Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
This article explains how to update disconnected operations for Azure Local. Learn how to apply updates to the appliance to ensure optimal performance and reliability in disconnected environments.
Get updates
Keep your disconnected operations appliance up to date. Follow these steps to download and apply the latest updates.
- From the Azure portal, navigate to your disconnected operations appliance.
- Select Updates and then select the latest version.
- Select Download and wait for the download to complete.
- Copy the update file to a staging folder on the first machine (seed node), such as
C:\AzureLocalDisconnectedOperations.
Load the OperationsModule
To prepare the seed node for managing disconnected operations, run the following command to load the OperationsModule.
$applianceConfigBasePath = 'C:\AzureLocalDisconnectedOperations'
# Import the OperationsModule
Import-Module "$applianceConfigBasePath\OperationsModule\Azure.Local.DisconnectedOperations.psd1" -Force
Upload the update
On the seed node, in the same session as the preceding section, run the following command to upload the update.
# Specify the update package
$updatePath = "C:\AzureLocalDisconnectedOperations\aldo-2512.zip"
$updatePackageResult = Invoke-ApplianceUpdatePackageUpload -UpdatePackagePath $updatePath
Wait for update staging
On the seed node, in the same session as the preceding section, run the following command to stage the update.
Wait-AppliancePreUpdate -TargetVersion $updatePackageResult.UpdatePackageVersion
Store BitLocker keys
BitLocker keys are used to recover encrypted drives if there's a system failure. Exporting these keys ensures you can access your data if an update or rollback operation encounters issues.
If you didn't export your BitLocker keys, run the following command to export and save them to a file. Keep this file in a secure location.
Get-ApplianceBitlockerRecoveryKeys -DisconnectedOperationsClientContext $context|ConvertTo-Json|Set-Content RecoveryKeys.json
Note
Keep your BitLocker keys in a secure location.
Trigger an update
Caution
Before you trigger the update, ensure that your Lightweight Directory Access Protocol (LDAP) credentials are valid and not expired. You can validate your LDAP configuration by using the Test-ApplianceExternalIdentityConfigurationDeep cmdlet from the OperationsModule. If the LDAP credentials expired, the update and rollback operations fail, and you must restore the system from a snapshot
On the seed node, in the same session as the preceding section, run the following command to trigger an update.
Start-ApplianceUpdate -TargetVersion $updatePackageResult.UpdatePackageVersion -Wait
Note
Update can take several hours and might reboot the control plane appliance. If update fails, the system attempts to roll back to the last known good state and boot back.
Get update history
On the seed node, in the same session as the preceding section, run the following command to view the update history.
Get-ApplianceUpdateHistory
Update Azure Local (disconnected)
Important
Azure Local, version 2603 only. If your Azure Local system is on version 2603, complete steps 1–3 before running the update script to exclude a test that requires internet connectivity. If you're on version 2604 or later, skip this section and continue with the script.
Identify the Azure Local node running the orchestrator service.
Sign in to any Azure Local node and run the following command:
Get-ClusterGroupFrom the output, identify the node that owns the Azure Stack HCI Orchestrator Service Cluster Group.
Exclude the internet-dependent test.
- Sign in to the node identified in the previous step.
- Go to
C:\Program Files\WindowsPowerShell\Modules\AzStackHci.EnvironmentChecker. - Create a new file named
ExcludeTests.txt. - Add the following line to the file and save it:
Test-ARBStackBandwidth
After saving the file, proceed to trigger the update on Azure Local.
Use the following PowerShell script to patch and update each Azure Local node in a disconnected environment.
$applianceFQDN = 'autonomous.cloud.private'
# Reboot the node for this to take effect
[System.Environment]::SetEnvironmentVariable("NUGET_CERT_REVOCATION_MODE", "offline", "Machine")
# Check latest "Check System Update readiness" daily runs
# Expect to see failed runs
$eceClient = Create-ECEClientSimple
$plans = $eceClient.GetActionPlanInstances().Result
$plans | Sort-Object -Property LastModifiedDateTime -Descending | ft InstanceID, ActionPlanName, ActionTypeName, Status, LastModifiedDateTime
# Host the OEM SBE manifest and overwrite location
$OEM = 'Replaceme'
$client = New-SolutionUpdateClient
$client.SetDynamicConfigurationValue("AutomaticOemUpdateUri", "https://edgeartifacts.blob.$($applianceFQDN)/clouddeployment/SBE_Discovery_$($OEM).xml").Wait()
$client.SetDynamicConfigurationValue("AutomaticUpdateUri", "https://fakehost").Wait()
$client.SetDynamicConfigurationValue("UpdateRingName", "Unknown").Wait()
# Re-run "Check System Update readiness"
Invoke-SolutionUpdatePrecheck
# Check "Check System Update readiness" health
Get-SolutionUpdateEnvironment
# Manually add solution update
Add-SolutionUpdate -SourceFolder C:\ClusterStorage\Infrastructure_1\Shares\SU1_Infrastructure_1\import\Solution
# Wait for this to return to make sure the update is ready
Get-SolutionUpdate
$SolutionVersion = 'Replaceme' # Use prior output to find the latest supported version
# Run the update
Get-SolutionUpdate -Id "redmond/Solution$($solutionVersion)" | Start-SolutionUpdate
# Run these to monitor
$actionPlanInstanceId = 'ReplaceMe' # Copy output from previous step
Start-MonitoringActionplanInstanceToComplete -EceClient $eceClient -actionPlanInstanceID $actionPlanInstanceID
Related content
This feature is available only in Azure Local 2602 or later.