which is the impact to update IoT Edge for Linux on Windows (EFLOW) ?

Galgani, Stefano 205 Reputation points
2024-02-02T13:51:13.2833333+00:00

Hi community,

My Scenario:

I have up & running Azure IoT edge based on EFLOW on Windows Host with Hyper-V.
In addition I have the custom modules up & running on IoT Edge.

I have some doubts about software updates (link) to maintain security updated :

  1. Windows Host updates are done by using WSUS service and if I understood well, they don't have any impact in terms of redeployment actions for EFLOW.
  2. I want to focus the look at EFLOW updates. Taking a part of the Update IoT Edge for Linux on Windows article:

    The EFLOW virtual machine is designed to be reliably updated via Microsoft Update. The virtual machine operating system has an A/B update partition scheme to utilize a subset of those to make each update safe and enable a roll-back to a previous version if anything goes wrong during the update process.Each update consists of two main components that may get updated to latest versions.
    The first one is the
    EFLOW virtual machine
    and
    the internal components.

    For more information about EFLOW, see Azure IoT Edge for Linux on Windows composition. This also includes the virtual machine base operating system. The EFLOW virtual machine is based on Microsoft CBL-Mariner and each update provides performance and security fixes to keep the OS with the latest CVE patches. As part of the EFLOW Release notes, the version indicates the CBL-Mariner version used, and users can check the CBL-Mariner Releases to get the list of CVEs fixed for each version.

    Taking my current scenario, if I have to update EFLOW virtual machine (OS patches), will I have to redeploy all custom modules ?
    if I have to update IoT edge Runtime internal components (IoT edge agent or IoT edge Hub), will I have to redeploy all custom modules ?
Azure IoT Edge
Azure IoT Edge
An Azure service that is used to deploy cloud workloads to run on internet of things (IoT) edge devices via standard containers.
576 questions
0 comments No comments
{count} votes

Accepted answer
  1. LeelaRajeshSayana-MSFT 16,281 Reputation points
    2024-02-02T23:23:42.1733333+00:00

    Hi @Galgani, Stefano Thank you for posting the question here.

    if I have to update EFLOW virtual machine (OS patches), will I have to redeploy all custom modules

    The EFLOW VM is managed with Microsoft Update to keep the components up to date automatically. Since the updates are handled by Microsoft Update, you would not have worry about redeploying your modules. Even if you perform an Offline manual update this should not have any impact on the custom modules.

    if I have to update IoT edge Runtime internal components (IoT edge agent or IoT edge Hub), will I have to redeploy all custom modules

    The IoT Edge update comprises of two component updates.

    1. Security subsystem
    2. IoT Edge Runtime (edgeHub and edgeAgent)

    For patch updates, such as, 1.4.9 to 1.4.10, you would not have to redeploy any modules as there won't be major architectural changes.

    Your second scenario of mid or major updates, however, is different. Looking back at the guidelines to update from 1.1 to 1.4, the documentation suggests to Uninstall and Reinstall IoT Edge to perform the update. Please refer the section Major or minor releases for more information on this process. This approach would need you to redeploy your custom modules to the IoT Edge devices.

    The document further states that we can use iotedge config import to import an old configuration. If you follow this approach you can probably avoid redeploying modules. However, proper testing on your dev environments need to be done before you perform these updates on Prod instances.


    If the response helped, please do click Accept Answer and Yes for the answer provided. Doing so would help other community members with similar issue identify the solution. I highly appreciate your contribution to the community.


0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.