Prevent auto-reboot of Azure VM after updates

michal 186 Reputation points
2022-12-19T12:19:57.03+00:00

Hello,

I have a critical server running in Azure VM that I want to manually restart if required for Windows updates. I did some research and found "Update Management Center" that I thought I can use for that purpose.

So I've tried to change existing Patch Orchestration -> Automatic by OS (Windows Automatic Updates) to "Manual Updates" but got error "annot change patchMode to 'Manual' when the property 'enableAutomaticUpdates' is set to true".

Just can't found where to change that "enableAutomaticUpdates".... Looks like the patch orchestration can be selected only when creating VM?

What would be the best way to stop VM from restarting automatically?

Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
7,129 questions
Azure Update Manager
Azure Update Manager
An Azure service to centrally manages updates and compliance at scale.
219 questions
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Bjoern Peters 8,781 Reputation points
    2022-12-19T12:29:37.517+00:00

    Hi @michal

    You can use this PowerShell command to activate or deactivate this on VM level 

    Set-AzVMOperatingSystem -VM $VirtualMachine -Windows -ComputerName $ComputerName -Credential $Credential -ProvisionVMAgent -EnableAutoUpdate -PatchMode "AutomaticByPlatform"

    source: https://learn.microsoft.com/en-us/azure/virtual-machines/automatic-vm-guest-patching#azure-powershell-for-windows-vms

    I hope my answer is helpful to you,

    Your
    Bjoern Peters

    If the reply was helpful, please upvote and/or accept it as an answer, as this helps others in the community with similar questions. Thanks!

    0 comments
  2. Alistair Ross 7,101 Reputation points Microsoft Employee
    2022-12-19T12:43:10.46+00:00

    Hello @michal

    For Windows VMs, the property osProfile.windowsConfiguration.enableAutomaticUpdates can only be set when the VM is first created. This impacts certain patch mode transitions. Switching between AutomaticByPlatform and Manual modes is supported on VMs that have osProfile.windowsConfiguration.enableAutomaticUpdates=false. Similarly switching between AutomaticByPlatform and AutomaticByOS modes is supported on VMs that have osProfile.windowsConfiguration.enableAutomaticUpdates=true. Switching between AutomaticByOS and Manual modes is not supported.
    https://learn.microsoft.com/en-us/azure/virtual-machines/automatic-vm-guest-patching

    • If you have osProfile.windowsConfiguration.enableAutomaticUpdates set to "true" and osProfile.windowsConfiguration.patchSettings.patchMode set to "AutomaticByOs" you can configure the local policy (or via group policy) to manage the restart behaviour https://learn.microsoft.com/en-us/windows/deployment/update/waas-restart
    • If you have osProfile.windowsConfiguration.enableAutomaticUpdates set to "true" and osProfile.windowsConfiguration.patchSettings.patchMode set to "AutomaticByPlatform" then the Azure platform will handle the restart and you will have to switch it to "AutomaticByOS" then manage the restart behaviour as above.
    • If you have osProfile.windowsConfiguration.enableAutomaticUpdates set to "true" and you want to switch osProfile.windowsConfiguration.patchSettings.patchMode to manual, then you will need to redploy the vm with the new settings.

    I hope this helps provide you with the information you need. If it does, please make sure to mark the question as answered so it helps other people in future.

    Kind regards

    Alistair

    0 comments