Dear community, Azure Update Management always references the local package manager (e.g., apt, zypper) in the Linux environment. The open patches are read out together with the version number and written to the Log Analytics workspace. Do I have the possibility to set a preselection or filter criterion that one or more patches are installed based on a specific version? I ask because I want to do a ring deployment over 3 stages. install patch XY version 1.0 on the development environment install patch XY version 1.0 on the test environment install patch XY version 1.0 on the production environment There is about 1 week between steps 1 and 3. If now after the test installation the version 1.1 of patch XY appears, then an untested patch would be installed directly on the production environment. I am aware that I could solve this with a local repository server and synchronize it regularly with the online repository server. But does Update Management not provide a solution for this in the Linux domain? Many thanks for your feedback in advance Best regards, Silvan

Linux ring deyploment with Azure Update Management

Silvan 1

Dear community,

Azure Update Management always references the local package manager (e.g., apt, zypper) in the Linux environment. The open patches are read out together with the version number and written to the Log Analytics workspace.

Do I have the possibility to set a preselection or filter criterion that one or more patches are installed based on a specific version?

I ask because I want to do a ring deployment over 3 stages.

install patch XY version 1.0 on the development environment
install patch XY version 1.0 on the test environment
install patch XY version 1.0 on the production environment

There is about 1 week between steps 1 and 3. If now after the test installation the version 1.1 of patch XY appears, then an untested patch would be installed directly on the production environment.
I am aware that I could solve this with a local repository server and synchronize it regularly with the online repository server.

But does Update Management not provide a solution for this in the Linux domain?

Many thanks for your feedback in advance

Best regards,
Silvan

tbgangav-MSFT 10,416 Reputation points

2021-08-06T06:41:53.453+00:00

Hi @Silvan ,

I believe this isn't easily achieved with the current release of Azure Update Management but I think it is possible. You can specify a particular patch to install with Azure Update Management using the include mechanism (and I think you can specify the particular version when specifying the package here) and you can target machines for patching using dynamic grouping and something like tags. So I believe it can be done but it would require some manual effort to achieve it. I am reaching out to our internal product team to confirm the same and see if we have any better solution for this. Will keep you updated as I hear more information.
Silvan 1 Reputation point

2021-08-10T13:05:31.763+00:00

Hi @tbgangav-MSFT

Thank you very much for your comments. I'm curious to hear your feedback after talking with the internal product team.

In particular, I'm also curious to know if I can reference individual patch versions in the include and exclude mechanism.

Share via

Linux ring deyploment with Azure Update Management

Your answer