Question

Windows Server Patching

  • 13 May 2019
  • 3 replies
  • 1512 views

Badge +1
I am looking for a patching product that will tie into Nutanix and be able to take a snapshot before patching, we are looking to automate this process to get away from manually taking snapshots prior to deploying patches. We do have Protection Domains setup but with the timing intervals it is not ideal only use those pre-deploy as they can be hours behind the actual patching deployments.

If anyone is using a product that has this capability please let me know or if you may have a better way to accomplish this within Nutanix.

This topic has been closed for comments

3 replies

Userlevel 3
Badge +10
I am unaware of any product with direct access into the Nutanix API for what you're looking for.

I would recommend looking at products that have a pre-install script capability such as Shavlik (Ivanti).

https://help.ivanti.com/sh/help/en_US/PAT/23/Topics/Pre-Install_Script_and_Post-Install_Script_Tabs.htm

You could have it call a script that reaches into the Nutanix REST API using a post command.
https://clustername:9440/api/nutanix/v2/api_explorer/index.html#!/snapshots/createSnapshot

You can reference the API call from here.

https://clustername:9440/api/nutanix/v2/api_explorer/index.html#!/snapshots/createSnapshot

Personally if I did this, I would want to make sure that upon completion of the snapshot, that you have the uuid of that particular snapshot so you can clean it up after you're done. By default the snaps are kept indefinitely. I'd clean up the snaps after you've verified patching went as intended and clean up the snaps.

should get you closer to what you're looking for. By no means is it perfect, but it . This also keeps you from having to install the PowerShell CMDLETs on every one of your servers.
Badge +1
That appears to be close to what i am looking for and we currently use Ivanti for patching so that is a good start. The process you linked for Shavlik seems to be something i would have to set inside of a actual patch, i did find a Custom Actions sections inside of the Deployment Templates. It seems like this is what i want as i can set it to "All deployments using this template" - "run before any patches" - "specify a command to execute (254 characters). Now if i knew anything about scripting i could figure this out.

Badge

I have a requirement to automate patching of Operating systems (Windows and Linux)
For example - the process would be, Take a snapshot of the server, deploy the updates, test the server services are functioning as expected, if not restore the snapshot.


Customer is using ManageEngine Desktop Central which is being used to deploy software and patch client computers.
Is it possible to integrate Calm with ManageEngine Desktop Central to achive above automation ?

 

If not what would be alternate way and its overall workflow ? I am looking for direction and some supportive.