Automatic VM guest patching for Azure VMs

M, RAKESH 111 Reputation points
2022-04-11T11:41:27.747+00:00

How to turn off Automatic VM guest patching for existing Azure windows VMs.

Got the below URL which shows how to turn off auto patching for Linux distros but not explained properly for Windows server. Can anyone helpw with the solution for windows server.
https://learn.microsoft.com/en-us/azure/virtual-machines/automatic-vm-guest-patching#code-try-11

Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
7,157 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. srbhatta-MSFT 8,546 Reputation points Microsoft Employee
    2022-04-11T15:58:02.2+00:00

    Hello @M, RAKESH ,
    Thank you for reaching out to Microsoft QnA. Happy to answer your question.
    May I know how are you creating the VMs?
    While creating a VM from Portal, you can select the Management tab, and then under Patch orchestration options, select Manual updates.

    191954-2022-04-11-21-24-49-clipboard.png

    If you are deploying the VM from an ARM template, then make sure you update the "osProfile" in the JSON as 

    "osProfile": {  
                    "computerName": "[parameters('virtualMachineComputerName')]",  
                    "adminUsername": "[parameters('adminUsername')]",  
                    "adminPassword": "[parameters('adminPassword')]",  
                    "windowsConfiguration": {  
                        "enableAutomaticUpdates": false,  
                        "provisionVmAgent": true,  
                        "patchSettings": {  
                            "enableHotpatching": "[parameters('enableHotpatching')]",  
                            "patchMode": "[parameters('patchMode')]"  
                        }  
                    }  
                }

    The parameter 'patchMode' will have a String value of "Manual", and the parameter 'enableHotpatching' will also have a boolean value of false.

    Quick Note: Once you have created a VM with a certain patch orchestration mode, then you will not be able to switch to any other patch mode. To be more specific, switching between AutomaticByOS and Manual modes is not supported once the VM has been created.

    Hope this helps.

    ------------------------------

    Please don't forget to 179759-accept.png and 179670-upvote.png if you think the information provided was useful so that it can help others in the community looking for help on similar issues.

    0 comments