation of important and recommended updates (if desired) daily, weekly, ... at the desired time

In addition to this, Windows Server will automatically handle the suspension of the (server) node during the installation of the updates on it and will put it back into service when all the updates have been installed.
Then, it will go to the next node, ..., until all the nodes have been updated.

You will also be able to execute scripts at the beginning of the process and/or at the end of the process if you wish, as well as generate reports to know the updates that have been installed.

  1. Analyze nodes configuration for automatic updates
  2. Create an updating run profile
  3. Schedule updates installation
  4. Apply updates to this cluster
  5. Download and install updates
  6. Updating other nodes
  7. Generate an updating run report

1. Analyze nodes configuration for automatic updates

To automatically update the nodes of your cluster, you must first analyze the configuration of them to be able to adjust the small details that may be necessary in your case.

In short, open the "Cluster-Aware Updating (CAU)" console and select your cluster from the list.
Then, click Connect.

As you can see, the cluster-aware updating has never been run on the nodes of our cluster.

In the "Logging to Current Updates" tab, you will see the history of detected, downloaded, and installed updates.

Click : Analyze cluster updating readiness.

Wait while analyzing the different nodes of the cluster.

Then, you will see a list of prerequisites displayed.

In our case everything is good except :

  • the firewall configuration
  • the local proxy that is not configured (but is optional, if your servers are already able to connect to the Internet)
  • CAU clustered role that is not installed

For the firewall configuration, go to Control Panel -> System and Security -> Windows Firewall and click on "Allow an app or feature through the Windows Firewall".

Allow "Remote Shutdown" for the Domain.

For the CAU clustered role that is not installed, you are told that you will be able to install it by using the "Configure cluster self-updating options" action in the main console (Cluster-Aware Updating).

2. Create an updating run profile

To start installing updates on your clusters from the "Clustered Update" console or on a scheduled basis, you will need to first create an updating run profile.
To do this, click : Create or modify Updating Run Profile.

The updating run profile editor is displayed.

With this editor, you can create a xml file with the following options :

  • StopAfter : maximum time (in minutes) that the update process (including PreUpdateScript and PostUpdateScript) can take
  • WarnAfter : allows you to display a warning if the update process (including PreUpdateScript and PostUpdateScript) exceeds the specified time (in minutes)
  • MaxRetriesPerNode : set the number of times the update process (as well as scripts) can be restarted per node
  • MaxFailedNodes : maximum number of nodes on which the update process may fail (either because the server fails or because the clustering service has stopped)
  • RequireAllNodesOnline : allows updates only if all servers are online
  • RebootTimeoutMinutes : maximum time that the update plug-in will allow for the server restart (default : 15 minutes)
  • PreUpdateScript : path to a script to run before the update process
  • PostUpdateScript : same but after the update process
  • ConfigurationName : allows you to configure a PowerShell session where your scripts will run (not applicable if you don't use a script)
  • CauPluginName : allows you to specify the plug-in to use for running cluster-aware updates (default : Microsoft.WindowsUpdatePlugin)
  • CauPluginArguments : allows you to specify arguments to the plug-in selected above. Nevertheless, there is no argument needed for the one selected by default.

For more information about these options, see the "Cluster-Aware Updating advanced options and updating run profiles" page on the Microsoft site.

In our case, we defined :

  • a warning if the update process exceeds 2 hours (120 minutes) with the WarnAfter option
  • a maximum of 2 tests per node thanks to the MaxRetriesPerNode option
  • the RequireAllNodesOnline option so that the update process is performed only if all nodes are online and thus prevent one node from being in another update state relative to the rest of the cluster

Save the configuration file under a different name.
For example : ClusterUpdatesParameters.