Solved

Automating Windows hosts patching

  • 8 October 2021
  • 3 replies
  • 446 views

Badge

 

https://next.nutanix.com/calm-application-management-55/os-patching-automation-with-calm-39677

With reference to my previous thread, I have below doubts pertaining to achieving automation of Windows hosts patching over Nutanix AHV infra.

Process would be like - Take a snapshot of the server, deploy the updates, test the server services are functioning as expected, if not restore the snapshot.

  1. Can it be achieved without using Calm? I mean by only using Ansible/Chef along with WSUS?
  2. What will be overall workflow for this?
  3. Any other 3rd party tools I will need to use for the same?

I am looking for open source and cost effective approach here.

Any Help/Direction will be highly appreciated.

icon

Best answer by JoseNutanix 19 October 2021, 18:33

View original

This topic has been closed for comments

3 replies

Userlevel 4
Badge +5

Hi Jitendra,

You’ll have to check with the respective vendors you are referring to. About the workflow, it seems you already have a clear idea of the process, that would be your workflow. 

Badge

Hey Jose,

 

I am checking that parallelly with respective vendors but can you at least help me understand

What’ll be Calm’s role in this?

What steps I should consider while designing this workflow ?

Userlevel 4
Badge +5

Hi Jitendra,

Calm will take the role of deploying the services, and adding those to any patching system of your choice. It will depend what your requirements around patching are. If what it is available out of the box is enough, let say WSUS for Windows and a package manager for Linux, then you could just stick with Calm. If you require advance reporting, software management and so on, then you’ll need a patch management software regardless if you want to use Calm, Ansible, Puppet or Chef. Because they are not patching softwares. If you are going to use for example Ansible for patching Windows, then what you can do with Ansible you can do it with Calm because there is not any advance patch management, it is just launching a WSUS for example for Windows.