Märkus.
Juurdepääs sellele lehele nõuab autoriseerimist. Võite proovida sisse logida või kausta vahetada.
Juurdepääs sellele lehele nõuab autoriseerimist. Võite proovida kausta vahetada.
This article summarizes the prerequisites for Azure Update Manager, the extensions for Azure virtual machines (VMs) and Azure Arc-enabled servers, and how to prepare your network to support Update Manager.
Linux machines
Before you start using this service on Linux machines, you must install Python version 2.7 or later.
Azure Arc-enabled servers
To use Update Manager for Azure Arc-enabled servers, you must connect those servers to Azure Arc. For more information, see the overview of Azure Arc-enabled servers.
Support matrix
To learn about updates and the update sources, VM images, and Azure regions that are supported for Update Manager, refer to the support matrix.
Sudo privileges
Update Manager requires a high level of permissions due to the many components that might be updated with Update Manager (including kernel drivers and OS security patching). The Update Manager extensions use the root account for operations. Grant sudo privileges to ensure that assessment or patching operations succeed. You need to add the root account to the /etc/sudoers file.
Open the
sudoersfile for editing:sudo visudoAdd the following entry to the end of
sudoersfile:root ALL=(ALL) ALLSave and close the editor by using the Ctrl+X keyboard shortcut. If you're using the vi editor, you can type
:wqand then select the Enter key.
Roles and permissions
To manage machines from Update Manager, see Roles and permissions in Azure Update Manager.
VM extensions
For Update Manager to work, Azure VM extensions and Azure Arc-enabled VM extensions are required to run on the Azure machine and Azure Arc-enabled machine (respectively). But separate installation isn't required, because the extensions are automatically pushed on the VM the first time you trigger any Update Manager operation on the VM. For more information, see Update Manager VM extensions.
Network planning
To prepare your network to support Update Manager, you might need to configure some infrastructure components. For more information, see the network requirements for Azure Arc-enabled servers.
For Windows machines, you must allow traffic to any endpoints that the Windows Update agent requires. You can find an updated list of required endpoints in Issues related to HTTP/proxy. If you have a local Windows Server Update Services (WSUS) deployment, you must allow traffic to the server specified in your WSUS key.
For Red Hat Linux machines, see IPs for the RHUI content delivery servers for required endpoints. For other Linux distributions, see your provider documentation.
Windows Update client configuration
Update Manager relies on the Windows Update client to download and install Windows updates. The Windows Update client uses specific settings when it connects to WSUS or Windows Update. For more information, see Configure Windows Update settings for Azure Update Manager.
Related content
- Check update compliance with Azure Update Manager
- Deploy updates now and track results with Azure Update Manager
- Automate assessment at scale by using Azure Policy
- Schedule recurring updates for machines by using the Azure portal and Azure Policy
- Manage update configuration settings
- Manage multiple machines with Azure Update Manager