April 12, 2012 at 1:23 pm
Any dba do windows update for SQL servers, any experience of that?
Thanks
April 12, 2012 at 1:36 pm
Yes. We do them once a quarter unless we deem them critical.
Jared
CE - Microsoft
April 12, 2012 at 1:45 pm
What are the ways you do it
April 12, 2012 at 2:04 pm
1. Windows Update is disabled on our servers. When we are going to do the updates, we start up the service and just do the updates.
2. If the server does not have internet access, we use a program called BigFix to do the updates.
Before doing updates, make sure you have current backups of all of your databases. Depending on your organizations requirements... Make sure you have a rollback plan in place; i.e. ghost image or other OS backup.
Jared
CE - Microsoft
April 12, 2012 at 3:16 pm
Thanks, when you say you windows update service,
do you mean you do it from
Control Panel\All Control Panel Items\Windows Update ?
April 12, 2012 at 3:17 pm
Either there or Start-->Windows Update
Jared
CE - Microsoft
April 12, 2012 at 3:18 pm
Thank you.
April 12, 2012 at 4:00 pm
Most larger companies will have some form of automated patch management and/or a local patch server.
Gail Shaw
Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability
April 12, 2012 at 4:30 pm
Thanks, our company doesn't allow automatic update on some of our application servers that hosts some in house developed applications, which include web server, application server and database server.
So it has to be done somehow specific to those servers either manually or through some kind of process, from doing on dev, then test, then production to ensure microsoft website update don't break anything for our applications.
Our network operations don't want to do it, and this falls to responsiblity of dba, and they also say it is not good to use microsoft windows update website to do it. I am confusing what to do..
April 12, 2012 at 4:48 pm
MOM and WSUS can have rules created to aid in that. You set the rule to download only. Then you apply the update when ready.
Also, they allow you to segregate between dev and prod for instance. The you approve the patch for one environment or the other or even by server.
Jason...AKA CirqueDeSQLeil
_______________________________________________
I have given a name to my pain...MCM SQL Server, MVP
SQL RNNR
Posting Performance Based Questions - Gail Shaw[/url]
Learn Extended Events
April 12, 2012 at 6:07 pm
This is the newbies guide to installing the patch:
Go to Microsoft's download pages, download the patch to a good drive location that does not contain your SQL files or your OS files. If you have a copy on the server, it works a little faster / better than if it's on a NAS only because you don't risk network issues in mid-install.
Usually the file is a self-extracting .exe (at least the ones I've done). You double-click it and it self extracts to a folder with either an .msi or install.exe file (I don't remember exactly). Then you double-click that and the service pack installs.
Caveats include
1) Don't do this while people are using the server. Do it during a maintenance window when everyone knows they can't access the server.
2) Clusters can be a pain and need to be failed over during these installs
3) Research the SP / patch and verify it won't cause additional problems to software already installed
4) Make sure your server and SQL DBs have restorable backups from right before you do the install (CYA)
5) Check with your server admin to see if they have something set up (as other posters have mentioned) that can automate this process within the company (not Windows Update).
6) Always test the Dev / sandbox server first before applying to production. Make sure nothing breaks on that box. Test everything you can think of.
7) Verify the patch doesn't require a hardware or firmware upgrade (or .Net framework upgrade).
Does that help?
April 12, 2012 at 7:43 pm
Yes, this is very very helpful.
It is a good start, we will soon have a meeting to talk about how to do the process.
I will come to update more if I find out.
Thanks
April 13, 2012 at 6:11 am
SCCM does this as good as anything, if no one in your server operations section wants to do it surely automation is the way forward?
April 13, 2012 at 7:20 am
A friend uses SCCM, but they break servers into multiple groups. Each month they patch, but they run tests on various test systems first and work on the patch process. Usually straightforward, sometimes not.
Then they do a small "test" group first. If that goes fine, days later most servers are patched, unless an exception is filed by the system owner.
The next week the "exception servers" are usually patched. Most exceptions are a delay for most testing, and those go here.
Sometimes an owner has reservations, can't test, and can't afford downtime. Those usually get a second exception that delays things longer, but no more than a quarter, just for supportability and aministration. If you have random servers delaying patches for long periods, it becomes hard to keep track of them and a future patch might break lots of things at a critical time. Better to get things patched regularly.
Viewing 14 posts - 1 through 13 (of 13 total)
You must be logged in to reply to this topic. Login to reply