Integrating Cluster Aware Updating with Operations Manager Maintenance Mode – Pre and Post Update Scripts

  • Article

I dig applying updates to clusters – that is so weird, but the truth. I have done some work in the past around cluster updating using System Center 2012 runbook automation; this is some good stuff, very flexible and relevant. Over the last few weeks however, I have shifted my attention from the custom runbook based solutions, to more ‘out of the box’ solutions such as what Windows 2012 provides with Cluster Aware Updating. If you have not yet checked out CAU it is definitely worth a look. Basically CAU is an in box mechanism that integrates with WSUS to provide a Zero down time, graceful software update solution for Windows 2012 Failover clusters. As cool as it is, CAU does have a few limitation such as not being System Center aware. In other words, when applying updates to the cluster nodes, we are still required to manage the management infrastructure ourselves. The good news here is that the CAU team has provided some extensibility within CAU. With this extensibility we can engineer an automated solution that will help us manage the System Center pieces – such as placing each node into Operations Manager maintenance mode at the appropriate time during the software update maintenance.

In this blog posting I will be demonstrating how to use the Cluster Aware Updating Pre and Post-Update Script execution feature to place each node of the target cluster into Operations Manager maintenance mode before the cluster aware updating process is executed. This exercise can be extended to any pre or post activates that you would like to perform on you cluster nodes at maintenance time.

Cluster Aware Updating Overview and Script Integration:

Quite simply CAU integrates with WSUS in order to provide a graceful updating mechanism for Windows 2012 failover clusters. At a high level, when executed, CAU performs the following:

  • Examines each node for needed updates
  • Pauses the first node and removes all resources
  • Applies updates
  • Resumes the nodes and fails back any resources with preference to the node
  • Repeats for each node in the cluster

This process allows for a graceful application of updates while providing zero down time of the resources being hosted on the target cluster.

In order to allow for some flexibility, extensibility, and/or any other pre/post updating tasks, CAU includes the ability to specify a PowerShell script to be run on each node before and after updating.

A few items to note about these scripts:

  • The scripts will be run once for each node of the cluster
  • The script will be run local to the cluster node

These may sound like trivial pieces of information, however are both quite important and lend themselves to the success of the sample I will be providing in this blog.

Operation Manager Maintenance Mode Sample:

I am using the following script in my lab in order to place a computer into Operation Manager Maintenance mode. Please note that this script is very basic and includes no error handling/control. I would encourage the inclusion of such control in a production environment.

Take note of the following:

Line 3: I am using the GetHostbyName method of the System.Net.DNS .NET class in order to return the computer name on which the script is being executed. As discussed above, because CAU executes the pre and post-update scripts local to the node, this method returns the appropriate computer name.

Line 5: I am using invoke-command so as to run the Operation Manager side of the script on the operation manager server. This will relieve the need to have the operations manager console (PowerShell module) available on the cluster nodes.

Line 9: Notice how I am referring to the $ComputerName variable here ($using:ComputerName). This is because I have declared and set the value of $ComputerName before the Invoke-Command. In order to pass the value into the Invoke-Command session, we can use ‘$using:ComputerName’. 

   

001002003004005006007008009010011012013014015016

$secpasswd = ConvertTo-SecureString "<enter password>" -AsPlainText -Force$mycreds = New-Object System.Management.Automation.PSCredential ("<enter user name>", $secpasswd)$ComputerName = [System.Net.Dns]::GetHostByName(($env:computerName)).HostName.ToString()Invoke-Command -ComputerName <SCOMServer> -Credential $mycreds -ScriptBlock {    import-module operationsmanager    $class = get-scomclass -name:’Microsoft.Windows.Computer’    $computer = get-scomclassinstance -class $class | where{$_.name -eq $using:ComputerName}    $start = get-date    $end = $start.addminutes(120)    start-scommaintenancemode -Instance:$computer -EndTime:$end -Comment:”CAU Updating”}

Once our pre and post-updated scripts have been prepared and tested, we can add the script to the CAU run either by modifying the Update Run Profile, or if executing CAU via. PowerShell, by specifying the pre and post-update scripts in the PowerShell command.

Example of modified GUI:

Click images for better view:

PowerShell Example:

Demonstration:

Here I will be 'walking' through the update process providing screen shots of the items relevant to the demonstration.

SCOM prior to update execution. Notice here that neither of my cluster nodes are in maintenance mode.

Once the update run is started, we can see that the pre-update script has been executed.

Click images for a better view:

 

SCOM after the pre-update script execution, notice that only the current targeted node is in maintenance mode. The pre-update script is executed for each node, only when that node is up for maintenance.

And just for fun, below we can see that the CLX2 node is also paused and that the roles are being live migrated off of the node so that maintenance can be executed.

Conclusion:

So while CAU has no native awareness or integration points with System Center 2012, as can be seen in this blog posting, pre and post-update scripts easily provide this integration. Keep in mind that in this demonstration we only looked at simply placing the node into Operations Manager maintenance mode – this is but one example. There are potentially an unlimited number of items that can be scripted and provided for pre and post CAU maintenance.

Thanks for dialing in – twitter link is at the right.

neilp